Source code for management.views.settings

"""Settings views."""

from __future__ import annotations

import logging
import json
from typing import TYPE_CHECKING

from django.contrib import messages
from django.shortcuts import redirect, render
from django.urls import reverse, reverse_lazy
from django.utils.encoding import force_str
from django.utils.translation import gettext as _
from django.views import View
from django.views.generic.edit import FormView
from django import forms
from notifications.models import NotificationConfig, WeakECCCurve, WeakSignatureAlgorithm
from pki.util.keys import AutoGenPkiKeyAlgorithm
from trustpoint.page_context import PageContextMixin

from management.forms import SecurityConfigForm
from management.models import SecurityConfig, LoggingConfig
from management.security.features import AutoGenPkiFeature
from management.security.mixins import SecurityLevelMixin

if TYPE_CHECKING:
    from typing import Any
    from django.http import HttpRequest, HttpResponse




[docs]
LOG_LEVELS=['DEBUG', 'INFO', 'WARNING', 'ERROR', 'CRITICAL']




[docs]
class SettingsView(PageContextMixin, SecurityLevelMixin, FormView):


[docs]
    template_name = 'management/settings.html'




[docs]
    form_class = SecurityConfigForm




[docs]
    success_url = reverse_lazy('management:settings')





[docs]
    page_category = 'management'




[docs]
    page_name = 'settings'





[docs]
    def get_form_kwargs(self):
        kwargs = super().get_form_kwargs()
        try:
            security_config = SecurityConfig.objects.get(id=1)
        except SecurityConfig.DoesNotExist:
            security_config = SecurityConfig.objects.create(
                notification_config=NotificationConfig.objects.create()
            )
        kwargs['instance'] = security_config
        return kwargs





[docs]
    def form_valid(self, form: SecurityConfigForm):
        old_conf = SecurityConfig.objects.get(pk=form.instance.pk) if form.instance.pk else None
        form.save()

        if 'security_mode' in form.changed_data:
            old_value = getattr(old_conf, 'security_mode', None) if old_conf else None
            new_value = form.cleaned_data.get('security_mode', None)

            # Safely convert to int for comparison (default to 0 if None)
            old_int = int(old_value) if old_value else 0
            new_int = int(new_value)

            if new_int > old_int:
                self.sec.reset_settings(new_value)

            form.instance.apply_security_settings()

        if 'auto_gen_pki' in form.changed_data:
            old_auto = getattr(old_conf, 'auto_gen_pki', None) if old_conf else None
            new_auto = form.cleaned_data.get('auto_gen_pki', None)

            if old_auto != new_auto and new_auto:
                # autogen PKI got enabled
                key_alg = AutoGenPkiKeyAlgorithm(form.cleaned_data.get('auto_gen_pki_key_algorithm'))
                self.sec.enable_feature(AutoGenPkiFeature, key_alg)

            elif old_auto != new_auto and not new_auto:
                # autogen PKI got disabled
                AutoGenPkiFeature.disable()

        messages.success(self.request, _('Your changes were saved successfully.'))
        return super().form_valid(form)





[docs]
    def form_invalid(self, form: SecurityConfigForm):
        messages.error(self.request, _('Error saving the configuration'))
        return self.render_to_response(self.get_context_data(form=form))





[docs]
    def get_context_data(self, **kwargs: dict) -> dict[str, Any]:
        context = super().get_context_data(**kwargs)
        context['page_category'] = 'management'
        context['page_name'] = 'settings'
        notification_configurations = SecurityConfig.NOTIFICATION_CONFIGURATIONS

        for settings in notification_configurations.values():
            ecc_choices = dict(WeakECCCurve.ECCCurveChoices.choices)
            signature_choices = dict(WeakSignatureAlgorithm.SignatureChoices.choices)

            settings['weak_ecc_curves'] = [
                force_str(ecc_choices.get(oid, oid)) for oid in settings.get('weak_ecc_curves', [])
            ]

            settings['weak_signature_algorithms'] = [
                force_str(signature_choices.get(oid, oid)) for oid in settings.get('weak_signature_algorithms', [])
            ]

        context['notification_configurations_json'] = json.dumps(notification_configurations)
        context["loglevels"] = LOG_LEVELS
        current_level_num = logging.getLogger().getEffectiveLevel()
        context["current_loglevel"] = logging.getLevelName(current_level_num)

        return context








[docs]
class ChangeLogLevelView(View):


[docs]
    def post(self, request):
        level = request.POST.get('loglevel', '').upper()
        if level not in LOG_LEVELS:
            messages.error(request, f"Invalid log level: {level}")
        else:
            logger = logging.getLogger()
            logger.setLevel(getattr(logging, level))
            LoggingConfig.objects.update_or_create(
                id=1,
                defaults={'log_level': level}
            )
            messages.success(request, f"Log level set to {level}")

        return redirect(reverse('management:settings'))