Merge branch 'AddVPNService' of github.com:jermowery/xos into AddVPNService
diff --git a/xos/core/fixtures/core_initial_data.json b/xos/core/fixtures/core_initial_data.json
index 86658bb..e4f86f9 100644
--- a/xos/core/fixtures/core_initial_data.json
+++ b/xos/core/fixtures/core_initial_data.json
@@ -65,6 +65,34 @@
},
{
"fields": {
+ "updated": "2015-02-17T22:06:38.620Z",
+ "policed": null,
+ "created": "2015-02-17T22:06:38.620Z",
+ "deleted": false,
+ "backend_register": "{}",
+ "role": "admin",
+ "backend_status": "0 - Provisioning in progress",
+ "enacted": null
+ },
+ "model": "core.tenantrole",
+ "pk": 1
+},
+{
+ "fields": {
+ "updated": "2015-02-17T22:06:38.620Z",
+ "policed": null,
+ "created": "2015-02-17T22:06:38.620Z",
+ "deleted": false,
+ "backend_register": "{}",
+ "role": "access",
+ "backend_status": "0 - Provisioning in progress",
+ "enacted": null
+ },
+ "model": "core.tenantrole",
+ "pk": 2
+},
+{
+ "fields": {
"accessControl": "allow all",
"updated": "2015-02-17T22:06:37.789Z",
"policed": null,
diff --git a/xos/core/xoslib/methods/vpnview.py b/xos/core/xoslib/methods/vpnview.py
index bb4544e..f43b7fd 100644
--- a/xos/core/xoslib/methods/vpnview.py
+++ b/xos/core/xoslib/methods/vpnview.py
@@ -1,6 +1,7 @@
+from core.models import TenantPrivilege
from plus import PlusSerializerMixin
from rest_framework import serializers
-from services.vpn.models import VPNService, VPNTenant
+from services.vpn.models import VPNService, VPNTenant, VPN_KIND
from xos.apibase import XOSListCreateAPIView
if hasattr(serializers, "ReadOnlyField"):
@@ -67,12 +68,10 @@
method_name = "vpntenant"
def get_queryset(self):
- queryset = VPNTenant.get_tenant_objects().all()
+ # Get every privilege for this user
+ queryset = TenantPrivilege.objects.all().filter(user=self.request.user)
queryset = [
- tenant
- for tenant in queryset
- if self.request.user.can_update_tenant(tenant,
- ['access', 'Access'])]
+ priv.tenant for priv in queryset if priv.tenant.KIND == VPN_KIND]
for tenant in queryset:
tenant.script_text = (
tenant.create_client_script(
diff --git a/xos/services/vpn/admin.py b/xos/services/vpn/admin.py
index 9f1ceda..f6b31f9 100644
--- a/xos/services/vpn/admin.py
+++ b/xos/services/vpn/admin.py
@@ -181,16 +181,16 @@
self.instance.clients_can_see_each_other = self.cleaned_data.get(
'clients_can_see_each_other')
- self.instance.failover_servers.clear()
+ self.instance.failover_servers[:] = []
for tenant in self.cleaned_data['failover_servers']:
- self.instance.failover_servers.add(tenant)
+ self.instance.failover_servers.append(tenant)
self.instance.protocol = self.cleaned_data.get("protocol")
self.instance.port_number = (
self.instance.provider_service.get_next_available_port(
self.instance.protocol))
- self.instance.use_ca_from.clear()
+ self.instance.use_ca_from[:] = []
self.instance.use_ca_from.append(self.cleaned_data.get('use_ca_from'))
result.save() # Need to do this so that we know the ID
@@ -200,16 +200,16 @@
if (not os.path.isdir(self.instance.pki_dir)):
VPNService.execute_easyrsa_command(
self.instance.pki_dir, "init-pki")
- if (self.instance.use_ca_from):
+ if (self.instance.use_ca_from[0]):
shutil.copy2(
- self.instance.use_ca_from.pki_dir + "/ca.crt",
+ self.instance.use_ca_from[0].pki_dir + "/ca.crt",
self.instance.pki_dir)
else:
VPNService.execute_easyrsa_command(
self.instance.pki_dir, "--req-cn=XOS build-ca nopass")
- elif (self.instance.use_ca_from):
+ elif (self.instance.use_ca_from[0]):
shutil.copy2(
- self.instance.use_ca_from.pki_dir + "/ca.crt",
+ self.instance.use_ca_from[0].pki_dir + "/ca.crt",
self.instance.pki_dir)
result.ca_crt = self.generate_ca_crt()
@@ -262,6 +262,8 @@
certificate = self.certificate_name(obj)
VPNService.execute_easyrsa_command(
obj.tenant.pki_dir, "revoke " + certificate)
+ obj.tenant.enacted = None
+ obj.tenant.save()
# TODO(jermowery): determine if this is necessary.
# if type(obj) is VPNTenant:
# if the tenant was deleted revoke all certs assoicated
@@ -274,6 +276,8 @@
VPNService.execute_easyrsa_command(
obj.tenant.pki_dir,
"build-client-full " + certificate + " nopass")
+ obj.tenant.enacted = None
+ obj.tenant.save()
# Associate the admin forms with the models.
admin.site.register(VPNService, VPNServiceAdmin)
diff --git a/xos/services/vpn/models.py b/xos/services/vpn/models.py
index b4ff12f..6b76575 100644
--- a/xos/services/vpn/models.py
+++ b/xos/services/vpn/models.py
@@ -94,7 +94,7 @@
'script_text': None,
'pki_dir': None,
'use_ca_from': list(),
- 'failover_servers': set(),
+ 'failover_servers': list(),
'protocol': None}
def __init__(self, *args, **kwargs):