Skip to content

Commit

Permalink
Merge pull request #1748 from jmbredal/1739_users_should_not_be_able_…
Browse files Browse the repository at this point in the history 
…to_set_trunk_on_port

1739 users should not be able to set trunk on port
  • Loading branch information
John-Magne Bredal committed Aug 6, 2018
2 parents f6e36ce + c78436f commit d130914
Show file tree
Hide file tree
Showing 5 changed files with 131 additions and 102 deletions.
8 changes: 6 additions & 2 deletions etc/portadmin/portadmin.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,10 @@
# timeout = 3
# retries = 3

# Allow trunk edit. If this is set to true, PortAdmin will make it possible to
# create, remove and edit trunks on interfaces.
# trunk_edit = true

[authorization]
# Authorization options

Expand Down Expand Up @@ -56,8 +60,8 @@
#netident = This vlan is not routed.

[ifaliasformat]
#
# Here you enter a regexp that enforces a specific input format on the
#
# Here you enter a regexp that enforces a specific input format on the
# port description. If you do this, we strongly suggest also editing
# the information given to the user (etc/portadmin/aliasformat.html)
#
Expand Down
12 changes: 12 additions & 0 deletions python/nav/web/portadmin/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -336,3 +336,15 @@ def is_cisco(netbox):
:type netbox: manage.Netbox
"""
return netbox.type.get_enterprise_id() == VENDOR_ID_CISCOSYSTEMS


def get_trunk_edit(config):
"""Gets config option for trunk edit
Default is to allow trunk edit
"""
section = 'general'
option = 'trunk_edit'
if config.has_section(section) and config.has_option(section, option):
return config.getboolean(section, option)
return True
7 changes: 5 additions & 2 deletions python/nav/web/portadmin/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@
read_config, is_cisco,
add_dot1x_info,
is_restart_interface_enabled,
is_write_mem_enabled)
is_write_mem_enabled, get_trunk_edit)
from nav.Snmp.errors import SnmpError, TimeOutException
from nav.portadmin.snmputils import SNMPFactory, SNMPHandler
from .forms import SearchForm
Expand Down Expand Up @@ -229,6 +229,7 @@ def populate_infodict(request, netbox, interfaces):
'allowed_vlans': allowed_vlans,
'readonly': readonly,
'aliastemplate': aliastemplate,
'trunk_edit': get_trunk_edit(config),
'auditlog_api_parameters': json.dumps(auditlog_api_parameters)
}
)
Expand Down Expand Up @@ -529,6 +530,7 @@ def response_based_on_result(result):
def render_trunk_edit(request, interfaceid):
"""Controller for rendering trunk edit view"""

config = read_config()
interface = Interface.objects.get(pk=interfaceid)
agent = get_factory(interface.netbox)
if request.method == 'POST':
Expand Down Expand Up @@ -564,7 +566,8 @@ def render_trunk_edit(request, interfaceid):
context = get_base_context(extra_path)
context.update({'interface': interface, 'available_vlans': vlans,
'native_vlan': native_vlan, 'trunked_vlans': trunked_vlans,
'allowed_vlans': allowed_vlans})
'allowed_vlans': allowed_vlans,
'trunk_edit': get_trunk_edit(config)})

return render_to_response('portadmin/trunk_edit.html',
context,
Expand Down
18 changes: 12 additions & 6 deletions templates/portadmin/portlist.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,9 +83,13 @@
{# Vlan / Trunk #}
<div class="medium-2 small-4 column">
{% if interface.trunk and not interface.voice_activated %}
<a href="{% url 'portadmin-render-trunk-edit' interface.id %}">
{% if trunk_edit %}
<a href="{% url 'portadmin-render-trunk-edit' interface.id %}">
Trunk
</a>
{% else %}
Trunk
</a>
{% endif %}
{% else %}
{% if interface.iseditable %}
{% if interface.detained %}
Expand All @@ -105,10 +109,12 @@
</option>
{% endif %}
{% endfor %}
<option value="trunk"
data-url="{% url 'portadmin-render-trunk-edit' interface.id %}">
Trunk
</option>
{% if trunk_edit %}
<option value="trunk"
data-url="{% url 'portadmin-render-trunk-edit' interface.id %}">
Trunk
</option>
{% endif %}
</select>
</form>
{% endif %}
Expand Down
188 changes: 96 additions & 92 deletions templates/portadmin/trunk_edit.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,100 +2,104 @@

{% block page_content %}

{% if interface %}

<p>
<a href="{% url 'portadmin-sysname' interface.netbox.sysname %}"
title="Go back">
Back to {{ interface.netbox.sysname }}
</a>
</p>

<div>
<h3>Interface {{ interface }}</h3>

<form action="" method="post">
<table id="portadmin-trunktable" class="listtable highlightover">
<caption>Configure trunk</caption>
<thead>
<tr>
<th>Vlan</th>
<th>Description</th>
<th>Net Ident</th>
<th>Native</th>
<th>Trunked <input type="checkbox" class="toggle-all"/></th>
</tr>
</thead>

<tbody>
{% for vlan in available_vlans %}
<tr data-vlan="{{ vlan.vlan }}">
<td>{{ vlan.vlan }}</td>
<td>{{ vlan.descr|default_if_none:"" }}</td>
<td>{{ vlan.net_ident|default_if_none:"" }}</td>

{% comment %}
Users are only allowed to set vlans that is related to their organization.
We set the fields to disabled if they should not be able to change the.

As checkboxes and radio buttons does not provide their values to POST
requests when they are disabled, we need to provide a hidden field to submit the
values on the request.
{% endcomment %}

<td class="text-center">
{% if vlan in allowed_vlans %}
<input type="radio" name="native_vlan" value="{{ vlan.vlan }}" {% if vlan.vlan == native_vlan %}checked{% endif %}>
{% else %}
<input type="radio"
name="native_vlan"
value="{{ vlan.vlan }}"
{% if vlan.vlan == native_vlan %}checked{% endif %}
disabled="disabled">
{% if vlan.vlan == native_vlan %}
<input type="hidden" name="native_vlan" value="{{ vlan.vlan }}">
{% endif %}
{% endif %}
</td>

{% comment %}Checkbox for tagging this vlan on this interface{% endcomment %}
<td class="text-center">
{% if vlan in allowed_vlans %}
<input type="checkbox" name="trunk_vlans" value="{{ vlan.vlan }}" {% if vlan.vlan in trunked_vlans %}checked{% endif %}>
{% else %}
<input type="checkbox"
name="trunk_vlans"
value="{{ vlan.vlan }}"
{% if vlan.vlan in trunked_vlans %}checked{% endif %}
disabled="disabled">
{% if vlan.vlan in trunked_vlans %}
<input type="hidden" name="trunk_vlans" value="{{ vlan.vlan }}">
{% endif %}
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
<input type="submit"
value="Save changes"
class="button small"
{% if not interface.netbox.read_write %}disabled="disabled"{% endif %}>
</form>

</div>

<p>
<a href="{% url 'portadmin-sysname' interface.netbox.sysname %}"
title="Go back">
Back to {{ interface.netbox.sysname }}
</a>
</p>


{% if interface and trunk_edit %}

<p>
<a href="{% url 'portadmin-sysname' interface.netbox.sysname %}"
title="Go back">
Back to {{ interface.netbox.sysname }}
</a>
</p>

<div>
<h3>Interface {{ interface }}</h3>

<form action="" method="post">
<table id="portadmin-trunktable" class="listtable highlightover">
<caption>Configure trunk</caption>
<thead>
<tr>
<th>Vlan</th>
<th>Description</th>
<th>Net Ident</th>
<th>Native</th>
<th>Trunked <input type="checkbox" class="toggle-all"/></th>
</tr>
</thead>

<tbody>
{% for vlan in available_vlans %}
<tr data-vlan="{{ vlan.vlan }}">
<td>{{ vlan.vlan }}</td>
<td>{{ vlan.descr|default_if_none:"" }}</td>
<td>{{ vlan.net_ident|default_if_none:"" }}</td>

{% comment %}
Users are only allowed to set vlans that is related to their organization.
We set the fields to disabled if they should not be able to change the.

As checkboxes and radio buttons does not provide their values to POST
requests when they are disabled, we need to provide a hidden field to submit the
values on the request.
{% endcomment %}

<td class="text-center">
{% if vlan in allowed_vlans %}
<input type="radio" name="native_vlan" value="{{ vlan.vlan }}" {% if vlan.vlan == native_vlan %}checked{% endif %}>
{% else %}
<input type="radio"
name="native_vlan"
value="{{ vlan.vlan }}"
{% if vlan.vlan == native_vlan %}checked{% endif %}
disabled="disabled">
{% if vlan.vlan == native_vlan %}
<input type="hidden" name="native_vlan" value="{{ vlan.vlan }}">
{% endif %}
{% endif %}
</td>

{% comment %}Checkbox for tagging this vlan on this interface{% endcomment %}
<td class="text-center">
{% if vlan in allowed_vlans %}
<input type="checkbox" name="trunk_vlans" value="{{ vlan.vlan }}" {% if vlan.vlan in trunked_vlans %}checked{% endif %}>
{% else %}
<input type="checkbox"
name="trunk_vlans"
value="{{ vlan.vlan }}"
{% if vlan.vlan in trunked_vlans %}checked{% endif %}
disabled="disabled">
{% if vlan.vlan in trunked_vlans %}
<input type="hidden" name="trunk_vlans" value="{{ vlan.vlan }}">
{% endif %}
{% endif %}
</td>
</tr>
{% endfor %}
</tbody>
</table>
<input type="submit"
value="Save changes"
class="button small"
{% if not interface.netbox.read_write %}disabled="disabled"{% endif %}>
</form>

</div>

<p>
<a href="{% url 'portadmin-sysname' interface.netbox.sysname %}"
title="Go back">
Back to {{ interface.netbox.sysname }}
</a>
</p>


{% else %}
{% if not trunk_edit %}
<div class="alert-box info">Trunk editing is disabled</div>
{% else %}
<p class="error">This interface does not exist</p>
<p class="error">This interface does not exist</p>
{% endif %}
{% endif %}


{% endblock %}

0 comments on commit d130914

Please sign in to comment.