We use cookies to ensure you get the best experience on our website
Startseite Erkunden Hilfe
Registrieren Anmelden
0ct0pu5
/
desec-stack
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Struktur: c3c6e82df6
Branches Tags
desec-stack
/
api
/
desecapi
/
models
/
tokens.py

tokens.py 7.7 KB
Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192 
  1. from __future__ import annotations
    2. 

  2. 

  3. import ipaddress
    4. 

  4. import secrets
    5. 

  5. import uuid
    6. 

  6. from datetime import timedelta
    7. 

  7. 

  8. import pgtrigger
    9. 

  9. import rest_framework.authtoken.models
    10. 

  10. from django.contrib.auth.hashers import make_password
    11. 

  11. from django.contrib.postgres.fields import ArrayField
    12. 

  12. from django.core import validators
    13. 

  13. from django.core.exceptions import ValidationError
    14. 

  14. from django.db import models, transaction
    15. 

  15. from django.db.models import F, Q
    16. 

  16. from django.utils import timezone
    17. 

  17. from django_prometheus.models import ExportModelOperationsMixin
    18. 

  18. from netfields import CidrAddressField, NetManager
    19. 

  19. 

  20. 

  21. class Token(ExportModelOperationsMixin("Token"), rest_framework.authtoken.models.Token):
    22. 

  22.     @staticmethod
    23. 

  23.     def _allowed_subnets_default():
    24. 

  24.         return [ipaddress.IPv4Network("0.0.0.0/0"), ipaddress.IPv6Network("::/0")]
    25. 

  25. 

  26.     _validators = [
    27. 

  27.         validators.MinValueValidator(timedelta(0)),
    28. 

  28.         validators.MaxValueValidator(timedelta(days=365 * 1000)),
    29. 

  29.     ]
    30. 

  30. 

  31.     id = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
    32. 

  32.     key = models.CharField("Key", max_length=128, db_index=True, unique=True)
    33. 

  33.     user = models.ForeignKey("User", on_delete=models.CASCADE)
    34. 

  34.     name = models.CharField("Name", blank=True, max_length=64)
    35. 

  35.     last_used = models.DateTimeField(null=True, blank=True)
    36. 

  36.     mfa = models.BooleanField(default=None, null=True)
    37. 

  37.     perm_manage_tokens = models.BooleanField(default=False)
    38. 

  38.     allowed_subnets = ArrayField(
    39. 

  39.         CidrAddressField(), default=_allowed_subnets_default.__func__
    40. 

  40.     )
    41. 

  41.     max_age = models.DurationField(null=True, default=None, validators=_validators)
    42. 

  42.     max_unused_period = models.DurationField(
    43. 

  43.         null=True, default=None, validators=_validators
    44. 

  44.     )
    45. 

  45.     domain_policies = models.ManyToManyField("Domain", through="TokenDomainPolicy")
    46. 

  46. 

  47.     plain = None
    48. 

  48.     objects = NetManager()
    49. 

  49. 

  50.     class Meta:
    51. 

  51.         constraints = [
    52. 

  52.             models.UniqueConstraint(fields=["id", "user"], name="unique_id_user")
    53. 

  53.         ]
    54. 

  54. 

  55.     @property
    56. 

  56.     def is_valid(self):
    57. 

  57.         now = timezone.now()
    58. 

  58. 

  59.         # Check max age
    60. 

  60.         try:
    61. 

  61.             if self.created + self.max_age < now:
    62. 

  62.                 return False
    63. 

  63.         except TypeError:
    64. 

  64.             pass
    65. 

  65. 

  66.         # Check regular usage requirement
    67. 

  67.         try:
    68. 

  68.             if (self.last_used or self.created) + self.max_unused_period < now:
    69. 

  69.                 return False
    70. 

  70.         except TypeError:
    71. 

  71.             pass
    72. 

  72. 

  73.         return True
    74. 

  74. 

  75.     def generate_key(self):
    76. 

  76.         self.plain = secrets.token_urlsafe(21)
    77. 

  77.         self.key = Token.make_hash(self.plain)
    78. 

  78.         return self.key
    79. 

  79. 

  80.     @staticmethod
    81. 

  81.     def make_hash(plain):
    82. 

  82.         return make_password(plain, salt="static", hasher="pbkdf2_sha256_iter1")
    83. 

  83. 

  84.     def get_policy(self, *, domain=None):
    85. 

  85.         order_by = F("domain").asc(
    86. 

  86.             nulls_last=True
    87. 

  87.         )  # default Postgres sorting, but: explicit is better than implicit
    88. 

  88.         return (
    89. 

  89.             self.tokendomainpolicy_set.filter(Q(domain=domain) | Q(domain__isnull=True))
    90. 

  90.             .order_by(order_by)
    91. 

  91.             .first()
    92. 

  92.         )
    93. 

  93. 

  94.     @transaction.atomic
    95. 

  95.     def delete(self):
    96. 

  96.         # This is needed because Model.delete() emulates cascade delete via django.db.models.deletion.Collector.delete()
    97. 

  97.         # which deletes related objects in pk order.  However, the default policy has to be deleted last.
    98. 

  98.         # Perhaps this will change with https://code.djangoproject.com/ticket/21961
    99. 

  99.         self.tokendomainpolicy_set.filter(domain__isnull=False).delete()
    100. 

  100.         self.tokendomainpolicy_set.filter(domain__isnull=True).delete()
    101. 

  101.         return super().delete()
    102. 

  102. 

  103. 

  104. @pgtrigger.register(
    105. 

  105.     # Ensure that token_user is consistent with token
    106. 

  106.     pgtrigger.Trigger(
    107. 

  107.         name="token_user",
    108. 

  108.         operation=pgtrigger.Update | pgtrigger.Insert,
    109. 

  109.         when=pgtrigger.Before,
    110. 

  110.         func="NEW.token_user_id = (SELECT user_id FROM desecapi_token WHERE id = NEW.token_id); RETURN NEW;",
    111. 

  111.     ),
    112. 

  112.     # Ensure that if there is *any* domain policy for a given token, there is always one with domain=None.
    113. 

  113.     pgtrigger.Trigger(
    114. 

  114.         name="default_policy_on_insert",
    115. 

  115.         operation=pgtrigger.Insert,
    116. 

  116.         when=pgtrigger.Before,
    117. 

  117.         # Trigger `condition` arguments (corresponding to WHEN clause) don't support subqueries, so we use `func`
    118. 

  118.         func="IF (NEW.domain_id IS NOT NULL and NOT EXISTS(SELECT * FROM desecapi_tokendomainpolicy WHERE domain_id IS NULL AND token_id = NEW.token_id)) THEN "
    119. 

  119.         "  RAISE EXCEPTION 'Cannot insert non-default policy into % table when default policy is not present', TG_TABLE_NAME; "
    120. 

  120.         "END IF; RETURN NEW;",
    121. 

  121.     ),
    122. 

  122.     pgtrigger.Protect(
    123. 

  123.         name="default_policy_on_update",
    124. 

  124.         operation=pgtrigger.Update,
    125. 

  125.         when=pgtrigger.Before,
    126. 

  126.         condition=pgtrigger.Q(old__domain__isnull=True, new__domain__isnull=False),
    127. 

  127.     ),
    128. 

  128.     # Ideally, a deferred trigger (https://github.com/Opus10/django-pgtrigger/issues/14). Available in 3.4.0.
    129. 

  129.     pgtrigger.Trigger(
    130. 

  130.         name="default_policy_on_delete",
    131. 

  131.         operation=pgtrigger.Delete,
    132. 

  132.         when=pgtrigger.Before,
    133. 

  133.         # Trigger `condition` arguments (corresponding to WHEN clause) don't support subqueries, so we use `func`
    134. 

  134.         func="IF (OLD.domain_id IS NULL and EXISTS(SELECT * FROM desecapi_tokendomainpolicy WHERE domain_id IS NOT NULL AND token_id = OLD.token_id)) THEN "
    135. 

  135.         "  RAISE EXCEPTION 'Cannot delete default policy from % table when non-default policy is present', TG_TABLE_NAME; "
    136. 

  136.         "END IF; RETURN OLD;",
    137. 

  137.     ),
    138. 

  138. )
    139. 

  139. class TokenDomainPolicy(ExportModelOperationsMixin("TokenDomainPolicy"), models.Model):
    140. 

  140.     token = models.ForeignKey(Token, on_delete=models.CASCADE)
    141. 

  141.     domain = models.ForeignKey("Domain", on_delete=models.CASCADE, null=True)
    142. 

  142.     perm_dyndns = models.BooleanField(default=False)
    143. 

  143.     perm_rrsets = models.BooleanField(default=False)
    144. 

  144.     # Token user, filled via trigger. Used by compound FK constraints to tie domain.owner to token.user (see migration).
    145. 

  145.     token_user = models.ForeignKey(
    146. 

  146.         "User", on_delete=models.CASCADE, db_constraint=False, related_name="+"
    147. 

  147.     )
    148. 

  148. 

  149.     class Meta:
    150. 

  150.         constraints = [
    151. 

  151.             models.UniqueConstraint(fields=["token", "domain"], name="unique_entry"),
    152. 

  152.             models.UniqueConstraint(
    153. 

  153.                 fields=["token"],
    154. 

  154.                 condition=Q(domain__isnull=True),
    155. 

  155.                 name="unique_entry_null_domain",
    156. 

  156.             ),
    157. 

  157.         ]
    158. 

  158. 

  159.     def clean(self):
    160. 

  160.         default_policy = self.token.get_policy(domain=None)
    161. 

  161.         if self.pk:  # update
    162. 

  162.             # Can't change policy's default status ("domain NULLness") to maintain policy precedence
    163. 

  163.             if (self.domain is None) != (self.pk == default_policy.pk):
    164. 

  164.                 raise ValidationError(
    165. 

  165.                     {
    166. 

  166.                         "domain": "Policy precedence: Cannot disable default policy when others exist."
    167. 

  167.                     }
    168. 

  168.                 )
    169. 

  169.         else:  # create
    170. 

  170.             # Can't violate policy precedence (default policy has to be first)
    171. 

  171.             if (self.domain is not None) and (default_policy is None):
    172. 

  172.                 raise ValidationError(
    173. 

  173.                     {
    174. 

  174.                         "domain": "Policy precedence: The first policy must be the default policy."
    175. 

  175.                     }
    176. 

  176.                 )
    177. 

  177. 

  178.     def delete(self, *args, **kwargs):
    179. 

  179.         # Can't delete default policy when others exist
    180. 

  180.         if (self.domain is None) and self.token.tokendomainpolicy_set.exclude(
    181. 

  181.             domain__isnull=True
    182. 

  182.         ).exists():
    183. 

  183.             raise ValidationError(
    184. 

  184.                 {
    185. 

  185.                     "domain": "Policy precedence: Can't delete default policy when there exist others."
    186. 

  186.                 }
    187. 

  187.             )
    188. 

  188.         return super().delete(*args, **kwargs)
    189. 

  189. 

  190.     def save(self, *args, **kwargs):
    191. 

  191.         self.clean()
    192. 

  192.         super().save(*args, **kwargs)
    193.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5