uncloud-mravi/uncloud_net/models.py

import uuid
import ipaddress

from django.db import models
from django.contrib.auth import get_user_model
from django.core.validators import MinValueValidator, MaxValueValidator
from django.core.exceptions import FieldError, ValidationError

from uncloud_pay.models import Order

class WireGuardVPNPool(models.Model):
    """
    Network address pools from which VPNs can be created
    """

    network = models.GenericIPAddressField(unique=True)
    network_mask = models.IntegerField(validators=[MinValueValidator(0),
                                                   MaxValueValidator(128)])

    subnetwork_mask = models.IntegerField(validators=[
        MinValueValidator(0),
        MaxValueValidator(128)
    ])

    vpn_server_hostname = models.CharField(max_length=256)
    wireguard_private_key = models.CharField(max_length=48)

class WireGuardVPN(models.Model):
    """
    Created VPNNetworks
    """
    owner = models.ForeignKey(get_user_model(),
            on_delete=models.CASCADE)
    vpnpool = models.ForeignKey(WireGuardVPNPool,
                                 on_delete=models.CASCADE)

    address = models.GenericIPAddressField(primary_key=True)

    wireguard_public_key = models.CharField(max_length=48)


################################################################################

class MACAdress(models.Model):
    default_prefix = 0x420000000000


class ReverseDNSEntry(models.Model):
    """
    A reverse DNS entry
    """
    owner = models.ForeignKey(get_user_model(),
            on_delete=models.CASCADE)

    ip_address = models.GenericIPAddressField(null=False, unique=True)

    name = models.CharField(max_length=253, null=False)

    @property
    def reverse_pointer(self):
        return ipaddress.ip_address(self.ip_address).reverse_pointer

    def implement(self):
        """
        The implement function implements the change
        """

        # Get all DNS entries (?) / update this DNS entry
        # convert to DNS name
        #
        pass


    def save(self, *args, **kwargs):
        # Product.objects.filter(config__parameters__contains='reverse_dns_network')
        # FIXME: check if order is still active / not replaced

        allowed = False
        product = None

        for order in Order.objects.filter(config__parameters__reverse_dns_network__isnull=False,
                             owner=self.owner):
            network = order.config['parameters']['reverse_dns_network']

            net = ipaddress.ip_network(network)
            addr = ipaddress.ip_address(self.ip_address)

            if addr in net:
                allowed = True
                product = order.product
                break


        if not allowed:
            raise ValidationError(f"User {self.owner} does not have the right to create reverse DNS entry for {self.ip_address}")

        super().save(*args, **kwargs)


    def __str__(self):
        return f"{self.ip_address} - {self.name}"
update to work on different computer Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-07 17:45:16 +00:00			`import uuid`
in-between commit 2020-04-11 19:37:36 +00:00			`import ipaddress`
update to work on different computer Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-07 17:45:16 +00:00
++cleanup Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-03-02 06:17:04 +00:00			`from django.db import models`
phase in vpn Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-03 17:27:49 +00:00			`from django.contrib.auth import get_user_model`
			`from django.core.validators import MinValueValidator, MaxValueValidator`
[reverseDNS] add basic logic 2020-10-25 21:43:34 +00:00			`from django.core.exceptions import FieldError, ValidationError`
phase in vpn Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-03 17:27:49 +00:00
[reverseDNS] add basic logic 2020-10-25 21:43:34 +00:00			`from uncloud_pay.models import Order`
[vpn] fix urls 2020-04-06 20:30:01 +00:00
[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`class WireGuardVPNPool(models.Model):`
phase in vpn Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-03 17:27:49 +00:00			`"""`
			`Network address pools from which VPNs can be created`
			`"""`

update to work on different computer Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-07 17:45:16 +00:00			`network = models.GenericIPAddressField(unique=True)`
[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`network_mask = models.IntegerField(validators=[MinValueValidator(0),`
phase in vpn Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-03 17:27:49 +00:00			`MaxValueValidator(128)])`

[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`subnetwork_mask = models.IntegerField(validators=[`
			`MinValueValidator(0),`
			`MaxValueValidator(128)`
			`])`
[vpn] fix urls 2020-04-06 20:30:01 +00:00
[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`vpn_server_hostname = models.CharField(max_length=256)`
[vpn] fix urls 2020-04-06 20:30:01 +00:00			`wireguard_private_key = models.CharField(max_length=48)`

[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`class WireGuardVPN(models.Model):`
			`"""`
			`Created VPNNetworks`
phase in vpn Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-03 17:27:49 +00:00			`"""`
++vpn network 2020-12-13 12:28:43 +00:00			`owner = models.ForeignKey(get_user_model(),`
			`on_delete=models.CASCADE)`
[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`vpnpool = models.ForeignKey(WireGuardVPNPool,`
in between commit Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-08 14:24:39 +00:00			`on_delete=models.CASCADE)`
[vpn] make a vpn creat-able! [15:40] line:~% http -a nicoschottelius:$(pass ungleich.ch/nico.schottelius@ungleich.ch) http://localhost:8000/net/vpn/ network_size=48 wireguard_public_key=$(wg genkey \| wg pubkey) HTTP/1.1 201 Created Allow: GET, POST, HEAD, OPTIONS Content-Length: 206 Content-Type: application/json Date: Sun, 12 Apr 2020 13:40:26 GMT Server: WSGIServer/0.2 CPython/3.7.3 Vary: Accept X-Content-Type-Options: nosniff X-Frame-Options: DENY { "extra_data": null, "network": "2a0a:e5c1:203::", "order": null, "owner": 30, "status": "PENDING", "uuid": "8f977a8f-e06a-4346-94ae-8f525df58b7b", "wireguard_public_key": "JvCuUTZHm9unasJkGsLKN0Bf/hu6ZSIv7dnIGPyJ6xA=" } 2020-04-12 13:40:39 +00:00
update to work on different computer Signed-off-by: Nico Schottelius <nico@nico-notebook.schottelius.org> 2020-04-07 17:45:16 +00:00			`address = models.GenericIPAddressField(primary_key=True)`

[vpn] fix urls 2020-04-06 20:30:01 +00:00			`wireguard_public_key = models.CharField(max_length=48)`
[vpn] update to show reservations, create wireguard config 2020-04-12 20:55:22 +00:00
In between commit 2020-05-07 18:22:42 +00:00
[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`################################################################################`
restructure to move uncloudnetwork into core 2020-10-25 20:00:30 +00:00
[refactor] cleaning up uncloud_net for Wireguardvpn 2020-12-13 10:38:41 +00:00			`class MACAdress(models.Model):`
			`default_prefix = 0x420000000000`
restructure to move uncloudnetwork into core 2020-10-25 20:00:30 +00:00
begin phasing in vpn support [poc] 2020-12-09 19:22:33 +00:00
restructure to move uncloudnetwork into core 2020-10-25 20:00:30 +00:00			`class ReverseDNSEntry(models.Model):`
			`"""`
			`A reverse DNS entry`
			`"""`
			`owner = models.ForeignKey(get_user_model(),`
			`on_delete=models.CASCADE)`

			`ip_address = models.GenericIPAddressField(null=False, unique=True)`

			`name = models.CharField(max_length=253, null=False)`
[reverseDNS] add basic logic 2020-10-25 21:43:34 +00:00
Cleanup code so that most test work again Still need to solve the downgrade test 2020-11-15 14:43:11 +00:00			`@property`
			`def reverse_pointer(self):`
			`return ipaddress.ip_address(self.ip_address).reverse_pointer`

			`def implement(self):`
			`"""`
			`The implement function implements the change`
			`"""`

			`# Get all DNS entries (?) / update this DNS entry`
			`# convert to DNS name`
			`#`
			`pass`


[reverseDNS] add basic logic 2020-10-25 21:43:34 +00:00			`def save(self, args, *kwargs):`
			`# Product.objects.filter(config__parameters__contains='reverse_dns_network')`
			`# FIXME: check if order is still active / not replaced`

			`allowed = False`
Cleanup code so that most test work again Still need to solve the downgrade test 2020-11-15 14:43:11 +00:00			`product = None`
[reverseDNS] add basic logic 2020-10-25 21:43:34 +00:00
			`for order in Order.objects.filter(config__parameters__reverse_dns_network__isnull=False,`
			`owner=self.owner):`
			`network = order.config['parameters']['reverse_dns_network']`

			`net = ipaddress.ip_network(network)`
			`addr = ipaddress.ip_address(self.ip_address)`

			`if addr in net:`
			`allowed = True`
Cleanup code so that most test work again Still need to solve the downgrade test 2020-11-15 14:43:11 +00:00			`product = order.product`
[reverseDNS] add basic logic 2020-10-25 21:43:34 +00:00			`break`


			`if not allowed:`
			`raise ValidationError(f"User {self.owner} does not have the right to create reverse DNS entry for {self.ip_address}")`

			`super().save(args, *kwargs)`


			`def __str__(self):`
			`return f"{self.ip_address} - {self.name}"`