Fixes #1567: Prompt user for session key when importing secrets

2025-07-22 20:12:00 -06:00 · 2017-10-10 13:22:40 -04:00 · 2017-10-10 13:22:40 -04:00 · 8403e91fc9
commit 8403e91fc9
parent c300879995
4 changed files with 9 additions and 67 deletions
--- a/netbox/project-static/js/secrets.js
+++ b/netbox/project-static/js/secrets.js
@ -18,7 +18,7 @@ $(document).ready(function() {
    $('form').submit(function(event) {
        $(this).find('.requires-session-key').each(function() {
            if (this.value && document.cookie.indexOf('session_key') == -1) {
-                console.log('Field ' + this.value + ' requires a session key');
+                console.log('Field ' + this.name + ' requires a session key');
                $('#privkey_modal').modal('show');
                event.preventDefault();
                return false;
--- a/netbox/secrets/views.py
+++ b/netbox/secrets/views.py
@ -203,7 +203,9 @@ class SecretBulkImportView(BulkImportView):
    permission_required = 'ipam.add_vlan'
    model_form = forms.SecretCSVForm
    table = tables.SecretTable
+    template_name = 'secrets/secret_import.html'
    default_return_url = 'secrets:secret_list'
+    widget_attrs = {'class': 'requires-session-key'}

    master_key = None

--- a/netbox/templates/secrets/secret_import.html
+++ b/netbox/templates/secrets/secret_import.html
@ -1,70 +1,8 @@
-{% extends '_base.html' %}
+{% extends 'utilities/obj_import.html' %}
 {% load static from staticfiles %}
-{% load form_helpers %}

 {% block content %}
-<h1>{% block title %}Secret Import{% endblock %}</h1>
-<div class="row">
-	<div class="col-md-6">
-        {% if form.non_field_errors %}
-            <div class="panel panel-danger">
-                <div class="panel-heading"><strong>Errors</strong></div>
-                <div class="panel-body">
-                    {{ form.non_field_errors }}
-                </div>
-            </div>
-        {% endif %}
-		<form action="." method="post" class="form">
-		    {% csrf_token %}
-		    {% render_form form %}
-            <div class="form-group">
-                <div class="col-md-12 text-right">
-		            <button type="submit" class="btn btn-primary">Submit</button>
-		            {% if return_url %}
-                        <a href="{% url return_url %}" class="btn btn-default">Cancel</a>
-                    {% endif %}
-                </div>
-            </div>
-		</form>
-	</div>
-	<div class="col-md-6">
-		<h4>CSV Format</h4>
-		<table class="table">
-			<thead>
-				<tr>
-					<th>Field</th>
-					<th>Description</th>
-					<th>Example</th>
-				</tr>
-			</thead>
-			<tbody>
-				<tr>
-					<td>Device</td>
-					<td>Name of the parent device</td>
-					<td>edge-router1</td>
-				</tr>
-				<tr>
-					<td>Role</td>
-					<td>Functional role</td>
-					<td>Login Credentials</td>
-				</tr>
-				<tr>
-					<td>Name (optional)</td>
-					<td>Username or other label</td>
-					<td>root</td>
-				</tr>
-				<tr>
-					<td>Secret</td>
-					<td>Secret data</td>
-					<td>MyP@ssw0rd!</td>
-				</tr>
-			</tbody>
-		</table>
-		<h4>Example</h4>
-		<pre>edge-router1,Login Credentials,root,MyP@ssw0rd!</pre>
-	</div>
-</div>
-
+{{ block.super }}
 {% include 'secrets/inc/private_key_modal.html' %}
 {% endblock %}

--- a/netbox/utilities/views.py
+++ b/netbox/utilities/views.py
@ -10,7 +10,7 @@ from django.contrib.contenttypes.models import ContentType
 from django.core.exceptions import ValidationError
 from django.db import transaction, IntegrityError
 from django.db.models import ProtectedError
-from django.forms import CharField, Form, ModelMultipleChoiceField, MultipleHiddenInput, TypedChoiceField
+from django.forms import CharField, Form, ModelMultipleChoiceField, MultipleHiddenInput, Textarea, TypedChoiceField
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404, redirect, render
 from django.template import TemplateSyntaxError
@ -380,11 +380,13 @@ class BulkImportView(View):
    table: The django-tables2 Table used to render the list of imported objects
    template_name: The name of the template
    default_return_url: The name of the URL to use for the cancel button
+    widget_attrs: A dict of attributes to apply to the import widget (e.g. to require a session key)
    """
    model_form = None
    table = None
    default_return_url = None
    template_name = 'utilities/obj_import.html'
+    widget_attrs = {}

    def _import_form(self, *args, **kwargs):

@ -392,7 +394,7 @@ class BulkImportView(View):
        required_fields = [name for name, field in self.model_form().fields.items() if field.required]

        class ImportForm(BootstrapMixin, Form):
-            csv = CSVDataField(fields=fields, required_fields=required_fields)
+            csv = CSVDataField(fields=fields, required_fields=required_fields, widget=Textarea(attrs=self.widget_attrs))

        return ImportForm(*args, **kwargs)