mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-01-21 07:55:00 +00:00
253540fb3d
Closes: #2276. Functionality all over the system keeps failing due this approach. The latest is changing hostname in ejabberd Mnesia database fails (#2276). Further, users connecting FreedomBox to a monitor can't use a GUI. Tests: - Without patches, enable restricted access. Apply patches and setup.py install. Security app is updated. Restricted access is disabled and /etc/security/access.d/{50freedombox.conf, 10freedombox-security.conf, 10freedombox-performance.conf} are removed. It is possible to login into non-admin account via SSH. - On a fresh install, the configuration files are not found. - Security page does not show 'restrict console logins' option. - Updating security app setting works. Message 'Configuration updated.' is shown. - First boot succeeds. Restrict console login is not enabled. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
71 lines
2.2 KiB
Python
71 lines
2.2 KiB
Python
# SPDX-License-Identifier: AGPL-3.0-or-later
|
|
"""Views for security module."""
|
|
|
|
from django.contrib import messages
|
|
from django.template.response import TemplateResponse
|
|
from django.utils.translation import gettext as _
|
|
|
|
from plinth import action_utils
|
|
from plinth.modules import security
|
|
from plinth.modules.upgrades import is_backports_requested
|
|
from plinth.privileged import service as service_privileged
|
|
from plinth.views import AppView
|
|
|
|
from .forms import SecurityForm
|
|
|
|
|
|
class SecurityAppView(AppView):
|
|
"""Show security app main page."""
|
|
|
|
app_id = 'security'
|
|
template_name = 'security.html'
|
|
form_class = SecurityForm
|
|
prefix = 'security'
|
|
|
|
def get_initial(self):
|
|
"""Return the values to fill in the form."""
|
|
initial = super().get_initial()
|
|
initial.update(get_status(self.request))
|
|
return initial
|
|
|
|
def get_context_data(self, *args, **kwargs):
|
|
"""Add additional context data for template."""
|
|
context = super().get_context_data(*args, **kwargs)
|
|
context['is_backports_requested'] = is_backports_requested()
|
|
return context
|
|
|
|
def form_valid(self, form):
|
|
"""Apply the changes submitted in the form."""
|
|
_apply_changes(self.request, form.initial, form.cleaned_data)
|
|
return super().form_valid(form)
|
|
|
|
|
|
def get_status(request):
|
|
"""Return the current status."""
|
|
return {'fail2ban_enabled': action_utils.service_is_enabled('fail2ban')}
|
|
|
|
|
|
def _apply_changes(request, old_status, new_status):
|
|
"""Apply the form changes."""
|
|
if old_status['fail2ban_enabled'] != new_status['fail2ban_enabled']:
|
|
if new_status['fail2ban_enabled']:
|
|
service_privileged.enable('fail2ban')
|
|
else:
|
|
service_privileged.disable('fail2ban')
|
|
|
|
messages.success(request, _('Configuration updated.'))
|
|
|
|
|
|
def report(request):
|
|
"""Serve the security report page."""
|
|
apps_report = security.get_apps_report()
|
|
return TemplateResponse(
|
|
request, 'security_report.html', {
|
|
'title':
|
|
_('Security Report'),
|
|
'freedombox_report':
|
|
apps_report.pop('freedombox'),
|
|
'apps_report':
|
|
sorted(apps_report.values(), key=lambda app: app['name']),
|
|
})
|