From 615c7a0945a80478b91b37a3a5a80b018d8bfb01 Mon Sep 17 00:00:00 2001 From: Radomir Dopieralski Date: Mon, 25 Mar 2024 12:10:11 +0100 Subject: [PATCH] Don't pass the auth_key for volume transfer in the URL Instead we pass it as data in the POST request. Change-Id: I9085eb146b8f013909f6369b731c076aba3216ab --- .../dashboards/project/volumes/forms.py | 21 +++--- .../templates/volumes/_show_transfer.html | 7 -- .../dashboards/project/volumes/urls.py | 5 +- .../dashboards/project/volumes/views.py | 74 +++++++++---------- 4 files changed, 44 insertions(+), 63 deletions(-) diff --git a/openstack_dashboard/dashboards/project/volumes/forms.py b/openstack_dashboard/dashboards/project/volumes/forms.py index 3d89d365f..72e85c1f1 100644 --- a/openstack_dashboard/dashboards/project/volumes/forms.py +++ b/openstack_dashboard/dashboards/project/volumes/forms.py @@ -598,22 +598,21 @@ class CreateTransferForm(forms.SelfHandlingForm): return cleaned_name def handle(self, request, data): + volume_id = self.initial['volume_id'] try: - volume_id = self.initial['volume_id'] transfer = cinder.transfer_create(request, volume_id, data['name']) - - msg = _('Created volume transfer: "%s".') % data['name'] - messages.success(request, msg) - kwargs = { - 'transfer_id': transfer.id, - 'auth_key': transfer.auth_key - } - request.method = 'GET' - return self.next_view.as_view()(request, **kwargs) except Exception: redirect = reverse("horizon:project:volumes:index") exceptions.handle(request, _('Unable to create volume transfer.'), redirect=redirect) + else: + msg = _('Created volume transfer: "%s".') % data['name'] + messages.success(request, msg) + request.method = 'GET' + return self.next_view.as_view()( + request, transfer_id=transfer.id, + auth_key=transfer.auth_key, + ) class AcceptTransferForm(forms.SelfHandlingForm): @@ -652,7 +651,7 @@ class ShowTransferForm(forms.SelfHandlingForm): required=False) def handle(self, request, data): - pass + return True class UpdateForm(forms.SelfHandlingForm): diff --git a/openstack_dashboard/dashboards/project/volumes/templates/volumes/_show_transfer.html b/openstack_dashboard/dashboards/project/volumes/templates/volumes/_show_transfer.html index 2a9a68717..b061abbc0 100644 --- a/openstack_dashboard/dashboards/project/volumes/templates/volumes/_show_transfer.html +++ b/openstack_dashboard/dashboards/project/volumes/templates/volumes/_show_transfer.html @@ -11,10 +11,3 @@

{% trans "The Transfer ID and the Authorization Key are needed by the recipient in order to accept the transfer. Please capture both the Transfer ID and the Authorization Key and provide them to your transfer recipient." %}

{% trans "The Authorization Key will not be available after closing this page, so you must capture it now or download it, or else you will be unable to use the transfer." %}

{% endblock %} -{% block modal-footer %} - - - {{ download_label }} - - {{ cancel_label }} -{% endblock %} diff --git a/openstack_dashboard/dashboards/project/volumes/urls.py b/openstack_dashboard/dashboards/project/volumes/urls.py index 47555bf49..febcd4380 100644 --- a/openstack_dashboard/dashboards/project/volumes/urls.py +++ b/openstack_dashboard/dashboards/project/volumes/urls.py @@ -36,7 +36,7 @@ urlpatterns = [ re_path(r'^accept_transfer/$', views.AcceptTransferView.as_view(), name='accept_transfer'), - re_path(r'^(?P[^/]+)/auth/(?P[^/]+)/$', + re_path(r'^(?P[^/]+)/$', views.ShowTransferView.as_view(), name='show_transfer'), re_path(r'^(?P[^/]+)/create_backup/$', @@ -63,7 +63,4 @@ urlpatterns = [ re_path(r'^(?P[^/]+)/encryption_detail/$', views.EncryptionDetailView.as_view(), name='encryption_detail'), - re_path(r'^(?P[^/]+)/download_creds/(?P[^/]+)$', - views.DownloadTransferCreds.as_view(), - name='download_transfer_creds'), ] diff --git a/openstack_dashboard/dashboards/project/volumes/views.py b/openstack_dashboard/dashboards/project/volumes/views.py index d1a2027d2..29e4ccfaf 100644 --- a/openstack_dashboard/dashboards/project/volumes/views.py +++ b/openstack_dashboard/dashboards/project/volumes/views.py @@ -23,10 +23,8 @@ from django import shortcuts from django.template.defaultfilters import slugify from django.urls import reverse from django.urls import reverse_lazy -from django.utils.decorators import method_decorator from django.utils import encoding from django.utils.translation import gettext_lazy as _ -from django.views.decorators.cache import never_cache from django.views import generic from horizon import exceptions @@ -445,37 +443,52 @@ class ShowTransferView(forms.ModalFormView): modal_header = _("Volume Transfer") submit_url = "horizon:project:volumes:show_transfer" cancel_label = _("Close") - download_label = _("Download transfer credentials") + submit_label = _("Download transfer credentials") page_title = _("Volume Transfer Details") + @memoized.memoized_method def get_object(self): + transfer_id = self.kwargs['transfer_id'] try: - return self._object - except AttributeError: - transfer_id = self.kwargs['transfer_id'] - try: - self._object = cinder.transfer_get(self.request, transfer_id) - return self._object - except Exception: - exceptions.handle(self.request, - _('Unable to retrieve volume transfer.')) + return cinder.transfer_get(self.request, transfer_id) + except Exception: + exceptions.handle(self.request, + _('Unable to retrieve volume transfer.')) def get_context_data(self, **kwargs): + transfer = self.get_object() + auth_key = self.kwargs.get('auth_key') context = super().get_context_data(**kwargs) - context['transfer_id'] = self.kwargs['transfer_id'] - context['auth_key'] = self.kwargs['auth_key'] - context['download_label'] = self.download_label - context['download_url'] = reverse( - 'horizon:project:volumes:download_transfer_creds', - args=[context['transfer_id'], context['auth_key']] - ) + context.update({ + 'transfer_id': transfer.id, + 'auth_key': auth_key, + 'submit_url': reverse(self.submit_url, args=[transfer.id]), + }) return context def get_initial(self): transfer = self.get_object() + auth_key = self.kwargs.get('auth_key') return {'id': transfer.id, 'name': transfer.name, - 'auth_key': self.kwargs['auth_key']} + 'auth_key': auth_key} + + def form_valid(self, form): + transfer_id = form.cleaned_data['id'] + auth_key = form.cleaned_data['auth_key'] + name = form.cleaned_data['name'] + context = {'transfer': { + 'name': name, + 'id': transfer_id, + 'auth_key': auth_key, + }} + response = shortcuts.render( + self.request, + 'project/volumes/download_transfer_creds.html', + context, content_type='application/text') + response['Content-Disposition'] = ( + 'attachment; filename=%s.txt' % slugify(transfer_id)) + return response class UpdateView(forms.ModalFormView): @@ -667,24 +680,3 @@ class EncryptionDetailView(generic.TemplateView): def get_redirect_url(self): return reverse('horizon:project:volumes:index') - - -class DownloadTransferCreds(generic.View): - @method_decorator(never_cache) - def get(self, request, transfer_id, auth_key): - try: - transfer = cinder.transfer_get(self.request, transfer_id) - except Exception: - transfer = None - context = {'transfer': { - 'name': getattr(transfer, 'name', ''), - 'id': transfer_id, - 'auth_key': auth_key, - }} - response = shortcuts.render( - request, - 'project/volumes/download_transfer_creds.html', - context, content_type='application/text') - response['Content-Disposition'] = ( - 'attachment; filename=%s.txt' % slugify(transfer_id)) - return response -- 2.43.0