diff --git a/machines/admin.py b/machines/admin.py index 168d84a3..11da2da3 100644 --- a/machines/admin.py +++ b/machines/admin.py @@ -45,7 +45,6 @@ from .models import ( Ipv6List, OuverturePortList, SshFingerprint, - SshFprAlgo, ) @@ -143,11 +142,6 @@ class ServiceAdmin(VersionAdmin): list_display = ('service_type', 'min_time_regen', 'regular_time_regen') -class SshFprAlgoAdmin(VersionAdmin): - """ Admin view of a SshFprAlgo object """ - pass - - class SshFingerprintAdmin(VersionAdmin): """ Admin view of a SshFprAlgo object """ pass @@ -171,5 +165,4 @@ admin.site.register(Ipv6List, Ipv6ListAdmin) admin.site.register(Nas, NasAdmin) admin.site.register(OuverturePort, OuverturePortAdmin) admin.site.register(OuverturePortList, OuverturePortListAdmin) -admin.site.register(SshFprAlgo, SshFprAlgoAdmin) admin.site.register(SshFingerprint, SshFingerprintAdmin) diff --git a/machines/forms.py b/machines/forms.py index e9086ef8..79a2e2c6 100644 --- a/machines/forms.py +++ b/machines/forms.py @@ -61,7 +61,6 @@ from .models import ( OuverturePortList, Ipv6List, SshFingerprint, - SshFprAlgo ) @@ -612,18 +611,3 @@ class SshFingerprintForm(FormRevMixin, ModelForm): prefix=prefix, **kwargs ) - - -class SshFprAlgoForm(FormRevMixin, ModelForm): - """Edits a SSH fingerprint algorithm.""" - class Meta: - model = SshFprAlgo - fields = '__all__' - - def __init__(self, *args, **kwargs): - prefix = kwargs.pop('prefix', self.Meta.model.__name__) - super(SshFprAlgoForm, self).__init__( - *args, - prefix=prefix, - **kwargs - ) diff --git a/machines/migrations/0084_auto_20180623_1651.py b/machines/migrations/0084_auto_20180623_1651.py deleted file mode 100644 index f042b7f8..00000000 --- a/machines/migrations/0084_auto_20180623_1651.py +++ /dev/null @@ -1,46 +0,0 @@ -# -*- coding: utf-8 -*- -# Generated by Django 1.10.7 on 2018-06-23 14:51 -from __future__ import unicode_literals - -from django.db import migrations, models -import django.db.models.deletion -import re2o.mixins - - -class Migration(migrations.Migration): - - dependencies = [ - ('machines', '0083_remove_duplicate_rights'), - ] - - operations = [ - migrations.CreateModel( - name='SshFprAlgo', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('name', models.CharField(max_length=256)), - ], - options={ - 'permissions': (('view_sshfpralgo', 'Can see an SSH fingerprint algorithm'),), - 'verbose_name': 'SSH fingerprint algorithm', - 'verbose_name_plural': 'SSH fingerprint algorithms' - }, - bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), - ), - migrations.CreateModel( - name='SshFingerprint', - fields=[ - ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), - ('pub_key_entry', models.TextField(help_text='SSH public key', max_length=2048)), - ('comment', models.CharField(blank=True, help_text='Comment', max_length=255, null=True)), - ('algo', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, to='machines.SshFprAlgo')), - ('machine', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='machines.Machine')), - ], - options={ - 'permissions': (('view_sshfingerprint', 'Can see an SSH fingerprint'),), - 'verbose_name': 'SSH fingerprint', - 'verbose_name_plural': 'SSH fingerprints' - }, - bases=(re2o.mixins.RevMixin, re2o.mixins.AclMixin, models.Model), - ), - ] diff --git a/machines/models.py b/machines/models.py index 6101cffc..66a2a03a 100644 --- a/machines/models.py +++ b/machines/models.py @@ -200,16 +200,27 @@ class Machine(RevMixin, FieldPermissionModelMixin, models.Model): def __str__(self): return str(self.user) + ' - ' + str(self.id) + ' - ' + str(self.name) + class SshFingerprint(RevMixin, AclMixin, models.Model): """A fingerpirnt of an SSH public key""" + + ALGO = ( + ("ssh-rsa", "ssh-rsa"), + ("ssh-ed25519", "ssh-ed25519"), + ("ecdsa-sha2-nistp256", "ecdsa-sha2-nistp256"), + ("ecdsa-sha2-nistp384", "ecdsa-sha2-nistp384"), + ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), + ("ecdsa-sha2-nistp521", "ecdsa-sha2-nistp521"), + ) + machine = models.ForeignKey('Machine', on_delete=models.CASCADE) pub_key_entry = models.TextField( help_text="SSH public key", max_length=2048 ) - algo = models.ForeignKey( - 'SshFprAlgo', - on_delete=models.PROTECT + algo = models.CharField( + choices=ALGO, + max_length=32 ) comment = models.CharField( help_text="Comment", @@ -238,21 +249,6 @@ class SshFingerprint(RevMixin, AclMixin, models.Model): return str(self.algo) + ' ' + str(self.hash_entry) + ' ' + str(self.comment) -class SshFprAlgo(RevMixin, AclMixin, models.Model): - """An algorithm to compute SSH fingerprints""" - name = models.CharField(max_length=256) - - class Meta: - permissions = ( - ("view_sshfpralgo", "Can see an SSH fingerprint algorithm"), - ) - verbose_name = "SSH fingerprint algorithm" - verbose_name_plural = "SSH fingerprint algorithms" - - def __str__(self): - return str(self.name) - - class MachineType(RevMixin, AclMixin, models.Model): """ Type de machine, relié à un type d'ip, affecté aux interfaces""" PRETTY_NAME = "Type de machine" diff --git a/machines/templates/machines/aff_sshfpralgo.html b/machines/templates/machines/aff_sshfpralgo.html deleted file mode 100644 index 902191ff..00000000 --- a/machines/templates/machines/aff_sshfpralgo.html +++ /dev/null @@ -1,47 +0,0 @@ -{% comment %} -Re2o est un logiciel d'administration développé initiallement au rezometz. Il -se veut agnostique au réseau considéré, de manière à être installable en -quelques clics. - -Copyright © 2018 Gabriel Détraz - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -{% endcomment %} - -{% load acl %} -{% load logs_extra %} - - - - - - - - - {% for sshfpralgo in sshfpralgo_list %} - - - - - {% endfor %} -
Algorithm name
{{ sshfpralgo.name }} - {% can_edit sshfpralgo %} - {% include 'buttons/edit.html' with href='machines:edit-sshfpralgo' id=sshfpralgo.id %} - {% acl_end %} - {% can_delete sshfpralgo %} - {% include 'buttons/suppr.html' with href='machines:del-sshfpralgo' id=sshfpralgo.id %} - {% acl_end %} - {% history_button sshfpralgo %} -
diff --git a/machines/templates/machines/index_sshfpralgo.html b/machines/templates/machines/index_sshfpralgo.html deleted file mode 100644 index 1bf50635..00000000 --- a/machines/templates/machines/index_sshfpralgo.html +++ /dev/null @@ -1,38 +0,0 @@ -{% extends "machines/sidebar.html" %} -{% comment %} -Re2o est un logiciel d'administration développé initiallement au rezometz. Il -se veut agnostique au réseau considéré, de manière à être installable en -quelques clics. - -Copyright © 2018 Gabriel Détraz - -This program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published by -the Free Software Foundation; either version 2 of the License, or -(at your option) any later version. - -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -GNU General Public License for more details. - -You should have received a copy of the GNU General Public License along -with this program; if not, write to the Free Software Foundation, Inc., -51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -{% endcomment %} - -{% load bootstrap3 %} -{% load acl %} - -{% block title %}Machines{% endblock %} - -{% block content %} -

SSH fingerprint algorithms

-{% can_create SshFprAlgo %} - - Add an SSH fingerprint algorithm - -{% acl_end %} -{% include "machines/aff_sshfpralgo.html" with sshfpralgo_list=sshfpralgo_list %} -{% endblock %} - diff --git a/machines/templates/machines/sidebar.html b/machines/templates/machines/sidebar.html index f897c3a4..5a0f975d 100644 --- a/machines/templates/machines/sidebar.html +++ b/machines/templates/machines/sidebar.html @@ -44,12 +44,6 @@ with this program; if not, write to the Free Software Foundation, Inc., Extensions et zones {% acl_end %} - {% can_view_all SshFprAlgo %} - - - SSH fingerprint algorithm - - {% acl_end %} {% can_view_all IpType %} diff --git a/machines/urls.py b/machines/urls.py index 41c0d81c..8f58373a 100644 --- a/machines/urls.py +++ b/machines/urls.py @@ -119,18 +119,6 @@ urlpatterns = [ url(r'^index_sshfingerprint/(?P[0-9]+)$', views.index_sshfingerprint, name='index-sshfingerprint'), - url(r'^new_sshfpralgo/$', - views.new_sshfpralgo, - name='new-sshfpralgo'), - url(r'^edit_sshfpralgo/(?P[0-9]+)$', - views.edit_sshfpralgo, - name='edit-sshfpralgo'), - url(r'^del_sshfpralgo/(?P[0-9]+)$', - views.del_sshfpralgo, - name='del-sshfpralgo'), - url(r'^index_sshfpralgo/$', - views.index_sshfpralgo, - name='index-sshfpralgo'), url(r'^add_service/$', views.add_service, name='add-service'), url(r'^edit_service/(?P[0-9]+)$', views.edit_service, diff --git a/machines/views.py b/machines/views.py index baba6613..8e99c45e 100644 --- a/machines/views.py +++ b/machines/views.py @@ -54,6 +54,7 @@ from re2o.utils import ( from re2o.acl import ( can_create, can_edit, + can_view, can_delete, can_view_all, can_delete_set, @@ -110,7 +111,6 @@ from .forms import ( EditOuverturePortListForm, EditOuverturePortConfigForm, SshFingerprintForm, - SshFprAlgoForm, ) from .models import ( IpType, @@ -133,7 +133,6 @@ from .models import ( OuverturePort, Ipv6List, SshFingerprint, - SshFprAlgo, ) @@ -530,72 +529,6 @@ def del_sshfingerprint(request, sshfingerprint, **_kwargs): ) -@login_required -@can_create(SshFprAlgo) -def new_sshfpralgo(request, **_kwargs): - """Creates an SSH fingeprint algorithm""" - sshfpralgo = SshFprAlgoForm( - request.POST or None, - ) - if sshfpralgo.is_valid(): - sshfpralgo.save() - messages.success(request, "The SSH fingerprint algorithm was added") - return redirect(reverse( - 'machines:index-sshfpralgo' - )) - return form( - {'sshfpralgoform': sshfpralgo, 'action_name': 'Create'}, - 'machines/machine.html', - request - ) - - -@login_required -@can_edit(SshFprAlgo) -def edit_sshfpralgo(request, sshfpralgo_instance, **_kwargs): - """Edits an SSH fingerprint algorithm""" - sshfpralgo = SshFprAlgoForm( - request.POST or None, - instance=sshfpralgo_instance - ) - if sshfpralgo.is_valid(): - if sshfpralgo.changed_data: - sshfpralgo.save() - messages.success(request, "The SSH fingerprint algorithm was edited") - return redirect(reverse( - 'machines:index-sshfpralgo' - )) - return form( - {'sshfpralgoform': sshfpralgo, 'action_name': 'Edit'}, - 'machines/machine.html', - request - ) - - -@login_required -@can_delete(SshFprAlgo) -def del_sshfpralgo(request, sshfpralgo, **_kwargs): - """Deletes an SSH fingerprint algorithm""" - if request.method == "POST": - try: - sshfpralgo.delete() - messages.success(request, "The SSH fingerprint algorithm was deleted") - except ProtectedError: - messages.error( - request, - ("This SSH fingerprint algorithm is used by at least one SSH" - "fingerprint and thus can not be deleted.") - ) - return redirect(reverse( - 'machines:index-sshfpralgo' - )) - return form( - {'objet': sshfpralgo, 'objet_name': 'sshfpralgo'}, - 'machines/delete.html', - request - ) - - @login_required @can_create(IpType) def add_iptype(request): @@ -1524,7 +1457,7 @@ def index_alias(request, interface, interfaceid): @login_required -@can_view_all(Machine) +@can_view(Machine) def index_sshfingerprint(request, machine, machineid): """View used to display the list of existing SSH fingerprint of a machine""" sshfingerprint_list = SshFingerprint.objects.filter(machine=machine) @@ -1535,18 +1468,6 @@ def index_sshfingerprint(request, machine, machineid): ) -@login_required -@can_view_all(SshFprAlgo) -def index_sshfpralgo(request): - """View used to display the list of existing SSH fingerprint algorithm""" - sshfpralgo_list = SshFprAlgo.objects.all() - return render( - request, - 'machines/index_sshfpralgo.html', - {'sshfpralgo_list': sshfpralgo_list} - ) - - @login_required @can_view_all(Interface) def index_ipv6(request, interface, interfaceid):