Browse Source

Confined configuration pages to subnet

master
Thomas Johnson 2 years ago
parent
commit
ab0ea312dd
  1. 35
      pluto.py

35
pluto.py

@ -13,6 +13,9 @@ def init_globals():
for cls in type.__subclasses__(DBObject):
setattr(g, cls.__name__, cls)
def ip_okay(ip):
return ip.startswith("128.153.144.") or ip.startswith("128.153.145.") or ip.startswith("128.153.146.")
app.jinja_env.filters['ctime'] = time.ctime
app.jinja_env.filters['jloads'] = jloads
app.jinja_env.filters['hloads'] = header_loads
@ -25,6 +28,8 @@ def error_404(error):
@app.route('/')
def root():
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
return render_template('index.html')
@app.route('/hook', methods=['GET', 'POST'])
@ -37,20 +42,28 @@ def hook():
@app.route('/logs')
def logs():
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
n = request.values.get('n', 10)
return render_template('logs.html', logs=Log.most_recent(n), n=n)
@app.route('/debuglogs', methods=['GET', 'POST'])
def debuglogs():
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
n = request.values.get('n', 10)
return render_template('debuglogs.html', logs=DebugLog.most_recent(n), n=n)
@app.route('/hooks')
def hooks():
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
return render_template('hooks.html', hooks=Hook.all())
@app.route('/hooks/new', methods=['GET', 'POST'])
def hooks_new():
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
if request.method == 'POST':
hook = Hook.create(
request.values['name'], None, # FIXME no author yet
@ -62,6 +75,8 @@ def hooks_new():
@app.route('/hook/<int:hookid>')
def hook_obj(hookid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
hook = Hook.get_one(rowid=hookid)
except NoSuchEntity:
@ -72,6 +87,8 @@ def hook_obj(hookid):
@app.route('/hook/<int:hookid>/edit', methods=['GET', 'POST'])
def hook_edit(hookid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
hook = Hook.get_one(rowid=hookid)
except NoSuchEntity:
@ -88,6 +105,8 @@ def hook_edit(hookid):
@app.route('/hook/<int:hookid>/newcond', methods=['GET', 'POST'])
def hook_new_cond(hookid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
hook = Hook.get_one(rowid=hookid)
except NoSuchEntity:
@ -106,6 +125,8 @@ def hook_new_cond(hookid):
@app.route('/hook/<int:hookid>/newact', methods=['GET', 'POST'])
def hook_new_act(hookid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
hook = Hook.get_one(rowid=hookid)
except NoSuchEntity:
@ -122,6 +143,8 @@ def hook_new_act(hookid):
@app.route('/hook/<int:hookid>/delete', methods=['GET', 'POST'])
def hook_delete(hookid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
hook = Hook.get_one(rowid=hookid)
except NoSuchEntity:
@ -135,6 +158,8 @@ def hook_delete(hookid):
@app.route('/cond/<int:condid>')
def cond_obj(condid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
cond = Condition.get_one(rowid=condid)
except NoSuchEntity:
@ -145,6 +170,8 @@ def cond_obj(condid):
@app.route('/cond/<int:condid>/edit', methods=['GET', 'POST'])
def cond_edit(condid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
cond = Condition.get_one(rowid=condid)
except NoSuchEntity:
@ -167,6 +194,8 @@ def cond_edit(condid):
@app.route('/cond/<int:condid>/delete', methods=['GET', 'POST'])
def cond_delete(condid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
cond = Condition.get_one(rowid=condid)
except NoSuchEntity:
@ -180,6 +209,8 @@ def cond_delete(condid):
@app.route('/act/<int:actid>')
def act_obj(actid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
act = Action.get_one(rowid=actid)
except NoSuchEntity:
@ -190,6 +221,8 @@ def act_obj(actid):
@app.route('/act/<int:actid>/edit', methods=['GET', 'POST'])
def act_edit(actid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
act = Action.get_one(rowid=actid)
except NoSuchEntity:
@ -207,6 +240,8 @@ def act_edit(actid):
@app.route('/act/<int:actid>/delete', methods=['GET', 'POST'])
def act_delete(actid):
if not ip_okay(request.remote_addr):
return render_template('404.html', entity='page'), 404
try:
act = Action.get_one(rowid=actid)
except NoSuchEntity:

Loading…
Cancel
Save