From 0b4c52a49aab3135dba28e747bad0e6d5ddf8c27 Mon Sep 17 00:00:00 2001 From: chirac Date: Sat, 23 Jun 2018 17:59:34 +0200 Subject: [PATCH 01/12] =?UTF-8?q?Ajout=20des=20mod=C3=A8les=20sshfingerpri?= =?UTF-8?q?nt=20et=20sshfingerprintalgo?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machines/admin.py | 15 ++- machines/forms.py | 32 ++++++ .../migrations/0084_auto_20180623_1651.py | 50 ++++++++++ machines/models.py | 46 +++++++++ machines/templates/machines/aff_machines.html | 7 ++ .../machines/aff_sshfingerprint.html | 51 ++++++++++ .../machines/index_sshfingerprint.html | 39 ++++++++ machines/templates/machines/machine.html | 9 ++ machines/urls.py | 12 +++ machines/views.py | 98 ++++++++++++++++++- 10 files changed, 356 insertions(+), 3 deletions(-) create mode 100644 machines/migrations/0084_auto_20180623_1651.py create mode 100644 machines/templates/machines/aff_sshfingerprint.html create mode 100644 machines/templates/machines/index_sshfingerprint.html diff --git a/machines/admin.py b/machines/admin.py index eb765748..168d84a3 100644 --- a/machines/admin.py +++ b/machines/admin.py @@ -43,7 +43,9 @@ from .models import ( Service, OuverturePort, Ipv6List, - OuverturePortList + OuverturePortList, + SshFingerprint, + SshFprAlgo, ) @@ -141,6 +143,15 @@ class ServiceAdmin(VersionAdmin): list_display = ('service_type', 'min_time_regen', 'regular_time_regen') +class SshFprAlgoAdmin(VersionAdmin): + """ Admin view of a SshFprAlgo object """ + pass + + +class SshFingerprintAdmin(VersionAdmin): + """ Admin view of a SshFprAlgo object """ + pass + admin.site.register(Machine, MachineAdmin) admin.site.register(MachineType, MachineTypeAdmin) admin.site.register(IpType, IpTypeAdmin) @@ -160,3 +171,5 @@ admin.site.register(Ipv6List, Ipv6ListAdmin) admin.site.register(Nas, NasAdmin) admin.site.register(OuverturePort, OuverturePortAdmin) admin.site.register(OuverturePortList, OuverturePortListAdmin) +admin.site.register(SshFprAlgo, SshFprAlgoAdmin) +admin.site.register(SshFingerprint, SshFingerprintAdmin) diff --git a/machines/forms.py b/machines/forms.py index 36cd64f8..869ad058 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -60,6 +60,8 @@ from .models import ( IpType, OuverturePortList, Ipv6List, + SshFingerprint, + SshFprAlgo ) @@ -595,3 +597,33 @@ class EditOuverturePortListForm(FormRevMixin, ModelForm): prefix=prefix, **kwargs ) + + +class SshFingerprintForm(FormRevMixin, ModelForm): + """Edition d'une sshfingerprint""" + class Meta: + model = SshFingerprint + exclude = ('machine',) + + def __init__(self, *args, **kwargs): + prefix = kwargs.pop('prefix', self.Meta.model.__name__) + super(SshFingerprintForm, self).__init__( + *args, + prefix=prefix, + **kwargs + ) + + +class SshFprAlgoForm(FormRevMixin, ModelForm): + """Edition de la liste des algo pour sshfpr""" + class Meta: + model = SshFprAlgo + fields = '__all__' + + def __init__(self, *args, **kwargs): + prefix = kwargs.pop('prefix', self.Meta.model.__name__) + super(SshFprAlgoForm, self).__init__( + *args, + prefix=prefix, + **kwargs + ) diff --git a/machines/migrations/0084_auto_20180623_1651.py b/machines/migrations/0084_auto_20180623_1651.py new file mode 100644 index 00000000..443c89ad --- /dev/null +++ b/machines/migrations/0084_auto_20180623_1651.py @@ -0,0 +1,50 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2018-06-23 14:51 +from __future__ import unicode_literals + +from django.db import migrations, models +import django.db.models.deletion +import re2o.mixins + + +class Migration(migrations.Migration): + + dependencies = [ + ('machines', '0083_role'), + ] + + operations = [ + migrations.CreateModel( + name='SshFingerprint', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('hash_entry', models.TextField(max_length=512)), + ('comment', models.CharField(blank=True, max_length=255, null=True)), + ], + options={ + 'permissions': (('view_sshfingerprint', 'Peut voir un objet sshfingerprint'),), + }, + bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), + ), + migrations.CreateModel( + name='SshFprAlgo', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('name', models.TextField(max_length=256)), + ], + options={ + 'permissions': (('view_sshfpralgo', 'Peut voir un algo de chiffrement'),), + }, + bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), + ), + migrations.AddField( + model_name='sshfingerprint', + name='algo', + field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='machines.SshFprAlgo'), + ), + migrations.AddField( + model_name='sshfingerprint', + name='machine', + field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine'), + ), + ] diff --git a/machines/models.py b/machines/models.py index 590e3997..ba72ebb6 100644 --- a/machines/models.py +++ b/machines/models.py @@ -200,6 +200,52 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): def __str__(self): return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) +class SshFingerprint(RevMixin, AclMixin, models.Model): + """Hash de la clef ssh d'une machine""" + + PRETTY_NAME = "Fingerprint ssh" + + machine = models.ForeignKey('Machine', on_delete=models.CASCADE) + hash_entry = models.TextField(max_length=512) + algo = models.ForeignKey('SshFprAlgo', on_delete=models.PROTECT) + comment = models.CharField( + max_length=255, + null=True, + blank=True + ) + + class Meta: + permissions = ( + ("view_sshfingerprint", "Peut voir un objet sshfingerprint"), + ) + + def can_view(self, user_request, *_args, **_kwargs): + return self.machine.can_view(user_request, *_args, **_kwargs) + + def can_edit(self, user_request, *args, **kwargs): + return self.machine.can_edit(user_request, *args, **kwargs) + + def can_delete(self, user_request, *args, **kwargs): + return self.machine.can_delete(user_request, *args, **kwargs) + + def __str__(self): + return str(self.algo) + ' ' + str(self.hash_entry) + ' ' + str(self.comment) + + +class SshFprAlgo(RevMixin, AclMixin, models.Model): + """Un aglorithme de création de la fingerprint ssh""" + PRETTY_NAME = "Algo de clef ssh" + + name = models.TextField(max_length=256) + + class Meta: + permissions = ( + ("view_sshfpralgo", "Peut voir un algo de chiffrement"), + ) + + def __str__(self): + return str(self.name) + class MachineType(RevMixin, AclMixin, models.Model): """ Type de machine, relié à un type d'ip, affecté aux interfaces""" diff --git a/machines/templates/machines/aff_machines.html b/machines/templates/machines/aff_machines.html index 0acababc..5db5e836 100644 --- a/machines/templates/machines/aff_machines.html +++ b/machines/templates/machines/aff_machines.html @@ -119,6 +119,13 @@ with this program; if not, write to the Free Software Foundation, Inc., {% acl_end %} + {% can_create SshFingerprint interface.machine.id %} +
  • + + Gerer les fingerprint ssh + +
    • + {% acl_end %} {% can_create OuverturePortList %}
  • diff --git a/machines/templates/machines/aff_sshfingerprint.html b/machines/templates/machines/aff_sshfingerprint.html new file mode 100644 index 00000000..33e7d7ad --- /dev/null +++ b/machines/templates/machines/aff_sshfingerprint.html @@ -0,0 +1,51 @@ +{% comment %} +Re2o est un logiciel d'administration développé initiallement au rezometz. Il +se veut agnostique au réseau considéré, de manière à être installable en +quelques clics. + +Copyright © 2018 Gabriel Détraz + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along +with this program; if not, write to the Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +{% endcomment %} + +{% load acl %} + + + + + + + + + + + {% for sshfpr in sshfingerprint_list %} + + + + + + + {% endfor %} +
    Entrée du hashAlgorithme utiliséCommentaire
    {{ sshfpr.hash_entry }}{{ sshfpr.algo }}{{ sshfpr.comment }} + {% can_edit sshfpr %} + {% include 'buttons/edit.html' with href='machines:edit-sshfingerprint' id=sshfpr.id %} + {% acl_end %} + {% can_delete sshfpr %} + {% include 'buttons/suppr.html' with href='machines:del-sshfingerprint' id=sshfpr.id %} + {% acl_end %} + {% include 'buttons/history.html' with href='machines:history' name='sshfingerprint' id=sshfpr.id %} +
    + diff --git a/machines/templates/machines/index_sshfingerprint.html b/machines/templates/machines/index_sshfingerprint.html new file mode 100644 index 00000000..eba872c0 --- /dev/null +++ b/machines/templates/machines/index_sshfingerprint.html @@ -0,0 +1,39 @@ +{% extends "machines/sidebar.html" %} +{% comment %} +Re2o est un logiciel d'administration développé initiallement au rezometz. Il +se veut agnostique au réseau considéré, de manière à être installable en +quelques clics. + +Copyright © 2018 Gabriel Détraz + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along +with this program; if not, write to the Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +{% endcomment %} + +{% load bootstrap3 %} +{% load acl %} + +{% block title %}Machines{% endblock %} + +{% block content %} +

    Liste des fingerprint ssh

    + {% can_create SshFingerprint machine_id %} +     Ajouter une fingerprint ssh + {% acl_end %} + {% include "machines/aff_sshfingerprint.html" with sshfingerprint_list=sshfingerprint_list %} +
    +
    +
    +{% endblock %} + diff --git a/machines/templates/machines/machine.html b/machines/templates/machines/machine.html index 0c5a478a..71caa705 100644 --- a/machines/templates/machines/machine.html +++ b/machines/templates/machines/machine.html @@ -78,6 +78,11 @@ with this program; if not, write to the Free Software Foundation, Inc., {% if ipv6form %} {% bootstrap_form_errors ipv6form %} {% endif %} +{% if sshfingerprintform %} + {% bootstrap_form_errors sshfingerprintform %} +{% endif %} + +
    {% csrf_token %} @@ -153,6 +158,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,

    Ipv6

    {% bootstrap_form ipv6form %} {% endif %} + {% if sshfingerprintform %} +

    SshFingerprint

    + {% bootstrap_form sshfingerprintform %} + {% endif %} {% bootstrap_button action_name button_type="submit" icon="star" %}

    diff --git a/machines/urls.py b/machines/urls.py index bf3d63d8..8f58373a 100644 --- a/machines/urls.py +++ b/machines/urls.py @@ -107,6 +107,18 @@ urlpatterns = [ url(r'^index_ipv6/(?P[0-9]+)$', views.index_ipv6, name='index-ipv6'), + url(r'^new_sshfingerprint/(?P[0-9]+)$', + views.new_sshfingerprint, + name='new-sshfingerprint'), + url(r'^edit_sshfingerprint/(?P[0-9]+)$', + views.edit_sshfingerprint, + name='edit-sshfingerprint'), + url(r'^del_sshfingerprint/(?P[0-9]+)$', + views.del_sshfingerprint, + name='del-sshfingerprint'), + url(r'^index_sshfingerprint/(?P[0-9]+)$', + views.index_sshfingerprint, + name='index-sshfingerprint'), url(r'^add_service/$', views.add_service, name='add-service'), url(r'^edit_service/(?P[0-9]+)$', views.edit_service, diff --git a/machines/views.py b/machines/views.py index 71484952..91cbf0fc 100644 --- a/machines/views.py +++ b/machines/views.py @@ -108,7 +108,9 @@ from .forms import ( DelSrvForm, Ipv6ListForm, EditOuverturePortListForm, - EditOuverturePortConfigForm + EditOuverturePortConfigForm, + SshFingerprintForm, + SshFprAlgoForm, ) from .models import ( IpType, @@ -130,6 +132,8 @@ from .models import ( OuverturePortList, OuverturePort, Ipv6List, + SshFingerprint, + SshFprAlgo, ) @@ -460,6 +464,72 @@ def del_ipv6list(request, ipv6list, **_kwargs): ) +@login_required +@can_create(SshFingerprint) +@can_edit(Machine) +def new_sshfingerprint(request, machine, **_kwargs): + """Nouvelle sshfingerprint""" + sshfingerprint_instance = SshFingerprint(machine=machine) + sshfingerprint = SshFingerprintForm( + request.POST or None, + instance=sshfingerprint_instance + ) + if sshfingerprint.is_valid(): + sshfingerprint.save() + messages.success(request, "Fingerprint ssh ajoutée") + return redirect(reverse( + 'machines:index-sshfingerprint', + kwargs={'machine': str(machine.id)} + )) + return form( + {'sshfingerprintform': sshfingerprint, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + + +@login_required +@can_edit(SshFingerprint) +def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs): + """Edition d'une sshfingerprint""" + sshfingerprint = SshFingerprintForm( + request.POST or None, + instance=sshfingerprint_instance + ) + if sshfingerprint.is_valid(): + if sshfingerprint.changed_data: + sshfingerprint.save() + messages.success(request, "Ipv6 modifiée") + return redirect(reverse( + 'machines:index-sshfingerprint', + kwargs={'machineid': str(sshfingerprint_instance.machine.id)} + )) + return form( + {'sshfingerprintform': sshfingerprint, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + + +@login_required +@can_delete(SshFingerprint) +def del_sshfingerprint(request, sshfingerprint, **_kwargs): + """ Supprime une sshfingerprint""" + if request.method == "POST": + machineid = sshfingerprint.machine.id + sshfingerprint.delete() + messages.success(request, "La sshfingerprint a été détruite") + return redirect(reverse( + 'machines:index-sshfingerprint', + kwargs={'machineid': str(machineid)} + )) + return form( + {'objet': sshfingerprint, 'objet_name': 'sshfingerprint'}, + 'machines/delete.html', + request + ) + + @login_required @can_create(IpType) def add_iptype(request): @@ -1388,7 +1458,31 @@ def index_alias(request, interface, interfaceid): @login_required -@can_edit(Interface) +@can_edit(Machine) +def index_sshfingerprint(request, machine, machineid): + """ View used to display the list of existing IPv6 of an interface """ + sshfingerprint_list = SshFingerprint.objects.filter(machine=machine) + return render( + request, + 'machines/index_sshfingerprint.html', + {'sshfingerprint_list': sshfingerprint_list, 'machine_id': machineid} + ) + + +@login_required +@can_view_all(SshFprAlgo) +def index_sshfpralgo(request): + """ View used to display the list of existing sshfrpalgo""" + sshfpralgo_list = SshFprAlgo.objects.all() + return render( + request, + 'machines/index_sshfpralgo.html', + {'sshfpralgo_list': sshfpralgo_list} + ) + + +@login_required +@can_view_all(Interface) def index_ipv6(request, interface, interfaceid): """ View used to display the list of existing IPv6 of an interface """ ipv6_list = Ipv6List.objects.filter(interface=interface) From e9f47677099fa8e7c799e6602453bffb51ccda7d Mon Sep 17 00:00:00 2001 From: chirac Date: Sat, 23 Jun 2018 18:32:43 +0200 Subject: [PATCH 02/12] Gestion complete des algo de fingerprintssh --- .../migrations/0085_auto_20180623_1817.py | 20 ++++++ machines/models.py | 2 +- .../templates/machines/aff_sshfpralgo.html | 47 +++++++++++++ .../templates/machines/index_sshfpralgo.html | 39 +++++++++++ machines/templates/machines/machine.html | 8 +++ machines/templates/machines/sidebar.html | 6 ++ machines/urls.py | 12 ++++ machines/views.py | 70 ++++++++++++++++++- 8 files changed, 201 insertions(+), 3 deletions(-) create mode 100644 machines/migrations/0085_auto_20180623_1817.py create mode 100644 machines/templates/machines/aff_sshfpralgo.html create mode 100644 machines/templates/machines/index_sshfpralgo.html diff --git a/machines/migrations/0085_auto_20180623_1817.py b/machines/migrations/0085_auto_20180623_1817.py new file mode 100644 index 00000000..0c3216c5 --- /dev/null +++ b/machines/migrations/0085_auto_20180623_1817.py @@ -0,0 +1,20 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2018-06-23 16:17 +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('machines', '0084_auto_20180623_1651'), + ] + + operations = [ + migrations.AlterField( + model_name='sshfpralgo', + name='name', + field=models.CharField(max_length=256), + ), + ] diff --git a/machines/models.py b/machines/models.py index ba72ebb6..41d57a99 100644 --- a/machines/models.py +++ b/machines/models.py @@ -236,7 +236,7 @@ class SshFprAlgo(RevMixin, AclMixin, models.Model): """Un aglorithme de création de la fingerprint ssh""" PRETTY_NAME = "Algo de clef ssh" - name = models.TextField(max_length=256) + name = models.CharField(max_length=256) class Meta: permissions = ( diff --git a/machines/templates/machines/aff_sshfpralgo.html b/machines/templates/machines/aff_sshfpralgo.html new file mode 100644 index 00000000..fe9e78c4 --- /dev/null +++ b/machines/templates/machines/aff_sshfpralgo.html @@ -0,0 +1,47 @@ +{% comment %} +Re2o est un logiciel d'administration développé initiallement au rezometz. Il +se veut agnostique au réseau considéré, de manière à être installable en +quelques clics. + +Copyright © 2018 Gabriel Détraz + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along +with this program; if not, write to the Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +{% endcomment %} + +{% load acl %} + + + + + + + + + {% for sshfpralgo in sshfpralgo_list %} + + + + + {% endfor %} +
    Nom de l'algo
    {{ sshfpralgo.name }} + {% can_edit sshfpralgo %} + {% include 'buttons/edit.html' with href='machines:edit-sshfpralgo' id=sshfpralgo.id %} + {% acl_end %} + {% can_delete sshfpralgo %} + {% include 'buttons/suppr.html' with href='machines:del-sshfpralgo' id=sshfpralgo.id %} + {% acl_end %} + {% include 'buttons/history.html' with href='machines:history' name='sshfpralgo' id=sshfpralgo.id %} +
    + diff --git a/machines/templates/machines/index_sshfpralgo.html b/machines/templates/machines/index_sshfpralgo.html new file mode 100644 index 00000000..90107d0a --- /dev/null +++ b/machines/templates/machines/index_sshfpralgo.html @@ -0,0 +1,39 @@ +{% extends "machines/sidebar.html" %} +{% comment %} +Re2o est un logiciel d'administration développé initiallement au rezometz. Il +se veut agnostique au réseau considéré, de manière à être installable en +quelques clics. + +Copyright © 2018 Gabriel Détraz + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along +with this program; if not, write to the Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +{% endcomment %} + +{% load bootstrap3 %} +{% load acl %} + +{% block title %}Machines{% endblock %} + +{% block content %} +

    Liste des algo fingerprint ssh

    + {% can_create SshFprAlgo %} + Ajouter un algo ssh + {% acl_end %} + {% include "machines/aff_sshfpralgo.html" with sshfpralgo_list=sshfpralgo_list %} +
    +
    +
    +{% endblock %} + diff --git a/machines/templates/machines/machine.html b/machines/templates/machines/machine.html index 71caa705..b49673bb 100644 --- a/machines/templates/machines/machine.html +++ b/machines/templates/machines/machine.html @@ -81,6 +81,10 @@ with this program; if not, write to the Free Software Foundation, Inc., {% if sshfingerprintform %} {% bootstrap_form_errors sshfingerprintform %} {% endif %} +{% if sshfpralgoform %} + {% bootstrap_form_errors sshfpralgoform %} +{% endif %} + @@ -162,6 +166,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,

    SshFingerprint

    {% bootstrap_form sshfingerprintform %} {% endif %} + {% if sshfpralgoform %} +

    Algorithme de fingerprint ssh

    + {% bootstrap_form sshfpralgoform %} + {% endif %} {% bootstrap_button action_name button_type="submit" icon="star" %}
    diff --git a/machines/templates/machines/sidebar.html b/machines/templates/machines/sidebar.html index 5a0f975d..0b272b0a 100644 --- a/machines/templates/machines/sidebar.html +++ b/machines/templates/machines/sidebar.html @@ -44,6 +44,12 @@ with this program; if not, write to the Free Software Foundation, Inc., Extensions et zones {% acl_end %} + {% can_view_all SshFprAlgo %} + + + Algo de fingerprint ssh + + {% acl_end %} {% can_view_all IpType %} diff --git a/machines/urls.py b/machines/urls.py index 8f58373a..41c0d81c 100644 --- a/machines/urls.py +++ b/machines/urls.py @@ -119,6 +119,18 @@ urlpatterns = [ url(r'^index_sshfingerprint/(?P[0-9]+)$', views.index_sshfingerprint, name='index-sshfingerprint'), + url(r'^new_sshfpralgo/$', + views.new_sshfpralgo, + name='new-sshfpralgo'), + url(r'^edit_sshfpralgo/(?P[0-9]+)$', + views.edit_sshfpralgo, + name='edit-sshfpralgo'), + url(r'^del_sshfpralgo/(?P[0-9]+)$', + views.del_sshfpralgo, + name='del-sshfpralgo'), + url(r'^index_sshfpralgo/$', + views.index_sshfpralgo, + name='index-sshfpralgo'), url(r'^add_service/$', views.add_service, name='add-service'), url(r'^edit_service/(?P[0-9]+)$', views.edit_service, diff --git a/machines/views.py b/machines/views.py index 91cbf0fc..1c443980 100644 --- a/machines/views.py +++ b/machines/views.py @@ -479,7 +479,7 @@ def new_sshfingerprint(request, machine, **_kwargs): messages.success(request, "Fingerprint ssh ajoutée") return redirect(reverse( 'machines:index-sshfingerprint', - kwargs={'machine': str(machine.id)} + kwargs={'machineid': str(machine.id)} )) return form( {'sshfingerprintform': sshfingerprint, 'action_name': 'Créer'}, @@ -499,7 +499,7 @@ def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs): if sshfingerprint.is_valid(): if sshfingerprint.changed_data: sshfingerprint.save() - messages.success(request, "Ipv6 modifiée") + messages.success(request, "Ssh fingerprint modifiée") return redirect(reverse( 'machines:index-sshfingerprint', kwargs={'machineid': str(sshfingerprint_instance.machine.id)} @@ -530,6 +530,72 @@ def del_sshfingerprint(request, sshfingerprint, **_kwargs): ) +@login_required +@can_create(SshFprAlgo) +def new_sshfpralgo(request, **_kwargs): + """Nouvelle sshfpralgo""" + sshfpralgo = SshFprAlgoForm( + request.POST or None, + ) + if sshfpralgo.is_valid(): + sshfpralgo.save() + messages.success(request, "Algo Fingerprint ssh ajouté") + return redirect(reverse( + 'machines:index-sshfpralgo' + )) + return form( + {'sshfpralgoform': sshfpralgo, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + + +@login_required +@can_edit(SshFprAlgo) +def edit_sshfpralgo(request, sshfpralgo_instance, **_kwargs): + """Edition d'une sshfpralgo""" + sshfpralgo = SshFprAlgoForm( + request.POST or None, + instance=sshfpralgo_instance + ) + if sshfpralgo.is_valid(): + if sshfpralgo.changed_data: + sshfpralgo.save() + messages.success(request, "Algo de sshfp modifiée") + return redirect(reverse( + 'machines:index-sshfpralgo' + )) + return form( + {'sshfpralgoform': sshfpralgo, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + + +@login_required +@can_delete(SshFprAlgo) +def del_sshfpralgo(request, sshfpralgo, **_kwargs): + """ Supprime une sshfpralgo""" + if request.method == "POST": + try: + sshfpralgo.delete() + messages.success(request, "La sshfpralgo a été détruite") + except ProtectedError: + messages.error( + request, + ("L'algo est affectée à au moins une fingerprint ssh, " + "vous ne pouvez pas le supprimer") + ) + return redirect(reverse( + 'machines:index-sshfpralgo' + )) + return form( + {'objet': sshfpralgo, 'objet_name': 'sshfpralgo'}, + 'machines/delete.html', + request + ) + + @login_required @can_create(IpType) def add_iptype(request): From 7ccc93cf4c9bfebfc6cfc40533642bce69bc98ef Mon Sep 17 00:00:00 2001 From: Grizzly Date: Sun, 24 Jun 2018 18:26:26 +0000 Subject: [PATCH 03/12] mise en page pour les longues fingerpint ssh --- .../templates/machines/aff_sshfingerprint.html | 9 +++++---- static/css/base.css | 15 +++++++++++++++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/machines/templates/machines/aff_sshfingerprint.html b/machines/templates/machines/aff_sshfingerprint.html index 33e7d7ad..533f7c9f 100644 --- a/machines/templates/machines/aff_sshfingerprint.html +++ b/machines/templates/machines/aff_sshfingerprint.html @@ -21,11 +21,11 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load acl %} - - +
    +
    - + @@ -33,7 +33,7 @@ with this program; if not, write to the Free Software Foundation, Inc., {% for sshfpr in sshfingerprint_list %} - + {% endfor %}
    Entrée du hashEntrée du hash Algorithme utilisé Commentaire
    {{ sshfpr.hash_entry }}{{ sshfpr.pub_key_entry }} {{ sshfpr.algo }} {{ sshfpr.comment }} @@ -48,4 +48,5 @@ with this program; if not, write to the Free Software Foundation, Inc.,
    + diff --git a/static/css/base.css b/static/css/base.css index 2b44e95c..2dc17770 100644 --- a/static/css/base.css +++ b/static/css/base.css @@ -113,4 +113,19 @@ footer a { .modal-dialog { width: 1000px } + +/* For tables with long text in cells */ + +.table.long_text{ + table-layout: fixed; + width: 100%; +} + +td.long_text{ + word-wrap: break-word; + width: 40%; +} + +th.long_text{ + width: 60%; } From 352a416647aa4135ecc7914c024c933f5bdd1674 Mon Sep 17 00:00:00 2001 From: chirac Date: Sun, 24 Jun 2018 13:04:27 +0200 Subject: [PATCH 04/12] =?UTF-8?q?Precision,=20clef=20ssh=20pub=20et=20pas?= =?UTF-8?q?=20hash=20stock=C3=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../migrations/0086_auto_20180624_1254.py | 30 +++++++++++++++++++ machines/models.py | 16 +++++++--- 2 files changed, 42 insertions(+), 4 deletions(-) create mode 100644 machines/migrations/0086_auto_20180624_1254.py diff --git a/machines/migrations/0086_auto_20180624_1254.py b/machines/migrations/0086_auto_20180624_1254.py new file mode 100644 index 00000000..7474ac8b --- /dev/null +++ b/machines/migrations/0086_auto_20180624_1254.py @@ -0,0 +1,30 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2018-06-24 10:54 +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('machines', '0085_auto_20180623_1817'), + ] + + operations = [ + migrations.RenameField( + model_name='sshfingerprint', + old_name='hash_entry', + new_name='pub_key_entry', + ), + migrations.AlterField( + model_name='sshfingerprint', + name='comment', + field=models.CharField(blank=True, help_text='Commentaire', max_length=255, null=True), + ), + migrations.AlterField( + model_name='sshfingerprint', + name='pub_key_entry', + field=models.TextField(help_text='Clef publique ssh', max_length=2048), + ), + ] diff --git a/machines/models.py b/machines/models.py index 41d57a99..986fe4d9 100644 --- a/machines/models.py +++ b/machines/models.py @@ -201,14 +201,22 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) class SshFingerprint(RevMixin, AclMixin, models.Model): - """Hash de la clef ssh d'une machine""" + """Stockage de la clef ssh publique d'une machine + et calcul de ses hash""" - PRETTY_NAME = "Fingerprint ssh" + PRETTY_NAME = "Clef publique ssh" machine = models.ForeignKey('Machine', on_delete=models.CASCADE) - hash_entry = models.TextField(max_length=512) - algo = models.ForeignKey('SshFprAlgo', on_delete=models.PROTECT) + pub_key_entry = models.TextField( + help_text="Clef publique ssh", + max_length=2048 + ) + algo = models.ForeignKey( + 'SshFprAlgo', + on_delete=models.PROTECT + ) comment = models.CharField( + help_text="Commentaire", max_length=255, null=True, blank=True From 5dce3629b71b183dce64c86986ba3f750fa754b1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABl=20Kervella?= Date: Mon, 23 Jul 2018 23:33:01 +0000 Subject: [PATCH 05/12] translation and cleanup --- machines/forms.py | 4 +- .../migrations/0084_auto_20180623_1651.py | 28 ++++++------- .../migrations/0085_auto_20180623_1817.py | 20 --------- .../migrations/0086_auto_20180624_1254.py | 30 ------------- machines/models.py | 22 +++++----- machines/templates/machines/aff_machines.html | 2 +- .../machines/aff_sshfingerprint.html | 26 ++++++------ .../templates/machines/aff_sshfpralgo.html | 42 +++++++++---------- .../machines/index_sshfingerprint.html | 15 ++++--- .../templates/machines/index_sshfpralgo.html | 15 ++++--- machines/templates/machines/machine.html | 31 +++++++------- machines/templates/machines/sidebar.html | 2 +- machines/views.py | 42 +++++++++---------- 13 files changed, 110 insertions(+), 169 deletions(-) delete mode 100644 machines/migrations/0085_auto_20180623_1817.py delete mode 100644 machines/migrations/0086_auto_20180624_1254.py diff --git a/machines/forms.py b/machines/forms.py index 869ad058..e9086ef8 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -600,7 +600,7 @@ class EditOuverturePortListForm(FormRevMixin, ModelForm): class SshFingerprintForm(FormRevMixin, ModelForm): - """Edition d'une sshfingerprint""" + """Edits a SSH fingerprint.""" class Meta: model = SshFingerprint exclude = ('machine',) @@ -615,7 +615,7 @@ class SshFingerprintForm(FormRevMixin, ModelForm): class SshFprAlgoForm(FormRevMixin, ModelForm): - """Edition de la liste des algo pour sshfpr""" + """Edits a SSH fingerprint algorithm.""" class Meta: model = SshFprAlgo fields = '__all__' diff --git a/machines/migrations/0084_auto_20180623_1651.py b/machines/migrations/0084_auto_20180623_1651.py index 443c89ad..04ab125e 100644 --- a/machines/migrations/0084_auto_20180623_1651.py +++ b/machines/migrations/0084_auto_20180623_1651.py @@ -10,7 +10,7 @@ import re2o.mixins class Migration(migrations.Migration): dependencies = [ - ('machines', '0083_role'), + ('machines', '0083_remove_duplicate_rights'), ] operations = [ @@ -18,11 +18,15 @@ class Migration(migrations.Migration): name='SshFingerprint', fields=[ ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('hash_entry', models.TextField(max_length=512)), - ('comment', models.CharField(blank=True, max_length=255, null=True)), + ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)), + ('comment', models.CharField(blank=True, help_text='Comment', max_length=255, null=True)), + ('algo', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='machines.SshFprAlgo')), + ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')), ], options={ - 'permissions': (('view_sshfingerprint', 'Peut voir un objet sshfingerprint'),), + 'permissions': (('view_sshfingerprint', 'Can see an SSH fingerprint'),), + 'verbose_name': 'SSH fingerprint', + 'verbose_name_plural': 'SSH fingerprints' }, bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), ), @@ -30,21 +34,13 @@ class Migration(migrations.Migration): name='SshFprAlgo', fields=[ ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('name', models.TextField(max_length=256)), + ('name', models.CharField(max_length=256)), ], options={ - 'permissions': (('view_sshfpralgo', 'Peut voir un algo de chiffrement'),), + 'permissions': (('view_sshfpralgo', 'Can see an SSH fingerprint algorithm'),), + 'verbose_name': 'SSH fingerprint algorithm', + 'verbose_name_plural': 'SSH fingerprint algorithms' }, bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), ), - migrations.AddField( - model_name='sshfingerprint', - name='algo', - field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='machines.SshFprAlgo'), - ), - migrations.AddField( - model_name='sshfingerprint', - name='machine', - field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine'), - ), ] diff --git a/machines/migrations/0085_auto_20180623_1817.py b/machines/migrations/0085_auto_20180623_1817.py deleted file mode 100644 index 0c3216c5..00000000 --- a/machines/migrations/0085_auto_20180623_1817.py +++ /dev/null @@ -1,20 +0,0 @@ -# -*- coding: utf-8 -*- -# Generated by Django 1.10.7 on 2018-06-23 16:17 -from __future__ import unicode_literals - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ('machines', '0084_auto_20180623_1651'), - ] - - operations = [ - migrations.AlterField( - model_name='sshfpralgo', - name='name', - field=models.CharField(max_length=256), - ), - ] diff --git a/machines/migrations/0086_auto_20180624_1254.py b/machines/migrations/0086_auto_20180624_1254.py deleted file mode 100644 index 7474ac8b..00000000 --- a/machines/migrations/0086_auto_20180624_1254.py +++ /dev/null @@ -1,30 +0,0 @@ -# -*- coding: utf-8 -*- -# Generated by Django 1.10.7 on 2018-06-24 10:54 -from __future__ import unicode_literals - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ('machines', '0085_auto_20180623_1817'), - ] - - operations = [ - migrations.RenameField( - model_name='sshfingerprint', - old_name='hash_entry', - new_name='pub_key_entry', - ), - migrations.AlterField( - model_name='sshfingerprint', - name='comment', - field=models.CharField(blank=True, help_text='Commentaire', max_length=255, null=True), - ), - migrations.AlterField( - model_name='sshfingerprint', - name='pub_key_entry', - field=models.TextField(help_text='Clef publique ssh', max_length=2048), - ), - ] diff --git a/machines/models.py b/machines/models.py index 986fe4d9..6101cffc 100644 --- a/machines/models.py +++ b/machines/models.py @@ -201,14 +201,10 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) class SshFingerprint(RevMixin, AclMixin, models.Model): - """Stockage de la clef ssh publique d'une machine - et calcul de ses hash""" - - PRETTY_NAME = "Clef publique ssh" - + """A fingerpirnt of an SSH public key""" machine = models.ForeignKey('Machine', on_delete=models.CASCADE) pub_key_entry = models.TextField( - help_text="Clef publique ssh", + help_text="SSH public key", max_length=2048 ) algo = models.ForeignKey( @@ -216,7 +212,7 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): on_delete=models.PROTECT ) comment = models.CharField( - help_text="Commentaire", + help_text="Comment", max_length=255, null=True, blank=True @@ -224,8 +220,10 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): class Meta: permissions = ( - ("view_sshfingerprint", "Peut voir un objet sshfingerprint"), + ("view_sshfingerprint", "Can see an SSH fingerprint"), ) + verbose_name = "SSH fingerprint" + verbose_name_plural = "SSH fingerprints" def can_view(self, user_request, *_args, **_kwargs): return self.machine.can_view(user_request, *_args, **_kwargs) @@ -241,15 +239,15 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): class SshFprAlgo(RevMixin, AclMixin, models.Model): - """Un aglorithme de création de la fingerprint ssh""" - PRETTY_NAME = "Algo de clef ssh" - + """An algorithm to compute SSH fingerprints""" name = models.CharField(max_length=256) class Meta: permissions = ( - ("view_sshfpralgo", "Peut voir un algo de chiffrement"), + ("view_sshfpralgo", "Can see an SSH fingerprint algorithm"), ) + verbose_name = "SSH fingerprint algorithm" + verbose_name_plural = "SSH fingerprint algorithms" def __str__(self): return str(self.name) diff --git a/machines/templates/machines/aff_machines.html b/machines/templates/machines/aff_machines.html index 5db5e836..e5599858 100644 --- a/machines/templates/machines/aff_machines.html +++ b/machines/templates/machines/aff_machines.html @@ -122,7 +122,7 @@ with this program; if not, write to the Free Software Foundation, Inc., {% can_create SshFingerprint interface.machine.id %}
  • - Gerer les fingerprint ssh + Manage the SSH fingerprints
    • {% acl_end %} diff --git a/machines/templates/machines/aff_sshfingerprint.html b/machines/templates/machines/aff_sshfingerprint.html index 533f7c9f..5c9691fa 100644 --- a/machines/templates/machines/aff_sshfingerprint.html +++ b/machines/templates/machines/aff_sshfingerprint.html @@ -21,14 +21,16 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load acl %} +{% load logs_extra %} +
    - - - - + + + + {% for sshfpr in sshfingerprint_list %} @@ -36,14 +38,14 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% endfor %} diff --git a/machines/templates/machines/aff_sshfpralgo.html b/machines/templates/machines/aff_sshfpralgo.html index fe9e78c4..902191ff 100644 --- a/machines/templates/machines/aff_sshfpralgo.html +++ b/machines/templates/machines/aff_sshfpralgo.html @@ -21,27 +21,27 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load acl %} +{% load logs_extra %} -
    Entrée du hashAlgorithme utiliséCommentaireSSH public keyAlgorithm usedComment
    {{ sshfpr.pub_key_entry }} {{ sshfpr.algo }} {{ sshfpr.comment }} - {% can_edit sshfpr %} - {% include 'buttons/edit.html' with href='machines:edit-sshfingerprint' id=sshfpr.id %} - {% acl_end %} - {% can_delete sshfpr %} - {% include 'buttons/suppr.html' with href='machines:del-sshfingerprint' id=sshfpr.id %} - {% acl_end %} - {% include 'buttons/history.html' with href='machines:history' name='sshfingerprint' id=sshfpr.id %} + + {% can_edit sshfpr %} + {% include 'buttons/edit.html' with href='machines:edit-sshfingerprint' id=sshfpr.id %} + {% acl_end %} + {% can_delete sshfpr %} + {% include 'buttons/suppr.html' with href='machines:del-sshfingerprint' id=sshfpr.id %} + {% acl_end %} + {% history_button sshfpr %}
    - - - - - - - {% for sshfpralgo in sshfpralgo_list %} +
    Nom de l'algo
    + - - + + - {% endfor %} -
    {{ sshfpralgo.name }} - {% can_edit sshfpralgo %} - {% include 'buttons/edit.html' with href='machines:edit-sshfpralgo' id=sshfpralgo.id %} - {% acl_end %} - {% can_delete sshfpralgo %} - {% include 'buttons/suppr.html' with href='machines:del-sshfpralgo' id=sshfpralgo.id %} - {% acl_end %} - {% include 'buttons/history.html' with href='machines:history' name='sshfpralgo' id=sshfpralgo.id %} - Algorithm name
    - + + {% for sshfpralgo in sshfpralgo_list %} + + {{ sshfpralgo.name }} + + {% can_edit sshfpralgo %} + {% include 'buttons/edit.html' with href='machines:edit-sshfpralgo' id=sshfpralgo.id %} + {% acl_end %} + {% can_delete sshfpralgo %} + {% include 'buttons/suppr.html' with href='machines:del-sshfpralgo' id=sshfpralgo.id %} + {% acl_end %} + {% history_button sshfpralgo %} + + + {% endfor %} + diff --git a/machines/templates/machines/index_sshfingerprint.html b/machines/templates/machines/index_sshfingerprint.html index eba872c0..ec511e45 100644 --- a/machines/templates/machines/index_sshfingerprint.html +++ b/machines/templates/machines/index_sshfingerprint.html @@ -27,13 +27,12 @@ with this program; if not, write to the Free Software Foundation, Inc., {% block title %}Machines{% endblock %} {% block content %} -

    Liste des fingerprint ssh

    - {% can_create SshFingerprint machine_id %} - Ajouter une fingerprint ssh - {% acl_end %} - {% include "machines/aff_sshfingerprint.html" with sshfingerprint_list=sshfingerprint_list %} -
    -
    -
    +

    SSH fingerprints

    +{% can_create SshFingerprint machine_id %} + + Add an SSH fingerprint + +{% acl_end %} +{% include "machines/aff_sshfingerprint.html" with sshfingerprint_list=sshfingerprint_list %} {% endblock %} diff --git a/machines/templates/machines/index_sshfpralgo.html b/machines/templates/machines/index_sshfpralgo.html index 90107d0a..1bf50635 100644 --- a/machines/templates/machines/index_sshfpralgo.html +++ b/machines/templates/machines/index_sshfpralgo.html @@ -27,13 +27,12 @@ with this program; if not, write to the Free Software Foundation, Inc., {% block title %}Machines{% endblock %} {% block content %} -

    Liste des algo fingerprint ssh

    - {% can_create SshFprAlgo %} - Ajouter un algo ssh - {% acl_end %} - {% include "machines/aff_sshfpralgo.html" with sshfpralgo_list=sshfpralgo_list %} -
    -
    -
    +

    SSH fingerprint algorithms

    +{% can_create SshFprAlgo %} + + Add an SSH fingerprint algorithm + +{% acl_end %} +{% include "machines/aff_sshfpralgo.html" with sshfpralgo_list=sshfpralgo_list %} {% endblock %} diff --git a/machines/templates/machines/machine.html b/machines/templates/machines/machine.html index b49673bb..d5918ef8 100644 --- a/machines/templates/machines/machine.html +++ b/machines/templates/machines/machine.html @@ -33,6 +33,12 @@ with this program; if not, write to the Free Software Foundation, Inc., {% if machineform %} {% bootstrap_form_errors machineform %} {% endif %} +{% if sshfingerprintform %} + {% bootstrap_form_errors sshfingerprintform %} +{% endif %} +{% if sshfpralgoform %} + {% bootstrap_form_errors sshfpralgoform %} +{% endif %} {% if interfaceform %} {% bootstrap_form_errors interfaceform %} {% endif %} @@ -78,15 +84,6 @@ with this program; if not, write to the Free Software Foundation, Inc., {% if ipv6form %} {% bootstrap_form_errors ipv6form %} {% endif %} -{% if sshfingerprintform %} - {% bootstrap_form_errors sshfingerprintform %} -{% endif %} -{% if sshfpralgoform %} - {% bootstrap_form_errors sshfpralgoform %} -{% endif %} - - -
    {% csrf_token %} @@ -94,6 +91,14 @@ with this program; if not, write to the Free Software Foundation, Inc.,

    Machine

    {% massive_bootstrap_form machineform 'user' %} {% endif %} + {% if sshfingerprintform %} +

    SSH fingerprint

    + {% bootstrap_form sshfingerprintform %} + {% endif %} + {% if sshfpralgoform %} +

    SSH fingerprint algorithm

    + {% bootstrap_form sshfpralgoform %} + {% endif %} {% if interfaceform %}

    Interface

    {% if i_mbf_param %} @@ -162,14 +167,6 @@ with this program; if not, write to the Free Software Foundation, Inc.,

    Ipv6

    {% bootstrap_form ipv6form %} {% endif %} - {% if sshfingerprintform %} -

    SshFingerprint

    - {% bootstrap_form sshfingerprintform %} - {% endif %} - {% if sshfpralgoform %} -

    Algorithme de fingerprint ssh

    - {% bootstrap_form sshfpralgoform %} - {% endif %} {% bootstrap_button action_name button_type="submit" icon="star" %}

    diff --git a/machines/templates/machines/sidebar.html b/machines/templates/machines/sidebar.html index 0b272b0a..f897c3a4 100644 --- a/machines/templates/machines/sidebar.html +++ b/machines/templates/machines/sidebar.html @@ -47,7 +47,7 @@ with this program; if not, write to the Free Software Foundation, Inc., {% can_view_all SshFprAlgo %} - Algo de fingerprint ssh + SSH fingerprint algorithm {% acl_end %} {% can_view_all IpType %} diff --git a/machines/views.py b/machines/views.py index 1c443980..baba6613 100644 --- a/machines/views.py +++ b/machines/views.py @@ -468,7 +468,7 @@ def del_ipv6list(request, ipv6list, **_kwargs): @can_create(SshFingerprint) @can_edit(Machine) def new_sshfingerprint(request, machine, **_kwargs): - """Nouvelle sshfingerprint""" + """Creates an SSH fingerprint""" sshfingerprint_instance = SshFingerprint(machine=machine) sshfingerprint = SshFingerprintForm( request.POST or None, @@ -476,13 +476,13 @@ def new_sshfingerprint(request, machine, **_kwargs): ) if sshfingerprint.is_valid(): sshfingerprint.save() - messages.success(request, "Fingerprint ssh ajoutée") + messages.success(request, "The SSH fingerprint was added") return redirect(reverse( 'machines:index-sshfingerprint', kwargs={'machineid': str(machine.id)} )) return form( - {'sshfingerprintform': sshfingerprint, 'action_name': 'Créer'}, + {'sshfingerprintform': sshfingerprint, 'action_name': 'Create'}, 'machines/machine.html', request ) @@ -491,7 +491,7 @@ def new_sshfingerprint(request, machine, **_kwargs): @login_required @can_edit(SshFingerprint) def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs): - """Edition d'une sshfingerprint""" + """Edits an SSH fingerprint""" sshfingerprint = SshFingerprintForm( request.POST or None, instance=sshfingerprint_instance @@ -499,13 +499,13 @@ def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs): if sshfingerprint.is_valid(): if sshfingerprint.changed_data: sshfingerprint.save() - messages.success(request, "Ssh fingerprint modifiée") + messages.success(request, "The SSH fingerprint was edited") return redirect(reverse( 'machines:index-sshfingerprint', kwargs={'machineid': str(sshfingerprint_instance.machine.id)} )) return form( - {'sshfingerprintform': sshfingerprint, 'action_name': 'Editer'}, + {'sshfingerprintform': sshfingerprint, 'action_name': 'Edit'}, 'machines/machine.html', request ) @@ -514,11 +514,11 @@ def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs): @login_required @can_delete(SshFingerprint) def del_sshfingerprint(request, sshfingerprint, **_kwargs): - """ Supprime une sshfingerprint""" + """Deletes an SSH fingerprint""" if request.method == "POST": machineid = sshfingerprint.machine.id sshfingerprint.delete() - messages.success(request, "La sshfingerprint a été détruite") + messages.success(request, "The SSH fingerprint was deleted") return redirect(reverse( 'machines:index-sshfingerprint', kwargs={'machineid': str(machineid)} @@ -533,18 +533,18 @@ def del_sshfingerprint(request, sshfingerprint, **_kwargs): @login_required @can_create(SshFprAlgo) def new_sshfpralgo(request, **_kwargs): - """Nouvelle sshfpralgo""" + """Creates an SSH fingeprint algorithm""" sshfpralgo = SshFprAlgoForm( request.POST or None, ) if sshfpralgo.is_valid(): sshfpralgo.save() - messages.success(request, "Algo Fingerprint ssh ajouté") + messages.success(request, "The SSH fingerprint algorithm was added") return redirect(reverse( 'machines:index-sshfpralgo' )) return form( - {'sshfpralgoform': sshfpralgo, 'action_name': 'Créer'}, + {'sshfpralgoform': sshfpralgo, 'action_name': 'Create'}, 'machines/machine.html', request ) @@ -553,7 +553,7 @@ def new_sshfpralgo(request, **_kwargs): @login_required @can_edit(SshFprAlgo) def edit_sshfpralgo(request, sshfpralgo_instance, **_kwargs): - """Edition d'une sshfpralgo""" + """Edits an SSH fingerprint algorithm""" sshfpralgo = SshFprAlgoForm( request.POST or None, instance=sshfpralgo_instance @@ -561,12 +561,12 @@ def edit_sshfpralgo(request, sshfpralgo_instance, **_kwargs): if sshfpralgo.is_valid(): if sshfpralgo.changed_data: sshfpralgo.save() - messages.success(request, "Algo de sshfp modifiée") + messages.success(request, "The SSH fingerprint algorithm was edited") return redirect(reverse( 'machines:index-sshfpralgo' )) return form( - {'sshfpralgoform': sshfpralgo, 'action_name': 'Editer'}, + {'sshfpralgoform': sshfpralgo, 'action_name': 'Edit'}, 'machines/machine.html', request ) @@ -575,16 +575,16 @@ def edit_sshfpralgo(request, sshfpralgo_instance, **_kwargs): @login_required @can_delete(SshFprAlgo) def del_sshfpralgo(request, sshfpralgo, **_kwargs): - """ Supprime une sshfpralgo""" + """Deletes an SSH fingerprint algorithm""" if request.method == "POST": try: sshfpralgo.delete() - messages.success(request, "La sshfpralgo a été détruite") + messages.success(request, "The SSH fingerprint algorithm was deleted") except ProtectedError: messages.error( request, - ("L'algo est affectée à au moins une fingerprint ssh, " - "vous ne pouvez pas le supprimer") + ("This SSH fingerprint algorithm is used by at least one SSH" + "fingerprint and thus can not be deleted.") ) return redirect(reverse( 'machines:index-sshfpralgo' @@ -1524,9 +1524,9 @@ def index_alias(request, interface, interfaceid): @login_required -@can_edit(Machine) +@can_view_all(Machine) def index_sshfingerprint(request, machine, machineid): - """ View used to display the list of existing IPv6 of an interface """ + """View used to display the list of existing SSH fingerprint of a machine""" sshfingerprint_list = SshFingerprint.objects.filter(machine=machine) return render( request, @@ -1538,7 +1538,7 @@ def index_sshfingerprint(request, machine, machineid): @login_required @can_view_all(SshFprAlgo) def index_sshfpralgo(request): - """ View used to display the list of existing sshfrpalgo""" + """View used to display the list of existing SSH fingerprint algorithm""" sshfpralgo_list = SshFprAlgo.objects.all() return render( request, From eac49338533ef4d8b8b2b230fc4da31d757f1b05 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sat, 28 Jul 2018 12:38:37 +0200 Subject: [PATCH 06/12] Application des migrations dans le bon ordre --- .../migrations/0084_auto_20180623_1651.py | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/machines/migrations/0084_auto_20180623_1651.py b/machines/migrations/0084_auto_20180623_1651.py index 04ab125e..f042b7f8 100644 --- a/machines/migrations/0084_auto_20180623_1651.py +++ b/machines/migrations/0084_auto_20180623_1651.py @@ -14,6 +14,19 @@ class Migration(migrations.Migration): ] operations = [ + migrations.CreateModel( + name='SshFprAlgo', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('name', models.CharField(max_length=256)), + ], + options={ + 'permissions': (('view_sshfpralgo', 'Can see an SSH fingerprint algorithm'),), + 'verbose_name': 'SSH fingerprint algorithm', + 'verbose_name_plural': 'SSH fingerprint algorithms' + }, + bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), + ), migrations.CreateModel( name='SshFingerprint', fields=[ @@ -30,17 +43,4 @@ class Migration(migrations.Migration): }, bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), ), - migrations.CreateModel( - name='SshFprAlgo', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('name', models.CharField(max_length=256)), - ], - options={ - 'permissions': (('view_sshfpralgo', 'Can see an SSH fingerprint algorithm'),), - 'verbose_name': 'SSH fingerprint algorithm', - 'verbose_name_plural': 'SSH fingerprint algorithms' - }, - bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), - ), ] From ce0b67209f3d33325c00323901ea8b97661a8007 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 29 Jul 2018 13:40:49 +0200 Subject: [PATCH 07/12] =?UTF-8?q?Les=20algo=20sont=20fix=C3=A9s=20par=20RF?= =?UTF-8?q?C;=20simplification?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machines/admin.py | 7 -- machines/forms.py | 16 ---- .../migrations/0084_auto_20180623_1651.py | 46 ---------- machines/models.py | 32 ++++--- .../templates/machines/aff_sshfpralgo.html | 47 ----------- .../templates/machines/index_sshfpralgo.html | 38 --------- machines/templates/machines/sidebar.html | 6 -- machines/urls.py | 12 --- machines/views.py | 83 +------------------ 9 files changed, 16 insertions(+), 271 deletions(-) delete mode 100644 machines/migrations/0084_auto_20180623_1651.py delete mode 100644 machines/templates/machines/aff_sshfpralgo.html delete mode 100644 machines/templates/machines/index_sshfpralgo.html diff --git a/machines/admin.py b/machines/admin.py index 168d84a3..11da2da3 100644 --- a/machines/admin.py +++ b/machines/admin.py @@ -45,7 +45,6 @@ from .models import ( Ipv6List, OuverturePortList, SshFingerprint, - SshFprAlgo, ) @@ -143,11 +142,6 @@ class ServiceAdmin(VersionAdmin): list_display = ('service_type', 'min_time_regen', 'regular_time_regen') -class SshFprAlgoAdmin(VersionAdmin): - """ Admin view of a SshFprAlgo object """ - pass - - class SshFingerprintAdmin(VersionAdmin): """ Admin view of a SshFprAlgo object """ pass @@ -171,5 +165,4 @@ admin.site.register(Ipv6List, Ipv6ListAdmin) admin.site.register(Nas, NasAdmin) admin.site.register(OuverturePort, OuverturePortAdmin) admin.site.register(OuverturePortList, OuverturePortListAdmin) -admin.site.register(SshFprAlgo, SshFprAlgoAdmin) admin.site.register(SshFingerprint, SshFingerprintAdmin) diff --git a/machines/forms.py b/machines/forms.py index e9086ef8..79a2e2c6 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -61,7 +61,6 @@ from .models import ( OuverturePortList, Ipv6List, SshFingerprint, - SshFprAlgo ) @@ -612,18 +611,3 @@ class SshFingerprintForm(FormRevMixin, ModelForm): prefix=prefix, **kwargs ) - - -class SshFprAlgoForm(FormRevMixin, ModelForm): - """Edits a SSH fingerprint algorithm.""" - class Meta: - model = SshFprAlgo - fields = '__all__' - - def __init__(self, *args, **kwargs): - prefix = kwargs.pop('prefix', self.Meta.model.__name__) - super(SshFprAlgoForm, self).__init__( - *args, - prefix=prefix, - **kwargs - ) diff --git a/machines/migrations/0084_auto_20180623_1651.py b/machines/migrations/0084_auto_20180623_1651.py deleted file mode 100644 index f042b7f8..00000000 --- a/machines/migrations/0084_auto_20180623_1651.py +++ /dev/null @@ -1,46 +0,0 @@ -# -*- coding: utf-8 -*- -# Generated by Django 1.10.7 on 2018-06-23 14:51 -from __future__ import unicode_literals - -from django.db import migrations, models -import django.db.models.deletion -import re2o.mixins - - -class Migration(migrations.Migration): - - dependencies = [ - ('machines', '0083_remove_duplicate_rights'), - ] - - operations = [ - migrations.CreateModel( - name='SshFprAlgo', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('name', models.CharField(max_length=256)), - ], - options={ - 'permissions': (('view_sshfpralgo', 'Can see an SSH fingerprint algorithm'),), - 'verbose_name': 'SSH fingerprint algorithm', - 'verbose_name_plural': 'SSH fingerprint algorithms' - }, - bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), - ), - migrations.CreateModel( - name='SshFingerprint', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)), - ('comment', models.CharField(blank=True, help_text='Comment', max_length=255, null=True)), - ('algo', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='machines.SshFprAlgo')), - ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')), - ], - options={ - 'permissions': (('view_sshfingerprint', 'Can see an SSH fingerprint'),), - 'verbose_name': 'SSH fingerprint', - 'verbose_name_plural': 'SSH fingerprints' - }, - bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), - ), - ] diff --git a/machines/models.py b/machines/models.py index 6101cffc..66a2a03a 100644 --- a/machines/models.py +++ b/machines/models.py @@ -200,16 +200,27 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): def __str__(self): return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) + class SshFingerprint(RevMixin, AclMixin, models.Model): """A fingerpirnt of an SSH public key""" + + ALGO = ( + ("ssh-rsa", "ssh-rsa"), + ("ssh-ed25519", "ssh-ed25519"), + ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"), + ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"), + ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), + ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), + ) + machine = models.ForeignKey('Machine', on_delete=models.CASCADE) pub_key_entry = models.TextField( help_text="SSH public key", max_length=2048 ) - algo = models.ForeignKey( - 'SshFprAlgo', - on_delete=models.PROTECT + algo = models.CharField( + choices=ALGO, + max_length=32 ) comment = models.CharField( help_text="Comment", @@ -238,21 +249,6 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): return str(self.algo) + ' ' + str(self.hash_entry) + ' ' + str(self.comment) -class SshFprAlgo(RevMixin, AclMixin, models.Model): - """An algorithm to compute SSH fingerprints""" - name = models.CharField(max_length=256) - - class Meta: - permissions = ( - ("view_sshfpralgo", "Can see an SSH fingerprint algorithm"), - ) - verbose_name = "SSH fingerprint algorithm" - verbose_name_plural = "SSH fingerprint algorithms" - - def __str__(self): - return str(self.name) - - class MachineType(RevMixin, AclMixin, models.Model): """ Type de machine, relié à un type d'ip, affecté aux interfaces""" PRETTY_NAME = "Type de machine" diff --git a/machines/templates/machines/aff_sshfpralgo.html b/machines/templates/machines/aff_sshfpralgo.html deleted file mode 100644 index 902191ff..00000000 --- a/machines/templates/machines/aff_sshfpralgo.html +++ /dev/null @@ -1,47 +0,0 @@ -{% comment %} -Re2o est un logiciel d'administration développé initiallement au rezometz. Il -se veut agnostique au réseau considéré, de manière à être installable en -quelques clics. - -Copyright © 2018 Gabriel Détraz - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -{% endcomment %} - -{% load acl %} -{% load logs_extra %} - - - - - - - - - {% for sshfpralgo in sshfpralgo_list %} - - - - - {% endfor %} -
    Algorithm name
    {{ sshfpralgo.name }} - {% can_edit sshfpralgo %} - {% include 'buttons/edit.html' with href='machines:edit-sshfpralgo' id=sshfpralgo.id %} - {% acl_end %} - {% can_delete sshfpralgo %} - {% include 'buttons/suppr.html' with href='machines:del-sshfpralgo' id=sshfpralgo.id %} - {% acl_end %} - {% history_button sshfpralgo %} -
    diff --git a/machines/templates/machines/index_sshfpralgo.html b/machines/templates/machines/index_sshfpralgo.html deleted file mode 100644 index 1bf50635..00000000 --- a/machines/templates/machines/index_sshfpralgo.html +++ /dev/null @@ -1,38 +0,0 @@ -{% extends "machines/sidebar.html" %} -{% comment %} -Re2o est un logiciel d'administration développé initiallement au rezometz. Il -se veut agnostique au réseau considéré, de manière à être installable en -quelques clics. - -Copyright © 2018 Gabriel Détraz - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -{% endcomment %} - -{% load bootstrap3 %} -{% load acl %} - -{% block title %}Machines{% endblock %} - -{% block content %} -

    SSH fingerprint algorithms

    -{% can_create SshFprAlgo %} - - Add an SSH fingerprint algorithm - -{% acl_end %} -{% include "machines/aff_sshfpralgo.html" with sshfpralgo_list=sshfpralgo_list %} -{% endblock %} - diff --git a/machines/templates/machines/sidebar.html b/machines/templates/machines/sidebar.html index f897c3a4..5a0f975d 100644 --- a/machines/templates/machines/sidebar.html +++ b/machines/templates/machines/sidebar.html @@ -44,12 +44,6 @@ with this program; if not, write to the Free Software Foundation, Inc., Extensions et zones {% acl_end %} - {% can_view_all SshFprAlgo %} - - - SSH fingerprint algorithm - - {% acl_end %} {% can_view_all IpType %} diff --git a/machines/urls.py b/machines/urls.py index 41c0d81c..8f58373a 100644 --- a/machines/urls.py +++ b/machines/urls.py @@ -119,18 +119,6 @@ urlpatterns = [ url(r'^index_sshfingerprint/(?P[0-9]+)$', views.index_sshfingerprint, name='index-sshfingerprint'), - url(r'^new_sshfpralgo/$', - views.new_sshfpralgo, - name='new-sshfpralgo'), - url(r'^edit_sshfpralgo/(?P[0-9]+)$', - views.edit_sshfpralgo, - name='edit-sshfpralgo'), - url(r'^del_sshfpralgo/(?P[0-9]+)$', - views.del_sshfpralgo, - name='del-sshfpralgo'), - url(r'^index_sshfpralgo/$', - views.index_sshfpralgo, - name='index-sshfpralgo'), url(r'^add_service/$', views.add_service, name='add-service'), url(r'^edit_service/(?P[0-9]+)$', views.edit_service, diff --git a/machines/views.py b/machines/views.py index baba6613..8e99c45e 100644 --- a/machines/views.py +++ b/machines/views.py @@ -54,6 +54,7 @@ from re2o.utils import ( from re2o.acl import ( can_create, can_edit, + can_view, can_delete, can_view_all, can_delete_set, @@ -110,7 +111,6 @@ from .forms import ( EditOuverturePortListForm, EditOuverturePortConfigForm, SshFingerprintForm, - SshFprAlgoForm, ) from .models import ( IpType, @@ -133,7 +133,6 @@ from .models import ( OuverturePort, Ipv6List, SshFingerprint, - SshFprAlgo, ) @@ -530,72 +529,6 @@ def del_sshfingerprint(request, sshfingerprint, **_kwargs): ) -@login_required -@can_create(SshFprAlgo) -def new_sshfpralgo(request, **_kwargs): - """Creates an SSH fingeprint algorithm""" - sshfpralgo = SshFprAlgoForm( - request.POST or None, - ) - if sshfpralgo.is_valid(): - sshfpralgo.save() - messages.success(request, "The SSH fingerprint algorithm was added") - return redirect(reverse( - 'machines:index-sshfpralgo' - )) - return form( - {'sshfpralgoform': sshfpralgo, 'action_name': 'Create'}, - 'machines/machine.html', - request - ) - - -@login_required -@can_edit(SshFprAlgo) -def edit_sshfpralgo(request, sshfpralgo_instance, **_kwargs): - """Edits an SSH fingerprint algorithm""" - sshfpralgo = SshFprAlgoForm( - request.POST or None, - instance=sshfpralgo_instance - ) - if sshfpralgo.is_valid(): - if sshfpralgo.changed_data: - sshfpralgo.save() - messages.success(request, "The SSH fingerprint algorithm was edited") - return redirect(reverse( - 'machines:index-sshfpralgo' - )) - return form( - {'sshfpralgoform': sshfpralgo, 'action_name': 'Edit'}, - 'machines/machine.html', - request - ) - - -@login_required -@can_delete(SshFprAlgo) -def del_sshfpralgo(request, sshfpralgo, **_kwargs): - """Deletes an SSH fingerprint algorithm""" - if request.method == "POST": - try: - sshfpralgo.delete() - messages.success(request, "The SSH fingerprint algorithm was deleted") - except ProtectedError: - messages.error( - request, - ("This SSH fingerprint algorithm is used by at least one SSH" - "fingerprint and thus can not be deleted.") - ) - return redirect(reverse( - 'machines:index-sshfpralgo' - )) - return form( - {'objet': sshfpralgo, 'objet_name': 'sshfpralgo'}, - 'machines/delete.html', - request - ) - - @login_required @can_create(IpType) def add_iptype(request): @@ -1524,7 +1457,7 @@ def index_alias(request, interface, interfaceid): @login_required -@can_view_all(Machine) +@can_view(Machine) def index_sshfingerprint(request, machine, machineid): """View used to display the list of existing SSH fingerprint of a machine""" sshfingerprint_list = SshFingerprint.objects.filter(machine=machine) @@ -1535,18 +1468,6 @@ def index_sshfingerprint(request, machine, machineid): ) -@login_required -@can_view_all(SshFprAlgo) -def index_sshfpralgo(request): - """View used to display the list of existing SSH fingerprint algorithm""" - sshfpralgo_list = SshFprAlgo.objects.all() - return render( - request, - 'machines/index_sshfpralgo.html', - {'sshfpralgo_list': sshfpralgo_list} - ) - - @login_required @can_view_all(Interface) def index_ipv6(request, interface, interfaceid): From fe50f23ea1254255d5b39355a82fa1d3194066b6 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 29 Jul 2018 13:46:52 +0200 Subject: [PATCH 08/12] Calcul des hash; simplification et migration pour sshfpr --- machines/migrations/0084_sshfingerprint.py | 33 ++++++++++++++++++++++ machines/models.py | 29 ++++++++++++++++++- 2 files changed, 61 insertions(+), 1 deletion(-) create mode 100644 machines/migrations/0084_sshfingerprint.py diff --git a/machines/migrations/0084_sshfingerprint.py b/machines/migrations/0084_sshfingerprint.py new file mode 100644 index 00000000..7e59734f --- /dev/null +++ b/machines/migrations/0084_sshfingerprint.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2018-07-29 11:39 +from __future__ import unicode_literals + +from django.db import migrations, models +import django.db.models.deletion +import re2o.mixins + + +class Migration(migrations.Migration): + + dependencies = [ + ('machines', '0083_remove_duplicate_rights'), + ] + + operations = [ + migrations.CreateModel( + name='SshFingerprint', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)), + ('algo', models.CharField(choices=[('ssh-rsa', 'ssh-rsa'), ('ssh-ed25519', 'ssh-ed25519'), ('ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp256'), ('ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp384'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521')], max_length=32)), + ('comment', models.CharField(blank=True, help_text='Comment', max_length=255, null=True)), + ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')), + ], + options={ + 'verbose_name': 'SSH fingerprint', + 'verbose_name_plural': 'SSH fingerprints', + 'permissions': (('view_sshfingerprint', 'Can see an SSH fingerprint'),), + }, + bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), + ), + ] diff --git a/machines/models.py b/machines/models.py index 66a2a03a..5dd75fb2 100644 --- a/machines/models.py +++ b/machines/models.py @@ -32,6 +32,8 @@ import re from ipaddress import IPv6Address from itertools import chain from netaddr import mac_bare, EUI, IPSet, IPRange, IPNetwork, IPAddress +import hashlib +import base64 from django.db import models from django.db.models.signals import post_save, post_delete @@ -229,6 +231,25 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): blank=True ) + @cached_property + def algo_id(self): + """Return the id of the algorithme for this key""" + if "ecdsa" in self.algo: + return 3 + elif "rsa" in self.algo: + return 1 + else: + return 2 + + @cached_property + def hash(self): + """Return the hashs for the pub key with correct id + cf RFC, 1 is sha1 , 2 sha256""" + return { + "1" : hashlib.sha1(base64.b64decode(self.pub_key_entry)).hexdigest(), + "2" : hashlib.sha256(base64.b64decode(self.pub_key_entry)).hexdigest(), + } + class Meta: permissions = ( ("view_sshfingerprint", "Can see an SSH fingerprint"), @@ -246,7 +267,7 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): return self.machine.can_delete(user_request, *args, **kwargs) def __str__(self): - return str(self.algo) + ' ' + str(self.hash_entry) + ' ' + str(self.comment) + return str(self.algo) + ' ' + str(self.comment) class MachineType(RevMixin, AclMixin, models.Model): @@ -611,6 +632,12 @@ class Extension(RevMixin, AclMixin, models.Model): entry += "@ IN AAAA " + str(self.origin_v6) return entry + def get_associated_sshfpr(self): + from re2o.utils import all_active_assigned_interfaces + return (all_active_assigned_interfaces() + .filter(type__ip_type__extension=self) + .filter(machine)) + def get_associated_a_records(self): from re2o.utils import all_active_assigned_interfaces return (all_active_assigned_interfaces() From 86d80521c092a51e584c71c187cd0be3d62407df Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 29 Jul 2018 17:03:51 +0200 Subject: [PATCH 09/12] Exposition des sshfpr via api rest --- api/serializers.py | 18 +++++++++++++++++- machines/models.py | 4 +++- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/api/serializers.py b/api/serializers.py index bff1bd9c..51afd468 100644 --- a/api/serializers.py +++ b/api/serializers.py @@ -716,6 +716,21 @@ class CNAMERecordSerializer(serializers.ModelSerializer): fields = ('alias', 'hostname', 'extension') +class SSHFPRRecordSerializer(serializers.ModelSerializer): + class Meta: + model = machines.SshFingerprint + fields = ('algo_id', 'hash') + + +class SSHFPRInterfaceSerializer(serializers.ModelSerializer): + hostname = serializers.CharField(source='domain.name', read_only=True) + sshfpr = SSHFPRRecordSerializer(source='machine.sshfingerprint_set', many=True, read_only=True) + + class Meta: + model = machines.Interface + fields = ('hostname', 'sshfpr') + + class DNSZonesSerializer(serializers.ModelSerializer): """Serialize the data about DNS Zones. """ @@ -729,12 +744,13 @@ class DNSZonesSerializer(serializers.ModelSerializer): a_records = ARecordSerializer(many=True, source='get_associated_a_records') aaaa_records = AAAARecordSerializer(many=True, source='get_associated_aaaa_records') cname_records = CNAMERecordSerializer(many=True, source='get_associated_cname_records') + sshfpr_records = SSHFPRInterfaceSerializer(many=True, source='get_associated_sshfpr') class Meta: model = machines.Extension fields = ('name', 'soa', 'ns_records', 'originv4', 'originv6', 'mx_records', 'txt_records', 'srv_records', 'a_records', - 'aaaa_records', 'cname_records') + 'aaaa_records', 'cname_records', 'sshfpr_records') # MAILING diff --git a/machines/models.py b/machines/models.py index 5dd75fb2..ca8e8c1b 100644 --- a/machines/models.py +++ b/machines/models.py @@ -636,7 +636,9 @@ class Extension(RevMixin, AclMixin, models.Model): from re2o.utils import all_active_assigned_interfaces return (all_active_assigned_interfaces() .filter(type__ip_type__extension=self) - .filter(machine)) + .filter( + machine__id__in=SshFingerprint.objects.values('machine') + )) def get_associated_a_records(self): from re2o.utils import all_active_assigned_interfaces From 9b6d00ceebd6eff4eaec7a508185292a09019ef7 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 29 Jul 2018 17:32:59 +0200 Subject: [PATCH 10/12] =?UTF-8?q?Fix=20entr=C3=A9e=20en=20double?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- machines/migrations/0084_sshfingerprint.py | 2 +- machines/models.py | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/machines/migrations/0084_sshfingerprint.py b/machines/migrations/0084_sshfingerprint.py index 7e59734f..e5e8861d 100644 --- a/machines/migrations/0084_sshfingerprint.py +++ b/machines/migrations/0084_sshfingerprint.py @@ -19,7 +19,7 @@ class Migration(migrations.Migration): fields=[ ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)), - ('algo', models.CharField(choices=[('ssh-rsa', 'ssh-rsa'), ('ssh-ed25519', 'ssh-ed25519'), ('ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp256'), ('ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp384'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521')], max_length=32)), + ('algo', models.CharField(choices=[('ssh-rsa', 'ssh-rsa'), ('ssh-ed25519', 'ssh-ed25519'), ('ecdsa-sha2-nistp256', 'ecdsa-sha2-nistp256'), ('ecdsa-sha2-nistp384', 'ecdsa-sha2-nistp384'), ('ecdsa-sha2-nistp521', 'ecdsa-sha2-nistp521')], max_length=32)), ('comment', models.CharField(blank=True, help_text='Comment', max_length=255, null=True)), ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')), ], diff --git a/machines/models.py b/machines/models.py index ca8e8c1b..2b85efd8 100644 --- a/machines/models.py +++ b/machines/models.py @@ -212,7 +212,6 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"), ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"), ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), - ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), ) machine = models.ForeignKey('Machine', on_delete=models.CASCADE) From 562d116c29a39c730c5e94a3a42a604ea4ce6977 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Sun, 29 Jul 2018 17:33:25 +0200 Subject: [PATCH 11/12] Renomme 88 en 85 --- machines/migrations/{0088_dname.py => 0085_dname.py} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename machines/migrations/{0088_dname.py => 0085_dname.py} (94%) diff --git a/machines/migrations/0088_dname.py b/machines/migrations/0085_dname.py similarity index 94% rename from machines/migrations/0088_dname.py rename to machines/migrations/0085_dname.py index 4cbeb492..86a9dc2d 100644 --- a/machines/migrations/0088_dname.py +++ b/machines/migrations/0085_dname.py @@ -10,7 +10,7 @@ import re2o.mixins class Migration(migrations.Migration): dependencies = [ - ('machines', '0083_remove_duplicate_rights'), + ('machines', '0084_sshfingerprint'), ] operations = [ From e2c0271bf2a8f6e3b704b015f9bd97d41f715246 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ma=C3=ABl=20Kervella?= Date: Sun, 29 Jul 2018 17:07:40 +0000 Subject: [PATCH 12/12] Use the record label as for other DNS records --- api/serializers.py | 46 +++--- api/urls.py | 1 + api/views.py | 7 + machines/admin.py | 13 +- machines/forms.py | 10 +- .../{0085_dname.py => 0084_dname.py} | 2 +- ...hfingerprint.py => 0085_sshfingerprint.py} | 10 +- machines/models.py | 139 +++++++++--------- machines/templates/machines/aff_machines.html | 4 +- ...aff_sshfingerprint.html => aff_sshfp.html} | 18 +-- ...x_sshfingerprint.html => index_sshfp.html} | 6 +- machines/templates/machines/machine.html | 21 +-- machines/urls.py | 24 +-- machines/views.py | 77 +++++----- 14 files changed, 196 insertions(+), 182 deletions(-) rename machines/migrations/{0085_dname.py => 0084_dname.py} (94%) rename machines/migrations/{0084_sshfingerprint.py => 0085_sshfingerprint.py} (80%) rename machines/templates/machines/{aff_sshfingerprint.html => aff_sshfp.html} (79%) rename machines/templates/machines/{index_sshfingerprint.html => index_sshfp.html} (87%) diff --git a/api/serializers.py b/api/serializers.py index 51afd468..c8cdffd9 100644 --- a/api/serializers.py +++ b/api/serializers.py @@ -222,6 +222,13 @@ class SrvSerializer(NamespacedHMSerializer): fields = ('service', 'protocole', 'extension', 'ttl', 'priority', 'weight', 'port', 'target', 'api_url') +class SshFpSerializer(NamespacedHMSerializer): + """Serialize `machines.models.SSHFP` objects. + """ + class Meta: + model = machines.SshFp + field = ('machine', 'pub_key_entry', 'algo', 'comment', 'api_url') + class InterfaceSerializer(NamespacedHMSerializer): """Serialize `machines.models.Interface` objects. @@ -679,6 +686,26 @@ class SRVRecordSerializer(SrvSerializer): fields = ('service', 'protocole', 'ttl', 'priority', 'weight', 'port', 'target') +class SSHFPRecordSerializer(SshFpSerializer): + """Serialize `machines.models.SshFp` objects with the data needed to + generate a SSHFP DNS record. + """ + class Meta(SshFpSerializer.Meta): + fields = ('algo_id', 'hash') + + +class SSHFPInterfaceSerializer(serializers.ModelSerializer): + """Serialize `machines.models.Domain` objects with the data needed to + generate a CNAME DNS record. + """ + hostname = serializers.CharField(source='domain.name', read_only=True) + sshfp = SSHFPRecordSerializer(source='machine.sshfp_set', many=True, read_only=True) + + class Meta: + model = machines.Interface + fields = ('hostname', 'sshfp') + + class ARecordSerializer(serializers.ModelSerializer): """Serialize `machines.models.Interface` objects with the data needed to generate a A DNS record. @@ -716,21 +743,6 @@ class CNAMERecordSerializer(serializers.ModelSerializer): fields = ('alias', 'hostname', 'extension') -class SSHFPRRecordSerializer(serializers.ModelSerializer): - class Meta: - model = machines.SshFingerprint - fields = ('algo_id', 'hash') - - -class SSHFPRInterfaceSerializer(serializers.ModelSerializer): - hostname = serializers.CharField(source='domain.name', read_only=True) - sshfpr = SSHFPRRecordSerializer(source='machine.sshfingerprint_set', many=True, read_only=True) - - class Meta: - model = machines.Interface - fields = ('hostname', 'sshfpr') - - class DNSZonesSerializer(serializers.ModelSerializer): """Serialize the data about DNS Zones. """ @@ -744,13 +756,13 @@ class DNSZonesSerializer(serializers.ModelSerializer): a_records = ARecordSerializer(many=True, source='get_associated_a_records') aaaa_records = AAAARecordSerializer(many=True, source='get_associated_aaaa_records') cname_records = CNAMERecordSerializer(many=True, source='get_associated_cname_records') - sshfpr_records = SSHFPRInterfaceSerializer(many=True, source='get_associated_sshfpr') + sshfp_records = SSHFPInterfaceSerializer(many=True, source='get_associated_sshfp_records') class Meta: model = machines.Extension fields = ('name', 'soa', 'ns_records', 'originv4', 'originv6', 'mx_records', 'txt_records', 'srv_records', 'a_records', - 'aaaa_records', 'cname_records', 'sshfpr_records') + 'aaaa_records', 'cname_records', 'sshfp_records') # MAILING diff --git a/api/urls.py b/api/urls.py index 2947850e..67302789 100644 --- a/api/urls.py +++ b/api/urls.py @@ -54,6 +54,7 @@ router.register_viewset(r'machines/ns', views.NsViewSet) router.register_viewset(r'machines/txt', views.TxtViewSet) router.register_viewset(r'machines/dname', views.DNameViewSet) router.register_viewset(r'machines/srv', views.SrvViewSet) +router.register_viewset(r'machines/sshfp', views.SshFpViewSet) router.register_viewset(r'machines/interface', views.InterfaceViewSet) router.register_viewset(r'machines/ipv6list', views.Ipv6ListViewSet) router.register_viewset(r'machines/domain', views.DomainViewSet) diff --git a/api/views.py b/api/views.py index 45e083cc..7b01b0c3 100644 --- a/api/views.py +++ b/api/views.py @@ -177,6 +177,13 @@ class SrvViewSet(viewsets.ReadOnlyModelViewSet): serializer_class = serializers.SrvSerializer +class SshFpViewSet(viewsets.ReadOnlyModelViewSet): + """Exposes list and details of `machines.models.SshFp` objects. + """ + queryset = machines.SshFp.objects.all() + serializer_class = serializers.SshFpSerializer + + class InterfaceViewSet(viewsets.ReadOnlyModelViewSet): """Exposes list and details of `machines.models.Interface` objects. """ diff --git a/machines/admin.py b/machines/admin.py index 11da2da3..26d7a6a3 100644 --- a/machines/admin.py +++ b/machines/admin.py @@ -39,12 +39,12 @@ from .models import ( Txt, DName, Srv, + SshFp, Nas, Service, OuverturePort, Ipv6List, OuverturePortList, - SshFingerprint, ) @@ -107,6 +107,11 @@ class SrvAdmin(VersionAdmin): pass +class SshFpAdmin(VersionAdmin): + """ Admin view of a SSHFP object """ + pass + + class NasAdmin(VersionAdmin): """ Admin view of a Nas object """ pass @@ -142,10 +147,6 @@ class ServiceAdmin(VersionAdmin): list_display = ('service_type', 'min_time_regen', 'regular_time_regen') -class SshFingerprintAdmin(VersionAdmin): - """ Admin view of a SshFprAlgo object """ - pass - admin.site.register(Machine, MachineAdmin) admin.site.register(MachineType, MachineTypeAdmin) admin.site.register(IpType, IpTypeAdmin) @@ -156,6 +157,7 @@ admin.site.register(Ns, NsAdmin) admin.site.register(Txt, TxtAdmin) admin.site.register(DName, DNameAdmin) admin.site.register(Srv, SrvAdmin) +admin.site.register(SshFp, SshFpAdmin) admin.site.register(IpList, IpListAdmin) admin.site.register(Interface, InterfaceAdmin) admin.site.register(Domain, DomainAdmin) @@ -165,4 +167,3 @@ admin.site.register(Ipv6List, Ipv6ListAdmin) admin.site.register(Nas, NasAdmin) admin.site.register(OuverturePort, OuverturePortAdmin) admin.site.register(OuverturePortList, OuverturePortListAdmin) -admin.site.register(SshFingerprint, SshFingerprintAdmin) diff --git a/machines/forms.py b/machines/forms.py index 79a2e2c6..23c2aa39 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -56,11 +56,11 @@ from .models import ( Service, Vlan, Srv, + SshFp, Nas, IpType, OuverturePortList, Ipv6List, - SshFingerprint, ) @@ -598,15 +598,15 @@ class EditOuverturePortListForm(FormRevMixin, ModelForm): ) -class SshFingerprintForm(FormRevMixin, ModelForm): - """Edits a SSH fingerprint.""" +class SshFpForm(FormRevMixin, ModelForm): + """Edits a SSHFP record.""" class Meta: - model = SshFingerprint + model = SshFp exclude = ('machine',) def __init__(self, *args, **kwargs): prefix = kwargs.pop('prefix', self.Meta.model.__name__) - super(SshFingerprintForm, self).__init__( + super(SshFpForm, self).__init__( *args, prefix=prefix, **kwargs diff --git a/machines/migrations/0085_dname.py b/machines/migrations/0084_dname.py similarity index 94% rename from machines/migrations/0085_dname.py rename to machines/migrations/0084_dname.py index 86a9dc2d..4cbeb492 100644 --- a/machines/migrations/0085_dname.py +++ b/machines/migrations/0084_dname.py @@ -10,7 +10,7 @@ import re2o.mixins class Migration(migrations.Migration): dependencies = [ - ('machines', '0084_sshfingerprint'), + ('machines', '0083_remove_duplicate_rights'), ] operations = [ diff --git a/machines/migrations/0084_sshfingerprint.py b/machines/migrations/0085_sshfingerprint.py similarity index 80% rename from machines/migrations/0084_sshfingerprint.py rename to machines/migrations/0085_sshfingerprint.py index e5e8861d..47f11d07 100644 --- a/machines/migrations/0084_sshfingerprint.py +++ b/machines/migrations/0085_sshfingerprint.py @@ -10,12 +10,12 @@ import re2o.mixins class Migration(migrations.Migration): dependencies = [ - ('machines', '0083_remove_duplicate_rights'), + ('machines', '0084_dname'), ] operations = [ migrations.CreateModel( - name='SshFingerprint', + name='SshFp', fields=[ ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)), @@ -24,9 +24,9 @@ class Migration(migrations.Migration): ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')), ], options={ - 'verbose_name': 'SSH fingerprint', - 'verbose_name_plural': 'SSH fingerprints', - 'permissions': (('view_sshfingerprint', 'Can see an SSH fingerprint'),), + 'verbose_name': 'SSHFP record', + 'verbose_name_plural': 'SSHFP records', + 'permissions': (('view_sshfp', 'Can see an SSHFP record'),), }, bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), ), diff --git a/machines/models.py b/machines/models.py index 2b85efd8..7be76e74 100644 --- a/machines/models.py +++ b/machines/models.py @@ -203,72 +203,6 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) -class SshFingerprint(RevMixin, AclMixin, models.Model): - """A fingerpirnt of an SSH public key""" - - ALGO = ( - ("ssh-rsa", "ssh-rsa"), - ("ssh-ed25519", "ssh-ed25519"), - ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"), - ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"), - ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), - ) - - machine = models.ForeignKey('Machine', on_delete=models.CASCADE) - pub_key_entry = models.TextField( - help_text="SSH public key", - max_length=2048 - ) - algo = models.CharField( - choices=ALGO, - max_length=32 - ) - comment = models.CharField( - help_text="Comment", - max_length=255, - null=True, - blank=True - ) - - @cached_property - def algo_id(self): - """Return the id of the algorithme for this key""" - if "ecdsa" in self.algo: - return 3 - elif "rsa" in self.algo: - return 1 - else: - return 2 - - @cached_property - def hash(self): - """Return the hashs for the pub key with correct id - cf RFC, 1 is sha1 , 2 sha256""" - return { - "1" : hashlib.sha1(base64.b64decode(self.pub_key_entry)).hexdigest(), - "2" : hashlib.sha256(base64.b64decode(self.pub_key_entry)).hexdigest(), - } - - class Meta: - permissions = ( - ("view_sshfingerprint", "Can see an SSH fingerprint"), - ) - verbose_name = "SSH fingerprint" - verbose_name_plural = "SSH fingerprints" - - def can_view(self, user_request, *_args, **_kwargs): - return self.machine.can_view(user_request, *_args, **_kwargs) - - def can_edit(self, user_request, *args, **kwargs): - return self.machine.can_edit(user_request, *args, **kwargs) - - def can_delete(self, user_request, *args, **kwargs): - return self.machine.can_delete(user_request, *args, **kwargs) - - def __str__(self): - return str(self.algo) + ' ' + str(self.comment) - - class MachineType(RevMixin, AclMixin, models.Model): """ Type de machine, relié à un type d'ip, affecté aux interfaces""" PRETTY_NAME = "Type de machine" @@ -631,13 +565,11 @@ class Extension(RevMixin, AclMixin, models.Model): entry += "@ IN AAAA " + str(self.origin_v6) return entry - def get_associated_sshfpr(self): + def get_associated_sshfp_records(self): from re2o.utils import all_active_assigned_interfaces return (all_active_assigned_interfaces() .filter(type__ip_type__extension=self) - .filter( - machine__id__in=SshFingerprint.objects.values('machine') - )) + .filter(machine__id__in=SshFp.objects.values('machine'))) def get_associated_a_records(self): from re2o.utils import all_active_assigned_interfaces @@ -831,6 +763,73 @@ class Srv(RevMixin, AclMixin, models.Model): str(self.port) + ' ' + str(self.target) + '.' +class SshFp(RevMixin, AclMixin, models.Model): + """A fingerprint of an SSH public key""" + + ALGO = ( + ("ssh-rsa", "ssh-rsa"), + ("ssh-ed25519", "ssh-ed25519"), + ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"), + ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"), + ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), + ) + + machine = models.ForeignKey('Machine', on_delete=models.CASCADE) + pub_key_entry = models.TextField( + help_text="SSH public key", + max_length=2048 + ) + algo = models.CharField( + choices=ALGO, + max_length=32 + ) + comment = models.CharField( + help_text="Comment", + max_length=255, + null=True, + blank=True + ) + + @cached_property + def algo_id(self): + """Return the id of the algorithm for this key""" + if "ecdsa" in self.algo: + return 3 + elif "rsa" in self.algo: + return 1 + else: + return 2 + + @cached_property + def hash(self): + """Return the hashess for the pub key with correct id + cf RFC, 1 is sha1 , 2 sha256""" + return { + "1" : hashlib.sha1(base64.b64decode(self.pub_key_entry)).hexdigest(), + "2" : hashlib.sha256(base64.b64decode(self.pub_key_entry)).hexdigest(), + } + + class Meta: + permissions = ( + ("view_sshfp", "Can see an SSHFP record"), + ) + verbose_name = "SSHFP record" + verbose_name_plural = "SSHFP records" + + def can_view(self, user_request, *_args, **_kwargs): + return self.machine.can_view(user_request, *_args, **_kwargs) + + def can_edit(self, user_request, *args, **kwargs): + return self.machine.can_edit(user_request, *args, **kwargs) + + def can_delete(self, user_request, *args, **kwargs): + return self.machine.can_delete(user_request, *args, **kwargs) + + def __str__(self): + return str(self.algo) + ' ' + str(self.comment) + + + class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): """ Une interface. Objet clef de l'application machine : - une address mac unique. Possibilité de la rendre unique avec le diff --git a/machines/templates/machines/aff_machines.html b/machines/templates/machines/aff_machines.html index e5599858..ba736f10 100644 --- a/machines/templates/machines/aff_machines.html +++ b/machines/templates/machines/aff_machines.html @@ -119,9 +119,9 @@ with this program; if not, write to the Free Software Foundation, Inc., {% acl_end %} - {% can_create SshFingerprint interface.machine.id %} + {% can_create SshFp interface.machine.id %}
  • - + Manage the SSH fingerprints
    • diff --git a/machines/templates/machines/aff_sshfingerprint.html b/machines/templates/machines/aff_sshfp.html similarity index 79% rename from machines/templates/machines/aff_sshfingerprint.html rename to machines/templates/machines/aff_sshfp.html index 5c9691fa..4409b8de 100644 --- a/machines/templates/machines/aff_sshfingerprint.html +++ b/machines/templates/machines/aff_sshfp.html @@ -33,19 +33,19 @@ with this program; if not, write to the Free Software Foundation, Inc., - {% for sshfpr in sshfingerprint_list %} + {% for sshfp in sshfp_list %} - {{ sshfpr.pub_key_entry }} - {{ sshfpr.algo }} - {{ sshfpr.comment }} + {{ sshfp.pub_key_entry }} + {{ sshfp.algo }} + {{ sshfp.comment }} - {% can_edit sshfpr %} - {% include 'buttons/edit.html' with href='machines:edit-sshfingerprint' id=sshfpr.id %} + {% can_edit sshfp %} + {% include 'buttons/edit.html' with href='machines:edit-sshfp' id=sshfp.id %} {% acl_end %} - {% can_delete sshfpr %} - {% include 'buttons/suppr.html' with href='machines:del-sshfingerprint' id=sshfpr.id %} + {% can_delete sshfp %} + {% include 'buttons/suppr.html' with href='machines:del-sshfp' id=sshfp.id %} {% acl_end %} - {% history_button sshfpr %} + {% history_button sshfp %} {% endfor %} diff --git a/machines/templates/machines/index_sshfingerprint.html b/machines/templates/machines/index_sshfp.html similarity index 87% rename from machines/templates/machines/index_sshfingerprint.html rename to machines/templates/machines/index_sshfp.html index ec511e45..2c8d1581 100644 --- a/machines/templates/machines/index_sshfingerprint.html +++ b/machines/templates/machines/index_sshfp.html @@ -28,11 +28,11 @@ with this program; if not, write to the Free Software Foundation, Inc., {% block content %}

    SSH fingerprints

    -{% can_create SshFingerprint machine_id %} - +{% can_create SshFp machine_id %} + Add an SSH fingerprint {% acl_end %} -{% include "machines/aff_sshfingerprint.html" with sshfingerprint_list=sshfingerprint_list %} +{% include "machines/aff_sshfp.html" with sshfp_list=sshfp_list %} {% endblock %} diff --git a/machines/templates/machines/machine.html b/machines/templates/machines/machine.html index d5918ef8..7ec4212a 100644 --- a/machines/templates/machines/machine.html +++ b/machines/templates/machines/machine.html @@ -33,12 +33,6 @@ with this program; if not, write to the Free Software Foundation, Inc., {% if machineform %} {% bootstrap_form_errors machineform %} {% endif %} -{% if sshfingerprintform %} - {% bootstrap_form_errors sshfingerprintform %} -{% endif %} -{% if sshfpralgoform %} - {% bootstrap_form_errors sshfpralgoform %} -{% endif %} {% if interfaceform %} {% bootstrap_form_errors interfaceform %} {% endif %} @@ -75,6 +69,9 @@ with this program; if not, write to the Free Software Foundation, Inc., {% if serviceform %} {% bootstrap_form_errors serviceform %} {% endif %} +{% if sshfpform %} + {% bootstrap_form_errors sshfpform %} +{% endif %} {% if vlanform %} {% bootstrap_form_errors vlanform %} {% endif %} @@ -91,14 +88,6 @@ with this program; if not, write to the Free Software Foundation, Inc.,

    Machine

    {% massive_bootstrap_form machineform 'user' %} {% endif %} - {% if sshfingerprintform %} -

    SSH fingerprint

    - {% bootstrap_form sshfingerprintform %} - {% endif %} - {% if sshfpralgoform %} -

    SSH fingerprint algorithm

    - {% bootstrap_form sshfpralgoform %} - {% endif %} {% if interfaceform %}

    Interface

    {% if i_mbf_param %} @@ -147,6 +136,10 @@ with this program; if not, write to the Free Software Foundation, Inc.,

    Enregistrement SRV

    {% massive_bootstrap_form srvform 'target' %} {% endif %} + {% if sshfpform %} +

    SSHFP record

    + {% bootstrap_form sshfpform %} + {% endif %} {% if aliasform %}

    Alias

    {% bootstrap_form aliasform %} diff --git a/machines/urls.py b/machines/urls.py index 8f58373a..ce0a7a78 100644 --- a/machines/urls.py +++ b/machines/urls.py @@ -82,6 +82,18 @@ urlpatterns = [ url(r'^add_srv/$', views.add_srv, name='add-srv'), url(r'^edit_srv/(?P[0-9]+)$', views.edit_srv, name='edit-srv'), url(r'^del_srv/$', views.del_srv, name='del-srv'), + url(r'^new_sshfp/(?P[0-9]+)$', + views.new_sshfp, + name='new-sshfp'), + url(r'^edit_sshfp/(?P[0-9]+)$', + views.edit_sshfp, + name='edit-sshfp'), + url(r'^del_sshfp/(?P[0-9]+)$', + views.del_sshfp, + name='del-sshfp'), + url(r'^index_sshfp/(?P[0-9]+)$', + views.index_sshfp, + name='index-sshfp'), url(r'^index_extension/$', views.index_extension, name='index-extension'), url(r'^add_alias/(?P[0-9]+)$', views.add_alias, @@ -107,18 +119,6 @@ urlpatterns = [ url(r'^index_ipv6/(?P[0-9]+)$', views.index_ipv6, name='index-ipv6'), - url(r'^new_sshfingerprint/(?P[0-9]+)$', - views.new_sshfingerprint, - name='new-sshfingerprint'), - url(r'^edit_sshfingerprint/(?P[0-9]+)$', - views.edit_sshfingerprint, - name='edit-sshfingerprint'), - url(r'^del_sshfingerprint/(?P[0-9]+)$', - views.del_sshfingerprint, - name='del-sshfingerprint'), - url(r'^index_sshfingerprint/(?P[0-9]+)$', - views.index_sshfingerprint, - name='index-sshfingerprint'), url(r'^add_service/$', views.add_service, name='add-service'), url(r'^edit_service/(?P[0-9]+)$', views.edit_service, diff --git a/machines/views.py b/machines/views.py index 8e99c45e..398b9250 100644 --- a/machines/views.py +++ b/machines/views.py @@ -103,6 +103,7 @@ from .forms import ( DelVlanForm, ServiceForm, DelServiceForm, + SshFpForm, NasForm, DelNasForm, SrvForm, @@ -110,7 +111,6 @@ from .forms import ( Ipv6ListForm, EditOuverturePortListForm, EditOuverturePortConfigForm, - SshFingerprintForm, ) from .models import ( IpType, @@ -129,10 +129,10 @@ from .models import ( Txt, DName, Srv, + SshFp, OuverturePortList, OuverturePort, Ipv6List, - SshFingerprint, ) @@ -464,66 +464,66 @@ def del_ipv6list(request, ipv6list, **_kwargs): @login_required -@can_create(SshFingerprint) +@can_create(SshFp) @can_edit(Machine) -def new_sshfingerprint(request, machine, **_kwargs): - """Creates an SSH fingerprint""" - sshfingerprint_instance = SshFingerprint(machine=machine) - sshfingerprint = SshFingerprintForm( +def new_sshfp(request, machine, **_kwargs): + """Creates an SSHFP record associated with a machine""" + sshfp_instance = SshFp(machine=machine) + sshfp = SshFpForm( request.POST or None, - instance=sshfingerprint_instance + instance=sshfp_instance ) - if sshfingerprint.is_valid(): - sshfingerprint.save() - messages.success(request, "The SSH fingerprint was added") + if sshfp.is_valid(): + sshfp.save() + messages.success(request, "The SSHFP record was added") return redirect(reverse( - 'machines:index-sshfingerprint', + 'machines:index-sshfp', kwargs={'machineid': str(machine.id)} )) return form( - {'sshfingerprintform': sshfingerprint, 'action_name': 'Create'}, + {'sshfpform': sshfp, 'action_name': 'Create'}, 'machines/machine.html', request ) @login_required -@can_edit(SshFingerprint) -def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs): - """Edits an SSH fingerprint""" - sshfingerprint = SshFingerprintForm( +@can_edit(SshFp) +def edit_sshfp(request, sshfp_instance, **_kwargs): + """Edits an SSHFP record""" + sshfp = SshFpForm( request.POST or None, - instance=sshfingerprint_instance + instance=sshfp_instance ) - if sshfingerprint.is_valid(): - if sshfingerprint.changed_data: - sshfingerprint.save() - messages.success(request, "The SSH fingerprint was edited") + if sshfp.is_valid(): + if sshfp.changed_data: + sshfp.save() + messages.success(request, "The SSHFP record was edited") return redirect(reverse( - 'machines:index-sshfingerprint', - kwargs={'machineid': str(sshfingerprint_instance.machine.id)} + 'machines:index-sshfp', + kwargs={'machineid': str(sshfp_instance.machine.id)} )) return form( - {'sshfingerprintform': sshfingerprint, 'action_name': 'Edit'}, + {'sshfpform': sshfp, 'action_name': 'Edit'}, 'machines/machine.html', request ) @login_required -@can_delete(SshFingerprint) -def del_sshfingerprint(request, sshfingerprint, **_kwargs): - """Deletes an SSH fingerprint""" +@can_delete(SshFp) +def del_sshfp(request, sshfp, **_kwargs): + """Deletes an SSHFP record""" if request.method == "POST": - machineid = sshfingerprint.machine.id - sshfingerprint.delete() - messages.success(request, "The SSH fingerprint was deleted") + machineid = sshfp.machine.id + sshfp.delete() + messages.success(request, "The SSHFP record was deleted") return redirect(reverse( - 'machines:index-sshfingerprint', + 'machines:index-sshfp', kwargs={'machineid': str(machineid)} )) return form( - {'objet': sshfingerprint, 'objet_name': 'sshfingerprint'}, + {'objet': sshfp, 'objet_name': 'sshfp'}, 'machines/delete.html', request ) @@ -1458,13 +1458,14 @@ def index_alias(request, interface, interfaceid): @login_required @can_view(Machine) -def index_sshfingerprint(request, machine, machineid): - """View used to display the list of existing SSH fingerprint of a machine""" - sshfingerprint_list = SshFingerprint.objects.filter(machine=machine) +def index_sshfp(request, machine, machineid): + """View used to display the list of existing SSHFP records associated + with a machine""" + sshfp_list = SshFp.objects.filter(machine=machine) return render( request, - 'machines/index_sshfingerprint.html', - {'sshfingerprint_list': sshfingerprint_list, 'machine_id': machineid} + 'machines/index_sshfp.html', + {'sshfp_list': sshfp_list, 'machine_id': machineid} )