From b993053d2a6cae5e21d1129790e4ca1bb24f9420 Mon Sep 17 00:00:00 2001 From: Jan Dittberner Date: Sat, 31 Jan 2015 23:39:09 +0100 Subject: [PATCH] define readonly fields and own delete action for SSH key admin - implement custom perform_delete_selected action for SshPublicKeyAdmin that ensures that the authorized_keys files of all affected users are rebuilt after deleting keys - implement custom get_actions to replace the default delete_selected action with the custom perform_delete_selected - define get_readonly_fields to make sure that the key algorithm and data cannot be changed --- gnuviechadmin/osusers/admin.py | 65 ++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/gnuviechadmin/osusers/admin.py b/gnuviechadmin/osusers/admin.py index 2befe02..95fe0a1 100644 --- a/gnuviechadmin/osusers/admin.py +++ b/gnuviechadmin/osusers/admin.py @@ -6,9 +6,12 @@ from django import forms from django.utils.translation import ugettext_lazy as _ from django.contrib import admin +from fileservertasks.tasks import set_file_ssh_authorized_keys from gvawebcore.forms import ( PASSWORD_MISMATCH_ERROR ) +from taskresults.models import TaskResult + from .models import ( AdditionalGroup, Group, @@ -278,6 +281,7 @@ class SshPublicKeyAdmin(admin.ModelAdmin): `. """ + actions = ['perform_delete_selected'] add_form = SshPublicKeyCreationForm list_display = ['user', 'algorithm', 'comment'] @@ -310,6 +314,67 @@ class SshPublicKeyAdmin(admin.ModelAdmin): return super(SshPublicKeyAdmin, self).get_form( request, obj, **defaults) + def get_readonly_fields(self, request, obj=None): + """ + Make sure that algorithm and data of SSH public keys are not editable. + + :param request: the current HTTP request + :param obj: either a :py:class:`SshPublicKey + ` instance or None for a new SSH + public key + :return: a list of fields + :rtype: list + + """ + if obj: + return ['algorithm', 'data'] + return [] + + def perform_delete_selected(self, request, queryset): + """ + Action to delete a list of selected ssh keys. + + This action makes sure that the ssh keys of all users affected by the + current deletion are refreshed on the file server. + + :param request: the current HTTP request + :param queryset: Django ORM queryset representing the selected ssh keys + + """ + users = set([ + item['user'] for item in + queryset.values('user').distinct() + ]) + queryset.delete() + for user in users: + TaskResult.objects.create_task_result( + set_file_ssh_authorized_keys.delay( + User.objects.get(uid=user).username, [ + str(key) for key in SshPublicKey.objects.filter( + user_id=user) + ]), + 'set_file_ssh_authorized_keys' + ) + perform_delete_selected.short_description = _( + 'Delete selected SSH public keys') + + def get_actions(self, request): + """ + Get the available actions for SSH public keys. + + This overrides the default behavior to remove the default + `delete_selected` action. + + :param request: the current HTTP request + :return: list of actions + :rtype: list + + """ + actions = super(SshPublicKeyAdmin, self).get_actions(request) + if 'delete_selected' in actions: + del actions['delete_selected'] + return actions + admin.site.register(Group, GroupAdmin) admin.site.register(User, UserAdmin)