summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorParker Berberian <pberberian@iol.unh.edu>2018-10-23 16:11:36 -0400
committerParker Berberian <pberberian@iol.unh.edu>2018-10-24 13:49:35 -0400
commitc1ae226b542f2bd76c692d791c9fe70479617866 (patch)
tree74ee9778784cd1b2ad9c3f60328ffa24b41b73f2
parentd6e337fa62c32155941333fe8fedc28e4f663700 (diff)
Fixes for access creation and removal
Fixes include: - creating ssh access jobs for users with ssh keys - ensuring vpn access is revoked after booking ends Creates ssh access jobs with the user's ssh keys, if they exist Change-Id: Ia2e9f0c5a2f90b45732a5767a62b87a5a5492b94 Signed-off-by: Parker Berberian <pberberian@iol.unh.edu>
-rw-r--r--dashboard/src/api/models.py37
-rw-r--r--dashboard/src/dashboard/tasks.py6
2 files changed, 28 insertions, 15 deletions
diff --git a/dashboard/src/api/models.py b/dashboard/src/api/models.py
index 7448ac4..9afc89a 100644
--- a/dashboard/src/api/models.py
+++ b/dashboard/src/api/models.py
@@ -321,10 +321,10 @@ class AccessConfig(TaskConfig):
def to_dict(self):
d = {}
- d['access_type'] = self.access_type
+ d['access_type'] = self.access_type
d['user'] = self.user.id
d['revoke'] = self.revoke
- d['context'] = self.context
+ d['context'] = json.loads(self.context)
return d
def get_delta(self):
@@ -363,7 +363,7 @@ class AccessConfig(TaskConfig):
self.delta = json.dumps(d)
def set_context(self, context):
- self.context = context
+ self.context = json.dumps(context)
d = json.loads(self.delta)
d['context'] = context
self.delta = json.dumps(d)
@@ -608,18 +608,28 @@ class JobFactory(object):
hosts=hosts,
job=job
)
+ all_users = list(booking.collaborators.all())
+ all_users.append(booking.owner)
cls.makeAccessConfig(
- users=booking.collaborators.all(),
- access_type="vpn",
- revoke=False,
- job=job
- )
- cls.makeAccessConfig(
- users=[booking.owner],
+ users=all_users,
access_type="vpn",
revoke=False,
job=job
)
+ for user in all_users:
+ try:
+ cls.makeAccessConfig(
+ users=[user],
+ access_type="ssh",
+ revoke=False,
+ job=job,
+ context={
+ "key": user.userprofile.ssh_public_key.read(),
+ "hosts": [host.labid for host in hosts]
+ }
+ )
+ except Exception:
+ continue
@classmethod
def makeHardwareConfigs(cls, hosts=[], job=Job()):
@@ -646,13 +656,15 @@ class JobFactory(object):
hardware_config.save()
@classmethod
- def makeAccessConfig(cls, users, access_type, revoke=False, job=Job()):
+ def makeAccessConfig(cls, users, access_type, revoke=False, job=Job(), context=False):
for user in users:
relation = AccessRelation()
relation.job = job
config = AccessConfig()
config.access_type = access_type
config.user = user
+ if context:
+ config.set_context(context)
config.save()
relation.config = config
relation.save()
@@ -709,6 +721,3 @@ class JobFactory(object):
return software_relation
except:
return None
-
- def makeAccess(cls, user, access_type, revoke):
- pass
diff --git a/dashboard/src/dashboard/tasks.py b/dashboard/src/dashboard/tasks.py
index 48008b6..0f7af1c 100644
--- a/dashboard/src/dashboard/tasks.py
+++ b/dashboard/src/dashboard/tasks.py
@@ -73,7 +73,11 @@ def booking_poll():
def cleanup_access(qs):
for relation in qs:
- pass # TODO
+ if "vpn" in relation.config.access_type.lower():
+ relation.config.set_revoke(True)
+ relation.config.save()
+ relation.status = JobStatus.NEW
+ relation.save()
cleanup_set = Booking.objects.filter(end__lte=timezone.now()).filter(job__complete=False)