mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-24 20:33:11 +00:00
Allow policies edition
This commit is contained in:
parent
c419c1239d
commit
84f1c9d60a
5 changed files with 125 additions and 90 deletions
|
@ -42,6 +42,7 @@ from .models import (
|
||||||
Reminder,
|
Reminder,
|
||||||
RadiusKey,
|
RadiusKey,
|
||||||
SwitchManagementCred,
|
SwitchManagementCred,
|
||||||
|
RadiusOption,
|
||||||
)
|
)
|
||||||
from topologie.models import Switch
|
from topologie.models import Switch
|
||||||
|
|
||||||
|
@ -229,6 +230,13 @@ class EditHomeOptionForm(ModelForm):
|
||||||
self.fields['twitter_account_name'].label = _("Twitter account name")
|
self.fields['twitter_account_name'].label = _("Twitter account name")
|
||||||
|
|
||||||
|
|
||||||
|
class EditRadiusOptionForm(ModelForm):
|
||||||
|
"""Edition forms for Radius options"""
|
||||||
|
class Meta:
|
||||||
|
model = RadiusOption
|
||||||
|
fields = ['radius_general_policy', 'vlan_decision_ok']
|
||||||
|
|
||||||
|
|
||||||
class ServiceForm(ModelForm):
|
class ServiceForm(ModelForm):
|
||||||
"""Edition, ajout de services sur la page d'accueil"""
|
"""Edition, ajout de services sur la page d'accueil"""
|
||||||
class Meta:
|
class Meta:
|
||||||
|
|
|
@ -10,17 +10,11 @@ import re2o.mixins
|
||||||
def create_radius_policy(apps, schema_editor):
|
def create_radius_policy(apps, schema_editor):
|
||||||
OptionalTopologie = apps.get_model('preferences', 'OptionalTopologie')
|
OptionalTopologie = apps.get_model('preferences', 'OptionalTopologie')
|
||||||
RadiusOption = apps.get_model('preferences', 'RadiusOption')
|
RadiusOption = apps.get_model('preferences', 'RadiusOption')
|
||||||
RadiusPolicy = apps.get_model('preferences', 'RadiusPolicy')
|
|
||||||
|
|
||||||
option,_ = OptionalTopologie.objects.get_or_create()
|
option,_ = OptionalTopologie.objects.get_or_create()
|
||||||
|
|
||||||
radius_option = RadiusOption()
|
radius_option = RadiusOption()
|
||||||
radius_option.radius_general_policy = option.radius_general_policy
|
radius_option.radius_general_policy = option.radius_general_policy
|
||||||
radius_option.unknown_machine = RadiusPolicy.objects.create()
|
|
||||||
radius_option.unknown_port = RadiusPolicy.objects.create()
|
|
||||||
radius_option.unknown_room = RadiusPolicy.objects.create()
|
|
||||||
radius_option.non_member = RadiusPolicy.objects.create()
|
|
||||||
radius_option.banned = RadiusPolicy.objects.create()
|
|
||||||
radius_option.vlan_decision_ok = option.vlan_decision_ok
|
radius_option.vlan_decision_ok = option.vlan_decision_ok
|
||||||
|
|
||||||
radius_option.save()
|
radius_option.save()
|
||||||
|
@ -45,47 +39,56 @@ class Migration(migrations.Migration):
|
||||||
},
|
},
|
||||||
bases=(re2o.mixins.AclMixin, models.Model),
|
bases=(re2o.mixins.AclMixin, models.Model),
|
||||||
),
|
),
|
||||||
migrations.CreateModel(
|
migrations.AddField(
|
||||||
name='RadiusPolicy',
|
model_name='radiusoption',
|
||||||
fields=[
|
name='banned_vlan',
|
||||||
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
field=models.ForeignKey(blank=True, help_text='Vlan for banned if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='banned_vlan', to='machines.Vlan', verbose_name='Banned Vlan'),
|
||||||
('policy', models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32)),
|
|
||||||
('vlan', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, to='machines.Vlan')),
|
|
||||||
],
|
|
||||||
options={
|
|
||||||
'verbose_name': 'radius policy',
|
|
||||||
},
|
|
||||||
bases=(re2o.mixins.AclMixin, models.Model),
|
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='radiusoption',
|
model_name='radiusoption',
|
||||||
name='non_member',
|
name='non_member_vlan',
|
||||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='non_member_option', to='preferences.RadiusPolicy', verbose_name='Policy non member users.'),
|
field=models.ForeignKey(blank=True, help_text='Vlan for non members if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='non_member_vlan', to='machines.Vlan', verbose_name='Non member Vlan'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='radiusoption',
|
model_name='radiusoption',
|
||||||
name='unknown_machine',
|
name='unknown_machine_vlan',
|
||||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'),
|
field=models.ForeignKey(blank=True, help_text='Vlan for unknown machines if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_vlan', to='machines.Vlan', verbose_name='Unknown machine Vlan'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='radiusoption',
|
model_name='radiusoption',
|
||||||
name='unknown_port',
|
name='unknown_port_vlan',
|
||||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'),
|
field=models.ForeignKey(blank=True, help_text='Vlan for unknown ports if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_vlan', to='machines.Vlan', verbose_name='Unknown port Vlan'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='radiusoption',
|
model_name='radiusoption',
|
||||||
name='unknown_room',
|
name='unknown_room_vlan',
|
||||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_option', to='preferences.RadiusPolicy', verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'),
|
field=models.ForeignKey(blank=True, help_text='Vlan for unknown room if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_vlan', to='machines.Vlan', verbose_name='Unknown room Vlan'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='radiusoption',
|
model_name='radiusoption',
|
||||||
name='banned',
|
name='banned',
|
||||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='banned_option', to='preferences.RadiusPolicy', verbose_name='Policy for banned users.'),
|
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for banned users.'),
|
||||||
),
|
),
|
||||||
migrations.AddField(
|
migrations.AddField(
|
||||||
model_name='radiusoption',
|
model_name='radiusoption',
|
||||||
name='vlan_decision_ok',
|
name='non_member',
|
||||||
field=models.OneToOneField(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, related_name='vlan_ok_option', to='machines.Vlan'),
|
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy non member users.'),
|
||||||
),
|
),
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='radiusoption',
|
||||||
|
name='unknown_machine',
|
||||||
|
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'),
|
||||||
|
),
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='radiusoption',
|
||||||
|
name='unknown_port',
|
||||||
|
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'),
|
||||||
|
),
|
||||||
|
migrations.AddField(
|
||||||
|
model_name='radiusoption',
|
||||||
|
name='unknown_room',
|
||||||
|
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'),
|
||||||
|
),
|
||||||
|
|
||||||
migrations.RunPython(create_radius_policy),
|
migrations.RunPython(create_radius_policy),
|
||||||
]
|
]
|
||||||
|
|
|
@ -199,26 +199,6 @@ class OptionalTopologie(AclMixin, PreferencesModel):
|
||||||
('tftp', 'tftp'),
|
('tftp', 'tftp'),
|
||||||
)
|
)
|
||||||
|
|
||||||
radius_general_policy = models.CharField(
|
|
||||||
max_length=32,
|
|
||||||
choices=CHOICE_RADIUS,
|
|
||||||
default='DEFINED'
|
|
||||||
)
|
|
||||||
vlan_decision_ok = models.OneToOneField(
|
|
||||||
'machines.Vlan',
|
|
||||||
on_delete=models.PROTECT,
|
|
||||||
related_name='decision_ok',
|
|
||||||
blank=True,
|
|
||||||
null=True
|
|
||||||
)
|
|
||||||
vlan_decision_nok = models.OneToOneField(
|
|
||||||
'machines.Vlan',
|
|
||||||
on_delete=models.PROTECT,
|
|
||||||
related_name='decision_nok',
|
|
||||||
blank=True,
|
|
||||||
null=True
|
|
||||||
)
|
|
||||||
|
|
||||||
switchs_web_management = models.BooleanField(
|
switchs_web_management = models.BooleanField(
|
||||||
default=False,
|
default=False,
|
||||||
help_text="Web management, activé si provision automatique"
|
help_text="Web management, activé si provision automatique"
|
||||||
|
@ -589,31 +569,6 @@ class MailMessageOption(AclMixin, models.Model):
|
||||||
verbose_name = _("email message options")
|
verbose_name = _("email message options")
|
||||||
|
|
||||||
|
|
||||||
class RadiusPolicy(AclMixin, models.Model):
|
|
||||||
class Meta:
|
|
||||||
verbose_name = _('radius policy')
|
|
||||||
|
|
||||||
REJECT = 'REJECT'
|
|
||||||
SET_VLAN = 'SET_VLAN'
|
|
||||||
CHOICE_POLICY = (
|
|
||||||
(REJECT, _('Reject the machine')),
|
|
||||||
(SET_VLAN, _('Place the machine on the VLAN'))
|
|
||||||
)
|
|
||||||
|
|
||||||
policy = models.CharField(
|
|
||||||
max_length=32,
|
|
||||||
choices=CHOICE_POLICY,
|
|
||||||
default=REJECT
|
|
||||||
)
|
|
||||||
|
|
||||||
vlan = models.ForeignKey(
|
|
||||||
'machines.Vlan',
|
|
||||||
on_delete=models.PROTECT,
|
|
||||||
blank=True,
|
|
||||||
null=True
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class RadiusOption(AclMixin, models.Model):
|
class RadiusOption(AclMixin, models.Model):
|
||||||
class Meta:
|
class Meta:
|
||||||
verbose_name = _("radius policies")
|
verbose_name = _("radius policies")
|
||||||
|
@ -624,44 +579,105 @@ class RadiusOption(AclMixin, models.Model):
|
||||||
(MACHINE, _("On the IP range's VLAN of the machine")),
|
(MACHINE, _("On the IP range's VLAN of the machine")),
|
||||||
(DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")),
|
(DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")),
|
||||||
)
|
)
|
||||||
|
REJECT = 'REJECT'
|
||||||
|
SET_VLAN = 'SET_VLAN'
|
||||||
|
CHOICE_POLICY = (
|
||||||
|
(REJECT, _('Reject the machine')),
|
||||||
|
(SET_VLAN, _('Place the machine on the VLAN'))
|
||||||
|
)
|
||||||
radius_general_policy = models.CharField(
|
radius_general_policy = models.CharField(
|
||||||
max_length=32,
|
max_length=32,
|
||||||
choices=CHOICE_RADIUS,
|
choices=CHOICE_RADIUS,
|
||||||
default='DEFINED'
|
default='DEFINED'
|
||||||
)
|
)
|
||||||
unknown_machine = models.ForeignKey(
|
unknown_machine = models.CharField(
|
||||||
RadiusPolicy,
|
max_length=32,
|
||||||
on_delete=models.PROTECT,
|
choices=CHOICE_POLICY,
|
||||||
|
default=REJECT,
|
||||||
verbose_name=_("Policy for unknown machines"),
|
verbose_name=_("Policy for unknown machines"),
|
||||||
related_name='unknown_machine_option',
|
|
||||||
)
|
)
|
||||||
unknown_port = models.ForeignKey(
|
unknown_machine_vlan = models.ForeignKey(
|
||||||
RadiusPolicy,
|
'machines.Vlan',
|
||||||
on_delete=models.PROTECT,
|
on_delete=models.PROTECT,
|
||||||
|
related_name='unknown_machine_vlan',
|
||||||
|
blank=True,
|
||||||
|
null=True,
|
||||||
|
verbose_name=_('Unknown machine Vlan'),
|
||||||
|
help_text=_(
|
||||||
|
'Vlan for unknown machines if not rejected.'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
unknown_port = models.CharField(
|
||||||
|
max_length=32,
|
||||||
|
choices=CHOICE_POLICY,
|
||||||
|
default=REJECT,
|
||||||
verbose_name=_("Policy for unknown machines"),
|
verbose_name=_("Policy for unknown machines"),
|
||||||
related_name='unknown_port_option',
|
|
||||||
)
|
)
|
||||||
unknown_room = models.ForeignKey(
|
unknown_port_vlan = models.ForeignKey(
|
||||||
RadiusPolicy,
|
'machines.Vlan',
|
||||||
on_delete=models.PROTECT,
|
on_delete=models.PROTECT,
|
||||||
|
related_name='unknown_port_vlan',
|
||||||
|
blank=True,
|
||||||
|
null=True,
|
||||||
|
verbose_name=_('Unknown port Vlan'),
|
||||||
|
help_text=_(
|
||||||
|
'Vlan for unknown ports if not rejected.'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
unknown_room = models.CharField(
|
||||||
|
max_length=32,
|
||||||
|
choices=CHOICE_POLICY,
|
||||||
|
default=REJECT,
|
||||||
verbose_name=_(
|
verbose_name=_(
|
||||||
"Policy for machine connecting from "
|
"Policy for machine connecting from "
|
||||||
"unregistered room (relevant on ports with STRICT "
|
"unregistered room (relevant on ports with STRICT "
|
||||||
"radius mode)"
|
"radius mode)"
|
||||||
),
|
),
|
||||||
related_name='unknown_room_option',
|
|
||||||
)
|
)
|
||||||
non_member = models.ForeignKey(
|
unknown_room_vlan = models.ForeignKey(
|
||||||
RadiusPolicy,
|
'machines.Vlan',
|
||||||
|
related_name='unknown_room_vlan',
|
||||||
on_delete=models.PROTECT,
|
on_delete=models.PROTECT,
|
||||||
|
blank=True,
|
||||||
|
null=True,
|
||||||
|
verbose_name=_('Unknown room Vlan'),
|
||||||
|
help_text=_(
|
||||||
|
'Vlan for unknown room if not rejected.'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
non_member = models.CharField(
|
||||||
|
max_length=32,
|
||||||
|
choices=CHOICE_POLICY,
|
||||||
|
default=REJECT,
|
||||||
verbose_name=_("Policy non member users."),
|
verbose_name=_("Policy non member users."),
|
||||||
related_name='non_member_option',
|
|
||||||
)
|
)
|
||||||
banned = models.ForeignKey(
|
non_member_vlan = models.ForeignKey(
|
||||||
RadiusPolicy,
|
'machines.Vlan',
|
||||||
|
related_name='non_member_vlan',
|
||||||
on_delete=models.PROTECT,
|
on_delete=models.PROTECT,
|
||||||
|
blank=True,
|
||||||
|
null=True,
|
||||||
|
verbose_name=_('Non member Vlan'),
|
||||||
|
help_text=_(
|
||||||
|
'Vlan for non members if not rejected.'
|
||||||
|
)
|
||||||
|
)
|
||||||
|
banned = models.CharField(
|
||||||
|
max_length=32,
|
||||||
|
choices=CHOICE_POLICY,
|
||||||
|
default=REJECT,
|
||||||
verbose_name=_("Policy for banned users."),
|
verbose_name=_("Policy for banned users."),
|
||||||
related_name='banned_option'
|
)
|
||||||
|
banned_vlan = models.ForeignKey(
|
||||||
|
'machines.Vlan',
|
||||||
|
related_name='banned_vlan',
|
||||||
|
on_delete=models.PROTECT,
|
||||||
|
blank=True,
|
||||||
|
null=True,
|
||||||
|
verbose_name=_('Banned Vlan'),
|
||||||
|
help_text=_(
|
||||||
|
'Vlan for banned if not rejected.'
|
||||||
|
)
|
||||||
)
|
)
|
||||||
vlan_decision_ok = models.OneToOneField(
|
vlan_decision_ok = models.OneToOneField(
|
||||||
'machines.Vlan',
|
'machines.Vlan',
|
||||||
|
|
|
@ -37,6 +37,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
<form class="form" method="post" enctype="multipart/form-data">
|
<form class="form" method="post" enctype="multipart/form-data">
|
||||||
{% csrf_token %}
|
{% csrf_token %}
|
||||||
{% massive_bootstrap_form options 'utilisateur_asso,automatic_provision_switchs' %}
|
{% massive_bootstrap_form options 'utilisateur_asso,automatic_provision_switchs' %}
|
||||||
|
{% if formset %}
|
||||||
|
{{ formset.management_form }}
|
||||||
|
{% for f in formset %}
|
||||||
|
{% bootstrap_form f %}
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
{% trans "Edit" as tr_edit %}
|
{% trans "Edit" as tr_edit %}
|
||||||
{% bootstrap_button tr_edit button_type="submit" icon='ok' button_class='btn-success' %}
|
{% bootstrap_button tr_edit button_type="submit" icon='ok' button_class='btn-success' %}
|
||||||
</form>
|
</form>
|
||||||
|
|
|
@ -137,7 +137,9 @@ def edit_options(request, section):
|
||||||
messages.success(request, _("The preferences were edited."))
|
messages.success(request, _("The preferences were edited."))
|
||||||
return redirect(reverse('preferences:display-options'))
|
return redirect(reverse('preferences:display-options'))
|
||||||
return form(
|
return form(
|
||||||
{'options': options},
|
{
|
||||||
|
'options': options,
|
||||||
|
},
|
||||||
'preferences/edit_preferences.html',
|
'preferences/edit_preferences.html',
|
||||||
request
|
request
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue