From 84f1c9d60ac35d8883d0051fac2eeb4258139aa3 Mon Sep 17 00:00:00 2001 From: Hugo LEVY-FALK Date: Sun, 2 Dec 2018 17:03:27 +0100 Subject: [PATCH] Allow policies edition --- preferences/forms.py | 8 + .../migrations/0052_auto_20181013_1629.py | 59 ++++---- preferences/models.py | 138 ++++++++++-------- .../preferences/edit_preferences.html | 6 + preferences/views.py | 4 +- 5 files changed, 125 insertions(+), 90 deletions(-) diff --git a/preferences/forms.py b/preferences/forms.py index 2f90927f..685400de 100644 --- a/preferences/forms.py +++ b/preferences/forms.py @@ -42,6 +42,7 @@ from .models import ( Reminder, RadiusKey, SwitchManagementCred, + RadiusOption, ) from topologie.models import Switch @@ -229,6 +230,13 @@ class EditHomeOptionForm(ModelForm): self.fields['twitter_account_name'].label = _("Twitter account name") +class EditRadiusOptionForm(ModelForm): + """Edition forms for Radius options""" + class Meta: + model = RadiusOption + fields = ['radius_general_policy', 'vlan_decision_ok'] + + class ServiceForm(ModelForm): """Edition, ajout de services sur la page d'accueil""" class Meta: diff --git a/preferences/migrations/0052_auto_20181013_1629.py b/preferences/migrations/0052_auto_20181013_1629.py index 70498536..0f1d0b74 100644 --- a/preferences/migrations/0052_auto_20181013_1629.py +++ b/preferences/migrations/0052_auto_20181013_1629.py @@ -10,17 +10,11 @@ import re2o.mixins def create_radius_policy(apps, schema_editor): OptionalTopologie = apps.get_model('preferences', 'OptionalTopologie') RadiusOption = apps.get_model('preferences', 'RadiusOption') - RadiusPolicy = apps.get_model('preferences', 'RadiusPolicy') option,_ = OptionalTopologie.objects.get_or_create() radius_option = RadiusOption() radius_option.radius_general_policy = option.radius_general_policy - radius_option.unknown_machine = RadiusPolicy.objects.create() - radius_option.unknown_port = RadiusPolicy.objects.create() - radius_option.unknown_room = RadiusPolicy.objects.create() - radius_option.non_member = RadiusPolicy.objects.create() - radius_option.banned = RadiusPolicy.objects.create() radius_option.vlan_decision_ok = option.vlan_decision_ok radius_option.save() @@ -45,47 +39,56 @@ class Migration(migrations.Migration): }, bases=(re2o.mixins.AclMixin, models.Model), ), - migrations.CreateModel( - name='RadiusPolicy', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('policy', models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32)), - ('vlan', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, to='machines.Vlan')), - ], - options={ - 'verbose_name': 'radius policy', - }, - bases=(re2o.mixins.AclMixin, models.Model), + migrations.AddField( + model_name='radiusoption', + name='banned_vlan', + field=models.ForeignKey(blank=True, help_text='Vlan for banned if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='banned_vlan', to='machines.Vlan', verbose_name='Banned Vlan'), ), migrations.AddField( model_name='radiusoption', - name='non_member', - field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='non_member_option', to='preferences.RadiusPolicy', verbose_name='Policy non member users.'), + name='non_member_vlan', + field=models.ForeignKey(blank=True, help_text='Vlan for non members if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='non_member_vlan', to='machines.Vlan', verbose_name='Non member Vlan'), ), migrations.AddField( model_name='radiusoption', - name='unknown_machine', - field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'), + name='unknown_machine_vlan', + field=models.ForeignKey(blank=True, help_text='Vlan for unknown machines if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_vlan', to='machines.Vlan', verbose_name='Unknown machine Vlan'), ), migrations.AddField( model_name='radiusoption', - name='unknown_port', - field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'), + name='unknown_port_vlan', + field=models.ForeignKey(blank=True, help_text='Vlan for unknown ports if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_vlan', to='machines.Vlan', verbose_name='Unknown port Vlan'), ), migrations.AddField( model_name='radiusoption', - name='unknown_room', - field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_option', to='preferences.RadiusPolicy', verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'), + name='unknown_room_vlan', + field=models.ForeignKey(blank=True, help_text='Vlan for unknown room if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_vlan', to='machines.Vlan', verbose_name='Unknown room Vlan'), ), migrations.AddField( model_name='radiusoption', name='banned', - field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='banned_option', to='preferences.RadiusPolicy', verbose_name='Policy for banned users.'), + field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for banned users.'), ), migrations.AddField( model_name='radiusoption', - name='vlan_decision_ok', - field=models.OneToOneField(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, related_name='vlan_ok_option', to='machines.Vlan'), + name='non_member', + field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy non member users.'), ), + migrations.AddField( + model_name='radiusoption', + name='unknown_machine', + field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'), + ), + migrations.AddField( + model_name='radiusoption', + name='unknown_port', + field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'), + ), + migrations.AddField( + model_name='radiusoption', + name='unknown_room', + field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'), + ), + migrations.RunPython(create_radius_policy), ] diff --git a/preferences/models.py b/preferences/models.py index f3f5527e..cbc42516 100644 --- a/preferences/models.py +++ b/preferences/models.py @@ -199,26 +199,6 @@ class OptionalTopologie(AclMixin, PreferencesModel): ('tftp', 'tftp'), ) - radius_general_policy = models.CharField( - max_length=32, - choices=CHOICE_RADIUS, - default='DEFINED' - ) - vlan_decision_ok = models.OneToOneField( - 'machines.Vlan', - on_delete=models.PROTECT, - related_name='decision_ok', - blank=True, - null=True - ) - vlan_decision_nok = models.OneToOneField( - 'machines.Vlan', - on_delete=models.PROTECT, - related_name='decision_nok', - blank=True, - null=True - ) - switchs_web_management = models.BooleanField( default=False, help_text="Web management, activé si provision automatique" @@ -589,31 +569,6 @@ class MailMessageOption(AclMixin, models.Model): verbose_name = _("email message options") -class RadiusPolicy(AclMixin, models.Model): - class Meta: - verbose_name = _('radius policy') - - REJECT = 'REJECT' - SET_VLAN = 'SET_VLAN' - CHOICE_POLICY = ( - (REJECT, _('Reject the machine')), - (SET_VLAN, _('Place the machine on the VLAN')) - ) - - policy = models.CharField( - max_length=32, - choices=CHOICE_POLICY, - default=REJECT - ) - - vlan = models.ForeignKey( - 'machines.Vlan', - on_delete=models.PROTECT, - blank=True, - null=True - ) - - class RadiusOption(AclMixin, models.Model): class Meta: verbose_name = _("radius policies") @@ -624,44 +579,105 @@ class RadiusOption(AclMixin, models.Model): (MACHINE, _("On the IP range's VLAN of the machine")), (DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")), ) + REJECT = 'REJECT' + SET_VLAN = 'SET_VLAN' + CHOICE_POLICY = ( + (REJECT, _('Reject the machine')), + (SET_VLAN, _('Place the machine on the VLAN')) + ) radius_general_policy = models.CharField( max_length=32, choices=CHOICE_RADIUS, default='DEFINED' ) - unknown_machine = models.ForeignKey( - RadiusPolicy, - on_delete=models.PROTECT, + unknown_machine = models.CharField( + max_length=32, + choices=CHOICE_POLICY, + default=REJECT, verbose_name=_("Policy for unknown machines"), - related_name='unknown_machine_option', ) - unknown_port = models.ForeignKey( - RadiusPolicy, + unknown_machine_vlan = models.ForeignKey( + 'machines.Vlan', on_delete=models.PROTECT, + related_name='unknown_machine_vlan', + blank=True, + null=True, + verbose_name=_('Unknown machine Vlan'), + help_text=_( + 'Vlan for unknown machines if not rejected.' + ) + ) + unknown_port = models.CharField( + max_length=32, + choices=CHOICE_POLICY, + default=REJECT, verbose_name=_("Policy for unknown machines"), - related_name='unknown_port_option', ) - unknown_room = models.ForeignKey( - RadiusPolicy, + unknown_port_vlan = models.ForeignKey( + 'machines.Vlan', on_delete=models.PROTECT, + related_name='unknown_port_vlan', + blank=True, + null=True, + verbose_name=_('Unknown port Vlan'), + help_text=_( + 'Vlan for unknown ports if not rejected.' + ) + ) + unknown_room = models.CharField( + max_length=32, + choices=CHOICE_POLICY, + default=REJECT, verbose_name=_( "Policy for machine connecting from " "unregistered room (relevant on ports with STRICT " "radius mode)" ), - related_name='unknown_room_option', ) - non_member = models.ForeignKey( - RadiusPolicy, + unknown_room_vlan = models.ForeignKey( + 'machines.Vlan', + related_name='unknown_room_vlan', on_delete=models.PROTECT, + blank=True, + null=True, + verbose_name=_('Unknown room Vlan'), + help_text=_( + 'Vlan for unknown room if not rejected.' + ) + ) + non_member = models.CharField( + max_length=32, + choices=CHOICE_POLICY, + default=REJECT, verbose_name=_("Policy non member users."), - related_name='non_member_option', ) - banned = models.ForeignKey( - RadiusPolicy, + non_member_vlan = models.ForeignKey( + 'machines.Vlan', + related_name='non_member_vlan', on_delete=models.PROTECT, + blank=True, + null=True, + verbose_name=_('Non member Vlan'), + help_text=_( + 'Vlan for non members if not rejected.' + ) + ) + banned = models.CharField( + max_length=32, + choices=CHOICE_POLICY, + default=REJECT, verbose_name=_("Policy for banned users."), - related_name='banned_option' + ) + banned_vlan = models.ForeignKey( + 'machines.Vlan', + related_name='banned_vlan', + on_delete=models.PROTECT, + blank=True, + null=True, + verbose_name=_('Banned Vlan'), + help_text=_( + 'Vlan for banned if not rejected.' + ) ) vlan_decision_ok = models.OneToOneField( 'machines.Vlan', diff --git a/preferences/templates/preferences/edit_preferences.html b/preferences/templates/preferences/edit_preferences.html index a1540f33..c3dd4652 100644 --- a/preferences/templates/preferences/edit_preferences.html +++ b/preferences/templates/preferences/edit_preferences.html @@ -37,6 +37,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
{% csrf_token %} {% massive_bootstrap_form options 'utilisateur_asso,automatic_provision_switchs' %} + {% if formset %} + {{ formset.management_form }} + {% for f in formset %} + {% bootstrap_form f %} + {% endfor %} + {% endif %} {% trans "Edit" as tr_edit %} {% bootstrap_button tr_edit button_type="submit" icon='ok' button_class='btn-success' %}
diff --git a/preferences/views.py b/preferences/views.py index f62a5a0d..586be60f 100644 --- a/preferences/views.py +++ b/preferences/views.py @@ -137,7 +137,9 @@ def edit_options(request, section): messages.success(request, _("The preferences were edited.")) return redirect(reverse('preferences:display-options')) return form( - {'options': options}, + { + 'options': options, + }, 'preferences/edit_preferences.html', request )