8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2025-01-11 18:54:29 +00:00

Merge branch 'ipv6_avance' into 'master'

Ipv6 avance

See merge request federez/re2o!70
This commit is contained in:
klafyvel 2018-01-30 08:23:17 +01:00
commit 02acb7a6c8
18 changed files with 557 additions and 17 deletions

View file

@ -57,6 +57,7 @@ from .models import (
Nas, Nas,
IpType, IpType,
OuverturePortList, OuverturePortList,
Ipv6List,
) )
@ -274,6 +275,17 @@ class DelExtensionForm(Form):
self.fields['extensions'].queryset = Extension.objects.all() self.fields['extensions'].queryset = Extension.objects.all()
class Ipv6ListForm(FieldPermissionFormMixin, ModelForm):
"""Gestion des ipv6 d'une machine"""
class Meta:
model = Ipv6List
fields = ['ipv6', 'slaac_ip']
def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
super(Ipv6ListForm, self).__init__(*args, prefix=prefix, **kwargs)
class SOAForm(ModelForm): class SOAForm(ModelForm):
"""Ajout et edition d'un SOA""" """Ajout et edition d'un SOA"""
class Meta: class Meta:

View file

@ -0,0 +1,29 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-01-28 21:03
from __future__ import unicode_literals
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('machines', '0072_auto_20180108_1822'),
]
operations = [
migrations.CreateModel(
name='Ipv6List',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('ipv6', models.GenericIPAddressField(protocol='IPv6', unique=True)),
('slaac_ip', models.BooleanField(default=False)),
('interface', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Interface')),
],
),
migrations.AlterUniqueTogether(
name='ipv6list',
unique_together=set([('interface', 'slaac_ip')]),
),
]

View file

@ -0,0 +1,19 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-01-29 02:52
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('machines', '0073_auto_20180128_2203'),
]
operations = [
migrations.AlterModelOptions(
name='ipv6list',
options={'permissions': (('view_ipv6list', 'Peut voir un objet ipv6'), ('change_ipv6list_slaac_ip', 'Peut changer la valeur slaac sur une ipv6'))},
),
]

View file

@ -0,0 +1,19 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-01-29 23:52
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('machines', '0074_auto_20180129_0352'),
]
operations = [
migrations.AlterUniqueTogether(
name='ipv6list',
unique_together=set([]),
),
]

View file

@ -26,6 +26,7 @@ from __future__ import unicode_literals
from datetime import timedelta from datetime import timedelta
import re import re
from netaddr import mac_bare, EUI, IPSet, IPRange, IPNetwork, IPAddress from netaddr import mac_bare, EUI, IPSet, IPRange, IPNetwork, IPAddress
from ipaddress import IPv6Address
from django.db import models from django.db import models
from django.db.models.signals import post_save, post_delete from django.db.models.signals import post_save, post_delete
@ -336,6 +337,14 @@ class IpType(models.Model):
for ip in self.ip_objects(): for ip in self.ip_objects():
ip.delete() ip.delete()
def check_replace_prefixv6(self):
"""Remplace les prefixv6 des interfaces liées à ce type d'ip"""
if not self.prefix_v6:
return
else:
for ipv6 in Ipv6List.objects.filter(interface__in=Interface.objects.filter(type__in=MachineType.objects.filter(ip_type=self))):
ipv6.check_and_replace_prefix(prefix=self.prefix_v6)
def clean(self): def clean(self):
""" Nettoyage. Vérifie : """ Nettoyage. Vérifie :
- Que ip_stop est après ip_start - Que ip_stop est après ip_start
@ -815,7 +824,7 @@ class Extension(models.Model):
def __str__(self): def __str__(self):
return self.name return self.name
def clean(self): def clean(self, *args, **kwargs):
if self.name and self.name[0] != '.': if self.name and self.name[0] != '.':
raise ValidationError("Une extension doit commencer par un point") raise ValidationError("Une extension doit commencer par un point")
super(Extension, self).clean(*args, **kwargs) super(Extension, self).clean(*args, **kwargs)
@ -1188,7 +1197,7 @@ class Interface(FieldPermissionModelMixin,models.Model):
return machine.active and user.has_access() return machine.active and user.has_access()
@cached_property @cached_property
def ipv6_object(self): def ipv6_slaac(self):
""" Renvoie un objet type ipv6 à partir du prefix associé à """ Renvoie un objet type ipv6 à partir du prefix associé à
l'iptype parent""" l'iptype parent"""
if self.type.ip_type.prefix_v6: if self.type.ip_type.prefix_v6:
@ -1199,9 +1208,60 @@ class Interface(FieldPermissionModelMixin,models.Model):
return None return None
@cached_property @cached_property
def gen_ipv6_dhcpv6(self):
"""Cree une ip, à assigner avec dhcpv6 sur une machine"""
prefix_v6 = self.type.ip_type.prefix_v6
if not prefix_v6:
return None
return IPv6Address(IPv6Address(prefix_v6).exploded[:20] + IPv6Address(self.id).exploded[20:])
def sync_ipv6_dhcpv6(self):
"""Affecte une ipv6 dhcpv6 calculée à partir de l'id de la machine"""
ipv6_dhcpv6 = self.gen_ipv6_dhcpv6
if not ipv6_dhcpv6:
return
ipv6 = Ipv6List.objects.filter(ipv6=str(ipv6_dhcpv6)).first()
if not ipv6:
ipv6 = Ipv6List(ipv6=str(ipv6_dhcpv6))
ipv6.interface = self
ipv6.save()
return
def sync_ipv6_slaac(self):
"""Cree, mets à jour et supprime si il y a lieu l'ipv6 slaac associée
à la machine
Sans prefixe ipv6, on return
Si l'ip slaac n'est pas celle qu'elle devrait être, on maj"""
ipv6_slaac = self.ipv6_slaac
if not ipv6_slaac:
return
ipv6_object = Ipv6List.objects.filter(interface=self, slaac_ip=True).first()
if not ipv6_object:
ipv6_object = Ipv6List(interface=self, slaac_ip=True)
if ipv6_object.ipv6 != str(ipv6_slaac):
ipv6_object.ipv6 = str(ipv6_slaac)
ipv6_object.save()
def sync_ipv6(self):
"""Cree et met à jour l'ensemble des ipv6 en fonction du mode choisi"""
machine_options, _created = preferences.models.OptionalMachine.objects.get_or_create()
if machine_options.ipv6_mode == 'SLAAC':
self.sync_ipv6_slaac()
elif machine_options.ipv6_mode == 'DHCPV6':
self.sync_ipv6_dhcpv6()
else:
return
def ipv6(self): def ipv6(self):
""" Renvoie l'ipv6 en str. Mise en cache et propriété de l'objet""" """ Renvoie le queryset de la liste des ipv6
return str(self.ipv6_object) On renvoie l'ipv6 slaac que si le mode slaac est activé (et non dhcpv6)"""
machine_options, _created = preferences.models.OptionalMachine.objects.get_or_create()
if machine_options.ipv6_mode == 'SLAAC':
return Ipv6List.objects.filter(interface=self)
elif machine_options.ipv6_mode == 'DHCPV6':
return Ipv6List.objects.filter(interface=self, slaac_ip=False)
else:
return None
def mac_bare(self): def mac_bare(self):
""" Formatage de la mac type mac_bare""" """ Formatage de la mac type mac_bare"""
@ -1365,6 +1425,126 @@ class Interface(FieldPermissionModelMixin,models.Model):
return self.ipv4 and not self.has_private_ip() return self.ipv4 and not self.has_private_ip()
class Ipv6List(FieldPermissionModelMixin, models.Model):
PRETTY_NAME = 'Enregistrements Ipv6 des machines'
ipv6 = models.GenericIPAddressField(
protocol='IPv6',
unique=True
)
interface = models.ForeignKey('Interface', on_delete=models.CASCADE)
slaac_ip = models.BooleanField(default=False)
class Meta:
permissions = (
("view_ipv6list", "Peut voir un objet ipv6"),
("change_ipv6list_slaac_ip", "Peut changer la valeur slaac sur une ipv6"),
)
def get_instance(ipv6listid, *args, **kwargs):
"""Récupère une instance
:param interfaceid: Instance id à trouver
:return: Une instance interface évidemment"""
return Ipv6List.objects.get(pk=ipv6listid)
def can_create(user_request, interfaceid, *args, **kwargs):
"""Verifie que l'user a les bons droits infra pour créer
une ipv6, ou possède l'interface associée
:param interfaceid: Id de l'interface associée à cet objet domain
:param user_request: instance utilisateur qui fait la requête
:return: soit True, soit False avec la raison de l'échec"""
try:
interface = Interface.objects.get(pk=interfaceid)
except Interface.DoesNotExist:
return False, u"Interface inexistante"
if not user_request.has_perm('machines.add_ipv6list'):
if interface.machine.user != user_request:
return False, u"Vous ne pouvez pas ajouter un alias à une\
machine d'un autre user que vous sans droit"
return True, None
@staticmethod
def can_change_slaac_ip(user_request, *args, **kwargs):
return user_request.has_perm('machines.change_ipv6list_slaac_ip'), "Droit requis pour changer la valeur slaac ip"
def can_edit(self, user_request, *args, **kwargs):
"""Verifie que l'user a les bons droits infra pour editer
cette instance interface, ou qu'elle lui appartient
:param self: Instance interface à editer
:param user_request: Utilisateur qui fait la requête
:return: soit True, soit False avec la raison de l'échec"""
if self.interface.machine.user != user_request:
if not user_request.has_perm('machines.change_ipv6list') or not self.interface.machine.user.can_edit(user_request, *args, **kwargs)[0]:
return False, u"Vous ne pouvez pas éditer une machine\
d'un autre user que vous sans droit"
return True, None
def can_delete(self, user_request, *args, **kwargs):
"""Verifie que l'user a les bons droits delete object pour del
cette instance interface, ou qu'elle lui appartient
:param self: Instance interface à del
:param user_request: Utilisateur qui fait la requête
:return: soit True, soit False avec la raison de l'échec"""
if self.interface.machine.user != user_request:
if not user_request.has_perm('machines.change_ipv6list') or not self.interface.machine.user.can_edit(user_request, *args, **kwargs)[0]:
return False, u"Vous ne pouvez pas éditer une machine\
d'un autre user que vous sans droit"
return True, None
def can_view_all(user_request, *args, **kwargs):
"""Vérifie qu'on peut bien afficher l'ensemble des interfaces,
droit particulier view objet correspondant
:param user_request: instance user qui fait l'edition
:return: True ou False avec la raison de l'échec le cas échéant"""
if not user_request.has_perm('machines.view_ipv6list'):
return False, u"Vous n'avez pas le droit de voir des machines autre\
que les vôtres"
return True, None
def can_view(self, user_request, *args, **kwargs):
"""Vérifie qu'on peut bien voir cette instance particulière avec
droit view objet ou qu'elle appartient à l'user
:param self: instance interface à voir
:param user_request: instance user qui fait l'edition
:return: True ou False avec la raison de l'échec le cas échéant"""
if not user_request.has_perm('machines.view_ipv6list') and self.interface.machine.user != user_request:
return False, u"Vous n'avez pas le droit de voir des machines autre\
que les vôtres"
return True, None
def __init__(self, *args, **kwargs):
super(Ipv6List, self).__init__(*args, **kwargs)
self.field_permissions = {
'slaac_ip' : self.can_change_slaac_ip,
}
def check_and_replace_prefix(self, prefix=None):
"""Si le prefixe v6 est incorrect, on maj l'ipv6"""
prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6
if not prefix_v6:
return
if IPv6Address(self.ipv6).exploded[:20] != IPv6Address(prefix_v6).exploded[:20]:
self.ipv6 = IPv6Address(IPv6Address(prefix_v6).exploded[:20] + IPv6Address(self.ipv6).exploded[20:])
self.save()
def clean(self, *args, **kwargs):
if self.slaac_ip and Ipv6List.objects.filter(interface=self.interface, slaac_ip=True).exclude(id=self.id):
raise ValidationError("Une ip slaac est déjà enregistrée")
prefix_v6 = self.interface.type.ip_type.prefix_v6
if prefix_v6:
if IPv6Address(self.ipv6).exploded[:20] != IPv6Address(prefix_v6).exploded[:20]:
raise ValidationError("Le prefixv6 est incorrect et ne correspond pas au type associé à la machine")
super(Ipv6List, self).clean(*args, **kwargs)
def save(self, *args, **kwargs):
"""Force à avoir appellé clean avant"""
self.full_clean()
super(Ipv6List, self).save(*args, **kwargs)
def __str__(self):
return str(self.ipv6)
class Domain(models.Model): class Domain(models.Model):
""" Objet domain. Enregistrement A et CNAME en même temps : permet de """ Objet domain. Enregistrement A et CNAME en même temps : permet de
stocker les alias et les nom de machines, suivant si interface_parent stocker les alias et les nom de machines, suivant si interface_parent
@ -2039,6 +2219,7 @@ def interface_post_save(sender, **kwargs):
"""Synchronisation ldap et régen parefeu/dhcp lors de la modification """Synchronisation ldap et régen parefeu/dhcp lors de la modification
d'une interface""" d'une interface"""
interface = kwargs['instance'] interface = kwargs['instance']
interface.sync_ipv6()
user = interface.machine.user user = interface.machine.user
user.ldap_sync(base=False, access_refresh=False, mac_refresh=True) user.ldap_sync(base=False, access_refresh=False, mac_refresh=True)
# Regen services # Regen services
@ -2060,6 +2241,7 @@ def iptype_post_save(sender, **kwargs):
"""Generation des objets ip après modification d'un range ip""" """Generation des objets ip après modification d'un range ip"""
iptype = kwargs['instance'] iptype = kwargs['instance']
iptype.gen_ip_range() iptype.gen_ip_range()
iptype.check_replace_prefixv6()
@receiver(post_save, sender=MachineType) @receiver(post_save, sender=MachineType)

View file

@ -37,7 +37,8 @@ from machines.models import (
Service_link, Service_link,
Ns, Ns,
OuverturePortList, OuverturePortList,
OuverturePort OuverturePort,
Ipv6List
) )
@ -57,6 +58,12 @@ class IpListSerializer(serializers.ModelSerializer):
fields = ('ipv4', 'ip_type') fields = ('ipv4', 'ip_type')
class Ipv6ListSerializer(serializers.ModelSerializer):
class Meta:
model = Ipv6List
fields = ('ipv6', 'slaac_ip')
class InterfaceSerializer(serializers.ModelSerializer): class InterfaceSerializer(serializers.ModelSerializer):
"""Serialisation d'une interface, ipv4, domain et extension sont """Serialisation d'une interface, ipv4, domain et extension sont
des foreign_key, on les override et on les evalue avec des fonctions des foreign_key, on les override et on les evalue avec des fonctions
@ -81,8 +88,9 @@ class InterfaceSerializer(serializers.ModelSerializer):
class FullInterfaceSerializer(serializers.ModelSerializer): class FullInterfaceSerializer(serializers.ModelSerializer):
"""Serialisation complete d'une interface avec l'ipv6 en plus""" """Serialisation complete d'une interface avec les ipv6 en plus"""
ipv4 = IpListSerializer(read_only=True) ipv4 = IpListSerializer(read_only=True)
ipv6 = Ipv6ListSerializer(read_only=True, many=True)
mac_address = serializers.SerializerMethodField('get_macaddress') mac_address = serializers.SerializerMethodField('get_macaddress')
domain = serializers.SerializerMethodField('get_dns') domain = serializers.SerializerMethodField('get_dns')
extension = serializers.SerializerMethodField('get_interface_extension') extension = serializers.SerializerMethodField('get_interface_extension')

View file

@ -0,0 +1,51 @@
{% comment %}
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
se veut agnostique au réseau considéré, de manière à être installable en
quelques clics.
Copyright © 2017 Gabriel Détraz
Copyright © 2017 Goulven Kermarec
Copyright © 2017 Augustin Lemesle
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
{% endcomment %}
{% load acl %}
<table class="table table-striped">
<thead>
<tr>
<th>Ipv6</th>
<th>Slaac</th>
<th></th>
</tr>
</thead>
{% for ipv6 in ipv6_list %}
<tr>
<td>{{ ipv6.ipv6 }}</td>
<td>{{ ipv6.slaac_ip }}</td>
<td class="text-right">
{% can_edit ipv6 %}
{% include 'buttons/edit.html' with href='machines:edit-ipv6list' id=ipv6.id %}
{% acl_end %}
{% can_delete ipv6 %}
{% include 'buttons/suppr.html' with href='machines:del-ipv6list' id=ipv6.id %}
{% acl_end %}
{% include 'buttons/history.html' with href='machines:history' name='ipv6list' id=ipv6.id %}
</td>
</tr>
{% endfor %}
</table>

View file

@ -83,7 +83,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<b>IPv4</b> {{ interface.ipv4 }} <b>IPv4</b> {{ interface.ipv4 }}
<br> <br>
{% if ipv6_enabled and interface.ipv6 != 'None'%} {% if ipv6_enabled and interface.ipv6 != 'None'%}
<b>IPv6</b> {{ interface.ipv6 }} <b>IPv6</b>
<button class="btn btn-default btn-xs" type="button" data-toggle="collapse" data-target="#collapseIpv6_{{interface.id}}" aria-expanded="true" aria-controls="collapseIpv6_{{interface.id}}">
Afficher l'IPV6
</button>
{% endif %} {% endif %}
</td> </td>
<td class="text-right"> <td class="text-right">
@ -110,6 +113,13 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</a> </a>
</li> </li>
{% acl_end %} {% acl_end %}
{% can_create Ipv6List interface.id %}
<li>
<a href="{% url 'machines:index-ipv6' interface.id %}">
<i class="glyphicon glyphicon-edit"></i> Gerer les ipv6
</a>
</li>
{% acl_end %}
{% can_create OuverturePortList %} {% can_create OuverturePortList %}
<li> <li>
<a href="{% url 'machines:port-config' interface.id%}"> <a href="{% url 'machines:port-config' interface.id%}">
@ -121,6 +131,24 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</div> </div>
</td> </td>
</tr> </tr>
{% if ipv6_enabled and interface.ipv6 != 'None'%}
<tr>
<td colspan=5 style="border-top: none; padding: 1px;">
<div class="collapse in" id="collapseIpv6_{{interface.id}}">
<ul class="list-group" style="margin-bottom: 0px;">
{% for ipv6 in interface.ipv6.all %}
<li class="list-group-item col-xs-6 col-sm-6 col-md-6" style="border: none;">
{{ipv6}}
</li>
{% endfor %}
</ul>
</div>
</td>
<tr>
{% endif %}
{% if interface.domain.related_domain.all %} {% if interface.domain.related_domain.all %}
<tr> <tr>
<td colspan=5 style="border-top: none; padding: 1px;"> <td colspan=5 style="border-top: none; padding: 1px;">
@ -154,6 +182,12 @@ $("#machines_table").ready( function() {
alias_div[i].collapse('hide'); alias_div[i].collapse('hide');
} }
} ); } );
$("#machines_table").ready( function() {
var ipv6_div = [{% for machine in machines_list %}{% for interface in machine.interface_set.all %}{% if interface.ipv6.all %}$("#collapseIpv6_{{interface.id}}"), {% endif %}{% endfor %}{% endfor %}];
for (var i=0 ; i<ipv6_div.length ; i++) {
ipv6_div[i].collapse('hide');
}
} );
</script> </script>
{% if machines_list.paginator %} {% if machines_list.paginator %}

View file

@ -0,0 +1,41 @@
{% extends "machines/sidebar.html" %}
{% comment %}
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
se veut agnostique au réseau considéré, de manière à être installable en
quelques clics.
Copyright © 2017 Gabriel Détraz
Copyright © 2017 Goulven Kermarec
Copyright © 2017 Augustin Lemesle
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
{% endcomment %}
{% load bootstrap3 %}
{% load acl %}
{% block title %}Machines{% endblock %}
{% block content %}
<h2>Liste des ipv6 de l'interface</h2>
{% can_create Ipv6List interface_id %}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'machines:new-ipv6list' interface_id %}"><i class="glyphicon glyphicon-plus"></i> Ajouter une ipv6</a>
{% acl_end %}
{% include "machines/aff_ipv6.html" with ipv6_list=ipv6_list %}
<br />
<br />
<br />
{% endblock %}

View file

@ -72,6 +72,9 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% if nasform %} {% if nasform %}
{% bootstrap_form_errors nasform %} {% bootstrap_form_errors nasform %}
{% endif %} {% endif %}
{% if ipv6form %}
{% bootstrap_form_errors ipv6form %}
{% endif %}
<form class="form" method="post"> <form class="form" method="post">
{% csrf_token %} {% csrf_token %}
@ -139,6 +142,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<h3>NAS</h3> <h3>NAS</h3>
{% bootstrap_form nasform %} {% bootstrap_form nasform %}
{% endif %} {% endif %}
{% if ipv6form %}
<h3>Ipv6</h3>
{% bootstrap_form ipv6form %}
{% endif %}
{% bootstrap_button "Créer ou modifier" button_type="submit" icon="star" %} {% bootstrap_button "Créer ou modifier" button_type="submit" icon="star" %}
</form> </form>
<br /> <br />

View file

@ -64,6 +64,10 @@ urlpatterns = [
url(r'^edit_alias/(?P<domainid>[0-9]+)$', views.edit_alias, name='edit-alias'), url(r'^edit_alias/(?P<domainid>[0-9]+)$', views.edit_alias, name='edit-alias'),
url(r'^del_alias/(?P<interfaceid>[0-9]+)$', views.del_alias, name='del-alias'), url(r'^del_alias/(?P<interfaceid>[0-9]+)$', views.del_alias, name='del-alias'),
url(r'^index_alias/(?P<interfaceid>[0-9]+)$', views.index_alias, name='index-alias'), url(r'^index_alias/(?P<interfaceid>[0-9]+)$', views.index_alias, name='index-alias'),
url(r'^new_ipv6list/(?P<interfaceid>[0-9]+)$', views.new_ipv6list, name='new-ipv6list'),
url(r'^edit_ipv6list/(?P<ipv6listid>[0-9]+)$', views.edit_ipv6list, name='edit-ipv6list'),
url(r'^del_ipv6list/(?P<ipv6listid>[0-9]+)$', views.del_ipv6list, name='del-ipv6list'),
url(r'^index_ipv6/(?P<interfaceid>[0-9]+)$', views.index_ipv6, name='index-ipv6'),
url(r'^add_service/$', views.add_service, name='add-service'), url(r'^add_service/$', views.add_service, name='add-service'),
url(r'^edit_service/(?P<serviceid>[0-9]+)$', views.edit_service, name='edit-service'), url(r'^edit_service/(?P<serviceid>[0-9]+)$', views.edit_service, name='edit-service'),
url(r'^del_service/$', views.del_service, name='del-service'), url(r'^del_service/$', views.del_service, name='del-service'),

View file

@ -93,6 +93,7 @@ from .forms import (
DelNasForm, DelNasForm,
SrvForm, SrvForm,
DelSrvForm, DelSrvForm,
Ipv6ListForm,
) )
from .forms import EditOuverturePortListForm, EditOuverturePortConfigForm from .forms import EditOuverturePortListForm, EditOuverturePortConfigForm
from .models import ( from .models import (
@ -114,6 +115,7 @@ from .models import (
Srv, Srv,
OuverturePortList, OuverturePortList,
OuverturePort, OuverturePort,
Ipv6List,
) )
from users.models import User from users.models import User
from preferences.models import GeneralOption, OptionalMachine from preferences.models import GeneralOption, OptionalMachine
@ -368,6 +370,58 @@ def del_interface(request, interface, interfaceid):
)) ))
return form({'objet': interface, 'objet_name': 'interface'}, 'machines/delete.html', request) return form({'objet': interface, 'objet_name': 'interface'}, 'machines/delete.html', request)
@login_required
@can_create(Ipv6List)
@can_edit(Interface)
def new_ipv6list(request, interface, interfaceid):
"""Nouvelle ipv6"""
ipv6list_instance = Ipv6List(interface=interface)
ipv6 = Ipv6ListForm(request.POST or None, instance=ipv6list_instance, user=request.user)
if ipv6.is_valid():
with transaction.atomic(), reversion.create_revision():
ipv6.save()
reversion.set_user(request.user)
reversion.set_comment("Création")
messages.success(request, "Ipv6 ajoutée")
return redirect(reverse(
'machines:index-ipv6',
kwargs={'interfaceid':str(interface.id)}
))
return form({'ipv6form': ipv6}, 'machines/machine.html', request)
@login_required
@can_edit(Ipv6List)
def edit_ipv6list(request, ipv6list_instance, ipv6listid):
"""Edition d'une ipv6"""
ipv6 = Ipv6ListForm(request.POST or None, instance=ipv6list_instance, user=request.user)
if ipv6.is_valid():
with transaction.atomic(), reversion.create_revision():
ipv6.save()
reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in ipv6.changed_data))
messages.success(request, "Ipv6 modifiée")
return redirect(reverse(
'machines:index-ipv6',
kwargs={'interfaceid':str(ipv6list_instance.interface.id)}
))
return form({'ipv6form': ipv6}, 'machines/machine.html', request)
@login_required
@can_delete(Ipv6List)
def del_ipv6list(request, ipv6list, ipv6listid):
""" Supprime une ipv6"""
if request.method == "POST":
interfaceid = ipv6list.interface.id
with transaction.atomic(), reversion.create_revision():
ipv6list.delete()
reversion.set_user(request.user)
messages.success(request, "L'ipv6 a été détruite")
return redirect(reverse(
'machines:index-ipv6',
kwargs={'interfaceid':str(interfaceid)}
))
return form({'objet': ipv6list, 'objet_name': 'ipv6'}, 'machines/delete.html', request)
@login_required @login_required
@can_create(IpType) @can_create(IpType)
def add_iptype(request): def add_iptype(request):
@ -485,7 +539,7 @@ def edit_extension(request, extension_instance, extensionid):
extension.save() extension.save()
reversion.set_user(request.user) reversion.set_user(request.user)
reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in extension.changed_data)) reversion.set_comment("Champs modifié(s) : %s" % ', '.join(field for field in extension.changed_data))
mssages.success(request, "Extension modifiée") messages.success(request, "Extension modifiée")
return redirect(reverse('machines:index-extension')) return redirect(reverse('machines:index-extension'))
return form({'extensionform': extension}, 'machines/machine.html', request) return form({'extensionform': extension}, 'machines/machine.html', request)
@ -994,6 +1048,12 @@ def index_alias(request, interface, interfaceid):
alias_list = Domain.objects.filter(cname=Domain.objects.filter(interface_parent=interface)).order_by('name') alias_list = Domain.objects.filter(cname=Domain.objects.filter(interface_parent=interface)).order_by('name')
return render(request, 'machines/index_alias.html', {'alias_list':alias_list, 'interface_id': interfaceid}) return render(request, 'machines/index_alias.html', {'alias_list':alias_list, 'interface_id': interfaceid})
@login_required
@can_edit(Interface)
def index_ipv6(request, interface, interfaceid):
ipv6_list = Ipv6List.objects.filter(interface=interface)
return render(request, 'machines/index_ipv6.html', {'ipv6_list':ipv6_list, 'interface_id': interfaceid})
@login_required @login_required
@can_view_all(Service) @can_view_all(Service)
def index_service(request): def index_service(request):
@ -1208,14 +1268,16 @@ def ouverture_ports(request):
d["udp_in"] = d.get("udp_in",set()).union(pl["udp_in"]) d["udp_in"] = d.get("udp_in",set()).union(pl["udp_in"])
d["udp_out"] = d.get("udp_out",set()).union(pl["udp_out"]) d["udp_out"] = d.get("udp_out",set()).union(pl["udp_out"])
r['ipv4'][i.ipv4.ipv4] = d r['ipv4'][i.ipv4.ipv4] = d
if i.ipv6_object: if i.ipv6():
d = r['ipv6'].get(i.ipv6, {}) for ipv6 in i.ipv6():
d = r['ipv6'].get(ipv6.ipv6, {})
d["tcp_in"] = d.get("tcp_in",set()).union(pl["tcp_in"]) d["tcp_in"] = d.get("tcp_in",set()).union(pl["tcp_in"])
d["tcp_out"] = d.get("tcp_out",set()).union(pl["tcp_out"]) d["tcp_out"] = d.get("tcp_out",set()).union(pl["tcp_out"])
d["udp_in"] = d.get("udp_in",set()).union(pl["udp_in"]) d["udp_in"] = d.get("udp_in",set()).union(pl["udp_in"])
d["udp_out"] = d.get("udp_out",set()).union(pl["udp_out"]) d["udp_out"] = d.get("udp_out",set()).union(pl["udp_out"])
r['ipv6'][i.ipv6] = d r['ipv6'][ipv6.ipv6] = d
return JSONResponse(r) return JSONResponse(r)
@csrf_exempt @csrf_exempt
@login_required @login_required
@permission_required('machines.serveur') @permission_required('machines.serveur')

View file

@ -0,0 +1,24 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-01-28 21:03
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('preferences', '0027_merge_20180106_2019'),
]
operations = [
migrations.RemoveField(
model_name='optionalmachine',
name='ipv6',
),
migrations.AddField(
model_name='optionalmachine',
name='ipv6_mode',
field=models.CharField(choices=[('SLAAC', 'Autoconfiguration par RA'), ('DHCPV6', 'Attribution des ip par dhcpv6'), ('DISABLED', 'Désactivé')], default='DISABLED', max_length=32),
),
]

View file

@ -0,0 +1,16 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-01-29 23:52
from __future__ import unicode_literals
from django.db import migrations
class Migration(migrations.Migration):
dependencies = [
('preferences', '0028_auto_20180128_2203'),
('preferences', '0040_auto_20180129_1745'),
]
operations = [
]

View file

@ -25,8 +25,12 @@ Reglages généraux, machines, utilisateurs, mail, general pour l'application.
""" """
from __future__ import unicode_literals from __future__ import unicode_literals
from django.utils.functional import cached_property
from django.db import models from django.db import models
import cotisations.models import cotisations.models
import machines.models
from django.db.models.signals import post_save, post_delete
from django.dispatch import receiver
from .aes_field import AESEncryptedField from .aes_field import AESEncryptedField
@ -134,10 +138,27 @@ class OptionalMachine(models.Model):
sans droit, activation de l'ipv6""" sans droit, activation de l'ipv6"""
PRETTY_NAME = "Options machines" PRETTY_NAME = "Options machines"
SLAAC = 'SLAAC'
DHCPV6 = 'DHCPV6'
DISABLED = 'DISABLED'
CHOICE_IPV6 = (
(SLAAC, 'Autoconfiguration par RA'),
(DHCPV6, 'Attribution des ip par dhcpv6'),
(DISABLED, 'Désactivé'),
)
password_machine = models.BooleanField(default=False) password_machine = models.BooleanField(default=False)
max_lambdauser_interfaces = models.IntegerField(default=10) max_lambdauser_interfaces = models.IntegerField(default=10)
max_lambdauser_aliases = models.IntegerField(default=10) max_lambdauser_aliases = models.IntegerField(default=10)
ipv6 = models.BooleanField(default=False) ipv6_mode = models.CharField(
max_length=32,
choices=CHOICE_IPV6,
default='DISABLED'
)
@cached_property
def ipv6(self):
return not self.ipv6_mode == 'DISABLED'
class Meta: class Meta:
permissions = ( permissions = (
@ -198,6 +219,15 @@ class OptionalMachine(models.Model):
de voir les préférences concernant les machines" de voir les préférences concernant les machines"
@receiver(post_save, sender=OptionalMachine)
def interface_post_save(sender, **kwargs):
"""Synchronisation ipv6"""
machine_pref = kwargs['instance']
if machine_pref.ipv6_mode != "DISABLED":
for interface in machines.models.Interface.objects.all():
interface.sync_ipv6()
class OptionalTopologie(models.Model): class OptionalTopologie(models.Model):
"""Reglages pour la topologie : mode d'accès radius, vlan où placer """Reglages pour la topologie : mode d'accès radius, vlan où placer
les machines en accept ou reject""" les machines en accept ou reject"""

View file

@ -84,7 +84,7 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<th>Alias dns autorisé par utilisateur</th> <th>Alias dns autorisé par utilisateur</th>
<td>{{ machineoptions.max_lambdauser_aliases }}</td> <td>{{ machineoptions.max_lambdauser_aliases }}</td>
<th>Support de l'ipv6</th> <th>Support de l'ipv6</th>
<td>{{ machineoptions.ipv6 }}</td> <td>{{ machineoptions.ipv6_mode }}</td>
</tr> </tr>
</table> </table>
<h4>Préférences topologie</h4> <h4>Préférences topologie</h4>

View file

@ -106,6 +106,7 @@ MODEL_NAME = {
'Interface' : machines.models.Interface, 'Interface' : machines.models.Interface,
'Domain' : machines.models.Domain, 'Domain' : machines.models.Domain,
'IpList' : machines.models.IpList, 'IpList' : machines.models.IpList,
'Ipv6List' : machines.models.Ipv6List,
'machines.Service' : machines.models.Service, 'machines.Service' : machines.models.Service,
'Service_link' : machines.models.Service_link, 'Service_link' : machines.models.Service_link,
'OuverturePortList' : machines.models.OuverturePortList, 'OuverturePortList' : machines.models.OuverturePortList,

View file

@ -94,6 +94,7 @@ HISTORY_BIND = {
'service' : machines.models.Service, 'service' : machines.models.Service,
'vlan' : machines.models.Vlan, 'vlan' : machines.models.Vlan,
'nas' : machines.models.Vlan, 'nas' : machines.models.Vlan,
'ipv6list' : machines.models.Ipv6List,
}, },
} }