headscale/hsman
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Read only policy support

Browse Source
This commit is contained in:
Andrea Mistrali
2024-10-04 12:58:40 +02:00
parent 379fef4b00
commit 9b7b903c57
13 changed files with 544 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/static/main.css
View File

@ -20,6 +20,8 @@ body > .container,
body > .container-fluid {
margin-top: 30px;
margin-bottom: 30px;
margin-left: 200px;
margin-right: 200px;
}
.footer {

12
app/templates/base.html
View File

@ -52,13 +52,16 @@
<ul class="navbar-nav mr-auto">
{% if auth.isAdmin %}
<li class="nav-item">
<a class="nav-link" href="{{ url_for('main.nodes') }}">nodes</a>
<a class="nav-link" href="{{ url_for('main.nodes') }}"><i class="fas fa-desktop"></i> nodes</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ url_for('main.users') }}">users</a>
<a class="nav-link" href="{{ url_for('main.users') }}"><i class="fas fa-address-card"></i> users</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ url_for('main.routes') }}">routes</a>
<a class="nav-link" href="{{ url_for('main.routes') }}"><i class="fas fa-satellite-dish"></i> routes</a>
</li>
<li class="nav-item">
<a class="nav-link" href="{{ url_for('main.policy') }}"><i class="fas fa-user-shield"></i> policy</a>
</li>
{% endif %}
</ul>
@ -76,8 +79,9 @@
{% if g.is_mobile %}
<div class="container-fluid">
{% else %}
<div class="container">
<div class="container-lg">
{% endif %}
<p></p>
<!-- Main Content -->
{% block content %}{% endblock %}
</div>

15
app/templates/index.html
View File

@ -2,10 +2,21 @@
{% block content %}
<h3>
Welcome, {{ auth.full_name }}
<!-- Welcome, {{ auth.full_name }} -->
authentication info
</h3>
<hr>
<h4>authentication info</h4>
<!-- <h4>authentication info</h4> -->
<div class="row data">
<div class="col col-2">
<strong>full name</strong>
</div>
<div class="col col-6">
<span data-toggle="tooltip" data-placement="right" title="OIDC username: {{ auth.login_name }}">
{{ auth.full_name }}
</span>
</div>
</div>
<div class="row data">
<div class="col col-2">
<strong>username</strong>

1
app/templates/node.html
View File

@ -13,7 +13,6 @@
</a>
</h3>
<hr>
<p></p>
<div class="row">
<div class="col col-3 float-left">
<strong>status</strong>

1
app/templates/nodes.html
View File

@ -12,7 +12,6 @@
</div>
</div>
<hr>
<p></p>
<table id="nodes" class="display" style="width:100%">
<thead>
<tr>

86
app/templates/policy.html Normal file
View File

@ -0,0 +1,86 @@
{% extends "base.html" %}
{% block content %}
<h3>policy</h3>
<footer class="blockquote-footer">
for more info see <a href="https://tailscale.com/kb/1337/acl-syntax" target="_blank">tailscale docs</a>
</footer>
<hr>
<div class="row">
<div class="col col-6">
<div class="row">
<div class="col col-4"><h5>source</h5></div>
<div class="col col-8"><h5>destination</h5></div>
</div>
{% for acl in policy.policy['acls'] %}
<div class="row data">
<div class="col col-4">
{{ ','.join(acl['src']) }}</div>
<div class="col col-8">{{ ',<br />'.join(acl['dst']) | safe }}</div>
</div>
{% endfor %}
</div>
<div class="col col-6">
<!-- groups -->
<div id="groups">
<div class="card">
<div class="card-header" id="groupsHeading">
<h5 class="mb-0">
<button class="btn btn-link" data-toggle="collapse" data-target="#groupsContent" aria-expanded="true" aria-controls="groupsContent">
groups
</button>
</h5>
</div>
<div id="groupsContent" class="collapse show" aria-labelledby="groupsHeading" data-parent="#groups">
<div class="card-body">
{% for group,users in policy.policy['groups'].items() %}
<div class="row data">
<div class="col col-6">
{{ group }}
</div>
<div class="col col-6">
{{ ", ".join(users) }}
</div>
</div>
{% endfor %}
</div>
</div>
</div>
</div>
<!-- hosts -->
<div class="hosts">
<div class="card">
<div class="card-header" id="hostsHeading">
<h5 class="mb-0">
<button class="btn btn-link" data-toggle="collapse" data-target="#hostsContent" aria-expanded="true" aria-controls="hostsContent">
hosts
</button>
</h5>
</div>
<div id="hostsContent" class="collapse" aria-labelledby="hostsHeading" data-parent="#hosts">
<div class="card-body">
{% for host, value in policy.policy['hosts'].items() %}
<div class="row data">
<div class="col col3">
{{ host }}
</div>
<div class="col col3">
{{ value }}
</div>
</div>
{% endfor %}
</div>
</div>
</div>
</div>
</div>
</div>
<!-- <textarea readonly rows="30" style="width: 80%; height: 80%;">
{{ policy.json }}
</textarea> -->
{% endblock %}

15
app/templates/routes.html
View File

@ -2,14 +2,15 @@
{% block content %}
<h5>
Routing table
<small class="text-muted">
click on the icon in <em>enabled</em> column to toggle route status
</small>
</h5>
<h3>
routing table
<span class="text-muted" style="font-size: 60%;">
</span>
</h3>
<footer class="blockquote-footer">
click on the icon in <em>enabled</em> column to toggle route status
</footer>
<hr>
<p></p>
<div class="row">
<div class="col col-12">

1
app/templates/user.html
View File

@ -3,7 +3,6 @@
<h3>{{ user.name }}</h3>
<hr>
<p></p>
<div class="row">
<div class="col col-3">
<strong>registered</strong>

1
app/templates/users.html
View File

@ -3,7 +3,6 @@
{% block content %}
<h3>users</h3>
<hr>
<p></p>
<table id="users" class="display" style="width:100%">
<thead>
<tr>

10
app/views/main.py
View File

@ -11,7 +11,7 @@ from app import auth
from flask import jsonify
from flask_pyoidc.user_session import UserSession
from hsapi_client import Node, User, Route, PreAuthKey
from hsapi_client import Node, User, Route, PreAuthKey, Policy
from hsapi_client.preauthkeys import v1ListPreAuthKeyRequest
@ -130,3 +130,11 @@ def routes():
return render_template("routes.html",
exitNodes=exitNodes,
routes=final)
@main_blueprint.route('/policy', methods=['GET'])
@auth.authorize_admins('default')
def policy():
policy = Policy().get()
return render_template("policy.html",
policy=policy)