Merge pull request #260 from fasrc/cp_ad_writes

Update AD group membership from the Coldfront GUI

coldfront/config/logging.py

@@ -15,7 +15,13 @@
 LOGGING = {
     'version': 1,
     'disable_existing_loggers': False,
-    'formatters': {},
+    'formatters': {
+        'key-events': {
+            "()": "django.utils.log.ServerFormatter",
+            "format": "[{server_time}] {levelname} {message}",
+            "style": "{",
+        }
+    },
     'handlers': {
         'console': {
             'class': 'logging.StreamHandler',
@@ -24,12 +30,17 @@
             'class': 'logging.FileHandler',
             'filename': 'django-q.log',
         },
+        'key-events': {
+            'class': 'logging.handlers.TimedRotatingFileHandler',
+            'filename': 'logs/key-events.log',
+            'when': 'D',
+            'formatter': 'key-events',
+        },
         # 'file': {
         #     'class': 'logging.FileHandler',
         #     'filename': '/tmp/debug.log',
         # },
     },
-    'formatters': {},
     'loggers': {
         'django_auth_ldap': {
             'level': 'INFO',
@@ -52,5 +63,9 @@
             'handlers': ['console'],
             'level': 'INFO',
         },
+        'coldfront.core.project': {
+            'handlers': ['key-events'],
+            'level': 'INFO',
+        }
     },
 }

coldfront/core/allocation/models.py

@@ -202,6 +202,8 @@ def cost(self):
             price = float(get_resource_rate(self.resources.first().name))
         except AttributeError:
             return None
+        except TypeError:
+            return None
         size = self.allocationattribute_set.get(allocation_attribute_type_id=1).value
         return 0 if not size else price * float(size)
 

coldfront/core/allocation/views.py

@@ -791,10 +791,11 @@ def post(self, request, *args, **kwargs):
             cleaned_form = [form.cleaned_data for form in formset]
             selected_cleaned_form = [form for form in cleaned_form if form['selected']]
             for form_data in selected_cleaned_form:
-                users_added_count += 1
+
                 user_obj = get_user_model().objects.get(
                     username=form_data.get('username')
                 )
+
                 allocation_user_obj, _ = (
                     allocation_obj.allocationuser_set.update_or_create(
                         user=user_obj, defaults={'status': user_active_status}
@@ -803,6 +804,7 @@ def post(self, request, *args, **kwargs):
                 allocation_activate_user.send(
                     sender=self.__class__, allocation_user_pk=allocation_user_obj.pk
                 )
+                users_added_count += 1
 
             user_plural = 'user' if users_added_count == 1 else 'users'
             msg = f'Added {users_added_count} {user_plural} to allocation.'
@@ -899,7 +901,6 @@ def post(self, request, *args, **kwargs):
                 form for form in cleaned_forms if form['selected']
             ]
             for user_form_data in selected_cleaned_forms:
-                remove_users_count += 1
                 user_obj = get_user_model().objects.get(
                     username=user_form_data.get('username')
                 )
@@ -909,11 +910,13 @@ def post(self, request, *args, **kwargs):
                 allocation_user_obj = allocation_obj.allocationuser_set.get(
                     user=user_obj
                 )
+
                 allocation_user_obj.status = removed_allocuser_status
                 allocation_user_obj.save()
                 allocation_remove_user.send(
                     sender=self.__class__, allocation_user_pk=allocation_user_obj.pk
                 )
+                remove_users_count += 1
 
             user_plural = 'user' if remove_users_count == 1 else 'users'
             msg = f'Removed {remove_users_count} {user_plural} from allocation.'

coldfront/core/project/templates/project/project_add_users.html

@@ -12,6 +12,9 @@
 <h2>Add users to project: {{project.title}}</h2>
 <hr>
 
+<p>
+  Adding a user to your project gives them the ability to access and use your project's allocations.
+</p>
 <div class="row">
   <div class="col">
     <form method="post" action="/search-ldap" id="post-form">
@@ -70,9 +73,9 @@ <h2>Add users to project: {{project.title}}</h2>
     $.ajax({
         url : "/project/" + pk + "/add-users-search-results/", // the endpoint
         type : "POST", // http method
-        data : { 
-          q : q, 
-          search_by : search_by, 
+        data : {
+          q : q,
+          search_by : search_by,
           csrfmiddlewaretoken: "{{ csrf_token }}"
         }, // data sent with the post request
         // handle a successful response
@@ -99,7 +102,7 @@ <h2>Add users to project: {{project.title}}</h2>
   $(document).ready(function(){
     $('#search_results').hide();
     $('#selected_users').hide();
-    $('[data-toggle="popover"]').popover(); 
+    $('[data-toggle="popover"]').popover();
   });
 </script>
 {% endblock %}

coldfront/core/project/templates/project/project_detail.html

@@ -247,15 +247,13 @@ <h3 class="d-inline"><i class="fas fa-file-invoice-dollar" aria-hidden="true"></
 <div class="card mb-3">
   <div class="card-header">
     <h3 class="d-inline" id="users"><i class="fas fa-users" aria-hidden="true"></i> Users</h3> <span class="badge badge-secondary">{{project_users.count}}</span>
-    <span class="float-right">Last Sync: {{user_sync_dt}}</span>
+    <span class="d-inline float-none">Last Sync: {{user_sync_dt}}</span>
     <div class="float-right">
-      {% comment %}
       {% if project.status.name != 'Archived' and is_allowed_to_update_project %}
-        <a style="visibility: hidden" class="btn btn-primary" href="{{mailto}}" role="button"><i class="far fa-envelope" aria-hidden="true"></i> Email Project Users</a>
-        <a style="visibility: hidden" class="btn btn-success" href="{% url 'project-add-users-search' project.id %}" role="button"><i class="fas fa-user-plus" aria-hidden="true"></i> Add Users</a>
-        <a style="visibility: hidden" class="btn btn-danger" href="{% url 'project-remove-users' project.id %}" role="button"><i class="fas fa-user-times" aria-hidden="true"></i> Remove Users</a>
+        <a class="btn btn-primary" href="{{mailto}}" role="button"><i class="far fa-envelope" aria-hidden="true"></i> Email Project Users</a>
+        <a class="btn btn-success" href="{% url 'project-add-users-search' project.id %}" role="button"><i class="fas fa-user-plus" aria-hidden="true"></i> Add Users</a>
+        <a class="btn btn-danger" href="{% url 'project-remove-users' project.id %}" role="button"><i class="fas fa-user-times" aria-hidden="true"></i> Remove Users</a>
       {% endif %}
-      {% endcomment %}
     </div>
   </div>
   <div class="card-body">

coldfront/core/project/templates/project/project_remove_users.html

@@ -8,10 +8,20 @@
 <h2>Remove users from project: {{project.title}}</h2>
 <hr>
 
-{% if formset %}
+{% if formset or users_no_removal %}
   <div class="card border-light">
     <div class="card-body">
-
+      <p>
+        Project users have the ability to access project allocations. Removing a user here
+        will remove the user's access to your project's allocations, but will not
+        remove that user's data from the allocations.
+      </p>
+      <p>
+        To be removed from a lab, the user must not have the lab as their primary
+        group. If you would like to remove a user that has your lab as their primary
+        group, please <a href="https://portal.rc.fas.harvard.edu/rcrt/submit_ticket">
+        contact FASRC support</a>.
+      </p>
       <form action="{% url 'project-remove-users' project.pk %}" method="post">
         {% csrf_token %}
         <div class="table-responsive">
@@ -30,6 +40,17 @@ <h2>Remove users from project: {{project.title}}</h2>
               </tr>
             </thead>
             <tbody>
+              {% for user in users_no_removal %}
+              <tr>
+                <td></td>
+                <td></td>
+                <td style="color: gray;">{{ user.username }}</td>
+                <td style="color: gray;">{{ user.first_name }}</td>
+                <td style="color: gray;">{{ user.last_name }}</td>
+                <td style="color: gray;">{{ user.email }}</td>
+                <td style="color: gray;">{{ user.role }}</td>
+              </tr>
+              {% endfor %}
               {% for form in formset %}
                 <tr>
                   <td>{{ form.selected }}</td>
@@ -54,7 +75,7 @@ <h2>Remove users from project: {{project.title}}</h2>
     </div>
   </div>
 {% else %}
-  <a class="btn btn-secondary mb-3" href="{% url 'project-detail' project.pk %}" role="button"><i class="fas fa-long-arrow-left" aria-hidden="true"></i> Back to Project</a> 
+  <a class="btn btn-secondary mb-3" href="{% url 'project-detail' project.pk %}" role="button"><i class="fas fa-long-arrow-left" aria-hidden="true"></i> Back to Project</a>
   <div class="alert alert-info">
     No users to remove!
   </div>

coldfront/core/project/test_views.py

@@ -1,13 +1,11 @@
 import logging
 
-from django.test import TestCase
+from django.test import TestCase, tag
 
 from coldfront.core.test_helpers import utils
 from coldfront.core.test_helpers.factories import (
     setup_models,
-    UserFactory,
     ProjectFactory,
-    ProjectUserFactory,
     PAttributeTypeFactory,
     ProjectAttributeFactory,
     ProjectStatusChoiceFactory,
@@ -353,6 +351,7 @@ def setUp(self):
         """set up users and project for testing"""
         self.url = f'/project/{self.project.pk}/remove-users/'
 
+    @tag('net')
     def test_projectremoveusersview_access(self):
         """test access to project remove users page"""
         self.project_access_tstbase(self.url)