mirror of
https://gitlab2.federez.net/re2o/re2o
synced 2024-11-22 03:13:12 +00:00
Allow policies edition
This commit is contained in:
Hugo LEVY-FALK
chirac
parent
a773f5d717
commit
f0736ebc39
5 changed files with 125 additions and 90 deletions
|
|
@ -42,6 +42,7 @@ from .models import (
|
|||
Reminder,
|
||||
RadiusKey,
|
||||
SwitchManagementCred,
|
||||
RadiusOption,
|
||||
)
|
||||
from topologie.models import Switch
|
||||
|
||||
|
|
@ -229,6 +230,13 @@ class EditHomeOptionForm(ModelForm):
|
|||
self.fields['twitter_account_name'].label = _("Twitter account name")
|
||||
|
||||
|
||||
class EditRadiusOptionForm(ModelForm):
|
||||
"""Edition forms for Radius options"""
|
||||
class Meta:
|
||||
model = RadiusOption
|
||||
fields = ['radius_general_policy', 'vlan_decision_ok']
|
||||
|
||||
|
||||
class ServiceForm(ModelForm):
|
||||
"""Edition, ajout de services sur la page d'accueil"""
|
||||
class Meta:
|
||||
|
|
|
|||
|
|
@ -10,17 +10,11 @@ import re2o.mixins
|
|||
def create_radius_policy(apps, schema_editor):
|
||||
OptionalTopologie = apps.get_model('preferences', 'OptionalTopologie')
|
||||
RadiusOption = apps.get_model('preferences', 'RadiusOption')
|
||||
RadiusPolicy = apps.get_model('preferences', 'RadiusPolicy')
|
||||
|
||||
option,_ = OptionalTopologie.objects.get_or_create()
|
||||
|
||||
radius_option = RadiusOption()
|
||||
radius_option.radius_general_policy = option.radius_general_policy
|
||||
radius_option.unknown_machine = RadiusPolicy.objects.create()
|
||||
radius_option.unknown_port = RadiusPolicy.objects.create()
|
||||
radius_option.unknown_room = RadiusPolicy.objects.create()
|
||||
radius_option.non_member = RadiusPolicy.objects.create()
|
||||
radius_option.banned = RadiusPolicy.objects.create()
|
||||
radius_option.vlan_decision_ok = option.vlan_decision_ok
|
||||
|
||||
radius_option.save()
|
||||
|
|
@ -45,47 +39,56 @@ class Migration(migrations.Migration):
|
|||
},
|
||||
bases=(re2o.mixins.AclMixin, models.Model),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name='RadiusPolicy',
|
||||
fields=[
|
||||
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
|
||||
('policy', models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32)),
|
||||
('vlan', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, to='machines.Vlan')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'radius policy',
|
||||
},
|
||||
bases=(re2o.mixins.AclMixin, models.Model),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='banned_vlan',
|
||||
field=models.ForeignKey(blank=True, help_text='Vlan for banned if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='banned_vlan', to='machines.Vlan', verbose_name='Banned Vlan'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='non_member',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='non_member_option', to='preferences.RadiusPolicy', verbose_name='Policy non member users.'),
|
||||
name='non_member_vlan',
|
||||
field=models.ForeignKey(blank=True, help_text='Vlan for non members if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='non_member_vlan', to='machines.Vlan', verbose_name='Non member Vlan'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='unknown_machine',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'),
|
||||
name='unknown_machine_vlan',
|
||||
field=models.ForeignKey(blank=True, help_text='Vlan for unknown machines if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_machine_vlan', to='machines.Vlan', verbose_name='Unknown machine Vlan'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='unknown_port',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_option', to='preferences.RadiusPolicy', verbose_name='Policy for unknown machines'),
|
||||
name='unknown_port_vlan',
|
||||
field=models.ForeignKey(blank=True, help_text='Vlan for unknown ports if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_port_vlan', to='machines.Vlan', verbose_name='Unknown port Vlan'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='unknown_room',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_option', to='preferences.RadiusPolicy', verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'),
|
||||
name='unknown_room_vlan',
|
||||
field=models.ForeignKey(blank=True, help_text='Vlan for unknown room if not rejected.', null=True, on_delete=django.db.models.deletion.PROTECT, related_name='unknown_room_vlan', to='machines.Vlan', verbose_name='Unknown room Vlan'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='banned',
|
||||
field=models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='banned_option', to='preferences.RadiusPolicy', verbose_name='Policy for banned users.'),
|
||||
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for banned users.'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='vlan_decision_ok',
|
||||
field=models.OneToOneField(blank=True, null=True, on_delete=django.db.models.deletion.PROTECT, related_name='vlan_ok_option', to='machines.Vlan'),
|
||||
name='non_member',
|
||||
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy non member users.'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='unknown_machine',
|
||||
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='unknown_port',
|
||||
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for unknown machines'),
|
||||
),
|
||||
migrations.AddField(
|
||||
model_name='radiusoption',
|
||||
name='unknown_room',
|
||||
field=models.CharField(choices=[('REJECT', 'Reject the machine'), ('SET_VLAN', 'Place the machine on the VLAN')], default='REJECT', max_length=32, verbose_name='Policy for machine connecting from unregistered room (relevant on ports with STRICT radius mode)'),
|
||||
),
|
||||
|
||||
migrations.RunPython(create_radius_policy),
|
||||
]
|
||||
|
|
|
|||
|
|
@ -199,26 +199,6 @@ class OptionalTopologie(AclMixin, PreferencesModel):
|
|||
('tftp', 'tftp'),
|
||||
)
|
||||
|
||||
radius_general_policy = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_RADIUS,
|
||||
default='DEFINED'
|
||||
)
|
||||
vlan_decision_ok = models.OneToOneField(
|
||||
'machines.Vlan',
|
||||
on_delete=models.PROTECT,
|
||||
related_name='decision_ok',
|
||||
blank=True,
|
||||
null=True
|
||||
)
|
||||
vlan_decision_nok = models.OneToOneField(
|
||||
'machines.Vlan',
|
||||
on_delete=models.PROTECT,
|
||||
related_name='decision_nok',
|
||||
blank=True,
|
||||
null=True
|
||||
)
|
||||
|
||||
switchs_web_management = models.BooleanField(
|
||||
default=False,
|
||||
help_text="Web management, activé si provision automatique"
|
||||
|
|
@ -589,31 +569,6 @@ class MailMessageOption(AclMixin, models.Model):
|
|||
verbose_name = _("email message options")
|
||||
|
||||
|
||||
class RadiusPolicy(AclMixin, models.Model):
|
||||
class Meta:
|
||||
verbose_name = _('radius policy')
|
||||
|
||||
REJECT = 'REJECT'
|
||||
SET_VLAN = 'SET_VLAN'
|
||||
CHOICE_POLICY = (
|
||||
(REJECT, _('Reject the machine')),
|
||||
(SET_VLAN, _('Place the machine on the VLAN'))
|
||||
)
|
||||
|
||||
policy = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_POLICY,
|
||||
default=REJECT
|
||||
)
|
||||
|
||||
vlan = models.ForeignKey(
|
||||
'machines.Vlan',
|
||||
on_delete=models.PROTECT,
|
||||
blank=True,
|
||||
null=True
|
||||
)
|
||||
|
||||
|
||||
class RadiusOption(AclMixin, models.Model):
|
||||
class Meta:
|
||||
verbose_name = _("radius policies")
|
||||
|
|
@ -624,44 +579,105 @@ class RadiusOption(AclMixin, models.Model):
|
|||
(MACHINE, _("On the IP range's VLAN of the machine")),
|
||||
(DEFINED, _("Preset in 'VLAN for machines accepted by RADIUS'")),
|
||||
)
|
||||
REJECT = 'REJECT'
|
||||
SET_VLAN = 'SET_VLAN'
|
||||
CHOICE_POLICY = (
|
||||
(REJECT, _('Reject the machine')),
|
||||
(SET_VLAN, _('Place the machine on the VLAN'))
|
||||
)
|
||||
radius_general_policy = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_RADIUS,
|
||||
default='DEFINED'
|
||||
)
|
||||
unknown_machine = models.ForeignKey(
|
||||
RadiusPolicy,
|
||||
on_delete=models.PROTECT,
|
||||
unknown_machine = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_POLICY,
|
||||
default=REJECT,
|
||||
verbose_name=_("Policy for unknown machines"),
|
||||
related_name='unknown_machine_option',
|
||||
)
|
||||
unknown_port = models.ForeignKey(
|
||||
RadiusPolicy,
|
||||
unknown_machine_vlan = models.ForeignKey(
|
||||
'machines.Vlan',
|
||||
on_delete=models.PROTECT,
|
||||
related_name='unknown_machine_vlan',
|
||||
blank=True,
|
||||
null=True,
|
||||
verbose_name=_('Unknown machine Vlan'),
|
||||
help_text=_(
|
||||
'Vlan for unknown machines if not rejected.'
|
||||
)
|
||||
)
|
||||
unknown_port = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_POLICY,
|
||||
default=REJECT,
|
||||
verbose_name=_("Policy for unknown machines"),
|
||||
related_name='unknown_port_option',
|
||||
)
|
||||
unknown_room = models.ForeignKey(
|
||||
RadiusPolicy,
|
||||
unknown_port_vlan = models.ForeignKey(
|
||||
'machines.Vlan',
|
||||
on_delete=models.PROTECT,
|
||||
related_name='unknown_port_vlan',
|
||||
blank=True,
|
||||
null=True,
|
||||
verbose_name=_('Unknown port Vlan'),
|
||||
help_text=_(
|
||||
'Vlan for unknown ports if not rejected.'
|
||||
)
|
||||
)
|
||||
unknown_room = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_POLICY,
|
||||
default=REJECT,
|
||||
verbose_name=_(
|
||||
"Policy for machine connecting from "
|
||||
"unregistered room (relevant on ports with STRICT "
|
||||
"radius mode)"
|
||||
),
|
||||
related_name='unknown_room_option',
|
||||
)
|
||||
non_member = models.ForeignKey(
|
||||
RadiusPolicy,
|
||||
unknown_room_vlan = models.ForeignKey(
|
||||
'machines.Vlan',
|
||||
related_name='unknown_room_vlan',
|
||||
on_delete=models.PROTECT,
|
||||
blank=True,
|
||||
null=True,
|
||||
verbose_name=_('Unknown room Vlan'),
|
||||
help_text=_(
|
||||
'Vlan for unknown room if not rejected.'
|
||||
)
|
||||
)
|
||||
non_member = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_POLICY,
|
||||
default=REJECT,
|
||||
verbose_name=_("Policy non member users."),
|
||||
related_name='non_member_option',
|
||||
)
|
||||
banned = models.ForeignKey(
|
||||
RadiusPolicy,
|
||||
non_member_vlan = models.ForeignKey(
|
||||
'machines.Vlan',
|
||||
related_name='non_member_vlan',
|
||||
on_delete=models.PROTECT,
|
||||
blank=True,
|
||||
null=True,
|
||||
verbose_name=_('Non member Vlan'),
|
||||
help_text=_(
|
||||
'Vlan for non members if not rejected.'
|
||||
)
|
||||
)
|
||||
banned = models.CharField(
|
||||
max_length=32,
|
||||
choices=CHOICE_POLICY,
|
||||
default=REJECT,
|
||||
verbose_name=_("Policy for banned users."),
|
||||
related_name='banned_option'
|
||||
)
|
||||
banned_vlan = models.ForeignKey(
|
||||
'machines.Vlan',
|
||||
related_name='banned_vlan',
|
||||
on_delete=models.PROTECT,
|
||||
blank=True,
|
||||
null=True,
|
||||
verbose_name=_('Banned Vlan'),
|
||||
help_text=_(
|
||||
'Vlan for banned if not rejected.'
|
||||
)
|
||||
)
|
||||
vlan_decision_ok = models.OneToOneField(
|
||||
'machines.Vlan',
|
||||
|
|
|
|||
|
|
@ -37,6 +37,12 @@ with this program; if not, write to the Free Software Foundation, Inc.,
|
|||
<form class="form" method="post" enctype="multipart/form-data">
|
||||
{% csrf_token %}
|
||||
{% massive_bootstrap_form options 'utilisateur_asso,automatic_provision_switchs' %}
|
||||
{% if formset %}
|
||||
{{ formset.management_form }}
|
||||
{% for f in formset %}
|
||||
{% bootstrap_form f %}
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
{% trans "Edit" as tr_edit %}
|
||||
{% bootstrap_button tr_edit button_type="submit" icon='ok' button_class='btn-success' %}
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -137,7 +137,9 @@ def edit_options(request, section):
|
|||
messages.success(request, _("The preferences were edited."))
|
||||
return redirect(reverse('preferences:display-options'))
|
||||
return form(
|
||||
{'options': options},
|
||||
{
|
||||
'options': options,
|
||||
},
|
||||
'preferences/edit_preferences.html',
|
||||
request
|
||||
)
|
||||
|
|
|
|||
Loading…
Reference in a new issue