[feature] Add API endpoint to return device group info based on the certificate common name #491
Closed
2 of 4 tasks
Assignees
Labels
Comments
nemesifier
changed the title
|
PS: the organization passed as input cannot be only one unfortunately, we'll have to change this a bit to allow passing multiple organization slugs, look in all of them and return the first occurrence |
Can we use a index table in database to cache this? |
pandafy
pushed a commit
to pandafy/openwisp-controller
that referenced
this issue
Apr 7, 2022
- Chnaged the endpoints pattern - Removed tests for `DeviceLocation` endpoints - Updated docs with new pattern of endpoints [api] Updated the `devicelocation` view in `GEO` app endpoint [api] Added the delete option for the `device_location` endpoint [docs] Added `delete` in the device location API documentation [fix] Context variable follows template order openwisp#484 If two or more applied templates have "default_values" with same keys, then the context variables of the template with comes later in order will be used. Fixes openwisp#484 Co-authored-by: Federico Capoano <[email protected]> [feature] Added support for ED25519 SSH keys Additionally shows a validation error if the private key being inserted during credential creation is invalid or not supported (supporting only RSA and ED25519 since they're the widely accepted secure algorithms). [feature] Allow searching for address in Device Admin [change] Execute credentials auto_add in the background openwisp#479 Closes openwisp#479 [feature] Added device groups openwisp#203 A group can be specified for devices, i.e. DeviceGroup. DeviceGroup can contain metadata about group of devices in JSON format. JSONSchema can be set systemwide for validating and building the UI users will use to fill the metadata. Added REST API endpoint for listing, creating and retrieving DeviceGroups. Implements and closes openwisp#203 [feature] Added connection app REST API openwisp#464 Closes openwisp#464 [deps] Increased min django-flat-json version to 0.1.3 openwisp#502 Fixes openwisp#502 [chores] Admin improvements for groups - added group filter in device list - added description and meta_data to search_fields [feature] Added REST API for PKI app (certs and CAs) openwisp#462 Implements and closes openwisp#462 [feature] Add API endpoint to return device group info based on the certificate common name openwisp#491 - [change!] Common name and Organization unique together for Cert and Ca models - [deps] Added shortuuid~=1.0.1 - [feature] Added API endpoint to return device group using certificate common name openwisp#491 Closes openwisp#491 [fix] Fixed JSONSchema editor select2 fields getting disabled openwisp#505 The issue arose because the JSON Schema library uses selec2('enable') for enabling or disabling select2 fields. According to the "Migrating from 3.5" section in select2 documentation, select2('enable') has been deprecated. The solution is to override the methods using it to simply modify select2.disabled property. Closes openwisp#505 [fix] Fixed advanced editor quirks openwisp#506 Bugs fixed: - Executing a command, would raise a 'Invalid JSON' alert in the advance mode of the configuration even if the JSON is valid - The device page deals with two schema and the container for advance mode editor used 'id="advanced_editor"'. Fetching the advance mode editor using the 'id' always returned the first occurence (advance mode editor of configuration). This used to create multiple advance mode editor DOM elements inside the container all of which had their own event listeners. Hence, full screen toggling was not working properly. Closes openwisp#506 [fix] JSONSchema Editor maxlength modification handle non-existent schema objects openwisp#353 Related to openwisp#353 [change] Switch to new nav menu openwisp#472 Closes openwisp#472 [api] Re-introduced `DeviceLocation` endpoints [api] Upgraded existing Device Location endpoint [tests] Added tests for device location endpoint [change] Minor code improvements [tests] Added tests for changing location detail and coordinates [api] Added support of creating a floorplan along with location [api] Added update method to `Location` serializer [api] Added support of creating/updating floorplan with location [change] Added option to change device location detail with token [tests] Added tests for create location endpoint of indoor type [change] Minor bug fix and added tests for the endpoints [tests] Minor typo fix [change] Improved docs & optimized number of queries [docs] Improvement in the docs related to devicelocation endpoint [api] Fixed device location endpoint added TokenAuthentication [docs] Updated info on how to use the device location endpoints [change] Added tests and improved devicelocation permission logic [change] Fixed the validation error raised due to image format [change!] Removed the creation of devicelocation with GET request [fix] Included PKI API URLs to `controller.urls` file openwisp#511 Closes openwisp#511 [chores] Ensure Device.group.verbose_name is lowercase for consistency [fix] Fixed 0010 pki migration when cert serial_number is None [fix] CommandFailedException: ensure error message is always present If a command with suppressed output failed, CommandFailedException would be raised with an emptry string as argument, which makes debugging issues really hard. In this cases we shall instantiate the exception with the same message passed to the log. [fix/tests] TestSsh: fixed assert_has_calls not being called I found out these assertions were not being called while working on the previous commit. [fix] Registered menu group in connection app openwisp#512 Closes openwisp#512 [fix] Fixed new theme issues in config editor and command inputs Co-authored-by: Federico Capoano <[email protected]> [test] Fixed failing tests due to openwisp-utils menu changes Co-authored-by: Pedro Peña <[email protected]> [docs] Updated docs about limitations of device location endpoint [tests] Fixed tests causing CI to fail
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Follow up to #203.
We need an API endpoint that is called by captive portals like PfSense to determine the captive page defined in the group meta data of OpenWISP.
The API endpoint will return the device group infomation, including the meta data (which in these legacy use cases will contain the captive page URL), given two input parameters: organizaton slug and certificate common name.
We need to implement this feature to provide backward compatibility to installations using OpenWISP 1.
REST API
organization_slugandcommon_name; in short, given an organization slug and common name, we should find the x509 certificate with that common name and organization, find which vpnclient is associated to and hence find the device and return its group, if anything fails we'll return 404 a specific device based on the common name of a certificate associated as VPN client to a device, eg:/api/v1/controller/{organization_slug}/certificate/{common_name}/group/, we need to filter by organization becasue the samecommon_namecould be in different orgs.Other cleanup
Cert.common_nameandCa.common_nameare not unique per organization so in this patch we should also change these two models so that thefieldscommon_nameandorganizationare flagged asunique_together(there should be a new way to do this in django)organization=Nonewould skip the unique together check and we have to double check thisThe text was updated successfully, but these errors were encountered: