mgrotke/linuxrouter
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Development

Browse source
This commit is contained in:
Matthew Grotke 2026-06-06 23:57:08 -04:00
parent a4eb431f22
commit 563d82daf3
3 changed files with 26 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

23
docker/routlin-dash/app/pages/clientcredentials/action.py
View file

@ -6,9 +6,9 @@ from pathlib import Path
import bcrypt import bcrypt
from flask import Blueprint, request, redirect, flash from flask import Blueprint, request, redirect, flash
from auth import require_level from auth import require_level
from config_utils import CREDENTIALS_DB import config_utils
import sanitize import sanitize
import settings as settings import settings
_PAGE = 'clientcredentials' _PAGE = 'clientcredentials'
PRO_LICENSE = settings.is_pro() PRO_LICENSE = settings.is_pro()
@ -38,7 +38,7 @@ COMPATIBLE_HASHES = {
# =================================================================== # ===================================================================
def _db_conn(): def _db_conn():
conn = sqlite3.connect(CREDENTIALS_DB) conn = sqlite3.connect(config_utils.CREDENTIALS_DB)
conn.row_factory = sqlite3.Row conn.row_factory = sqlite3.Row
conn.execute("PRAGMA foreign_keys = ON") conn.execute("PRAGMA foreign_keys = ON")
conn.execute(""" conn.execute("""
@ -159,9 +159,20 @@ def addedit():
flash('Selected hash type is not compatible with the selected user type.', 'error') flash('Selected hash type is not compatible with the selected user type.', 'error')
return redirect(f'/{_PAGE}') return redirect(f'/{_PAGE}')
vlan = sanitize.name(request.form.get('vlan', '')) if user_type == USER_TYPE_SUPPLICANT else '' vlan = sanitize.name(request.form.get('vlan', ''))
if user_type == USER_TYPE_SUPPLICANT and not vlan: if not vlan:
flash('VLAN is required for 802.1X supplicant credentials.', 'error') flash('VLAN is required.', 'error')
return redirect(f'/{_PAGE}')
cfg = config_utils.load_config()
vlans_by_name = {v['name']: v for v in cfg.get('vlans', [])}
if vlan not in vlans_by_name:
flash('Selected VLAN does not exist.', 'error')
return redirect(f'/{_PAGE}')
if user_type == USER_TYPE_CAPTIVE and vlans_by_name[vlan].get('restricted_vlan') != 'c':
flash('Captive portal credentials must be assigned to a captive portal VLAN.', 'error')
return redirect(f'/{_PAGE}')
if user_type == USER_TYPE_SUPPLICANT and vlans_by_name[vlan].get('is_vpn'):
flash('802.1X credentials cannot be assigned to a VPN VLAN.', 'error')
return redirect(f'/{_PAGE}') return redirect(f'/{_PAGE}')
enabled = 'enabled' in request.form enabled = 'enabled' in request.form

4
docker/routlin-dash/app/pages/clientcredentials/content.json
View file

@ -148,6 +148,10 @@
} }
] ]
}, },
{
"type": "raw_html",
"html": "<script id=\"captive-vlan-data\" type=\"application/json\">%CAPTIVE_VLAN_OPTIONS%</script>"
},
{ {
"type": "field", "type": "field",
"label": "VLAN", "label": "VLAN",

5
docker/routlin-dash/app/pages/clientcredentials/view.py
View file

@ -76,6 +76,11 @@ def collect_tokens(cfg):
[{'value': '', 'label': '— Select VLAN —'}] + [{'value': '', 'label': '— Select VLAN —'}] +
[{'value': v['name'], 'label': f"{v['name']} (VLAN {v['vlan_id']})"} for v in vlans] [{'value': v['name'], 'label': f"{v['name']} (VLAN {v['vlan_id']})"} for v in vlans]
) )
captive_vlans = [v for v in cfg.get('vlans', []) if v.get('restricted_vlan') == 'c']
tokens['CAPTIVE_VLAN_OPTIONS'] = json.dumps(
[{'value': '', 'label': '— Select VLAN —'}] +
[{'value': v['name'], 'label': f"{v['name']} (VLAN {v['vlan_id']})"} for v in captive_vlans]
)
raw_rows = _load_credentials() raw_rows = _load_credentials()
display_rows = [] display_rows = []