def clean_jail_host(self): jail_host = self.cleaned_data.get('jail_host') parts = jail_host.split('.') if len(parts) > 1: raise forms.ValidationError(_("Jail name cannot have '.'")) return jail_host
def clean(self): cdata = self.cleaned_data domain = cdata.get("ad_domainname") bindname = cdata.get("ad_bindname") binddn = "%s@%s" % (bindname, domain) bindpw = cdata.get("ad_bindpw") site = cdata.get("ad_site") netbiosname = cdata.get("ad_netbiosname_a") netbiosname_b = cdata.get("ad_netbiosname_b") ssl = cdata.get("ad_ssl") certificate = cdata["ad_certificate"] ad_kerberos_principal = cdata["ad_kerberos_principal"] workgroup = None if certificate: certificate = certificate.get_certificate_path() args = { 'domain': domain, 'site': site, 'ssl': ssl, 'certfile': certificate } if not cdata.get("ad_bindpw"): bindpw = self.instance.ad_bindpw cdata['ad_bindpw'] = bindpw if cdata.get("ad_enable") is False: return cdata if not ad_kerberos_principal: if not bindname: raise forms.ValidationError("No domain account name specified") if not bindpw: raise forms.ValidationError( "No domain account password specified") try: FreeNAS_ActiveDirectory.validate_credentials( domain, site=site, ssl=ssl, certfile=certificate, binddn=binddn, bindpw=bindpw) except LDAPError as e: # LDAPError is dumb, it returns a list with one element for goodness knows what reason e = e[0] error = [] desc = e.get('desc') info = e.get('info') if desc: error.append(desc) if info: error.append(info) if error: error = ', '.join(error) else: error = str(e) raise forms.ValidationError("{0}".format(error)) except Exception as e: raise forms.ValidationError('{0}.'.format(str(e))) args['binddn'] = binddn args['bindpw'] = bindpw else: args['keytab_principal'] = ad_kerberos_principal.principal_name args['keytab_file'] = '/etc/krb5.keytab' try: workgroup = FreeNAS_ActiveDirectory.get_workgroup_name(**args) except Exception as e: raise forms.ValidationError(e) if workgroup: if compare_netbios_names(netbiosname, workgroup, None): raise forms.ValidationError( _("The NetBIOS name cannot be the same as the workgroup name!" )) if netbiosname_b: if compare_netbios_names(netbiosname_b, workgroup, None): raise forms.ValidationError( _("The NetBIOS name cannot be the same as the workgroup " "name!")) else: log.warn("Unable to determine workgroup name") if ssl in ("off", None): return cdata if not certificate: raise forms.ValidationError( "SSL/TLS specified without certificate") return cdata
def clean_vlan_tag(self): tag = self.cleaned_data['vlan_tag'] if tag > 4095: raise forms.ValidationError(_("VLAN Tags are 1 - 4095 inclusive")) return tag
def clean_bsduser_to_group(self): v = self.cleaned_data.get("bsduser_to_group") if len(v) > 64: raise forms.ValidationError( _("A user cannot belong to more than 64 auxiliary groups")) return v
def clean_ini_script(self): _type = self.cleaned_data.get("ini_type") val = self.cleaned_data.get("ini_script") if _type == 'script' and not val: raise forms.ValidationError(_("This field is required")) return val
def clean(self, user): if not self.required and user in ('-----', '', None): return None if FreeNAS_User(user, flags=FLAGS_DBINIT) == None: raise forms.ValidationError(_("The user %s is not valid.") % user) return user
def _clean_jail_ipv4address(jip): if (Alias.objects.filter(alias_v4address=jip).exists() or Interfaces.objects.filter(int_ipv4address=jip).exists()): raise forms.ValidationError(_("This IP is already in use.")) return jip
def clean_em_user(self): if (self.cleaned_data['em_smtp'] is True and self.cleaned_data['em_user'] == ""): raise forms.ValidationError(_("This field is required")) return self.cleaned_data['em_user']
def clean_sysctl_mib(self): value = self.cleaned_data.get('sysctl_mib').strip() if SYSCTL_VARNAME_FORMAT_RE.match(value): return value raise forms.ValidationError(_(SYSCTL_TUNABLE_VARNAME_FORMAT))
def clean_bsdusr_group2(self): create = self.cleaned_data.get("bsdusr_creategroup") group = self.cleaned_data.get("bsdusr_group2") if not group and not create: raise forms.ValidationError(_("This field is required")) return group
def clean(self): cdata = self.cleaned_data if not cdata.get("ldap_bindpw"): cdata["ldap_bindpw"] = self.instance.ldap_bindpw binddn = cdata.get("ldap_binddn") bindpw = cdata.get("ldap_bindpw") basedn = cdata.get("ldap_basedn") hostname = cdata.get("ldap_hostname") ssl = cdata.get("ldap_ssl") certfile = None if ssl in ('start_tls', 'on'): certificate = cdata["ldap_certificate"] if not certificate: raise forms.ValidationError( "SSL/TLS specified without certificate") else: certfile = get_certificateauthority_path(certificate) port = 389 if ssl == "on": port = 636 if hostname: parts = hostname.split(':') hostname = parts[0] if len(parts) > 1: port = int(parts[1]) if cdata.get("ldap_enable") is False: return cdata # self.check_for_samba_schema() try: FreeNAS_LDAP.validate_credentials( hostname, binddn=binddn, bindpw=bindpw, basedn=basedn, port=port, certfile=certfile, ssl=ssl ) except LDAPError as e: log.debug("LDAPError: type = %s", type(e)) error = [] try: error.append(e.args[0]['info']) error.append(e.args[0]['desc']) error = ', '.join(error) except: error = str(e) raise forms.ValidationError("{0}".format(error)) except Exception as e: log.debug("LDAPError: type = %s", type(e)) raise forms.ValidationError("{0}".format(str(e))) return cdata
def clean_jail_host(self): jail_host = self.cleaned_data.get('jail_host') if re.search(r'[\. ]', jail_host) is not None: raise forms.ValidationError(_("Jail name cannot have '.' or ' '")) return jail_host
def clean_ssl_passphrase2(self): passphrase1 = self.cleaned_data.get("ssl_passphrase") passphrase2 = self.cleaned_data.get("ssl_passphrase2") if passphrase1 != passphrase2: raise forms.ValidationError(_("The two passphrase fields didn't match.")) return passphrase2
def clean_ntp_maxpoll(self): maxp = self.cleaned_data.get("ntp_maxpoll") minp = self.cleaned_data.get("ntp_minpoll") if not maxp > minp: raise forms.ValidationError(_("Max Poll should be higher than Min Poll")) return maxp
def clean_size(self): vm_type = self.cleaned_data.get('vm_type') size = self.cleaned_data.get('size') if vm_type != 'Bhyve' and not size: raise forms.ValidationError(_('This field is required.')) return size
def clean_ldr_value(self): value = self.cleaned_data.get('ldr_value') if '"' in value or "'" in value: raise forms.ValidationError(_('Quotes are not allowed')) return value
def clean_vc_management_ip(self): manage_ip = str(self.cleaned_data['vc_management_ip']) if '--Select--' in manage_ip: raise forms.ValidationError( _('Please select the TrueNAS management interface.')) return manage_ip
def clean_ldr_var(self): value = self.cleaned_data.get('ldr_var').strip() if TUNABLE_VARNAME_FORMAT_RE.match(value): return value raise forms.ValidationError(_(SYSCTL_TUNABLE_VARNAME_FORMAT))
def clean_path(self): path = self.cleaned_data.get('path') if path and ' ' in path: raise forms.ValidationError( _('Whitespace is not a valid character for NFS shares.')) return path
def clean_smart_email(self): if "," in self.cleaned_data["smart_email"]: raise forms.ValidationError( _("Commas are not valid in an E-Mail address. " "Separate multiple E-Mail addresses with a space.")) return self.cleaned_data["smart_email"]
class ActiveDirectoryForm(ModelForm): advanced_fields = [ 'ad_netbiosname', 'ad_use_keytab', 'ad_kerberos_keytab', 'ad_ssl', 'ad_certificate', 'ad_verbose_logging', 'ad_unix_extensions', 'ad_allow_trusted_doms', 'ad_use_default_domain', 'ad_site', 'ad_dcname', 'ad_gcname', 'ad_kerberos_realm', 'ad_nss_info', 'ad_timeout', 'ad_dns_timeout', 'ad_idmap_backend', 'ad_ldap_sasl_wrapping' ] class Meta: fields = '__all__' exclude = ['ad_ssl', 'ad_certificate', 'ad_idmap_backend_type'] model = models.ActiveDirectory widgets = { 'ad_bindpw': forms.widgets.PasswordInput(render_value=False), } def __original_save(self): for name in ('ad_domainname', 'ad_netbiosname', 'ad_allow_trusted_doms', 'ad_use_default_domain', 'ad_use_keytab', 'ad_unix_extensions', 'ad_verbose_logging', 'ad_bindname', 'ad_bindpw'): setattr(self.instance, "_original_%s" % name, getattr(self.instance, name)) def __original_changed(self): if self.instance._original_ad_domainname != self.instance.ad_domainname: return True if self.instance._original_ad_netbiosname != self.instance.ad_netbiosname: return True if self.instance._original_ad_allow_trusted_doms != self.instance.ad_allow_trusted_doms: return True if self.instance._original_ad_use_default_domain != self.instance.ad_use_default_domain: return True if self.instance._original_ad_unix_extensions != self.instance.ad_unix_extensions: return True if self.instance._original_ad_verbose_logging != self.instance.ad_verbose_logging: return True if self.instance._original_ad_bindname != self.instance.ad_bindname: return True if self.instance._original_ad_bindpw != self.instance.ad_bindpw: return True if self.instance._original_ad_use_keytab != self.instance.ad_use_keytab: return True return False def __init__(self, *args, **kwargs): super(ActiveDirectoryForm, self).__init__(*args, **kwargs) if self.instance.ad_bindpw: self.fields['ad_bindpw'].required = False self.__original_save() self.fields["ad_enable"].widget.attrs["onChange"] = ( "activedirectory_mutex_toggle();") def clean_ad_dcname(self): ad_dcname = self.cleaned_data.get('ad_dcname') ad_dcport = 389 if not ad_dcname: return None parts = ad_dcname.split(':') ad_dcname = parts[0] if len(parts) > 1 and parts[1].isdigit(): ad_dcport = long(parts[1]) errors = [] try: ret = FreeNAS_ActiveDirectory.port_is_listening(host=ad_dcname, port=ad_dcport, errors=errors) if ret is False: raise Exception('Invalid Host/Port: %s' % errors[0]) except Exception as e: raise forms.ValidationError('%s.' % e) return self.cleaned_data.get('ad_dcname') def clean_ad_gcname(self): ad_gcname = self.cleaned_data.get('ad_gcname') ad_gcport = 3268 if not ad_gcname: return None parts = ad_gcname.split(':') ad_gcname = parts[0] if len(parts) > 1 and parts[1].isdigit(): ad_gcport = long(parts[1]) errors = [] try: ret = FreeNAS_ActiveDirectory.port_is_listening(host=ad_gcname, port=ad_gcport, errors=errors) if ret is False: raise Exception('Invalid Host/Port: %s' % errors[0]) except Exception as e: raise forms.ValidationError('%s.' % e) return self.cleaned_data.get('ad_gcname') def clean(self): cdata = self.cleaned_data if not cdata.get("ad_bindpw"): cdata['ad_bindpw'] = self.instance.ad_bindpw if self.instance.ad_use_keytab is False: bindname = cdata.get("ad_bindname") bindpw = cdata.get("ad_bindpw") domain = cdata.get("ad_domainname") binddn = "%s@%s" % (bindname, domain) errors = [] try: ret = FreeNAS_ActiveDirectory.validate_credentials( domain, binddn=binddn, bindpw=bindpw, errors=errors) if ret is False: raise forms.ValidationError("%s." % errors[0]) except FreeNAS_ActiveDirectory_Exception, e: raise forms.ValidationError('%s.' % e) ssl = cdata.get("ad_ssl") if ssl in ("off", None): return cdata certificate = cdata["ad_certificate"] if not certificate: raise forms.ValidationError( "SSL/TLS specified without certificate") return cdata
def _clean_secret_common(self, secretprefix): secret1 = self.cleaned_data.get(secretprefix, "") secret2 = self.cleaned_data[("%s2" % secretprefix)] if secret1 != secret2: raise forms.ValidationError(_("Secret does not match")) return secret2
def clean_confirm_password(self): p1 = self.cleaned_data.get('password') p2 = self.cleaned_data.get('confirm_password') if p1 != p2: raise forms.ValidationError(_('Passwords do not match'))
def clean_path(self): path = self.cleaned_data.get("path") if not os.path.exists(path): raise forms.ValidationError( _("The path %s does not exist") % (path, )) return path
def clean_rsync_remotepath(self): mode = self.cleaned_data.get("rsync_mode") val = self.cleaned_data.get("rsync_remotepath") if mode == 'ssh' and not val: raise forms.ValidationError(_("This field is required")) return val
def clean_cifs_path(self): path = self.cleaned_data.get('cifs_path') if path and not os.path.exists(path): raise forms.ValidationError(_('The path %s does not exist') % path) return path
def clean(self): cdata = self.cleaned_data if not cdata.get("ldap_bindpw"): cdata["ldap_bindpw"] = self.instance.ldap_bindpw binddn = cdata.get("ldap_binddn") bindpw = cdata.get("ldap_bindpw") basedn = cdata.get("ldap_basedn") hostname = cdata.get("ldap_hostname") ssl = cdata.get("ldap_ssl") certfile = None if ssl in ('start_tls', 'on'): certificate = cdata["ldap_certificate"] if not certificate: raise forms.ValidationError( "SSL/TLS specified without certificate") else: certfile = get_certificateauthority_path(certificate) port = 389 if ssl == "on": port = 636 if hostname: parts = hostname.split(':') hostname = parts[0] if len(parts) > 1: port = int(parts[1]) if cdata.get("ldap_enable") is False: return cdata # self.check_for_samba_schema() try: FreeNAS_LDAP.validate_credentials(hostname, binddn=binddn, bindpw=bindpw, basedn=basedn, port=port, certfile=certfile, ssl=ssl) except LDAPError as e: # LDAPError is dumb, it returns a list with one element for goodness knows what reason e = e[0] error = [] desc = e.get('desc') info = e.get('info') if desc: error.append(desc) if info: error.append(info) if error: error = ', '.join(error) else: error = str(e) raise forms.ValidationError("{0}".format(error)) except Exception as e: raise forms.ValidationError("{0}".format(str(e))) return cdata
def clean_root_password(self): vm_type = self.cleaned_data.get('vm_type') root_password = self.cleaned_data.get('root_password') if vm_type != 'Bhyve' and not root_password: raise forms.ValidationError(_('This field is required.')) return root_password
if ret is False: raise forms.ValidationError("%s." % errors[0]) except FreeNAS_ActiveDirectory_Exception, e: raise forms.ValidationError('%s.' % e) args['binddn'] = binddn args['bindpw'] = bindpw else: args['keytab_principal'] = ad_kerberos_principal.principal_name args['keytab_file'] = '/etc/krb5.keytab' try: workgroup = FreeNAS_ActiveDirectory.get_workgroup_name(**args) except Exception as e: raise forms.ValidationError(e) if workgroup: if compare_netbios_names(netbiosname, workgroup, None): raise forms.ValidationError( _("The NetBIOS name cannot be the same as the workgroup name!" )) if netbiosname_b: if compare_netbios_names(netbiosname_b, workgroup, None): raise forms.ValidationError( _("The NetBIOS name cannot be the same as the workgroup " "name!")) else: log.warn("Unable to determine workgroup name")
def clean(self): cdata = self.cleaned_data domain = cdata.get("ad_domainname") bindname = cdata.get("ad_bindname") binddn = "%s@%s" % (bindname, domain) bindpw = cdata.get("ad_bindpw") site = cdata.get("ad_site") netbiosname = cdata.get("ad_netbiosname_a") netbiosname_b = cdata.get("ad_netbiosname_b") ssl = cdata.get("ad_ssl") certificate = cdata["ad_certificate"] ad_kerberos_principal = cdata["ad_kerberos_principal"] workgroup = None if certificate: with client as c: certificate = c.call('certificateauthority.query', [['id', '=', certificate.id]], {'get': True}) certificate = certificate['certificate_path'] args = { 'domain': domain, 'site': site, 'ssl': ssl, 'certfile': certificate } if not cdata.get("ad_bindpw"): bindpw = self.instance.ad_bindpw cdata['ad_bindpw'] = bindpw if cdata.get("ad_enable") is False: return cdata if not ad_kerberos_principal: if not bindname: raise forms.ValidationError("No domain account name specified") if not bindpw: raise forms.ValidationError( "No domain account password specified") try: FreeNAS_ActiveDirectory.validate_credentials( domain, site=site, ssl=ssl, certfile=certificate, binddn=binddn, bindpw=bindpw) except LDAPError as e: log.debug("LDAPError: type = %s", type(e)) error = [] try: error.append(e.args[0]['info']) error.append(e.args[0]['desc']) error = ', '.join(error) except Exception as e: error = str(e) raise forms.ValidationError("{0}".format(error)) except Exception as e: log.debug("Exception: type = %s", type(e)) raise forms.ValidationError('{0}.'.format(str(e))) args['binddn'] = binddn args['bindpw'] = bindpw else: args['keytab_principal'] = ad_kerberos_principal.principal_name args['keytab_file'] = '/etc/krb5.keytab' try: workgroup = FreeNAS_ActiveDirectory.get_workgroup_name(**args) except Exception as e: raise forms.ValidationError(e) if workgroup: if compare_netbios_names(netbiosname, workgroup, None): raise forms.ValidationError( _("The NetBIOS name cannot be the same as the workgroup name!" )) if netbiosname_b: if compare_netbios_names(netbiosname_b, workgroup, None): raise forms.ValidationError( _("The NetBIOS name cannot be the same as the workgroup " "name!")) else: log.warn("Unable to determine workgroup name") if ssl in ("off", None): return cdata if not certificate: raise forms.ValidationError( "SSL/TLS specified without certificate") return cdata