-
Notifications
You must be signed in to change notification settings - Fork 39
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate IP addresses in alert profiles #2649
Closed
johannaengland
wants to merge
8
commits into
Uninett:5.6.x
from
johannaengland:bug/ip-validation-alert-profiles
Closed
Changes from all commits
Commits
Show all changes
8 commits
Select commit
Hold shift + click to select a range
2b2de72
Add validation for IP addresses in alert profiles
johannaengland 3b9f306
Add tests for adding expression to filters
johannaengland 6624ce6
Fix typo
johannaengland 3f01e75
Fix more typos
johannaengland 6a5e81c
Use form to validate expressions in alert profiles
johannaengland 20aec08
Merge remote-tracking branch 'upstream/5.6.x' into bug/ip-validation-…
johannaengland 9adf492
Add tests for IN operator for IP addresses
johannaengland ba54047
Added test for saving expression of alert types
johannaengland File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,7 +24,7 @@ | |
# TODO Filter/filter_groups have owners, check that the account that performs | ||
# the operation is the owner | ||
|
||
from django.http import HttpResponseRedirect | ||
from django.http import HttpResponseRedirect, QueryDict | ||
from django.core.exceptions import ObjectDoesNotExist | ||
from django.db.models import Q | ||
from django.shortcuts import render | ||
|
@@ -1513,7 +1513,7 @@ def filter_remove(request): | |
|
||
@requires_post('alertprofiles-filters', ('id', 'matchfield')) | ||
def filter_addexpression(request): | ||
"""Shows the form to add en expression to a filter""" | ||
"""Shows the form to add an expression to a filter""" | ||
try: | ||
filtr = Filter.objects.get(pk=request.POST.get('id')) | ||
except Filter.DoesNotExist: | ||
|
@@ -1563,40 +1563,37 @@ def filter_addexpression(request): | |
@requires_post('alertprofiles-filters') | ||
def filter_saveexpression(request): | ||
"""Saves an expression to a filter""" | ||
# Get the MatchField, Filter and Operator objects associated with the | ||
# input POST-data | ||
filtr = Filter.objects.get(pk=request.POST.get('filter')) | ||
type_ = request.POST.get('operator') | ||
match_field = MatchField.objects.get(pk=request.POST.get('match_field')) | ||
operator = Operator.objects.get(type=type_, match_field=match_field.pk) | ||
if request.POST.get('id'): | ||
existing_expression = Expression.objects.get(pk=request.POST.get('id')) | ||
form = ExpressionForm(request.POST, instance=existing_expression) | ||
else: | ||
form = ExpressionForm(request.POST) | ||
|
||
if not form.is_valid(): | ||
dictionary = { | ||
'id': str(form.cleaned_data["filter"].pk), | ||
'matchfield': str(form.cleaned_data["match_field"].pk), | ||
} | ||
qdict = QueryDict("", mutable=True) | ||
qdict.update(dictionary) | ||
request.POST = qdict | ||
new_message( | ||
request, | ||
form.errors, | ||
Messages.ERROR, | ||
) | ||
|
||
return filter_addexpression(request=request) | ||
|
||
filtr = form.cleaned_data['filter'] | ||
|
||
if not account_owns_filters(get_account(request), filtr): | ||
return alertprofiles_response_forbidden( | ||
request, _('You do not own this filter.') | ||
) | ||
|
||
# Get the value | ||
if operator.type == Operator.IN: | ||
# If input was a multiple choice list we have to join each option | ||
# in one string, where each option is separated by a | (pipe). | ||
# If input was a IP adress we should replace space with | (pipe). | ||
# FIXME We might want some data checks here | ||
if match_field.data_type == MatchField.IP: | ||
# FIXME We might want to check that it is a valid IP adress. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Haha, I love the fact that there was a FIXME comment here from before 😆 |
||
# If we do so, we need to remember both IPv4 and IPv6 | ||
value = request.POST.get('value').replace(' ', '|') | ||
else: | ||
value = "|".join([value for value in request.POST.getlist('value')]) | ||
else: | ||
value = request.POST.get('value') | ||
form.save() | ||
|
||
expression = Expression( | ||
filter=filtr, | ||
match_field=match_field, | ||
operator=operator.type, | ||
value=value, | ||
) | ||
expression.save() | ||
new_message( | ||
request, | ||
_('Added expression to filter %(name)s') % {'name': filtr.name}, | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually, I would advise against using
IPy.IP
for validation of strings, precisely because this library is extremely lenient in what is considered acceptable as input.Case in point:
Please consider using
nav.utils.is_valid_ip()
instead (possibly with thestrict
flag set).