diff --git a/machines/admin.py b/machines/admin.py
index 214c8bc0..2e02475d 100644
--- a/machines/admin.py
+++ b/machines/admin.py
@@ -43,7 +43,9 @@ from .models import (
Role,
OuverturePort,
Ipv6List,
- OuverturePortList
+ OuverturePortList,
+ SshFingerprint,
+ SshFprAlgo,
)
@@ -141,6 +143,15 @@ class RoleAdmin(VersionAdmin):
pass
+class SshFprAlgoAdmin(VersionAdmin):
+ """ Admin view of a SshFprAlgo object """
+ pass
+
+
+class SshFingerprintAdmin(VersionAdmin):
+ """ Admin view of a SshFprAlgo object """
+ pass
+
admin.site.register(Machine, MachineAdmin)
admin.site.register(MachineType, MachineTypeAdmin)
@@ -161,3 +172,5 @@ admin.site.register(Ipv6List, Ipv6ListAdmin)
admin.site.register(Nas, NasAdmin)
admin.site.register(OuverturePort, OuverturePortAdmin)
admin.site.register(OuverturePortList, OuverturePortListAdmin)
+admin.site.register(SshFprAlgo, SshFprAlgoAdmin)
+admin.site.register(SshFingerprint, SshFingerprintAdmin)
diff --git a/machines/forms.py b/machines/forms.py
index 4b5a0d44..66f5c93e 100644
--- a/machines/forms.py
+++ b/machines/forms.py
@@ -60,6 +60,8 @@ from .models import (
IpType,
OuverturePortList,
Ipv6List,
+ SshFingerprint,
+ SshFprAlgo
)
@@ -601,3 +603,33 @@ class EditOuverturePortListForm(FormRevMixin, ModelForm):
prefix=prefix,
**kwargs
)
+
+
+class SshFingerprintForm(FormRevMixin, ModelForm):
+ """Edition d'une sshfingerprint"""
+ class Meta:
+ model = SshFingerprint
+ exclude = ('machine',)
+
+ def __init__(self, *args, **kwargs):
+ prefix = kwargs.pop('prefix', self.Meta.model.__name__)
+ super(SshFingerprintForm, self).__init__(
+ *args,
+ prefix=prefix,
+ **kwargs
+ )
+
+
+class SshFprAlgoForm(FormRevMixin, ModelForm):
+ """Edition de la liste des algo pour sshfpr"""
+ class Meta:
+ model = SshFprAlgo
+ fields = '__all__'
+
+ def __init__(self, *args, **kwargs):
+ prefix = kwargs.pop('prefix', self.Meta.model.__name__)
+ super(SshFprAlgoForm, self).__init__(
+ *args,
+ prefix=prefix,
+ **kwargs
+ )
diff --git a/machines/migrations/0084_auto_20180623_1651.py b/machines/migrations/0084_auto_20180623_1651.py
new file mode 100644
index 00000000..443c89ad
--- /dev/null
+++ b/machines/migrations/0084_auto_20180623_1651.py
@@ -0,0 +1,50 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.7 on 2018-06-23 14:51
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+import django.db.models.deletion
+import re2o.mixins
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('machines', '0083_role'),
+ ]
+
+ operations = [
+ migrations.CreateModel(
+ name='SshFingerprint',
+ fields=[
+ ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+ ('hash_entry', models.TextField(max_length=512)),
+ ('comment', models.CharField(blank=True, max_length=255, null=True)),
+ ],
+ options={
+ 'permissions': (('view_sshfingerprint', 'Peut voir un objet sshfingerprint'),),
+ },
+ bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model),
+ ),
+ migrations.CreateModel(
+ name='SshFprAlgo',
+ fields=[
+ ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+ ('name', models.TextField(max_length=256)),
+ ],
+ options={
+ 'permissions': (('view_sshfpralgo', 'Peut voir un algo de chiffrement'),),
+ },
+ bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model),
+ ),
+ migrations.AddField(
+ model_name='sshfingerprint',
+ name='algo',
+ field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='machines.SshFprAlgo'),
+ ),
+ migrations.AddField(
+ model_name='sshfingerprint',
+ name='machine',
+ field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine'),
+ ),
+ ]
diff --git a/machines/models.py b/machines/models.py
index 034a4f74..9e7c6772 100644
--- a/machines/models.py
+++ b/machines/models.py
@@ -204,6 +204,52 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model):
def __str__(self):
return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name)
+class SshFingerprint(RevMixin, AclMixin, models.Model):
+ """Hash de la clef ssh d'une machine"""
+
+ PRETTY_NAME = "Fingerprint ssh"
+
+ machine = models.ForeignKey('Machine', on_delete=models.CASCADE)
+ hash_entry = models.TextField(max_length=512)
+ algo = models.ForeignKey('SshFprAlgo', on_delete=models.PROTECT)
+ comment = models.CharField(
+ max_length=255,
+ null=True,
+ blank=True
+ )
+
+ class Meta:
+ permissions = (
+ ("view_sshfingerprint", "Peut voir un objet sshfingerprint"),
+ )
+
+ def can_view(self, user_request, *_args, **_kwargs):
+ return self.machine.can_view(user_request, *_args, **_kwargs)
+
+ def can_edit(self, user_request, *args, **kwargs):
+ return self.machine.can_edit(user_request, *args, **kwargs)
+
+ def can_delete(self, user_request, *args, **kwargs):
+ return self.machine.can_delete(user_request, *args, **kwargs)
+
+ def __str__(self):
+ return str(self.algo) + ' ' + str(self.hash_entry) + ' ' + str(self.comment)
+
+
+class SshFprAlgo(RevMixin, AclMixin, models.Model):
+ """Un aglorithme de création de la fingerprint ssh"""
+ PRETTY_NAME = "Algo de clef ssh"
+
+ name = models.TextField(max_length=256)
+
+ class Meta:
+ permissions = (
+ ("view_sshfpralgo", "Peut voir un algo de chiffrement"),
+ )
+
+ def __str__(self):
+ return str(self.name)
+
class MachineType(RevMixin, AclMixin, models.Model):
""" Type de machine, relié à un type d'ip, affecté aux interfaces"""
diff --git a/machines/templates/machines/aff_machines.html b/machines/templates/machines/aff_machines.html
index 0020d8b3..dcfffa08 100644
--- a/machines/templates/machines/aff_machines.html
+++ b/machines/templates/machines/aff_machines.html
@@ -118,6 +118,13 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% acl_end %}
+ {% can_create SshFingerprint interface.machine.id %}
+
+
+ Gerer les fingerprint ssh
+
+
+ {% acl_end %}
{% can_create OuverturePortList %}
diff --git a/machines/templates/machines/aff_sshfingerprint.html b/machines/templates/machines/aff_sshfingerprint.html
new file mode 100644
index 00000000..33e7d7ad
--- /dev/null
+++ b/machines/templates/machines/aff_sshfingerprint.html
@@ -0,0 +1,51 @@
+{% comment %}
+Re2o est un logiciel d'administration développé initiallement au rezometz. Il
+se veut agnostique au réseau considéré, de manière à être installable en
+quelques clics.
+
+Copyright © 2018 Gabriel Détraz
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with this program; if not, write to the Free Software Foundation, Inc.,
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+{% endcomment %}
+
+{% load acl %}
+
+
+
+
+ Entrée du hash |
+ Algorithme utilisé |
+ Commentaire |
+ |
+
+
+ {% for sshfpr in sshfingerprint_list %}
+
+ {{ sshfpr.hash_entry }} |
+ {{ sshfpr.algo }} |
+ {{ sshfpr.comment }} |
+
+ {% can_edit sshfpr %}
+ {% include 'buttons/edit.html' with href='machines:edit-sshfingerprint' id=sshfpr.id %}
+ {% acl_end %}
+ {% can_delete sshfpr %}
+ {% include 'buttons/suppr.html' with href='machines:del-sshfingerprint' id=sshfpr.id %}
+ {% acl_end %}
+ {% include 'buttons/history.html' with href='machines:history' name='sshfingerprint' id=sshfpr.id %}
+ |
+
+ {% endfor %}
+
+
diff --git a/machines/templates/machines/index_sshfingerprint.html b/machines/templates/machines/index_sshfingerprint.html
new file mode 100644
index 00000000..eba872c0
--- /dev/null
+++ b/machines/templates/machines/index_sshfingerprint.html
@@ -0,0 +1,39 @@
+{% extends "machines/sidebar.html" %}
+{% comment %}
+Re2o est un logiciel d'administration développé initiallement au rezometz. Il
+se veut agnostique au réseau considéré, de manière à être installable en
+quelques clics.
+
+Copyright © 2018 Gabriel Détraz
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or
+(at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License along
+with this program; if not, write to the Free Software Foundation, Inc.,
+51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+{% endcomment %}
+
+{% load bootstrap3 %}
+{% load acl %}
+
+{% block title %}Machines{% endblock %}
+
+{% block content %}
+ Liste des fingerprint ssh
+ {% can_create SshFingerprint machine_id %}
+ Ajouter une fingerprint ssh
+ {% acl_end %}
+ {% include "machines/aff_sshfingerprint.html" with sshfingerprint_list=sshfingerprint_list %}
+
+
+
+{% endblock %}
+
diff --git a/machines/templates/machines/machine.html b/machines/templates/machines/machine.html
index db0fa0ea..af7ff3fb 100644
--- a/machines/templates/machines/machine.html
+++ b/machines/templates/machines/machine.html
@@ -78,6 +78,11 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% if ipv6form %}
{% bootstrap_form_errors ipv6form %}
{% endif %}
+{% if sshfingerprintform %}
+ {% bootstrap_form_errors sshfingerprintform %}
+{% endif %}
+
+
diff --git a/machines/urls.py b/machines/urls.py
index b9e3e79f..905d4a45 100644
--- a/machines/urls.py
+++ b/machines/urls.py
@@ -105,6 +105,18 @@ urlpatterns = [
url(r'^index_ipv6/(?P[0-9]+)$',
views.index_ipv6,
name='index-ipv6'),
+ url(r'^new_sshfingerprint/(?P[0-9]+)$',
+ views.new_sshfingerprint,
+ name='new-sshfingerprint'),
+ url(r'^edit_sshfingerprint/(?P[0-9]+)$',
+ views.edit_sshfingerprint,
+ name='edit-sshfingerprint'),
+ url(r'^del_sshfingerprint/(?P[0-9]+)$',
+ views.del_sshfingerprint,
+ name='del-sshfingerprint'),
+ url(r'^index_sshfingerprint/(?P[0-9]+)$',
+ views.index_sshfingerprint,
+ name='index-sshfingerprint'),
url(r'^add_service/$', views.add_service, name='add-service'),
url(r'^edit_service/(?P[0-9]+)$',
views.edit_service,
diff --git a/machines/views.py b/machines/views.py
index 75bfb3f6..357b3149 100644
--- a/machines/views.py
+++ b/machines/views.py
@@ -107,7 +107,9 @@ from .forms import (
DelSrvForm,
Ipv6ListForm,
EditOuverturePortListForm,
- EditOuverturePortConfigForm
+ EditOuverturePortConfigForm,
+ SshFingerprintForm,
+ SshFprAlgoForm,
)
from .models import (
IpType,
@@ -129,6 +131,8 @@ from .models import (
OuverturePortList,
OuverturePort,
Ipv6List,
+ SshFingerprint,
+ SshFprAlgo,
)
@@ -459,6 +463,72 @@ def del_ipv6list(request, ipv6list, **_kwargs):
)
+@login_required
+@can_create(SshFingerprint)
+@can_edit(Machine)
+def new_sshfingerprint(request, machine, **_kwargs):
+ """Nouvelle sshfingerprint"""
+ sshfingerprint_instance = SshFingerprint(machine=machine)
+ sshfingerprint = SshFingerprintForm(
+ request.POST or None,
+ instance=sshfingerprint_instance
+ )
+ if sshfingerprint.is_valid():
+ sshfingerprint.save()
+ messages.success(request, "Fingerprint ssh ajoutée")
+ return redirect(reverse(
+ 'machines:index-sshfingerprint',
+ kwargs={'machine': str(machine.id)}
+ ))
+ return form(
+ {'sshfingerprintform': sshfingerprint, 'action_name': 'Créer'},
+ 'machines/machine.html',
+ request
+ )
+
+
+@login_required
+@can_edit(SshFingerprint)
+def edit_sshfingerprint(request, sshfingerprint_instance, **_kwargs):
+ """Edition d'une sshfingerprint"""
+ sshfingerprint = SshFingerprintForm(
+ request.POST or None,
+ instance=sshfingerprint_instance
+ )
+ if sshfingerprint.is_valid():
+ if sshfingerprint.changed_data:
+ sshfingerprint.save()
+ messages.success(request, "Ipv6 modifiée")
+ return redirect(reverse(
+ 'machines:index-sshfingerprint',
+ kwargs={'machineid': str(sshfingerprint_instance.machine.id)}
+ ))
+ return form(
+ {'sshfingerprintform': sshfingerprint, 'action_name': 'Editer'},
+ 'machines/machine.html',
+ request
+ )
+
+
+@login_required
+@can_delete(SshFingerprint)
+def del_sshfingerprint(request, sshfingerprint, **_kwargs):
+ """ Supprime une sshfingerprint"""
+ if request.method == "POST":
+ machineid = sshfingerprint.machine.id
+ sshfingerprint.delete()
+ messages.success(request, "La sshfingerprint a été détruite")
+ return redirect(reverse(
+ 'machines:index-sshfingerprint',
+ kwargs={'machineid': str(machineid)}
+ ))
+ return form(
+ {'objet': sshfingerprint, 'objet_name': 'sshfingerprint'},
+ 'machines/delete.html',
+ request
+ )
+
+
@login_required
@can_create(IpType)
def add_iptype(request):
@@ -1387,7 +1457,31 @@ def index_alias(request, interface, interfaceid):
@login_required
-@can_edit(Interface)
+@can_edit(Machine)
+def index_sshfingerprint(request, machine, machineid):
+ """ View used to display the list of existing IPv6 of an interface """
+ sshfingerprint_list = SshFingerprint.objects.filter(machine=machine)
+ return render(
+ request,
+ 'machines/index_sshfingerprint.html',
+ {'sshfingerprint_list': sshfingerprint_list, 'machine_id': machineid}
+ )
+
+
+@login_required
+@can_view_all(SshFprAlgo)
+def index_sshfpralgo(request):
+ """ View used to display the list of existing sshfrpalgo"""
+ sshfpralgo_list = SshFprAlgo.objects.all()
+ return render(
+ request,
+ 'machines/index_sshfpralgo.html',
+ {'sshfpralgo_list': sshfpralgo_list}
+ )
+
+
+@login_required
+@can_view_all(Interface)
def index_ipv6(request, interface, interfaceid):
""" View used to display the list of existing IPv6 of an interface """
ipv6_list = Ipv6List.objects.filter(interface=interface)
diff --git a/re2o/templatetags/acl.py b/re2o/templatetags/acl.py
index d01836dd..9c6b6fc0 100644
--- a/re2o/templatetags/acl.py
+++ b/re2o/templatetags/acl.py
@@ -112,6 +112,8 @@ MODEL_NAME = {
'Role': machines.models.Role,
'OuverturePortList': machines.models.OuverturePortList,
'OuverturePort': machines.models.OuverturePort,
+ 'SshFingerprint': machines.models.SshFingerprint,
+ 'SshFprAlgo': machines.models.SshFprAlgo,
# preferences
'OptionalUser': preferences.models.OptionalUser,
'OptionalMachine': preferences.models.OptionalMachine,
diff --git a/re2o/views.py b/re2o/views.py
index ba524d25..71fd94fc 100644
--- a/re2o/views.py
+++ b/re2o/views.py
@@ -129,6 +129,8 @@ HISTORY_BIND = {
'vlan': machines.models.Vlan,
'nas': machines.models.Nas,
'ipv6list': machines.models.Ipv6List,
+ 'sshfingerprint': machines.models.SshFingerprint,
+ 'sshfpralgo': machines.models.SshFprAlgo,
},
}