-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[fix] Validate organization membership when importing subnets #77 #97
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The CSV file format in the README needs to be updated as well.
openwisp_ipam/admin.py
Outdated
@@ -145,6 +161,11 @@ def import_view(self, request): | |||
return redirect('/admin/{0}/subnet'.format(self.app_label)) | |||
return render(request, form_template, context) | |||
|
|||
def get_csv_organization(self, request): | |||
data = Subnet._get_csv_reader(self, deepcopy(request.FILES['csvfile'])) | |||
org = Organization.objects.get(name=list(data)[2][0].strip()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The name of the organization is not unique. We can use organization slug
or secret
instead.
But this is not the only such occurrence, I will open a separate issue for this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So should I leave it here, and take care of this separately in #99?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@purhan sorry I forgot to reply! Definitely change this one here, since we're adding it, there's no reason to keep adding it in the wrong way 😊
Please could you ping me when ready so I don't forget? Thanks!
a83d1d0
to
0f76ca9
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The solutions works! Please see below for requests for improvements and then we should be done with this 👍
openwisp_ipam/admin.py
Outdated
@@ -145,6 +161,11 @@ def import_view(self, request): | |||
return redirect('/admin/{0}/subnet'.format(self.app_label)) | |||
return render(request, form_template, context) | |||
|
|||
def get_csv_organization(self, request): | |||
data = Subnet._get_csv_reader(self, deepcopy(request.FILES['csvfile'])) | |||
org = Organization.objects.get(name=list(data)[2][0].strip()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
openwisp_ipam/admin.py
Outdated
@@ -145,6 +161,11 @@ def import_view(self, request): | |||
return redirect('/admin/{0}/subnet'.format(self.app_label)) | |||
return render(request, form_template, context) | |||
|
|||
def get_csv_organization(self, request): | |||
data = Subnet._get_csv_reader(self, deepcopy(request.FILES['csvfile'])) | |||
org = Organization.objects.get(name=list(data)[2][0].strip()) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@purhan sorry I forgot to reply! Definitely change this one here, since we're adding it, there's no reason to keep adding it in the wrong way 😊
Please could you ping me when ready so I don't forget? Thanks!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a conflict in requirements.txt, could you please fix it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@purhan the build failure should be fixed in the latest master, can you merge again? For some reason the button to merge does not appear to me.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I renamed the PR name to make it clearer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we also ensuring that when exporting a subnet, the user exporting has access to that organization?
There's a few pending changes requested below.
openwisp_ipam/api/utils.py
Outdated
organization = self.get_csv_organization() | ||
if str(organization.pk) in self.get_user_organizations(): | ||
organization = self.get_csv_organization(request) | ||
if str(organization.pk) in self.get_user_organizations(request): | ||
return |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the code in this file could be simplified and moved directly to the view which inherits this class, since it seems to me is only used in one place.
The code below which checks permission to create an org should not be relevant anymore and can be removed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It is used in two places:
openwisp_ipam/api/views.py
openwisp_ipam/admin.py
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah ok didn't see it was used in admin.py, let's leave it here, but please double check if the code below which checks permission to create an org still makes sense.
09bda63
to
921582f
Compare
921582f
to
7d51798
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks! 👍
Closes #77