def save_interfaceinfo(request): """Set ifalias and/or vlan on netbox messages: created from the results from the messages framework interfaceid must be a part of the request ifalias, vlan and voicevlan are all optional """ if request.method == 'POST': interface = Interface.objects.get(pk=request.POST.get('interfaceid')) account = get_account(request) # Skip a lot of queries if access_control is not turned on if should_check_access_rights(account): _logger.info('Checking access rights for %s', account) if interface.vlan in [ v.vlan for v in find_allowed_vlans_for_user_on_netbox( account, interface.netbox) ]: set_interface_values(account, interface, request) else: # Should only happen if user tries to avoid gui restrictions messages.error(request, 'Not allowed to edit this interface') else: set_interface_values(account, interface, request) else: messages.error(request, 'Wrong request type') result = {"messages": build_ajax_messages(request)} return response_based_on_result(result)
def handle_trunk_edit(request, agent, interface): """Edit a trunk""" native_vlan = int(request.POST.get('native_vlan', 1)) trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')] if should_check_access_rights(get_account(request)): # A user can avoid the form restrictions by sending a forged post # request Make sure only the allowed vlans are set old_native, old_trunked = agent.get_native_and_trunked_vlans(interface) allowed_vlans = [ v.vlan for v in find_allowed_vlans_for_user(get_account(request)) ] trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans) native_vlan = (native_vlan if native_vlan in allowed_vlans else old_native) _logger.info('Interface %s - native: %s, trunk: %s', interface, native_vlan, trunked_vlans) LogEntry.add_log_entry( request.account, u'set-vlan', u'{actor}: {object} - native vlan: "%s", trunk vlans: "%s"' % (native_vlan, trunked_vlans), subsystem=u'portadmin', object=interface, ) if trunked_vlans: agent.set_trunk(interface, native_vlan, trunked_vlans) else: agent.set_access(interface, native_vlan)
def handle_trunk_edit(request, agent, interface): """Edit a trunk""" native_vlan = int(request.POST.get('native_vlan')) trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')] if should_check_access_rights(get_account(request)): # A user can avoid the form restrictions by sending a forged post # request Make sure only the allowed vlans are set old_native, old_trunked = agent.get_native_and_trunked_vlans(interface) allowed_vlans = [v.vlan for v in find_allowed_vlans_for_user(get_account(request))] trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans) native_vlan = (native_vlan if native_vlan in allowed_vlans else old_native) _logger.info('Interface %s - native: %s, trunk: %s', interface, native_vlan, trunked_vlans) if trunked_vlans: agent.set_trunk(interface, native_vlan, trunked_vlans) else: agent.set_access(interface, native_vlan)
def save_interfaceinfo(request): """Set ifalias and/or vlan on netbox messages: created from the results from the messages framework interfaceid must be a part of the request ifalias, vlan and voicevlan are all optional """ if request.method == 'POST': interface = Interface.objects.get(pk=request.POST.get('interfaceid')) account = get_account(request) # Skip a lot of queries if access_control is not turned on if should_check_access_rights(account): _logger.info('Checking access rights for %s', account) if interface.vlan in [v.vlan for v in find_allowed_vlans_for_user_on_netbox( account, interface.netbox)]: set_interface_values(account, interface, request) else: # Should only happen if user tries to avoid gui restrictions messages.error(request, 'Not allowed to edit this interface') else: set_interface_values(account, interface, request) else: messages.error(request, 'Wrong request type') result = {"messages": build_ajax_messages(request)} return response_based_on_result(result)
def handle_trunk_edit(request, agent, interface): """Edit a trunk""" native_vlan = int(request.POST.get('native_vlan')) trunked_vlans = [int(vlan) for vlan in request.POST.getlist('trunk_vlans')] if should_check_access_rights(get_account(request)): # A user can avoid the form restrictions by sending a forged post # request Make sure only the allowed vlans are set old_native, old_trunked = agent.get_native_and_trunked_vlans(interface) allowed_vlans = [ v.vlan for v in find_allowed_vlans_for_user(get_account(request)) ] trunked_vlans = filter_vlans(trunked_vlans, old_trunked, allowed_vlans) native_vlan = (native_vlan if native_vlan in allowed_vlans else old_native) _logger.info('Interface %s - native: %s, trunk: %s', interface, native_vlan, trunked_vlans) if trunked_vlans: agent.set_trunk(interface, native_vlan, trunked_vlans) else: agent.set_access(interface, native_vlan)
def render_trunk_edit(request, interfaceid): """Controller for rendering trunk edit view""" interface = Interface.objects.get(pk=interfaceid) handler = get_management_handler(interface.netbox) if request.method == 'POST': try: handle_trunk_edit(request, handler, interface) except ManagementError as error: messages.error(request, 'Error editing trunk: %s' % error) else: messages.success(request, 'Trunk edit successful') account = request.account netbox = interface.netbox add_readonly_reason(request, handler) try: vlans = handler.get_netbox_vlans() # All vlans on this netbox native_vlan, trunked_vlans = handler.get_native_and_trunked_vlans( interface) except ManagementError as error: vlans = native_vlan = trunked_vlans = allowed_vlans = None messages.error(request, 'Error getting trunk information: {}'.format(error)) else: if should_check_access_rights(account): allowed_vlans = find_allowed_vlans_for_user_on_netbox( account, interface.netbox, handler) else: allowed_vlans = vlans extra_path = [ ( netbox.sysname, reverse('portadmin-sysname', kwargs={'sysname': netbox.sysname}), ), ("Trunk %s" % interface, ), ] context = get_base_context(extra_path) context.update({ 'interface': interface, 'available_vlans': vlans, 'native_vlan': native_vlan, 'trunked_vlans': trunked_vlans, 'allowed_vlans': allowed_vlans, 'trunk_edit': CONFIG.get_trunk_edit(), 'readonly': not handler.is_configurable(), }) return render(request, 'portadmin/trunk_edit.html', context)
def render_trunk_edit(request, interfaceid): """Controller for rendering trunk edit view""" config = read_config() interface = Interface.objects.get(pk=interfaceid) agent = get_factory(interface.netbox) if request.method == 'POST': try: handle_trunk_edit(request, agent, interface) except SnmpError as error: messages.error(request, 'Error editing trunk: %s' % error) else: messages.success(request, 'Trunk edit successful') account = request.account netbox = interface.netbox check_read_write(netbox, request) try: vlans = agent.get_netbox_vlans() # All vlans on this netbox native_vlan, trunked_vlans = agent.get_native_and_trunked_vlans( interface) except SnmpError: vlans = native_vlan = trunked_vlans = allowed_vlans = None messages.error(request, 'Error getting trunk information') else: if should_check_access_rights(account): allowed_vlans = find_allowed_vlans_for_user_on_netbox( account, interface.netbox, agent) else: allowed_vlans = vlans extra_path = [(netbox.sysname, reverse('portadmin-sysname', kwargs={'sysname': netbox.sysname})), ("Trunk %s" % interface, )] context = get_base_context(extra_path) context.update({ 'interface': interface, 'available_vlans': vlans, 'native_vlan': native_vlan, 'trunked_vlans': trunked_vlans, 'allowed_vlans': allowed_vlans, 'trunk_edit': get_trunk_edit(config) }) return render_to_response('portadmin/trunk_edit.html', context, RequestContext(request))
messages.error(request, 'Error editing trunk: %s' % error) else: messages.success(request, 'Trunk edit successful') account = request.account netbox = interface.netbox check_read_write(netbox, request) try: vlans = agent.get_netbox_vlans() # All vlans on this netbox native_vlan, trunked_vlans = agent.get_native_and_trunked_vlans( interface) except SnmpError: vlans = native_vlan = trunked_vlans = allowed_vlans = None messages.error(request, 'Error getting trunk information') else: if should_check_access_rights(account): allowed_vlans = find_allowed_vlans_for_user_on_netbox( account, interface.netbox, agent) else: allowed_vlans = vlans extra_path = [(netbox.sysname, reverse('portadmin-sysname', kwargs={'sysname': netbox.sysname})), ("Trunk %s" % interface,)] context = get_base_context(extra_path) context.update({'interface': interface, 'available_vlans': vlans, 'native_vlan': native_vlan, 'trunked_vlans': trunked_vlans, 'allowed_vlans': allowed_vlans})
messages.error(request, 'Error editing trunk: %s' % error) else: messages.success(request, 'Trunk edit successful') account = request.account netbox = interface.netbox check_read_write(netbox, request) try: vlans = agent.get_netbox_vlans() # All vlans on this netbox native_vlan, trunked_vlans = agent.get_native_and_trunked_vlans( interface) except SnmpError: vlans = native_vlan = trunked_vlans = allowed_vlans = None messages.error(request, 'Error getting trunk information') else: if should_check_access_rights(account): allowed_vlans = find_allowed_vlans_for_user_on_netbox( account, interface.netbox, agent) else: allowed_vlans = vlans extra_path = [(netbox.sysname, reverse('portadmin-sysname', kwargs={'sysname': netbox.sysname})), ("Trunk %s" % interface, )] context = get_base_context(extra_path) context.update({ 'interface': interface, 'available_vlans': vlans, 'native_vlan': native_vlan,