Server-side filtering vpn
Implements server-side filtering for vpns: - Project->Network->VPN Implements blueprint: server-side-filtering Change-Id: Ie752199a38a91969f9501037708372df3a154b53
This commit is contained in:
jlopezgu
David Lyle
parent
662b4118d3
commit
d0877ccd42
@ -341,18 +341,18 @@ def _ipsecsiteconnection_list(request, expand_ikepolicies=False,
|
|||||||
ipsecsiteconnections = neutronclient(request).list_ipsec_site_connections(
|
ipsecsiteconnections = neutronclient(request).list_ipsec_site_connections(
|
||||||
**kwargs).get('ipsec_site_connections')
|
**kwargs).get('ipsec_site_connections')
|
||||||
if expand_ikepolicies:
|
if expand_ikepolicies:
|
||||||
ikepolicies = _ikepolicy_list(request, **kwargs)
|
ikepolicies = _ikepolicy_list(request)
|
||||||
policy_dict = OrderedDict((p.id, p) for p in ikepolicies)
|
policy_dict = OrderedDict((p.id, p) for p in ikepolicies)
|
||||||
for c in ipsecsiteconnections:
|
for c in ipsecsiteconnections:
|
||||||
c['ikepolicy_name'] = policy_dict.get(c['ikepolicy_id']).name_or_id
|
c['ikepolicy_name'] = policy_dict.get(c['ikepolicy_id']).name_or_id
|
||||||
if expand_ipsecpolicies:
|
if expand_ipsecpolicies:
|
||||||
ipsecpolicies = _ipsecpolicy_list(request, **kwargs)
|
ipsecpolicies = _ipsecpolicy_list(request)
|
||||||
policy_dict = OrderedDict((p.id, p) for p in ipsecpolicies)
|
policy_dict = OrderedDict((p.id, p) for p in ipsecpolicies)
|
||||||
for c in ipsecsiteconnections:
|
for c in ipsecsiteconnections:
|
||||||
c['ipsecpolicy_name'] = policy_dict.get(c['ipsecpolicy_id']
|
c['ipsecpolicy_name'] = policy_dict.get(c['ipsecpolicy_id']
|
||||||
).name_or_id
|
).name_or_id
|
||||||
if expand_vpnservices:
|
if expand_vpnservices:
|
||||||
vpnservices = _vpnservice_list(request, **kwargs)
|
vpnservices = _vpnservice_list(request)
|
||||||
service_dict = OrderedDict((s.id, s) for s in vpnservices)
|
service_dict = OrderedDict((s.id, s) for s in vpnservices)
|
||||||
for c in ipsecsiteconnections:
|
for c in ipsecsiteconnections:
|
||||||
c['vpnservice_name'] = service_dict.get(c['vpnservice_id']
|
c['vpnservice_name'] = service_dict.get(c['vpnservice_id']
|
||||||
|
|||||||
@ -300,6 +300,21 @@ class UpdateIPSecSiteConnectionRow(tables.Row):
|
|||||||
return conn
|
return conn
|
||||||
|
|
||||||
|
|
||||||
|
class IPSSCFilterAction(tables.FilterAction):
|
||||||
|
name = 'IPSSC_project_IKEPolicies'
|
||||||
|
filter_type = 'server'
|
||||||
|
filter_choices = (
|
||||||
|
('name', _("Name ="), True),
|
||||||
|
('vpnservice', _("VPN Service ="), True),
|
||||||
|
('vpnservice_id', _("VPN Service id ="), True),
|
||||||
|
('ikepolicy', _("IKE Policy ="), True),
|
||||||
|
('ikepolicy_id', _("IKE Policy id ="), True),
|
||||||
|
('ipsecpolicy', _("IPSec Policy ="), True),
|
||||||
|
('ipsecpolicy_id', _("IPSec Policy id ="), True),
|
||||||
|
('status', _("Status ="), True)
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class IPSecSiteConnectionsTable(tables.DataTable):
|
class IPSecSiteConnectionsTable(tables.DataTable):
|
||||||
id = tables.Column('id', hidden=True)
|
id = tables.Column('id', hidden=True)
|
||||||
name = tables.Column('name_or_id', verbose_name=_('Name'),
|
name = tables.Column('name_or_id', verbose_name=_('Name'),
|
||||||
@ -324,7 +339,7 @@ class IPSecSiteConnectionsTable(tables.DataTable):
|
|||||||
row_class = UpdateIPSecSiteConnectionRow
|
row_class = UpdateIPSecSiteConnectionRow
|
||||||
table_actions = (AddIPSecSiteConnectionLink,
|
table_actions = (AddIPSecSiteConnectionLink,
|
||||||
DeleteIPSecSiteConnectionLink,
|
DeleteIPSecSiteConnectionLink,
|
||||||
tables.NameFilterAction)
|
IPSSCFilterAction)
|
||||||
row_actions = (UpdateIPSecSiteConnectionLink,
|
row_actions = (UpdateIPSecSiteConnectionLink,
|
||||||
DeleteIPSecSiteConnectionLink)
|
DeleteIPSecSiteConnectionLink)
|
||||||
|
|
||||||
@ -346,6 +361,18 @@ class UpdateVPNServiceRow(tables.Row):
|
|||||||
return vpn
|
return vpn
|
||||||
|
|
||||||
|
|
||||||
|
class VPNServicesFilterAction(tables.FilterAction):
|
||||||
|
name = 'vpnservices_project_IKEPolicies'
|
||||||
|
filter_type = 'server'
|
||||||
|
filter_choices = (
|
||||||
|
('name', _("Name ="), True),
|
||||||
|
('subnet_id', _("Subnet id ="), True),
|
||||||
|
('subnet_name', _("Subnet ="), True),
|
||||||
|
('router_id', _("Router id="), True),
|
||||||
|
('router_name', _("Router ="), True),
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class VPNServicesTable(tables.DataTable):
|
class VPNServicesTable(tables.DataTable):
|
||||||
id = tables.Column('id', hidden=True)
|
id = tables.Column('id', hidden=True)
|
||||||
name = tables.Column("name_or_id", verbose_name=_('Name'),
|
name = tables.Column("name_or_id", verbose_name=_('Name'),
|
||||||
@ -368,10 +395,21 @@ class VPNServicesTable(tables.DataTable):
|
|||||||
row_class = UpdateVPNServiceRow
|
row_class = UpdateVPNServiceRow
|
||||||
table_actions = (AddVPNServiceLink,
|
table_actions = (AddVPNServiceLink,
|
||||||
DeleteVPNServiceLink,
|
DeleteVPNServiceLink,
|
||||||
tables.NameFilterAction)
|
VPNServicesFilterAction)
|
||||||
row_actions = (UpdateVPNServiceLink, DeleteVPNServiceLink)
|
row_actions = (UpdateVPNServiceLink, DeleteVPNServiceLink)
|
||||||
|
|
||||||
|
|
||||||
|
class PoliciesFilterAction(tables.FilterAction):
|
||||||
|
name = 'filter_project_IKEPolicies'
|
||||||
|
filter_type = 'server'
|
||||||
|
filter_choices = (
|
||||||
|
('name', _("Name ="), True),
|
||||||
|
('auth_algorithm', _("Authorization algorithm ="), True),
|
||||||
|
('encryption_algorithm', _("Encryption algorithm ="), True),
|
||||||
|
('pfs', _("PFS ="), True),
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
class IKEPoliciesTable(tables.DataTable):
|
class IKEPoliciesTable(tables.DataTable):
|
||||||
id = tables.Column('id', hidden=True)
|
id = tables.Column('id', hidden=True)
|
||||||
name = tables.Column("name_or_id", verbose_name=_('Name'),
|
name = tables.Column("name_or_id", verbose_name=_('Name'),
|
||||||
@ -389,7 +427,7 @@ class IKEPoliciesTable(tables.DataTable):
|
|||||||
verbose_name = _("IKE Policies")
|
verbose_name = _("IKE Policies")
|
||||||
table_actions = (AddIKEPolicyLink,
|
table_actions = (AddIKEPolicyLink,
|
||||||
DeleteIKEPolicyLink,
|
DeleteIKEPolicyLink,
|
||||||
tables.NameFilterAction)
|
PoliciesFilterAction)
|
||||||
row_actions = (UpdateIKEPolicyLink, DeleteIKEPolicyLink)
|
row_actions = (UpdateIKEPolicyLink, DeleteIKEPolicyLink)
|
||||||
|
|
||||||
|
|
||||||
@ -410,5 +448,5 @@ class IPSecPoliciesTable(tables.DataTable):
|
|||||||
verbose_name = _("IPSec Policies")
|
verbose_name = _("IPSec Policies")
|
||||||
table_actions = (AddIPSecPolicyLink,
|
table_actions = (AddIPSecPolicyLink,
|
||||||
DeleteIPSecPolicyLink,
|
DeleteIPSecPolicyLink,
|
||||||
tables.NameFilterAction)
|
PoliciesFilterAction)
|
||||||
row_actions = (UpdateIPSecPolicyLink, DeleteIPSecPolicyLink)
|
row_actions = (UpdateIPSecPolicyLink, DeleteIPSecPolicyLink)
|
||||||
|
|||||||
@ -15,6 +15,7 @@
|
|||||||
from django.utils.translation import ugettext_lazy as _
|
from django.utils.translation import ugettext_lazy as _
|
||||||
|
|
||||||
from horizon import exceptions
|
from horizon import exceptions
|
||||||
|
from horizon import tables as htables
|
||||||
from horizon import tabs
|
from horizon import tabs
|
||||||
|
|
||||||
from openstack_dashboard import api
|
from openstack_dashboard import api
|
||||||
@ -22,17 +23,37 @@ from openstack_dashboard import api
|
|||||||
from openstack_dashboard.dashboards.project.vpn import tables
|
from openstack_dashboard.dashboards.project.vpn import tables
|
||||||
|
|
||||||
|
|
||||||
class IPSecSiteConnectionsTab(tabs.TableTab):
|
class IPSecSiteConnectionsTab(tabs.TableTab, htables.DataTableView):
|
||||||
table_classes = (tables.IPSecSiteConnectionsTable,)
|
table_classes = (tables.IPSecSiteConnectionsTable,)
|
||||||
name = _("IPSec Site Connections")
|
name = _("IPSec Site Connections")
|
||||||
slug = "ipsecsiteconnections"
|
slug = "ipsecsiteconnections"
|
||||||
template_name = ("horizon/common/_detail_table.html")
|
template_name = ("horizon/common/_detail_table.html")
|
||||||
|
FILTERS_MAPPING = {'admin_state_up': {_("up"): True, _("down"): False}}
|
||||||
|
|
||||||
def get_ipsecsiteconnectionstable_data(self):
|
def get_ipsecsiteconnectionstable_data(self):
|
||||||
try:
|
try:
|
||||||
|
filters = self.get_filters()
|
||||||
tenant_id = self.request.user.tenant_id
|
tenant_id = self.request.user.tenant_id
|
||||||
|
if 'vpnservice' in filters:
|
||||||
|
filters['vpnservice_id'] = \
|
||||||
|
[v.id for v in api.vpn.vpnservice_list(
|
||||||
|
self.tab_group.request, tenant_id=tenant_id,
|
||||||
|
name=filters['vpnservice'])]
|
||||||
|
del filters['vpnservice']
|
||||||
|
if 'ikepolicy' in filters:
|
||||||
|
filters['ikepolicy_id'] = \
|
||||||
|
[i.id for i in api.vpn.ikepolicy_list(
|
||||||
|
self.tab_group.request, tenant_id=tenant_id,
|
||||||
|
name=filters['ikepolicy'])]
|
||||||
|
del filters['ikepolicy']
|
||||||
|
if 'ipsecpolicy' in filters:
|
||||||
|
filters['ipsecpolicy_id'] = \
|
||||||
|
[i.id for i in api.vpn.ipsecpolicy_list(
|
||||||
|
self.tab_group.request, tenant_id=tenant_id,
|
||||||
|
name=filters['ipsecpolicy'])]
|
||||||
|
del filters['ipsecpolicy']
|
||||||
ipsecsiteconnections = api.vpn.ipsecsiteconnection_list(
|
ipsecsiteconnections = api.vpn.ipsecsiteconnection_list(
|
||||||
self.tab_group.request, tenant_id=tenant_id)
|
self.tab_group.request, tenant_id=tenant_id, **filters)
|
||||||
except Exception:
|
except Exception:
|
||||||
ipsecsiteconnections = []
|
ipsecsiteconnections = []
|
||||||
exceptions.handle(
|
exceptions.handle(
|
||||||
@ -40,8 +61,16 @@ class IPSecSiteConnectionsTab(tabs.TableTab):
|
|||||||
_('Unable to retrieve IPSec Site Connections list.'))
|
_('Unable to retrieve IPSec Site Connections list.'))
|
||||||
return ipsecsiteconnections
|
return ipsecsiteconnections
|
||||||
|
|
||||||
|
def get_filters(self):
|
||||||
|
self.table = self._tables['ipsecsiteconnectionstable']
|
||||||
|
self.handle_server_filter(self.request, table=self.table)
|
||||||
|
self.update_server_filter_action(self.request, table=self.table)
|
||||||
|
|
||||||
class VPNServicesTab(tabs.TableTab):
|
return super(IPSecSiteConnectionsTab,
|
||||||
|
self).get_filters(filters_map=self.FILTERS_MAPPING)
|
||||||
|
|
||||||
|
|
||||||
|
class VPNServicesTab(tabs.TableTab, htables.DataTableView):
|
||||||
table_classes = (tables.VPNServicesTable,)
|
table_classes = (tables.VPNServicesTable,)
|
||||||
name = _("VPN Services")
|
name = _("VPN Services")
|
||||||
slug = "vpnservices"
|
slug = "vpnservices"
|
||||||
@ -49,17 +78,42 @@ class VPNServicesTab(tabs.TableTab):
|
|||||||
|
|
||||||
def get_vpnservicestable_data(self):
|
def get_vpnservicestable_data(self):
|
||||||
try:
|
try:
|
||||||
|
filters = self.get_filters()
|
||||||
tenant_id = self.request.user.tenant_id
|
tenant_id = self.request.user.tenant_id
|
||||||
|
if 'subnet_name' in filters:
|
||||||
|
subnets = api.neutron.subnet_list(self.tab_group.request,
|
||||||
|
tenant_id=tenant_id,
|
||||||
|
cidr=filters['subnet_name'])
|
||||||
|
subnets_ids = [n.id for n in subnets]
|
||||||
|
del filters['subnet_name']
|
||||||
|
if not subnets_ids:
|
||||||
|
return []
|
||||||
|
filters['subnet_id'] = subnets_ids
|
||||||
|
if 'router_name' in filters:
|
||||||
|
routers = api.neutron.router_list(self.tab_group.request,
|
||||||
|
tenant_id=tenant_id,
|
||||||
|
name=filters['router_name'])
|
||||||
|
routers_ids = [r.id for r in routers]
|
||||||
|
if not routers:
|
||||||
|
return []
|
||||||
|
filters['router_id'] = routers_ids
|
||||||
vpnservices = api.vpn.vpnservice_list(
|
vpnservices = api.vpn.vpnservice_list(
|
||||||
self.tab_group.request, tenant_id=tenant_id)
|
self.tab_group.request, tenant_id=tenant_id, **filters)
|
||||||
except Exception:
|
except Exception:
|
||||||
vpnservices = []
|
vpnservices = []
|
||||||
exceptions.handle(self.tab_group.request,
|
exceptions.handle(self.tab_group.request,
|
||||||
_('Unable to retrieve VPN Services list.'))
|
_('Unable to retrieve VPN Services list.'))
|
||||||
return vpnservices
|
return vpnservices
|
||||||
|
|
||||||
|
def get_filters(self):
|
||||||
|
self.table = self._tables['vpnservicestable']
|
||||||
|
self.handle_server_filter(self.request, table=self.table)
|
||||||
|
self.update_server_filter_action(self.request, table=self.table)
|
||||||
|
|
||||||
class IKEPoliciesTab(tabs.TableTab):
|
return super(VPNServicesTab, self).get_filters()
|
||||||
|
|
||||||
|
|
||||||
|
class IKEPoliciesTab(tabs.TableTab, htables.DataTableView):
|
||||||
table_classes = (tables.IKEPoliciesTable,)
|
table_classes = (tables.IKEPoliciesTable,)
|
||||||
name = _("IKE Policies")
|
name = _("IKE Policies")
|
||||||
slug = "ikepolicies"
|
slug = "ikepolicies"
|
||||||
@ -67,17 +121,25 @@ class IKEPoliciesTab(tabs.TableTab):
|
|||||||
|
|
||||||
def get_ikepoliciestable_data(self):
|
def get_ikepoliciestable_data(self):
|
||||||
try:
|
try:
|
||||||
|
filters = self.get_filters()
|
||||||
tenant_id = self.request.user.tenant_id
|
tenant_id = self.request.user.tenant_id
|
||||||
ikepolicies = api.vpn.ikepolicy_list(
|
ikepolicies = api.vpn.ikepolicy_list(
|
||||||
self.tab_group.request, tenant_id=tenant_id)
|
self.tab_group.request, tenant_id=tenant_id, **filters)
|
||||||
except Exception:
|
except Exception:
|
||||||
ikepolicies = []
|
ikepolicies = []
|
||||||
exceptions.handle(self.tab_group.request,
|
exceptions.handle(self.tab_group.request,
|
||||||
_('Unable to retrieve IKE Policies list.'))
|
_('Unable to retrieve IKE Policies list.'))
|
||||||
return ikepolicies
|
return ikepolicies
|
||||||
|
|
||||||
|
def get_filters(self):
|
||||||
|
self.table = self._tables['ikepoliciestable']
|
||||||
|
self.handle_server_filter(self.request, table=self.table)
|
||||||
|
self.update_server_filter_action(self.request, table=self.table)
|
||||||
|
|
||||||
class IPSecPoliciesTab(tabs.TableTab):
|
return super(IKEPoliciesTab, self).get_filters()
|
||||||
|
|
||||||
|
|
||||||
|
class IPSecPoliciesTab(tabs.TableTab, htables.DataTableView):
|
||||||
table_classes = (tables.IPSecPoliciesTable,)
|
table_classes = (tables.IPSecPoliciesTable,)
|
||||||
name = _("IPSec Policies")
|
name = _("IPSec Policies")
|
||||||
slug = "ipsecpolicies"
|
slug = "ipsecpolicies"
|
||||||
@ -85,15 +147,23 @@ class IPSecPoliciesTab(tabs.TableTab):
|
|||||||
|
|
||||||
def get_ipsecpoliciestable_data(self):
|
def get_ipsecpoliciestable_data(self):
|
||||||
try:
|
try:
|
||||||
|
filters = self.get_filters()
|
||||||
tenant_id = self.request.user.tenant_id
|
tenant_id = self.request.user.tenant_id
|
||||||
ipsecpolicies = api.vpn.ipsecpolicy_list(
|
ipsecpolicies = api.vpn.ipsecpolicy_list(
|
||||||
self.tab_group.request, tenant_id=tenant_id)
|
self.tab_group.request, tenant_id=tenant_id, **filters)
|
||||||
except Exception:
|
except Exception:
|
||||||
ipsecpolicies = []
|
ipsecpolicies = []
|
||||||
exceptions.handle(self.tab_group.request,
|
exceptions.handle(self.tab_group.request,
|
||||||
_('Unable to retrieve IPSec Policies list.'))
|
_('Unable to retrieve IPSec Policies list.'))
|
||||||
return ipsecpolicies
|
return ipsecpolicies
|
||||||
|
|
||||||
|
def get_filters(self):
|
||||||
|
self.table = self._tables['ipsecpoliciestable']
|
||||||
|
self.handle_server_filter(self.request, table=self.table)
|
||||||
|
self.update_server_filter_action(self.request, table=self.table)
|
||||||
|
|
||||||
|
return super(IPSecPoliciesTab, self).get_filters()
|
||||||
|
|
||||||
|
|
||||||
class VPNTabs(tabs.TabGroup):
|
class VPNTabs(tabs.TabGroup):
|
||||||
slug = "vpntabs"
|
slug = "vpntabs"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user