2018-11-25 21:02:16 +00:00
|
|
|
from django.shortcuts import render, get_object_or_404, redirect
|
2018-11-25 15:05:26 +00:00
|
|
|
from django.http import HttpResponse
|
2019-01-13 12:55:53 +00:00
|
|
|
from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm, AdminPasswordChangeForm
|
2018-11-25 21:02:16 +00:00
|
|
|
from django.db.models import Q
|
|
|
|
from django.views.decorators.csrf import csrf_exempt
|
|
|
|
from django.utils import timezone
|
2018-11-28 21:35:57 +00:00
|
|
|
from django.core.files import File
|
|
|
|
from django.db.models.fields.files import FieldFile
|
2019-01-13 12:55:53 +00:00
|
|
|
from django.contrib.auth.models import User
|
2019-01-17 08:19:26 +00:00
|
|
|
from django.contrib.auth.decorators import login_required, user_passes_test
|
2019-01-31 19:58:08 +00:00
|
|
|
from django.db.models.signals import post_save
|
|
|
|
from django.dispatch import receiver
|
|
|
|
from django.conf import settings
|
2019-02-02 11:57:15 +00:00
|
|
|
from django.contrib.auth.forms import PasswordResetForm
|
2018-12-25 23:25:53 +00:00
|
|
|
|
2019-01-31 19:58:08 +00:00
|
|
|
from .models import Device, Organization, Network, Model, Wifi, UserStatus
|
2019-01-18 12:50:41 +00:00
|
|
|
from .signals import *
|
2019-02-02 14:31:25 +00:00
|
|
|
from .forms import *
|
2019-02-02 08:18:57 +00:00
|
|
|
from .device import makewificonfig, heartbeathandler
|
2018-11-25 15:05:26 +00:00
|
|
|
|
2018-11-28 21:35:57 +00:00
|
|
|
from distutils.dir_util import copy_tree
|
|
|
|
|
|
|
|
import glob
|
|
|
|
import sys
|
|
|
|
import subprocess
|
2018-11-26 19:55:09 +00:00
|
|
|
import os
|
|
|
|
import socket
|
2018-11-28 21:35:57 +00:00
|
|
|
import tempfile
|
|
|
|
import crypt
|
|
|
|
import tarfile
|
2018-12-25 23:25:53 +00:00
|
|
|
import datetime
|
2019-01-13 16:56:00 +00:00
|
|
|
import time
|
2019-02-02 11:57:15 +00:00
|
|
|
import uuid
|
2018-11-26 19:55:09 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
def is_superuser(user):
|
|
|
|
return user.is_superuser
|
|
|
|
|
|
|
|
def is_staff(user):
|
|
|
|
return user.is_staff
|
|
|
|
|
|
|
|
@login_required
|
2018-11-25 15:05:26 +00:00
|
|
|
def index(request):
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2018-11-25 21:02:16 +00:00
|
|
|
|
|
|
|
@csrf_exempt
|
|
|
|
def heartbeat(request):
|
|
|
|
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
2018-12-01 17:56:29 +00:00
|
|
|
ip = request.POST.get("ip", "")
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2019-02-02 08:18:57 +00:00
|
|
|
return HttpResponse(heartbeathandler(device, ip))
|
2018-12-28 09:43:57 +00:00
|
|
|
|
|
|
|
@csrf_exempt
|
|
|
|
def wireless(request):
|
|
|
|
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
2019-02-02 08:18:57 +00:00
|
|
|
device.wireless = timezone.now()
|
|
|
|
device.save()
|
2018-12-28 09:43:57 +00:00
|
|
|
return HttpResponse(makewificonfig(device))
|
|
|
|
|
|
|
|
|
2018-11-26 19:55:09 +00:00
|
|
|
@csrf_exempt
|
2018-11-25 21:02:16 +00:00
|
|
|
def hosts(request):
|
|
|
|
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
2019-01-18 12:50:41 +00:00
|
|
|
sigRebootDevice(device.serial, None, False)
|
2018-11-28 15:38:35 +00:00
|
|
|
device.reboot = False
|
|
|
|
device.save()
|
2018-11-25 15:05:26 +00:00
|
|
|
return render(request, "manager/hosts", {"device": device})
|
2018-11-25 21:02:16 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
def mkfirmware(device, path):
|
2018-12-28 10:06:06 +00:00
|
|
|
if device.firmware and device.firmware > device.model.firmware and device.firmware > device.changed and glob.glob("%s/%s.bin" % (path, device.id)):
|
2018-12-25 23:25:53 +00:00
|
|
|
return True
|
|
|
|
|
|
|
|
BEFORE = os.getcwd()
|
|
|
|
DEVICEDIR = "/opt/vpnmanager/device-config/%i/" % device.model.id
|
|
|
|
SRCDIR = "/opt/vpnmanager/imagebuilder/%i/" % device.model.id
|
|
|
|
|
|
|
|
if glob.glob(SRCDIR + "/.kumilock"):
|
|
|
|
return False
|
|
|
|
|
|
|
|
with open(SRCDIR + "/.kumilock", "w") as lock:
|
|
|
|
lock.write("")
|
|
|
|
|
|
|
|
tempdir = tempfile.TemporaryDirectory()
|
|
|
|
|
|
|
|
copy_tree(DEVICEDIR, tempdir.name)
|
|
|
|
|
|
|
|
# Write OpenVPN config
|
|
|
|
|
|
|
|
with open(tempdir.name + "/etc/openvpn/client.conf", "w") as vpnconf:
|
|
|
|
vpnconf.write(device.vpnconfig)
|
|
|
|
|
|
|
|
# Write secret
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
with open(tempdir.name + "/etc/vpnsecret", "w") as secret:
|
|
|
|
secret.write('SECRET="%s"' % device.secret)
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
# Write password
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
with open(tempdir.name + "/etc/shadow", "r") as shadow:
|
|
|
|
password = crypt.crypt(device.password, crypt.mksalt(crypt.METHOD_MD5))
|
|
|
|
shadowin = shadow.read()
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
with open(tempdir.name + "/etc/shadow", "w") as shadowout:
|
|
|
|
shadowout.write(shadowin.replace("$PASSWORD", password))
|
|
|
|
|
2018-12-28 09:43:57 +00:00
|
|
|
# Write Wireless config
|
2018-12-25 23:25:53 +00:00
|
|
|
|
|
|
|
with open(tempdir.name + "/etc/config/wireless", "r") as wireless:
|
|
|
|
wirein = wireless.read()
|
|
|
|
|
|
|
|
with open(tempdir.name + "/etc/config/wireless", "w") as wireout:
|
|
|
|
wire = wirein.replace("$SSID", device.serial)
|
2018-12-28 09:43:57 +00:00
|
|
|
wireout.write(wire + "\n" + makewificonfig(device))
|
2018-12-25 23:25:53 +00:00
|
|
|
|
|
|
|
# Create compilation environment
|
|
|
|
|
|
|
|
os.system("rm -rf " + SRCDIR + "/files/")
|
|
|
|
os.mkdir(SRCDIR + "/files/")
|
|
|
|
os.system("cp -r " + tempdir.name + "/* " + SRCDIR + "/files/")
|
|
|
|
|
|
|
|
tempdir.cleanup()
|
|
|
|
|
|
|
|
os.system("rm " + SRCDIR + "/bin/targets/ar71xx/generic/*")
|
|
|
|
|
|
|
|
# Build image
|
|
|
|
|
|
|
|
os.chdir(SRCDIR)
|
|
|
|
|
|
|
|
try:
|
|
|
|
subprocess.call(["/usr/bin/make"])
|
|
|
|
except:
|
|
|
|
os.remove(SRCDIR + "/.kumilock")
|
|
|
|
os.chdir(BEFORE)
|
|
|
|
return False
|
|
|
|
|
|
|
|
os.chdir(BEFORE)
|
|
|
|
|
|
|
|
os.rename(glob.glob(SRCDIR + "/bin/targets/ar71xx/generic/*squashfs-sysupgrade.bin")[0], "%s/%s.bin" % (path, device.id))
|
|
|
|
os.remove(SRCDIR + "/.kumilock")
|
|
|
|
os.system("rm -rf " + SRCDIR + "/files/")
|
|
|
|
os.system("rm " + SRCDIR + "/bin/targets/ar71xx/generic/*")
|
|
|
|
device.firmware = datetime.datetime.now()
|
|
|
|
device.save()
|
|
|
|
return True
|
|
|
|
|
|
|
|
@csrf_exempt
|
|
|
|
def update(request):
|
|
|
|
FWDIR = "/opt/vpnmanager/images/"
|
|
|
|
|
|
|
|
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
if not mkfirmware(device, FWDIR):
|
|
|
|
return HttpResponse(status=503)
|
|
|
|
|
2019-01-18 12:50:41 +00:00
|
|
|
sigUpdateDevice(device.serial, None, False)
|
2018-12-25 23:25:53 +00:00
|
|
|
device.update = False
|
|
|
|
device.save()
|
|
|
|
|
|
|
|
with open("%s/%s.bin" % (FWDIR, device.id), "rb") as download:
|
|
|
|
response = HttpResponse(download.read(), content_type="application/octet-stream")
|
|
|
|
response['Content-Disposition'] = 'inline; filename=%s.bin' % device.serial
|
|
|
|
return response
|
|
|
|
|
2018-11-26 19:55:09 +00:00
|
|
|
def ping(request, device_id):
|
|
|
|
if request.user.is_authenticated:
|
|
|
|
device = None
|
2018-11-28 15:38:35 +00:00
|
|
|
ajax = '{\n "status": '
|
|
|
|
|
2018-11-26 19:55:09 +00:00
|
|
|
for organization in Organization.objects.filter(users=request.user):
|
|
|
|
device = device or Device.objects.filter(id=device_id, organization=organization)
|
|
|
|
|
|
|
|
if not device:
|
2018-11-28 15:38:35 +00:00
|
|
|
ajax += "-1"
|
2018-11-26 19:55:09 +00:00
|
|
|
|
2018-11-28 15:38:35 +00:00
|
|
|
else:
|
|
|
|
try:
|
|
|
|
socket.inet_aton(device[0].curip)
|
2019-01-13 17:12:09 +00:00
|
|
|
ajax += str(1 if not os.WEXITSTATUS(os.system("ping -c1 -w1 " + device[0].curip + " > /dev/null 2>&1")) else 2 if (timezone.now() - device[0].lasttime).total_seconds() > 120 and (timezone.now() - device[0].lastbeat).total_seconds() < 60 else 0)
|
2018-12-15 11:35:00 +00:00
|
|
|
ajax += ',\n "serial": "%s"' % device[0].serial
|
2018-12-28 09:43:57 +00:00
|
|
|
ajax += ',\n "name": "%s"' % device[0].name if device[0].name else ""
|
2018-11-28 15:38:35 +00:00
|
|
|
ajax += ',\n "ip": "%s"' % device[0].curip
|
2019-01-13 16:56:00 +00:00
|
|
|
ajax += ',\n "time": "%i"' % (int(time.mktime(timezone.make_naive(device[0].lasttime, timezone.get_current_timezone()).timetuple())) * 1000)
|
|
|
|
ajax += ',\n "lastbeat": "%s"' % (int(time.mktime(timezone.make_naive(device[0].lastbeat, timezone.get_current_timezone()).timetuple())) * 1000)
|
2018-12-15 11:35:00 +00:00
|
|
|
ajax += ',\n "reboot": %i' % (1 if device[0].reboot else 0)
|
2018-12-26 01:24:36 +00:00
|
|
|
ajax += ',\n "update": %i' % (1 if device[0].update else 0)
|
2018-12-15 11:35:00 +00:00
|
|
|
|
|
|
|
ajax += ',\n "network": {'
|
|
|
|
ajax += '\n "intip": "%s"' % device[0].network.intip
|
2019-01-03 18:20:13 +00:00
|
|
|
ajax += ',\n "extip": "%s"' % device[0].network.extip
|
2019-01-17 08:47:41 +00:00
|
|
|
ajax += ',\n "name": "%s"' % (device[0].network.name if device[0].network.name else "")
|
2018-12-15 11:35:00 +00:00
|
|
|
ajax += '\n }'
|
2018-11-26 19:55:09 +00:00
|
|
|
|
2019-01-13 17:12:09 +00:00
|
|
|
except Exception as e:
|
2018-11-28 15:38:35 +00:00
|
|
|
ajax += "-3"
|
2018-11-26 19:55:09 +00:00
|
|
|
|
|
|
|
else:
|
2018-11-28 15:38:35 +00:00
|
|
|
ajax += "-2"
|
2018-11-26 19:55:09 +00:00
|
|
|
|
2018-11-28 15:38:35 +00:00
|
|
|
ajax += "\n}"
|
2018-12-15 11:35:00 +00:00
|
|
|
return HttpResponse(ajax, content_type="application/json")
|
2019-01-17 08:19:26 +00:00
|
|
|
|
|
|
|
@login_required
|
2018-11-25 21:02:16 +00:00
|
|
|
def devices(request):
|
2019-02-01 14:38:37 +00:00
|
|
|
return render(request, "manager/index.html", {"title": "Device Administration"})
|
2018-11-25 21:02:16 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@login_required
|
2018-11-25 21:02:16 +00:00
|
|
|
def editdevice(request, device_id):
|
2019-02-02 15:08:20 +00:00
|
|
|
device = get_object_or_404(Organization, id=device_id, organization__in=request.user.organization_set.all())
|
|
|
|
subnets = Network.objects.filter(organization=device.organization)
|
|
|
|
wifis = Wifi.objects.filter(organization=device.organization)
|
2019-01-05 15:08:19 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
if request.POST.get("subnet", ""):
|
2019-02-02 15:08:20 +00:00
|
|
|
subnet = Network.objects.get(intip=request.POST.get("subnet", device.network.intip if device.network else "No VPN"))
|
2018-11-25 21:02:16 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
if subnet[0] in subnets:
|
2019-01-18 12:50:41 +00:00
|
|
|
newname = request.POST.get("name", "")
|
2019-02-02 15:08:20 +00:00
|
|
|
if newname != device.name:
|
|
|
|
sigRenameDevice(device.serial, request.user.username, device[0].name, newname)
|
|
|
|
device.name = newname
|
2019-01-18 12:50:41 +00:00
|
|
|
|
2019-02-02 15:08:20 +00:00
|
|
|
if subnet != device.network:
|
|
|
|
sigNetDevice(device.serial, request.user.username, str(device.network), str(subnet))
|
|
|
|
device.network = subnet
|
2019-01-18 12:50:41 +00:00
|
|
|
|
|
|
|
newreboot = True if request.POST.get("reboot", "0") == "True" else False
|
2019-02-02 15:08:20 +00:00
|
|
|
if newreboot != device.reboot:
|
|
|
|
sigRebootDevice(device.serial, request.user.username, newreboot)
|
|
|
|
device.reboot = newreboot
|
2019-01-18 12:50:41 +00:00
|
|
|
|
|
|
|
newupdate = True if request.POST.get("update", "0") == "True" else False
|
2019-02-02 15:08:20 +00:00
|
|
|
if newupdate != device.update:
|
|
|
|
sigUpdateDevice(device.serial, request.user.username, newupdate)
|
|
|
|
device.update = newupdate
|
2019-01-18 12:50:41 +00:00
|
|
|
|
|
|
|
newwifis = set(request.POST.getlist("wifi", []))
|
2019-02-02 15:08:20 +00:00
|
|
|
oldwifis = set(device.wifi.all())
|
2019-01-18 12:50:41 +00:00
|
|
|
if newwifis != oldwifis:
|
2019-02-02 15:08:20 +00:00
|
|
|
sigWifiDevice(device.serial, request.user.username, oldwifis, newwifis)
|
|
|
|
device.wifi.set(newwifis)
|
2019-01-18 12:50:41 +00:00
|
|
|
|
2019-02-02 15:08:20 +00:00
|
|
|
device.changed = timezone.now()
|
|
|
|
device.save()
|
2018-11-25 21:02:16 +00:00
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2018-11-25 21:02:16 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
return render(request, "manager/edit.html",
|
|
|
|
{
|
|
|
|
"title": "Edit Device",
|
2019-02-02 15:08:20 +00:00
|
|
|
"device": device,
|
2019-01-17 08:19:26 +00:00
|
|
|
"subnets": subnets,
|
|
|
|
"wifis": wifis,
|
2019-02-02 15:08:20 +00:00
|
|
|
"curfis": Wifi.objects.filter(device=device)
|
2019-01-17 08:19:26 +00:00
|
|
|
}
|
|
|
|
)
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-02-02 11:57:15 +00:00
|
|
|
@user_passes_test(is_superuser)
|
|
|
|
def makeuser(request):
|
|
|
|
if request.POST.get("username", ""):
|
|
|
|
username = request.POST.get("username", "")
|
|
|
|
first = request.POST.get("firstname", "")
|
|
|
|
last = request.POST.get("lastname", "")
|
|
|
|
staff = request.POST.get("staff", "0") == "True"
|
|
|
|
suser = request.POST.get("superuser", "0") == "True"
|
|
|
|
orgas = set(request.POST.getlist("orga", []))
|
|
|
|
mail = request.POST.get("email", "")
|
|
|
|
user = User.objects.create_user(
|
|
|
|
username=username,
|
|
|
|
password=str(uuid.uuid4().hex),
|
|
|
|
first_name=first,
|
|
|
|
last_name=last,
|
|
|
|
is_staff=staff,
|
|
|
|
is_superuser=suser,
|
|
|
|
email=mail
|
|
|
|
)
|
|
|
|
user.organization_set.set(orgas)
|
|
|
|
|
|
|
|
form = PasswordResetForm({"email": user.email})
|
|
|
|
|
|
|
|
if form.is_valid():
|
|
|
|
form.save(
|
|
|
|
request=request,
|
|
|
|
use_https=True,
|
|
|
|
email_template_name='registration/password_reset_email.html')
|
|
|
|
|
|
|
|
return redirect("/users/")
|
|
|
|
|
|
|
|
else:
|
|
|
|
return render(request, "manager/adduser.html", {"title": "Add User"})
|
|
|
|
|
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@login_required
|
2019-01-13 12:55:53 +00:00
|
|
|
def edituser(request, user_id):
|
2019-01-17 08:19:26 +00:00
|
|
|
if request.user.is_staff or request.user.id == user_id:
|
2019-02-02 11:57:15 +00:00
|
|
|
orgas = request.user.organization_set.all()
|
|
|
|
user = User.objects.distinct().get(id=user_id, organization__in=orgas)
|
2019-01-13 12:55:53 +00:00
|
|
|
|
|
|
|
if not user:
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/users/")
|
2019-01-13 12:55:53 +00:00
|
|
|
|
|
|
|
if request.POST.get("form", ""):
|
2019-01-19 09:51:17 +00:00
|
|
|
newfirst = request.POST.get("firstname", "")
|
|
|
|
newlast = request.POST.get("lastname", "")
|
2019-02-02 11:57:15 +00:00
|
|
|
if newlast != user.last_name or newfirst != user.first_name:
|
|
|
|
sigRenameUser(user.username, request.user.username, "%s %s" % (user.first_name, user.last_name), "%s %s" % (newfirst, newlast))
|
|
|
|
user.first_name = request.POST.get("firstname", "")
|
|
|
|
user.last_name = request.POST.get("lastname", "")
|
2019-01-17 08:52:38 +00:00
|
|
|
|
|
|
|
if request.user.is_staff or request.user.is_superuser:
|
2019-01-19 09:51:17 +00:00
|
|
|
newstaff = request.POST.get("staff", "0") == "True"
|
2019-02-02 11:57:15 +00:00
|
|
|
if newstaff != user.is_staff:
|
|
|
|
sigStaffUser(user.username, request.user.username, newstaff)
|
|
|
|
user.is_staff = newstaff
|
2019-01-17 08:52:38 +00:00
|
|
|
|
|
|
|
if request.user.is_superuser:
|
2019-01-19 09:51:17 +00:00
|
|
|
newsuper = request.POST.get("superuser", "0") == "True"
|
2019-02-02 11:57:15 +00:00
|
|
|
if newsuper != user.is_superuser:
|
|
|
|
sigSuperUser(user.username, request.user.username, newsuper)
|
|
|
|
user.is_superuser = newsuper
|
2019-01-19 09:51:17 +00:00
|
|
|
|
2019-02-02 10:03:33 +00:00
|
|
|
neworgas = set(request.POST.getlist("orga", []))
|
2019-02-02 11:57:15 +00:00
|
|
|
oldorgas = set(user.organization_set.all())
|
2019-02-02 10:03:33 +00:00
|
|
|
if neworgas != oldorgas:
|
2019-02-02 11:57:15 +00:00
|
|
|
sigOrgaUser(user.username, request.user.username, oldorgas, neworgas)
|
|
|
|
user.organization_set.set(neworgas)
|
2019-02-02 10:03:33 +00:00
|
|
|
|
2019-01-19 09:51:17 +00:00
|
|
|
newmail = request.POST.get("email", "")
|
2019-02-02 11:57:15 +00:00
|
|
|
if newmail != user.email:
|
|
|
|
sigMailUser(user.username, request.user.username, user.email, newmail)
|
|
|
|
user.email = newmail
|
2019-01-17 08:52:38 +00:00
|
|
|
|
2019-02-02 11:57:15 +00:00
|
|
|
user.save()
|
2019-01-13 12:55:53 +00:00
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/users/")
|
2019-01-13 12:55:53 +00:00
|
|
|
|
|
|
|
return render(request, "manager/edituser.html",
|
2019-01-17 08:19:26 +00:00
|
|
|
{
|
|
|
|
"title": "Edit User",
|
2019-02-02 11:57:15 +00:00
|
|
|
"auser": user
|
2019-01-17 08:19:26 +00:00
|
|
|
}
|
|
|
|
)
|
2019-01-13 12:55:53 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
else:
|
2019-01-17 16:47:33 +00:00
|
|
|
return redirect('/account/login/?next=%s' % request.path)
|
2019-01-13 12:55:53 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@login_required
|
2018-12-28 09:43:57 +00:00
|
|
|
def editwifi(request, wifi_id):
|
|
|
|
wifi = None
|
|
|
|
|
|
|
|
for organization in Organization.objects.filter(users=request.user):
|
|
|
|
wifi = wifi or Wifi.objects.filter(id=wifi_id, organization=organization)
|
|
|
|
|
|
|
|
if not wifi:
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/wifi/")
|
2018-12-28 09:43:57 +00:00
|
|
|
|
|
|
|
if request.POST.get("serial", ""):
|
2019-01-19 09:51:17 +00:00
|
|
|
newserial = request.POST.get("serial", "")
|
|
|
|
if newserial != wifi[0].serial:
|
|
|
|
sigRenameWifi(wifi[0].serial, request.user.username, wifi[0].serial, newserial)
|
|
|
|
wifi[0].serial = newserial
|
|
|
|
|
|
|
|
newssid = request.POST.get("ssid", "")
|
|
|
|
if newssid != wifi[0].ssid:
|
|
|
|
sigSSIDWifi(wifi[0].serial, request.user.username, wifi[0].ssid, newssid)
|
|
|
|
wifi[0].ssid = newssid
|
|
|
|
|
|
|
|
newkey = request.POST.get("key", "")
|
|
|
|
if newkey != wifi[0].key:
|
|
|
|
sigKeyWifi(wifi[0].serial, request.user.username, wifi[0].key, newkey)
|
|
|
|
wifi[0].key = newkey
|
|
|
|
|
2018-12-28 09:43:57 +00:00
|
|
|
wifi[0].save()
|
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/wifi/")
|
2018-12-28 09:43:57 +00:00
|
|
|
|
|
|
|
return render(request, "manager/editwifi.html",
|
|
|
|
{
|
|
|
|
"title": "Edit WiFi",
|
|
|
|
"wifi": wifi[0]
|
|
|
|
}
|
|
|
|
)
|
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@user_passes_test(is_superuser)
|
2018-11-28 21:35:57 +00:00
|
|
|
def getconfig(request, device_id):
|
2018-12-25 23:25:53 +00:00
|
|
|
FWDIR = "/opt/vpnmanager/images/"
|
|
|
|
|
2018-11-28 21:35:57 +00:00
|
|
|
device = get_object_or_404(Device, id=device_id)
|
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
if not mkfirmware(device, FWDIR):
|
|
|
|
return HttpResponse("Something went wrong generating the firmware image. The server may be busy, please try again later.")
|
2019-01-17 08:19:26 +00:00
|
|
|
|
2019-01-18 12:50:41 +00:00
|
|
|
sigUpdateDevice(device.serial, None, False)
|
2018-12-25 23:25:53 +00:00
|
|
|
device.update = False
|
|
|
|
device.save()
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2018-12-25 23:25:53 +00:00
|
|
|
with open("%s/%s.bin" % (FWDIR, device.id), "rb") as download:
|
2018-12-01 17:56:29 +00:00
|
|
|
response = HttpResponse(download.read(), content_type="application/octet-stream")
|
2018-12-25 23:25:53 +00:00
|
|
|
response['Content-Disposition'] = 'inline; filename=%s.bin' % device.serial
|
2018-12-01 17:56:29 +00:00
|
|
|
return response
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@login_required
|
2018-11-28 21:35:57 +00:00
|
|
|
def rebootdevice(request, device_id):
|
2019-01-17 08:19:26 +00:00
|
|
|
device = None
|
|
|
|
for organization in Organization.objects.filter(users=request.user):
|
|
|
|
device = device or Device.objects.filter(id=device_id, organization=organization)
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-01-18 12:50:41 +00:00
|
|
|
if device and not device[0].reboot:
|
|
|
|
sigRebootDevice(device[0].serial, request.user.username, True)
|
2019-01-17 08:19:26 +00:00
|
|
|
device[0].reboot = True
|
|
|
|
device[0].save()
|
2018-12-25 23:25:53 +00:00
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@user_passes_test(is_staff)
|
2018-12-25 23:25:53 +00:00
|
|
|
def updatedevice(request, device_id):
|
2019-01-17 08:19:26 +00:00
|
|
|
device = None
|
|
|
|
|
|
|
|
for organization in Organization.objects.filter(users=request.user):
|
|
|
|
device = device or Device.objects.filter(id=device_id, organization=organization)
|
2018-12-25 23:25:53 +00:00
|
|
|
|
2019-01-18 12:50:41 +00:00
|
|
|
if device and not device[0].update:
|
|
|
|
sigUpdateDevice(device[0].serial, request.user.username, True)
|
2019-01-17 08:19:26 +00:00
|
|
|
device[0].update = True
|
|
|
|
device[0].save()
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@user_passes_test(is_superuser)
|
2018-11-28 21:35:57 +00:00
|
|
|
def deletedevice(request, device_id):
|
2019-01-17 08:19:26 +00:00
|
|
|
CADIR = "/etc/openvpn/ca/"
|
|
|
|
BEFORE = os.getcwd()
|
2018-12-15 11:35:00 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
device = get_object_or_404(Device, id=device_id)
|
2018-12-15 11:35:00 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
os.chdir(CADIR)
|
2018-12-15 11:35:00 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
subprocess.call(CADIR + "/revoke " + device.serial, shell=True)
|
|
|
|
os.system("rm " + CADIR + "/keys/" + device.serial + ".{crt,csr,key}")
|
2018-12-15 11:35:00 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
os.chdir(BEFORE)
|
2018-12-15 11:35:00 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
device.delete()
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@user_passes_test(is_staff)
|
2019-01-06 18:15:13 +00:00
|
|
|
def deletewifi(request, wifi_id):
|
2019-02-02 12:31:05 +00:00
|
|
|
wifi = get_object_or_404(Wifi, id=wifi_id, organization__in=request.user.organization_set.all())
|
|
|
|
wifi.delete()
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/wifi/")
|
2019-01-06 18:15:13 +00:00
|
|
|
|
2019-02-02 12:31:05 +00:00
|
|
|
@user_passes_test(is_superuser)
|
|
|
|
def deleteuser(request, user_id):
|
|
|
|
user = get_object_or_404(User, id=user_id)
|
|
|
|
user.delete()
|
|
|
|
return redirect("/users/")
|
|
|
|
|
2019-02-02 15:01:18 +00:00
|
|
|
@user_passes_test(is_superuser)
|
|
|
|
def deletenetwork(request, network_id):
|
|
|
|
network = get_object_or_404(Network, id=network_id)
|
|
|
|
network.delete()
|
|
|
|
return redirect("/networks/")
|
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@user_passes_test(is_staff)
|
2018-12-28 09:43:57 +00:00
|
|
|
def makewifi(request):
|
|
|
|
wifi_serial = request.POST.get("serial", "")
|
|
|
|
wifi_ssid = request.POST.get("ssid", "")
|
|
|
|
wifi_key = request.POST.get("key", "")
|
|
|
|
wifi_organization = request.POST.get("organization", "")
|
|
|
|
|
2019-02-01 20:28:37 +00:00
|
|
|
if not (wifi_serial and wifi_organization):
|
2018-12-28 09:43:57 +00:00
|
|
|
return render(request, "manager/addwifi.html",
|
|
|
|
{
|
2019-02-01 20:28:37 +00:00
|
|
|
"title": "Add WiFi"
|
2018-12-28 09:43:57 +00:00
|
|
|
}
|
|
|
|
)
|
|
|
|
|
2019-02-01 14:28:56 +00:00
|
|
|
wifi = Wifi.objects.create(
|
2019-01-17 08:19:26 +00:00
|
|
|
serial = wifi_serial,
|
|
|
|
ssid = wifi_ssid,
|
|
|
|
key = wifi_key,
|
|
|
|
organization = Organization.objects.filter(id=wifi_organization)[0]
|
|
|
|
)
|
2018-12-28 09:43:57 +00:00
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/wifi/")
|
2018-12-28 09:43:57 +00:00
|
|
|
|
2019-02-02 14:31:25 +00:00
|
|
|
@user_passes_test(is_superuser)
|
|
|
|
def makenetwork(request):
|
|
|
|
if request.method == "POST":
|
|
|
|
form = NetworkForm(request.POST)
|
|
|
|
if form.is_valid():
|
|
|
|
data = form.cleaned_data
|
|
|
|
network = Network.objects.create(name=data["name"], intip=data["intip"], extip=data["extip"])
|
|
|
|
network.organization.set(data["orgas"])
|
|
|
|
return redirect("/networks/")
|
|
|
|
|
|
|
|
else:
|
|
|
|
form = NetworkForm()
|
|
|
|
|
|
|
|
return render(request, "manager/form.html", { "title": "Add Network", "form": form })
|
|
|
|
|
2019-01-17 08:19:26 +00:00
|
|
|
@user_passes_test(is_superuser)
|
2018-11-28 21:35:57 +00:00
|
|
|
def makedevice(request):
|
|
|
|
CADIR = "/etc/openvpn/ca/"
|
|
|
|
CONFIGDIR = "/etc/openvpn/client-configs/"
|
|
|
|
BEFORE = os.getcwd()
|
|
|
|
|
|
|
|
device_serial = request.POST.get("serial", "")
|
|
|
|
device_name = request.POST.get("name", "")
|
|
|
|
device_organization = request.POST.get("organization", "")
|
2018-12-15 11:35:00 +00:00
|
|
|
device_model = request.POST.get("model", "")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
|
|
|
if not request.user.is_superuser:
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
|
|
|
if not device_serial:
|
2019-01-17 08:19:26 +00:00
|
|
|
orga = Organization.objects.all()
|
|
|
|
models = Model.objects.all()
|
|
|
|
|
|
|
|
return render(request, "manager/add.html",
|
2018-11-28 21:35:57 +00:00
|
|
|
{
|
|
|
|
"title": "Add Device",
|
|
|
|
"organizations": orga,
|
2018-12-15 11:35:00 +00:00
|
|
|
"models": models
|
2018-11-28 21:35:57 +00:00
|
|
|
}
|
|
|
|
)
|
|
|
|
|
2019-02-01 14:30:46 +00:00
|
|
|
if glob.glob(CADIR + "/keys/" + device_serial + "*"):
|
|
|
|
return HttpResponse("This key already exists.")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
|
|
|
os.chdir(CADIR)
|
|
|
|
|
|
|
|
if subprocess.call(CADIR + "/generate-key " + device_serial, shell=True):
|
2019-01-17 08:19:26 +00:00
|
|
|
os.chdir(BEFORE)
|
|
|
|
return HttpResponse("Something went wrong trying to generate the key.")
|
2018-11-28 21:35:57 +00:00
|
|
|
|
|
|
|
if glob.glob(CONFIGDIR + "/files/" + device_serial + "*"):
|
2018-12-15 11:35:00 +00:00
|
|
|
os.chdir(BEFORE)
|
2018-11-28 21:35:57 +00:00
|
|
|
return HttpResponse("This configuration file already exists.")
|
|
|
|
|
|
|
|
os.chdir(CONFIGDIR)
|
|
|
|
|
|
|
|
if subprocess.call(CONFIGDIR + "/make_config " + device_serial, shell=True):
|
2018-12-15 11:35:00 +00:00
|
|
|
os.chdir(BEFORE)
|
2018-11-28 21:35:57 +00:00
|
|
|
return HttpResponse("Something went wrong trying to generate the config file.")
|
|
|
|
|
|
|
|
os.chdir(BEFORE)
|
|
|
|
|
|
|
|
device = Device.objects.create(
|
|
|
|
serial=device_serial,
|
|
|
|
name=device_name,
|
2018-12-15 11:35:00 +00:00
|
|
|
model=Model.objects.filter(id=device_model)[0],
|
2018-12-01 17:56:29 +00:00
|
|
|
network=Network.objects.filter(intip="No VPN")[0],
|
2018-11-28 21:35:57 +00:00
|
|
|
organization=Organization.objects.filter(id=device_organization)[0],
|
|
|
|
vpnconfig = open(CONFIGDIR + "/files/" + device_serial + ".ovpn").read()
|
|
|
|
)
|
|
|
|
|
2019-02-02 10:31:30 +00:00
|
|
|
return redirect("/devices/")
|
2019-01-31 19:58:08 +00:00
|
|
|
|
|
|
|
@receiver(post_save, sender=settings.AUTH_USER_MODEL)
|
|
|
|
def createUserStatus(sender, instance, created, **kwargs):
|
|
|
|
if created:
|
|
|
|
UserStatus.objects.create(user=instance)
|
|
|
|
|
|
|
|
@receiver(post_save, sender=settings.AUTH_USER_MODEL)
|
|
|
|
def saveUserStatus(sender, instance, **kwargs):
|
2019-02-01 08:27:34 +00:00
|
|
|
try:
|
|
|
|
instance.userstatus.save()
|
|
|
|
except:
|
|
|
|
UserStatus.objects.create(user=instance)
|
2019-01-31 19:58:08 +00:00
|
|
|
|