-
-
Notifications
You must be signed in to change notification settings - Fork 302
Expand file tree
/
Copy pathadmin.py
More file actions
154 lines (123 loc) · 4.68 KB
/
admin.py
File metadata and controls
154 lines (123 loc) · 4.68 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
#
# Copyright (c) nexB Inc. and others. All rights reserved.
# VulnerableCode is a trademark of nexB Inc.
# SPDX-License-Identifier: Apache-2.0
# See http://www.apache.org/licenses/LICENSE-2.0 for the license text.
# See https://github.com/aboutcode-org/vulnerablecode for support or download.
# See https://aboutcode.org for more information about nexB OSS projects.
#
from django import forms
from django.contrib import admin
from django.contrib.admin.widgets import FilteredSelectMultiple
from django.contrib.auth.admin import GroupAdmin as BasicGroupAdmin
from django.contrib.auth.models import Group
from django.contrib.auth.models import User
from django.core.validators import validate_email
from vulnerabilities.models import ApiUser
from vulnerabilities.models import Package
from vulnerabilities.models import Vulnerability
from vulnerabilities.models import VulnerabilityReference
from vulnerabilities.models import VulnerabilitySeverity
admin.site.site_header = "VulnerableCode Administration"
admin.site.site_title = "VulnerableCode Admin Portal"
admin.site.index_title = "Welcome to VulnerableCode Management"
@admin.register(Vulnerability)
class VulnerabilityAdmin(admin.ModelAdmin):
search_fields = ["vulnerability_id"]
@admin.register(VulnerabilityReference)
class VulnerabilityReferenceAdmin(admin.ModelAdmin):
search_fields = ["vulnerabilityrelatedreference__vulnerability__id", "reference_id", "url"]
@admin.register(Package)
class PackageAdmin(admin.ModelAdmin):
list_filter = ("type", "namespace")
search_fields = ["name"]
@admin.register(VulnerabilitySeverity)
class VulnerabilitySeverityAdmin(admin.ModelAdmin):
pass
class ApiUserCreationForm(forms.ModelForm):
"""
This helps have a simplified creation for API-only users in the admin
"""
class Meta:
model = ApiUser
fields = (
"username",
"first_name",
"last_name",
)
def save(self, commit=True):
return ApiUser.objects.create_api_user(
username=self.cleaned_data["username"],
first_name=self.cleaned_data["first_name"],
last_name=self.cleaned_data["last_name"],
)
def clean_username(self):
username = self.cleaned_data["username"]
validate_email(username)
return username
def save_m2m(self):
pass
@admin.register(ApiUser)
class ApiUserAdmin(admin.ModelAdmin):
list_display = ("username", "email", "first_name", "last_name", "is_staff")
list_filter = ("username", "email", "first_name", "last_name", "is_staff")
search_fields = ("username", "email", "first_name", "last_name")
fieldsets = (
(
None,
{
"fields": (
"username",
"first_name",
"last_name",
)
},
),
)
add_form = ApiUserCreationForm
def get_form(self, request, obj=None, **kwargs):
"""
Use special form during user creation
"""
defaults = {}
if obj is None:
defaults["form"] = self.add_form
defaults.update(kwargs)
return super().get_form(request, obj, **defaults)
class GroupWithUsersForm(forms.ModelForm):
users = forms.ModelMultipleChoiceField(
queryset=User.objects.all(),
required=False,
widget=FilteredSelectMultiple("Users", is_stacked=False),
label="Users",
)
class Meta:
model = Group
fields = "__all__"
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.fields["users"].label_from_instance = lambda user: (
f"{user.username} | {user.email}" if user.email else user.username
)
if self.instance.pk:
self.fields["users"].initial = self.instance.user_set.all()
def save(self, commit=True):
group = super().save(commit=commit)
group.save()
self.save_m2m()
group.user_set.set(self.cleaned_data["users"])
return group
admin.site.unregister(Group)
@admin.register(Group)
class GroupAdmin(admin.ModelAdmin):
form = GroupWithUsersForm
search_fields = ("name",)
ordering = ("name",)
filter_horizontal = ("permissions",)
def formfield_for_manytomany(self, db_field, request=None, **kwargs):
if db_field.name == "permissions":
qs = kwargs.get("queryset", db_field.remote_field.model.objects)
# Avoid a major performance hit resolving permission names which
# triggers a content_type load:
kwargs["queryset"] = qs.select_related("content_type")
return super().formfield_for_manytomany(db_field, request=request, **kwargs)