Merge branch 'feature/snmpv3-management-profile' into snmpv3

Uninett · Nov 1, 2023 · f28c4fc · f28c4fc
2 parents f6ff332 + 7e71add
commit f28c4fc
Show file tree

Hide file tree

Showing 3 changed files with 98 additions and 0 deletions.
diff --git a/python/nav/models/manage.py b/python/nav/models/manage.py
@@ -131,9 +131,11 @@ class ManagementProfile(models.Model):
     PROTOCOL_DEBUG = 0
     PROTOCOL_SNMP = 1
     PROTOCOL_NAPALM = 2
+    PROTOCOL_SNMPV3 = 3
     PROTOCOL_CHOICES = [
         (PROTOCOL_SNMP, "SNMP"),
         (PROTOCOL_NAPALM, "NAPALM"),
+        (PROTOCOL_SNMPV3, "SNMPv3"),
     ]
     if settings.DEBUG:
         PROTOCOL_CHOICES.insert(0, (PROTOCOL_DEBUG, 'debug'))

diff --git a/python/nav/web/seeddb/page/management_profile/forms.py b/python/nav/web/seeddb/page/management_profile/forms.py
@@ -94,6 +94,99 @@ class Meta(object):
     )
 
 
+class SnmpV3Form(ProtocolSpecificMixIn, forms.ModelForm):
+    PROTOCOL = ManagementProfile.PROTOCOL_SNMPV3
+    PROTOCOL_NAME = PROTOCOL_CHOICES.get(PROTOCOL)
+    NOTABENE = "SNMPv3 is not yet fully supported in NAV"
+
+    class Meta(object):
+        model = ManagementProfile
+        configuration_fields = [
+            "sec_level",
+            "auth_protocol",
+            "sec_name",
+            "auth_password",
+            "priv_protocol",
+            "priv_password",
+        ]
+        fields = []
+
+    sec_level = forms.ChoiceField(
+        label="Security level",
+        choices=(
+            ("noAuthNoPriv", "noAuthNoPriv"),
+            ("authNoPriv", "authNoPriv"),
+            ("authPriv", "authPriv"),
+        ),
+        help_text="The required SNMPv3 security level",
+    )
+    auth_protocol = forms.ChoiceField(
+        label="Authentication protocol",
+        choices=(
+            ("MD5", "MD5"),
+            ("SHA", "SHA"),
+            ("SHA-512", "SHA-512"),
+            ("SHA-384", "SHA-384"),
+            ("SHA-256", "SHA-256"),
+            ("SHA-224", "SHA-224"),
+        ),
+        help_text="Authentication protocol to use",
+    )
+    sec_name = forms.CharField(
+        widget=forms.TextInput(attrs={"autocomplete": "off"}),
+        label="Security name",
+        help_text=(
+            "The username to authenticate as.  This is required even if noAuthPriv "
+            "security mode is selected."
+        ),
+    )
+    auth_password = forms.CharField(
+        widget=forms.PasswordInput(render_value=True, attrs={"autocomplete": "off"}),
+        label="Authentication password",
+        help_text=(
+            "The password to authenticate the user. Required for authNoPriv or "
+            "authPriv security levels."
+        ),
+        required=False,
+    )
+    priv_protocol = forms.ChoiceField(
+        label="Privacy protocol",
+        choices=(
+            ("DES", "DES"),
+            ("AES", "AES"),
+        ),
+        help_text="Privacy protocol to use.  Required for authPriv security level.",
+        required=False,
+    )
+    priv_password = forms.CharField(
+        widget=forms.PasswordInput(render_value=True, attrs={"autocomplete": "off"}),
+        label="Privacy password",
+        help_text=(
+            "The password to use for DES or AES encryption.  Required for authPriv "
+            "security level."
+        ),
+        required=False,
+    )
+
+    def clean_auth_password(self):
+        level = self.cleaned_data.get("sec_level")
+        password = self.cleaned_data.get("auth_password").strip()
+        if level.startswith("auth") and not password:
+            raise forms.ValidationError(
+                f"Authentication password must be set for security level {level}"
+            )
+        return password
+
+    def clean_priv_password(self):
+        level = self.cleaned_data.get("sec_level")
+        password = self.cleaned_data.get("priv_password").strip()
+        if level == "authPriv" and not password:
+            raise forms.ValidationError(
+                f"Privacy password must be set for security level {level}"
+            )
+        return password
+
+
 class NapalmForm(ProtocolSpecificMixIn, forms.ModelForm):
     PROTOCOL = ManagementProfile.PROTOCOL_NAPALM
     PROTOCOL_NAME = PROTOCOL_CHOICES.get(PROTOCOL)

diff --git a/python/nav/web/templates/seeddb/management-profile/edit.html b/python/nav/web/templates/seeddb/management-profile/edit.html
@@ -35,6 +35,9 @@ <h4>Add new management profile</h4>
                 {% for form in protocol_forms %}
                     <fieldset class="protocol-configuration" id="protocol-{{ form.PROTOCOL }}">
                         <legend>{{ form.PROTOCOL_NAME }} configuration</legend>
+                        {% if form.NOTABENE %}
+                            <div class="alert-box warning with-icon">{{ form.NOTABENE }}</div>
+                        {% endif %}
                         {{ form | crispy }}
                     </fieldset>
                 {% endfor %}