Mirrors/wireguard_webadmin
1
0
Fork 0
mirror of https://github.com/eduardogsilva/wireguard_webadmin.git synced 2026-03-17 22:36:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add reserved application checks to prevent modification and deletion

Browse Source
This commit is contained in:
Eduardo Silva
2026-03-16 17:24:20 -03:00
parent 9e4da484fe
commit 29d1621152
3 changed files with 42 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
app_gateway/views.py
View File

@@ -15,7 +15,7 @@ from app_gateway.forms import (
ApplicationPolicyForm, ApplicationRouteForm ApplicationPolicyForm, ApplicationRouteForm
) )
from app_gateway.models import ( from app_gateway.models import (
Application, ApplicationHost, AccessPolicy, ApplicationPolicy, ApplicationRoute Application, ApplicationHost, AccessPolicy, ApplicationPolicy, ApplicationRoute, RESERVED_APP_NAME
) )
from app_gateway.setup_defaults import create_default_entries from app_gateway.setup_defaults import create_default_entries
from user_manager.models import UserAcl from user_manager.models import UserAcl
@@ -59,6 +59,7 @@ def view_application_details(request):
'application': application, 'application': application,
'hosts': hosts, 'hosts': hosts,
'routes': routes, 'routes': routes,
'is_reserved': application.name == RESERVED_APP_NAME,
'page_title': _('Application Details'), 'page_title': _('Application Details'),
} }
return render(request, 'app_gateway/application_details.html', context) return render(request, 'app_gateway/application_details.html', context)
@@ -73,6 +74,9 @@ def view_manage_application(request):
if application_uuid: if application_uuid:
application = get_object_or_404(Application, uuid=application_uuid) application = get_object_or_404(Application, uuid=application_uuid)
if application.name == RESERVED_APP_NAME:
messages.error(request, _('The WireGuard WebAdmin application cannot be modified.'))
return redirect(reverse('view_application') + f'?uuid={application.uuid}')
title = _('Edit Application') title = _('Edit Application')
else: else:
application = None application = None
@@ -117,6 +121,10 @@ def view_delete_application(request):
cancel_url = reverse('app_gateway_list') + '?tab=applications' cancel_url = reverse('app_gateway_list') + '?tab=applications'
if application.name == RESERVED_APP_NAME:
messages.error(request, _('The WireGuard WebAdmin application cannot be deleted.'))
return redirect(reverse('view_application') + f'?uuid={application.uuid}')
if request.method == 'POST': if request.method == 'POST':
application.delete() application.delete()
messages.success(request, _('Application deleted successfully.')) messages.success(request, _('Application deleted successfully.'))
@@ -150,6 +158,10 @@ def view_manage_application_host(request):
cancel_url = reverse('view_application') + f'?uuid={application.uuid}#hosts' cancel_url = reverse('view_application') + f'?uuid={application.uuid}#hosts'
if application.name == RESERVED_APP_NAME:
messages.error(request, _('The WireGuard WebAdmin application cannot be modified.'))
return redirect(cancel_url)
form = ApplicationHostForm(request.POST or None, instance=application_host, cancel_url=cancel_url) form = ApplicationHostForm(request.POST or None, instance=application_host, cancel_url=cancel_url)
if form.is_valid(): if form.is_valid():
host = form.save(commit=False) host = form.save(commit=False)
@@ -176,6 +188,10 @@ def view_delete_application_host(request):
cancel_url = reverse('view_application') + f'?uuid={application.uuid}#hosts' cancel_url = reverse('view_application') + f'?uuid={application.uuid}#hosts'
if application.name == RESERVED_APP_NAME:
messages.error(request, _('The WireGuard WebAdmin application cannot be modified.'))
return redirect(cancel_url)
if request.method == 'POST': if request.method == 'POST':
application_host.delete() application_host.delete()
messages.success(request, _('Application Host deleted successfully.')) messages.success(request, _('Application Host deleted successfully.'))

2
templates/app_gateway/app_gateway_list.html
View File

@@ -145,7 +145,7 @@
<tbody> <tbody>
{% for policy in access_policies %} {% for policy in access_policies %}
<tr> <tr>
<td>{{ policy }}</td> <td>{{ policy.display_name|default:policy.name }}</td>
<td>{{ policy.get_policy_type_display }}</td> <td>{{ policy.get_policy_type_display }}</td>
<td>{{ policy.groups.count }}</td> <td>{{ policy.groups.count }}</td>
<td>{{ policy.methods.count }}</td> <td>{{ policy.methods.count }}</td>

24
templates/app_gateway/application_details.html
View File

@@ -11,12 +11,21 @@
<a href="{% url 'app_gateway_list' %}" class="btn btn-sm btn-secondary"> <a href="{% url 'app_gateway_list' %}" class="btn btn-sm btn-secondary">
<i class="fas fa-arrow-left"></i> {% trans 'Back to List' %} <i class="fas fa-arrow-left"></i> {% trans 'Back to List' %}
</a> </a>
{% if is_reserved %}
<a class="btn btn-sm btn-secondary disabled" aria-disabled="true" tabindex="-1" title="{% trans 'This application cannot be modified' %}">
<i class="fas fa-edit"></i> {% trans 'Edit Application' %}
</a>
<a class="btn btn-sm btn-secondary disabled" aria-disabled="true" tabindex="-1" title="{% trans 'This application cannot be deleted' %}">
<i class="fas fa-trash"></i> {% trans 'Delete Application' %}
</a>
{% else %}
<a href="{% url 'manage_application' %}?uuid={{ application.uuid }}" class="btn btn-sm btn-info"> <a href="{% url 'manage_application' %}?uuid={{ application.uuid }}" class="btn btn-sm btn-info">
<i class="fas fa-edit"></i> {% trans 'Edit Application' %} <i class="fas fa-edit"></i> {% trans 'Edit Application' %}
</a> </a>
<a href="{% url 'delete_application' %}?uuid={{ application.uuid }}" class="btn btn-sm btn-danger"> <a href="{% url 'delete_application' %}?uuid={{ application.uuid }}" class="btn btn-sm btn-danger">
<i class="fas fa-trash"></i> {% trans 'Delete Application' %} <i class="fas fa-trash"></i> {% trans 'Delete Application' %}
</a> </a>
{% endif %}
</div> </div>
</div> </div>
<div class="card-body"> <div class="card-body">
@@ -46,10 +55,16 @@
<h4 id="hosts">{% trans 'Application Hosts' %}</h4> <h4 id="hosts">{% trans 'Application Hosts' %}</h4>
<div class="mb-3"> <div class="mb-3">
{% if is_reserved %}
<a class="btn btn-outline-secondary btn-sm disabled" aria-disabled="true" tabindex="-1" title="{% trans 'This application cannot be modified' %}">
<i class="fas fa-plus"></i> {% trans 'Add Host' %}
</a>
{% else %}
<a href="{% url 'manage_application_host' %}?application_uuid={{ application.uuid }}" <a href="{% url 'manage_application_host' %}?application_uuid={{ application.uuid }}"
class="btn btn-outline-primary btn-sm"> class="btn btn-outline-primary btn-sm">
<i class="fas fa-plus"></i> {% trans 'Add Host' %} <i class="fas fa-plus"></i> {% trans 'Add Host' %}
</a> </a>
{% endif %}
</div> </div>
{% if hosts %} {% if hosts %}
@@ -66,6 +81,14 @@
<tr> <tr>
<td>{{ host.hostname }}</td> <td>{{ host.hostname }}</td>
<td style="width: 15%"> <td style="width: 15%">
{% if is_reserved %}
<a class="btn btn-sm btn-secondary disabled" aria-disabled="true" tabindex="-1" title="{% trans 'This application cannot be modified' %}">
<i class="fas fa-edit"></i>
</a>
<a class="btn btn-sm btn-secondary disabled" aria-disabled="true" tabindex="-1" title="{% trans 'This application cannot be modified' %}">
<i class="fas fa-trash"></i>
</a>
{% else %}
<a href="{% url 'manage_application_host' %}?uuid={{ host.uuid }}" <a href="{% url 'manage_application_host' %}?uuid={{ host.uuid }}"
class="btn btn-sm btn-info" title="{% trans 'Edit' %}"> class="btn btn-sm btn-info" title="{% trans 'Edit' %}">
<i class="fas fa-edit"></i> <i class="fas fa-edit"></i>
@@ -74,6 +97,7 @@
class="btn btn-sm btn-danger" title="{% trans 'Delete' %}"> class="btn btn-sm btn-danger" title="{% trans 'Delete' %}">
<i class="fas fa-trash"></i> <i class="fas fa-trash"></i>
</a> </a>
{% endif %}
</td> </td>
</tr> </tr>
{% endfor %} {% endfor %}