diff --git a/machines/acl.py b/machines/acl.py index f77a93c7..1b74760c 100644 --- a/machines/acl.py +++ b/machines/acl.py @@ -26,6 +26,7 @@ Here are defined some functions to check acl on the application. """ + def can_view(user): """Check if an user can view the application. diff --git a/machines/admin.py b/machines/admin.py index 9a2d5133..76121bd5 100644 --- a/machines/admin.py +++ b/machines/admin.py @@ -104,7 +104,7 @@ class OuverturePortListAdmin(VersionAdmin): class InterfaceAdmin(VersionAdmin): - list_display = ('machine','type','mac_address','ipv4','details') + list_display = ('machine', 'type', 'mac_address', 'ipv4', 'details') class DomainAdmin(VersionAdmin): @@ -133,5 +133,3 @@ admin.site.register(Ipv6List, Ipv6ListAdmin) admin.site.register(Nas, NasAdmin) admin.site.register(OuverturePort, OuverturePortAdmin) admin.site.register(OuverturePortList, OuverturePortListAdmin) - - diff --git a/machines/forms.py b/machines/forms.py index 6ece03e8..8133f622 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -94,7 +94,8 @@ class EditInterfaceForm(FormRevMixin, FieldPermissionFormMixin, ModelForm): self.fields['type'].label = 'Type de machine' self.fields['type'].empty_label = "Séléctionner un type de machine" if "ipv4" in self.fields: - self.fields['ipv4'].empty_label = "Assignation automatique de l'ipv4" + self.fields['ipv4'].empty_label = ("Assignation automatique de " + "l'ipv4") self.fields['ipv4'].queryset = IpList.objects.filter( interface__isnull=True ) @@ -328,6 +329,7 @@ class MxForm(FormRevMixin, ModelForm): interface_parent=None ).select_related('extension') + class DelMxForm(FormRevMixin, Form): """Suppression d'un ou plusieurs MX""" mx = forms.ModelMultipleChoiceField( @@ -472,8 +474,10 @@ class ServiceForm(FormRevMixin, ModelForm): def __init__(self, *args, **kwargs): prefix = kwargs.pop('prefix', self.Meta.model.__name__) super(ServiceForm, self).__init__(*args, prefix=prefix, **kwargs) - self.fields['servers'].queryset = Interface.objects.all()\ - .select_related('domain__extension') + self.fields['servers'].queryset = (Interface.objects.all() + .select_related( + 'domain__extension' + )) def save(self, commit=True): instance = super(ServiceForm, self).save(commit=False) diff --git a/machines/models.py b/machines/models.py index 2b4eb4a2..361c7bc1 100644 --- a/machines/models.py +++ b/machines/models.py @@ -40,7 +40,7 @@ from django.core.validators import MaxValueValidator from macaddress.fields import MACAddressField from re2o.field_permissions import FieldPermissionModelMixin -from re2o.mixins import AclMixin, RevMixin +from re2o.mixins import AclMixin, RevMixin import users.models import preferences.models @@ -63,7 +63,8 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): class Meta: permissions = ( ("view_machine", "Peut voir un objet machine quelquonque"), - ("change_machine_user", "Peut changer le propriétaire d'une machine"), + ("change_machine_user", + "Peut changer le propriétaire d'une machine"), ) def get_instance(machineid, *args, **kwargs): @@ -76,7 +77,12 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): def linked_objects(self): """Return linked objects : machine and domain. Usefull in history display""" - return chain(self.interface_set.all(), Domain.objects.filter(interface_parent__in=self.interface_set.all())) + return chain( + self.interface_set.all(), + Domain.objects.filter( + interface_parent__in=self.interface_set.all() + ) + ) @staticmethod def can_change_user(user_request, *args, **kwargs): @@ -90,7 +96,8 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): A tuple with a boolean stating if edition is allowed and an explanation message. """ - return user_request.has_perm('machines.change_machine_user'), "Vous ne pouvez pas modifier l'utilisateur de la machine." + return (user_request.has_perm('machines.change_machine_user'), + "Vous ne pouvez pas modifier l'utilisateur de la machine.") def can_view_all(user_request, *args, **kwargs): """Vérifie qu'on peut bien afficher l'ensemble des machines, @@ -98,7 +105,8 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" if not user_request.has_perm('machines.view_machine'): - return False, u"Vous ne pouvez pas afficher l'ensemble des machines sans permission" + return False, (u"Vous ne pouvez pas afficher l'ensemble des " + "machines sans permission") return True, None def can_create(user_request, userid, *args, **kwargs): @@ -111,17 +119,21 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): user = users.models.User.objects.get(pk=userid) except users.models.User.DoesNotExist: return False, u"Utilisateur inexistant" - max_lambdauser_interfaces = preferences.models.OptionalMachine.get_cached_value('max_lambdauser_interfaces') + max_lambdauser_interfaces = (preferences.models.OptionalMachine + .get_cached_value( + 'max_lambdauser_interfaces' + )) if not user_request.has_perm('machines.add_machine'): - if not preferences.models.OptionalMachine.get_cached_value('create_machine'): + if not (preferences.models.OptionalMachine + .get_cached_value('create_machine')): return False, u"Vous ne pouvez pas ajouter une machine" if user != user_request: - return False, u"Vous ne pouvez pas ajouter une machine à un\ - autre user que vous sans droit" + return False, (u"Vous ne pouvez pas ajouter une machine à un " + "autre user que vous sans droit") if user.user_interfaces().count() >= max_lambdauser_interfaces: - return False, u"Vous avez atteint le maximum d'interfaces\ - autorisées que vous pouvez créer vous même (%s) "\ - % max_lambdauser_interfaces + return False, (u"Vous avez atteint le maximum d'interfaces " + "autorisées que vous pouvez créer vous même " + "(%s) " % max_lambdauser_interfaces) return True, None def can_edit(self, user_request, *args, **kwargs): @@ -131,9 +143,15 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): :param user_request: instance user qui fait l'edition :return: True ou False avec la raison le cas échéant""" if self.user != user_request: - if not user_request.has_perm('machines.change_interface') or not self.user.can_edit(self.user, user_request, *args, **kwargs)[0]: - return False, u"Vous ne pouvez pas éditer une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_interface') or + not self.user.can_edit( + self.user, + user_request, + *args, + **kwargs + )[0]): + return False, (u"Vous ne pouvez pas éditer une machine " + "d'un autre user que vous sans droit") return True, None def can_delete(self, user_request, *args, **kwargs): @@ -143,9 +161,15 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" if self.user != user_request: - if not user_request.has_perm('machines.change_interface') or not self.user.can_edit(self.user, user_request, *args, **kwargs)[0]: - return False, u"Vous ne pouvez pas éditer une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_interface') or + not self.user.can_edit( + self.user, + user_request, + *args, + **kwargs + )[0]): + return False, (u"Vous ne pouvez pas éditer une machine " + "d'un autre user que vous sans droit") return True, None def can_view(self, user_request, *args, **kwargs): @@ -154,15 +178,16 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): :param self: instance machine à éditer :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" - if not user_request.has_perm('machines.view_machine') and self.user != user_request: - return False, u"Vous n'avez pas droit de voir les machines autre\ - que les vôtres" + if (not user_request.has_perm('machines.view_machine') and + self.user != user_request): + return False, (u"Vous n'avez pas droit de voir les machines autre " + "que les vôtres") return True, None def __init__(self, *args, **kwargs): super(Machine, self).__init__(*args, **kwargs) self.field_permissions = { - 'user' : self.can_change_user, + 'user': self.can_change_user, } def __str__(self): @@ -184,7 +209,8 @@ class MachineType(RevMixin, AclMixin, models.Model): class Meta: permissions = ( ("view_machinetype", "Peut voir un objet machinetype"), - ("use_all_machinetype", "Peut utiliser n'importe quel type de machine"), + ("use_all_machinetype", + "Peut utiliser n'importe quel type de machine"), ) def all_interfaces(self): @@ -202,7 +228,8 @@ class MachineType(RevMixin, AclMixin, models.Model): message is acces is not allowed. """ if not user_request.has_perm('machines.use_all_machinetype'): - return False, u"Vous n'avez pas le droit d'utiliser tout types de machines" + return False, (u"Vous n'avez pas le droit d'utiliser tout types " + "de machines") return True, None def __str__(self): @@ -300,7 +327,11 @@ class IpType(RevMixin, AclMixin, models.Model): if not self.prefix_v6: return else: - for ipv6 in Ipv6List.objects.filter(interface__in=Interface.objects.filter(type__in=MachineType.objects.filter(ip_type=self))): + for ipv6 in Ipv6List.objects.filter( + interface__in=Interface.objects.filter( + type__in=MachineType.objects.filter(ip_type=self) + ) + ): ipv6.check_and_replace_prefix(prefix=self.prefix_v6) def clean(self): @@ -330,7 +361,8 @@ class IpType(RevMixin, AclMixin, models.Model): super(IpType, self).save(*args, **kwargs) def can_use_all(user_request, *args, **kwargs): - """Superdroit qui permet d'utiliser toutes les extensions sans restrictions + """Superdroit qui permet d'utiliser toutes les extensions sans + restrictions :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" return user_request.has_perm('machines.use_all_iptype'), None @@ -409,17 +441,17 @@ class SOA(RevMixin, AclMixin, models.Model): help_text='Email du contact pour la zone' ) refresh = models.PositiveIntegerField( - default=86400, # 24 hours + default=86400, # 24 hours help_text='Secondes avant que les DNS secondaires doivent demander le\ serial du DNS primaire pour détecter une modification' ) retry = models.PositiveIntegerField( - default=7200, # 2 hours + default=7200, # 2 hours help_text='Secondes avant que les DNS secondaires fassent une nouvelle\ demande de serial en cas de timeout du DNS primaire' ) expire = models.PositiveIntegerField( - default=3600000, # 1000 hours + default=3600000, # 1000 hours help_text='Secondes après lesquelles les DNS secondaires arrêtent de\ de répondre aux requêtes en cas de timeout du DNS primaire' ) @@ -469,8 +501,10 @@ class SOA(RevMixin, AclMixin, models.Model): extensions . /!\ Ne jamais supprimer ou renommer cette fonction car elle est utilisée dans les migrations de la BDD. """ - return cls.objects.get_or_create(name="SOA to edit", mail="postmaser@example.com")[0].pk - + return cls.objects.get_or_create( + name="SOA to edit", + mail="postmaser@example.com" + )[0].pk class Extension(RevMixin, AclMixin, models.Model): @@ -522,7 +556,8 @@ class Extension(RevMixin, AclMixin, models.Model): return entry def can_use_all(user_request, *args, **kwargs): - """Superdroit qui permet d'utiliser toutes les extensions sans restrictions + """Superdroit qui permet d'utiliser toutes les extensions sans + restrictions :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" return user_request.has_perm('machines.use_all_extension'), None @@ -555,7 +590,10 @@ class Mx(RevMixin, AclMixin, models.Model): def dns_entry(self): """Renvoie l'entrée DNS complète pour un MX à mettre dans les fichiers de zones""" - return "@ IN MX " + str(self.priority).ljust(3) + " " + str(self.name) + return "@ IN MX {prior} {name}".format( + prior=str(self.priority).ljust(3), + name=str(name) + ) def __str__(self): return str(self.zone) + ' ' + str(self.priority) + ' ' + str(self.name) @@ -611,7 +649,7 @@ class Srv(RevMixin, AclMixin, models.Model): TCP = 'TCP' UDP = 'UDP' - service = models.CharField(max_length=31) + service = models.CharField(max_length=31) protocole = models.CharField( max_length=3, choices=( @@ -628,9 +666,9 @@ class Srv(RevMixin, AclMixin, models.Model): priority = models.PositiveIntegerField( default=0, validators=[MaxValueValidator(65535)], - help_text="La priorité du serveur cible (valeur entière non négative,\ - plus elle est faible, plus ce serveur sera utilisé s'il est disponible)" - + help_text=("La priorité du serveur cible (valeur entière non " + "négative, plus elle est faible, plus ce serveur sera " + "utilisé s'il est disponible)") ) weight = models.PositiveIntegerField( default=0, @@ -667,7 +705,7 @@ class Srv(RevMixin, AclMixin, models.Model): str(self.port) + ' ' + str(self.target) + '.' -class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): +class Interface(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): """ Une interface. Objet clef de l'application machine : - une address mac unique. Possibilité de la rendre unique avec le typemachine @@ -692,7 +730,8 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): class Meta: permissions = ( ("view_interface", "Peut voir un objet interface"), - ("change_interface_machine", "Peut changer le propriétaire d'une interface"), + ("change_interface_machine", + "Peut changer le propriétaire d'une interface"), ) @cached_property @@ -719,7 +758,10 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): prefix_v6 = self.type.ip_type.prefix_v6 if not prefix_v6: return None - return IPv6Address(IPv6Address(prefix_v6).exploded[:20] + IPv6Address(self.id).exploded[20:]) + return IPv6Address( + IPv6Address(prefix_v6).exploded[:20] + + IPv6Address(self.id).exploded[20:] + ) def sync_ipv6_dhcpv6(self): """Affecte une ipv6 dhcpv6 calculée à partir de l'id de la machine""" @@ -741,7 +783,9 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): ipv6_slaac = self.ipv6_slaac if not ipv6_slaac: return - ipv6_object = Ipv6List.objects.filter(interface=self, slaac_ip=True).first() + ipv6_object = (Ipv6List.objects + .filter(interface=self, slaac_ip=True) + .first()) if not ipv6_object: ipv6_object = Ipv6List(interface=self, slaac_ip=True) if ipv6_object.ipv6 != str(ipv6_slaac): @@ -750,19 +794,24 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): def sync_ipv6(self): """Cree et met à jour l'ensemble des ipv6 en fonction du mode choisi""" - if preferences.models.OptionalMachine.get_cached_value('ipv6_mode') == 'SLAAC': + if (preferences.models.OptionalMachine + .get_cached_value('ipv6_mode') == 'SLAAC'): self.sync_ipv6_slaac() - elif preferences.models.OptionalMachine.get_cached_value('ipv6_mode') == 'DHCPV6': + elif (preferences.models.OptionalMachine + .get_cached_value('ipv6_mode') == 'DHCPV6'): self.sync_ipv6_dhcpv6() else: return def ipv6(self): """ Renvoie le queryset de la liste des ipv6 - On renvoie l'ipv6 slaac que si le mode slaac est activé (et non dhcpv6)""" - if preferences.models.OptionalMachine.get_cached_value('ipv6_mode') == 'SLAAC': + On renvoie l'ipv6 slaac que si le mode slaac est activé + (et non dhcpv6)""" + if (preferences.models.OptionalMachine + .get_cached_value('ipv6_mode') == 'SLAAC'): return self.ipv6list.all() - elif preferences.models.OptionalMachine.get_cached_value('ipv6_mode') == 'DHCPV6': + elif (preferences.models.OptionalMachine + .get_cached_value('ipv6_mode') == 'DHCPV6'): return self.ipv6list.filter(slaac_ip=False) else: return None @@ -789,7 +838,7 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): # instance. # But in our case, it's impossible to create a type value so we raise # the error. - if not hasattr(self, 'type') : + if not hasattr(self, 'type'): raise ValidationError("Le type d'ip choisi n'est pas valide") self.filter_macaddress() self.mac_address = str(EUI(self.mac_address)) or None @@ -836,13 +885,18 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): except Machine.DoesNotExist: return False, u"Machine inexistante" if not user_request.has_perm('machines.add_interface'): - if not preferences.models.OptionalMachine.get_cached_value('create_machine'): + if not (preferences.models.OptionalMachine + .get_cached_value('create_machine')): return False, u"Vous ne pouvez pas ajouter une machine" - max_lambdauser_interfaces = preferences.models.OptionalMachine.get_cached_value('max_lambdauser_interfaces') + max_lambdauser_interfaces = (preferences.models.OptionalMachine + .get_cached_value( + 'max_lambdauser_interfaces' + )) if machine.user != user_request: return False, u"Vous ne pouvez pas ajouter une interface à une\ machine d'un autre user que vous sans droit" - if machine.user.user_interfaces().count() >= max_lambdauser_interfaces: + if (machine.user.user_interfaces().count() >= + max_lambdauser_interfaces): return False, u"Vous avez atteint le maximum d'interfaces\ autorisées que vous pouvez créer vous même (%s) "\ % max_lambdauser_interfaces @@ -850,7 +904,8 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): @staticmethod def can_change_machine(user_request, *args, **kwargs): - return user_request.has_perm('machines.change_interface_machine'), "Droit requis pour changer la machine" + return (user_request.has_perm('machines.change_interface_machine'), + "Droit requis pour changer la machine") def can_edit(self, user_request, *args, **kwargs): """Verifie que l'user a les bons droits infra pour editer @@ -859,9 +914,14 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" if self.machine.user != user_request: - if not user_request.has_perm('machines.change_interface') or not self.machine.user.can_edit(user_request, *args, **kwargs)[0]: - return False, u"Vous ne pouvez pas éditer une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_interface') or + not self.machine.user.can_edit( + user_request, + *args, + **kwargs + )[0]): + return False, (u"Vous ne pouvez pas éditer une machine " + "d'un autre user que vous sans droit") return True, None def can_delete(self, user_request, *args, **kwargs): @@ -871,9 +931,14 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" if self.machine.user != user_request: - if not user_request.has_perm('machines.change_interface') or not self.machine.user.can_edit(user_request, *args, **kwargs)[0]: - return False, u"Vous ne pouvez pas éditer une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_interface') or + not self.machine.user.can_edit( + user_request, + *args, + **kwargs + )[0]): + return False, (u"Vous ne pouvez pas éditer une machine " + "d'un autre user que vous sans droit") return True, None def can_view(self, user_request, *args, **kwargs): @@ -882,15 +947,16 @@ class Interface(RevMixin, AclMixin, FieldPermissionModelMixin,models.Model): :param self: instance interface à voir :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" - if not user_request.has_perm('machines.view_interface') and self.machine.user != user_request: - return False, u"Vous n'avez pas le droit de voir des machines autre\ - que les vôtres" + if (not user_request.has_perm('machines.view_interface') and + self.machine.user != user_request): + return False, (u"Vous n'avez pas le droit de voir des machines " + "autre que les vôtres") return True, None def __init__(self, *args, **kwargs): super(Interface, self).__init__(*args, **kwargs) self.field_permissions = { - 'machine' : self.can_change_machine, + 'machine': self.can_change_machine, } def __str__(self): @@ -921,13 +987,18 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): protocol='IPv6', unique=True ) - interface = models.ForeignKey('Interface', on_delete=models.CASCADE, related_name='ipv6list') + interface = models.ForeignKey( + 'Interface', + on_delete=models.CASCADE, + related_name='ipv6list' + ) slaac_ip = models.BooleanField(default=False) class Meta: permissions = ( ("view_ipv6list", "Peut voir un objet ipv6"), - ("change_ipv6list_slaac_ip", "Peut changer la valeur slaac sur une ipv6"), + ("change_ipv6list_slaac_ip", + "Peut changer la valeur slaac sur une ipv6"), ) def can_create(user_request, interfaceid, *args, **kwargs): @@ -948,7 +1019,8 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): @staticmethod def can_change_slaac_ip(user_request, *args, **kwargs): - return user_request.has_perm('machines.change_ipv6list_slaac_ip'), "Droit requis pour changer la valeur slaac ip" + return (user_request.has_perm('machines.change_ipv6list_slaac_ip'), + "Droit requis pour changer la valeur slaac ip") def can_edit(self, user_request, *args, **kwargs): """Verifie que l'user a les bons droits infra pour editer @@ -957,9 +1029,14 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" if self.interface.machine.user != user_request: - if not user_request.has_perm('machines.change_ipv6list') or not self.interface.machine.user.can_edit(user_request, *args, **kwargs)[0]: - return False, u"Vous ne pouvez pas éditer une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_ipv6list') or + not self.interface.machine.user.can_edit( + user_request, + *args, + **kwargs + )[0]): + return False, (u"Vous ne pouvez pas éditer une machine " + "d'un autre user que vous sans droit") return True, None def can_delete(self, user_request, *args, **kwargs): @@ -969,9 +1046,14 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" if self.interface.machine.user != user_request: - if not user_request.has_perm('machines.change_ipv6list') or not self.interface.machine.user.can_edit(user_request, *args, **kwargs)[0]: - return False, u"Vous ne pouvez pas éditer une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_ipv6list') or + not self.interface.machine.user.can_edit( + user_request, + *args, + **kwargs + )[0]): + return False, (u"Vous ne pouvez pas éditer une machine " + "d'un autre user que vous sans droit") return True, None def can_view(self, user_request, *args, **kwargs): @@ -980,15 +1062,16 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): :param self: instance interface à voir :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" - if not user_request.has_perm('machines.view_ipv6list') and self.interface.machine.user != user_request: - return False, u"Vous n'avez pas le droit de voir des machines autre\ - que les vôtres" + if (not user_request.has_perm('machines.view_ipv6list') and + self.interface.machine.user != user_request): + return False, (u"Vous n'avez pas le droit de voir des machines " + "autre que les vôtres") return True, None def __init__(self, *args, **kwargs): super(Ipv6List, self).__init__(*args, **kwargs) self.field_permissions = { - 'slaac_ip' : self.can_change_slaac_ip, + 'slaac_ip': self.can_change_slaac_ip, } def check_and_replace_prefix(self, prefix=None): @@ -996,17 +1079,27 @@ class Ipv6List(RevMixin, AclMixin, FieldPermissionModelMixin, models.Model): prefix_v6 = prefix or self.interface.type.ip_type.prefix_v6 if not prefix_v6: return - if IPv6Address(self.ipv6).exploded[:20] != IPv6Address(prefix_v6).exploded[:20]: - self.ipv6 = IPv6Address(IPv6Address(prefix_v6).exploded[:20] + IPv6Address(self.ipv6).exploded[20:]) + if (IPv6Address(self.ipv6).exploded[:20] != + IPv6Address(prefix_v6).exploded[:20]): + self.ipv6 = IPv6Address( + IPv6Address(prefix_v6).exploded[:20] + + IPv6Address(self.ipv6).exploded[20:] + ) self.save() def clean(self, *args, **kwargs): - if self.slaac_ip and Ipv6List.objects.filter(interface=self.interface, slaac_ip=True).exclude(id=self.id): + if self.slaac_ip and (Ipv6List.objects + .filter(interface=self.interface, slaac_ip=True) + .exclude(id=self.id)): raise ValidationError("Une ip slaac est déjà enregistrée") prefix_v6 = self.interface.type.ip_type.prefix_v6 if prefix_v6: - if IPv6Address(self.ipv6).exploded[:20] != IPv6Address(prefix_v6).exploded[:20]: - raise ValidationError("Le prefixv6 est incorrect et ne correspond pas au type associé à la machine") + if (IPv6Address(self.ipv6).exploded[:20] != + IPv6Address(prefix_v6).exploded[:20]): + raise ValidationError( + "Le prefixv6 est incorrect et ne correspond pas au type " + "associé à la machine" + ) super(Ipv6List, self).clean(*args, **kwargs) def save(self, *args, **kwargs): @@ -1089,7 +1182,10 @@ class Domain(RevMixin, AclMixin, models.Model): def dns_entry(self): """ Une entrée DNS""" if self.cname: - return str(self.name).ljust(15) + " IN CNAME " + str(self.cname) + "." + return "{name} IN CNAME {cname}.".format( + name=str(self.name).ljust(15), + cname=str(self.cname) + ) def save(self, *args, **kwargs): """ Empèche le save sans extension valide. @@ -1122,18 +1218,22 @@ class Domain(RevMixin, AclMixin, models.Model): except Interface.DoesNotExist: return False, u"Interface inexistante" if not user_request.has_perm('machines.add_domain'): - max_lambdauser_aliases = preferences.models.OptionalMachine.get_cached_value('max_lambdauser_aliases') + max_lambdauser_aliases = (preferences.models.OptionalMachine + .get_cached_value( + 'max_lambdauser_aliases' + )) if interface.machine.user != user_request: - return False, u"Vous ne pouvez pas ajouter un alias à une\ - machine d'un autre user que vous sans droit" + return False, (u"Vous ne pouvez pas ajouter un alias à une " + "machine d'un autre user que vous sans droit") if Domain.objects.filter( - cname__in=Domain.objects.filter( - interface_parent__in=interface.machine.user.user_interfaces() - ) - ).count() >= max_lambdauser_aliases: - return False, u"Vous avez atteint le maximum d'alias\ - autorisés que vous pouvez créer vous même (%s) "\ - % max_lambdauser_aliases + cname__in=Domain.objects.filter( + interface_parent__in=(interface.machine.user + .user_interfaces()) + ) + ).count() >= max_lambdauser_aliases: + return False, (u"Vous avez atteint le maximum d'alias " + "autorisés que vous pouvez créer vous même " + "(%s) " % max_lambdauser_aliases) return True, None def can_edit(self, user_request, *args, **kwargs): @@ -1142,10 +1242,10 @@ class Domain(RevMixin, AclMixin, models.Model): :param self: Instance domain à editer :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" - if not user_request.has_perm('machines.change_domain') and\ - self.get_source_interface.machine.user != user_request: - return False, u"Vous ne pouvez pas editer un alias à une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.change_domain') and + self.get_source_interface.machine.user != user_request): + return False, (u"Vous ne pouvez pas editer un alias à une machine " + "d'un autre user que vous sans droit") return True, None def can_delete(self, user_request, *args, **kwargs): @@ -1154,10 +1254,10 @@ class Domain(RevMixin, AclMixin, models.Model): :param self: Instance domain à del :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" - if not user_request.has_perm('machines.delete_domain') and\ - self.get_source_interface.machine.user != user_request: - return False, u"Vous ne pouvez pas supprimer un alias à une machine\ - d'un autre user que vous sans droit" + if (not user_request.has_perm('machines.delete_domain') and + self.get_source_interface.machine.user != user_request): + return False, (u"Vous ne pouvez pas supprimer un alias à une " + "machine d'un autre user que vous sans droit") return True, None def can_view(self, user_request, *args, **kwargs): @@ -1166,10 +1266,10 @@ class Domain(RevMixin, AclMixin, models.Model): :param self: instance domain à voir :param user_request: instance user qui fait l'edition :return: True ou False avec la raison de l'échec le cas échéant""" - if not user_request.has_perm('machines.view_domain') and\ - self.get_source_interface.machine.user != user_request: - return False, u"Vous n'avez pas le droit de voir des machines autre\ - que les vôtres" + if (not user_request.has_perm('machines.view_domain') and + self.get_source_interface.machine.user != user_request): + return False, (u"Vous n'avez pas le droit de voir des machines " + "autre que les vôtres") return True, None def __str__(self): @@ -1238,8 +1338,8 @@ class Service(RevMixin, AclMixin, models.Model): """ Django ne peut créer lui meme les relations manytomany avec table intermediaire explicite""" for serv in servers.exclude( - pk__in=Interface.objects.filter(service=self) - ): + pk__in=Interface.objects.filter(service=self) + ): link = Service_link(service=self, server=serv) link.save() Service_link.objects.filter(service=self).exclude(server__in=servers)\ @@ -1314,8 +1414,8 @@ class OuverturePortList(RevMixin, AclMixin, models.Model): :param user_request: Utilisateur qui fait la requête :return: soit True, soit False avec la raison de l'échec""" if not user_request.has_perm('machines.delete_ouvertureportlist'): - return False, u"Vous n'avez pas le droit de supprimer une ouverture\ - de port" + return False, (u"Vous n'avez pas le droit de supprimer une " + "ouverture de port") if self.interface_set.all(): return False, u"Cette liste de ports est utilisée" return True, None @@ -1542,4 +1642,3 @@ def srv_post_save(sender, **kwargs): def srv_post_delete(sender, **kwargs): """Regeneration dns après modification d'un SRV""" regen('dns') - diff --git a/machines/serializers.py b/machines/serializers.py index 42ca679d..cdd6b705 100644 --- a/machines/serializers.py +++ b/machines/serializers.py @@ -21,7 +21,7 @@ # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -#Augustin Lemesle +# Augustin Lemesle from rest_framework import serializers from machines.models import ( @@ -181,7 +181,7 @@ class ExtensionSerializer(serializers.ModelSerializer): return str(obj.dns_entry) def get_soa_data(self, obj): - return { 'mail': obj.soa.dns_soa_mail, 'param': obj.soa.dns_soa_param } + return {'mail': obj.soa.dns_soa_mail, 'param': obj.soa.dns_soa_param} class MxSerializer(serializers.ModelSerializer): @@ -316,23 +316,23 @@ class OuverturePortsSerializer(serializers.Serializer): ipv6 = serializers.SerializerMethodField() def get_ipv4(): - return {i.ipv4.ipv4: - { - "tcp_in":[j.tcp_ports_in() for j in i.port_lists.all()], - "tcp_out":[j.tcp_ports_out()for j in i.port_lists.all()], - "udp_in":[j.udp_ports_in() for j in i.port_lists.all()], - "udp_out":[j.udp_ports_out() for j in i.port_lists.all()], + return { + i.ipv4.ipv4: { + "tcp_in": [j.tcp_ports_in() for j in i.port_lists.all()], + "tcp_out": [j.tcp_ports_out()for j in i.port_lists.all()], + "udp_in": [j.udp_ports_in() for j in i.port_lists.all()], + "udp_out": [j.udp_ports_out() for j in i.port_lists.all()], } - for i in Interface.objects.all() if i.ipv4 + for i in Interface.objects.all() if i.ipv4 } def get_ipv6(): - return {i.ipv6: - { - "tcp_in":[j.tcp_ports_in() for j in i.port_lists.all()], - "tcp_out":[j.tcp_ports_out()for j in i.port_lists.all()], - "udp_in":[j.udp_ports_in() for j in i.port_lists.all()], - "udp_out":[j.udp_ports_out() for j in i.port_lists.all()], + return { + i.ipv6: { + "tcp_in": [j.tcp_ports_in() for j in i.port_lists.all()], + "tcp_out": [j.tcp_ports_out()for j in i.port_lists.all()], + "udp_in": [j.udp_ports_in() for j in i.port_lists.all()], + "udp_out": [j.udp_ports_out() for j in i.port_lists.all()], } - for i in Interface.objects.all() if i.ipv6 + for i in Interface.objects.all() if i.ipv6 } diff --git a/machines/urls.py b/machines/urls.py index e3454097..c9afd56c 100644 --- a/machines/urls.py +++ b/machines/urls.py @@ -28,21 +28,39 @@ import re2o from . import views urlpatterns = [ - url(r'^new_machine/(?P[0-9]+)$', views.new_machine, name='new-machine'), - url(r'^edit_interface/(?P[0-9]+)$', views.edit_interface, name='edit-interface'), - url(r'^del_machine/(?P[0-9]+)$', views.del_machine, name='del-machine'), - url(r'^new_interface/(?P[0-9]+)$', views.new_interface, name='new-interface'), - url(r'^del_interface/(?P[0-9]+)$', views.del_interface, name='del-interface'), + url(r'^new_machine/(?P[0-9]+)$', + views.new_machine, + name='new-machine'), + url(r'^edit_interface/(?P[0-9]+)$', + views.edit_interface, + name='edit-interface'), + url(r'^del_machine/(?P[0-9]+)$', + views.del_machine, + name='del-machine'), + url(r'^new_interface/(?P[0-9]+)$', + views.new_interface, + name='new-interface'), + url(r'^del_interface/(?P[0-9]+)$', + views.del_interface, + name='del-interface'), url(r'^add_machinetype/$', views.add_machinetype, name='add-machinetype'), - url(r'^edit_machinetype/(?P[0-9]+)$', views.edit_machinetype, name='edit-machinetype'), + url(r'^edit_machinetype/(?P[0-9]+)$', + views.edit_machinetype, + name='edit-machinetype'), url(r'^del_machinetype/$', views.del_machinetype, name='del-machinetype'), - url(r'^index_machinetype/$', views.index_machinetype, name='index-machinetype'), + url(r'^index_machinetype/$', + views.index_machinetype, + name='index-machinetype'), url(r'^add_iptype/$', views.add_iptype, name='add-iptype'), - url(r'^edit_iptype/(?P[0-9]+)$', views.edit_iptype, name='edit-iptype'), + url(r'^edit_iptype/(?P[0-9]+)$', + views.edit_iptype, + name='edit-iptype'), url(r'^del_iptype/$', views.del_iptype, name='del-iptype'), url(r'^index_iptype/$', views.index_iptype, name='index-iptype'), url(r'^add_extension/$', views.add_extension, name='add-extension'), - url(r'^edit_extension/(?P[0-9]+)$', views.edit_extension, name='edit-extension'), + url(r'^edit_extension/(?P[0-9]+)$', + views.edit_extension, + name='edit-extension'), url(r'^del_extension/$', views.del_extension, name='del-extension'), url(r'^add_soa/$', views.add_soa, name='add-soa'), url(r'^edit_soa/(?P[0-9]+)$', views.edit_soa, name='edit-soa'), @@ -60,16 +78,34 @@ urlpatterns = [ url(r'^edit_srv/(?P[0-9]+)$', views.edit_srv, name='edit-srv'), url(r'^del_srv/$', views.del_srv, name='del-srv'), url(r'^index_extension/$', views.index_extension, name='index-extension'), - url(r'^add_alias/(?P[0-9]+)$', views.add_alias, name='add-alias'), - url(r'^edit_alias/(?P[0-9]+)$', views.edit_alias, name='edit-alias'), - url(r'^del_alias/(?P[0-9]+)$', views.del_alias, name='del-alias'), - url(r'^index_alias/(?P[0-9]+)$', views.index_alias, name='index-alias'), - url(r'^new_ipv6list/(?P[0-9]+)$', views.new_ipv6list, name='new-ipv6list'), - url(r'^edit_ipv6list/(?P[0-9]+)$', views.edit_ipv6list, name='edit-ipv6list'), - url(r'^del_ipv6list/(?P[0-9]+)$', views.del_ipv6list, name='del-ipv6list'), - url(r'^index_ipv6/(?P[0-9]+)$', views.index_ipv6, name='index-ipv6'), + url(r'^add_alias/(?P[0-9]+)$', + views.add_alias, + name='add-alias'), + url(r'^edit_alias/(?P[0-9]+)$', + views.edit_alias, + name='edit-alias'), + url(r'^del_alias/(?P[0-9]+)$', + views.del_alias, + name='del-alias'), + url(r'^index_alias/(?P[0-9]+)$', + views.index_alias, + name='index-alias'), + url(r'^new_ipv6list/(?P[0-9]+)$', + views.new_ipv6list, + name='new-ipv6list'), + url(r'^edit_ipv6list/(?P[0-9]+)$', + views.edit_ipv6list, + name='edit-ipv6list'), + url(r'^del_ipv6list/(?P[0-9]+)$', + views.del_ipv6list, + name='del-ipv6list'), + url(r'^index_ipv6/(?P[0-9]+)$', + views.index_ipv6, + name='index-ipv6'), url(r'^add_service/$', views.add_service, name='add-service'), - url(r'^edit_service/(?P[0-9]+)$', views.edit_service, name='edit-service'), + url(r'^edit_service/(?P[0-9]+)$', + views.edit_service, + name='edit-service'), url(r'^del_service/$', views.del_service, name='del-service'), url(r'^index_service/$', views.index_service, name='index-service'), url(r'^add_vlan/$', views.add_vlan, name='add-vlan'), @@ -80,15 +116,15 @@ urlpatterns = [ url(r'^edit_nas/(?P[0-9]+)$', views.edit_nas, name='edit-nas'), url(r'^del_nas/$', views.del_nas, name='del-nas'), url(r'^index_nas/$', views.index_nas, name='index-nas'), - url( - r'history/(?P\w+)/(?P[0-9]+)$', + url(r'history/(?P\w+)/(?P[0-9]+)$', re2o.views.history, name='history', - kwargs={'application':'machines'}, - ), + kwargs={'application': 'machines'}), url(r'^$', views.index, name='index'), url(r'^rest/mac-ip/$', views.mac_ip, name='mac-ip'), - url(r'^rest/regen-achieved/$', views.regen_achieved, name='regen-achieved'), + url(r'^rest/regen-achieved/$', + views.regen_achieved, + name='regen-achieved'), url(r'^rest/mac-ip-dns/$', views.mac_ip_dns, name='mac-ip-dns'), url(r'^rest/alias/$', views.alias, name='alias'), url(r'^rest/corresp/$', views.corresp, name='corresp'), @@ -97,12 +133,21 @@ urlpatterns = [ url(r'^rest/txt/$', views.txt, name='txt'), url(r'^rest/srv/$', views.srv, name='srv'), url(r'^rest/zones/$', views.zones, name='zones'), - url(r'^rest/service_servers/$', views.service_servers, name='service-servers'), - url(r'^rest/ouverture_ports/$', views.ouverture_ports, name='ouverture-ports'), + url(r'^rest/service_servers/$', + views.service_servers, + name='service-servers'), + url(r'^rest/ouverture_ports/$', + views.ouverture_ports, + name='ouverture-ports'), url(r'index_portlist/$', views.index_portlist, name='index-portlist'), - url(r'^edit_portlist/(?P[0-9]+)$', views.edit_portlist, name='edit-portlist'), - url(r'^del_portlist/(?P[0-9]+)$', views.del_portlist, name='del-portlist'), + url(r'^edit_portlist/(?P[0-9]+)$', + views.edit_portlist, + name='edit-portlist'), + url(r'^del_portlist/(?P[0-9]+)$', + views.del_portlist, + name='del-portlist'), url(r'^add_portlist/$', views.add_portlist, name='add-portlist'), - url(r'^port_config/(?P[0-9]+)$', views.configure_ports, name='port-config'), - - ] + url(r'^port_config/(?P[0-9]+)$', + views.configure_ports, + name='port-config'), +] diff --git a/machines/views.py b/machines/views.py index ee23504d..3ea0cd11 100644 --- a/machines/views.py +++ b/machines/views.py @@ -42,7 +42,8 @@ from django.contrib.auth import authenticate, login from django.views.decorators.csrf import csrf_exempt from rest_framework.renderers import JSONRenderer -from machines.serializers import ( FullInterfaceSerializer, +from machines.serializers import ( + FullInterfaceSerializer, InterfaceSerializer, TypeSerializer, DomainSerializer, @@ -134,13 +135,15 @@ from re2o.acl import ( ) from re2o.views import form -def f_type_id( is_type_tt ): + +def f_type_id(is_type_tt): """ The id that will be used in HTML to store the value of the field type. Depends on the fact that type is generate using typeahead or not """ return 'id_Interface-type_hidden' if is_type_tt else 'id_Interface-type' -def generate_ipv4_choices( form ) : + +def generate_ipv4_choices(form): """ Generate the parameter choices for the massive_bootstrap_form tag """ f_ipv4 = form.fields['ipv4'] @@ -148,27 +151,29 @@ def generate_ipv4_choices( form ) : choices = '{"":[{key:"",value:"Choisissez d\'abord un type de machine"},' mtype_id = -1 - for ip in f_ipv4.queryset.annotate(mtype_id=F('ip_type__machinetype__id'))\ - .order_by('mtype_id', 'id') : - if mtype_id != ip.mtype_id : + for ip in (f_ipv4.queryset + .annotate(mtype_id=F('ip_type__machinetype__id')) + .order_by('mtype_id', 'id')): + if mtype_id != ip.mtype_id: mtype_id = ip.mtype_id used_mtype_id.append(mtype_id) choices += '],"{t}":[{{key:"",value:"{v}"}},'.format( - t = mtype_id, - v = f_ipv4.empty_label or '""' + t=mtype_id, + v=f_ipv4.empty_label or '""' ) choices += '{{key:{k},value:"{v}"}},'.format( - k = ip.id, - v = ip.ipv4 + k=ip.id, + v=ip.ipv4 ) - for t in form.fields['type'].queryset.exclude(id__in=used_mtype_id) : + for t in form.fields['type'].queryset.exclude(id__in=used_mtype_id): choices += '], "'+str(t.id)+'": [' choices += '{key: "", value: "' + str(f_ipv4.empty_label) + '"},' choices += ']}' return choices -def generate_ipv4_engine( is_type_tt ) : + +def generate_ipv4_engine(is_type_tt): """ Generate the parameter engine for the massive_bootstrap_form tag """ return ( @@ -179,10 +184,11 @@ def generate_ipv4_engine( is_type_tt ) : 'identify: function( obj ) {{ return obj.key; }}' '}} )' ).format( - type_id = f_type_id( is_type_tt ) + type_id=f_type_id(is_type_tt) ) -def generate_ipv4_match_func( is_type_tt ) : + +def generate_ipv4_match_func(is_type_tt): """ Generate the parameter match_func for the massive_bootstrap_form tag """ return ( @@ -196,17 +202,18 @@ def generate_ipv4_match_func( is_type_tt ) : '}}' '}}' ).format( - type_id = f_type_id( is_type_tt ) + type_id=f_type_id(is_type_tt) ) -def generate_ipv4_mbf_param( form, is_type_tt ): + +def generate_ipv4_mbf_param(form, is_type_tt): """ Generate all the parameters to use with the massive_bootstrap_form tag """ - i_choices = { 'ipv4': generate_ipv4_choices( form ) } - i_engine = { 'ipv4': generate_ipv4_engine( is_type_tt ) } - i_match_func = { 'ipv4': generate_ipv4_match_func( is_type_tt ) } - i_update_on = { 'ipv4': [f_type_id( is_type_tt )] } - i_gen_select = { 'ipv4': False } + i_choices = {'ipv4': generate_ipv4_choices(form)} + i_engine = {'ipv4': generate_ipv4_engine(is_type_tt)} + i_match_func = {'ipv4': generate_ipv4_match_func(is_type_tt)} + i_update_on = {'ipv4': [f_type_id(is_type_tt)]} + i_gen_select = {'ipv4': False} i_mbf_param = { 'choices': i_choices, 'engine': i_engine, @@ -216,6 +223,7 @@ def generate_ipv4_mbf_param( form, is_type_tt ): } return i_mbf_param + @login_required @can_create(Machine) @can_edit(User) @@ -245,7 +253,7 @@ def new_machine(request, user, userid): messages.success(request, "La machine a été créée") return redirect(reverse( 'users:profil', - kwargs={'userid':str(user.id)} + kwargs={'userid': str(user.id)} )) i_mbf_param = generate_ipv4_mbf_param(interface, False) return form( @@ -254,26 +262,37 @@ def new_machine(request, user, userid): 'interfaceform': interface, 'domainform': domain, 'i_mbf_param': i_mbf_param, - 'action_name' : 'Créer une machine' + 'action_name': 'Créer une machine' }, 'machines/machine.html', request ) + @login_required @can_edit(Interface) def edit_interface(request, interface_instance, interfaceid): - """ Edition d'une interface. Distingue suivant les droits les valeurs de interfaces et machines que l'user peut modifier - infra permet de modifier le propriétaire""" + """ Edition d'une interface. Distingue suivant les droits les valeurs + de interfaces et machines que l'user peut modifier infra permet de + modifier le propriétaire""" machine_form = EditMachineForm( request.POST or None, instance=interface_instance.machine, user=request.user ) - interface_form = EditInterfaceForm(request.POST or None, instance=interface_instance, user=request.user) - domain_form = DomainForm(request.POST or None, instance=interface_instance.domain) - if machine_form.is_valid() and interface_form.is_valid() and domain_form.is_valid(): + interface_form = EditInterfaceForm( + request.POST or None, + instance=interface_instance, + user=request.user + ) + domain_form = DomainForm( + request.POST or None, + instance=interface_instance.domain + ) + if (machine_form.is_valid() and + interface_form.is_valid() and + domain_form.is_valid()): new_machine = machine_form.save(commit=False) new_interface = interface_form.save(commit=False) new_domain = domain_form.save(commit=False) @@ -286,16 +305,21 @@ def edit_interface(request, interface_instance, interfaceid): messages.success(request, "La machine a été modifiée") return redirect(reverse( 'users:profil', - kwargs={'userid':str(interface_instance.machine.user.id)} - )) - i_mbf_param = generate_ipv4_mbf_param( interface_form, False ) - return form({ - 'machineform': machine_form, - 'interfaceform': interface_form, - 'domainform': domain_form, - 'i_mbf_param': i_mbf_param, - 'action_name' : 'Editer une interface' - }, 'machines/machine.html', request) + kwargs={'userid': str(interface_instance.machine.user.id)} + )) + i_mbf_param = generate_ipv4_mbf_param(interface_form, False) + return form( + { + 'machineform': machine_form, + 'interfaceform': interface_form, + 'domainform': domain_form, + 'i_mbf_param': i_mbf_param, + 'action_name': 'Editer une interface' + }, + 'machines/machine.html', + request + ) + @login_required @can_delete(Machine) @@ -306,9 +330,14 @@ def del_machine(request, machine, machineid): messages.success(request, "La machine a été détruite") return redirect(reverse( 'users:profil', - kwargs={'userid':str(machine.user.id)} - )) - return form({'objet': machine, 'objet_name': 'machine'}, 'machines/delete.html', request) + kwargs={'userid': str(machine.user.id)} + )) + return form( + {'objet': machine, 'objet_name': 'machine'}, + 'machines/delete.html', + request + ) + @login_required @can_create(Interface) @@ -330,15 +359,20 @@ def new_interface(request, machine, machineid): messages.success(request, "L'interface a été ajoutée") return redirect(reverse( 'users:profil', - kwargs={'userid':str(machine.user.id)} - )) - i_mbf_param = generate_ipv4_mbf_param( interface_form, False ) - return form({ - 'interfaceform': interface_form, - 'domainform': domain_form, - 'i_mbf_param': i_mbf_param, - 'action_name' : 'Créer une interface' - }, 'machines/machine.html', request) + kwargs={'userid': str(machine.user.id)} + )) + i_mbf_param = generate_ipv4_mbf_param(interface_form, False) + return form( + { + 'interfaceform': interface_form, + 'domainform': domain_form, + 'i_mbf_param': i_mbf_param, + 'action_name': 'Créer une interface' + }, + 'machines/machine.html', + request + ) + @login_required @can_delete(Interface) @@ -352,9 +386,14 @@ def del_interface(request, interface, interfaceid): messages.success(request, "L'interface a été détruite") return redirect(reverse( 'users:profil', - kwargs={'userid':str(request.user.id)} - )) - return form({'objet': interface, 'objet_name': 'interface'}, 'machines/delete.html', request) + kwargs={'userid': str(request.user.id)} + )) + return form( + {'objet': interface, 'objet_name': 'interface'}, + 'machines/delete.html', + request + ) + @login_required @can_create(Ipv6List) @@ -362,30 +401,48 @@ def del_interface(request, interface, interfaceid): def new_ipv6list(request, interface, interfaceid): """Nouvelle ipv6""" ipv6list_instance = Ipv6List(interface=interface) - ipv6 = Ipv6ListForm(request.POST or None, instance=ipv6list_instance, user=request.user) + ipv6 = Ipv6ListForm( + request.POST or None, + instance=ipv6list_instance, + user=request.user + ) if ipv6.is_valid(): ipv6.save() messages.success(request, "Ipv6 ajoutée") return redirect(reverse( 'machines:index-ipv6', - kwargs={'interfaceid':str(interface.id)} - )) - return form({'ipv6form': ipv6, 'action_name' : 'Créer'}, 'machines/machine.html', request) + kwargs={'interfaceid': str(interface.id)} + )) + return form( + {'ipv6form': ipv6, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Ipv6List) def edit_ipv6list(request, ipv6list_instance, ipv6listid): """Edition d'une ipv6""" - ipv6 = Ipv6ListForm(request.POST or None, instance=ipv6list_instance, user=request.user) + ipv6 = Ipv6ListForm( + request.POST or None, + instance=ipv6list_instance, + user=request.user + ) if ipv6.is_valid(): if ipv6.changed_data: ipv6.save() messages.success(request, "Ipv6 modifiée") return redirect(reverse( 'machines:index-ipv6', - kwargs={'interfaceid':str(ipv6list_instance.interface.id)} - )) - return form({'ipv6form': ipv6, 'action_name' : 'Editer'}, 'machines/machine.html', request) + kwargs={'interfaceid': str(ipv6list_instance.interface.id)} + )) + return form( + {'ipv6form': ipv6, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete(Ipv6List) @@ -397,26 +454,38 @@ def del_ipv6list(request, ipv6list, ipv6listid): messages.success(request, "L'ipv6 a été détruite") return redirect(reverse( 'machines:index-ipv6', - kwargs={'interfaceid':str(interfaceid)} - )) - return form({'objet': ipv6list, 'objet_name': 'ipv6'}, 'machines/delete.html', request) + kwargs={'interfaceid': str(interfaceid)} + )) + return form( + {'objet': ipv6list, 'objet_name': 'ipv6'}, + 'machines/delete.html', + request + ) + @login_required @can_create(IpType) def add_iptype(request): - """ Ajoute un range d'ip. Intelligence dans le models, fonction views minimaliste""" + """ Ajoute un range d'ip. Intelligence dans le models, fonction views + minimaliste""" iptype = IpTypeForm(request.POST or None) if iptype.is_valid(): iptype.save() messages.success(request, "Ce type d'ip a été ajouté") return redirect(reverse('machines:index-iptype')) - return form({'iptypeform': iptype, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'iptypeform': iptype, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(IpType) def edit_iptype(request, iptype_instance, iptypeid): - """ Edition d'un range. Ne permet pas de le redimensionner pour éviter l'incohérence""" + """ Edition d'un range. Ne permet pas de le redimensionner pour éviter + l'incohérence""" iptype = EditIpTypeForm(request.POST or None, instance=iptype_instance) if iptype.is_valid(): @@ -424,7 +493,12 @@ def edit_iptype(request, iptype_instance, iptypeid): iptype.save() messages.success(request, "Type d'ip modifié") return redirect(reverse('machines:index-iptype')) - return form({'iptypeform': iptype, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'iptypeform': iptype, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(IpType) @@ -438,31 +512,52 @@ def del_iptype(request, instances): iptype_del.delete() messages.success(request, "Le type d'ip a été supprimé") except ProtectedError: - messages.error(request, "Le type d'ip %s est affectée à au moins une machine, vous ne pouvez pas le supprimer" % iptype_del) + messages.error( + request, + ("Le type d'ip %s est affectée à au moins une machine, " + "vous ne pouvez pas le supprimer" % iptype_del) + ) return redirect(reverse('machines:index-iptype')) - return form({'iptypeform': iptype, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'iptypeform': iptype, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(MachineType) def add_machinetype(request): - machinetype = MachineTypeForm(request.POST or None) if machinetype.is_valid(): machinetype.save() messages.success(request, "Ce type de machine a été ajouté") return redirect(reverse('machines:index-machinetype')) - return form({'machinetypeform': machinetype, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'machinetypeform': machinetype, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(MachineType) def edit_machinetype(request, machinetype_instance, machinetypeid): - machinetype = MachineTypeForm(request.POST or None, instance=machinetype_instance) + machinetype = MachineTypeForm( + request.POST or None, + instance=machinetype_instance + ) if machinetype.is_valid(): if machinetype.changed_data: machinetype.save() messages.success(request, "Type de machine modifié") return redirect(reverse('machines:index-machinetype')) - return form({'machinetypeform': machinetype, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'machinetypeform': machinetype, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(MachineType) @@ -475,9 +570,19 @@ def del_machinetype(request, instances): machinetype_del.delete() messages.success(request, "Le type de machine a été supprimé") except ProtectedError: - messages.error(request, "Le type de machine %s est affectée à au moins une machine, vous ne pouvez pas le supprimer" % machinetype_del) + messages.error( + request, + ("Le type de machine %s est affectée à au moins une " + "machine, vous ne pouvez pas le supprimer" + % machinetype_del) + ) return redirect(reverse('machines:index-machinetype')) - return form({'machinetypeform': machinetype, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'machinetypeform': machinetype, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Extension) @@ -487,18 +592,31 @@ def add_extension(request): extension.save() messages.success(request, "Cette extension a été ajoutée") return redirect(reverse('machines:index-extension')) - return form({'extensionform': extension, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'extensionform': extension, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Extension) def edit_extension(request, extension_instance, extensionid): - extension = ExtensionForm(request.POST or None, instance=extension_instance) + extension = ExtensionForm( + request.POST or None, + instance=extension_instance + ) if extension.is_valid(): if extension.changed_data: extension.save() messages.success(request, "Extension modifiée") return redirect(reverse('machines:index-extension')) - return form({'extensionform': extension, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'extensionform': extension, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Extension) @@ -511,9 +629,19 @@ def del_extension(request, instances): extension_del.delete() messages.success(request, "L'extension a été supprimée") except ProtectedError: - messages.error(request, "L'extension %s est affectée à au moins un type de machine, vous ne pouvez pas la supprimer" % extension_del) + messages.error( + request, + ("L'extension %s est affectée à au moins un type de " + "machine, vous ne pouvez pas la supprimer" + % extension_del) + ) return redirect(reverse('machines:index-extension')) - return form({'extensionform': extension, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'extensionform': extension, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(SOA) @@ -523,7 +651,12 @@ def add_soa(request): soa.save() messages.success(request, "Cet enregistrement SOA a été ajouté") return redirect(reverse('machines:index-extension')) - return form({'soaform': soa, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'soaform': soa, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(SOA) @@ -534,7 +667,12 @@ def edit_soa(request, soa_instance, soaid): soa.save() messages.success(request, "SOA modifié") return redirect(reverse('machines:index-extension')) - return form({'soaform': soa, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'soaform': soa, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(SOA) @@ -547,9 +685,18 @@ def del_soa(request, instances): soa_del.delete() messages.success(request, "Le SOA a été supprimée") except ProtectedError: - messages.error(request, "Erreur le SOA suivant %s ne peut être supprimé" % soa_del) + messages.error( + request, + ("Erreur le SOA suivant %s ne peut être supprimé" + % soa_del) + ) return redirect(reverse('machines:index-extension')) - return form({'soaform': soa, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'soaform': soa, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Mx) @@ -559,7 +706,12 @@ def add_mx(request): mx.save() messages.success(request, "Cet enregistrement mx a été ajouté") return redirect(reverse('machines:index-extension')) - return form({'mxform': mx, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'mxform': mx, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Mx) @@ -570,7 +722,12 @@ def edit_mx(request, mx_instance, mxid): mx.save() messages.success(request, "Mx modifié") return redirect(reverse('machines:index-extension')) - return form({'mxform': mx, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'mxform': mx, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Mx) @@ -583,9 +740,18 @@ def del_mx(request, instances): mx_del.delete() messages.success(request, "L'mx a été supprimée") except ProtectedError: - messages.error(request, "Erreur le Mx suivant %s ne peut être supprimé" % mx_del) + messages.error( + request, + ("Erreur le Mx suivant %s ne peut être supprimé" + % mx_del) + ) return redirect(reverse('machines:index-extension')) - return form({'mxform': mx, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'mxform': mx, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Ns) @@ -595,7 +761,12 @@ def add_ns(request): ns.save() messages.success(request, "Cet enregistrement ns a été ajouté") return redirect(reverse('machines:index-extension')) - return form({'nsform': ns, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'nsform': ns, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Ns) @@ -606,7 +777,12 @@ def edit_ns(request, ns_instance, nsid): ns.save() messages.success(request, "Ns modifié") return redirect(reverse('machines:index-extension')) - return form({'nsform': ns, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'nsform': ns, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Ns) @@ -619,9 +795,18 @@ def del_ns(request, instances): ns_del.delete() messages.success(request, "Le ns a été supprimée") except ProtectedError: - messages.error(request, "Erreur le Ns suivant %s ne peut être supprimé" % ns_del) + messages.error( + request, + ("Erreur le Ns suivant %s ne peut être supprimé" + % ns_del) + ) return redirect(reverse('machines:index-extension')) - return form({'nsform': ns, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'nsform': ns, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Txt) @@ -631,7 +816,12 @@ def add_txt(request): txt.save() messages.success(request, "Cet enregistrement text a été ajouté") return redirect(reverse('machines:index-extension')) - return form({'txtform': txt, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'txtform': txt, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Txt) @@ -642,7 +832,12 @@ def edit_txt(request, txt_instance, txtid): txt.save() messages.success(request, "Txt modifié") return redirect(reverse('machines:index-extension')) - return form({'txtform': txt, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'txtform': txt, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Txt) @@ -655,9 +850,18 @@ def del_txt(request, instances): txt_del.delete() messages.success(request, "Le txt a été supprimé") except ProtectedError: - messages.error(request, "Erreur le Txt suivant %s ne peut être supprimé" % txt_del) + messages.error( + request, + ("Erreur le Txt suivant %s ne peut être supprimé" + % txt_del) + ) return redirect(reverse('machines:index-extension')) - return form({'txtform': txt, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'txtform': txt, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Srv) @@ -667,7 +871,12 @@ def add_srv(request): srv.save() messages.success(request, "Cet enregistrement srv a été ajouté") return redirect(reverse('machines:index-extension')) - return form({'srvform': srv, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'srvform': srv, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Srv) @@ -678,7 +887,12 @@ def edit_srv(request, srv_instance, srvid): srv.save() messages.success(request, "Srv modifié") return redirect(reverse('machines:index-extension')) - return form({'srvform': srv, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'srvform': srv, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Srv) @@ -691,9 +905,18 @@ def del_srv(request, instances): srv_del.delete() messages.success(request, "L'srv a été supprimée") except ProtectedError: - messages.error(request, "Erreur le Srv suivant %s ne peut être supprimé" % srv_del) + messages.error( + request, + ("Erreur le Srv suivant %s ne peut être supprimé" + % srv_del) + ) return redirect(reverse('machines:index-extension')) - return form({'srvform': srv, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'srvform': srv, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Domain) @@ -707,23 +930,39 @@ def add_alias(request, interface, interfaceid): messages.success(request, "Cet alias a été ajouté") return redirect(reverse( 'machines:index-alias', - kwargs={'interfaceid':str(interfaceid)} - )) - return form({'aliasform': alias, 'action_name' : 'Créer'}, 'machines/machine.html', request) + kwargs={'interfaceid': str(interfaceid)} + )) + return form( + {'aliasform': alias, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Domain) def edit_alias(request, domain_instance, domainid): - alias = AliasForm(request.POST or None, instance=domain_instance, user=request.user) + alias = AliasForm( + request.POST or None, + instance=domain_instance, + user=request.user + ) if alias.is_valid(): if alias.changed_data: domain_instance = alias.save() messages.success(request, "Alias modifié") return redirect(reverse( 'machines:index-alias', - kwargs={'interfaceid':str(domain_instance.cname.interface_parent.id)} - )) - return form({'aliasform': alias, 'action_name' : 'Editer'}, 'machines/machine.html', request) + kwargs={ + 'interfaceid': str(domain_instance.cname.interface_parent.id) + } + )) + return form( + {'aliasform': alias, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Interface) @@ -734,14 +973,25 @@ def del_alias(request, interface, interfaceid): for alias_del in alias_dels: try: alias_del.delete() - messages.success(request, "L'alias %s a été supprimé" % alias_del) + messages.success( + request, + "L'alias %s a été supprimé" % alias_del + ) except ProtectedError: - messages.error(request, "Erreur l'alias suivant %s ne peut être supprimé" % alias_del) + messages.error( + request, + ("Erreur l'alias suivant %s ne peut être supprimé" + % alias_del) + ) return redirect(reverse( 'machines:index-alias', - kwargs={'interfaceid':str(interfaceid)} - )) - return form({'aliasform': alias, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + kwargs={'interfaceid': str(interfaceid)} + )) + return form( + {'aliasform': alias, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) @login_required @@ -752,7 +1002,12 @@ def add_service(request): service.save() messages.success(request, "Cet enregistrement service a été ajouté") return redirect(reverse('machines:index-service')) - return form({'serviceform': service, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'serviceform': service, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Service) @@ -763,7 +1018,12 @@ def edit_service(request, service_instance, serviceid): service.save() messages.success(request, "Service modifié") return redirect(reverse('machines:index-service')) - return form({'serviceform': service, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'serviceform': service, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Service) @@ -776,9 +1036,18 @@ def del_service(request, instances): service_del.delete() messages.success(request, "Le service a été supprimée") except ProtectedError: - messages.error(request, "Erreur le service suivant %s ne peut être supprimé" % service_del) + messages.error( + request, + ("Erreur le service suivant %s ne peut être supprimé" + % service_del) + ) return redirect(reverse('machines:index-service')) - return form({'serviceform': service, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'serviceform': service, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Vlan) @@ -788,7 +1057,12 @@ def add_vlan(request): vlan.save() messages.success(request, "Cet enregistrement vlan a été ajouté") return redirect(reverse('machines:index-vlan')) - return form({'vlanform': vlan, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'vlanform': vlan, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Vlan) @@ -799,7 +1073,12 @@ def edit_vlan(request, vlan_instance, vlanid): vlan.save() messages.success(request, "Vlan modifié") return redirect(reverse('machines:index-vlan')) - return form({'vlanform': vlan, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'vlanform': vlan, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Vlan) @@ -812,9 +1091,18 @@ def del_vlan(request, instances): vlan_del.delete() messages.success(request, "Le vlan a été supprimée") except ProtectedError: - messages.error(request, "Erreur le Vlan suivant %s ne peut être supprimé" % vlan_del) + messages.error( + request, + ("Erreur le Vlan suivant %s ne peut être supprimé" + % vlan_del) + ) return redirect(reverse('machines:index-vlan')) - return form({'vlanform': vlan, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'vlanform': vlan, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(Nas) @@ -824,7 +1112,12 @@ def add_nas(request): nas.save() messages.success(request, "Cet enregistrement nas a été ajouté") return redirect(reverse('machines:index-nas')) - return form({'nasform': nas, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'nasform': nas, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_edit(Nas) @@ -835,7 +1128,12 @@ def edit_nas(request, nas_instance, nasid): nas.save() messages.success(request, "Nas modifié") return redirect(reverse('machines:index-nas')) - return form({'nasform': nas, 'action_name' : 'Editer'}, 'machines/machine.html', request) + return form( + {'nasform': nas, 'action_name': 'Editer'}, + 'machines/machine.html', + request + ) + @login_required @can_delete_set(Nas) @@ -848,47 +1146,98 @@ def del_nas(request, instances): nas_del.delete() messages.success(request, "Le nas a été supprimé") except ProtectedError: - messages.error(request, "Erreur le Nas suivant %s ne peut être supprimé" % nas_del) + messages.error( + request, + ("Erreur le Nas suivant %s ne peut être supprimé" + % nas_del) + ) return redirect(reverse('machines:index-nas')) - return form({'nasform': nas, 'action_name' : 'Supprimer'}, 'machines/machine.html', request) + return form( + {'nasform': nas, 'action_name': 'Supprimer'}, + 'machines/machine.html', + request + ) + @login_required @can_view_all(Machine) def index(request): - pagination_large_number = GeneralOption.get_cached_value('pagination_large_number') - machines_list = Machine.objects.select_related('user').prefetch_related('interface_set__domain__extension').prefetch_related('interface_set__ipv4__ip_type').prefetch_related('interface_set__type__ip_type__extension').prefetch_related('interface_set__domain__related_domain__extension').prefetch_related('interface_set__ipv6list') + pagination_large_number = (GeneralOption + .get_cached_value('pagination_large_number')) + machines_list = (Machine.objects + .select_related('user') + .prefetch_related('interface_set__domain__extension') + .prefetch_related('interface_set__ipv4__ip_type') + .prefetch_related( + 'interface_set__type__ip_type__extension' + ).prefetch_related( + 'interface_set__domain__related_domain__extension' + ).prefetch_related('interface_set__ipv6list')) machines_list = SortTable.sort( machines_list, request.GET.get('col'), request.GET.get('order'), SortTable.MACHINES_INDEX ) - machines_list = re2o_paginator(request, machines_list, pagination_large_number) - return render(request, 'machines/index.html', {'machines_list': machines_list}) + machines_list = re2o_paginator( + request, + machines_list, + pagination_large_number + ) + return render( + request, + 'machines/index.html', + {'machines_list': machines_list} + ) + @login_required @can_view_all(IpType) def index_iptype(request): - iptype_list = IpType.objects.select_related('extension').select_related('vlan').order_by('type') - return render(request, 'machines/index_iptype.html', {'iptype_list':iptype_list}) + iptype_list = (IpType.objects + .select_related('extension') + .select_related('vlan') + .order_by('type')) + return render( + request, + 'machines/index_iptype.html', + {'iptype_list': iptype_list} + ) + @login_required @can_view_all(Vlan) def index_vlan(request): vlan_list = Vlan.objects.prefetch_related('iptype_set').order_by('vlan_id') - return render(request, 'machines/index_vlan.html', {'vlan_list':vlan_list}) + return render( + request, + 'machines/index_vlan.html', + {'vlan_list': vlan_list} + ) + @login_required @can_view_all(MachineType) def index_machinetype(request): - machinetype_list = MachineType.objects.select_related('ip_type').order_by('type') - return render(request, 'machines/index_machinetype.html', {'machinetype_list':machinetype_list}) + machinetype_list = (MachineType.objects + .select_related('ip_type') + .order_by('type')) + return render( + request, + 'machines/index_machinetype.html', + {'machinetype_list': machinetype_list} + ) + @login_required @can_view_all(Nas) def index_nas(request): - nas_list = Nas.objects.select_related('machine_type').select_related('nas_type').order_by('name') - return render(request, 'machines/index_nas.html', {'nas_list':nas_list}) + nas_list = (Nas.objects + .select_related('machine_type') + .select_related('nas_type') + .order_by('name')) + return render(request, 'machines/index_nas.html', {'nas_list': nas_list}) + @login_required @can_view_all(SOA) @@ -898,54 +1247,113 @@ def index_nas(request): @can_view_all(Srv) @can_view_all(Extension) def index_extension(request): - extension_list = Extension.objects.select_related('origin').select_related('soa').order_by('name') + extension_list = (Extension.objects + .select_related('origin') + .select_related('soa') + .order_by('name')) soa_list = SOA.objects.order_by('name') - mx_list = Mx.objects.order_by('zone').select_related('zone').select_related('name__extension') - ns_list = Ns.objects.order_by('zone').select_related('zone').select_related('ns__extension') + mx_list = (Mx.objects + .order_by('zone') + .select_related('zone') + .select_related('name__extension')) + ns_list = (Ns.objects + .order_by('zone') + .select_related('zone') + .select_related('ns__extension')) txt_list = Txt.objects.all().select_related('zone') - srv_list = Srv.objects.all().select_related('extension').select_related('target__extension') - return render(request, 'machines/index_extension.html', {'extension_list':extension_list, 'soa_list': soa_list, 'mx_list': mx_list, 'ns_list': ns_list, 'txt_list' : txt_list, 'srv_list': srv_list}) + srv_list = (Srv.objects + .all() + .select_related('extension') + .select_related('target__extension')) + return render( + request, + 'machines/index_extension.html', + { + 'extension_list': extension_list, + 'soa_list': soa_list, + 'mx_list': mx_list, + 'ns_list': ns_list, + 'txt_list': txt_list, + 'srv_list': srv_list + } + ) + @login_required @can_edit(Interface) def index_alias(request, interface, interfaceid): - alias_list = Domain.objects.filter(cname=Domain.objects.filter(interface_parent=interface)).order_by('name') - return render(request, 'machines/index_alias.html', {'alias_list':alias_list, 'interface_id': interfaceid}) + alias_list = Domain.objects.filter( + cname=Domain.objects.filter(interface_parent=interface) + ).order_by('name') + return render( + request, + 'machines/index_alias.html', + {'alias_list': alias_list, 'interface_id': interfaceid} + ) + @login_required @can_edit(Interface) def index_ipv6(request, interface, interfaceid): ipv6_list = Ipv6List.objects.filter(interface=interface) - return render(request, 'machines/index_ipv6.html', {'ipv6_list':ipv6_list, 'interface_id': interfaceid}) + return render( + request, + 'machines/index_ipv6.html', + {'ipv6_list': ipv6_list, 'interface_id': interfaceid} + ) + @login_required @can_view_all(Service) def index_service(request): - service_list = Service.objects.prefetch_related('service_link_set__server__domain__extension').all() - servers_list = Service_link.objects.select_related('server__domain__extension').select_related('service').all() - return render(request, 'machines/index_service.html', {'service_list':service_list, 'servers_list':servers_list}) + service_list = (Service.objects + .prefetch_related( + 'service_link_set__server__domain__extension' + ).all()) + servers_list = (Service_link.objects + .select_related('server__domain__extension') + .select_related('service') + .all()) + return render( + request, + 'machines/index_service.html', + {'service_list': service_list, 'servers_list': servers_list} + ) @login_required @can_view_all(OuverturePortList) def index_portlist(request): - port_list = OuverturePortList.objects.prefetch_related('ouvertureport_set')\ - .prefetch_related('interface_set__domain__extension')\ - .prefetch_related('interface_set__machine__user').order_by('name') - return render(request, "machines/index_portlist.html", {'port_list':port_list}) + port_list = (OuverturePortList.objects + .prefetch_related('ouvertureport_set') + .prefetch_related('interface_set__domain__extension') + .prefetch_related('interface_set__machine__user') + .order_by('name')) + return render( + request, + "machines/index_portlist.html", + {'port_list': port_list} + ) + @login_required @can_edit(OuverturePortList) def edit_portlist(request, ouvertureportlist_instance, ouvertureportlistid): - port_list = EditOuverturePortListForm(request.POST or None, instance=ouvertureportlist_instance) + port_list = EditOuverturePortListForm( + request.POST or None, + instance=ouvertureportlist_instance + ) port_formset = modelformset_factory( - OuverturePort, - fields=('begin','end','protocole','io'), - extra=0, - can_delete=True, - min_num=1, - validate_min=True, - )(request.POST or None, queryset=ouvertureportlist_instance.ouvertureport_set.all()) + OuverturePort, + fields=('begin', 'end', 'protocole', 'io'), + extra=0, + can_delete=True, + min_num=1, + validate_min=True, + )( + request.POST or None, + queryset=ouvertureportlist_instance.ouvertureport_set.all() + ) if port_list.is_valid() and port_formset.is_valid(): if port_list.changed_data: pl = port_list.save() @@ -959,7 +1367,12 @@ def edit_portlist(request, ouvertureportlist_instance, ouvertureportlistid): port.save() messages.success(request, "Liste de ports modifiée") return redirect(reverse('machines:index-portlist')) - return form({'port_list' : port_list, 'ports' : port_formset}, 'machines/edit_portlist.html', request) + return form( + {'port_list': port_list, 'ports': port_formset}, + 'machines/edit_portlist.html', + request + ) + @login_required @can_delete(OuverturePortList) @@ -968,17 +1381,18 @@ def del_portlist(request, port_list_instance, ouvertureportlistid): messages.success(request, "La liste de ports a été supprimée") return redirect(reverse('machines:index-portlist')) + @login_required @can_create(OuverturePortList) def add_portlist(request): port_list = EditOuverturePortListForm(request.POST or None) port_formset = modelformset_factory( OuverturePort, - fields=('begin','end','protocole','io'), + fields=('begin', 'end', 'protocole', 'io'), extra=0, can_delete=True, - min_num=1, - validate_min=True, + min_num=1, + validate_min=True, )(request.POST or None, queryset=OuverturePort.objects.none()) if port_list.is_valid() and port_formset.is_valid(): pl = port_list.save() @@ -990,36 +1404,59 @@ def add_portlist(request): port.save() messages.success(request, "Liste de ports créée") return redirect(reverse('machines:index-portlist')) - return form({'port_list' : port_list, 'ports' : port_formset}, 'machines/edit_portlist.html', request) + return form( + {'port_list': port_list, 'ports': port_formset}, + 'machines/edit_portlist.html', + request + ) port_list = EditOuverturePortListForm(request.POST or None) if port_list.is_valid(): port_list.save() messages.success(request, "Liste de ports créée") return redirect(reverse('machines:index-portlist')) - return form({'machineform' : port_list, 'action_name' : 'Créer'}, 'machines/machine.html', request) + return form( + {'machineform': port_list, 'action_name': 'Créer'}, + 'machines/machine.html', + request + ) + @login_required @can_create(OuverturePort) @can_edit(Interface) def configure_ports(request, interface_instance, interfaceid): if not interface_instance.may_have_port_open(): - messages.error(request, "Attention, l'ipv4 n'est pas publique, l'ouverture n'aura pas d'effet en v4") - interface = EditOuverturePortConfigForm(request.POST or None, instance=interface_instance) + messages.error( + request, + ("Attention, l'ipv4 n'est pas publique, l'ouverture n'aura pas " + "d'effet en v4") + ) + interface = EditOuverturePortConfigForm( + request.POST or None, + instance=interface_instance + ) if interface.is_valid(): if interface.changed_data: interface.save() messages.success(request, "Configuration des ports mise à jour.") return redirect(reverse('machines:index')) - return form({'interfaceform' : interface, 'action_name' : 'Editer la configuration'}, 'machines/machine.html', request) + return form( + {'interfaceform': interface, 'action_name': 'Editer la configuration'}, + 'machines/machine.html', + request + ) + """ Framework Rest """ + class JSONResponse(HttpResponse): def __init__(self, data, **kwargs): content = JSONRenderer().render(data) kwargs['content_type'] = 'application/json' super(JSONResponse, self).__init__(content, **kwargs) + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1028,6 +1465,7 @@ def mac_ip_list(request): seria = InterfaceSerializer(interfaces, many=True) return seria.data + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1036,14 +1474,23 @@ def full_mac_ip_list(request): seria = FullInterfaceSerializer(interfaces, many=True) return seria.data + @csrf_exempt @login_required @permission_required('machines.serveur') def alias(request): - alias = Domain.objects.filter(interface_parent=None).filter(cname__in=Domain.objects.filter(interface_parent__in=Interface.objects.exclude(ipv4=None))).select_related('extension').select_related('cname__extension') + alias = (Domain.objects + .filter(interface_parent=None) + .filter( + cname__in=Domain.objects.filter( + interface_parent__in=Interface.objects.exclude(ipv4=None) + ) + ).select_related('extension') + .select_related('cname__extension')) seria = DomainSerializer(alias, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1052,14 +1499,18 @@ def corresp(request): seria = TypeSerializer(type, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') def mx(request): - mx = Mx.objects.all().select_related('zone').select_related('name__extension') + mx = (Mx.objects.all() + .select_related('zone') + .select_related('name__extension')) seria = MxSerializer(mx, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1068,22 +1519,34 @@ def txt(request): seria = TxtSerializer(txt, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') def srv(request): - srv = Srv.objects.all().select_related('extension').select_related('target__extension') + srv = (Srv.objects + .all() + .select_related('extension') + .select_related('target__extension')) seria = SrvSerializer(srv, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') def ns(request): - ns = Ns.objects.exclude(ns__in=Domain.objects.filter(interface_parent__in=Interface.objects.filter(ipv4=None))).select_related('zone').select_related('ns__extension') + ns = (Ns.objects + .exclude( + ns__in=Domain.objects.filter( + interface_parent__in=Interface.objects.filter(ipv4=None) + ) + ).select_related('zone') + .select_related('ns__extension')) seria = NsSerializer(ns, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1092,6 +1555,7 @@ def zones(request): seria = ExtensionSerializer(zones, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1099,6 +1563,7 @@ def mac_ip(request): seria = mac_ip_list(request) return JSONResponse(seria) + @csrf_exempt @login_required @permission_required('machines.serveur') @@ -1106,50 +1571,100 @@ def mac_ip_dns(request): seria = full_mac_ip_list(request) return JSONResponse(seria) + @csrf_exempt @login_required @permission_required('machines.serveur') def service_servers(request): - service_link = Service_link.objects.all().select_related('server__domain').select_related('service') + service_link = (Service_link.objects + .all() + .select_related('server__domain') + .select_related('service')) seria = ServiceServersSerializer(service_link, many=True) return JSONResponse(seria.data) + @csrf_exempt @login_required @permission_required('machines.serveur') def ouverture_ports(request): - r = {'ipv4':{}, 'ipv6':{}} - for o in OuverturePortList.objects.all().prefetch_related('ouvertureport_set').prefetch_related('interface_set', 'interface_set__ipv4'): + r = {'ipv4': {}, 'ipv6': {}} + for o in (OuverturePortList.objects + .all() + .prefetch_related('ouvertureport_set') + .prefetch_related('interface_set', 'interface_set__ipv4')): pl = { - "tcp_in":set(map(str,o.ouvertureport_set.filter(protocole=OuverturePort.TCP, io=OuverturePort.IN))), - "tcp_out":set(map(str,o.ouvertureport_set.filter(protocole=OuverturePort.TCP, io=OuverturePort.OUT))), - "udp_in":set(map(str,o.ouvertureport_set.filter(protocole=OuverturePort.UDP, io=OuverturePort.IN))), - "udp_out":set(map(str,o.ouvertureport_set.filter(protocole=OuverturePort.UDP, io=OuverturePort.OUT))), + "tcp_in": set(map( + str, + o.ouvertureport_set.filter( + protocole=OuverturePort.TCP, + io=OuverturePort.IN + ) + )), + "tcp_out": set(map( + str, + o.ouvertureport_set.filter( + protocole=OuverturePort.TCP, + io=OuverturePort.OUT + ) + )), + "udp_in": set(map( + str, + o.ouvertureport_set.filter( + protocole=OuverturePort.UDP, + io=OuverturePort.IN + ) + )), + "udp_out": set(map( + str, + o.ouvertureport_set.filter( + protocole=OuverturePort.UDP, + io=OuverturePort.OUT + ) + )), } for i in filter_active_interfaces(o.interface_set): if i.may_have_port_open(): d = r['ipv4'].get(i.ipv4.ipv4, {}) - d["tcp_in"] = d.get("tcp_in",set()).union(pl["tcp_in"]) - d["tcp_out"] = d.get("tcp_out",set()).union(pl["tcp_out"]) - d["udp_in"] = d.get("udp_in",set()).union(pl["udp_in"]) - d["udp_out"] = d.get("udp_out",set()).union(pl["udp_out"]) + d["tcp_in"] = (d.get("tcp_in", set()) + .union(pl["tcp_in"])) + d["tcp_out"] = (d.get("tcp_out", set()) + .union(pl["tcp_out"])) + d["udp_in"] = (d.get("udp_in", set()) + .union(pl["udp_in"])) + d["udp_out"] = (d.get("udp_out", set()) + .union(pl["udp_out"])) r['ipv4'][i.ipv4.ipv4] = d if i.ipv6(): for ipv6 in i.ipv6(): d = r['ipv6'].get(ipv6.ipv6, {}) - d["tcp_in"] = d.get("tcp_in",set()).union(pl["tcp_in"]) - d["tcp_out"] = d.get("tcp_out",set()).union(pl["tcp_out"]) - d["udp_in"] = d.get("udp_in",set()).union(pl["udp_in"]) - d["udp_out"] = d.get("udp_out",set()).union(pl["udp_out"]) + d["tcp_in"] = (d.get("tcp_in", set()) + .union(pl["tcp_in"])) + d["tcp_out"] = (d.get("tcp_out", set()) + .union(pl["tcp_out"])) + d["udp_in"] = (d.get("udp_in", set()) + .union(pl["udp_in"])) + d["udp_out"] = (d.get("udp_out", set()) + .union(pl["udp_out"])) r['ipv6'][ipv6.ipv6] = d return JSONResponse(r) + @csrf_exempt @login_required @permission_required('machines.serveur') def regen_achieved(request): - obj = Service_link.objects.filter(service__in=Service.objects.filter(service_type=request.POST['service']), server__in=Interface.objects.filter(domain__in=Domain.objects.filter(name=request.POST['server']))) + obj = (Service_link.objects + .filter( + service__in=Service.objects.filter( + service_type=request.POST['service'] + ), + server__in=Interface.objects.filter( + domain__in=Domain.objects.filter( + name=request.POST['server'] + ) + ) + )) if obj: obj.first().done_regen() return HttpResponse("Ok") -