From 3d881c4f40877e5bba92f0e285611c2168e2ca28 Mon Sep 17 00:00:00 2001 From: Gabriel Detraz Date: Wed, 11 Jul 2018 01:07:31 +0200 Subject: [PATCH] Gestion de la clef radius, et serialisation --- api/serializers.py | 2 +- preferences/admin.py | 9 ++- preferences/forms.py | 29 ++++++++- .../migrations/0047_auto_20180711_0015.py | 40 +++++++++++++ preferences/models.py | 25 ++++++++ .../templates/preferences/aff_radiuskey.html | 49 +++++++++++++++ .../preferences/display_preferences.html | 5 ++ .../templates/preferences/preferences.html | 3 +- preferences/urls.py | 7 +++ preferences/views.py | 60 +++++++++++++++++-- re2o/views.py | 1 + .../migrations/0070_switch_radius_key.py | 22 +++++++ topologie/models.py | 20 ++++++- 13 files changed, 262 insertions(+), 10 deletions(-) create mode 100644 preferences/migrations/0047_auto_20180711_0015.py create mode 100644 preferences/templates/preferences/aff_radiuskey.html create mode 100644 topologie/migrations/0070_switch_radius_key.py diff --git a/api/serializers.py b/api/serializers.py index 6e732ff8..64d28d7a 100644 --- a/api/serializers.py +++ b/api/serializers.py @@ -725,7 +725,7 @@ class SwitchPortSerializer(serializers.ModelSerializer): model = topologie.Switch fields = ('short_name', 'model', 'switchbay', 'ports', 'ipv4', 'ipv6', 'subnet', 'subnet6', 'automatic_provision', 'rest_enabled', - 'web_management_enabled') + 'web_management_enabled', 'get_radius_key_value') # DHCP diff --git a/preferences/admin.py b/preferences/admin.py index 3e1c61f1..05e7ce4a 100644 --- a/preferences/admin.py +++ b/preferences/admin.py @@ -38,7 +38,8 @@ from .models import ( Reminder, AssoOption, MailMessageOption, - HomeOption + HomeOption, + RadiusKey ) @@ -90,6 +91,11 @@ class ReminderAdmin(VersionAdmin): """Class reminder""" pass +class RadiusKeyAdmin(VersionAdmin): + """Class radiuskey""" + pass + + admin.site.register(OptionalUser, OptionalUserAdmin) admin.site.register(OptionalMachine, OptionalMachineAdmin) admin.site.register(OptionalTopologie, OptionalTopologieAdmin) @@ -98,5 +104,6 @@ admin.site.register(HomeOption, HomeOptionAdmin) admin.site.register(Service, ServiceAdmin) admin.site.register(MailContact, MailContactAdmin) admin.site.register(Reminder, ReminderAdmin) +admin.site.register(RadiusKey, RadiusKeyAdmin) admin.site.register(AssoOption, AssoOptionAdmin) admin.site.register(MailMessageOption, MailMessageOptionAdmin) diff --git a/preferences/forms.py b/preferences/forms.py index 7b570dac..c983feba 100644 --- a/preferences/forms.py +++ b/preferences/forms.py @@ -38,7 +38,8 @@ from .models import ( HomeOption, Service, MailContact, - Reminder + Reminder, + RadiusKey ) from topologie.models import Switch @@ -234,7 +235,31 @@ class ReminderForm(FormRevMixin, ModelForm): prefix = kwargs.pop('prefix', self.Meta.model.__name__) super(ReminderForm, self).__init__(*args, prefix=prefix, **kwargs) - + +class RadiusKeyForm(FormRevMixin, ModelForm): + """Edition, ajout de clef radius""" + members = forms.ModelMultipleChoiceField( + Switch.objects.all(), + required=False + ) + + class Meta: + model = RadiusKey + fields = '__all__' + + def __init__(self, *args, **kwargs): + prefix = kwargs.pop('prefix', self.Meta.model.__name__) + super(RadiusKeyForm, self).__init__(*args, prefix=prefix, **kwargs) + instance = kwargs.get('instance', None) + if instance: + self.initial['members'] = Switch.objects.filter(radius_key=instance) + + def save(self, commit=True): + instance = super().save(commit) + instance.switch_set = self.cleaned_data['members'] + return instance + + class MailContactForm(ModelForm): """Edition, ajout d'adresse de contact""" class Meta: diff --git a/preferences/migrations/0047_auto_20180711_0015.py b/preferences/migrations/0047_auto_20180711_0015.py new file mode 100644 index 00000000..4100bf89 --- /dev/null +++ b/preferences/migrations/0047_auto_20180711_0015.py @@ -0,0 +1,40 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2018-07-10 22:15 +from __future__ import unicode_literals + +from django.db import migrations, models +import re2o.aes_field +import re2o.mixins + + +class Migration(migrations.Migration): + + dependencies = [ + ('preferences', '0046_merge_20180710_1533'), + ] + + operations = [ + migrations.CreateModel( + name='RadiusKey', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('radius_key', re2o.aes_field.AESEncryptedField(help_text='Clef radius', max_length=255)), + ('comment', models.CharField(blank=True, help_text='Commentaire de cette clef', max_length=255, null=True)), + ('default_switch', models.BooleanField(default=True, help_text='Clef par défaut des switchs', unique=True)), + ], + options={ + 'permissions': (('view_radiuskey', 'Peut voir un objet radiuskey'),), + }, + bases=(re2o.mixins.AclMixin, models.Model), + ), + migrations.AlterField( + model_name='optionaluser', + name='gpg_fingerprint', + field=models.BooleanField(default=True), + ), + migrations.AlterField( + model_name='optionaluser', + name='is_tel_mandatory', + field=models.BooleanField(default=True), + ), + ] diff --git a/preferences/models.py b/preferences/models.py index f4d85cea..d08f761e 100644 --- a/preferences/models.py +++ b/preferences/models.py @@ -37,6 +37,7 @@ import cotisations.models import machines.models from re2o.mixins import AclMixin +from re2o.aes_field import AESEncryptedField from datetime import timedelta @@ -254,6 +255,30 @@ def optionaltopologie_post_save(**kwargs): topologie_pref.set_in_cache() +class RadiusKey(AclMixin, models.Model): + """Class of a radius key""" + radius_key = AESEncryptedField( + max_length=255, + help_text="Clef radius" + ) + comment = models.CharField( + max_length=255, + null=True, + blank=True, + help_text="Commentaire de cette clef" + ) + default_switch = models.BooleanField( + default=True, + unique=True, + help_text= "Clef par défaut des switchs" + ) + + class Meta: + permissions = ( + ("view_radiuskey", "Peut voir un objet radiuskey"), + ) + + class Reminder(AclMixin, models.Model): """Options pour les mails de notification de fin d'adhésion. Days: liste des nombres de jours pour lesquells un mail est envoyé diff --git a/preferences/templates/preferences/aff_radiuskey.html b/preferences/templates/preferences/aff_radiuskey.html new file mode 100644 index 00000000..6aca740d --- /dev/null +++ b/preferences/templates/preferences/aff_radiuskey.html @@ -0,0 +1,49 @@ +{% comment %} +Re2o est un logiciel d'administration développé initiallement au rezometz. Il +se veut agnostique au réseau considéré, de manière à être installable en +quelques clics. + +Copyright © 2017 Gabriel Détraz +Copyright © 2017 Goulven Kermarec +Copyright © 2017 Augustin Lemesle + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License along +with this program; if not, write to the Free Software Foundation, Inc., +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +{% endcomment %} +{% load acl %} + + + + + + + + + + + {% for radiuskey in radiuskey_list %} + + + + + + + {% endfor %} +
ClefCommentaireClef par default des switchs
{{ radiuskey.radius_key }}{{ radiuskey.comment }}{{ radiuskey.default_switch }} + {% can_edit radiuskey %} + {% include 'buttons/edit.html' with href='preferences:edit-radiuskey' id=radiuskey.id %} + {% acl_end %} + {% include 'buttons/history.html' with href='preferences:history' name='radiuskey' id=radiuskey.id %} +
+ diff --git a/preferences/templates/preferences/display_preferences.html b/preferences/templates/preferences/display_preferences.html index 3e8d91ba..76b144c0 100644 --- a/preferences/templates/preferences/display_preferences.html +++ b/preferences/templates/preferences/display_preferences.html @@ -129,6 +129,11 @@ with this program; if not, write to the Free Software Foundation, Inc., +
Clef radius
+ {% can_create RadiusKey%} + Ajouter une clef radius + {% acl_end %} + {% include "preferences/aff_radiuskey.html" with radiuskey_list=radiuskey_list %}
{% if topologieoptions.provisioned_switchs %}Provision de la config des switchs{% else %}Provision de la config des switchs{% endif%}
diff --git a/preferences/templates/preferences/preferences.html b/preferences/templates/preferences/preferences.html index e8972d8d..c15386f4 100644 --- a/preferences/templates/preferences/preferences.html +++ b/preferences/templates/preferences/preferences.html @@ -24,6 +24,7 @@ with this program; if not, write to the Free Software Foundation, Inc., {% endcomment %} {% load bootstrap3 %} +{% load massive_bootstrap_form %} {% block title %}Création et modification des preferences{% endblock %} @@ -36,7 +37,7 @@ with this program; if not, write to the Free Software Foundation, Inc., {% csrf_token %} {% if preferenceform %} - {% bootstrap_form preferenceform %} + {% massive_bootstrap_form preferenceform 'members' %} {% endif %} {% bootstrap_button action_name button_type="submit" icon="star" %} diff --git a/preferences/urls.py b/preferences/urls.py index 92c2e08f..6174b7dc 100644 --- a/preferences/urls.py +++ b/preferences/urls.py @@ -88,6 +88,13 @@ urlpatterns = [ name='edit-reminder' ), url(r'^del_reminder/$', views.del_reminder, name='del-reminder'), + url(r'^add_radiuskey/$', views.add_radiuskey, name='add-radiuskey'), + url( + r'^edit_radiuskey/(?P[0-9]+)$', + views.edit_radiuskey, + name='edit-radiuskey' + ), + url(r'^del_radiuskey/$', views.del_radiuskey, name='del-radiuskey'), url( r'^history/(?P\w+)/(?P[0-9]+)$', re2o.views.history, diff --git a/preferences/views.py b/preferences/views.py index 89df12c1..69ea27a4 100644 --- a/preferences/views.py +++ b/preferences/views.py @@ -43,7 +43,11 @@ from re2o.views import form from re2o.acl import can_create, can_edit, can_delete, can_delete_set, can_view_all from .forms import MailContactForm, DelMailContactForm -from .forms import ServiceForm, ReminderForm +from .forms import ( + ServiceForm, + ReminderForm, + RadiusKeyForm +) from .models import ( Service, MailContact, @@ -54,7 +58,8 @@ from .models import ( GeneralOption, OptionalTopologie, HomeOption, - Reminder + Reminder, + RadiusKey ) from . import models from . import forms @@ -86,6 +91,7 @@ def display_options(request): service_list = Service.objects.all() mailcontact_list = MailContact.objects.all() reminder_list = Reminder.objects.all() + radiuskey_list = RadiusKey.objects.all() return form({ 'useroptions': useroptions, 'machineoptions': format_options(machineoptions), @@ -95,8 +101,9 @@ def display_options(request): 'homeoptions': format_options(homeoptions), 'mailmessageoptions': format_options(mailmessageoptions), 'service_list': service_list, - 'reminder_list':reminder_list, - 'mailcontact_list': mailcontact_list + 'reminder_list': reminder_list, + 'mailcontact_list': mailcontact_list, + 'radiuskey_list' : radiuskey_list, }, 'preferences/display_preferences.html', request) @@ -232,6 +239,51 @@ def del_reminder(request, reminder_instance, **_kwargs): ) +@login_required +@can_create(RadiusKey) +def add_radiuskey(request): + """Ajout d'une clef radius""" + radiuskey = RadiusKeyForm(request.POST or None) + if radiuskey.is_valid(): + radiuskey.save() + messages.success(request, "Cette clef a été ajouté") + return redirect(reverse('preferences:display-options')) + return form( + {'preferenceform': radiuskey, 'action_name': 'Ajouter'}, + 'preferences/preferences.html', + request + ) + +@can_edit(RadiusKey) +def edit_radiuskey(request, radiuskey_instance, **_kwargs): + """Edition des clefs radius""" + radiuskey = RadiusKeyForm(request.POST or None, instance=radiuskey_instance) + if radiuskey.is_valid(): + radiuskey.save() + messages.success(request, "Radiuskey modifié") + return redirect(reverse('preferences:display-options')) + return form( + {'preferenceform': radiuskey, 'action_name': 'Editer'}, + 'preferences/preferences.html', + request + ) + + +@login_required +@can_delete(RadiusKey) +def del_radiuskey(request, radiuskey_instance, **_kwargs): + """Destruction d'un radiuskey""" + if request.method == "POST": + radiuskey_instance.delete() + messages.success(request, "La radiuskey a été détruite") + return redirect(reverse('preferences:display-options')) + return form( + {'objet': radiuskey_instance, 'objet_name': 'radiuskey'}, + 'preferences/delete.html', + request + ) + + @login_required @can_create(MailContact) def add_mailcontact(request): diff --git a/re2o/views.py b/re2o/views.py index a57e52c5..4b7ef0a8 100644 --- a/re2o/views.py +++ b/re2o/views.py @@ -98,6 +98,7 @@ HISTORY_BIND = { 'service': preferences.models.Service, 'mailcontact': preferences.models.MailContact, 'reminder': preferences.models.Reminder, + 'radiuskey': preferences.models.RadiusKey, }, 'cotisations': { 'facture': cotisations.models.Facture, diff --git a/topologie/migrations/0070_switch_radius_key.py b/topologie/migrations/0070_switch_radius_key.py new file mode 100644 index 00000000..b3d31b1f --- /dev/null +++ b/topologie/migrations/0070_switch_radius_key.py @@ -0,0 +1,22 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.10.7 on 2018-07-10 22:20 +from __future__ import unicode_literals + +from django.db import migrations, models +import django.db.models.deletion + + +class Migration(migrations.Migration): + + dependencies = [ + ('preferences', '0047_auto_20180711_0015'), + ('topologie', '0069_switch_automatic_provision'), + ] + + operations = [ + migrations.AddField( + model_name='switch', + name='radius_key', + field=models.ForeignKey(blank=True, help_text='Clef radius du switch', null=True, on_delete=django.db.models.deletion.PROTECT, to='preferences.RadiusKey'), + ), + ] diff --git a/topologie/models.py b/topologie/models.py index d7205d15..d2adea54 100644 --- a/topologie/models.py +++ b/topologie/models.py @@ -49,7 +49,7 @@ from django.db import transaction from django.utils.translation import ugettext_lazy as _ from reversion import revisions as reversion -from preferences.models import OptionalTopologie +from preferences.models import OptionalTopologie, RadiusKey from machines.models import Machine, regen from re2o.mixins import AclMixin, RevMixin @@ -221,6 +221,13 @@ class Switch(AclMixin, Machine): default=False, help_text='Provision automatique de ce switch', ) + radius_key = models.ForeignKey( + 'preferences.RadiusKey', + blank=True, + null=True, + on_delete=models.PROTECT, + help_text="Clef radius du switch" + ) class Meta: unique_together = ('stack', 'stack_member_id') @@ -280,6 +287,17 @@ class Switch(AclMixin, Machine): return self.interface_set.filter(type__ip_type=switch_iptype).first() return self.interface_set.first() + @cached_property + def get_radius_key(self): + return self.radius_key or RadiusKey.objects.filter(default_switch=True).first() + + @cached_property + def get_radius_key_value(self): + if self.get_radius_key: + return self.get_radius_key.radius_key + else: + return None + @cached_property def rest_enabled(self): return OptionalTopologie.get_cached_value('switchs_rest_management') or self.automatic_provision