openstack
/
horizon
Code Issues Proposed changes

Merge "Don't pass the auth_key for volume transfer in the URL"

This commit is contained in:
Zuul 2024-04-04 23:08:50 +00:00 committed by Gerrit Code Review
parent dcb4fbc023 ccef197e03
commit a09823080c
5 changed files with 52 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
openstack_dashboard/dashboards/project/volumes/forms.py
View File

@ -598,22 +598,21 @@ class CreateTransferForm(forms.SelfHandlingForm):
return cleaned_name return cleaned_name
def handle(self, request, data): def handle(self, request, data):
volume_id = self.initial['volume_id']
try: try:
volume_id = self.initial['volume_id']
transfer = cinder.transfer_create(request, volume_id, data['name']) transfer = cinder.transfer_create(request, volume_id, data['name'])
msg = _('Created volume transfer: "%s".') % data['name']
messages.success(request, msg)
kwargs = {
'transfer_id': transfer.id,
'auth_key': transfer.auth_key
}
request.method = 'GET'
return self.next_view.as_view()(request, **kwargs)
except Exception: except Exception:
redirect = reverse("horizon:project:volumes:index") redirect = reverse("horizon:project:volumes:index")
exceptions.handle(request, _('Unable to create volume transfer.'), exceptions.handle(request, _('Unable to create volume transfer.'),
redirect=redirect) redirect=redirect)
else:
msg = _('Created volume transfer: "%s".') % data['name']
messages.success(request, msg)
request.method = 'GET'
return self.next_view.as_view()(
request, transfer_id=transfer.id,
auth_key=transfer.auth_key,
)
class AcceptTransferForm(forms.SelfHandlingForm): class AcceptTransferForm(forms.SelfHandlingForm):
@ -652,7 +651,7 @@ class ShowTransferForm(forms.SelfHandlingForm):
required=False) required=False)
def handle(self, request, data): def handle(self, request, data):
pass return True
class UpdateForm(forms.SelfHandlingForm): class UpdateForm(forms.SelfHandlingForm):

7
openstack_dashboard/dashboards/project/volumes/templates/volumes/_show_transfer.html
View File

@ -11,10 +11,3 @@
<p>{% trans "The Transfer ID and the Authorization Key are needed by the recipient in order to accept the transfer. Please capture both the Transfer ID and the Authorization Key and provide them to your transfer recipient." %}</p> <p>{% trans "The Transfer ID and the Authorization Key are needed by the recipient in order to accept the transfer. Please capture both the Transfer ID and the Authorization Key and provide them to your transfer recipient." %}</p>
<p class="alert alert-warning">{% trans "The Authorization Key will not be available after closing this page, so you must capture it now or download it, or else you will be unable to use the transfer." %}</p> <p class="alert alert-warning">{% trans "The Authorization Key will not be available after closing this page, so you must capture it now or download it, or else you will be unable to use the transfer." %}</p>
{% endblock %} {% endblock %}
{% block modal-footer %}
<a href="{{ download_url }}" class="btn btn-default">
<span class="fa fa-download"></span>
{{ download_label }}
</a>
<a onClick="location.href='{{cancel_url}}'" href="{{ cancel_url }}" class="btn btn-default">{{ cancel_label }}</a>
{% endblock %}

8
openstack_dashboard/dashboards/project/volumes/tests.py
View File

@ -2056,11 +2056,11 @@ class VolumeViewTests(test.ResetImageAPIVersionMixin, test.TestCase):
filename = "{}.txt".format(slugify(transfer.id)) filename = "{}.txt".format(slugify(transfer.id))
url = reverse('horizon:project:volumes:' url = reverse('horizon:project:volumes:'
'download_transfer_creds', 'show_transfer',
kwargs={'transfer_id': transfer.id, kwargs={'transfer_id': transfer.id})
'auth_key': transfer.auth_key})
res = self.client.get(url) form_data = {'id': transfer.id, 'auth_key': transfer.auth_key}
res = self.client.post(url, form_data)
self.assertTrue(res.has_header('content-disposition')) self.assertTrue(res.has_header('content-disposition'))
self.assertTrue(res.has_header('content-type')) self.assertTrue(res.has_header('content-type'))

5
openstack_dashboard/dashboards/project/volumes/urls.py
View File

@ -36,7 +36,7 @@ urlpatterns = [
re_path(r'^accept_transfer/$', re_path(r'^accept_transfer/$',
views.AcceptTransferView.as_view(), views.AcceptTransferView.as_view(),
name='accept_transfer'), name='accept_transfer'),
re_path(r'^(?P<transfer_id>[^/]+)/auth/(?P<auth_key>[^/]+)/$', re_path(r'^(?P<transfer_id>[^/]+)/show_transfer/$',
views.ShowTransferView.as_view(), views.ShowTransferView.as_view(),
name='show_transfer'), name='show_transfer'),
re_path(r'^(?P<volume_id>[^/]+)/create_backup/$', re_path(r'^(?P<volume_id>[^/]+)/create_backup/$',
@ -63,7 +63,4 @@ urlpatterns = [
re_path(r'^(?P<volume_id>[^/]+)/encryption_detail/$', re_path(r'^(?P<volume_id>[^/]+)/encryption_detail/$',
views.EncryptionDetailView.as_view(), views.EncryptionDetailView.as_view(),
name='encryption_detail'), name='encryption_detail'),
re_path(r'^(?P<transfer_id>[^/]+)/download_creds/(?P<auth_key>[^/]+)$',
views.DownloadTransferCreds.as_view(),
name='download_transfer_creds'),
] ]

80
openstack_dashboard/dashboards/project/volumes/views.py
View File

@ -23,10 +23,8 @@ from django import shortcuts
from django.template.defaultfilters import slugify from django.template.defaultfilters import slugify
from django.urls import reverse from django.urls import reverse
from django.urls import reverse_lazy from django.urls import reverse_lazy
from django.utils.decorators import method_decorator
from django.utils import encoding from django.utils import encoding
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from django.views.decorators.cache import never_cache
from django.views import generic from django.views import generic
from horizon import exceptions from horizon import exceptions
@ -445,37 +443,54 @@ class ShowTransferView(forms.ModalFormView):
modal_header = _("Volume Transfer") modal_header = _("Volume Transfer")
submit_url = "horizon:project:volumes:show_transfer" submit_url = "horizon:project:volumes:show_transfer"
cancel_label = _("Close") cancel_label = _("Close")
download_label = _("Download transfer credentials") submit_label = _("Download transfer credentials")
page_title = _("Volume Transfer Details") page_title = _("Volume Transfer Details")
@memoized.memoized_method
def get_object(self): def get_object(self):
transfer_id = self.kwargs['transfer_id']
try: try:
return self._object return cinder.transfer_get(self.request, transfer_id)
except AttributeError: except Exception:
transfer_id = self.kwargs['transfer_id'] exceptions.handle(self.request,
try: _('Unable to retrieve volume transfer.'))
self._object = cinder.transfer_get(self.request, transfer_id)
return self._object
except Exception:
exceptions.handle(self.request,
_('Unable to retrieve volume transfer.'))
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
transfer_id = self.kwargs['transfer_id']
auth_key = self.kwargs.get('auth_key')
context = super().get_context_data(**kwargs) context = super().get_context_data(**kwargs)
context['transfer_id'] = self.kwargs['transfer_id'] context.update({
context['auth_key'] = self.kwargs['auth_key'] 'transfer_id': transfer_id,
context['download_label'] = self.download_label 'auth_key': auth_key,
context['download_url'] = reverse( 'submit_url': reverse(self.submit_url, args=[transfer_id]),
'horizon:project:volumes:download_transfer_creds', })
args=[context['transfer_id'], context['auth_key']]
)
return context return context
def get_initial(self): def get_initial(self):
transfer = self.get_object() transfer = self.get_object()
return {'id': transfer.id, auth_key = self.kwargs.get('auth_key')
'name': transfer.name, if transfer:
'auth_key': self.kwargs['auth_key']} return {'id': transfer.id,
'name': transfer.name,
'auth_key': auth_key}
return {}
def form_valid(self, form):
transfer_id = form.cleaned_data['id']
auth_key = form.cleaned_data['auth_key']
name = form.cleaned_data['name']
context = {'transfer': {
'name': name,
'id': transfer_id,
'auth_key': auth_key,
}}
response = shortcuts.render(
self.request,
'project/volumes/download_transfer_creds.html',
context, content_type='application/text')
response['Content-Disposition'] = (
'attachment; filename=%s.txt' % slugify(transfer_id))
return response
class UpdateView(forms.ModalFormView): class UpdateView(forms.ModalFormView):
@ -667,24 +682,3 @@ class EncryptionDetailView(generic.TemplateView):
def get_redirect_url(self): def get_redirect_url(self):
return reverse('horizon:project:volumes:index') return reverse('horizon:project:volumes:index')
class DownloadTransferCreds(generic.View):
@method_decorator(never_cache)
def get(self, request, transfer_id, auth_key):
try:
transfer = cinder.transfer_get(self.request, transfer_id)
except Exception:
transfer = None
context = {'transfer': {
'name': getattr(transfer, 'name', ''),
'id': transfer_id,
'auth_key': auth_key,
}}
response = shortcuts.render(
request,
'project/volumes/download_transfer_creds.html',
context, content_type='application/text')
response['Content-Disposition'] = (
'attachment; filename=%s.txt' % slugify(transfer_id))
return response