8
0
Fork 0
mirror of https://gitlab2.federez.net/re2o/re2o synced 2024-11-25 22:22:26 +00:00

Stockage des creds d'identification des switchs

This commit is contained in:
Gabriel Detraz 2018-07-11 02:19:29 +02:00
parent 24fe9cf869
commit 5ffe876595
12 changed files with 263 additions and 11 deletions

View file

@ -39,7 +39,8 @@ from .models import (
AssoOption, AssoOption,
MailMessageOption, MailMessageOption,
HomeOption, HomeOption,
RadiusKey RadiusKey,
SwitchManagementCred
) )
@ -95,6 +96,10 @@ class RadiusKeyAdmin(VersionAdmin):
"""Class radiuskey""" """Class radiuskey"""
pass pass
class SwitchManagementCredAdmin(VersionAdmin):
"""Class managementcred for switch"""
pass
admin.site.register(OptionalUser, OptionalUserAdmin) admin.site.register(OptionalUser, OptionalUserAdmin)
admin.site.register(OptionalMachine, OptionalMachineAdmin) admin.site.register(OptionalMachine, OptionalMachineAdmin)
@ -105,5 +110,6 @@ admin.site.register(Service, ServiceAdmin)
admin.site.register(MailContact, MailContactAdmin) admin.site.register(MailContact, MailContactAdmin)
admin.site.register(Reminder, ReminderAdmin) admin.site.register(Reminder, ReminderAdmin)
admin.site.register(RadiusKey, RadiusKeyAdmin) admin.site.register(RadiusKey, RadiusKeyAdmin)
admin.site.register(SwitchManagementCred, SwitchManagementCredAdmin)
admin.site.register(AssoOption, AssoOptionAdmin) admin.site.register(AssoOption, AssoOptionAdmin)
admin.site.register(MailMessageOption, MailMessageOptionAdmin) admin.site.register(MailMessageOption, MailMessageOptionAdmin)

View file

@ -39,7 +39,8 @@ from .models import (
Service, Service,
MailContact, MailContact,
Reminder, Reminder,
RadiusKey RadiusKey,
SwitchManagementCred
) )
from topologie.models import Switch from topologie.models import Switch
@ -260,6 +261,31 @@ class RadiusKeyForm(FormRevMixin, ModelForm):
return instance return instance
class SwitchManagementCredForm(FormRevMixin, ModelForm):
"""Edition, ajout de creds de management pour gestion
et interface rest des switchs"""
members = forms.ModelMultipleChoiceField(
Switch.objects.all(),
required=False
)
class Meta:
model = SwitchManagementCred
fields = '__all__'
def __init__(self, *args, **kwargs):
prefix = kwargs.pop('prefix', self.Meta.model.__name__)
super(SwitchManagementCredForm, self).__init__(*args, prefix=prefix, **kwargs)
instance = kwargs.get('instance', None)
if instance:
self.initial['members'] = Switch.objects.filter(management_creds=instance)
def save(self, commit=True):
instance = super().save(commit)
instance.switch_set = self.cleaned_data['members']
return instance
class MailContactForm(ModelForm): class MailContactForm(ModelForm):
"""Edition, ajout d'adresse de contact""" """Edition, ajout d'adresse de contact"""
class Meta: class Meta:

View file

@ -0,0 +1,30 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-07-10 23:57
from __future__ import unicode_literals
from django.db import migrations, models
import re2o.aes_field
import re2o.mixins
class Migration(migrations.Migration):
dependencies = [
('preferences', '0047_auto_20180711_0015'),
]
operations = [
migrations.CreateModel(
name='SwitchManagementCred',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('management_id', models.CharField(help_text='Login du switch', max_length=63)),
('management_pass', re2o.aes_field.AESEncryptedField(help_text='Mot de passe', max_length=63)),
('default_switch', models.BooleanField(default=True, help_text='Creds par défaut des switchs', unique=True)),
],
options={
'permissions': (('view_switchmanagementcred', 'Peut voir un objet switchmanagementcred'),),
},
bases=(re2o.mixins.AclMixin, models.Model),
),
]

View file

@ -246,7 +246,7 @@ class OptionalTopologie(AclMixin, PreferencesModel):
def provision_switchs_enabled(self): def provision_switchs_enabled(self):
"""Return true if all settings are ok : switchs on automatic provision, """Return true if all settings are ok : switchs on automatic provision,
ip_type""" ip_type"""
return bool(self.provisioned_switchs and self.switchs_ip_type) return bool(self.provisioned_switchs and self.switchs_ip_type and SwitchManagementCred.objects.filter(default_switch=True).exists())
class Meta: class Meta:
permissions = ( permissions = (
@ -288,6 +288,31 @@ class RadiusKey(AclMixin, models.Model):
return "Clef radius " + str(self.id) + " " + str(self.comment) return "Clef radius " + str(self.id) + " " + str(self.comment)
class SwitchManagementCred(AclMixin, models.Model):
"""Class of a management creds of a switch, for rest management"""
management_id = models.CharField(
max_length=63,
help_text="Login du switch"
)
management_pass = AESEncryptedField(
max_length=63,
help_text="Mot de passe"
)
default_switch = models.BooleanField(
default=True,
unique=True,
help_text= "Creds par défaut des switchs"
)
class Meta:
permissions = (
("view_switchmanagementcred", "Peut voir un objet switchmanagementcred"),
)
def __str__(self):
return "Identifiant " + str(self.management_id)
class Reminder(AclMixin, models.Model): class Reminder(AclMixin, models.Model):
"""Options pour les mails de notification de fin d'adhésion. """Options pour les mails de notification de fin d'adhésion.
Days: liste des nombres de jours pour lesquells un mail est envoyé Days: liste des nombres de jours pour lesquells un mail est envoyé

View file

@ -0,0 +1,47 @@
{% comment %}
Re2o est un logiciel d'administration développé initiallement au rezometz. Il
se veut agnostique au réseau considéré, de manière à être installable en
quelques clics.
Copyright © 2017 Gabriel Détraz
Copyright © 2017 Goulven Kermarec
Copyright © 2017 Augustin Lemesle
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
{% endcomment %}
{% load acl %}
<table class="table table-striped">
<thead>
<tr>
<th>Identifiant</th>
<th>Creds par default des switchs</th>
<th></th>
<th></th>
</tr>
</thead>
{% for switchmanagementcred in switchmanagementcred_list %}
<tr>
<td>{{ switchmanagementcred.management_id }}</td>
<td>{{ switchmanagementcred.default_switch }}</td>
<td class="text-right">
{% can_edit switchmanagementcred %}
{% include 'buttons/edit.html' with href='preferences:edit-switchmanagementcred' id=switchmanagementcred.id %}
{% acl_end %}
{% include 'buttons/history.html' with href='preferences:history' name='switchmanagementcred' id=switchmanagementcred.id %}
</td>
</tr>
{% endfor %}
</table>

View file

@ -115,7 +115,13 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr> </tr>
</table> </table>
<h5>Configuration des switches</h5> <h6>Clef radius</h6>
{% can_create RadiusKey%}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:add-radiuskey' %}"><i class="fa fa-plus"></i> Ajouter une clef radius</a>
{% acl_end %}
{% include "preferences/aff_radiuskey.html" with radiuskey_list=radiuskey_list %}
<h4>Configuration des switches</h4>
<table class="table table-striped"> <table class="table table-striped">
<tr> <tr>
<th>Web management, activé si provision automatique</th> <th>Web management, activé si provision automatique</th>
@ -139,11 +145,16 @@ with this program; if not, write to the Free Software Foundation, Inc.,
</tr> </tr>
</table> </table>
<h5>Clef radius</h5> <h6>Creds de management des switchs</h6>
{% can_create RadiusKey%} {% can_create SwitchManagementCred%}
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:add-radiuskey' %}"><i class="fa fa-plus"></i> Ajouter une clef radius</a> <a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:add-switchmanagementcred' %}"><i class="fa fa-plus"></i> Ajouter un id/mdp de management switch</a>
{% acl_end %} {% acl_end %}
{% include "preferences/aff_radiuskey.html" with radiuskey_list=radiuskey_list %} <p>
</p>
{% if switchmanagementcred_list %}<span class="label label-success"> OK{% else %}<span class="label label-danger">Manquant{% endif %}</span>
{% include "preferences/aff_switchmanagementcred.html" with switchmanagementcred_list=switchmanagementcred_list %}
<h4>Préférences generales</h4> <h4>Préférences generales</h4>
<a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'GeneralOption' %}"> <a class="btn btn-primary btn-sm" role="button" href="{% url 'preferences:edit-options' 'GeneralOption' %}">

View file

@ -95,6 +95,13 @@ urlpatterns = [
name='edit-radiuskey' name='edit-radiuskey'
), ),
url(r'^del_radiuskey/$', views.del_radiuskey, name='del-radiuskey'), url(r'^del_radiuskey/$', views.del_radiuskey, name='del-radiuskey'),
url(r'^add_switchmanagementcred/$', views.add_switchmanagementcred, name='add-switchmanagementcred'),
url(
r'^edit_switchmanagementcred/(?P<switchmanagementcredid>[0-9]+)$',
views.edit_switchmanagementcred,
name='edit-switchmanagementcred'
),
url(r'^del_switchmanagementcred/$', views.del_switchmanagementcred, name='del-switchmanagementcred'),
url( url(
r'^history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$', r'^history/(?P<object_name>\w+)/(?P<object_id>[0-9]+)$',
re2o.views.history, re2o.views.history,

View file

@ -46,7 +46,8 @@ from .forms import MailContactForm, DelMailContactForm
from .forms import ( from .forms import (
ServiceForm, ServiceForm,
ReminderForm, ReminderForm,
RadiusKeyForm RadiusKeyForm,
SwitchManagementCredForm
) )
from .models import ( from .models import (
Service, Service,
@ -59,7 +60,8 @@ from .models import (
OptionalTopologie, OptionalTopologie,
HomeOption, HomeOption,
Reminder, Reminder,
RadiusKey RadiusKey,
SwitchManagementCred
) )
from . import models from . import models
from . import forms from . import forms
@ -92,6 +94,7 @@ def display_options(request):
mailcontact_list = MailContact.objects.all() mailcontact_list = MailContact.objects.all()
reminder_list = Reminder.objects.all() reminder_list = Reminder.objects.all()
radiuskey_list = RadiusKey.objects.all() radiuskey_list = RadiusKey.objects.all()
switchmanagementcred_list = SwitchManagementCred.objects.all()
return form({ return form({
'useroptions': useroptions, 'useroptions': useroptions,
'machineoptions': format_options(machineoptions), 'machineoptions': format_options(machineoptions),
@ -104,6 +107,7 @@ def display_options(request):
'reminder_list': reminder_list, 'reminder_list': reminder_list,
'mailcontact_list': mailcontact_list, 'mailcontact_list': mailcontact_list,
'radiuskey_list' : radiuskey_list, 'radiuskey_list' : radiuskey_list,
'switchmanagementcred_list': switchmanagementcred_list,
}, 'preferences/display_preferences.html', request) }, 'preferences/display_preferences.html', request)
@ -284,6 +288,51 @@ def del_radiuskey(request, radiuskey_instance, **_kwargs):
) )
@login_required
@can_create(SwitchManagementCred)
def add_switchmanagementcred(request):
"""Ajout de creds de management"""
switchmanagementcred = SwitchManagementCredForm(request.POST or None)
if switchmanagementcred.is_valid():
switchmanagementcred.save()
messages.success(request, "Ces creds ont été ajoutés")
return redirect(reverse('preferences:display-options'))
return form(
{'preferenceform': switchmanagementcred, 'action_name': 'Ajouter'},
'preferences/preferences.html',
request
)
@can_edit(SwitchManagementCred)
def edit_switchmanagementcred(request, switchmanagementcred_instance, **_kwargs):
"""Edition des creds de management"""
switchmanagementcred = SwitchManagementCredForm(request.POST or None, instance=switchmanagementcred_instance)
if switchmanagementcred.is_valid():
switchmanagementcred.save()
messages.success(request, "Creds de managament modifié")
return redirect(reverse('preferences:display-options'))
return form(
{'preferenceform': switchmanagementcred, 'action_name': 'Editer'},
'preferences/preferences.html',
request
)
@login_required
@can_delete(SwitchManagementCred)
def del_switchmanagementcred(request, switchmanagementcred_instance, **_kwargs):
"""Destruction d'un switchmanagementcred"""
if request.method == "POST":
switchmanagementcred_instance.delete()
messages.success(request, "Ce switchmanagementcred a été détruit")
return redirect(reverse('preferences:display-options'))
return form(
{'objet': switchmanagementcred_instance, 'objet_name': 'switchmanagementcred'},
'preferences/delete.html',
request
)
@login_required @login_required
@can_create(MailContact) @can_create(MailContact)
def add_mailcontact(request): def add_mailcontact(request):

View file

@ -125,6 +125,8 @@ MODEL_NAME = {
'preferences.Reminder': preferences.models.Reminder, 'preferences.Reminder': preferences.models.Reminder,
'AssoOption': preferences.models.AssoOption, 'AssoOption': preferences.models.AssoOption,
'MailMessageOption': preferences.models.MailMessageOption, 'MailMessageOption': preferences.models.MailMessageOption,
'RadiusKey': preferences.models.RadiusKey,
'SwitchManagementCred': preferences.models.SwitchManagementCred,
# topologie # topologie
'Stack': topologie.models.Stack, 'Stack': topologie.models.Stack,
'Switch': topologie.models.Switch, 'Switch': topologie.models.Switch,

View file

@ -99,6 +99,7 @@ HISTORY_BIND = {
'mailcontact': preferences.models.MailContact, 'mailcontact': preferences.models.MailContact,
'reminder': preferences.models.Reminder, 'reminder': preferences.models.Reminder,
'radiuskey': preferences.models.RadiusKey, 'radiuskey': preferences.models.RadiusKey,
'switchmanagementcred': preferences.models.SwitchManagementCred,
}, },
'cotisations': { 'cotisations': {
'facture': cotisations.models.Facture, 'facture': cotisations.models.Facture,

View file

@ -0,0 +1,22 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.10.7 on 2018-07-10 23:57
from __future__ import unicode_literals
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
('preferences', '0048_switchmanagementcred'),
('topologie', '0070_switch_radius_key'),
]
operations = [
migrations.AddField(
model_name='switch',
name='management_creds',
field=models.ForeignKey(blank=True, help_text='Identifiant de management de ce switch', null=True, on_delete=django.db.models.deletion.PROTECT, to='preferences.SwitchManagementCred'),
),
]

View file

@ -49,7 +49,11 @@ from django.db import transaction
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from reversion import revisions as reversion from reversion import revisions as reversion
from preferences.models import OptionalTopologie, RadiusKey from preferences.models import (
OptionalTopologie,
RadiusKey,
SwitchManagementCred
)
from machines.models import Machine, regen from machines.models import Machine, regen
from re2o.mixins import AclMixin, RevMixin from re2o.mixins import AclMixin, RevMixin
@ -228,6 +232,13 @@ class Switch(AclMixin, Machine):
on_delete=models.PROTECT, on_delete=models.PROTECT,
help_text="Clef radius du switch" help_text="Clef radius du switch"
) )
management_creds = models.ForeignKey(
'preferences.SwitchManagementCred',
blank=True,
null=True,
on_delete=models.PROTECT,
help_text="Identifiant de management de ce switch"
)
class Meta: class Meta:
unique_together = ('stack', 'stack_member_id') unique_together = ('stack', 'stack_member_id')
@ -289,15 +300,30 @@ class Switch(AclMixin, Machine):
@cached_property @cached_property
def get_radius_key(self): def get_radius_key(self):
"""Retourne l'objet de la clef radius de ce switch"""
return self.radius_key or RadiusKey.objects.filter(default_switch=True).first() return self.radius_key or RadiusKey.objects.filter(default_switch=True).first()
@cached_property @cached_property
def get_radius_key_value(self): def get_radius_key_value(self):
"""Retourne la valeur en str de la clef radius, none si il n'y en a pas"""
if self.get_radius_key: if self.get_radius_key:
return self.get_radius_key.radius_key return self.get_radius_key.radius_key
else: else:
return None return None
@cached_property
def get_management_cred(self):
"""Retourne l'objet des creds de managament de ce switch"""
return self.management_creds or SwitchManagementCred.objects.filter(default_switch=True).first()
@cached_property
def get_management_cred_value(self):
"""Retourne un dict des creds de management du switch"""
if self.get_management_cred:
return {'id': self.get_management_cred.management_id, 'pass': self.get_management_cred.management_pass}
else:
return None
@cached_property @cached_property
def rest_enabled(self): def rest_enabled(self):
return OptionalTopologie.get_cached_value('switchs_rest_management') or self.automatic_provision return OptionalTopologie.get_cached_value('switchs_rest_management') or self.automatic_provision