From faa79edfc6d68d773327dd29c0b3f546ac788323 Mon Sep 17 00:00:00 2001
From: Sebastian Lohff <seba@someserver.de>
Date: Tue, 28 Mar 2017 01:43:24 +0200
Subject: [PATCH] Url, Profile, Search

---
 dncore/views.py                     | 29 +++++++++++++++++++++++------
 templates/base.html                 |  4 ++--
 templates/dncore/dashboard.html     |  4 ++--
 templates/registration/profile.html |  5 +++--
 whoisdb/helpers.py                  | 27 +++++++++++++++++++++++----
 5 files changed, 53 insertions(+), 16 deletions(-)

diff --git a/dncore/views.py b/dncore/views.py
index 21a45aa..f9a23f4 100644
--- a/dncore/views.py
+++ b/dncore/views.py
@@ -1,5 +1,7 @@
 from django.shortcuts import render
 from django.contrib.auth.decorators import login_required
+from django.contrib.auth.forms import PasswordChangeForm
+from django.contrib.auth import login as auth_login
 from django.db.models import Q
 from django.views.generic import CreateView
 from django.urls import reverse_lazy, reverse
@@ -16,17 +18,32 @@ from .forms import CustomUserCreationForm
 
 @login_required
 def profile(request):
-	return render(request, "profile/profile.html", {})
+	pwForm = None
+
+	if request.method == "POST":
+		if request.POST.get("submit", None) == "pwchange":
+			pwForm = PasswordChangeForm(user=request.user, data=request.POST)
+			if pwForm.is_valid():
+				pwForm.save()
+				auth_login(request, pwForm.user)
+				messages.success(request, "Password changed")
+
+				return HttpResponseRedirect(reverse("profile"))
+
+	if not pwForm:
+		pwForm = PasswordChangeForm(user=request.user)
+
+	return render(request, "registration/profile.html", {'pwForm': pwForm})
 
 
 @login_required
 def dashboard(request):
 	mnts = request.user.maintainer_set.all()
-	ownMnts = request.user.maintainer_set.filter(rir=False, lir=False).all()
-	asns = ASNumber.objects.filter(Q(mnt_by__in=ownMnts) | Q(mnt_lower__in=ownMnts))
-	inetnums = InetNum.objects.filter(Q(mnt_by__in=ownMnts) | Q(mnt_lower__in=ownMnts))
-	domains = Domain.objects.filter(mnt_by__in=mnts)
-	rrequests = Request.objects.filter((Q(provider__in=mnts) | Q(applicant__in=mnts)) & Q(status=Request.STATE_OPEN))
+	ownMnts = request.user.maintainer_set.filter(rir=False, lir=False).all().distinct()
+	asns = ASNumber.objects.filter(Q(mnt_by__in=ownMnts) | Q(mnt_lower__in=ownMnts)).distinct()
+	inetnums = InetNum.objects.filter(Q(mnt_by__in=ownMnts) | Q(mnt_lower__in=ownMnts)).distinct()
+	domains = Domain.objects.filter(mnt_by__in=mnts).distinct()
+	rrequests = Request.objects.filter((Q(provider__in=mnts) | Q(applicant__in=mnts)) & Q(status=Request.STATE_OPEN)).distinct()
 
 	return render(request, "dncore/dashboard.html", {"asns": asns, "inetnums": inetnums, "domains": domains, 'rrequests': rrequests})
 
diff --git a/templates/base.html b/templates/base.html
index fe58ebc..a7f6b2c 100644
--- a/templates/base.html
+++ b/templates/base.html
@@ -45,11 +45,11 @@
         <div id="navbar" class="navbar-collapse collapse">
           <ul class="nav navbar-nav">
 {% if user.is_authenticated %}
-            <li{% if request.resolver_match.url_name == 'dashboard' %} class="active"{%endif%}><a href="{% url "dashboard" %}">Dashboard</a></li>
+            <li{% if request.resolver_match.namespaces|length == 0 and request.resolver_match.url_name == 'dashboard' %} class="active"{%endif%}><a href="{% url "dashboard" %}">Dashboard</a></li>
 {% else %}
             <li{% if request.resolver_match.url_name == 'index' %} class="active"{%endif%}><a href="{% url "index" %}">Home</a></li>
 {% endif %}
-            <li{% if "dncore" in request.resolver_match.app and request.resolver_match.url_name == 'search' %} class="active"{%endif%}><a href="{% url "whoisdb:search" %}">Search</a></li>
+            <li{% if request.resolver_match.url_name == 'search' %} class="active"{%endif%}><a href="{% url "whoisdb:search" %}">Search</a></li>
 			<li class="dropdown{% if request.resolver_match.url_name == 'whoisdb' %} active{%endif%}">
 				<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Whois DB <span class="caret"></span></a>
 				<ul class="dropdown-menu">
diff --git a/templates/dncore/dashboard.html b/templates/dncore/dashboard.html
index 254606f..5a7c090 100644
--- a/templates/dncore/dashboard.html
+++ b/templates/dncore/dashboard.html
@@ -60,7 +60,7 @@
 					{% endfor %}
 					</table>
 				{% else %}
-					<p>You don't have any domains</p>
+					<p>You don't have any ip networks</p>
 				{% endif %}
 
 
@@ -83,7 +83,7 @@
 					{% endfor %}
 					</table>
 				{% else %}
-					<p>You don't have any open resource requests</p>
+					<p>You don't have any domains</p>
 				{% endif %}
 			</div>
 		</div>
diff --git a/templates/registration/profile.html b/templates/registration/profile.html
index e6866c8..c535e8b 100644
--- a/templates/registration/profile.html
+++ b/templates/registration/profile.html
@@ -9,8 +9,9 @@
 			<div class="panel-heading">User Info</div>
 			<div class="panel-body">
 				<div class="form-group">
-					<label class="control-label">User <span class="glyphicon glyphicon-ok-sign text-success"></span></label>
+					<label class="control-label">User</label>
 					<p class="form-control-static">{{ user }}</p>
+
 				</div>
 			</div>
 		</div>
@@ -19,7 +20,7 @@
 		<div class="panel panel-default">
 			<div class="panel-heading">Change Password</div>
 			<div class="panel-body">
-				<form method="POST" action="{% url "profile" %}">
+				<form method="POST" action="{% url "user:profile" %}">
 					{% csrf_token %}
 					{{ pwForm|crispy }}
 					<button type="submit" class="btn btn-primary" name="submit" value="pwchange">Change Password</button>
diff --git a/whoisdb/helpers.py b/whoisdb/helpers.py
index c25df5d..d913a30 100644
--- a/whoisdb/helpers.py
+++ b/whoisdb/helpers.py
@@ -1,6 +1,8 @@
 import whoisdb.models
 import domains.models
 
+from django.db.models import F
+
 import ipaddress
 import re
 
@@ -73,17 +75,34 @@ def findInDatabase(rawValue):
 		pass
 
 	if value:
-		# TODO FIXME: find smallest matching network
-		obj = whoisdb.models.InetNum.objects.filter(address=str(value))
-		results.extend(obj)
+		# NOTE: this is only for "small subnets", we could increase this...
+		baseaddr = None
+		if value.version == 4:
+			basenet = ipaddress.ip_network("%s/24" % value, strict=False)
+			baseaddr = ".".join(str(basenet).split(".")[0:3]) + "."
+		else:
+			basenet = ipaddress.ip_network("%s/56" % value.exploded, strict=False)
+			baseaddr = ":".join(str(basenet).split(":")[0:4])[-2]
+
+		nets = whoisdb.models.InetNum.objects.filter(address__startswith=baseaddr).order_by("-netmask")
+		for net in nets:
+			if value in net.getNetwork():
+				results.append(net)
+				break
 
 	# asnumber?
 	m = re.match("^(?:AS)?(\d+)$", rawValue)
 	if m:
 		# asnumber!
-		obj = whoisdb.models.ASNumber(number=int(m.group(1)))
+		num = int(m.group(1))
+		obj = whoisdb.models.ASNumber.objects.filter(number=num)
 		results.extend(obj)
 
+		# find a matching block
+		blocks = whoisdb.models.ASBlock.objects.filter(asBegin__lte=num, asEnd__gte=num).annotate(size=F('asEnd')-F('asBegin')).order_by('size')
+		if blocks.count() > 0:
+			results.append(blocks[0])
+
 	# asblocks? smallest asblock containing the range
 	# WHEN anotation foo... could also be done in asnumber match
 	# also look for number - number queries?