Fix small issues
diff --git a/xos/core/xoslib/methods/vpnview.py b/xos/core/xoslib/methods/vpnview.py
index 0a9612f..e0fbea0 100644
--- a/xos/core/xoslib/methods/vpnview.py
+++ b/xos/core/xoslib/methods/vpnview.py
@@ -21,32 +21,14 @@
class VPNTenantSerializer(serializers.ModelSerializer, PlusSerializerMixin):
id = ReadOnlyField()
- service_specific_attribute = ReadOnlyField()
server_network = ReadOnlyField()
vpn_subnet = ReadOnlyField()
- is_persistent = ReadOnlyField()
- clients_can_see_each_other = ReadOnlyField()
- ca_crt = ReadOnlyField()
- port_number = ReadOnlyField()
- protocol = ReadOnlyField()
- failover_servers = ReadOnlyField()
- creator = ReadOnlyField()
- instance = ReadOnlyField()
- use_ca_from = ReadOnlyField()
- provider_service = serializers.PrimaryKeyRelatedField(
- queryset=VPNService.get_service_objects().all(),
- default=get_default_vpn_service)
- script_text = serializers.SerializerMethodField(
- "get_script_text")
+ script_text = serializers.SerializerMethodField()
class Meta:
model = VPNTenant
- fields = ('id', 'provider_service', 'use_ca_from',
- 'service_specific_attribute', 'vpn_subnet',
- 'server_network', 'creator', 'instance', 'protocol',
- 'is_persistent',
- 'clients_can_see_each_other', 'ca_crt', 'port_number',
- 'script_text', 'failover_servers')
+ fields = ('id', 'service_specific_attribute', 'vpn_subnet',
+ 'server_network', 'script_text')
def get_script_text(self, obj):
return obj.create_client_script(
diff --git a/xos/services/vpn/admin.py b/xos/services/vpn/admin.py
index f6b31f9..9c76f5d 100644
--- a/xos/services/vpn/admin.py
+++ b/xos/services/vpn/admin.py
@@ -260,10 +260,23 @@
# certificate
if type(obj) is TenantPrivilege:
certificate = self.certificate_name(obj)
- VPNService.execute_easyrsa_command(
- obj.tenant.pki_dir, "revoke " + certificate)
- obj.tenant.enacted = None
- obj.tenant.save()
+ # If the client has already been reovked don't do it again
+ if (os.path.isfile(obj.tenant.pki_dir +
+ "/issued/" + certificate + ".crt")):
+ VPNService.execute_easyrsa_command(
+ obj.tenant.pki_dir, "revoke " + certificate)
+ # Revoking a client cert does not delete any of the files
+ # to make sure that we can add this user again we need to
+ # delete all of the files created by easyrsa
+ os.remove(obj.tenant.pki_dir +
+ "/issued/" + certificate + ".crt")
+ os.remove(obj.tenant.pki_dir +
+ "/private/" + certificate + ".key")
+ os.remove(obj.tenant.pki_dir +
+ "/reqs/" + certificate + ".req")
+
+ obj.tenant.enacted = None
+ obj.tenant.save()
# TODO(jermowery): determine if this is necessary.
# if type(obj) is VPNTenant:
# if the tenant was deleted revoke all certs assoicated
@@ -273,11 +286,14 @@
# If there were any new TenantPrivlege objects then create certs
if type(obj) is TenantPrivilege:
certificate = self.certificate_name(obj)
- VPNService.execute_easyrsa_command(
- obj.tenant.pki_dir,
- "build-client-full " + certificate + " nopass")
- obj.tenant.enacted = None
- obj.tenant.save()
+ # Only add a certificate if ones does not yet exist
+ if (not os.path.isfile(obj.tenant.pki_dir +
+ "/issued/" + certificate + ".crt")):
+ VPNService.execute_easyrsa_command(
+ obj.tenant.pki_dir,
+ "build-client-full " + certificate + " nopass")
+ obj.tenant.enacted = None
+ obj.tenant.save()
# Associate the admin forms with the models.
admin.site.register(VPNService, VPNServiceAdmin)