Rend configurable les modes de transmission des secrets VPN (36fa098b) · Commits · FFDN / coin

README.md

+12 −0

Original line number	Diff line number	Diff line
		@@ -421,6 +421,18 @@ See also [using optional apps](#using-optional-apps).
		- `{email}`: the mail address of the list
		- `{short_name}`: the list name

		#### vpn

		- `VPN_SECRETS_TRANSMISSION_METHOD` : how are VPN secrets transmited to
		subscriber ? Two values are currently supported :
		- `gen-password-and-forget` (default, used by Illyse) : generate a
		password, push it to LDAP (which holds VPN auth), displays it to user and
		forget it.
		- `crypto-link` (used by ARN) : credentials are generated by an admin
		outside coin, and put on an encrypted burn-after-reading web page, whom
		URL is filled-in coin.


		Accounting logs
		---------------

+3 −0

Original line number	Diff line number	Diff line
		@@ -327,6 +327,9 @@ MEMBER_CAN_EDIT_VPS_CONF = True
		# Allow user to edit their VPN Info
		MEMBER_CAN_EDIT_VPN_CONF = True

		# vpn app settings : how do we transmit the VPN secrets to subscriber ?
		VPN_SECRETS_TRANSMISSION_METHOD = 'gen-password-and-forget'

		# Account registration
		# Allow visitor to join the association by register on COIN
		REGISTRATION_OPEN = False

+12 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,7 @@ from __future__ import unicode_literals
		from django.db import models
		from django.core.exceptions import ValidationError
		from django.conf import settings
		from django.core.exceptions import ImproperlyConfigured
		from django.core.urlresolvers import reverse
		from netfields import InetAddressField, NetManager
		import ldapdb.models
		@@ -48,6 +49,17 @@ class VPNConfiguration(CoinLdapSyncMixin, Configuration):
		null=True, help_text="Lien à usage unique (détruit après ouverture)")
		objects = NetManager()

		METHOD_CRYPTO_LINK = 'crypto-link'
		METHOD_GEN_PASSWORD_AND_FORGET = 'gen-password-and-forget'

		SECRETS_TRANSMISSION_METHOD = settings.VPN_SECRETS_TRANSMISSION_METHOD

		if SECRETS_TRANSMISSION_METHOD not in (
		METHOD_CRYPTO_LINK, METHOD_GEN_PASSWORD_AND_FORGET):
		raise ImproperlyConfigured(
		'Invalid value for VPN_SECRETS_TRANSMISSION_METHOD setting: {}'.format(
		SECRETS_TRANSMISSION_METHOD))

		def get_absolute_url(self):
		return reverse('vpn:details', args=[str(self.pk)])

+12 −4

Original line number	Diff line number	Diff line
		@@ -32,7 +32,7 @@
		<td class="center"><span class="label">Identifiant</span></td>
		<td>{{object.login}}</td>
		</tr>
		{% if object.password %}
		{% if object.SECRETS_TRANSMISSION_METHOD == object.METHOD_GEN_PASSWORD_AND_FORGET %}
		<tr>
		<td class="center" colspan="2">
		<a class="button tiny radius" id="passgen" href="{% url 'vpn:generate_password' object.pk %}"><i class="fa fa-refresh"></i>
		@@ -40,10 +40,18 @@
		</td>
		</tr>
		{% endif %}
		{% if object.crypto_link %}
		{% if object.SECRETS_TRANSMISSION_METHOD == object.METHOD_CRYPTO_LINK %}
		<tr>
		<td class="center"><span class="label">Matériel cryptographique</span></td>
		<td><a href="{{object.crypto_link}}">Télecharger (lien supprimé après ouverture)</a></td>
		<td>
		{% if object.crypto_link %}
		<a href="{{object.crypto_link}}">Télecharger (lien supprimé après ouverture)</a>
		{% else %}
		Ton matériel cryptographique n'a pas encore été généré.
		{% endif %}
		</td>


		</tr>
		{% endif %}
		<tr class="flatfield">