From 13b66dd32874c502e370853d63beb5a435bdf676 Mon Sep 17 00:00:00 2001
From: Avijit Saha <avijit@vt.edu>
Date: Wed, 20 Sep 2017 12:44:22 -0400
Subject: [PATCH] Addition of passwords manager feature on UI

---
 Web_Server/static/app_js/pwd_mngr.js          |  98 ++++++++++
 .../common/templates/common/side_nav.html     |   1 +
 Web_Server/webapps/discovery/forms.py         |   2 +-
 .../webapps/discovery/templates/__init__.py   |   0
 .../discovery/templates/discovery/__init__.py |   0
 .../templates/discovery/manual_discovery.html |   2 +-
 .../templates/discovery/password_manager.html | 181 ++++++++++++++++++
 Web_Server/webapps/discovery/urls.py          |   4 +-
 Web_Server/webapps/discovery/views.py         |  49 +++++
 9 files changed, 334 insertions(+), 3 deletions(-)
 create mode 100644 Web_Server/static/app_js/pwd_mngr.js
 delete mode 100644 Web_Server/webapps/discovery/templates/__init__.py
 delete mode 100644 Web_Server/webapps/discovery/templates/discovery/__init__.py
 create mode 100755 Web_Server/webapps/discovery/templates/discovery/password_manager.html

diff --git a/Web_Server/static/app_js/pwd_mngr.js b/Web_Server/static/app_js/pwd_mngr.js
new file mode 100644
index 0000000..5955dd4
--- /dev/null
+++ b/Web_Server/static/app_js/pwd_mngr.js
@@ -0,0 +1,98 @@
+
+
+$( document ).ready(function() {
+    $.csrftoken();
+    $("#id_form-0-remove").attr('disabled','disabled');
+
+    $("#new_row").click(function(evt) {
+       evt.preventDefault();
+       addForm(this, 'form');
+    });
+
+    $(".delete_row").click(function(evt) {
+       evt.preventDefault();
+       deleteForm(this, 'form');
+    });
+
+    function updateElementIndex(el, prefix, ndx) {
+		var id_regex = new RegExp('(' + prefix + '-\\d+)');
+		var replacement = prefix + '-' + ndx;
+		if ($(el).attr("for"))
+            $(el).attr("for", $(el).attr("for").replace(id_regex, replacement));
+		if (el.id)
+            el.id = el.id.replace(id_regex, replacement);
+		if (el.name)
+            el.name = el.name.replace(id_regex, replacement);
+	}
+
+    function addForm(btn, prefix) {
+        var formCount = parseInt($('#id_' + prefix + '-TOTAL_FORMS').val());
+        var row = $('.dynamic-form:first').clone(true).get(0);
+        $(row).removeAttr('id').insertAfter($('.dynamic-form:last')).children('.hidden').removeClass('hidden');
+        //$(row).children().not(':last').children().each(function() {
+        $(row).children().children().each(function() {
+    	    updateElementIndex(this, prefix, formCount);
+            // updateElementIndex(this, 'remove', formCount);
+            $("#id_" + prefix + "-" + formCount + "-remove").removeAttr('disabled');
+    	    $(this).val('');
+        });
+        $(row).find('.delete-row').click(function() {
+    	    deleteForm(this, prefix);
+        });
+        $('#id_' + prefix + '-TOTAL_FORMS').val(formCount + 1);
+        $("#id_form-0-remove").attr('disabled','disabled');
+        //return false;
+    }
+
+    function deleteForm(btn, prefix) {
+        $(btn).parents('.dynamic-form').remove();
+        var forms = $('.dynamic-form');
+        $('#id_' + prefix + '-TOTAL_FORMS').val(forms.length);
+        for (var i=0, formCount=forms.length; i<formCount; i++) {
+    	    $(forms.get(i)).children().not(':last').children().each(function() {
+    	        updateElementIndex(this, prefix, i);
+    	    });
+        }
+        //return false;
+    }
+
+    $(document).on("click",".delete_device_password",function(evt){
+            evt.preventDefault();
+            deleteAuthEntry($(this), evt);
+        });
+
+    function deleteAuthEntry(btn, evt) {
+        var delete_id = $(btn).attr('id').split("_");
+        delete_id = delete_id[1];
+        values = {
+            'id': delete_id
+        };
+        var jsonText = JSON.stringify(values);
+        $.ajax({
+		  url : delete_auth_entry_url,
+		  type: 'POST',
+		  data: jsonText,
+		  dataType: 'json',
+		  success : function(data) {
+            $(btn).parents('.auth_row').remove();
+		  	$('.bottom-right').notify({
+                message: { text: 'The authentication information removal request was successful.'},
+                type: 'blackgloss',
+                fadeOut: { enabled: true, delay: 3000 }
+              }).show();
+
+            setTimeout(function () {
+                window.location.href = '/discovery/manage_dinfo';
+            }, 2000);
+		  },
+		  error: function(data) {
+			$('.bottom-right').notify({
+                message: { text: 'The authentication information removal request was unsuccessful. Please try again later.'},
+                type: 'blackgloss',
+                fadeOut: { enabled: true, delay: 5000 }
+              }).show();
+		  }
+		 });
+        //return false;
+    }
+});
\ No newline at end of file
diff --git a/Web_Server/webapps/common/templates/common/side_nav.html b/Web_Server/webapps/common/templates/common/side_nav.html
index 0cccd9b..f4f669d 100644
--- a/Web_Server/webapps/common/templates/common/side_nav.html
+++ b/Web_Server/webapps/common/templates/common/side_nav.html
@@ -67,6 +67,7 @@ under Contract DE-EE0006352
                         <li><a href="{% url 'dashboard-discover-devices' %}"> <i class="icon-angle-right"></i> Devices <span
                                 class="label label-warning pull-right"
                                 style="color:black;font-size: 14px;">{% get_value_with_default device_count 'PND' 'all' 'all' 0 %}</span></a></li>
+                        <li><a href="{% url 'discovery-passwords-manager' %}"> <i class="icon-angle-right"></i> Device Passwords Manager </a></li>
                     </ul>
                 </li>
                 <li>
diff --git a/Web_Server/webapps/discovery/forms.py b/Web_Server/webapps/discovery/forms.py
index 60ece1d..2495b74 100644
--- a/Web_Server/webapps/discovery/forms.py
+++ b/Web_Server/webapps/discovery/forms.py
@@ -49,7 +49,7 @@ from django.forms import ModelForm
 from webapps.discovery.models import PasswordsManager
 from django import forms
 from _utils.encrypt import encrypt_value as _
-from webapps.discovery.models import SupportedDevices
+from webapps.deviceinfos.models import SupportedDevices
 
 
 class PasswordManagerForm(ModelForm):
diff --git a/Web_Server/webapps/discovery/templates/__init__.py b/Web_Server/webapps/discovery/templates/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/Web_Server/webapps/discovery/templates/discovery/__init__.py b/Web_Server/webapps/discovery/templates/discovery/__init__.py
deleted file mode 100644
index e69de29..0000000
diff --git a/Web_Server/webapps/discovery/templates/discovery/manual_discovery.html b/Web_Server/webapps/discovery/templates/discovery/manual_discovery.html
index 433855f..e848509 100644
--- a/Web_Server/webapps/discovery/templates/discovery/manual_discovery.html
+++ b/Web_Server/webapps/discovery/templates/discovery/manual_discovery.html
@@ -78,6 +78,7 @@
 <!-- Custom Styles -->
 <link href="/static/css/bootstrap-notify/styles/alert-bangtidy.css" rel="stylesheet">
 <link href="/static/css/bootstrap-notify/styles/alert-blackgloss.css" rel="stylesheet">
+
     <link href="/static/css/jquery-ui.css" rel="stylesheet" type="text/css">
    <link rel="stylesheet" type="text/css" href="/static/assets/slider_enhancer/jquery-ui-slider-pips.css">
  <script class="include" type="text/javascript" src="/static/javascript/jquery-1.10.2.js"></script>
@@ -85,7 +86,6 @@
 <script src="/static/assets/slider_enhancer/jquery-ui-slider-pips.min.js"></script>
 <script class="include" type="text/javascript" src="/static/app_js/jquery.csrftoken.min.js"></script>
           <script class="include" type="text/javascript" src="/static/app_js/bootstrap-notify.js"></script>
-       <script class="include" type="text/javascript" src=/static/javascript/ui/notify.min.js"></script>
     <style>
         a.disabled_me {
            pointer-events: none;
diff --git a/Web_Server/webapps/discovery/templates/discovery/password_manager.html b/Web_Server/webapps/discovery/templates/discovery/password_manager.html
new file mode 100755
index 0000000..ce0af46
--- /dev/null
+++ b/Web_Server/webapps/discovery/templates/discovery/password_manager.html
@@ -0,0 +1,181 @@
+{% load dashboard_extras %}
+{% load switch_case %}
+{% load timedelta %}
+{% load device_count_in_zone %}
+<!DOCTYPE html>
+<html>
+<head>
+<title>Passwords Manager</title>
+
+<meta http-equiv="refresh" content="200">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<!-- Bootstrap -->
+<link href="/static/css/bootstrap.css" rel="stylesheet" media="screen">
+<link href="/static/css/thin-admin.css" rel="stylesheet" media="screen">
+<link href="/static/css/font-awesome.css" rel="stylesheet" media="screen">
+<link media="screen" rel="stylesheet" href="/static/font-awesome-4.0.3/css/font-awesome.min.css">
+<link rel="stylesheet" type="text/css" href="/static/css/fam-icons/fam-icons.css">
+<link href="/static/style/style.css" rel="stylesheet">
+<link href="/static/css/alerts.css" rel="stylesheet">
+<link href="/static/css/demo_page.css" rel="stylesheet">
+<link href="/static/css/demo_table.css" rel="stylesheet">
+<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
+<!--[if lt IE 9]>
+      <script src="../../assets/js/html5shiv.js"></script>
+      <script src="../../assets/js/respond.min.js"></script>
+    <![endif]-->
+
+
+<!-- Notify CSS -->
+<link href="/static/css/bootstrap-notify/bootstrap-notify.css" rel="stylesheet">
+
+<!-- Custom Styles -->
+<link href="/static/css/bootstrap-notify/styles/alert-bangtidy.css" rel="stylesheet">
+<link href="/static/css/bootstrap-notify/styles/alert-blackgloss.css" rel="stylesheet">
+
+    <link href="/static/css/jquery-ui.css" rel="stylesheet" type="text/css">
+   <link rel="stylesheet" type="text/css" href="/static/assets/slider_enhancer/jquery-ui-slider-pips.css">
+ <script class="include" type="text/javascript" src="/static/javascript/jquery-1.10.2.js"></script>
+<script class="include" type="text/javascript" src="/static/javascript/ui/jquery-ui.js"></script>
+<script src="/static/assets/slider_enhancer/jquery-ui-slider-pips.min.js"></script>
+<script class="include" type="text/javascript" src="/static/app_js/jquery.csrftoken.min.js"></script>
+          <script class="include" type="text/javascript" src="/static/app_js/bootstrap-notify.js"></script>
+    <style>
+        a.disabled_me {
+           pointer-events: none;
+           cursor: default;
+        }
+    </style>
+<!--[if IE]><script type="text/javascript" src="/static/assets/jqueryknobdial/excanvas.js"></script><![endif]-->
+        <script>
+            var delete_auth_entry_url = "{% url 'delete-auth-entry' %}";
+        </script>
+</head>
+<body>
+{% include 'common/top_nav.html' %}
+<div class="wrapper">
+{% include 'common/side_nav.html' %}
+  <div class="page-content" id="dashboard_content">
+    <form action="" method="post">
+  	{% csrf_token %}
+    <div class="content container">
+      <div class="row">
+        <div class="col-lg-12 col-xs-12 col-sm-12 col-md-12">
+          <h2 class="page-title">BEMOSS Password Manager</h2>
+        </div>
+      </div>
+     <div class="row">
+          <div class="col-lg-12 col-xs-12 col-sm-12 col-md-12">
+        <div class="widget">
+            <div class="widget-header"> <i class="icon-table"></i>
+                <h3>Add/Edit Cloud Device Authentication Information</h3>
+            </div>
+            <div class="widget-content">
+            <div id="demo1">
+            <table cellpadding="0" cellspacing="0" border="0" class="display">
+                <thead>
+                    <tr>
+                        <th class="col-md-3">Device Model</th>
+                        <th class="col-md-3">Username</th>
+                        <th class="col-md-3">Password</th>
+                        <!--<th class="col-md-3">Delete?</th>-->
+                    </tr>
+                </thead>
+                <tbody>
+                    {{ formset.management_form }}
+
+                    {% for form in formset %}
+                        <tr id="{{ form.prefix }}-row" class="dynamic-form">{{ form.id }}
+                            <td>{{ form.device_model|addcss:'form-control' }}</td>
+                            <td>{{ form.username }}</td>
+                            <td>{{ form.password }}</td>
+                            <!--<td><a id="id_{{ form.prefix }}-remove" name="{{ form.prefix }}-remove" href="javascript:void(0)" class="btn btn-danger delete_row" >X</a></td>-->
+                        </tr>
+                    {% endfor %}
+                </tbody>
+                <tfoot>
+                    <tr>
+                        <th></th>
+                        <th></th>
+                        <th></th>
+                    </tr>
+                </tfoot>
+            </table>
+
+            </div>
+            <div>
+                 <button id="new_row" class="btn btn-success">Add a New Row</button>
+                 <input type="submit" class="btn btn-success" value="Submit"/>
+            </div>
+            </div>
+            </div>
+              </div>
+      </div>
+    <div class="row">
+        <div class="col-lg-12 col-xs-12 col-sm-12 col-md-12">
+            <div class="widget">
+                <div class="widget-header">
+                    <i class="icon-table"></i>
+                    <h3>Remove Cloud Device Authentication Information</h3>
+                </div>
+                <div class="widget-content">
+                    <div id="demo2">
+                <table cellpadding="0" cellspacing="0" border="0" class="display example">
+                <thead>
+                    <tr>
+                        <th class="col-md-3">Device Model</th>
+                        <th class="col-md-2">Username</th>
+                        <th class="col-md-2">Password</th>
+                        <th class="col-md-3">Last Modified</th>
+                        <th class="col-md-2">Delete Password Entry</th>
+                    </tr>
+                </thead>
+                <tbody>
+                    {% for data in pwd_data %}
+                        <tr class="gradeA auth_row" id="row-{{ data.id }}">
+                            <td>{{ data.device_model }}</td>
+                            <td>{{ data.username }}</td>
+                            <td>*****</td>
+                            <td>{{ data.last_modified }}</td>
+                            <td><button id="remove_{{ data.id }}" class="btn btn-danger delete_device_password" >X</button></td>
+                        </tr>
+                    {% endfor %}
+                </tbody>
+                <tfoot>
+                    <tr>
+                        <th></th>
+                        <th></th>
+                        <th></th>
+                        <th></th>
+                        <th></th>
+                    </tr>
+                </tfoot>
+            </table>
+            </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+      </div>
+    </form>
+  </div>
+</div>
+
+<div class="bottom-nav footer"> 2013-2017 &copy; Building Energy Management Open Source Software. </div>
+
+<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
+<script src="/static/js/jquery.js"></script>
+<script src="/static/js/bootstrap.min.js"></script>
+<script type="text/javascript" src="/static/js/left_nav_slider.js"></script>
+<script type="text/javascript" language="javascript" src="/static/js/jquery.js"></script>
+<!--<script type="text/javascript" language="javascript" src="/static/js/jquery.dataTables.js"></script>-->
+<script class="include" type="text/javascript" src="/static/app_js/jquery.csrftoken.min.js"></script>
+<script class="include" type="text/javascript" src="/static/app_js/bootstrap-notify.js"></script>
+<script class="include" type="text/javascript" src="/static/app_js/pwd_mngr.js"></script>
+<script type="text/javascript" src="/static/app_js/make_current.js"></script>
+<!--switcher html start-->
+{% include 'common/theme_changer.html' %}
+
+</body>
+</html>
diff --git a/Web_Server/webapps/discovery/urls.py b/Web_Server/webapps/discovery/urls.py
index 0a3d86c..ec8af8a 100644
--- a/Web_Server/webapps/discovery/urls.py
+++ b/Web_Server/webapps/discovery/urls.py
@@ -5,5 +5,7 @@ from . import views
 urlpatterns = [
     url(r'^mdiscover', views.discover_devices, name='discovery-manual-discover'),
     url(r'^new', views.discover_new_devices),
-    url(r'^authenticate_device', views.authenticate_device, name='discovery-authenticate-device')
+    url(r'^authenticate_device', views.authenticate_device, name='discovery-authenticate-device'),
+    url(r'^manage_dinfo', views.password_manager, name='discovery-passwords-manager'),
+    url(r'^delete_auth_info', views.remove_authentication_information, name='delete-auth-entry')
 ]
\ No newline at end of file
diff --git a/Web_Server/webapps/discovery/views.py b/Web_Server/webapps/discovery/views.py
index 23f04ce..cf6fd4f 100644
--- a/Web_Server/webapps/discovery/views.py
+++ b/Web_Server/webapps/discovery/views.py
@@ -112,3 +112,52 @@ def authenticate_device(request):
 
         if request.is_ajax():
             return HttpResponse(json.dumps("success"), 'application/json')
+
+@login_required(login_url='/login')
+def password_manager(request):
+    context = RequestContext(request)
+    PasswordManagerFormSet = modelformset_factory(PasswordsManager, PasswordManagerForm)
+    if request.method == 'POST':
+        formset = PasswordManagerFormSet(request.POST)
+        for form in formset:
+            if form.is_valid():
+                if form.cleaned_data:
+                        form.cleaned_data['password'] = encrypt_value(form.cleaned_data['password']).encode('utf8')
+                        password_data = form.save(commit=False)
+                        password_data.last_modified = datetime.now()
+                        password_data.save()
+        password_manager_data = [ob.data_passwords_manager() for ob in PasswordsManager.objects.all()]
+        formset = PasswordManagerFormSet(queryset=PasswordsManager.objects.all())
+    else:
+        password_manager_data = [ob.data_passwords_manager() for ob in PasswordsManager.objects.all()]
+        formset = PasswordManagerFormSet(queryset=PasswordsManager.objects.all())
+        # Allows initial pre-existing data to be rendered into the form.
+        # When saving, previously saved data need to be treated as old data and ignored.
+        # formset = PasswordManagerFormSet(initial=[ob.data_passwords_manager() for ob in
+        # PasswordsManager.objects.all()])
+    if request.user.groups.filter(name__iexact = 'admin').exists():
+        device_list_side_nav = get_device_list_and_count(request)
+        return_data = dict()
+        return_data.update(device_list_side_nav)
+        return_data.update({'formset': formset, 'pwd_data': password_manager_data})
+        return render(request, 'discovery/password_manager.html', return_data)
+    else:
+        return HttpResponseRedirect('/home/')
+
+@login_required(login_url='/login/')
+def remove_authentication_information(request):
+    if request.POST:
+        _data = request.body
+        _data = json.loads(_data)
+        auth_id = _data['id']
+        print auth_id
+        try:
+            PasswordsManager.objects.filter(id=int(auth_id)).delete()
+            json_text = {"status": "success",
+                         "id": auth_id}
+        except IntegrityError:
+            json_text = {"status": "failure",
+                         "id": auth_id}
+
+    if request.is_ajax():
+        return HttpResponse(json.dumps(json_text))
\ No newline at end of file
-- 
GitLab