def ajax_subkey_delete(request):
if request.method != 'POST':
return HttpResponse(json.dumps({'error': 'Unsupported method'}),
status=500,
content_type='application/json')
pm = helpers.PageManager(request, '')
oid = request.POST.get('subkeyOid')
try:
subkey = pm.object_store.getOID(oid)
except siptracklib.errors.NonExistent as e:
return HttpResponse(json.dumps({'error': 'Subkey not found'}),
status=404,
content_type='application/json')
except Exception as e:
return HttpResponseServerError(json.dumps({'error': str(e)}),
content_type='application/json')
try:
subkey.delete()
except Exception as e:
return HttpResponseServerError(json.dumps({'error': str(e)}),
content_type='application/json')
return HttpResponse(json.dumps({'status': True}),
content_type='application/json')
def update_post(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html', 'password')
password = pm.setVar('password', pm.object_store.getOID(oid))
pm.path(password)
view = password.getParent('view')
password_keys = view.listChildren(include = ['password key'])
url = '/password/update/post/%s/' % (oid)
pm.addForm(PasswordUpdateForm(password_keys, request.POST), url,
'update password', message = 'Updating password.',
extraelements = 'autocomplete="off"')
if not pm.form.is_valid():
return pm.error()
if not pm.form.cleaned_data['pw_password'] == pm.form.cleaned_data['validate']:
return pm.error('passwords don\'t match')
if pm.form.cleaned_data['pw_password']:
password.setPassword(pm.form.cleaned_data['pw_password'])
if pm.form.cleaned_data['pw_username'] != password.attributes.get('username'):
password.attributes['username'] = pm.form.cleaned_data['pw_username']
if pm.form.cleaned_data['description'] != password.attributes.get('description'):
password.attributes['description'] = pm.form.cleaned_data['description']
password_key = None
if pm.form.cleaned_data['passwordkey'] != '__no-password-key__':
password_key = pm.object_store.getOID(pm.form.cleaned_data['passwordkey'])
if password_key != password.key:
password.setPasswordKey(password_key)
return pm.redirect('display.display', (password.parent.oid,))
def ajax_key_is_valid(request):
if request.method != 'POST':
return HttpResponseServerError(json.dumps(
{'error': 'Incorrect method'}),
content_type='application/json')
pm = helpers.PageManager(request, '')
try:
pk = pm.object_store.getOID(request.POST.get('passwordKeyOid'))
except siptracklib.errors.NonExistent as e:
return HttpResponse(json.dumps({'error': 'Password key not found'}),
status=404,
content_type='application/json')
except Exception as e:
return HttpResponseServerError(json.dumps({'error': str(e)}),
content_type='application/json')
try:
test_password = request.POST.get('passwordKeyPassword')
pk.isValidPassword(test_password)
except Exception as e:
return HttpResponseServerError(json.dumps({
'status': False,
'error': str(e)
}),
content_type='application/json')
return HttpResponse(json.dumps({'status': True}),
content_type='application/json')
def add_post(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.path(parent)
users = get_add_users(pm.object_store)
groups = get_add_groups(pm.object_store)
form = PermissionAddForm(users, groups, request.POST)
url = '/permission/add/post/%s/' % (parent.oid)
pm.addForm(form, url, 'add permission')
if not pm.form.is_valid():
return pm.error()
form_users = [
pm.object_store.getOID(oid) for oid in pm.form.cleaned_data['users']
]
form_groups = [
pm.object_store.getOID(oid) for oid in pm.form.cleaned_data['groups']
]
permission = parent.add(
'permission',
pm.form.cleaned_data['read_access'],
pm.form.cleaned_data['write_access'],
form_users,
form_groups,
pm.form.cleaned_data['all_users'],
pm.form.cleaned_data['recursive'],
)
return pm.redirect('display.display', (parent_oid, ))
def key_display(request, oid):
pm = helpers.PageManager(request,
'stweb/passwords/display_passwordkey.html',
'password')
pm.section('password')
pk = pm.setVar('password_key', pm.object_store.getOID(oid))
pm.path(pk)
view = pk.getParent('view')
view_tree = view.parent
user_manager = view_tree.user_manager
user_list = []
# Enumerate list of users connected to the key
if request.session['administrator']:
for users in user_manager.listChildren():
try:
username = users.username
for subkey in users.listChildren(include=['sub key']):
if subkey.password_key is pk:
user_list.append(users)
except:
continue
pm.render_var['user_list'] = user_list
pm.render_var['parent'] = pk.parent
pm.render_var['password_key_list'] = pk.parent.listChildren(
include=['password key'])
pm.render_var['attribute_list'] = attribute.parse_attributes(pk)
return pm.render()
def connectkey_post(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
user = pm.object_store.getOID(oid)
url = '/user/connectkey/post/%s/' % (oid)
password_keys = _get_password_keys(pm.view_tree)
require_user_password = True
if pm.render_var['username'] == user.username:
require_user_password = False
form = UserConnectKeyForm(password_keys, require_user_password,
request.POST)
pm.addForm(form, url, 'connect password key')
pm.path(user)
if not pm.form.is_valid():
return pm.error()
password_key = pm.object_store.getOID(pm.form.cleaned_data['passwordkey'])
user_password = None
if 'user_password' in pm.form.cleaned_data and \
len(pm.form.cleaned_data['user_password']) > 0:
user_password = pm.form.cleaned_data['user_password']
password_key_key = None
if len(pm.form.cleaned_data['password_key_key']) > 0:
password_key_key = pm.form.cleaned_data['password_key_key']
try:
user.connectPasswordKey(password_key, user_password, password_key_key)
except siptracklib.errors.SiptrackError, e:
return pm.error(str(e))
def add_post(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html', 'password')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.path(parent)
view = parent.getParent('view')
password_keys = view.listChildren(include=['password key'])
url = '/password/add/post/%s/' % (parent.oid)
pm.addForm(PasswordAddForm(password_keys, request.POST),
url,
'add password',
message='Adding password.',
extraelements='autocomplete="off"')
if not pm.form.is_valid():
return pm.error()
if not pm.form.cleaned_data['pw_password'] == pm.form.cleaned_data[
'validate']:
return pm.error('passwords don\'t match')
password_key = None
if pm.form.cleaned_data['passwordkey'] != '__no-password-key__':
password_key = pm.object_store.getOID(
pm.form.cleaned_data['passwordkey'])
password_string = pm.form.cleaned_data['pw_password']
if len(password_string) == 0:
password_string = helpers.generate_password()
try:
password = parent.add('password', password_string, password_key)
except siptracklib.errors.SiptrackError, e:
return pm.error(str(e))
def display(request, oid):
pm = helpers.PageManager(request, 'stweb/users/display_user.html')
user = pm.setVar('user', pm.object_store.getOID(oid))
# Set a render variable to indicate if the user has logged in before based
# on whether or not they have a public key.
user_pk = user.listChildren(include=['public key'])
if not len(user_pk):
has_public_key = False
else:
has_public_key = True
has_logged_in = pm.setVar('has_logged_in', has_public_key)
pm.render_var['attribute_list'] = attribute.parse_attributes(user)
subkey_list = []
for subkey in user.listChildren(include=['sub key']):
try:
pw_key = subkey.password_key
except siptracklib.errors.NonExistent as e:
subkey_list.append({'oid': subkey.oid, 'exists': False})
continue
subkey_list.append(subkey)
# Sort the list of subkeys to easier find them
sorted_subkey_list = sorted(
subkey_list,
key=lambda k: k.password_key.attributes.get('name')
)
pm.render_var['subkey_list'] = sorted_subkey_list
pm.path(user)
return pm.render()
def ajax_connectkey(request):
if request.method != 'POST':
return HttpResponseServerError(
json.dumps({
'error': 'Unsupported method'
}),
content_type='application/json'
)
pm = helpers.PageManager(request, '')
password_key = pm.object_store.getOID(request.POST.get('passwordKeyOid'))
user = pm.object_store.getOID(request.POST.get('userOid'))
password_key_key = request.POST.get('passwordKeyPassword')
user_password = request.POST.get('userPassword')
try:
user.connectPasswordKey(password_key, user_password, password_key_key)
except siptracklib.errors.SiptrackError as e:
return HttpResponseServerError(
json.dumps({
'status': False,
'error': str(e)
}),
content_type='application/json'
)
return HttpResponse(
json.dumps({
'status': True
})
)
def add_post(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
pm.path(None)
url = '/user/add/post/%s/' % (oid)
pm.addForm(UserAddForm(request.POST), url, 'add user')
if not pm.form.is_valid():
return pm.error()
if pm.form.cleaned_data['password'] != pm.form.cleaned_data['validate']:
return pm.error('passwords don\'t match')
um = pm.object_store.getOID(oid)
user_type = None
if um.class_name == 'user manager local':
user_type = 'user local'
elif um.class_name == 'user manager ldap':
user_type = 'user ldap'
elif um.class_name == 'user manager active directory':
user_type = 'user active directory'
try:
user = um.add(user_type, pm.form.cleaned_data['user_name'],
pm.form.cleaned_data['password'],
pm.form.cleaned_data['administrator'])
except siptracklib.errors.SiptrackError, e:
return pm.error(str(e))
def add(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
url = '/user/add/post/%s/' % (oid)
pm.addForm(UserAddForm(), url, 'add user')
pm.path(None)
return pm.render()
def update_post(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
counter = pm.object_store.getOID(oid)
url = '/counter/update/post/%s/' % (counter.oid)
if counter.class_name == 'counter':
pm.addForm(CounterUpdateBasicForm(request.POST), url, 'update counter')
elif counter.class_name == 'counter loop':
pm.addForm(CounterUpdateLoopingForm(request.POST), url,
'update counter')
if not pm.form.is_valid():
return pm.error()
if counter.class_name == 'counter loop':
values = pm.form.cleaned_data['values']
values = values.replace('\r', '\n').split('\n')
values = [value for value in values if len(value) > 0]
if len(values) == 0:
return pm.error('invalid values')
if counter.values != values:
counter.values = values
if pm.form.cleaned_data['name'] != counter.attributes.get('name', None):
counter.attributes['name'] = pm.form.cleaned_data['name']
if pm.form.cleaned_data['description'] != counter.attributes.get(
'description', None):
counter.attributes['description'] = pm.form.cleaned_data['description']
if pm.form.cleaned_data['value'] != counter.value:
if counter.class_name == 'counter':
counter.value = int(pm.form.cleaned_data['value'])
elif counter.class_name == 'counter loop':
counter.value = pm.form.cleaned_data['value']
return pm.redirect('counter.display', (oid, ))
def search(request):
pm = helpers.PageManager(request, 'stweb/views/search_results.html')
if 'searchstring' in request.GET:
searchstring = request.GET['searchstring']
else:
pm.setForm(ViewSearchForm(request.POST))
if not pm.form.is_valid():
return pm.render()
searchstring = pm.form.cleaned_data['searchstring']
searchstring = searchstring.strip()
searchresults = helpers.search(pm.object_store, searchstring)
# Go directly to the result for a single match.
if searchresults['resultcount'] == 1:
if searchresults['singleresult'].class_name == 'device':
return pm.redirect('device.display',
(searchresults['singleresult'].oid, ))
if searchresults['singleresult'].class_name == 'device category':
return pm.redirect('device.display',
(searchresults['singleresult'].oid, ))
if searchresults['singleresult'].class_name == 'ipv4 network':
return pm.redirect('network.display',
(searchresults['singleresult'].oid, ))
pm.render_var['searchresults'] = searchresults
return pm.render()
def add_post(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.path(parent)
config_type = request.POST.get('config_type', '')
url = '/config/add/post/%s/' % (parent_oid)
if config_type == 'netautoassign':
view = parent.getParent('view', include_self=True)
network_trees = view.listChildren(include=['network tree'])
form = ConfigAddNetworkAutoassignForm(network_trees, request.POST)
elif config_type == 'value':
form = ConfigAddValueForm(request.POST)
else:
return pm.error('bad, invalid config type')
pm.addForm(form, url, '')
if not form.is_valid():
return pm.error('')
if config_type == 'netautoassign':
nt = pm.object_store.getOID(pm.form.cleaned_data['networktree'])
parent.add('config network autoassign', nt,
pm.form.cleaned_data['range_start'],
pm.form.cleaned_data['range_end'])
elif config_type == 'value':
parent.add('config value', pm.form.cleaned_data['name'],
pm.form.cleaned_data['value'])
return pm.redirect('display.display', (parent_oid, ))
def display(request, oid):
pm = helpers.PageManager(request, 'stweb/views/counters/display.html')
counter = pm.setVar('counter', pm.object_store.getOID(oid))
pm.render_var['parent'] = counter.parent
pm.render_var['attribute_list'] = attribute.parse_attributes(counter)
pm.path(counter)
return pm.render()
def manager_delete(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
um = pm.object_store.getOID(oid)
pm.addForm(DeleteForm(), '/user/manager/delete/post/%s/' % (oid),
'remove user manager', message = 'Removing user manager.')
pm.path(um)
return pm.render()
def add_looping(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
url = '/counter/looping/add/post/%s/' % (parent.oid)
pm.addForm(CounterAddLoopingForm(), url, 'add counter')
pm.path(parent)
return pm.render()
def session_kill(request, session_id):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
pm.addForm(DeleteForm(),
'/user/session/kill/post/%s/' % (session_id),
'kill session',
message='Kill session.')
pm.path(None)
return pm.render()
def reset_password(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
user = pm.setVar('user', pm.object_store.getOID(oid))
url = '/user/password/reset/post/%s/' % (user.oid)
pm.addForm(UserResetPasswordForm(), url, 'reset password')
pm.path(user)
return pm.render()
def category_add(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html', 'password')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.path(parent)
url = '/password/category/add/post/%s/' % (parent.oid)
pm.addForm(PasswordCategoryAddForm(), url, 'add password category')
return pm.render()
def group_delete(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
group = pm.setVar('group', pm.object_store.getOID(oid))
pm.addForm(DeleteForm(), '/user/group/delete/post/%s/' % (group.oid),
'remove group', message = 'Removing group.')
pm.path(group)
return pm.render()
def index(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/views/counters/index.html')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.section('counter')
include = ['counter', 'counter loop']
pm.render_var['counter_list'] = parent.listChildren(include=include)
pm.path(parent)
return pm.render()
def manager_activate(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
um = pm.object_store.getOID(oid)
pm.addForm(EmptyForm(),
'/user/manager/activate/post/%s/' % (oid),
'activate user manager', message = 'Activate user manager.')
pm.path(um)
return pm.render()
def subkey_delete(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
subkey = pm.setVar('subkey', pm.object_store.getOID(oid))
user = subkey.parent
pm.addForm(DeleteForm(), '/user/subkey/delete/post/%s/' % (oid),
'remove subkey', message = 'Removing subkey.')
pm.path(user)
return pm.render()
def session_kill_post(request, session_id):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
pm.addForm(DeleteForm(request.POST), '/user/session/kill/post/%s/' % (session_id),
'kill session', message = 'Kill session.')
if not pm.form.is_valid():
return pm.render()
pm.object_store.killServerSession(session_id)
return pm.redirect('user.index', ())
def add_select(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.path(parent)
form = ConfigAddSelectTypeForm(parent)
url = '/config/add/set/%s/' % (parent.oid)
pm.addForm(form, url, 'add config item')
return pm.render()
def key_add(request, parent_oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html', 'password')
parent = pm.setVar('parent', pm.object_store.getOID(parent_oid))
pm.path(parent)
pm.render_var['password_key_list'] = parent.listChildren(include = ['password key'])
url = '/password/key/add/post/%s/' % (parent.oid)
pm.addForm(PasswordKeyAddForm(), url, 'add password key')
return pm.render()
def display(request, oid):
pm = helpers.PageManager(request, 'stweb/permissions/display.html')
permission = pm.setVar('permission', pm.object_store.getOID(oid))
pm.render_var['parent'] = permission.parent
pm.render_var['attribute_list'] = attribute.parse_attributes(permission)
pm.render_var['permission'] = permission
pm.path(permission)
return pm.render()
def group_display(request, oid):
pm = helpers.PageManager(request, 'stweb/users/display_group.html')
pm.section('user')
group = pm.object_store.getOID(oid)
pm.render_var['group'] = group
pm.render_var['attribute_list'] = attribute.parse_attributes(group)
pm.path(group)
return pm.render()
def manager_ad_syncusers(request, oid):
pm = helpers.PageManager(request, 'stweb/generic_form.html')
um = pm.object_store.getOID(oid)
pm.addForm(UsermanagerADSyncUsersForm(),
'/user/manager/syncusers/ad/post/%s/' % (oid),
'sync users', message = 'Sync user list from AD server.')
pm.path(um)
return pm.render()