From 44aa746f4bccfed216ffdc91be56b7c5421a1ff9 Mon Sep 17 00:00:00 2001
From: catborise <catborise@yahoo.com>
Date: Fri, 17 Jul 2020 11:05:47 +0300
Subject: [PATCH] make console password optional for users with permissions
---
accounts/apps.py | 14 ++++++++++++++
accounts/models.py | 1 +
console/templates/console-spice-full.html | 6 +++++-
console/templates/console-spice-lite.html | 6 +++++-
console/templates/console-vnc-full.html | 6 +++++-
console/templates/console-vnc-lite.html | 8 +++++++-
instances/migrations/0009_auto_20200717_0524.py | 17 +++++++++++++++++
instances/models.py | 4 +++-
8 files changed, 57 insertions(+), 5 deletions(-)
create mode 100644 instances/migrations/0009_auto_20200717_0524.py
diff --git a/accounts/apps.py b/accounts/apps.py
index 94f4d27..4f7ac69 100644
--- a/accounts/apps.py
+++ b/accounts/apps.py
@@ -24,6 +24,19 @@ def apply_change_password(sender, **kwargs):
user.user_permissions.remove(permission)
print('\033[1mDon`t forget to remove the option from settings.py\033[0m')
+def apply_passwordless_console(sender, **kwargs):
+ '''
+ Apply new passwordless_console permission for all users
+ '''
+ from django.conf import settings
+ from django.contrib.auth.models import User, Permission
+
+ print('\033[92mApplying permission passwordless_console for all users\033[0m')
+ users = User.objects.all()
+ permission = Permission.objects.get(codename='passwordless_console')
+ for user in users:
+ user.user_permissions.add(permission)
+
def create_admin(sender, **kwargs):
'''
@@ -49,3 +62,4 @@ class AccountsConfig(AppConfig):
def ready(self):
post_migrate.connect(apply_change_password, sender=self)
post_migrate.connect(create_admin, sender=self)
+ post_migrate.connect(apply_passwordless_console, sender=self)
diff --git a/accounts/models.py b/accounts/models.py
index 1369158..afc1960 100644
--- a/accounts/models.py
+++ b/accounts/models.py
@@ -6,6 +6,7 @@ from django.utils.translation import ugettext_lazy as _
from instances.models import Instance
+
class UserInstanceManager(models.Manager):
def get_queryset(self):
return super().get_queryset().select_related('instance', 'user')
diff --git a/console/templates/console-spice-full.html b/console/templates/console-spice-full.html
index d9a7f89..29e52f9 100644
--- a/console/templates/console-spice-full.html
+++ b/console/templates/console-spice-full.html
@@ -199,7 +199,11 @@
<label for="port">{% trans 'Port' %}:</label>
<input type='text' id='port' value='{{ ws_port }}'>
<label for="password">{% trans 'Password' %}:</label>
- <input type='password' id='password'>
+ {% if perms.instances.passwordless_console %}
+ <input type='password' id='password' value='{{ console_passwd }}'>
+ {% else %}
+ <input type='password' id='password'>
+ {% endif %}
<label for="show_console">{% trans 'Show console' %}</label>
<input type="checkbox" id="show_console" value="1" onchange="toggle_console()" checked>
<button id="connectButton">{% trans 'Start' %}</button>
diff --git a/console/templates/console-spice-lite.html b/console/templates/console-spice-lite.html
index 6e4dc9b..8a359b7 100644
--- a/console/templates/console-spice-lite.html
+++ b/console/templates/console-spice-lite.html
@@ -93,7 +93,11 @@
}
if (password === undefined) {
- password = spice_query_var('password', '');
+ {% if perms.instances.passwordless_console %}
+ password = '{{ console_passwd }}';
+ {% else %}
+ password = prompt('{% trans "Password" %}');
+ {% endif %}
//password = '{{ console_passwd | safe }}';
}
if (password === 'None') password = '';
diff --git a/console/templates/console-vnc-full.html b/console/templates/console-vnc-full.html
index 35f4be1..5eccba8 100755
--- a/console/templates/console-vnc-full.html
+++ b/console/templates/console-vnc-full.html
@@ -297,7 +297,11 @@
<ul>
<li>
<label>Password:</label>
- <input id="noVNC_password_input" type="password" />
+ {% if perms.instances.passwordless_console %}
+ <input id="noVNC_password_input" type="password" value='{{ console_passwd }}' />
+ {% else %}
+ <input id="noVNC_password_input" type="password" />
+ {% endif %}
</li>
<li>
<input id="noVNC_password_button" type="submit" value="Send Password" class="noVNC_submit" />
diff --git a/console/templates/console-vnc-lite.html b/console/templates/console-vnc-lite.html
index a76744e..ab40e8a 100755
--- a/console/templates/console-vnc-lite.html
+++ b/console/templates/console-vnc-lite.html
@@ -167,7 +167,13 @@
// By default, use the host and port of server that served this file
const host = readQueryVariable('host', '{{ ws_host }}');
let port = readQueryVariable('port', '{{ ws_port }}');
- const password = readQueryVariable('password');
+
+ {% if perms.instances.passwordless_console %}
+ const password = '{{ console_passwd }}';
+ {% else %}
+ const password = readQueryVariable('password');
+ {% endif %}
+
//const path = readQueryVariable('path', 'websockify');
const path = readQueryVariable('path', '{{ ws_path }}');
diff --git a/instances/migrations/0009_auto_20200717_0524.py b/instances/migrations/0009_auto_20200717_0524.py
new file mode 100644
index 0000000..bf3f6b0
--- /dev/null
+++ b/instances/migrations/0009_auto_20200717_0524.py
@@ -0,0 +1,17 @@
+# Generated by Django 2.2.13 on 2020-07-17 05:24
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('instances', '0008_auto_20200708_0950'),
+ ]
+
+ operations = [
+ migrations.AlterModelOptions(
+ name='permissionset',
+ options={'default_permissions': (), 'managed': False, 'permissions': [('clone_instances', 'Can clone instances'), ('passwordless_console', 'Can access console without password')]},
+ ),
+ ]
diff --git a/instances/models.py b/instances/models.py
index 3272322..34d7e19 100644
--- a/instances/models.py
+++ b/instances/models.py
@@ -211,6 +211,8 @@ class PermissionSet(models.Model):
"""
class Meta:
default_permissions = ()
- permissions = (('clone_instances', _('Can clone instances')), )
+ permissions = [('clone_instances', 'Can clone instances'),
+ ('passwordless_console', _('Can access console without password')),
+ ]
managed = False