From 4f6e3f5069bb682751a5db770e910777fa477b0d Mon Sep 17 00:00:00 2001 From: Parker Berberian Date: Tue, 23 Oct 2018 16:11:36 -0400 Subject: Fixes for access creation and removal Fixes include: - creating ssh access jobs for users with ssh keys - ensuring vpn access is revoked after booking ends Creates ssh access jobs with the user's ssh keys, if they exist Change-Id: Ia2e9f0c5a2f90b45732a5767a62b87a5a5492b94 Signed-off-by: Parker Berberian --- src/api/models.py | 37 +++++++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 14 deletions(-) (limited to 'src/api') diff --git a/src/api/models.py b/src/api/models.py index 7448ac4..9afc89a 100644 --- a/src/api/models.py +++ b/src/api/models.py @@ -321,10 +321,10 @@ class AccessConfig(TaskConfig): def to_dict(self): d = {} - d['access_type'] = self.access_type + d['access_type'] = self.access_type d['user'] = self.user.id d['revoke'] = self.revoke - d['context'] = self.context + d['context'] = json.loads(self.context) return d def get_delta(self): @@ -363,7 +363,7 @@ class AccessConfig(TaskConfig): self.delta = json.dumps(d) def set_context(self, context): - self.context = context + self.context = json.dumps(context) d = json.loads(self.delta) d['context'] = context self.delta = json.dumps(d) @@ -608,18 +608,28 @@ class JobFactory(object): hosts=hosts, job=job ) + all_users = list(booking.collaborators.all()) + all_users.append(booking.owner) cls.makeAccessConfig( - users=booking.collaborators.all(), - access_type="vpn", - revoke=False, - job=job - ) - cls.makeAccessConfig( - users=[booking.owner], + users=all_users, access_type="vpn", revoke=False, job=job ) + for user in all_users: + try: + cls.makeAccessConfig( + users=[user], + access_type="ssh", + revoke=False, + job=job, + context={ + "key": user.userprofile.ssh_public_key.read(), + "hosts": [host.labid for host in hosts] + } + ) + except Exception: + continue @classmethod def makeHardwareConfigs(cls, hosts=[], job=Job()): @@ -646,13 +656,15 @@ class JobFactory(object): hardware_config.save() @classmethod - def makeAccessConfig(cls, users, access_type, revoke=False, job=Job()): + def makeAccessConfig(cls, users, access_type, revoke=False, job=Job(), context=False): for user in users: relation = AccessRelation() relation.job = job config = AccessConfig() config.access_type = access_type config.user = user + if context: + config.set_context(context) config.save() relation.config = config relation.save() @@ -709,6 +721,3 @@ class JobFactory(object): return software_relation except: return None - - def makeAccess(cls, user, access_type, revoke): - pass -- cgit 1.2.3-korg