def handle_trunk_edit(request, agent, interface):
"""Edit a trunk"""
native_vlan = int(request.POST.get('native_vlan', 1))
trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')]
if should_check_access_rights(get_account(request)):
# A user can avoid the form restrictions by sending a forged post
# request Make sure only the allowed vlans are set
old_native, old_trunked = agent.get_native_and_trunked_vlans(interface)
allowed_vlans = [
v.vlan for v in find_allowed_vlans_for_user(get_account(request))
]
trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans)
native_vlan = (native_vlan
if native_vlan in allowed_vlans else old_native)
_logger.info('Interface %s - native: %s, trunk: %s', interface,
native_vlan, trunked_vlans)
LogEntry.add_log_entry(
request.account,
u'set-vlan',
u'{actor}: {object} - native vlan: "%s", trunk vlans: "%s"' %
(native_vlan, trunked_vlans),
subsystem=u'portadmin',
object=interface,
)
if trunked_vlans:
agent.set_trunk(interface, native_vlan, trunked_vlans)
else:
agent.set_access(interface, native_vlan)
def handle_trunk_edit(request, agent, interface):
"""Edit a trunk"""
native_vlan = int(request.POST.get('native_vlan'))
trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')]
if should_check_access_rights(get_account(request)):
# A user can avoid the form restrictions by sending a forged post
# request Make sure only the allowed vlans are set
old_native, old_trunked = agent.get_native_and_trunked_vlans(interface)
allowed_vlans = [
v.vlan for v in find_allowed_vlans_for_user(get_account(request))
]
trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans)
native_vlan = (native_vlan
if native_vlan in allowed_vlans else old_native)
_logger.info('Interface %s - native: %s, trunk: %s', interface,
native_vlan, trunked_vlans)
if trunked_vlans:
agent.set_trunk(interface, native_vlan, trunked_vlans)
else:
agent.set_access(interface, native_vlan)
def handle_trunk_edit(request, agent, interface):
"""Edit a trunk"""
native_vlan = int(request.POST.get('native_vlan'))
trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')]
if should_check_access_rights(get_account(request)):
# A user can avoid the form restrictions by sending a forged post
# request Make sure only the allowed vlans are set
old_native, old_trunked = agent.get_native_and_trunked_vlans(interface)
allowed_vlans = [v.vlan for v in
find_allowed_vlans_for_user(get_account(request))]
trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans)
native_vlan = (native_vlan if native_vlan in allowed_vlans
else old_native)
_logger.info('Interface %s - native: %s, trunk: %s', interface,
native_vlan, trunked_vlans)
if trunked_vlans:
agent.set_trunk(interface, native_vlan, trunked_vlans)
else:
agent.set_access(interface, native_vlan)
def test_find_allowed_vlans_for_user(self):
"""Should return all vlans for this users org and child orgs"""
account = Mock()
account.organizations.all.return_value = [self.org1]
self.assertEqual(sorted(find_allowed_vlans_for_user(account)),
sorted([FantasyVlan(self.vlan1.vlan),
FantasyVlan(self.vlan2.vlan),
FantasyVlan(self.vlan3.vlan)]))
def test_find_allowed_vlans_for_user(self):
"""Should return all vlans for this users org and child orgs"""
account = Mock()
account.organizations.all.return_value = [self.org1]
self.assertEqual(
sorted(find_allowed_vlans_for_user(account)),
sorted([
FantasyVlan(self.vlan1.vlan),
FantasyVlan(self.vlan2.vlan),
FantasyVlan(self.vlan3.vlan)
]))