Development
This commit is contained in:
parent
563d82daf3
commit
70ccfe2c29
48 changed files with 549 additions and 578 deletions
|
|
@ -5,10 +5,10 @@ import os
|
|||
import re
|
||||
from pathlib import Path
|
||||
from flask import Blueprint, request, redirect, flash, send_file, abort, jsonify
|
||||
from auth import require_level
|
||||
from config_utils import CONFIGS_DIR, load_config, record_group, diff_fields
|
||||
import auth
|
||||
import config_utils
|
||||
import mod_validation as validate
|
||||
import settings as settings
|
||||
import settings
|
||||
|
||||
_PAGE = Path(__file__).parent.name
|
||||
|
||||
|
|
@ -16,7 +16,7 @@ PRO_LICENSE = settings.is_pro()
|
|||
|
||||
bp = Blueprint(_PAGE, __name__)
|
||||
|
||||
RADIUS_SECRET_FILE = Path(CONFIGS_DIR) / '.radius-secret'
|
||||
RADIUS_SECRET_FILE = Path(config_utils.CONFIGS_DIR) / '.radius-secret'
|
||||
RADIUS_LOG_FILE = '/var/log/freeradius/radius.log'
|
||||
|
||||
VALID_MAC_FORMATS = {
|
||||
|
|
@ -26,7 +26,7 @@ VALID_MAC_FORMATS = {
|
|||
|
||||
|
||||
@bp.route('/action/radius/regenerate', methods=['POST'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def regenerate():
|
||||
try:
|
||||
RADIUS_SECRET_FILE.unlink(missing_ok=True)
|
||||
|
|
@ -38,25 +38,25 @@ def regenerate():
|
|||
|
||||
|
||||
@bp.route('/action/radius/options_save', methods=['POST'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def options_save():
|
||||
mac_format = request.form.get('mac_format', 'aabbccddeeff')
|
||||
if mac_format not in VALID_MAC_FORMATS:
|
||||
flash('Invalid MAC format.', 'error')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
cfg = load_config()
|
||||
cfg = config_utils.load_config()
|
||||
before = copy.deepcopy(cfg.get('radius', {}).get('options', {}))
|
||||
after = {**before, 'mac_format': mac_format}
|
||||
cfg.setdefault('radius', {})['options'] = after
|
||||
|
||||
changes = diff_fields(before, after)
|
||||
flash(record_group(cfg, 'radius.options', 'setting', 'radius', changes, 'core apply'), 'success')
|
||||
changes = config_utils.diff_fields(before, after)
|
||||
flash(config_utils.record_group(cfg, 'radius.options', 'setting', 'radius', changes, 'core apply'), 'success')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
|
||||
@bp.route('/action/radius/auth_mode_save', methods=['POST'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def auth_mode_save():
|
||||
auth_mode = request.form.get('auth_mode', 'mab')
|
||||
if auth_mode not in ('mab', 'eap_password', 'eap_credential'):
|
||||
|
|
@ -78,7 +78,7 @@ def auth_mode_save():
|
|||
'eap_ttls': {'md5', 'mschapv2', 'gtc'},
|
||||
}
|
||||
|
||||
cfg = load_config()
|
||||
cfg = config_utils.load_config()
|
||||
before = copy.deepcopy(cfg.get('radius', {}).get('options', {}))
|
||||
after = {**before, 'auth_mode': auth_mode}
|
||||
if auth_mode == 'eap_password':
|
||||
|
|
@ -104,13 +104,13 @@ def auth_mode_save():
|
|||
after.pop('include_length', None)
|
||||
cfg.setdefault('radius', {})['options'] = after
|
||||
|
||||
changes = diff_fields(before, after)
|
||||
flash(record_group(cfg, 'radius.options', 'auth_mode', auth_mode, changes, 'core apply'), 'success')
|
||||
changes = config_utils.diff_fields(before, after)
|
||||
flash(config_utils.record_group(cfg, 'radius.options', 'auth_mode', auth_mode, changes, 'core apply'), 'success')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
|
||||
@bp.route('/action/radius/default_rule_save', methods=['POST'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def default_rule_save():
|
||||
apply_to = request.form.get('apply_to', 'all')
|
||||
ap_ips = request.form.getlist('ap_ips')
|
||||
|
|
@ -119,7 +119,7 @@ def default_rule_save():
|
|||
flash('Invalid apply_to value.', 'error')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
cfg = load_config()
|
||||
cfg = config_utils.load_config()
|
||||
valid_ips = {
|
||||
r['ip'] for r in cfg.get('dhcp_reservations', [])
|
||||
if r.get('radius_client') is True
|
||||
|
|
@ -134,16 +134,16 @@ def default_rule_save():
|
|||
after = {**before, 'apply_to': apply_to, 'ap_ips': ap_ips}
|
||||
cfg.setdefault('radius', {})['options'] = after
|
||||
|
||||
changes = diff_fields(before, after)
|
||||
flash(record_group(cfg, 'radius.options', 'default_rule', 'radius', changes, 'core apply'), 'success')
|
||||
changes = config_utils.diff_fields(before, after)
|
||||
flash(config_utils.record_group(cfg, 'radius.options', 'default_rule', 'radius', changes, 'core apply'), 'success')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
|
||||
@bp.route('/action/radius/default_vlan_save', methods=['POST'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def default_vlan_save():
|
||||
chosen = request.form.get('default_vlan', '').strip()
|
||||
cfg = load_config()
|
||||
cfg = config_utils.load_config()
|
||||
vlans = cfg.get('vlans', [])
|
||||
|
||||
if chosen and not any(v['name'] == chosen for v in vlans):
|
||||
|
|
@ -154,14 +154,14 @@ def default_vlan_save():
|
|||
for v in vlans:
|
||||
v['radius_default'] = (v['name'] == chosen) if chosen else False
|
||||
|
||||
changes = diff_fields({'radius_default': old_name}, {'radius_default': chosen})
|
||||
flash(record_group(cfg, 'radius', 'default_vlan', chosen or 'none', changes, 'core apply'), 'success')
|
||||
changes = config_utils.diff_fields({'radius_default': old_name}, {'radius_default': chosen})
|
||||
flash(config_utils.record_group(cfg, 'radius', 'default_vlan', chosen or 'none', changes, 'core apply'), 'success')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
|
||||
|
||||
@bp.route('/action/radius/logging_save', methods=['POST'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def logging_save():
|
||||
log_max_kb = validate.int_range(request.form.get('log_max_kb', '').strip(), 64, None)
|
||||
if log_max_kb is None:
|
||||
|
|
@ -169,18 +169,18 @@ def logging_save():
|
|||
return redirect(f'/{_PAGE}')
|
||||
logging = 'logging' in request.form
|
||||
|
||||
cfg = load_config()
|
||||
cfg = config_utils.load_config()
|
||||
before = copy.deepcopy(cfg.get('radius', {}).get('general', {}))
|
||||
after = {'logging': logging, 'log_max_kb': log_max_kb}
|
||||
cfg.setdefault('radius', {})['general'] = after
|
||||
|
||||
changes = diff_fields(before, after)
|
||||
flash(record_group(cfg, 'radius.general', 'setting', 'radius', changes, 'core apply'), 'success')
|
||||
changes = config_utils.diff_fields(before, after)
|
||||
flash(config_utils.record_group(cfg, 'radius.general', 'setting', 'radius', changes, 'core apply'), 'success')
|
||||
return redirect(f'/{_PAGE}')
|
||||
|
||||
|
||||
@bp.route('/action/radius/logging_download', methods=['GET'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def logging_download():
|
||||
log_dir = os.path.dirname(RADIUS_LOG_FILE)
|
||||
chunks = []
|
||||
|
|
@ -228,10 +228,10 @@ def logging_download():
|
|||
|
||||
|
||||
@bp.route('/api/radius/log-tail', methods=['GET'])
|
||||
@require_level('administrator')
|
||||
@auth.require_level('administrator')
|
||||
def api_log_tail():
|
||||
try:
|
||||
cfg = load_config()
|
||||
cfg = config_utils.load_config()
|
||||
log_max_kb = cfg.get('radius', {}).get('general', {}).get('log_max_kb', 1024)
|
||||
|
||||
current = []
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue