From f5cd0730347691e90d57ac39436570e56a338cb5 Mon Sep 17 00:00:00 2001 From: Leonidas Poulopoulos Date: Fri, 4 Apr 2014 16:48:06 +0300 Subject: [PATCH] Minor updates plus dashboard view --- flowspec/forms.py | 4 +-- flowspec/models.py | 45 ++++++++++++++--------------- flowspec/views.py | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++-- poller/views.py | 6 ++-- 4 files changed, 105 insertions(+), 30 deletions(-) diff --git a/flowspec/forms.py b/flowspec/forms.py index d6a45a0..9917883 100644 --- a/flowspec/forms.py +++ b/flowspec/forms.py @@ -151,7 +151,7 @@ class RouteForm(forms.ModelForm): def clean(self): if self.errors: - raise forms.ValidationError(_('Errors in form. Please review and fix them')) + raise forms.ValidationError(_('Errors in form. Please review and fix them: %s'%", ".join(self.errors))) name = self.cleaned_data.get('name', None) source = self.cleaned_data.get('source', None) sourceports = self.cleaned_data.get('sourceport', None) @@ -269,7 +269,7 @@ class PortPlainForm(forms.ModelForm): try: p = int(port) if int(port) > 65535 or int(port) < 0: - raise forms.ValidationError(_('')) + raise forms.ValidationError(_('Port should be < 65535 and >= 0')) return "%s" %self.cleaned_data["port"] except forms.ValidationError: raise forms.ValidationError(_('Port should be < 65535 and >= 0')) diff --git a/flowspec/models.py b/flowspec/models.py index 588a0e2..148cca8 100644 --- a/flowspec/models.py +++ b/flowspec/models.py @@ -376,52 +376,53 @@ class Route(models.Model): then_statements = self.then.all() for statement in then_statements: if statement.action_value: - ret = "%s %s:%s
" %(ret, statement.action, statement.action_value) + ret = "%s %s %s" %(ret, statement.action, statement.action_value) else: - ret = "%s %s
" %(ret, statement.action) - return ret.rstrip(',') + ret = "%s %s" %(ret, statement.action) + return ret get_then.short_description = 'Then statement' get_then.allow_tags = True # def get_match(self): - ret = '' + ret = '
' if self.destination: - ret = '%s Dst Addr:%s
' %(ret, self.destination) + ret = '%s
Dst Addr
%s
' %(ret, self.destination) if self.fragmenttype.all(): - ret = ret + "Fragment Types:%s
" %(','.join(["%s"%i for i in self.fragmenttype.all()])) + ret = ret + "
Fragment Types
%s
" %(', '.join(["%s"%i for i in self.fragmenttype.all()])) # for fragment in self.fragmenttype.all(): -# ret = ret + "Fragment Types:%s
" %(fragment) +# ret = ret + "Fragment Types:%s" %(fragment) if self.icmpcode: - ret = "%s ICMP code:%s
" %(ret, self.icmpcode) + ret = "%s
ICMP code
%s
" %(ret, self.icmpcode) if self.icmptype: - ret = "%s ICMP Type:%s
" %(ret, self.icmptype) + ret = "%s
ICMP Type
%s
" %(ret, self.icmptype) if self.packetlength: - ret = "%s Packet Length:%s
" %(ret, self.packetlength) + ret = "%s
Packet Length
%s
" %(ret, self.packetlength) if self.source: - ret = "%s Src Addr:%s
" %(ret, self.source) + ret = "%s
Src Addr
%s
" %(ret, self.source) if self.tcpflag: - ret = "%s TCP flag:%s
" %(ret, self.tcpflag) + ret = "%s
TCP flag
%s
" %(ret, self.tcpflag) if self.port.all(): - ret = ret + "Ports:%s
" %(','.join(["%s"%i for i in self.port.all()])) + ret = ret + "
Ports
%s
" %(', '.join(["%s"%i for i in self.port.all()])) # for port in self.port.all(): -# ret = ret + "Port:%s
" %(port) +# ret = ret + "Port:%s" %(port) if self.protocol.all(): - ret = ret + "Protocols:%s
" %(','.join(["%s"%i for i in self.protocol.all()])) + ret = ret + "
Protocols
%s
" %(', '.join(["%s"%i for i in self.protocol.all()])) # for protocol in self.protocol.all(): -# ret = ret + "Protocol:%s
" %(protocol) +# ret = ret + "Protocol:%s" %(protocol) if self.destinationport.all(): - ret = ret + "DstPorts:%s
" %(','.join(["%s"%i for i in self.destinationport.all()])) + ret = ret + "
DstPorts
%s
" %(', '.join(["%s"%i for i in self.destinationport.all()])) # for port in self.destinationport.all(): -# ret = ret + "Dst Port:%s
" %(port) +# ret = ret + "Dst Port:%s" %(port) if self.sourceport.all(): - ret = ret + "SrcPorts:%s
" %(','.join(["%s"%i for i in self.sourceport.all()])) + ret = ret + "
SrcPorts
%s
" %(', '.join(["%s"%i for i in self.sourceport.all()])) # for port in self.sourceport.all(): -# ret = ret +"Src Port:%s
" %(port) +# ret = ret +"Src Port:%s" %(port) if self.dscp: for dscp in self.dscp.all(): - ret = ret + "%s Port:%s
" %(ret, dscp) - return ret.rstrip('
') + ret = ret + "%s
Port
%s
" %(ret, dscp) + ret = ret + "
" + return ret get_match.short_description = 'Match statement' get_match.allow_tags = True diff --git a/flowspec/views.py b/flowspec/views.py index 4629d77..94836dc 100644 --- a/flowspec/views.py +++ b/flowspec/views.py @@ -79,6 +79,24 @@ def welcome(request): @login_required @never_cache +def dashboard(request): + group_routes = [] + try: + peer = request.user.get_profile().peer + except UserProfile.DoesNotExist: + error = "User %s does not belong to any peer or organization. It is not possible to create new firewall rules.
Please contact Helpdesk to resolve this issue" % request.user.username + return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) + if peer: + peer_members = UserProfile.objects.filter(peer=peer) + users = [prof.user for prof in peer_members] + group_routes = Route.objects.filter(applier__in=users).order_by('-expires')[:10] + if request.user.is_superuser: + group_routes = Route.objects.all().order_by('-expires')[:10] + return render_to_response('dashboard.html', {'routes': group_routes}, + context_instance=RequestContext(request)) + +@login_required +@never_cache def group_routes(request): group_routes = [] try: @@ -95,12 +113,69 @@ def group_routes(request): return render_to_response('user_routes.html', {'routes': group_routes}, context_instance=RequestContext(request)) +@login_required +@never_cache +def group_routes_ajax(request): + group_routes = [] + try: + peer = request.user.get_profile().peer + except UserProfile.DoesNotExist: + error = "User %s does not belong to any peer or organization. It is not possible to create new firewall rules.
Please contact Helpdesk to resolve this issue" % request.user.username + return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) + if peer: + peer_members = UserProfile.objects.filter(peer=peer) + users = [prof.user for prof in peer_members] + group_routes = Route.objects.filter(applier__in=users) + if request.user.is_superuser: + group_routes = Route.objects.all() + jresp = {} + routes = build_routes_json(group_routes) + jresp['aaData'] = routes + return HttpResponse(json.dumps(jresp), mimetype='application/json') + +@login_required +@never_cache +def overview_routes_ajax(request): + group_routes = [] + try: + peer = request.user.get_profile().peer + except UserProfile.DoesNotExist: + error = "User %s does not belong to any peer or organization. It is not possible to create new firewall rules.
Please contact Helpdesk to resolve this issue" % request.user.username + return render_to_response('error.html', {'error': error}, context_instance=RequestContext(request)) + if peer: + peer_members = UserProfile.objects.filter(peer=peer) + users = [prof.user for prof in peer_members] + group_routes = Route.objects.filter(applier__in=users) + if request.user.is_superuser or request.user.has_perm('accounts.overview'): + group_routes = Route.objects.all() + jresp = {} + routes = build_routes_json(group_routes) + jresp['aaData'] = routes + return HttpResponse(json.dumps(jresp), mimetype='application/json') + +def build_routes_json(groutes): + routes = [] + for r in groutes: + rd = {} + rd['id'] = r.pk + rd['name'] = r.name + rd['comments'] = r.comments + rd['match'] = r.get_match() + rd['then'] = r.get_then() + rd['status'] = r.status + rd['applier'] = r.applier.username + rd['expires'] = "%s" %r.expires + rd['response'] = "%s" %r.response + routes.append(rd) + return routes @login_required @never_cache def add_route(request): applier = request.user.pk applier_peer_networks = request.user.get_profile().peer.networks.all() + if request.user.is_superuser: + applier_peer_networks = PeerRange.objects.all() if not applier_peer_networks: messages.add_message(request, messages.WARNING, _("Insufficient rights on administrative networks. Cannot add rule. Contact your administrator")) @@ -354,7 +429,7 @@ def user_login(request): user_activation_notify(user) if user.is_active: login(request, user) - return HttpResponseRedirect(reverse("group-routes")) + return HttpResponseRedirect(reverse("dashboard")) else: error = _("User account %s is pending activation. Administrators have been notified and will activate this account within the next days.
If this account has remained inactive for a long time contact your technical coordinator or GRNET Helpdesk") %user.username return render_to_response('error.html', {'error': error, 'inactive': True}, @@ -478,8 +553,7 @@ def overview(request): if user.is_authenticated(): if user.has_perm('accounts.overview'): users = User.objects.all() - group_routes = Route.objects.all() - return render_to_response('overview/index.html', {'users': users, 'routes': group_routes}, + return render_to_response('overview/index.html', {'users': users}, context_instance=RequestContext(request)) else: violation=True diff --git a/poller/views.py b/poller/views.py index 3ae6d5e..40eff6b 100644 --- a/poller/views.py +++ b/poller/views.py @@ -43,8 +43,8 @@ logger = logging.getLogger(__name__) logger.setLevel(logging.DEBUG) -def create_message(body, user): - data = {'id': str(uuid.uuid4()), 'body': body, 'user':user} +def create_message(message, user, time): + data = {'id': str(uuid.uuid4()), 'body': message, 'user':user, 'time':time} data['html'] = render_to_string('poll_message.html', dictionary={'message': data}) return data @@ -95,7 +95,7 @@ class Msgs(object): message = mesg['message'] user = mesg['username'] now = datetime.datetime.now() - msg = create_message("[%s]: %s"%(now.strftime("%Y-%m-%d %H:%M:%S"),message), user) + msg = create_message(message, user, now.strftime("%Y-%m-%d %H:%M:%S")) try: isinstance(self.user_cache[user], list) except: -- 1.7.10.4