zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-07-31 23:16:36 +02:00
Code Issues Projects Releases Packages Wiki Activity

Black and lint changes

Browse source
This commit is contained in:
zandercymatics 2023-08-22 12:58:37 -06:00
parent 73b2bf6a25
commit 6538471091
No known key found for this signature in database
GPG key ID: FF4636ABEC9682B7
4 changed files with 75 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/registrar/admin.py
View file

@ -161,20 +161,21 @@ class DomainAdmin(ListHeaderAdmin):
return HttpResponseRedirect(".") return HttpResponseRedirect(".")
elif EDIT_DOMAIN in request.POST: elif EDIT_DOMAIN in request.POST:
# We want to know, globally, when an edit action occurs # We want to know, globally, when an edit action occurs
request.session['analyst_action'] = 'edit' request.session["analyst_action"] = "edit"
# Restricts this action to this domain only # Restricts this action to this domain only
request.session['analyst_action_location'] = obj.id request.session["analyst_action_location"] = obj.id
return HttpResponseRedirect(reverse('domain', args=(obj.id,))) return HttpResponseRedirect(reverse("domain", args=(obj.id,)))
return super().response_change(request, obj) return super().response_change(request, obj)
# Sets domain_id as a context var # Sets domain_id as a context var
def change_view(self, request, object_id, form_url="", extra_context=None): def change_view(self, request, object_id, form_url="", extra_context=None):
if 'analyst_action' in request.session: if "analyst_action" in request.session:
# If an analyst performed an edit action, # If an analyst performed an edit action,
# delete the session variable # delete the session variable
del request.session['analyst_action'] del request.session["analyst_action"]
# delete the associated location # delete the associated location
del request.session['analyst_action_location'] del request.session["analyst_action_location"]
extra_context = extra_context or {} extra_context = extra_context or {}
extra_context["domain_id"] = object_id extra_context["domain_id"] = object_id

29
src/registrar/views/domain.py
View file

@ -38,6 +38,7 @@ logger = logging.getLogger(__name__)
class DomainView(DomainPermissionView): class DomainView(DomainPermissionView):
"""Domain detail overview page.""" """Domain detail overview page."""
template_name = "domain_detail.html" template_name = "domain_detail.html"
@ -81,7 +82,9 @@ class DomainOrgNameAddressView(DomainPermissionView, FormMixin):
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
# superclass has the redirect # superclass has the redirect
return super().form_valid(form) return super().form_valid(form)
@ -128,7 +131,9 @@ class DomainAuthorizingOfficialView(DomainPermissionView, FormMixin):
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
# superclass has the redirect # superclass has the redirect
return super().form_valid(form) return super().form_valid(form)
@ -199,7 +204,9 @@ class DomainNameserversView(DomainPermissionView, FormMixin):
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
# superclass has the redirect # superclass has the redirect
return super().form_valid(formset) return super().form_valid(formset)
@ -244,7 +251,9 @@ class DomainYourContactInformationView(DomainPermissionView, FormMixin):
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
# superclass has the redirect # superclass has the redirect
return super().form_valid(form) return super().form_valid(form)
@ -294,7 +303,9 @@ class DomainSecurityEmailView(DomainPermissionView, FormMixin):
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
# superclass has the redirect # superclass has the redirect
return redirect(self.get_success_url()) return redirect(self.get_success_url())
@ -373,7 +384,9 @@ class DomainAddUserView(DomainPermissionView, FormMixin):
) )
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
return redirect(self.get_success_url()) return redirect(self.get_success_url())
def form_valid(self, form): def form_valid(self, form):
@ -398,7 +411,9 @@ class DomainAddUserView(DomainPermissionView, FormMixin):
if self.request.user.is_staff or self.request.user.is_superuser: if self.request.user.is_staff or self.request.user.is_superuser:
# if they are editing from an '/admin' redirect, log their actions # if they are editing from an '/admin' redirect, log their actions
self.log_analyst_form_actions(self.form_class.__name__, self.get_object().domain_info) self.log_analyst_form_actions(
self.form_class.__name__, self.get_object().domain_info
)
return redirect(self.get_success_url()) return redirect(self.get_success_url())

36
src/registrar/views/utility/mixins.py
View file

@ -7,8 +7,10 @@ from registrar.models import DomainApplication, DomainInvitation
import logging import logging
from registrar.models.domain_information import DomainInformation from registrar.models.domain_information import DomainInformation
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
class PermissionsLoginMixin(PermissionRequiredMixin): class PermissionsLoginMixin(PermissionRequiredMixin):
"""Mixin that redirects to login page if not logged in, otherwise 403.""" """Mixin that redirects to login page if not logged in, otherwise 403."""
@ -39,9 +41,7 @@ class DomainPermission(PermissionsLoginMixin):
requested_domain = None requested_domain = None
try: try:
requested_domain = DomainInformation.objects.get( requested_domain = DomainInformation.objects.get(id=pk)
id=pk
)
# This should never happen in normal flow. # This should never happen in normal flow.
# That said, it does need to be raised here. # That said, it does need to be raised here.
@ -49,7 +49,9 @@ class DomainPermission(PermissionsLoginMixin):
raise Http404() raise Http404()
# Checks if the creator is the user requesting this item # Checks if the creator is the user requesting this item
user_is_creator: bool = requested_domain.creator.username == self.request.user.username user_is_creator: bool = (
requested_domain.creator.username == self.request.user.username
)
# user needs to have a role on the domain # user needs to have a role on the domain
if user_is_creator: if user_is_creator:
@ -57,19 +59,35 @@ class DomainPermission(PermissionsLoginMixin):
# ticket 806 # ticket 806
# Analysts may manage domains, when they are in these statuses: # Analysts may manage domains, when they are in these statuses:
valid_domain_statuses = [DomainApplication.APPROVED, DomainApplication.IN_REVIEW, DomainApplication.REJECTED, DomainApplication.ACTION_NEEDED] valid_domain_statuses = [
DomainApplication.APPROVED,
DomainApplication.IN_REVIEW,
DomainApplication.REJECTED,
DomainApplication.ACTION_NEEDED,
]
# Check if the user is permissioned... # Check if the user is permissioned...
user_is_analyst_or_superuser = self.request.user.is_staff or self.request.user.is_superuser user_is_analyst_or_superuser = (
self.request.user.is_staff or self.request.user.is_superuser
)
session = self.request.session session = self.request.session
# Check if the user is attempting a valid edit action. # Check if the user is attempting a valid edit action.
# If analyst_action is present, analyst_action_location will be present. # If analyst_action is present, analyst_action_location will be present.
# if it isn't, then it either suggests tampering or a larger omnipresent issue with sessions. # if it isn't, then it either suggests tampering
can_do_action = 'analyst_action' in session and session['analyst_action_location'] == pk # or a larger omnipresent issue with sessions.
can_do_action = (
"analyst_action" in session and session["analyst_action_location"] == pk
)
if can_do_action and user_is_analyst_or_superuser and requested_domain.domain_application.status in valid_domain_statuses: # If the valid session keys exist, if the user is permissioned,
# and if its in a valid status
if (
can_do_action
and user_is_analyst_or_superuser
and requested_domain.domain_application.status in valid_domain_statuses
):
return True return True
# ticket 796 # ticket 796

31
src/registrar/views/utility/permission_views.py
View file

@ -13,7 +13,10 @@ from .mixins import (
DomainInvitationPermission, DomainInvitationPermission,
) )
import logging import logging
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
class DomainPermissionView(DomainPermission, DetailView, abc.ABC): class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
"""Abstract base view for domains that enforces permissions. """Abstract base view for domains that enforces permissions.
@ -37,22 +40,22 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
is_original_creator = DomainInformation.objects.filter( is_original_creator = DomainInformation.objects.filter(
creator_id=self.request.user.id, id=self.kwargs["pk"] creator_id=self.request.user.id, id=self.kwargs["pk"]
).exists() ).exists()
context['is_original_creator'] = is_original_creator context["is_original_creator"] = is_original_creator
context['is_analyst_or_superuser'] = user.is_superuser or user.is_staff context["is_analyst_or_superuser"] = user.is_superuser or user.is_staff
# Flag to see if an analyst is attempting to make edits # Flag to see if an analyst is attempting to make edits
if 'analyst_action' in self.request.session: if "analyst_action" in self.request.session:
context['analyst_action'] = self.request.session['analyst_action'] context["analyst_action"] = self.request.session["analyst_action"]
return context return context
def log_analyst_form_actions(self, form_class_name, printable_object_info): def log_analyst_form_actions(self, form_class_name, printable_object_info):
""" Generates a log for when 'analyst_action' exists on the session """ """Generates a log for when 'analyst_action' exists on the session"""
if 'analyst_action' in self.request.session: if "analyst_action" in self.request.session:
action = self.request.session['analyst_action'] action = self.request.session["analyst_action"]
user_type = "Analyst" user_type = "Analyst"
if(self.request.user.is_superuser): if self.request.user.is_superuser:
user_type = "Superuser" user_type = "Superuser"
# Template for potential future expansion, # Template for potential future expansion,
@ -60,11 +63,15 @@ class DomainPermissionView(DomainPermission, DetailView, abc.ABC):
# Could include things such as 'view' # Could include things such as 'view'
# or 'copy', for instance. # or 'copy', for instance.
match action: match action:
case 'edit': case "edit":
# Q: do we want to be logging on every changed field? # Q: do we want to be logging on every changed field?
# I could see that becoming spammy log-wise, but it may also be important. # I could see that becoming spammy log-wise,
# To do so, I'd likely have to override some of the save() functionality of ModelForm. # but it may also be important.
logger.info(f"{user_type} {self.request.user} edited {form_class_name} in {printable_object_info}")
# noqa here as breaking this up further leaves it hard to read
logger.info(
f"{user_type} {self.request.user} edited {form_class_name} in {printable_object_info}" # noqa
)
else: else:
logger.debug("'analyst_action' does not exist on the session") logger.debug("'analyst_action' does not exist on the session")