Select which peers can be managed by users with this peer group.
All peers in this WireGuard instance can be managed by users with this peer group, including adding or removing peers.
''') } context = {'page_title': page_title, 'form': form, 'peer_group': peer_group, 'instance': peer_group, 'form_description': form_description} return render(request, 'generic_form.html', context) @login_required def view_user_list(request): if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=50).exists(): return render(request, 'access_denied.html', {'page_title': 'Access Denied'}) page_title = _('User Manager') user_acl_list = UserAcl.objects.all().order_by('user__username') context = {'page_title': page_title, 'user_acl_list': user_acl_list} return render(request, 'user_manager/list.html', context) @login_required def view_manage_user(request): if not UserAcl.objects.filter(user=request.user).filter(user_level__gte=50).exists(): return render(request, 'access_denied.html', {'page_title': 'Access Denied'}) user_acl = None user = None initial_data = {} if 'uuid' in request.GET: user_acl = get_object_or_404(UserAcl, uuid=request.GET['uuid']) user = user_acl.user initial_data = { 'username': user.username, 'user_level': user_acl.user_level, 'peer_groups': user_acl.peer_groups.all() } form = UserAclForm(initial=initial_data, instance=user, user_id=user.id) page_title = _('Edit User') + f' {user.username}' if request.GET.get('action') == 'delete': username = user.username if request.GET.get('confirmation') == username: user.delete() messages.success(request, _('User deleted|User deleted: ') + username) return redirect('/user/list/') else: messages.warning(request, _('User not deleted|Invalid confirmation.')) return redirect('/user/list/') else: form = UserAclForm() page_title = _('Add User') if request.method == 'POST': if user: form = UserAclForm(request.POST, instance=user, user_id=user.id) else: form = UserAclForm(request.POST) if form.is_valid(): saved_user = form.save() if form.cleaned_data.get('password1'): user_disconnected = False if user: for session in Session.objects.all(): if str(user.id) == session.get_decoded().get('_auth_user_id'): session.delete() if not user_disconnected: messages.warning(request, _('User Disconnected|User Disconnected: ') + user.username) user_disconnected = True if user: messages.success(request, _('User updated|User updated: ') + form.cleaned_data['username']) else: messages.success(request, _('User created|User created: ') + form.cleaned_data['username']) return redirect('/user/list/') form_description = { 'size': '', 'content': _('''Access to basic system information and logs for troubleshooting. No access to modify settings or view sensitive data such as peer keys.
Full view access, including peer keys and configuration files. Cannot modify any settings or configurations.
Permissions to add, edit, and remove peers and IP addresses. Does not include access to modify WireGuard instance configurations or higher-level settings.
Authority to add, edit, and remove configurations of WireGuard instances.
Full access across the system. Can view and modify all settings, configurations and manage users.
Select which peer groups this user can access. If no peer groups are selected, the user will have access to all peers.
Enable or disable web console access for this user.
This option filters the API status response to include only peers that the user has access to. Depending on the size of your environment, enabling this option may impact performance. To mitigate this, consider increasing the "Web Refresh Interval" to reduce the number of requests.
''') } context = { 'page_title': page_title, 'form': form, 'user_acl': user_acl, 'instance': user_acl, 'form_description': form_description, 'delete_confirmation_message': _('Please type the username to proceed.') } return render(request, 'generic_form.html', context)