tuskar-ui/horizon/utils/fields.py
Tihomir Trifonov cb48cebefc Implementation of blueprint ip-validation
First draft. Added a forms.Field wrapper for IPAddress.
Implemented IPv4 and IPv6 checks, subnet mask range,
optional mask range limitation.

As far as I see now, there is only 1 place in Dashboard
to accept IP fields as input - the Security rules.
I've tried to input IPv6 rule and it was accepted.
The previous version of the code doesn't accept
IPv6, only IPv4. I am not sure if IPv6 should be
accepted here. It however works.

Patch set 3: Now using netaddr library(used also by nova),
which provides support for validation of IP addresses.
Using this library, now the IPField can support more
ways to enter an IP - like short versions:
10/8 - for all 10.xxx.xxx.xxx
192.168/16 - for all 192.168.xxx.xxx

Regarding IPy library - it performs some strict
subnet validation, which will not accept cidr like this:
192.168.1.1/20
because the only mask that matches this IP is 32.
IPy doesn't allow broader masks. But my assumption is
that the operators should take the responsibility for
the data they enter. At least this CIDR is valid after all.

Change-Id: Ie497fe65fde3af25a18109a182ab78255ad7ec60
2012-05-11 00:23:44 +03:00

85 lines
2.7 KiB
Python

import re
import netaddr
from django.core.exceptions import ValidationError
from django.forms import forms
from django.utils.translation import ugettext as _
ip_allowed_symbols_re = re.compile(r'^[a-fA-F0-9:/\.]+$')
IPv4 = 1
IPv6 = 2
class IPField(forms.Field):
"""
Form field for entering IP/range values, with validation.
Supports IPv4/IPv6 in the format:
.. xxx.xxx.xxx.xxx
.. xxx.xxx.xxx.xxx/zz
.. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
.. ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff/zz
and all compressed forms. Also the short forms
are supported:
xxx/yy
xxx.xxx/yy
.. attribute:: version
Specifies which IP version to validate,
valid values are 1 (fields.IPv4), 2 (fields.IPv6) or
both - 3 (fields.IPv4 | fields.IPv6).
Defaults to IPv4 (1)
.. attribute:: mask
Boolean flag to validate subnet masks along with IP address.
E.g: 10.0.0.1/32
.. attribute:: mask_range_from
Subnet range limitation, e.g. 16
That means the input mask will be checked to be in the range
16:max_value. Useful to limit the subnet ranges
to A/B/C-class networks.
"""
invalid_format_message = _("Incorrect format for IP address")
invalid_version_message = _("Invalid version for IP address")
invalid_mask_message = _("Invalid subnet mask")
max_v4_mask = 32
max_v6_mask = 128
def __init__(self, *args, **kwargs):
self.mask = kwargs.pop("mask", None)
self.min_mask = kwargs.pop("mask_range_from", 0)
self.version = kwargs.pop('version', IPv4)
super(IPField, self).__init__(*args, **kwargs)
def validate(self, value):
super(IPField, self).validate(value)
if not value and not self.required:
return
try:
if self.mask:
self.ip = netaddr.IPNetwork(value)
else:
self.ip = netaddr.IPAddress(value)
except:
raise ValidationError(self.invalid_format_message)
if not any([self.version & IPv4 > 0 and self.ip.version == 4,
self.version & IPv6 > 0 and self.ip.version == 6]):
raise ValidationError(self.invalid_version_message)
if self.mask:
if self.ip.version == 4 and \
not self.min_mask <= self.ip.prefixlen <= self.max_v4_mask:
raise ValidationError(self.invalid_mask_message)
if self.ip.version == 6 and \
not self.min_mask <= self.ip.prefixlen <= self.max_v6_mask:
raise ValidationError(self.invalid_mask_message)
def clean(self, value):
super(IPField, self).clean(value)
return str(getattr(self, "ip", ""))