def group_delete():
"""
Delete rules
"""
rules_dict = session[constants.RULES_KEY]
rule_type = session[constants.TYPE_ARG]
rules = [str(rule) for rule in rules_dict[str(constants.RULE_TYPES[rule_type])]]
model_name = DATA_MODELS_NAMED[rule_type]
rule_type_int = constants.RULE_TYPES[rule_type]
route_model = ROUTE_MODELS[rule_type_int]
to_delete = request.form.getlist('delete-id')
if set(to_delete).issubset(set(rules)):
for rule_id in to_delete:
# withdraw route
model = db.session.query(model_name).get(rule_id)
route = route_model(model, constants.WITHDRAW)
announce_route(route)
log_withdraw(session['user_id'], route, rule_type, model.id)
db.session.query(model_name).filter(model_name.id.in_(to_delete)).delete(synchronize_session=False)
db.session.commit()
flash(u'Rules {} deleted'.format(to_delete), 'alert-success')
else:
flash(u'You can not delete rules {}'.format(to_delete), 'alert-warning')
return redirect(url_for('dashboard.index',
rtype=session[constants.TYPE_ARG],
rstate=session[constants.RULE_ARG],
sort=session[constants.SORT_ARG],
squery=session[constants.SEARCH_ARG],
order=session[constants.ORDER_ARG]))
def delete_rule(current_user, rule_id, model_name, route_model, rule_type):
"""
Common method for deleting ipv4 or ipv6 rules
:param current_user:
:param rule_id:
:param model_name:
:param route_model:
:return:
"""
model = db.session.query(model_name).get(rule_id)
if model:
if check_access_rights(current_user, model.user_id):
# withdraw route
route = route_model(model, WITHDRAW)
announce_route(route)
log_withdraw(
current_user["id"],
route,
rule_type,
model.id,
"{} / {}".format(current_user["uuid"], current_user["org"]),
)
# delete from db
db.session.delete(model)
db.session.commit()
return jsonify({"message": "rule deleted"}), 201
else:
return jsonify({"message": "not allowed to delete this rule"}), 401
else:
return jsonify({"message": "rule {} not found ".format(rule_id)}), 404
def group_update_save(rule_type):
# redirect bad request
try:
to_update = session['group-update']
except KeyError:
return redirect(
url_for('dashboard.index',
rtype=session[constants.TYPE_ARG],
rstate=session[constants.RULE_ARG],
sort=session[constants.SORT_ARG],
squery=session[constants.SEARCH_ARG],
order=session[constants.ORDER_ARG]))
model_name = DATA_MODELS[rule_type]
form_name = DATA_FORMS[rule_type]
form = form_name(request.form)
# set new expiration date
expires = round_to_ten_minutes(webpicker_to_datetime(form.expires.data))
# set state by time
rstate_id = get_state_by_time(webpicker_to_datetime(form.expires.data))
comment = form.comment.data
route_model = ROUTE_MODELS[rule_type]
for rule_id in to_update:
# update record
model = db.session.query(model_name).get(rule_id)
model.expires = expires
model.rstate_id = rstate_id
model.comment = "{} {}".format(model.comment, comment)
db.session.commit()
if model.rstate_id == 1:
# announce route
route = route_model(model, constants.ANNOUNCE)
announce_route(route)
# log changes
log_route(
session['user_id'], model, rule_type,
"{} / {}".format(session['user_email'], session['user_orgs']))
else:
# withdraw route
route = route_model(model, constants.WITHDRAW)
announce_route(route)
# log changes
log_withdraw(
session['user_id'], route, rule_type, model.id,
"{} / {}".format(session['user_email'], session['user_orgs']))
flash(u'Rules {} successfully updated'.format(to_update), 'alert-success')
return redirect(
url_for('dashboard.index',
rtype=session[constants.TYPE_ARG],
rstate=session[constants.RULE_ARG],
sort=session[constants.SORT_ARG],
squery=session[constants.SEARCH_ARG],
order=session[constants.ORDER_ARG]))
def delete_rule(rule_type, rule_id):
"""
Delete rule with given id and type
:param sort_key:
:param filter_text:
:param rstate:
:param rule_type: string - type of rule to be deleted
:param rule_id: integer - rule id
"""
rules_dict = session[constants.RULES_KEY]
rules = rules_dict[str(rule_type)]
model_name = DATA_MODELS[rule_type]
route_model = ROUTE_MODELS[rule_type]
model = db.session.query(model_name).get(rule_id)
if model.id in rules:
# withdraw route
route = route_model(model, constants.WITHDRAW)
announce_route(route)
log_withdraw(
session['user_id'], route, rule_type, model.id,
"{} / {}".format(session['user_email'], session['user_orgs']))
# delete from db
db.session.delete(model)
db.session.commit()
flash(u'Rule deleted', 'alert-success')
else:
flash(u'You can not delete this rule', 'alert-warning')
return redirect(
url_for('dashboard.index',
rtype=session[constants.TYPE_ARG],
rstate=session[constants.RULE_ARG],
sort=session[constants.SORT_ARG],
squery=session[constants.SEARCH_ARG],
order=session[constants.ORDER_ARG]))
def reactivate_rule(rule_type, rule_id):
"""
Set new time for the rule of given type identified by id
:param rule_type: string - type of rule
:param rule_id: integer - id of the rule
"""
model_name = DATA_MODELS[rule_type]
form_name = DATA_FORMS[rule_type]
model = db.session.query(model_name).get(rule_id)
form = form_name(request.form, obj=model)
form.net_ranges = get_user_nets(session['user_id'])
if rule_type > 2:
form.action.choices = [(g.id, g.name)
for g in db.session.query(Action).order_by('name')]
form.action.data = model.action_id
if rule_type == 1:
form.community.choices = get_user_communities(session['user_role_ids'])
form.community.data = model.community_id
if rule_type == 4:
form.protocol.data = model.protocol
if rule_type == 6:
form.next_header.data = model.next_header
# do not need to validate - all is readonly
if request.method == 'POST':
# set new expiration date
model.expires = round_to_ten_minutes(webpicker_to_datetime(form.expires.data))
# set again the active state
model.rstate_id = get_state_by_time(webpicker_to_datetime(form.expires.data))
model.comment = form.comment.data
db.session.commit()
flash(u'Rule successfully updated', 'alert-success')
route_model = ROUTE_MODELS[rule_type]
if model.rstate_id == 1:
# announce route
route = route_model(model, constants.ANNOUNCE)
announce_route(route)
# log changes
log_route(session['user_id'], model, rule_type)
else:
# withdraw route
route = route_model(model, constants.WITHDRAW)
announce_route(route)
# log changes
log_withdraw(session['user_id'], route, rule_type, model.id)
return redirect(url_for('dashboard.index',
rtype=session[constants.TYPE_ARG],
rstate=session[constants.RULE_ARG],
sort=session[constants.SORT_ARG],
squery=session[constants.SEARCH_ARG],
order=session[constants.ORDER_ARG]))
else:
flash_errors(form)
form.expires.data = datetime_to_webpicker(model.expires)
for field in form:
if field.name not in ['expires', 'csrf_token', 'comment']:
field.render_kw = {'disabled': 'disabled'}
action_url = url_for('rules.reactivate_rule', rule_type=rule_type, rule_id=rule_id)
return render_template(DATA_TEMPLATES[rule_type], form=form, action_url=action_url, editing=True, title="Update")
