Possible solution for connecting via docker-ansible and adding level of information when running ansible

Author: AleDouglas

WebApi/backend/DAL/DAO/apiDAO.py

@@ -8,6 +8,12 @@ def getAllApi():
 def getApi(id):
     return ApiKey.objects.get(id=int(id))
 
+def searchApi(key):
+    try:
+        return ApiKey.objects.get(key=key)
+    except:
+        return False
+
 def createKey(title):
     credential = ApiKey(
         title=title,

WebApi/backend/integrations/ansible.py

@@ -9,7 +9,7 @@ def __init__(self):
         self.ciscoPlaybook = 'backend/integrations/communs/cisco/playbook.yml'
         self.ansibleHost = 'backend/integrations/communs/ansible/hosts.yml'
         self.ansiblePlaybook = 'backend/integrations/communs/ansible/playbook.yml'
-        self.ansibleCFG = 'backend/integrations/communs/ansible/ansible.cfg'
+        self.ansibleCFG = 'ansible_cfg=backend/integrations/communs/ansible/ansible.cfg'
 
     def write_ansible_host(self, string, switch, password, username):
         user_str = f"        ansible_user: {username}\n"
@@ -61,9 +61,16 @@ def write_ansible_playbook(self, string, switch):
         except:
             return False
 
-    def run_ansible(self):
+    def run_ansible(self, ansible_level):
         try:
-            command = ['ansible-playbook', self.ansiblePlaybook, '-i', self.ansibleHost]
+            if int(ansible_level) == 0:
+                command = ['ansible-playbook', self.ansiblePlaybook, '-i', self.ansibleHost, '-e', self.ansibleCFG]
+            elif int(ansible_level) == 1:
+                command = ['ansible-playbook', self.ansiblePlaybook, '-i', self.ansibleHost, '-e', self.ansibleCFG, '-v']
+            elif int(ansible_level) == 2:
+                command = ['ansible-playbook', self.ansiblePlaybook, '-i', self.ansibleHost, '-e', self.ansibleCFG, '-vvv']
+            else:
+                command = ['ansible-playbook', self.ansiblePlaybook, '-i', self.ansibleHost, '-e', self.ansibleCFG, '-vvvvv']
             output = subprocess.check_output(command, stderr=subprocess.STDOUT, universal_newlines=True)
             self.clear_data()
             return output

WebApi/backend/urls.py

@@ -18,5 +18,6 @@
     path('user/<int:pk>/edit/', UpdateUserView.as_view(), name='userEdit'),
     path('user/<int:pk>/delete/', DeleteUserView.as_view(), name='userDelete'),
     path('api/', ApiPageView.as_view(), name='apiKey'),
+    path('api/v1/', ApiResponseView.as_view(), name='apiResponse'),
     path('api/key/<int:pk>/delete/', ApiDeleteView.as_view(), name='keyDelete'),
 ]

WebApi/backend/views/ansible.py

@@ -2,12 +2,11 @@
 from django.shortcuts import render
 from django.contrib.auth.mixins import LoginRequiredMixin
 from django.views.generic import TemplateView
-from backend.views.utils import AdminRequired
 from backend.DAL.DAO.logDAO import *
 from backend.DAL.DAO.deviceDAO import *
 from backend.integrations.ansible import *
 
-class AnsibleView(AdminRequired, TemplateView):
+class AnsibleView(LoginRequiredMixin, TemplateView):
     template_name = 'ansible.html'
     ansible = AnsibleSwitchConnector()
 
@@ -17,27 +16,28 @@ def get_context_data(self, **kwargs):
         context['credentials'] = credentials
         return context
 
-    def execute_command(self, playbook, host, switch, username, password):
+    def execute_command(self, playbook, host, switch, username, password, ansible_level):
         # Adicionar verificações de segurança aqui
         try:
             self.ansible.write_ansible_playbook(playbook, str(switch))
             self.ansible.write_ansible_host(host, switch = str(switch), username = username, password = password)
-            output = self.ansible.run_ansible()
+            output = self.ansible.run_ansible(ansible_level)
             return output
         except:
             return "Error when trying to run ansible"
 
     def post(self, request ,*args, **kwargs):
         playbook = request.POST.get('playbook')
+        ansible_level = request.POST.get('ansible_level')
         host = request.POST.get('host')
         switch = request.POST.get('switch')
         username = request.POST.get('username')
         password = request.POST.get('password')
         if request.POST.get('credential') == "none":
-            output = self.execute_command(playbook, host, switch, username, password)
+            output = self.execute_command(playbook, host, switch, username, password, ansible_level)
         else:
             credential = getDeviceCredential(request.POST.get('credential'))
-            output = self.execute_command(playbook, host, switch, credential.username, credential.password)
+            output = self.execute_command(playbook, host, switch, credential.username, credential.password, ansible_level)
         createLog(
             user=f"{request.user}",
             date=datetime.now().strftime("%d-%m-%Y"),

WebApi/backend/views/api.py

@@ -1,9 +1,15 @@
+from rest_framework.views import APIView
+from rest_framework.response import Response
 from django.shortcuts import render
 from django.views.generic import TemplateView, UpdateView, DeleteView
 from django.urls import reverse_lazy
 from backend.views.utils import AdminRequired
 from backend.DAL.DAO.apiDAO import *
+from backend.DAL.DAO.logDAO import *
 from backend.DAL.models.api import ApiKey
+from backend.integrations.ansible import *
+
+
 
 class ApiPageView(AdminRequired, TemplateView):
     template_name = 'api.html'
@@ -20,6 +26,15 @@ def post(self, request ,*args, **kwargs):
             title = request.POST.get('title'),
         )
         result = "The key have been successfully upgraded."
+        createLog(
+            user=f"{request.user}",
+            date=datetime.now().strftime("%d-%m-%Y"),
+            hour=datetime.now().strftime("%H:%M:%S"),
+            switch="Unused function",
+            playbook="Unused function",
+            host="Unused function",
+            output="The user generated an API access key.",
+        )
         return self.render_to_response(self.get_context_data(result = result))
 
 class ApiDeleteView(AdminRequired, DeleteView):
@@ -31,4 +46,28 @@ def get_context_data(self, **kwargs):
         context = super().get_context_data(**kwargs)
         context['settings'] = 1
         context['page'] = "Delete Key"
-        return context
+        return context
+
+
+class ApiResponseView(APIView):
+
+    def execute_command(self, playbook, host, switch, username, password):
+        # Adicionar verificações de segurança aqui
+        try:
+            self.ansible.write_ansible_playbook(string = playbook, switch = str(switch))
+            self.ansible.write_ansible_host(string = host, switch = str(switch), username = username, password = password)
+            output = self.ansible.run_ansible()
+            return output
+        except:
+            return "Error when trying to run ansible"
+
+    def post(self, request, format=None):
+        data = request.data
+        key = searchApi(data['key'])
+        if key == False:
+            return Response("Key not found, access denied")
+        try:
+            output = execute_command(playbook = data['command'], host = data['host'], switch = data['switch'], username = data['username'], password = data['password'])
+            return Response(output)
+        except:
+            return Response("Please verify the variables used, remembering that the following fields are required: key, command, host, switch, username, password.")

WebApi/backend/views/user.py

@@ -6,6 +6,7 @@
 from django.urls import reverse_lazy
 from django.db.models import Q
 from backend.views.utils import AdminRequired
+from backend.DAL.DAO.logDAO import *
 
 
 class UserPageView(AdminRequired, TemplateView):
@@ -37,9 +38,27 @@ def post(self, request ,*args, **kwargs):
         if form.is_valid():
             user = form.save()
             result = "Success in creating user"
+            createLog(
+            user=f"{request.user}",
+            date=datetime.now().strftime("%d-%m-%Y"),
+            hour=datetime.now().strftime("%H:%M:%S"),
+            switch="Unused function",
+            playbook="Unused function",
+            host="Unused function",
+            output="A new user has been created",
+            )
             return render(request, self.template_name, {'result': result})
         else:
             result = "Error in creating user"
+            createLog(
+            user=f"{request.user}",
+            date=datetime.now().strftime("%d-%m-%Y"),
+            hour=datetime.now().strftime("%H:%M:%S"),
+            switch="Unused function",
+            playbook="Unused function",
+            host="Unused function",
+            output="Attempted to generate a new user, but an error occurred.",
+            )
             return render(request, self.template_name, {'result': result})
 
 

WebApi/backend/views/utils.py

@@ -8,4 +8,4 @@ def test_func(self):
         return user.is_staff # Verificando
 
     def handle_no_permission(self):
-        return HttpResponseForbidden('ACCESS FORBIDDEN! ONLY ADMINISTRATORS CAN ACCESS THIS PAGE.')
+        return HttpResponseForbidden('ACCESS FORBIDDEN! ONLY ADMINISTRATORS CAN ACCESS THIS PAGE.')

WebApi/core/settings.py

@@ -45,6 +45,7 @@
     'allauth',
     'allauth.account',
     'backend.apps.BackendConfig',
+    'rest_framework',
 ]
 
 MIDDLEWARE = [

WebApi/frontend/templates/ansible.html

@@ -18,6 +18,17 @@ <h1>Ansible Configuration</h1>
         {% endfor %}
     </select>
 </div>
+
+<div class="form-group">
+    <label for="exampleFormControlInput1">Ansible information level</label>
+    <select class="custom-select" style="width: 100%;" id="ansible_level" name="ansible_level">
+        <option value="0" selected>Standard</option>
+        <option value="1">Basic</option>
+        <option value="2">Intermediary</option>
+        <option value="3">Advanced</option>
+    </select>
+</div>
+
 <div class="form-group">
     <label for="exampleFormControlInput1">Switch SSH Username</label>
     <input class="form-control" type="text" name="username" placeholder="Username" id="username">

WebApi/frontend/templates/api.html

@@ -6,10 +6,10 @@
 
 {% if settings == 0 %}
 <h1>Manage Api</h1>
-
+<hr>
 <form method="post">
 {% csrf_token %}
-<label class="form-label">Generate Key</label>
+<h3 class="form-label">Create Key</h3>
 <div class="input-group">
 <div class="form-outline">
 <input type="search" class="form-control" placeholder="Key Title" name="title">
@@ -24,7 +24,7 @@ <h1>Manage Api</h1>
 
 
 
-
+<h4 style="margin-top: 30px;margin-bottom: 15px;">List of generated keys</h4>
 <div class="col-md-12">
     <div class="panel panel-default">
         <div class="panel-heading">
@@ -73,11 +73,46 @@ <h1>Manage Api</h1>
         </div>
     </div> 
 </div>
+<hr>
+<h1 style="margin-top: 30px;margin-bottom: 15px;">Examples of <span style="color: #4723D9">API requests</span></h1>
+<h3>Python</h3>
+<pre>
+    <code>
+        import requests
+
+        def run_request():
+            url = 'http://127.0.0.1:8000/api/v1/'
+            data = {
+                'key': 'testekeypass',
+                'switch': 'huawei'
+                'host': '10.0.0.0'
+                'username': 'testeuser',
+                'password': 'testepass',
+                'command': 'display vlan',
+            }
+
+            response = requests.post(url, data=data)
+
+            if response.status_code == 200:
+                # Successful request, handle the response here
+                result = response.json()
+                print(result)
+            else:
+                # Error
+                print('Error:', response.status_code)
+
+        if __name__ == '__main__':
+            run_request()
+    </code>
+</pre>
 {% else %}
 <p>Are you sure you want to delete "{{ object }}"?</p>
+<form method="POST">
+    {% csrf_token %}
 <div class="text-center">
     <button type="submit" class="btn btn-danger px-5 mb-5 w-100">Confirm</button>
 </div>
+</form>
 {% endif %}
 
 <style>