[admin] Disallow changing configuration backend from UI #789

Make the backend read-only on Django admin change forms for
device configuration, template, and VPN server, while keeping
it selectable on create forms.

Fixes #789

Author: hypnoastic

openwisp_controller/config/admin.py

@@ -66,6 +66,15 @@
     from django.contrib.admin import ModelAdmin
 
 
+def is_recover_view(request):
+    resolver_match = getattr(request, "resolver_match", None)
+    return getattr(request, "_recover_view", False) or bool(
+        resolver_match
+        and resolver_match.url_name
+        and resolver_match.url_name.endswith("_recover")
+    )
+
+
 class SystemDefinedVariableMixin(object):
     def system_context(self, obj):
         system_context = obj.get_system_context()
@@ -468,7 +477,14 @@ def _error_reason_field_conditional(self, obj, fields):
         return fields
 
     def get_readonly_fields(self, request, obj):
-        fields = super().get_readonly_fields(request, obj)
+        fields = list(super().get_readonly_fields(request, obj))
+        if (
+            obj
+            and obj._has_config()
+            and not is_recover_view(request)
+            and "backend" not in fields
+        ):
+            fields.append("backend")
         return self._error_reason_field_conditional(obj, fields)
 
     def get_fields(self, request, obj):
@@ -1082,6 +1098,12 @@ class TemplateAdmin(MultitenantAdminMixin, BaseConfigAdmin, SystemDefinedVariabl
     readonly_fields = ["system_context"]
     autocomplete_fields = ["vpn"]
 
+    def get_readonly_fields(self, request, obj=None):
+        fields = list(super().get_readonly_fields(request, obj))
+        if obj and not is_recover_view(request) and "backend" not in fields:
+            fields.append("backend")
+        return fields
+
     @admin.action(permissions=["add"])
     def clone_selected_templates(self, request, queryset):
         selectable_orgs = None
@@ -1261,6 +1283,12 @@ class VpnAdmin(
         "modified",
     ]
 
+    def get_readonly_fields(self, request, obj=None):
+        fields = list(super().get_readonly_fields(request, obj))
+        if obj and not is_recover_view(request) and "backend" not in fields:
+            fields.append("backend")
+        return fields
+
     class Media(BaseConfigAdmin):
         js = list(BaseConfigAdmin.Media.js) + [f"{prefix}js/vpn.js"]
 

openwisp_controller/config/tests/test_admin.py

@@ -1435,12 +1435,40 @@ def test_default_device_backend(self):
         response = self.client.get(path)
         self.assertContains(response, '<option value="netjsonconfig.OpenWrt" selected')
 
-    def test_existing_device_backend(self):
+    def test_device_backend_readonly_on_change(self):
         d = self._create_device()
         self._create_config(device=d, backend="netjsonconfig.OpenWisp")
         path = reverse(f"admin:{self.app_label}_device_change", args=[d.pk])
         response = self.client.get(path)
-        self.assertContains(response, '<option value="netjsonconfig.OpenWisp" selected')
+        self.assertContains(response, "field-backend")
+        self.assertNotContains(response, 'name="config-0-backend"')
+
+    def test_device_backend_cannot_be_changed_from_change_form(self):
+        template = Template.objects.first()
+        device = self._create_device()
+        config = self._create_config(
+            device=device,
+            backend=template.backend,
+            config=template.config,
+        )
+        path = reverse(f"admin:{self.app_label}_device_change", args=[device.pk])
+        params = self._get_device_params(org=device.organization)
+        params.update(
+            {
+                "name": "device-backend-unchanged",
+                "config-0-id": str(config.pk),
+                "config-0-device": str(device.pk),
+                "config-0-backend": "totally.invalid.backend",
+                "config-0-templates": str(template.pk),
+                "config-INITIAL_FORMS": 1,
+            }
+        )
+        response = self.client.post(path, params)
+        self.assertNotContains(response, "errors field-backend", status_code=302)
+        config.refresh_from_db()
+        self.assertEqual(config.backend, template.backend)
+        device.refresh_from_db(fields=["name"])
+        self.assertEqual(device.name, "device-backend-unchanged")
 
     def test_device_search(self):
         d = self._create_device(name="admin-search-test")
@@ -1502,7 +1530,7 @@ def test_default_template_backend(self):
         response = self.client.get(path)
         self.assertContains(response, '<option value="netjsonconfig.OpenWrt" selected')
 
-    def test_existing_template_backend(self):
+    def test_template_backend_readonly_on_change(self):
         t = Template.objects.first()
         t.backend = "netjsonconfig.OpenWisp"
         t.config = {
@@ -1513,7 +1541,34 @@ def test_existing_template_backend(self):
         t.save()
         path = reverse(f"admin:{self.app_label}_template_change", args=[t.pk])
         response = self.client.get(path)
-        self.assertContains(response, '<option value="netjsonconfig.OpenWisp" selected')
+        self.assertContains(response, "field-backend")
+        self.assertNotContains(response, 'name="backend"')
+
+    def test_template_backend_cannot_be_changed_from_change_form(self):
+        template = self._create_template()
+        original_backend = template.backend
+        path = reverse(f"admin:{self.app_label}_template_change", args=[template.pk])
+        params = {
+            "name": "template-backend-unchanged",
+            "organization": str(template.organization_id or ""),
+            "type": template.type,
+            "backend": "totally.invalid.backend",
+            "vpn": str(template.vpn_id or ""),
+            "tags": ",".join(template.tags.names()),
+            "default_values": json.dumps(template.default_values or {}),
+            "config": json.dumps(template.config),
+        }
+        if template.auto_cert:
+            params["auto_cert"] = "on"
+        if template.default:
+            params["default"] = "on"
+        if template.required:
+            params["required"] = "on"
+        response = self.client.post(path, params)
+        self.assertNotContains(response, "errors field-backend", status_code=302)
+        template.refresh_from_db()
+        self.assertEqual(template.backend, original_backend)
+        self.assertEqual(template.name, "template-backend-unchanged")
 
     def test_preview_variables(self):
         path = reverse(f"admin:{self.app_label}_device_preview")
@@ -1626,6 +1681,39 @@ def test_add_vpn(self):
             response, 'value="openwisp_controller.vpn_backends.OpenVpn" selected'
         )
 
+    def test_vpn_backend_readonly_on_change(self):
+        vpn = self._create_vpn()
+        path = reverse(f"admin:{self.app_label}_vpn_change", args=[vpn.pk])
+        response = self.client.get(path)
+        self.assertContains(response, "field-backend")
+        self.assertNotContains(response, 'name="backend"')
+
+    def test_vpn_backend_cannot_be_changed_from_change_form(self):
+        vpn = self._create_vpn()
+        original_backend = vpn.backend
+        path = reverse(f"admin:{self.app_label}_vpn_change", args=[vpn.pk])
+        params = {
+            "organization": str(vpn.organization_id or ""),
+            "name": "vpn-backend-unchanged",
+            "host": vpn.host,
+            "key": vpn.key,
+            "backend": "totally.invalid.backend",
+            "ca": str(vpn.ca_id or ""),
+            "cert": str(vpn.cert_id or ""),
+            "subnet": str(vpn.subnet_id or ""),
+            "ip": str(vpn.ip_id or ""),
+            "webhook_endpoint": vpn.webhook_endpoint or "",
+            "auth_token": vpn.auth_token or "",
+            "notes": vpn.notes or "",
+            "dh": vpn.dh or "",
+            "config": json.dumps(vpn.config),
+        }
+        response = self.client.post(path, params)
+        self.assertNotContains(response, "errors field-backend", status_code=302)
+        vpn.refresh_from_db()
+        self.assertEqual(vpn.backend, original_backend)
+        self.assertEqual(vpn.name, "vpn-backend-unchanged")
+
     def test_vpn_clients_deleted(self):
         def _update_template(templates):
             params.update(