8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2025-01-25 17:44:21 +00:00

Allow policies edition

This commit is contained in:
Hugo LEVY-FALK 2018-12-02 17:03:27 +01:00
parent c419c1239d
commit 84f1c9d60a
5 changed files with 125 additions and 90 deletions

View file

@ -42,6 +42,7 @@ from .models import (
Reminder, Reminder,
RadiusKey, RadiusKey,
SwitchManagementCred, SwitchManagementCred,
RadiusOption,
) )
from topologie.models import Switch from topologie.models import Switch
@ -229,6 +230,13 @@ class EditHomeOptionForm(ModelForm):
self.fields['twitter_account_name'].label = _("Twitter account name") self.fields['twitter_account_name'].label = _("Twitter account name")
class EditRadiusOptionForm(ModelForm):
"""Edition forms for Radius options"""
class Meta:
model = RadiusOption
fields = ['radius_general_policy', 'vlan_decision_ok']
class ServiceForm(ModelForm): class ServiceForm(ModelForm):
"""Edition, ajout de services sur la page d'accueil""" """Edition, ajout de services sur la page d'accueil"""
class Meta: class Meta:

View file

@ -10,17 +10,11 @@ import re2o.mixins
def create_radius_policy(apps, schema_editor): def create_radius_policy(apps, schema_editor):
OptionalTopologie = apps.get_model('preferences', 'OptionalTopologie') OptionalTopologie = apps.get_model('preferences', 'OptionalTopologie')
RadiusOption = apps.get_model('preferences', 'RadiusOption') RadiusOption = apps.get_model('preferences', 'RadiusOption')
RadiusPolicy = apps.get_model('preferences', 'RadiusPolicy')
option,_ = OptionalTopologie.objects.get_or_create() option,_ = OptionalTopologie.objects.get_or_create()
radius_option = RadiusOption() radius_option = RadiusOption()
radius_option.radius_general_policy = option.radius_general_policy radius_option.radius_general_policy = option.radius_general_policy
radius_option.unknown_machine = RadiusPolicy.objects.create()
radius_option.unknown_port = RadiusPolicy.objects.create()
radius_option.unknown_room = RadiusPolicy.objects.create()
radius_option.non_member = RadiusPolicy.objects.create()
radius_option.banned = RadiusPolicy.objects.create()
radius_option.vlan_decision_ok = option.vlan_decision_ok radius_option.vlan_decision_ok = option.vlan_decision_ok
radius_option.save() radius_option.save()
@ -45,47 +39,56 @@ class Migration(migrations.Migration):
}, },
bases=(re2o.mixins.AclMixin, models.Model), bases=(re2o.mixins.AclMixin, models.Model),
), ),
migrations.CreateModel( migrations.AddField(
name='RadiusPolicy', model_name='radiusoption',
fields=[ name='banned_vlan',
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), field=models.ForeignKey(blank=True, help_text='Vlan for banned if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='banned_vlan', to='machines.Vlan', verbose_name='Banned Vlan'),
('policy', models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32)),
('vlan', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, to='machines.Vlan')),
],
options={
'verbose_name': 'radius policy',
},
bases=(re2o.mixins.AclMixin, models.Model),
), ),
migrations.AddField( migrations.AddField(
model_name='radiusoption', model_name='radiusoption',
name='non_member', name='non_member_vlan',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='non_member_option', to='preferences.RadiusPolicy', verbose_name='Policy non member users.'), field=models.ForeignKey(blank=True, help_text='Vlan for non members if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='non_member_vlan', to='machines.Vlan', verbose_name='Non member Vlan'),
), ),
migrations.AddField( migrations.AddField(
model_name='radiusoption', model_name='radiusoption',
name='unknown_machine', name='unknown_machine_vlan',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'), field=models.ForeignKey(blank=True, help_text='Vlan for unknown machines if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_vlan', to='machines.Vlan', verbose_name='Unknown machine Vlan'),
), ),
migrations.AddField( migrations.AddField(
model_name='radiusoption', model_name='radiusoption',
name='unknown_port', name='unknown_port_vlan',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'), field=models.ForeignKey(blank=True, help_text='Vlan for unknown ports if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_vlan', to='machines.Vlan', verbose_name='Unknown port Vlan'),
), ),
migrations.AddField( migrations.AddField(
model_name='radiusoption', model_name='radiusoption',
name='unknown_room', name='unknown_room_vlan',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_option', to='preferences.RadiusPolicy', verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'), field=models.ForeignKey(blank=True, help_text='Vlan for unknown room if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_vlan', to='machines.Vlan', verbose_name='Unknown room Vlan'),
), ),
migrations.AddField( migrations.AddField(
model_name='radiusoption', model_name='radiusoption',
name='banned', name='banned',
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='banned_option', to='preferences.RadiusPolicy', verbose_name='Policy for banned users.'), field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for banned users.'),
), ),
migrations.AddField( migrations.AddField(
model_name='radiusoption', model_name='radiusoption',
name='vlan_decision_ok', name='non_member',
field=models.OneToOneField(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, related_name='vlan_ok_option', to='machines.Vlan'), field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy non member users.'),
), ),
migrations.AddField(
model_name='radiusoption',
name='unknown_machine',
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'),
),
migrations.AddField(
model_name='radiusoption',
name='unknown_port',
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'),
),
migrations.AddField(
model_name='radiusoption',
name='unknown_room',
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'),
),
migrations.RunPython(create_radius_policy), migrations.RunPython(create_radius_policy),
] ]

View file

@ -199,26 +199,6 @@ class OptionalTopologie(AclMixin, PreferencesModel):
('tftp', 'tftp'), ('tftp', 'tftp'),
) )
radius_general_policy = models.CharField(
max_length=32,
choices=CHOICE_RADIUS,
default='DEFINED'
)
vlan_decision_ok = models.OneToOneField(
'machines.Vlan',
on_delete=models.PROTECT,
related_name='decision_ok',
blank=True,
null=True
)
vlan_decision_nok = models.OneToOneField(
'machines.Vlan',
on_delete=models.PROTECT,
related_name='decision_nok',
blank=True,
null=True
)
switchs_web_management = models.BooleanField( switchs_web_management = models.BooleanField(
default=False, default=False,
help_text="Web management, activé si provision automatique" help_text="Web management, activé si provision automatique"
@ -589,31 +569,6 @@ class MailMessageOption(AclMixin, models.Model):
verbose_name = _("email message options") verbose_name = _("email message options")
class RadiusPolicy(AclMixin, models.Model):
class Meta:
verbose_name = _('radius policy')
REJECT = 'REJECT'
SET_VLAN = 'SET_VLAN'
CHOICE_POLICY = (
(REJECT, _('Reject the machine')),
(SET_VLAN, _('Place the machine on the VLAN'))
)
policy = models.CharField(
max_length=32,
choices=CHOICE_POLICY,
default=REJECT
)
vlan = models.ForeignKey(
'machines.Vlan',
on_delete=models.PROTECT,
blank=True,
null=True
)
class RadiusOption(AclMixin, models.Model): class RadiusOption(AclMixin, models.Model):
class Meta: class Meta:
verbose_name = _("radius policies") verbose_name = _("radius policies")
@ -624,44 +579,105 @@ class RadiusOption(AclMixin, models.Model):
(MACHINE, _("On the IP range's VLAN of the machine")), (MACHINE, _("On the IP range's VLAN of the machine")),
(DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")), (DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")),
) )
REJECT = 'REJECT'
SET_VLAN = 'SET_VLAN'
CHOICE_POLICY = (
(REJECT, _('Reject the machine')),
(SET_VLAN, _('Place the machine on the VLAN'))
)
radius_general_policy = models.CharField( radius_general_policy = models.CharField(
max_length=32, max_length=32,
choices=CHOICE_RADIUS, choices=CHOICE_RADIUS,
default='DEFINED' default='DEFINED'
) )
unknown_machine = models.ForeignKey( unknown_machine = models.CharField(
RadiusPolicy, max_length=32,
on_delete=models.PROTECT, choices=CHOICE_POLICY,
default=REJECT,
verbose_name=_("Policy for unknown machines"), verbose_name=_("Policy for unknown machines"),
related_name='unknown_machine_option',
) )
unknown_port = models.ForeignKey( unknown_machine_vlan = models.ForeignKey(
RadiusPolicy, 'machines.Vlan',
on_delete=models.PROTECT, on_delete=models.PROTECT,
related_name='unknown_machine_vlan',
blank=True,
null=True,
verbose_name=_('Unknown machine Vlan'),
help_text=_(
'Vlan for unknown machines if not rejected.'
)
)
unknown_port = models.CharField(
max_length=32,
choices=CHOICE_POLICY,
default=REJECT,
verbose_name=_("Policy for unknown machines"), verbose_name=_("Policy for unknown machines"),
related_name='unknown_port_option',
) )
unknown_room = models.ForeignKey( unknown_port_vlan = models.ForeignKey(
RadiusPolicy, 'machines.Vlan',
on_delete=models.PROTECT, on_delete=models.PROTECT,
related_name='unknown_port_vlan',
blank=True,
null=True,
verbose_name=_('Unknown port Vlan'),
help_text=_(
'Vlan for unknown ports if not rejected.'
)
)
unknown_room = models.CharField(
max_length=32,
choices=CHOICE_POLICY,
default=REJECT,
verbose_name=_( verbose_name=_(
"Policy for machine connecting from " "Policy for machine connecting from "
"unregistered room (relevant on ports with STRICT " "unregistered room (relevant on ports with STRICT "
"radius mode)" "radius mode)"
), ),
related_name='unknown_room_option',
) )
non_member = models.ForeignKey( unknown_room_vlan = models.ForeignKey(
RadiusPolicy, 'machines.Vlan',
related_name='unknown_room_vlan',
on_delete=models.PROTECT, on_delete=models.PROTECT,
blank=True,
null=True,
verbose_name=_('Unknown room Vlan'),
help_text=_(
'Vlan for unknown room if not rejected.'
)
)
non_member = models.CharField(
max_length=32,
choices=CHOICE_POLICY,
default=REJECT,
verbose_name=_("Policy non member users."), verbose_name=_("Policy non member users."),
related_name='non_member_option',
) )
banned = models.ForeignKey( non_member_vlan = models.ForeignKey(
RadiusPolicy, 'machines.Vlan',
related_name='non_member_vlan',
on_delete=models.PROTECT, on_delete=models.PROTECT,
blank=True,
null=True,
verbose_name=_('Non member Vlan'),
help_text=_(
'Vlan for non members if not rejected.'
)
)
banned = models.CharField(
max_length=32,
choices=CHOICE_POLICY,
default=REJECT,
verbose_name=_("Policy for banned users."), verbose_name=_("Policy for banned users."),
related_name='banned_option' )
banned_vlan = models.ForeignKey(
'machines.Vlan',
related_name='banned_vlan',
on_delete=models.PROTECT,
blank=True,
null=True,
verbose_name=_('Banned Vlan'),
help_text=_(
'Vlan for banned if not rejected.'
)
) )
vlan_decision_ok = models.OneToOneField( vlan_decision_ok = models.OneToOneField(
'machines.Vlan', 'machines.Vlan',

View file

@ -37,6 +37,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
<form class="form" method="post" enctype="multipart/form-data"> <form class="form" method="post" enctype="multipart/form-data">
{% csrf_token %} {% csrf_token %}
{% massive_bootstrap_form options 'utilisateur_asso,automatic_provision_switchs' %} {% massive_bootstrap_form options 'utilisateur_asso,automatic_provision_switchs' %}
{% if formset %}
{{ formset.management_form }}
{% for f in formset %}
{% bootstrap_form f %}
{% endfor %}
{% endif %}
{% trans "Edit" as tr_edit %} {% trans "Edit" as tr_edit %}
{% bootstrap_button tr_edit button_type="submit" icon='ok' button_class='btn-success' %} {% bootstrap_button tr_edit button_type="submit" icon='ok' button_class='btn-success' %}
</form> </form>

View file

@ -137,7 +137,9 @@ def edit_options(request, section):
messages.success(request, _("The preferences were edited.")) messages.success(request, _("The preferences were edited."))
return redirect(reverse('preferences:display-options')) return redirect(reverse('preferences:display-options'))
return form( return form(
{'options': options}, {
'options': options,
},
'preferences/edit_preferences.html', 'preferences/edit_preferences.html',
request request
) )