make console password optional for users with permissions

2025-03-31 03:56:45 +00:00 · 2020-07-17 11:05:47 +03:00 · 2020-07-17 11:05:47 +03:00 · 44aa746f4b
commit 44aa746f4b
parent 74a4a1a3ef
8 changed files with 57 additions and 5 deletions
--- a/accounts/apps.py
+++ b/accounts/apps.py
@ -24,6 +24,19 @@ def apply_change_password(sender, **kwargs):
                user.user_permissions.remove(permission)
        print('\033[1mDon`t forget to remove the option from settings.py\033[0m')

+def apply_passwordless_console(sender, **kwargs):
+    '''
+    Apply new passwordless_console permission for all users
+    '''
+    from django.conf import settings
+    from django.contrib.auth.models import User, Permission
+
+    print('\033[92mApplying permission passwordless_console for all users\033[0m')
+    users = User.objects.all()
+    permission = Permission.objects.get(codename='passwordless_console')
+    for user in users:
+            user.user_permissions.add(permission)
+

 def create_admin(sender, **kwargs):
    '''
@ -49,3 +62,4 @@ class AccountsConfig(AppConfig):
    def ready(self):
        post_migrate.connect(apply_change_password, sender=self)
        post_migrate.connect(create_admin, sender=self)
+        post_migrate.connect(apply_passwordless_console, sender=self)
--- a/accounts/models.py
+++ b/accounts/models.py
@ -6,6 +6,7 @@ from django.utils.translation import ugettext_lazy as _

 from instances.models import Instance

+
 class UserInstanceManager(models.Manager):
    def get_queryset(self):
        return super().get_queryset().select_related('instance', 'user')
--- a/console/templates/console-spice-full.html
+++ b/console/templates/console-spice-full.html
@ -199,7 +199,11 @@
    <label for="port">{% trans 'Port' %}:</label>
    <input type='text' id='port' value='{{ ws_port }}'>
    <label for="password">{% trans 'Password' %}:</label>
-    <input type='password' id='password'>
+    {% if perms.instances.passwordless_console %}
+        <input type='password' id='password' value='{{ console_passwd }}'>
+    {% else %}
+        <input type='password' id='password'>
+    {% endif %}
    <label for="show_console">{% trans 'Show console' %}</label>
    <input type="checkbox" id="show_console" value="1" onchange="toggle_console()" checked>
    <button id="connectButton">{% trans 'Start' %}</button>
--- a/console/templates/console-spice-lite.html
+++ b/console/templates/console-spice-lite.html
@ -93,7 +93,11 @@
        }

        if (password === undefined) {
-            password = spice_query_var('password', '');
+            {% if perms.instances.passwordless_console %}
+                password = '{{ console_passwd }}';
+            {% else %}
+                password = prompt('{% trans "Password" %}');
+            {% endif %}
            //password = '{{ console_passwd | safe }}';
        }
        if (password === 'None') password = '';
--- a/console/templates/console-vnc-full.html
+++ b/console/templates/console-vnc-full.html
@ -297,7 +297,11 @@
            <ul>
                <li>
                    <label>Password:</label>
-                    <input id="noVNC_password_input" type="password" />
+                    {% if perms.instances.passwordless_console %}
+                        <input id="noVNC_password_input" type="password" value='{{ console_passwd }}' />
+                    {% else %}
+                        <input id="noVNC_password_input" type="password" />
+                    {% endif %}
                </li>
                <li>
                    <input id="noVNC_password_button" type="submit" value="Send Password" class="noVNC_submit" />
--- a/console/templates/console-vnc-lite.html
+++ b/console/templates/console-vnc-lite.html
@ -167,7 +167,13 @@
    // By default, use the host and port of server that served this file
    const host = readQueryVariable('host', '{{ ws_host }}');
    let port = readQueryVariable('port', '{{ ws_port }}');
-    const password = readQueryVariable('password');
+
+    {% if perms.instances.passwordless_console %}
+        const password = '{{ console_passwd }}';
+    {% else %}
+        const password = readQueryVariable('password');
+    {% endif %}
+
    //const path = readQueryVariable('path', 'websockify');
    const path = readQueryVariable('path', '{{ ws_path }}');

--- a/instances/migrations/0009_auto_20200717_0524.py
+++ b/instances/migrations/0009_auto_20200717_0524.py
@ -0,0 +1,17 @@
+# Generated by Django 2.2.13 on 2020-07-17 05:24
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('instances', '0008_auto_20200708_0950'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='permissionset',
+            options={'default_permissions': (), 'managed': False, 'permissions': [('clone_instances', 'Can clone instances'), ('passwordless_console', 'Can access console without password')]},
+        ),
+    ]
--- a/instances/models.py
+++ b/instances/models.py
@ -211,6 +211,8 @@ class PermissionSet(models.Model):
    """
    class Meta:
        default_permissions = ()
-        permissions = (('clone_instances', _('Can clone instances')), )
+        permissions = [('clone_instances', 'Can clone instances'),  
+                       ('passwordless_console',  _('Can access console without password')),
+                    ]

        managed = False