def create_initial_group():
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
api = get_api(config_mgr_.config)
plans = api.list_plans()
unlimited = [x for x in plans if x['storage_bytes'] == 1000000001000000000]
if unlimited:
info = api.info()
data = {
'name': info['company_name'],
'plan_id': unlimited[0]['plan_id'],
'webapi_enable': True,
'check_domain': False,
}
group_id = api.create_group(data)
data = dict(
group_id=group_id,
type='dn',
ldap_id='',
priority=0,
user_source='local',
admin_group=False,
)
config_mgr_.config['groups'].append(data)
config_mgr_.apply_config()
def clean(self):
if any(self.errors):
return
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for x in range(0, self.total_form_count()):
form = self.forms[x]
try:
group_id = form.cleaned_data['group_id']
data = dict(
name=form.cleaned_data['name'],
plan_id=form.cleaned_data['plan_id'],
device_policy=form.cleaned_data['device_policy'],
webapi_enable=form.cleaned_data['webapi_enable'],
check_domain=form.cleaned_data.get(
'check_domain', False),
force=('force_plan_change' in self.data),
)
try:
log_admin_action(
request,
'edit group %s with data: %s' % (group_id, data))
api.edit_group(group_id, data)
except api.QuotaExceeded:
self.show_force = True
form._errors['plan_id'] = form.error_class([
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'
])
g = get_config_group(config, group_id)
g['ldap_id'] = form.cleaned_data['ldap_dn']
g['priority'] = form.cleaned_data['priority']
except api.DuplicateGroupName:
raise forms.ValidationError('Duplicate group name')
config_mgr_.apply_config()
def save_settings(request, api, options):
cleaned_data = options.cleaned_data
data = dict()
data.update(cleaned_data)
if 'timezone' in data:
del data['timezone']
if 'enable_local_users' in data:
del data['enable_local_users']
if 'share_link_ttl' in data:
data['share_link_ttl'] = data['share_link_ttl'].days * 1440
if 'autopurge_interval' in data:
data['autopurge_interval'] = data['autopurge_interval'].days
if 'versionpurge_interval' in data:
data['versionpurge_interval'] = data['versionpurge_interval'].days
for var in AGENT_CONFIG_VARS:
if var in data:
del data[var]
log_admin_action(request, 'update settings with data: %s' % data)
api.update_enterprise_settings(data)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for var in AGENT_CONFIG_VARS:
if var in cleaned_data:
config_mgr_.config[var] = cleaned_data[var]
config_mgr_.apply_config()
if 'timezone' in cleaned_data:
with open('/etc/timezone', 'w') as f:
f.write(cleaned_data['timezone'])
subprocess.call(['dpkg-reconfigure', '-f', 'noninteractive', 'tzdata'])
def password(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
password_form = PasswordForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'password':
password_form = PasswordForm(request.POST)
if password_form.is_valid():
new_password = password_form.cleaned_data['password']
log_admin_action(request, 'change password')
new_pass, api_pass = hash_password(new_password)
api.update_enterprise_password(api_pass)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
config_mgr_.config['api_password'] = api_pass
config_mgr_.config['local_password'] = new_pass
config_mgr_.apply_config()
return redirect('blue_mgnt:password_saved')
return render_to_response(
'password.html',
dict(
user=request.user,
username=username,
features=features,
password_form=password_form,
saved=saved,
account_info=account_info,
), RequestContext(request))
def initial_setup(username, password):
new_pass, api_pass = hash_password(password)
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
config_mgr_.config['api_user'] = username
config_mgr_.config['api_password'] = api_pass
config_mgr_.config['local_password'] = new_pass
config_mgr_.apply_config()
def login_user(request):
form = LoginForm()
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
password = form.cleaned_data['password'].encode('utf-8')
username = form.cleaned_data['username'].strip()
user = authenticate(username=username, password=password)
if user and user.is_active:
login(request, user)
log_admin_action(request, 'logged in')
config = read_config_file()
if not config['api_password']:
initial_setup(username, password)
config = read_config_file()
api = get_api(config)
set_api_version(api)
if api.backup():
log_admin_action(request, 'restoring from backup')
subprocess.call([
'/opt/openmanage/bin/run_restore_omva.sh',
])
elif not config['groups']:
create_initial_group()
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
api = get_api(config_mgr_.config)
subprocess.call([
'/opt/openmanage/bin/first_setup.sh',
api.info()['brand_identifier']
])
request.session['username'] = username
return redirect(urllib.unquote(request.GET.get('next', '/')))
else:
errors = form._errors.setdefault(NON_FIELD_ERRORS, ErrorList())
errors.append('Invalid username or password')
return render_to_response('login.html',
dict(
form=form,
request_login=True,
), RequestContext(request))
def clean(self):
cleaned_data = super(GroupForm, self).clean()
if 'name' in cleaned_data:
device_policy = None
if cleaned_data['device_policy']:
device_policy = cleaned_data['device_policy']
data = dict(
name=cleaned_data['name'],
plan_id=cleaned_data['plan_id'],
device_policy=device_policy,
webapi_enable=cleaned_data['webapi_enable'],
check_domain=cleaned_data.get('check_domain', False),
force=('force_change' in request.POST),
)
group_id = cleaned_data['group_id']
try:
api.edit_group(group_id, data)
log_admin_action(
request,
'edit group %s with data: %s' % (group_id, data))
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
for g in config_mgr_.config['groups']:
if g['group_id'] == group_id:
g['ldap_id'] = cleaned_data['ldap_dn']
g['priority'] = cleaned_data['priority']
g['admin_group'] = cleaned_data['admin_group']
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(
group_id)
django_group.permissions.clear()
for permission_id in cleaned_data['permissions']:
django_group.permissions.add(
Permission.objects.get(pk=permission_id))
django_group.save()
except api.QuotaExceeded:
self.show_force = True
msg = (
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'
)
self._errors['plan_id'] = self.error_class([msg])
return cleaned_data
from netkes.netkes_agent import config_mgr
config = config_mgr.ConfigManager(config_mgr.default_config())
if 'enable_local_users' not in config.config:
config.config['enable_local_users'] = True
for group in config.config['groups']:
if 'user_source' not in group:
group['user_source'] = 'ldap'
if 'admin_group' not in group:
group['admin_group'] = False
if 'priority' not in group:
group['priority'] = 0
config.apply_config()
def group_detail(request,
api,
account_info,
config,
username,
group_id,
saved=False):
group_id = int(group_id)
plans = api.list_plans()
policies = api.list_policies()
groups_list = api.list_groups()
django_group, admin_group = get_or_create_admin_group(group_id)
api_group = api.get_group(group_id)
add_config_items(api_group, config)
api_group['permissions'] = [p.id for p in django_group.permissions.all()]
local_group = get_config_group(config, group_id)['user_source'] == 'local'
fields_not_to_show = []
if local_group:
fields_not_to_show = ['ldap_dn', 'priority']
GroupForm = get_group_form(request, config, plans, policies, api, False,
False)
group_form = GroupForm(data=api_group)
DeleteGroupForm = get_delete_group_form(group_id, config, groups_list)
delete_group = DeleteGroupForm()
if request.method == 'POST':
if request.POST.get('form', '') == 'delete_group':
delete_group = DeleteGroupForm(request.POST)
if delete_group.is_valid():
new_group_id = int(delete_group.cleaned_data['new_group_id'])
data = (group_id, new_group_id)
log_admin_action(
request,
'delete group %s and move users to group %s' % data)
api.delete_group(
group_id,
new_group_id,
)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
for g in config_mgr_.config['groups']:
if g['group_id'] == group_id:
config_mgr_.config['groups'].remove(g)
break
config_mgr_.apply_config()
return redirect('blue_mgnt:groups_saved')
else:
group_form = GroupForm(request.POST)
if group_form.is_valid():
return redirect('blue_mgnt:group_detail_saved', group_id)
return render_to_response(
'group_detail.html',
dict(
delete_group=delete_group,
group_form=group_form,
group_id=group_id,
saved=saved,
fields_not_to_show=fields_not_to_show,
show_force=getattr(group_form, 'show_force', False),
account_info=account_info,
), RequestContext(request))
def groups(request, api, account_info, config, username, saved=False):
features = api.enterprise_features()
plans = api.list_plans()
policies = api.list_policies()
groups_list = api.list_groups()
search = request.GET.get('search', '')
search_back = request.GET.get('search_back', '')
if not search:
search = request.POST.get('search', '')
class GroupCSVForm(forms.Form):
csv_file = forms.FileField(label='Group CSV')
def clean_csv_file(self):
data = self.cleaned_data['csv_file']
csv_data = csv.DictReader(data)
for x, row in enumerate(csv_data):
try:
try:
group_id = int(row['group_id'])
api.edit_group(group_id, process_row(row))
except (KeyError, ValueError):
api.create_group(process_row(row))
except Exception:
raise forms.ValidationError('Invalid data in row %s' % x)
return data
class BaseGroupFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
for x in range(0, self.total_form_count()):
form = self.forms[x]
try:
group_id = form.cleaned_data['group_id']
data = dict(
name=form.cleaned_data['name'],
plan_id=form.cleaned_data['plan_id'],
device_policy=form.cleaned_data['device_policy'],
webapi_enable=form.cleaned_data['webapi_enable'],
check_domain=form.cleaned_data.get(
'check_domain', False),
force=('force_plan_change' in self.data),
)
try:
log_admin_action(
request,
'edit group %s with data: %s' % (group_id, data))
api.edit_group(group_id, data)
except api.QuotaExceeded:
self.show_force = True
form._errors['plan_id'] = form.error_class([
'Changing the plan of this group will put one '
'or more users over quota. Please choose "Force '
'Plan Change" if you are sure you want to do this.'
])
g = get_config_group(config, group_id)
g['ldap_id'] = form.cleaned_data['ldap_dn']
g['priority'] = form.cleaned_data['priority']
except api.DuplicateGroupName:
raise forms.ValidationError('Duplicate group name')
config_mgr_.apply_config()
GroupForm = get_group_form(request,
config,
plans,
policies,
api,
ldap_enabled=features['ldap'])
GroupFormSet = formset_factory(get_group_form(request, config, plans,
policies, api, False),
extra=0,
formset=BaseGroupFormSet)
if search_back == '1':
search = ''
initial = groups_list
elif search:
initial = api.search_groups(search)
else:
initial = groups_list
for i in initial:
add_config_items(i, config)
for plan in plans:
if plan['plan_id'] == i['plan_id']:
storage_gigs = plan['storage_bytes'] / SIZE_OF_GIGABYTE
if storage_gigs < 1000000001:
i['plan_name'] = '%s GB' % storage_gigs
else:
i['plan_name'] = 'Unlimited'
groups = GroupFormSet(initial=initial, prefix='groups')
group_csv = GroupCSVForm()
new_group = GroupForm()
error = False
if request.method == 'POST' and request.user.has_perm(
'blue_mgnt.can_manage_groups'):
if request.POST.get('form', '') == 'new_group':
new_group = GroupForm(request.POST)
if new_group.is_valid():
device_policy = None
if new_group.cleaned_data['device_policy']:
device_policy = new_group.cleaned_data['device_policy']
data = dict(
name=new_group.cleaned_data['name'],
plan_id=new_group.cleaned_data['plan_id'],
device_policy=device_policy,
webapi_enable=new_group.cleaned_data['webapi_enable'],
check_domain=new_group.cleaned_data.get(
'check_domain', False),
)
log_admin_action(request, 'create group with data: %s' % data)
group_id = api.create_group(data)
config_mgr_ = config_mgr.ConfigManager(
config_mgr.default_config())
data = dict(
group_id=group_id,
type='dn',
ldap_id=new_group.cleaned_data.get('ldap_dn', ''),
priority=new_group.cleaned_data['priority'],
user_source=new_group.cleaned_data.get(
'user_source', 'local'),
admin_group=new_group.cleaned_data['admin_group'],
)
config_mgr_.config['groups'].append(data)
config_mgr_.apply_config()
django_group, admin_group = get_or_create_admin_group(group_id)
for permission_id in new_group.cleaned_data['permissions']:
django_group.permissions.add(
Permission.objects.get(pk=permission_id))
django_group.save()
return redirect('blue_mgnt:groups_saved')
elif request.POST.get('form', '') == 'csv':
group_csv = GroupCSVForm(request.POST, request.FILES)
if group_csv.is_valid():
return redirect('blue_mgnt:groups_saved')
else:
groups = GroupFormSet(request.POST, prefix='groups')
if groups.is_valid():
return redirect(
reverse('blue_mgnt:groups_saved') + '?search=%s' % search)
return render_to_response(
'groups.html',
dict(
initial=initial,
config=config,
user=request.user,
username=username,
new_group=new_group,
group_csv=group_csv,
features=features,
groups=groups,
groups_and_data=zip(groups, initial),
saved=saved,
error=error,
account_info=account_info,
search=search,
search_back=search_back,
show_force=getattr(groups, 'show_force', False),
), RequestContext(request))
def settings(request, api, account_info, config, username, saved=False):
opts = api.enterprise_settings()
features = api.enterprise_features()
class OpenmanageOptsForm(forms.Form):
#share_link_ttl = IntervalFormField(
# 'D',
# label='Share Link Time-to-Live',
# initial=datetime.timedelta(minutes=opts['share_link_ttl'])
#)
if features['ldap']:
ad_domain = forms.CharField(
required=False,
label='Restrict client installs to domain',
initial=opts['ad_domain'])
autopurge_interval = IntervalFormField(
'D',
label='Deleted Items Automatic Purge',
initial=datetime.timedelta(days=opts['autopurge_interval']))
versionpurge_interval = IntervalFormField(
'D',
label='Historical Version Automatic Purge',
initial=datetime.timedelta(days=opts['versionpurge_interval']))
support_email = forms.EmailField(initial=opts['support_email'])
if features['ldap']:
omva_url = forms.URLField(
label='OpenManage Virtual Appliance URL',
initial=opts['omva_url'],
)
timezone = forms.ChoiceField(
choices=[(x, x) for x in pytz.common_timezones],
initial=file('/etc/timezone').read().strip(),
)
def __init__(self, *args, **kwargs):
super(OpenmanageOptsForm, self).__init__(*args, **kwargs)
if features['ldap']:
for var in AGENT_CONFIG_VARS:
self.fields[var] = forms.CharField(initial=config.get(
var, ''),
required=False)
options = OpenmanageOptsForm()
class BaseIPBlockFormSet(forms.formsets.BaseFormSet):
def clean(self):
if any(self.errors):
return
blocks = [a.cleaned_data['ip_block'] for a in self.forms \
if a.cleaned_data.get('ip_block') and not a.cleaned_data.get('DELETE')]
api.update_enterprise_settings(
dict(signup_network_restriction=blocks))
log_admin_action(request,
'update signup network restrictions: %s' % blocks)
IPBlockFormSet = formset_factory(IPBlockForm,
can_delete=True,
formset=BaseIPBlockFormSet)
ip_blocks = IPBlockFormSet(
initial=[dict(ip_block=x) for x in opts['signup_network_restriction']],
prefix='ip_blocks')
error = False
sync_output = ''
rebuild_output = ''
if request.method == 'POST' and request.user.has_perm(
'blue_mgnt.can_manage_settings'):
if request.POST.get('form', '') == 'ip_block':
ip_blocks = IPBlockFormSet(request.POST, prefix='ip_blocks')
if ip_blocks.is_valid():
return redirect('blue_mgnt:settings_saved')
else:
error = True
elif request.POST.get('form', '') == 'reboot':
log_admin_action(request, 'reboot management vm')
subprocess.call(['shutdown', '-r', 'now'])
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'sync':
log_admin_action(request, 'sync management vm')
p = subprocess.Popen('/opt/openmanage/bin/run_openmanage.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
sync_output = p.communicate()[0]
if not sync_output:
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'rebuild_db':
log_admin_action(request, 'Rebuild DB')
p = subprocess.Popen('/opt/openmanage/bin/rebuild_db.sh',
stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
rebuild_output = p.communicate()[0]
if not rebuild_output:
return redirect('blue_mgnt:settings_saved')
elif request.POST.get('form', '') == 'restart_directory':
log_admin_action(request, 'restart directory')
config_mgr_ = config_mgr.ConfigManager(config_mgr.default_config())
config_mgr_._kick_services()
return redirect('blue_mgnt:settings_saved')
else:
options = OpenmanageOptsForm(request.POST)
if options.is_valid():
save_settings(request, api, options)
return redirect('blue_mgnt:settings_saved')
return render_to_response(
'settings.html',
dict(
user=request.user,
username=username,
features=features,
ip_blocks=ip_blocks,
sync_output=sync_output,
rebuild_output=rebuild_output,
options=options,
saved=saved,
error=error,
account_info=account_info,
), RequestContext(request))
