From 008fc5623e692f57b282a9ee49a3fd2d8c74347e Mon Sep 17 00:00:00 2001 From: Sander Steffann Date: Sun, 26 Jan 2020 16:50:15 +0100 Subject: [PATCH] Full URL for API, more consistent naming, only enabled for staff and better configuration validation --- docs/configuration/optional-settings.md | 12 +++---- netbox/netbox/configuration.example.py | 7 ++-- netbox/netbox/settings.py | 33 +++++++++++++++---- netbox/netbox/views.py | 21 ++++++++++-- netbox/templates/_base.html | 11 +------ netbox/templates/home.html | 12 +++++++ netbox/utilities/context_processors.py | 23 ------------- netbox/utilities/{versions.py => releases.py} | 6 ++-- 8 files changed, 70 insertions(+), 55 deletions(-) rename netbox/utilities/{versions.py => releases.py} (77%) diff --git a/docs/configuration/optional-settings.md b/docs/configuration/optional-settings.md index 36687343a..5a3121960 100644 --- a/docs/configuration/optional-settings.md +++ b/docs/configuration/optional-settings.md @@ -157,19 +157,19 @@ Enforcement of unique IP space can be toggled on a per-VRF basis. To enforce uni --- -## GITHUB_REPOSITORY +## GITHUB_REPOSITORY_API -Default: 'netbox-community/netbox' +Default: 'https://api.github.com/repos/netbox-community/netbox' -The tags of this repository are checked to detect new releases, which are shown in the footer of the web interface. You can change this to your own fork of the NetBox repository, or set it to `None` to disable the check. +The releases of this repository are checked to detect new releases, which are shown on the home page of the web interface. You can change this to your own fork of the NetBox repository, or set it to `None` to disable the check. --- -## GITHUB_VERSION_TIMEOUT +## GITHUB_CACHE_TIMEOUT -Default: 8 * 3600 +Default: 24 * 3600 -The number of seconds to retain the latest version that is fetched from the GitHub API before automatically invalidating it and fetching it from the API again. Set to 0 to disable the version check. +The number of seconds to retain the latest version that is fetched from the GitHub API before automatically invalidating it and fetching it from the API again. This must be set to at least one hour (3600 seconds). --- diff --git a/netbox/netbox/configuration.example.py b/netbox/netbox/configuration.example.py index 63521789a..b24db0f03 100644 --- a/netbox/netbox/configuration.example.py +++ b/netbox/netbox/configuration.example.py @@ -126,11 +126,10 @@ EXEMPT_VIEW_PERMISSIONS = [ # This repository is used to check whether there is a new release of NetBox available. Set to None to disable the # version check. -GITHUB_REPOSITORY = 'netbox-community/netbox' +GITHUB_REPOSITORY_API = 'https://api.github.com/repos/netbox-community/netbox' -# This determines how often the GitHub API is called to check the latest release of NetBox. Set to 0 to disable the -# version check. -GITHUB_VERSION_TIMEOUT = 8 * 3600 +# This determines how often the GitHub API is called to check the latest release of NetBox. Must be at least 1 hour. +GITHUB_CACHE_TIMEOUT = 24 * 3600 # Enable custom logging. Please see the Django documentation for detailed guidance on configuring custom logs: # https://docs.djangoproject.com/en/stable/topics/logging/ diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py index 1e598f85d..43b5428f9 100644 --- a/netbox/netbox/settings.py +++ b/netbox/netbox/settings.py @@ -4,6 +4,7 @@ import platform import re import socket import warnings +from urllib.parse import urlsplit from django.contrib.messages import constants as messages from django.core.exceptions import ImproperlyConfigured @@ -79,8 +80,9 @@ DEVELOPER = getattr(configuration, 'DEVELOPER', False) EMAIL = getattr(configuration, 'EMAIL', {}) ENFORCE_GLOBAL_UNIQUE = getattr(configuration, 'ENFORCE_GLOBAL_UNIQUE', False) EXEMPT_VIEW_PERMISSIONS = getattr(configuration, 'EXEMPT_VIEW_PERMISSIONS', []) -GITHUB_REPOSITORY = getattr(configuration, 'GITHUB_REPOSITORY', 'netbox-community/netbox') -GITHUB_VERSION_TIMEOUT = getattr(configuration, 'GITHUB_VERSION_TIMEOUT', 8 * 3600) +GITHUB_REPOSITORY_API = getattr(configuration, 'GITHUB_REPOSITORY_API', + 'https://api.github.com/repos/netbox-community/netbox') +GITHUB_CACHE_TIMEOUT = getattr(configuration, 'GITHUB_CACHE_TIMEOUT', 24 * 3600) LOGGING = getattr(configuration, 'LOGGING', {}) LOGIN_REQUIRED = getattr(configuration, 'LOGIN_REQUIRED', False) LOGIN_TIMEOUT = getattr(configuration, 'LOGIN_TIMEOUT', None) @@ -295,7 +297,6 @@ TEMPLATES = [ 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', 'utilities.context_processors.settings', - 'utilities.context_processors.latest_version', ], }, }, @@ -307,10 +308,28 @@ AUTHENTICATION_BACKENDS = [ ] # GitHub repository for version check -if GITHUB_REPOSITORY and not re.fullmatch(r'[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+', GITHUB_REPOSITORY): - raise ImproperlyConfigured( - "GITHUB_REPOSITORY must contain the name of a GitHub repository in the form '/'" - ) +if GITHUB_REPOSITORY_API: + GITHUB_REPOSITORY_API = GITHUB_REPOSITORY_API.rstrip('/') + try: + scheme, netloc, path, query, fragment = urlsplit(GITHUB_REPOSITORY_API) + except ValueError: + raise ImproperlyConfigured("GITHUB_REPOSITORY_API must be a valid URL") + + if scheme not in ('http', 'https'): + raise ImproperlyConfigured("GITHUB_REPOSITORY_API must be a valid http:// or https:// URL") + + if not re.fullmatch(r'/repos/[A-Za-z0-9_.-]+/[A-Za-z0-9_.-]+', path): + raise ImproperlyConfigured( + "GITHUB_REPOSITORY must contain the base URL of the GitHub API in a form like " + "'https://api.github.com/repos//'" + ) + + if query or fragment: + raise ImproperlyConfigured("GITHUB_REPOSITORY_API may not contain a query or fragment") + +# Enforce a cache timeout of at least an hour to protect GitHub +if GITHUB_CACHE_TIMEOUT < 3600: + raise ImproperlyConfigured("GITHUB_CACHE_TIMEOUT has to be at least 3600 seconds (1 hour)") # Internationalization LANGUAGE_CODE = 'en-us' diff --git a/netbox/netbox/views.py b/netbox/netbox/views.py index 05bcea90d..9afa9c73a 100644 --- a/netbox/netbox/views.py +++ b/netbox/netbox/views.py @@ -1,8 +1,10 @@ from collections import OrderedDict -from django.db.models import Count, F +from django.conf import settings +from django.db.models import Count, F, OuterRef, Subquery from django.shortcuts import render from django.views.generic import View +from packaging import version from rest_framework.response import Response from rest_framework.reverse import reverse from rest_framework.views import APIView @@ -31,6 +33,7 @@ from secrets.tables import SecretTable from tenancy.filters import TenantFilterSet from tenancy.models import Tenant from tenancy.tables import TenantTable +from utilities.releases import get_latest_release from virtualization.filters import ClusterFilterSet, VirtualMachineFilterSet from virtualization.models import Cluster, VirtualMachine from virtualization.tables import ClusterTable, VirtualMachineDetailTable @@ -240,11 +243,25 @@ class HomeView(View): } + new_release = None + new_release_url = None + + if request.user.is_staff: + # Only check for new releases if the current user might be able to do anything about it + latest_release, github_url = get_latest_release() + if isinstance(latest_release, version.Version): + current_version = version.parse(settings.VERSION) + if latest_release > current_version: + new_release = str(latest_release) + new_release_url = github_url + return render(request, self.template_name, { 'search_form': SearchForm(), 'stats': stats, 'report_results': ReportResult.objects.order_by('-created')[:10], - 'changelog': ObjectChange.objects.prefetch_related('user', 'changed_object_type')[:15] + 'changelog': ObjectChange.objects.prefetch_related('user', 'changed_object_type')[:15], + 'new_release': new_release, + 'new_release_url': new_release_url, }) diff --git a/netbox/templates/_base.html b/netbox/templates/_base.html index cfc2a9cc8..1b7a9da80 100644 --- a/netbox/templates/_base.html +++ b/netbox/templates/_base.html @@ -50,16 +50,7 @@
-

- {{ settings.HOSTNAME }} (v{{ settings.VERSION }}) - {% if latest_version %} - {% if latest_version_url %}{% endif %} - - New version: {{ latest_version }} - - {% if latest_version_url %}{% endif %} - {% endif %} -

+

{{ settings.HOSTNAME }} (v{{ settings.VERSION }})

{% now 'Y-m-d H:i:s T' %}

diff --git a/netbox/templates/home.html b/netbox/templates/home.html index 6977bba4c..ed6ef06d6 100644 --- a/netbox/templates/home.html +++ b/netbox/templates/home.html @@ -1,6 +1,18 @@ {% extends '_base.html' %} {% load helpers %} +{% block header %} + {% if new_release %} + + {% endif %} +{% endblock %} + + {% block content %} {% include 'search_form.html' %}
diff --git a/netbox/utilities/context_processors.py b/netbox/utilities/context_processors.py index 5dadf55da..06c5c8784 100644 --- a/netbox/utilities/context_processors.py +++ b/netbox/utilities/context_processors.py @@ -1,7 +1,4 @@ from django.conf import settings as django_settings -from packaging import version - -from utilities.versions import get_latest_release def settings(request): @@ -11,23 +8,3 @@ def settings(request): return { 'settings': django_settings, } - - -def latest_version(request): - """ - Get the latest version from the GitHub repository - """ - latest_release, github_url = get_latest_release() - - latest_version_str = None - latest_version_url = None - if isinstance(latest_release, version.Version): - current_version = version.parse(django_settings.VERSION) - if latest_release > current_version: - latest_version_str = str(latest_release) - latest_version_url = github_url - - return { - 'latest_version': latest_version_str, - 'latest_version_url': latest_version_url - } diff --git a/netbox/utilities/versions.py b/netbox/utilities/releases.py similarity index 77% rename from netbox/utilities/versions.py rename to netbox/utilities/releases.py index 72341c8f7..6fb422c00 100644 --- a/netbox/utilities/versions.py +++ b/netbox/utilities/releases.py @@ -4,9 +4,9 @@ from django.conf import settings from packaging import version -@cached(timeout=settings.GITHUB_VERSION_TIMEOUT if settings.GITHUB_VERSION_TIMEOUT > 0 else 1) +@cached(timeout=settings.GITHUB_CACHE_TIMEOUT, extra=settings.GITHUB_REPOSITORY_API) def get_releases(pre_releases=False): - url = 'https://api.github.com/repos/{}/releases'.format(settings.GITHUB_REPOSITORY) + url = '{}/releases'.format(settings.GITHUB_REPOSITORY_API) headers = { 'Accept': 'application/vnd.github.v3+json', } @@ -27,7 +27,7 @@ def get_releases(pre_releases=False): def get_latest_release(pre_releases=False): - if settings.GITHUB_VERSION_TIMEOUT > 0 and settings.GITHUB_REPOSITORY: + if settings.GITHUB_REPOSITORY_API: releases = get_releases(pre_releases) if releases: return max(releases)