Many many more LOCs
This commit is contained in:
parent
c034106881
commit
8693d9e095
1 changed files with 425 additions and 166 deletions
591
manager/views.py
591
manager/views.py
|
@ -1,6 +1,7 @@
|
|||
from django.shortcuts import render, get_object_or_404, redirect
|
||||
from django.http import HttpResponse
|
||||
from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm, AdminPasswordChangeForm
|
||||
from django.contrib.auth.forms import AuthenticationForm, PasswordChangeForm
|
||||
from django.contrib.auth.forms import AdminPasswordChangeForm
|
||||
from django.db.models import Q
|
||||
from django.views.decorators.csrf import csrf_exempt
|
||||
from django.utils import timezone
|
||||
|
@ -22,6 +23,7 @@ from .tasks import mkfirmware
|
|||
|
||||
from distutils.dir_util import copy_tree
|
||||
from celery.exceptions import TimeoutError
|
||||
from subprocess import call as execute
|
||||
|
||||
import glob
|
||||
import sys
|
||||
|
@ -31,20 +33,24 @@ import socket
|
|||
import tempfile
|
||||
import crypt
|
||||
import tarfile
|
||||
import datetime
|
||||
from datetime import datetime
|
||||
import time
|
||||
import uuid
|
||||
|
||||
|
||||
def is_superuser(user):
|
||||
return user.is_superuser
|
||||
|
||||
|
||||
def is_staff(user):
|
||||
return user.is_staff
|
||||
|
||||
|
||||
@login_required
|
||||
def index(request):
|
||||
return redirect(reverse("devices"))
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
def heartbeat(request):
|
||||
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
||||
|
@ -52,6 +58,7 @@ def heartbeat(request):
|
|||
|
||||
return HttpResponse(heartbeathandler(device, ip))
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
def wireless(request):
|
||||
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
||||
|
@ -68,6 +75,7 @@ def hosts(request):
|
|||
device.save()
|
||||
return render(request, "manager/hosts", {"device": device})
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
def update(request):
|
||||
FWDIR = "/opt/vpnmanager/images/"
|
||||
|
@ -75,7 +83,8 @@ def update(request):
|
|||
device = get_object_or_404(Device, secret=request.POST.get("secret", ""))
|
||||
|
||||
try:
|
||||
if not mkfirmware.apply_async((device, FWDIR), serializer='pickle').get(timeout=300):
|
||||
process = mkfirmware.apply_async((device, FWDIR), serializer='pickle')
|
||||
if not process.get(timeout=300):
|
||||
return HttpResponse(status=503)
|
||||
except TimeoutError:
|
||||
return HttpResponse(status=503)
|
||||
|
@ -85,48 +94,97 @@ def update(request):
|
|||
device.save()
|
||||
|
||||
with open("%s/%s.bin" % (FWDIR, device.id), "rb") as download:
|
||||
response = HttpResponse(download.read(), content_type="application/octet-stream")
|
||||
response['Content-Disposition'] = 'inline; filename=%s.bin' % device.serial
|
||||
response = HttpResponse(
|
||||
download.read(),
|
||||
content_type="application/octet-stream"
|
||||
)
|
||||
|
||||
response['Content-Disposition'] = (
|
||||
'inline; '
|
||||
'filename=%s.bin' % device.serial
|
||||
)
|
||||
|
||||
return response
|
||||
|
||||
|
||||
def ping(request, device_id):
|
||||
if request.user.is_authenticated:
|
||||
try:
|
||||
device = Device.objects.get(id=device_id, organization__in=request.user.organization_set.all())
|
||||
except:
|
||||
device = Device.objects.get(
|
||||
id=device_id,
|
||||
organization__in=request.user.organization_set.all()
|
||||
)
|
||||
|
||||
except Exception:
|
||||
device = None
|
||||
|
||||
ajax = '{\n "status": '
|
||||
|
||||
if not device:
|
||||
ajax += "-1"
|
||||
status = "-1"
|
||||
|
||||
else:
|
||||
tz = timezone.get_current_timezone()
|
||||
if device.lasttime:
|
||||
naive = timezone.make_naive(device.lasttime, tz)
|
||||
tt = naive.timetuple()
|
||||
lasttime = str(int(time.mktime(tt)) * 1000)
|
||||
else:
|
||||
lasttime = None
|
||||
|
||||
if device.lastbeat:
|
||||
naive = timezone.make_naive(device.lastbeat, tz)
|
||||
tt = naive.timetuple()
|
||||
lastbeat = str(int(time.mktime(tt)) * 1000)
|
||||
else:
|
||||
lastbeat = None
|
||||
|
||||
status = None
|
||||
|
||||
try:
|
||||
if device.curip:
|
||||
socket.inet_aton(device.curip)
|
||||
except Exception as e:
|
||||
ajax += "-3"
|
||||
else:
|
||||
try:
|
||||
ajax += str(1 if (device.curip and (timezone.now() - device.lasttime).total_seconds() < 300 and not os.WEXITSTATUS(os.system("ping -c1 -w1 " + device.curip + " > /dev/null 2>&1"))) else 2 if (True if not device.lasttime else (timezone.now() - device.lasttime).total_seconds() > 120) and (timezone.now() - device.lastbeat).total_seconds() < 60 else 0)
|
||||
except Exception as e:
|
||||
ajax += str(e)
|
||||
ajax += "-4"
|
||||
else:
|
||||
ajax += ',\n "serial": "%s"' % device.serial
|
||||
ajax += ',\n "name": "%s"' % device.name if device.name else ""
|
||||
ajax += ',\n "ip": "%s"' % device.curip if device.curip else ""
|
||||
ajax += ',\n "time": "%s"' % (None if not device.lasttime else str(int(time.mktime(timezone.make_naive(device.lasttime, timezone.get_current_timezone()).timetuple())) * 1000))
|
||||
ajax += ',\n "lastbeat": "%s"' % (None if not device.lastbeat else str(int(time.mktime(timezone.make_naive(device.lastbeat, timezone.get_current_timezone()).timetuple())) * 1000))
|
||||
ajax += ',\n "reboot": %i' % (1 if device.reboot else 0)
|
||||
ajax += ',\n "update": %i' % (1 if device.update else 0)
|
||||
try:
|
||||
socket.inet_aton(device.curip)
|
||||
except Exception:
|
||||
status = -3
|
||||
else:
|
||||
if device.lasttime:
|
||||
diff = timezone.now() - device.lasttime
|
||||
secs = diff.total_seconds()
|
||||
if secs < 300:
|
||||
cmd = "ping -c1 -w1 %s >/dev/null 2>&1"
|
||||
status = os.system(cmd % device.curip)
|
||||
if not os.WEXITSTATUS(status):
|
||||
status = 1
|
||||
|
||||
ajax += ',\n "network": {'
|
||||
ajax += '\n "intip": "%s"' % device.network.intip
|
||||
ajax += ',\n "extip": "%s"' % device.network.extip
|
||||
ajax += ',\n "name": "%s"' % (device.network.name if device.network.name else "")
|
||||
ajax += '\n }'
|
||||
if not status:
|
||||
if (not device.lasttime) or secs > 120:
|
||||
diff = timezone.now() - device.lastbeat
|
||||
secs = diff.total_seconds()
|
||||
if secs < 60:
|
||||
status = 2
|
||||
|
||||
if not status:
|
||||
status = 0
|
||||
|
||||
except Exception as e:
|
||||
status = str(e)
|
||||
status += "-4"
|
||||
finally:
|
||||
ajax += str(status)
|
||||
ajax += ',\n "serial": "%s"' % device.serial
|
||||
ajax += ',\n "name": "%s"' % (device.name or "")
|
||||
ajax += ',\n "ip": "%s"' % (device.curip or "")
|
||||
ajax += ',\n "time": "%s"' % lasttime
|
||||
ajax += ',\n "lastbeat": "%s"' % lastbeat
|
||||
ajax += ',\n "reboot": %i' % (1 if device.reboot else 0)
|
||||
ajax += ',\n "update": %i' % (1 if device.update else 0)
|
||||
|
||||
ajax += ',\n "network": {'
|
||||
ajax += '\n "intip": "%s"' % device.network.intip
|
||||
ajax += ',\n "extip": "%s"' % device.network.extip
|
||||
ajax += ',\n "name": "%s"' % (device.network.name or "")
|
||||
ajax += '\n }'
|
||||
|
||||
else:
|
||||
ajax += "-2"
|
||||
|
@ -134,122 +192,208 @@ def ping(request, device_id):
|
|||
ajax += "\n}"
|
||||
return HttpResponse(ajax, content_type="application/json")
|
||||
|
||||
|
||||
@login_required
|
||||
def devices(request, code=200, exception=None):
|
||||
return render(request, "manager/index.html", {"title": "Device Administration", "exception": exception}, status=code)
|
||||
return render(
|
||||
request,
|
||||
"manager/index.html",
|
||||
{
|
||||
"title": "Device Administration",
|
||||
"exception": exception
|
||||
},
|
||||
status=code
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
def editdevice(request, device_id):
|
||||
device = get_object_or_404(Device, id=device_id, organization__in=request.user.organization_set.all())
|
||||
subnets = Network.objects.filter(organization=device.organization)
|
||||
wifis = Wifi.objects.filter(organization=device.organization)
|
||||
post = request.method == "POST"
|
||||
|
||||
form = DeviceForm(request.POST if request.method == "POST" else None, instance=device)
|
||||
device = get_object_or_404(
|
||||
Device,
|
||||
id=device_id,
|
||||
organization__in=request.user.organization_set.all()
|
||||
)
|
||||
|
||||
form.fields["mac"].disabled = True
|
||||
form.fields["serial"].disabled = True
|
||||
form.fields["secret"].disabled = True
|
||||
form.fields["model"].disabled = True
|
||||
form.fields["password"].disabled = True
|
||||
subnets = Network.objects.filter(
|
||||
organization=device.organization
|
||||
)
|
||||
|
||||
if request.method == "POST" and form.is_valid():
|
||||
wifis = Wifi.objects.filter(
|
||||
organization=device.organization
|
||||
)
|
||||
|
||||
form = DeviceForm(
|
||||
request.POST if post else None,
|
||||
instance=device
|
||||
)
|
||||
|
||||
form.fields["mac"].disabled = True
|
||||
form.fields["serial"].disabled = True
|
||||
form.fields["secret"].disabled = True
|
||||
form.fields["model"].disabled = True
|
||||
form.fields["password"].disabled = True
|
||||
|
||||
if post and form.is_valid():
|
||||
form.save()
|
||||
return redirect(reverse("devices"))
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Edit Device", "form": form })
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Edit Device",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def makeuser(request):
|
||||
if request.POST.get("username", ""):
|
||||
user = User.objects.create_user(
|
||||
username=request.POST.get("username", ""),
|
||||
password=str(uuid.uuid4().hex),
|
||||
first_name=request.POST.get("firstname", ""),
|
||||
user = User.objects.create_user(
|
||||
username=request.POST.get("username", ""),
|
||||
password=str(uuid.uuid4().hex),
|
||||
first_name=request.POST.get("firstname", ""),
|
||||
last_name=request.POST.get("lastname", ""),
|
||||
is_staff=request.POST.get("staff", "0") == "True",
|
||||
is_superuser=request.POST.get("superuser", "0") == "True",
|
||||
is_staff=request.POST.get("staff", "0") == "True",
|
||||
is_superuser=request.POST.get("superuser", "0") == "True",
|
||||
email=request.POST.get("email", "")
|
||||
)
|
||||
|
||||
user.organization_set.set(set(request.POST.getlist("orga", [])))
|
||||
|
||||
form = PasswordResetForm({"email": user.email})
|
||||
user.organization_set.set(set(request.POST.getlist("orga", [])))
|
||||
|
||||
if form.is_valid():
|
||||
form.save(
|
||||
request=request,
|
||||
use_https=True,
|
||||
email_template_name='registration/add_user.html')
|
||||
form = PasswordResetForm({"email": user.email})
|
||||
|
||||
return redirect(reverse("users"))
|
||||
if form.is_valid():
|
||||
form.save(
|
||||
request=request,
|
||||
use_https=True,
|
||||
email_template_name='registration/add_user.html')
|
||||
|
||||
return redirect(reverse("users"))
|
||||
|
||||
else:
|
||||
return render(request, "manager/adduser.html", {"title": "Add User"})
|
||||
return render(request, "manager/adduser.html", {"title": "Add User"})
|
||||
|
||||
|
||||
@login_required
|
||||
def edituser(request, user_id):
|
||||
if request.user.is_staff or request.user.id == user_id:
|
||||
orgas = request.user.organization_set.all()
|
||||
user = request.user if request.user.id == user_id else User.objects.distinct().get(id=user_id, organization__in=orgas)
|
||||
if request.user.is_staff or request.user.id == user_id:
|
||||
orgas = request.user.organization_set.all()
|
||||
user = User.objects.distinct().get(id=user_id, organization__in=orgas)
|
||||
|
||||
if not user:
|
||||
return redirect(reverse("users"))
|
||||
if not user:
|
||||
return redirect(reverse("users"))
|
||||
|
||||
if request.POST.get("form", ""):
|
||||
newfirst = request.POST.get("firstname", "")
|
||||
newlast = request.POST.get("lastname", "")
|
||||
if newlast != user.last_name or newfirst != user.first_name:
|
||||
sigRenameUser(user.username, request.user.username, "%s %s" % (user.first_name, user.last_name), "%s %s" % (newfirst, newlast))
|
||||
user.first_name = request.POST.get("firstname", "")
|
||||
user.last_name = request.POST.get("lastname", "")
|
||||
if request.POST.get("form", ""):
|
||||
newfirst = request.POST.get("firstname", "")
|
||||
newlast = request.POST.get("lastname", "")
|
||||
|
||||
if request.user.is_staff or request.user.is_superuser:
|
||||
newstaff = request.POST.get("staff", "0") == "True"
|
||||
if newstaff != user.is_staff:
|
||||
sigStaffUser(user.username, request.user.username, newstaff)
|
||||
user.is_staff = newstaff
|
||||
if newlast != user.last_name or newfirst != user.first_name:
|
||||
sigRenameUser(
|
||||
user.username,
|
||||
request.user.username,
|
||||
"%s %s" % (user.first_name, user.last_name),
|
||||
"%s %s" % (newfirst, newlast)
|
||||
)
|
||||
user.first_name = request.POST.get("firstname", "")
|
||||
user.last_name = request.POST.get("lastname", "")
|
||||
|
||||
if request.user.is_superuser:
|
||||
newsuper = request.POST.get("superuser", "0") == "True"
|
||||
if newsuper != user.is_superuser:
|
||||
sigSuperUser(user.username, request.user.username, newsuper)
|
||||
user.is_superuser = newsuper
|
||||
if request.user.is_staff or request.user.is_superuser:
|
||||
newstaff = request.POST.get("staff", "0") == "True"
|
||||
if newstaff != user.is_staff:
|
||||
sigStaffUser(
|
||||
user.username,
|
||||
request.user.username,
|
||||
newstaff
|
||||
)
|
||||
user.is_staff = newstaff
|
||||
|
||||
neworgas = set(request.POST.getlist("orga", []))
|
||||
oldorgas = set(user.organization_set.all())
|
||||
if neworgas != oldorgas:
|
||||
sigOrgaUser(user.username, request.user.username, oldorgas, neworgas)
|
||||
user.organization_set.set(neworgas)
|
||||
if request.user.is_superuser:
|
||||
newsuper = request.POST.get("superuser", "0") == "True"
|
||||
if newsuper != user.is_superuser:
|
||||
sigSuperUser(
|
||||
user.username,
|
||||
request.user.username,
|
||||
newsuper)
|
||||
user.is_superuser = newsuper
|
||||
|
||||
newmail = request.POST.get("email", "")
|
||||
if newmail != user.email:
|
||||
sigMailUser(user.username, request.user.username, user.email, newmail)
|
||||
user.email = newmail
|
||||
neworgas = set(request.POST.getlist("orga", []))
|
||||
oldorgas = set(user.organization_set.all())
|
||||
if neworgas != oldorgas:
|
||||
sigOrgaUser(
|
||||
user.username,
|
||||
request.user.username,
|
||||
oldorgas,
|
||||
neworgas
|
||||
)
|
||||
user.organization_set.set(neworgas)
|
||||
|
||||
user.save()
|
||||
newmail = request.POST.get("email", "")
|
||||
if newmail != user.email:
|
||||
sigMailUser(
|
||||
user.username,
|
||||
request.user.username,
|
||||
user.email,
|
||||
newmail
|
||||
)
|
||||
user.email = newmail
|
||||
|
||||
return redirect(reverse("users"))
|
||||
user.save()
|
||||
|
||||
return render(request, "manager/edituser.html",
|
||||
{
|
||||
return redirect(reverse("users"))
|
||||
|
||||
return render(
|
||||
request,
|
||||
"manager/edituser.html",
|
||||
{
|
||||
"title": "Edit User",
|
||||
"auser": user
|
||||
}
|
||||
)
|
||||
|
||||
else:
|
||||
return redirect(reverse("two_factor:login", kwargs={'next': request.path}))
|
||||
return redirect(
|
||||
reverse(
|
||||
"two_factor:login",
|
||||
kwargs={
|
||||
'next': request.path
|
||||
}
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
def editwifi(request, wifi_id):
|
||||
wifi = get_object_or_404(Wifi, id=wifi_id, organization__in=request.user.organization_set.all())
|
||||
form = WifiForm(request.POST if request.method == "POST" else None, instance=wifi)
|
||||
form.fields["organization"].queryset = request.user.organization_set.all()
|
||||
userorgas = request.user.organization_set.all()
|
||||
|
||||
wifi = get_object_or_404(
|
||||
Wifi,
|
||||
id=wifi_id,
|
||||
organization__in=userorgas
|
||||
)
|
||||
|
||||
form = WifiForm(
|
||||
request.POST if request.method == "POST" else None,
|
||||
instance=wifi
|
||||
)
|
||||
|
||||
form.fields["organization"].queryset = userorgas
|
||||
|
||||
if request.method == "POST" and form.is_valid():
|
||||
form.save()
|
||||
return redirect(reverse("wifi"))
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Edit WiFi", "form": form })
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Edit WiFi",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def getconfig(request, device_id):
|
||||
|
@ -258,32 +402,56 @@ def getconfig(request, device_id):
|
|||
device = get_object_or_404(Device, id=device_id)
|
||||
files = glob.glob("%s/%s.bin" % (FWDIR, device_id))
|
||||
|
||||
if not ((files and datetime.datetime.fromtimestamp(os.path.getmtime(files[0]), timezone.get_current_timezone()) > device.model.firmware) or mkfirmware.apply_async((device, FWDIR), serializer='pickle').get(timeout=300)):
|
||||
return HttpResponse(status=503)
|
||||
if not files:
|
||||
mtime = os.path.getmtime(files[0])
|
||||
tz = timezone.get_current_timezone()
|
||||
|
||||
if not datetime.fromtimestamp(mtime, tz) > device.model.firmware:
|
||||
work = mkfirmware.apply_async((device, FWDIR), serializer='pickle')
|
||||
if not work.get(timeout=300):
|
||||
return HttpResponse(status=503)
|
||||
|
||||
sigUpdateDevice(device.serial, None, False)
|
||||
device.update = False
|
||||
device.save()
|
||||
|
||||
with open("%s/%s.bin" % (FWDIR, device.id), "rb") as download:
|
||||
response = HttpResponse(download.read(), content_type="application/octet-stream")
|
||||
response['Content-Disposition'] = 'inline; filename=%s.bin' % device.serial
|
||||
response = HttpResponse(
|
||||
download.read(),
|
||||
content_type="application/octet-stream"
|
||||
)
|
||||
|
||||
response['Content-Disposition'] = (
|
||||
'inline; '
|
||||
'filename=%s.bin' % device.serial
|
||||
)
|
||||
|
||||
return response
|
||||
|
||||
|
||||
@login_required
|
||||
def rebootdevice(request, device_id):
|
||||
device = get_object_or_404(Device, id=device_id, organization__in=request.user.organization_set.all())
|
||||
device = get_object_or_404(
|
||||
Device,
|
||||
id=device_id,
|
||||
organization__in=request.user.organization_set.all()
|
||||
)
|
||||
|
||||
if not device.reboot:
|
||||
sigRebootDevice(device.serial, request.user.username, True)
|
||||
device.reboot = True
|
||||
device.save()
|
||||
sigRebootDevice(device.serial, request.user.username, True)
|
||||
device.reboot = True
|
||||
device.save()
|
||||
|
||||
return redirect(reverse("devices"))
|
||||
|
||||
|
||||
@user_passes_test(is_staff)
|
||||
def updatedevice(request, device_id):
|
||||
device = get_object_or_404(Device, id=device_id, organization__in=request.user.organization_set.all())
|
||||
device = get_object_or_404(
|
||||
Device,
|
||||
id=device_id,
|
||||
organization__in=request.user.organization_set.all()
|
||||
)
|
||||
|
||||
if not device.update:
|
||||
sigUpdateDevice(device.serial, request.user.username, True)
|
||||
|
@ -292,6 +460,7 @@ def updatedevice(request, device_id):
|
|||
|
||||
return redirect(reverse("devices"))
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def deletedevice(request, device_id):
|
||||
CADIR = "/etc/openvpn/ca/"
|
||||
|
@ -301,7 +470,7 @@ def deletedevice(request, device_id):
|
|||
|
||||
os.chdir(CADIR)
|
||||
|
||||
subprocess.call(CADIR + "/revoke " + device.serial, shell=True)
|
||||
execute(CADIR + "/revoke " + device.serial, shell=True)
|
||||
os.system("rm " + CADIR + "/keys/" + device.serial + ".{crt,csr,key}")
|
||||
|
||||
os.chdir(BEFORE)
|
||||
|
@ -310,39 +479,62 @@ def deletedevice(request, device_id):
|
|||
|
||||
return redirect(reverse("devices"))
|
||||
|
||||
|
||||
@user_passes_test(is_staff)
|
||||
def deletewifi(request, wifi_id):
|
||||
wifi = get_object_or_404(Wifi, id=wifi_id, organization__in=request.user.organization_set.all())
|
||||
wifi = get_object_or_404(
|
||||
Wifi,
|
||||
id=wifi_id,
|
||||
organization__in=request.user.organization_set.all()
|
||||
)
|
||||
wifi.delete()
|
||||
return redirect(reverse("wifi"))
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def deleteuser(request, user_id):
|
||||
user = get_object_or_404(User, id=user_id)
|
||||
user.delete()
|
||||
return redirect(reverse("users"))
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def deletenetwork(request, network_id):
|
||||
network = get_object_or_404(Network, id=network_id)
|
||||
network.delete()
|
||||
return redirect(reverse("networks"))
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def deleteorga(request, orga_id):
|
||||
orga = get_object_or_404(Organization, id=orga_id)
|
||||
orga.delete()
|
||||
return redirect(reverse("organizations"))
|
||||
|
||||
|
||||
@login_required
|
||||
def makewifi(request):
|
||||
form = WifiForm(request.POST if request.method == "POST" else None, initial={"organization": request.user.userstatus.orga} if request.method == "GET" else None)
|
||||
post = request.method == "POST"
|
||||
postdata = request.POST if post else None
|
||||
|
||||
organization = request.user.userstatus.orga
|
||||
initial = {"organization": organization} if not post else None
|
||||
|
||||
form = WifiForm(postdata, initial=initial)
|
||||
form.fields["organization"].queryset = request.user.organization_set.all()
|
||||
if request.method == "POST" and form.is_valid():
|
||||
form.save()
|
||||
return redirect(reverse("wifi"))
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Add WiFi", "form": form })
|
||||
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Add WiFi",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def makenetwork(request):
|
||||
|
@ -355,12 +547,21 @@ def makenetwork(request):
|
|||
else:
|
||||
form = NetworkForm()
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Add Network", "form": form })
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Add Network",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def editnetwork(request, network_id):
|
||||
net = get_object_or_404(Network, id=network_id)
|
||||
form = NetworkForm(request.POST if request.method == "POST" else None, instance=net)
|
||||
postdata = request.POST if request.method == "POST" else None
|
||||
form = NetworkForm(postdata, instance=net)
|
||||
form.fields["intip"].disabled = True
|
||||
form.fields["extip"].disabled = True
|
||||
|
||||
|
@ -368,14 +569,28 @@ def editnetwork(request, network_id):
|
|||
form.save()
|
||||
return redirect(reverse("networks"))
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Edit Network", "form": form })
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Edit Network",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@login_required
|
||||
def setactiveorga(request, orga_id):
|
||||
request.user.userstatus.orga = get_object_or_404(Organization, id=orga_id, users=request.user)
|
||||
request.user.userstatus.orga = get_object_or_404(
|
||||
Organization,
|
||||
id=orga_id,
|
||||
users=request.user
|
||||
)
|
||||
|
||||
request.user.userstatus.save()
|
||||
return HttpResponse("")
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def makeorganization(request):
|
||||
if request.method == "POST":
|
||||
|
@ -389,7 +604,15 @@ def makeorganization(request):
|
|||
else:
|
||||
form = OrgaForm()
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Add Organization", "form": form })
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Add Organization",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def editorganization(request, orga_id):
|
||||
|
@ -403,102 +626,138 @@ def editorganization(request, orga_id):
|
|||
else:
|
||||
form = OrgaForm(instance=orga)
|
||||
|
||||
return render(request, "manager/form.html", { "title": "Change Organization", "form": form })
|
||||
return render(
|
||||
request,
|
||||
"manager/form.html",
|
||||
{
|
||||
"title": "Change Organization",
|
||||
"form": form
|
||||
}
|
||||
)
|
||||
|
||||
|
||||
@user_passes_test(is_superuser)
|
||||
def makedevice(request):
|
||||
CADIR = "/etc/openvpn/ca/"
|
||||
CONFIGDIR = "/etc/openvpn/client-configs/"
|
||||
BEFORE = os.getcwd()
|
||||
CADIR = "/etc/openvpn/ca/"
|
||||
CONFIGDIR = "/etc/openvpn/client-configs/"
|
||||
BEFORE = os.getcwd()
|
||||
|
||||
device_serial = request.POST.get("serial", "").replace(" ", "_")
|
||||
device_name = request.POST.get("name", "")
|
||||
device_organization = request.POST.get("organization", "")
|
||||
device_model = request.POST.get("model", "")
|
||||
device_ssid = request.POST.get("ssid", device_serial)
|
||||
device_key = request.POST.get("key", "")
|
||||
device_mac = request.POST.get("mac", "")
|
||||
device_serial = request.POST.get("serial", "").replace(" ", "_")
|
||||
device_name = request.POST.get("name", "")
|
||||
device_organization = request.POST.get("organization", "")
|
||||
device_model = request.POST.get("model", "")
|
||||
device_ssid = request.POST.get("ssid", device_serial)
|
||||
device_key = request.POST.get("key", "")
|
||||
device_mac = request.POST.get("mac", "")
|
||||
|
||||
if not device_serial:
|
||||
orga = Organization.objects.all()
|
||||
models = Model.objects.all()
|
||||
if not device_serial:
|
||||
orga = Organization.objects.all()
|
||||
models = Model.objects.all()
|
||||
|
||||
return render(request, "manager/add.html",
|
||||
{
|
||||
"title": "Add Device",
|
||||
"organizations": orga,
|
||||
"models": models
|
||||
}
|
||||
)
|
||||
return render(request, "manager/add.html",
|
||||
{
|
||||
"title": "Add Device",
|
||||
"organizations": orga,
|
||||
"models": models
|
||||
}
|
||||
)
|
||||
|
||||
if glob.glob(CADIR + "/keys/" + device_serial + "*"):
|
||||
return HttpResponse("This key already exists.")
|
||||
if glob.glob(CADIR + "/keys/" + device_serial + "*"):
|
||||
return HttpResponse("Key already exists.")
|
||||
|
||||
os.chdir(CADIR)
|
||||
os.chdir(CADIR)
|
||||
|
||||
if subprocess.call(CADIR + "/generate-key " + device_serial, shell=True):
|
||||
os.chdir(BEFORE)
|
||||
return HttpResponse("Something went wrong trying to generate the key.")
|
||||
if execute(CADIR + "/generate-key " + device_serial, shell=True):
|
||||
os.chdir(BEFORE)
|
||||
return HttpResponse("Error generating key.")
|
||||
|
||||
if glob.glob(CONFIGDIR + "/files/" + device_serial + "*"):
|
||||
os.chdir(BEFORE)
|
||||
return HttpResponse("This configuration file already exists.")
|
||||
if glob.glob(CONFIGDIR + "/files/" + device_serial + "*"):
|
||||
os.chdir(BEFORE)
|
||||
return HttpResponse("Configuration file already exists.")
|
||||
|
||||
os.chdir(CONFIGDIR)
|
||||
os.chdir(CONFIGDIR)
|
||||
|
||||
if subprocess.call(CONFIGDIR + "/make_config " + device_serial, shell=True):
|
||||
os.chdir(BEFORE)
|
||||
return HttpResponse("Something went wrong trying to generate the config file.")
|
||||
if execute(CONFIGDIR + "/make_config " + device_serial, shell=True):
|
||||
os.chdir(BEFORE)
|
||||
return HttpResponse("Error generating config file.")
|
||||
|
||||
os.chdir(BEFORE)
|
||||
os.chdir(BEFORE)
|
||||
|
||||
device = Device.objects.create(
|
||||
with open(CONFIGDIR + "/files/" + device_serial + ".ovpn") as vpnfile:
|
||||
vpnconfig = vpnfile.read()
|
||||
|
||||
organization = Organization.objects.get(id=device_organization)
|
||||
|
||||
device = Device.objects.create(
|
||||
serial=device_serial,
|
||||
name=device_name,
|
||||
ssid=device_ssid,
|
||||
key=device_key,
|
||||
model=Model.objects.filter(id=device_model)[0],
|
||||
network=Network.objects.filter(intip="No VPN")[0],
|
||||
organization=Organization.objects.filter(id=device_organization)[0],
|
||||
vpnconfig = open(CONFIGDIR + "/files/" + device_serial + ".ovpn").read(),
|
||||
mac = device_mac or None,
|
||||
changed = timezone.now()
|
||||
organization=organization,
|
||||
vpnconfig=vpnconfig,
|
||||
mac=device_mac or None,
|
||||
changed=timezone.now()
|
||||
)
|
||||
|
||||
return redirect(reverse("devices"))
|
||||
return redirect(reverse("devices"))
|
||||
|
||||
|
||||
@receiver(post_save, sender=settings.AUTH_USER_MODEL)
|
||||
def createUserStatus(sender, instance, created, **kwargs):
|
||||
if created:
|
||||
UserStatus.objects.create(user=instance)
|
||||
|
||||
|
||||
@receiver(post_save, sender=settings.AUTH_USER_MODEL)
|
||||
def saveUserStatus(sender, instance, **kwargs):
|
||||
try:
|
||||
instance.userstatus.save()
|
||||
except:
|
||||
except Exception:
|
||||
UserStatus.objects.create(user=instance)
|
||||
|
||||
|
||||
def errorhandler(request, code, exception):
|
||||
if code == 403:
|
||||
exception.human = "You have no permission to access the requested page."
|
||||
exception.human = ("You have no permission "
|
||||
"to access the requested page.")
|
||||
elif code == 400:
|
||||
exception.human = "Something seems to be wrong with the request you sent. Please try again."
|
||||
exception.human = ("Something seems to be wrong with "
|
||||
"the request you sent. Please try again.")
|
||||
|
||||
elif code == 404:
|
||||
exception.human = "Sorry, we were unable to find the page you requested. Please check the address and try again."
|
||||
exception.human = ("Sorry, we were unable to find the page you "
|
||||
"requested. Please check the address and try again."
|
||||
)
|
||||
|
||||
elif code == 500:
|
||||
exception.human = "Sorry, something seems to be wrong on our end. Please try again later or contact support if the problem persists."
|
||||
exception.human = ("Sorry, something seems to be wrong on our end. "
|
||||
"Please try again later or contact support if "
|
||||
"the problem persists.")
|
||||
|
||||
return devices(request, code=code, exception=exception)
|
||||
|
||||
|
||||
def handler400(request, exception):
|
||||
return errorhandler(request, 400, exception)
|
||||
|
||||
|
||||
def handler403(request, exception):
|
||||
return errorhandler(request, 403, exception)
|
||||
|
||||
|
||||
def handler404(request, exception):
|
||||
return errorhandler(request, 404, exception)
|
||||
return errorhandler(
|
||||
request,
|
||||
404,
|
||||
exception
|
||||
)
|
||||
|
||||
|
||||
def handler500(request):
|
||||
return errorhandler(request, 500, Exception("Please check the server logs for additional information."))
|
||||
return errorhandler(
|
||||
request,
|
||||
500,
|
||||
Exception("Please check server logs for additional information.")
|
||||
)
|
||||
|
|
Loading…
Reference in a new issue