Fixes include:
- creating ssh access jobs for users with ssh keys
- ensuring vpn access is revoked after booking ends
Creates ssh access jobs with the user's ssh keys, if they exist
Change-Id: Ia2e9f0c5a2f90b45732a5767a62b87a5a5492b94
Signed-off-by: Parker Berberian <pberberian@iol.unh.edu>
def to_dict(self):
d = {}
def to_dict(self):
d = {}
- d['access_type'] = self.access_type
+ d['access_type'] = self.access_type
d['user'] = self.user.id
d['revoke'] = self.revoke
d['user'] = self.user.id
d['revoke'] = self.revoke
- d['context'] = self.context
+ d['context'] = json.loads(self.context)
return d
def get_delta(self):
return d
def get_delta(self):
self.delta = json.dumps(d)
def set_context(self, context):
self.delta = json.dumps(d)
def set_context(self, context):
+ self.context = json.dumps(context)
d = json.loads(self.delta)
d['context'] = context
self.delta = json.dumps(d)
d = json.loads(self.delta)
d['context'] = context
self.delta = json.dumps(d)
+ all_users = list(booking.collaborators.all())
+ all_users.append(booking.owner)
- users=booking.collaborators.all(),
- access_type="vpn",
- revoke=False,
- job=job
- )
- cls.makeAccessConfig(
- users=[booking.owner],
access_type="vpn",
revoke=False,
job=job
)
access_type="vpn",
revoke=False,
job=job
)
+ for user in all_users:
+ try:
+ cls.makeAccessConfig(
+ users=[user],
+ access_type="ssh",
+ revoke=False,
+ job=job,
+ context={
+ "key": user.userprofile.ssh_public_key.read(),
+ "hosts": [host.labid for host in hosts]
+ }
+ )
+ except Exception:
+ continue
@classmethod
def makeHardwareConfigs(cls, hosts=[], job=Job()):
@classmethod
def makeHardwareConfigs(cls, hosts=[], job=Job()):
hardware_config.save()
@classmethod
hardware_config.save()
@classmethod
- def makeAccessConfig(cls, users, access_type, revoke=False, job=Job()):
+ def makeAccessConfig(cls, users, access_type, revoke=False, job=Job(), context=False):
for user in users:
relation = AccessRelation()
relation.job = job
config = AccessConfig()
config.access_type = access_type
config.user = user
for user in users:
relation = AccessRelation()
relation.job = job
config = AccessConfig()
config.access_type = access_type
config.user = user
+ if context:
+ config.set_context(context)
config.save()
relation.config = config
relation.save()
config.save()
relation.config = config
relation.save()
return software_relation
except:
return None
return software_relation
except:
return None
-
- def makeAccess(cls, user, access_type, revoke):
- pass
def cleanup_access(qs):
for relation in qs:
def cleanup_access(qs):
for relation in qs:
+ if "vpn" in relation.config.access_type.lower():
+ relation.config.set_revoke(True)
+ relation.config.save()
+ relation.status = JobStatus.NEW
+ relation.save()
cleanup_set = Booking.objects.filter(end__lte=timezone.now()).filter(job__complete=False)
cleanup_set = Booking.objects.filter(end__lte=timezone.now()).filter(job__complete=False)