mirror of
https://github.com/netbox-community/netbox.git
synced 2024-05-10 07:54:54 +00:00
Finished work on secrets views; removed path from cookie assignment
This commit is contained in:
Jeremy Stretch
@ -169,6 +169,9 @@ class GetSessionKeyViewSet(ViewSet):
|
||||
sk = SessionKey(userkey=user_key)
|
||||
sk.save(master_key=master_key)
|
||||
encoded_key = base64.b64encode(sk.key)
|
||||
# b64decode() returns a bytestring under Python 3
|
||||
if not isinstance(encoded_key, str):
|
||||
encoded_key = encoded_key.decode()
|
||||
|
||||
# Craft the response
|
||||
response = Response({
|
||||
@ -177,7 +180,7 @@ class GetSessionKeyViewSet(ViewSet):
|
||||
|
||||
# If token authentication is not in use, assign the session key as a cookie
|
||||
if request.auth is None:
|
||||
response.set_cookie('session_key', value=encoded_key, path=reverse('secrets-api:secret-list'))
|
||||
response.set_cookie('session_key', value=encoded_key)
|
||||
|
||||
return response
|
||||
|
||||
|
||||
@ -79,18 +79,25 @@ def secret_add(request, pk):
|
||||
form = forms.SecretForm(request.POST, instance=secret)
|
||||
if form.is_valid():
|
||||
|
||||
# Retrieve the master key from the current user's UserKey
|
||||
master_key = uk.get_master_key(form.cleaned_data['private_key'])
|
||||
if master_key is None:
|
||||
form.add_error(None, "Invalid private key! Unable to encrypt secret data.")
|
||||
# We need a valid session key in order to create a Secret
|
||||
session_key = base64.b64decode(request.COOKIES.get('session_key', None))
|
||||
if session_key is None:
|
||||
form.add_error(None, "No session key was provided with the request. Unable to encrypt secret data.")
|
||||
|
||||
# Create and encrypt the new Secret
|
||||
else:
|
||||
master_key = None
|
||||
try:
|
||||
sk = SessionKey.objects.get(userkey__user=request.user)
|
||||
master_key = sk.get_master_key(session_key)
|
||||
except SessionKey.DoesNotExist:
|
||||
form.add_error(None, "No session key found for this user.")
|
||||
|
||||
if master_key is not None:
|
||||
secret = form.save(commit=False)
|
||||
secret.plaintext = str(form.cleaned_data['plaintext'])
|
||||
secret.encrypt(master_key)
|
||||
secret.save()
|
||||
|
||||
messages.success(request, u"Added new secret: {}.".format(secret))
|
||||
if '_addanother' in request.POST:
|
||||
return redirect('dcim:device_addsecret', pk=device.pk)
|
||||
@ -118,14 +125,13 @@ def secret_edit(request, pk):
|
||||
if form.is_valid():
|
||||
|
||||
# Re-encrypt the Secret if a plaintext and session key have been provided.
|
||||
session_key = request.COOKIES.get('session_key', None)
|
||||
session_key = base64.b64decode(request.COOKIES.get('session_key', None))
|
||||
if form.cleaned_data['plaintext'] and session_key is not None:
|
||||
|
||||
# Retrieve the master key using the provided session key
|
||||
session_key = base64.b64decode(session_key)
|
||||
master_key = None
|
||||
try:
|
||||
sk = SessionKey.objects.get(user=request.user)
|
||||
sk = SessionKey.objects.get(userkey__user=request.user)
|
||||
master_key = sk.get_master_key(session_key)
|
||||
except SessionKey.DoesNotExist:
|
||||
form.add_error(None, "No session key found for this user.")
|
||||
@ -186,7 +192,7 @@ def secret_import(request):
|
||||
session_key = base64.b64decode(session_key)
|
||||
master_key = None
|
||||
try:
|
||||
sk = SessionKey.objects.get(user=request.user)
|
||||
sk = SessionKey.objects.get(userkey__user=request.user)
|
||||
master_key = sk.get_master_key(session_key)
|
||||
except SessionKey.DoesNotExist:
|
||||
form.add_error(None, "No session key found for this user.")
|
||||
|
||||
@ -149,7 +149,7 @@ class SessionKeyDeleteView(LoginRequiredMixin, View):
|
||||
|
||||
# Delete cookie
|
||||
response = redirect('user:userkey')
|
||||
response.delete_cookie('session_key', path=reverse('secrets-api:secret-list'))
|
||||
response.delete_cookie('session_key')
|
||||
|
||||
return response
|
||||
|
||||
|
||||
Reference in New Issue
Block a user