Commit e63b25e0 authored by Janis Streib's avatar Janis Streib 🦉
Browse files

FIX: more places, where macfinder ca verify is needed

parent 2887868c
Pipeline #157731 passed with stages
in 9 minutes and 8 seconds
...@@ -9,6 +9,7 @@ import re ...@@ -9,6 +9,7 @@ import re
import collections import collections
from . import OUI_DB from . import OUI_DB
class MacFinderJob(DBObject): class MacFinderJob(DBObject):
def __init__(self, job_id, mac, vlan, bcd): def __init__(self, job_id, mac, vlan, bcd):
self.job_id = job_id self.job_id = job_id
...@@ -24,7 +25,8 @@ class MacFinderJob(DBObject): ...@@ -24,7 +25,8 @@ class MacFinderJob(DBObject):
if self.finished: if self.finished:
return self.status return self.status
self.status = session.get(app.config.get('MACFINDER_SERVER_URL') + '/status/{}'.format(self.job_id), self.status = session.get(app.config.get('MACFINDER_SERVER_URL') + '/status/{}'.format(self.job_id),
cert=(app.config.get('MACFINDER_CERT'), app.config.get('MACFINDER_KEY')), verify=app.config.get('MACFINDER_CA')).json() cert=(app.config.get('MACFINDER_CERT'), app.config.get('MACFINDER_KEY')),
verify=app.config.get('MACFINDER_CA')).json()
self.finished = self.status['status'] == 'finished' self.finished = self.status['status'] == 'finished'
self.failed = self.status['status'] == 'failed' self.failed = self.status['status'] == 'failed'
if self.finished: if self.finished:
...@@ -43,12 +45,12 @@ def create_job(): ...@@ -43,12 +45,12 @@ def create_job():
vlans = VLAN.get_by_bcd(db, get_db_conn(), request.json['bcd']) vlans = VLAN.get_by_bcd(db, get_db_conn(), request.json['bcd'])
user = request.environ['beaker.session']['login'] user = request.environ['beaker.session']['login']
for vlan in vlans: for vlan in vlans:
if not user.has_permission('nm.macfinder_global'): if not user.has_permission('nm.macfinder_global'):
if user.has_bcd(vlan.bcd): if user.has_bcd(vlan.bcd):
vlan_valid = True
break
else:
vlan_valid = True vlan_valid = True
break
else:
vlan_valid = True
if not vlan_valid: if not vlan_valid:
return jsonify({'success': False, 'error': 'invalid_vlan'}), 404 return jsonify({'success': False, 'error': 'invalid_vlan'}), 404
s = request.environ['beaker.session'] s = request.environ['beaker.session']
...@@ -58,6 +60,7 @@ def create_job(): ...@@ -58,6 +60,7 @@ def create_job():
for vlan in vlans: for vlan in vlans:
resp = requests.post(app.config.get('MACFINDER_SERVER_URL') + '/new_task', resp = requests.post(app.config.get('MACFINDER_SERVER_URL') + '/new_task',
cert=(app.config.get('MACFINDER_CERT'), app.config.get('MACFINDER_KEY')), cert=(app.config.get('MACFINDER_CERT'), app.config.get('MACFINDER_KEY')),
verify=app.config.get('MACFINDER_CA'),
data={'mac': request.json['mac'], 'vlan': vlan.id, 'tag_check': 'y'}) data={'mac': request.json['mac'], 'vlan': vlan.id, 'tag_check': 'y'})
if not resp.ok: if not resp.ok:
return jsonify({'success': False, 'error': 'internal_error'}), 500 return jsonify({'success': False, 'error': 'internal_error'}), 500
...@@ -77,7 +80,8 @@ def jobs(): ...@@ -77,7 +80,8 @@ def jobs():
for id, job in s.get('macfinder_jobs', dict()).items(): for id, job in s.get('macfinder_jobs', dict()).items():
job.poll(session, db, get_db_conn()) job.poll(session, db, get_db_conn())
return jsonify({'jobs': collections.OrderedDict(sorted(s.get('macfinder_jobs', dict()).items(), reverse=True, return jsonify({'jobs': collections.OrderedDict(sorted(s.get('macfinder_jobs', dict()).items(), reverse=True,
key=lambda x: x[1].started))}) key=lambda x: x[1].started))})
@macfinder.route('/poll/<job_id>') @macfinder.route('/poll/<job_id>')
@api_login_required @api_login_required
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment