Skip to content

Commit

Permalink
Further filter fixes. (unioslo#547)
Browse files Browse the repository at this point in the history
* Add query string to logging output.
* Type checking fix (type->isinstance)
* Fix filters for Mreg (HostPolicy outstanding).
* Safer version of JSON filter to avoid SQL injections.
* Refactor, cleanup.
* Hostpolicy filter "fixes", also bump dependencies.

  - We are stuck on drf 3.14.0 due to encode/django-rest-framework#9358 until encode/django-rest-framework#9483 goes into prod, hopefully 3.15.3.

* Skeleton for testing filters.
* Add iexact support, add cases. Fix toml.
* Move to ruff formater.
* More tests.

  - Add ip support.
  - Add reverse lookups.

* Hostpolicy filter tests.
  - Also reformat as per ruff.
* Add a test for filtering on ?id= for hosts.
  - This should catch the generic issue of filtering on IDs. Ideally we'd do this for every model that supports ID...
* support `__in`.
* Support CIDR matching.
   - Match exact CIDR or IP within a CIDR.
  • Loading branch information
terjekv authored Aug 22, 2024
1 parent 8952b79 commit 9df966e
Show file tree
Hide file tree
Showing 8 changed files with 657 additions and 130 deletions.
63 changes: 48 additions & 15 deletions hostpolicy/api/v1/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
from rest_framework import status
from rest_framework.response import Response

from django_filters import rest_framework as rest_filters
from django_filters import rest_framework as filters
from rest_framework import filters as rest_filters

from hostpolicy.api.permissions import IsSuperOrHostPolicyAdminOrReadOnly
from hostpolicy.models import HostPolicyAtom, HostPolicyRole
Expand All @@ -18,39 +19,71 @@
from mreg.mixins import LowerCaseLookupMixin
from mreg.models.host import Host

from . import serializers

# For some reason the name field for filtersets for HostPolicyAtom and HostPolicyRole does
# not support operators (e.g. __contains, __regex) in the same way as other fields. Yes,
# the name field is a LowerCaseCharField, but the operators work fine in mreg proper.
# To resolve this issue, we create custom fields for the filtersets that use the name field.
from mreg.api.v1.filters import STRING_OPERATORS, INT_OPERATORS

class HostPolicyAtomFilterSet(rest_filters.FilterSet):
name__contains = rest_filters.CharFilter(field_name="name", lookup_expr="contains")
name__regex = rest_filters.CharFilter(field_name="name", lookup_expr="regex")
from . import serializers

# Note that related lookups don't work at the moment, so we need to do them explicitly.
class HostPolicyAtomFilterSet(filters.FilterSet):
class Meta:
model = HostPolicyAtom
fields = "__all__"
fields = {
"name": STRING_OPERATORS,
"create_date": INT_OPERATORS,
"updated_at": INT_OPERATORS,
"description": STRING_OPERATORS,
"roles": INT_OPERATORS,
}


class HostPolicyRoleFilterSet(filters.FilterSet):
# This seems to be required due to the many-to-many relationships?
atoms__name__exact = filters.CharFilter(field_name='atoms__name', lookup_expr='exact')
atoms__name__contains = filters.CharFilter(field_name='atoms__name', lookup_expr='contains')
atoms__name__regex = filters.CharFilter(field_name='atoms__name', lookup_expr='regex')

hosts__name__exact = filters.CharFilter(field_name='hosts__name', lookup_expr='exact')
hosts__name__contains = filters.CharFilter(field_name='hosts__name', lookup_expr='contains')
hosts__name__regex = filters.CharFilter(field_name='hosts__name', lookup_expr='regex')

labels__name__exact = filters.CharFilter(field_name='labels__name', lookup_expr='exact')
labels__name__contains = filters.CharFilter(field_name='labels__name', lookup_expr='contains')
labels__name__regex = filters.CharFilter(field_name='labels__name', lookup_expr='regex')

class HostPolicyRoleFilterSet(rest_filters.FilterSet):
name__contains = rest_filters.CharFilter(field_name="name", lookup_expr="contains")
name__regex = rest_filters.CharFilter(field_name="name", lookup_expr="regex")
class Meta:
model = HostPolicyRole
fields = "__all__"
fields = {
"name": STRING_OPERATORS,
"create_date": INT_OPERATORS,
"updated_at": INT_OPERATORS,
"hosts": INT_OPERATORS,
"atoms": INT_OPERATORS,
"labels": INT_OPERATORS,
}

class HostPolicyAtomLogMixin(HistoryLog):

log_resource = 'hostpolicy_atom'
model = HostPolicyAtom
filter_backends = (
rest_filters.SearchFilter,
filters.DjangoFilterBackend,
rest_filters.OrderingFilter,
)
ordering_fields = "__all__"



class HostPolicyRoleLogMixin(HistoryLog):

log_resource = 'hostpolicy_role'
model = HostPolicyRole
filter_backends = (
rest_filters.SearchFilter,
filters.DjangoFilterBackend,
rest_filters.OrderingFilter,
)
ordering_fields = "__all__"


class HostPolicyPermissionsListCreateAPIView(M2MPermissions,
Expand Down
Loading

0 comments on commit 9df966e

Please sign in to comment.