netbox-cisco-ise 0.1.5__tar.gz → 0.1.7__tar.gz

{netbox_cisco_ise-0.1.5 → netbox_cisco_ise-0.1.7}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: netbox-cisco-ise
-Version: 0.1.5
+Version: 0.1.7
 Summary: NetBox plugin for Cisco ISE integration - endpoint tracking, NAD management, and session visibility
 Author-email: sieteunoseis <jeremy.worden@gmail.com>
 License: Apache-2.0

netbox_cisco_ise-0.1.7/netbox_cisco_ise/__init__.py

@@ -0,0 +1,137 @@
+"""
+NetBox Cisco ISE Plugin
+
+Display Cisco Identity Services Engine (ISE) endpoint and NAD information in Device detail pages.
+Shows endpoint identity, profiling data, active session status, and network access device details.
+"""
+
+import logging
+
+from netbox.plugins import PluginConfig
+
+__version__ = "0.1.7"
+
+logger = logging.getLogger(__name__)
+
+
+class CiscoISEConfig(PluginConfig):
+    """Plugin configuration for NetBox Cisco ISE integration."""
+
+    name = "netbox_cisco_ise"
+    verbose_name = "Cisco ISE"
+    description = "Display Cisco ISE endpoint and NAD information in device pages"
+    version = __version__
+    author = "sieteunoseis"
+    author_email = "jeremy.worden@gmail.com"
+    base_url = "cisco-ise"
+    min_version = "4.0.0"
+    max_version = "4.99"
+
+    # Required settings - plugin won't load without these
+    required_settings = []
+
+    # Default configuration values
+    default_settings = {
+        # ISE Connection Settings
+        "ise_url": "",  # e.g., "https://ise.example.com"
+        "ise_username": "",  # ERS Admin username
+        "ise_password": "",  # ERS Admin password
+        "timeout": 30,  # API timeout in seconds
+        "cache_timeout": 60,  # Cache results for 60 seconds
+        "verify_ssl": False,  # Skip SSL verification for self-signed certs
+        # Device mappings - determines which devices show ISE tab and lookup method
+        # Format: list of dicts with manufacturer (regex), device_type (regex, optional), lookup method
+        #
+        # lookup types:
+        #   "endpoint" - MAC address lookup (for wireless clients, phones, badges)
+        #   "nad" - Network Access Device lookup (for switches, routers, WLCs)
+        #
+        # Example:
+        # "device_mappings": [
+        #     {"manufacturer": "cisco", "lookup": "nad"},  # Cisco network devices as NADs
+        #     {"manufacturer": "vocera", "lookup": "endpoint"},  # Vocera badges by MAC
+        #     {"manufacturer": "cisco", "device_type": ".*phone.*", "lookup": "endpoint"},  # Cisco phones by MAC
+        # ]
+        "device_mappings": [
+            {
+                "manufacturer": r"cisco",
+                "lookup": "nad",
+            },  # Default: Cisco devices as NADs
+        ],
+        # Endpoint mappings (requires netbox-endpoints plugin)
+        # Format: list of dicts with manufacturer (regex), endpoint_type (regex, optional)
+        # All endpoints use MAC lookup since they're endpoint devices
+        #
+        # Example:
+        # "endpoint_mappings": [
+        #     {"manufacturer": "vocera"},  # All Vocera endpoints
+        #     {"manufacturer": "cisco", "endpoint_type": ".*phone.*"},  # Cisco phones
+        # ]
+        # If empty, shows tab for ALL endpoints with a MAC address
+        "endpoint_mappings": [],
+    }
+
+    def ready(self):
+        """Register endpoint view if netbox_endpoints is available."""
+        super().ready()
+        self._register_endpoint_views()
+
+    def _register_endpoint_views(self):
+        """Register Cisco ISE tab for Endpoints if plugin is installed."""
+        import sys
+
+        # Quick check if netbox_endpoints is available
+        if "netbox_endpoints" not in sys.modules:
+            try:
+                import importlib.util
+
+                if importlib.util.find_spec("netbox_endpoints") is None:
+                    logger.debug("netbox_endpoints not installed, skipping endpoint view registration")
+                    return
+            except Exception:
+                logger.debug("netbox_endpoints not available, skipping endpoint view registration")
+                return
+
+        try:
+            from django.shortcuts import render
+            from netbox.views import generic
+            from netbox_endpoints.models import Endpoint
+            from utilities.views import ViewTab, register_model_view
+
+            from .views import should_show_ise_tab_endpoint
+
+            @register_model_view(Endpoint, name="cisco_ise", path="cisco-ise")
+            class EndpointISEView(generic.ObjectView):
+                """Display Cisco ISE endpoint details for a netbox Endpoint."""
+
+                queryset = Endpoint.objects.all()
+                template_name = "netbox_cisco_ise/netbox_endpoint_tab.html"
+
+                tab = ViewTab(
+                    label="Cisco ISE",
+                    weight=9001,
+                    permission="netbox_endpoints.view_endpoint",
+                    hide_if_empty=False,
+                    visible=should_show_ise_tab_endpoint,
+                )
+
+                def get(self, request, pk):
+                    endpoint = Endpoint.objects.get(pk=pk)
+                    return render(
+                        request,
+                        self.template_name,
+                        {
+                            "object": endpoint,
+                            "tab": self.tab,
+                            "loading": True,
+                        },
+                    )
+
+            logger.info("Registered Cisco ISE tab for Endpoint model")
+        except ImportError:
+            logger.debug("netbox_endpoints not installed, skipping endpoint view registration")
+        except Exception as e:
+            logger.warning(f"Could not register endpoint views: {e}")
+
+
+config = CiscoISEConfig

{netbox_cisco_ise-0.1.5 → netbox_cisco_ise-0.1.7}/netbox_cisco_ise/ise_client.py

@@ -275,9 +275,7 @@ class ISEClient:
             cached["cached"] = True
             return cached
 
-        result = self._make_ers_request(
-            "/networkdevice", params={"filter": f"ipaddress.EQ.{ip_address}"}
-        )
+        result = self._make_ers_request("/networkdevice", params={"filter": f"ipaddress.EQ.{ip_address}"})
 
         return self._process_nad_result(result, cache_key)
 
@@ -297,9 +295,7 @@ class ISEClient:
             cached["cached"] = True
             return cached
 
-        result = self._make_ers_request(
-            "/networkdevice", params={"filter": f"name.CONTAINS.{name}"}
-        )
+        result = self._make_ers_request("/networkdevice", params={"filter": f"name.CONTAINS.{name}"})
 
         return self._process_nad_result(result, cache_key)
 
@@ -365,11 +361,7 @@ class ISEClient:
                 "ro_community": bool(snmp_settings.get("roCommunity")),
                 "polling_interval": snmp_settings.get("pollingInterval"),
             },
-            "trustsec_enabled": bool(
-                trustsec_settings.get("deviceAuthenticationSettings", {}).get(
-                    "sgaDeviceId"
-                )
-            ),
+            "trustsec_enabled": bool(trustsec_settings.get("deviceAuthenticationSettings", {}).get("sgaDeviceId")),
             "coA_port": nad.get("coaPort"),
             "cached": False,
         }

netbox_cisco_ise-0.1.7/netbox_cisco_ise/templates/netbox_cisco_ise/netbox_endpoint_tab.html

@@ -0,0 +1,24 @@
+{% extends 'netbox_endpoints/endpoint.html' %}
+{% load helpers %}
+
+{% block content %}
+{% if loading %}
+<div id="ise-content"
+     hx-get="{% url 'plugins:netbox_cisco_ise:endpoint_content' pk=object.pk %}"
+     hx-trigger="load"
+     hx-swap="innerHTML">
+    <div class="d-flex justify-content-center align-items-center py-5">
+        <div class="text-center">
+            <div class="spinner-border text-primary mb-3" role="status" style="width: 3rem; height: 3rem;">
+                <span class="visually-hidden">Loading...</span>
+            </div>
+            <p class="text-muted mb-0">Loading Cisco ISE data...</p>
+        </div>
+    </div>
+</div>
+{% elif error %}
+<div class="alert alert-warning">
+    <i class="mdi mdi-alert"></i> {{ error }}
+</div>
+{% endif %}
+{% endblock %}

netbox_cisco_ise-0.1.7/netbox_cisco_ise/urls.py

@@ -0,0 +1,21 @@
+"""
+URL routing for NetBox Cisco ISE Plugin
+"""
+
+from django.urls import path
+
+from .views import ENDPOINTS_PLUGIN_INSTALLED, DeviceISEContentView, ISESettingsView, TestConnectionView
+
+urlpatterns = [
+    path("settings/", ISESettingsView.as_view(), name="settings"),
+    path("test-connection/", TestConnectionView.as_view(), name="test_connection"),
+    path("device/<int:pk>/content/", DeviceISEContentView.as_view(), name="device_content"),
+]
+
+# Add endpoint URLs if netbox_endpoints is installed
+if ENDPOINTS_PLUGIN_INSTALLED:
+    from .views import EndpointISEContentView
+
+    urlpatterns.append(
+        path("endpoint/<int:pk>/content/", EndpointISEContentView.as_view(), name="endpoint_content"),
+    )

{netbox_cisco_ise-0.1.5 → netbox_cisco_ise-0.1.7}/netbox_cisco_ise/views.py

@@ -19,6 +19,14 @@ from utilities.views import ViewTab, register_model_view
 
 from .ise_client import get_client
 
+# Check if netbox_endpoints plugin is installed
+try:
+    from netbox_endpoints.models import Endpoint
+
+    ENDPOINTS_PLUGIN_INSTALLED = True
+except ImportError:
+    ENDPOINTS_PLUGIN_INSTALLED = False
+
 
 def is_valid_mac(value):
     """Check if a value looks like a MAC address."""
@@ -53,18 +61,10 @@ def get_device_lookup_method(device):
 
     # Get device info for matching
     manufacturer = device.device_type.manufacturer
-    manufacturer_slug = (
-        manufacturer.slug.lower() if manufacturer and manufacturer.slug else ""
-    )
-    manufacturer_name = (
-        manufacturer.name.lower() if manufacturer and manufacturer.name else ""
-    )
-    device_type_slug = (
-        device.device_type.slug.lower() if device.device_type.slug else ""
-    )
-    device_type_model = (
-        device.device_type.model.lower() if device.device_type.model else ""
-    )
+    manufacturer_slug = manufacturer.slug.lower() if manufacturer and manufacturer.slug else ""
+    manufacturer_name = manufacturer.name.lower() if manufacturer and manufacturer.name else ""
+    device_type_slug = device.device_type.slug.lower() if device.device_type.slug else ""
+    device_type_model = device.device_type.model.lower() if device.device_type.model else ""
 
     # Check each mapping
     for mapping in mappings:
@@ -76,15 +76,12 @@ def get_device_lookup_method(device):
         manufacturer_match = False
         if manufacturer_pattern:
             try:
-                if re.search(
-                    manufacturer_pattern, manufacturer_slug, re.IGNORECASE
-                ) or re.search(manufacturer_pattern, manufacturer_name, re.IGNORECASE):
+                if re.search(manufacturer_pattern, manufacturer_slug, re.IGNORECASE) or re.search(
+                    manufacturer_pattern, manufacturer_name, re.IGNORECASE
+                ):
                     manufacturer_match = True
             except re.error:
-                if (
-                    manufacturer_pattern in manufacturer_slug
-                    or manufacturer_pattern in manufacturer_name
-                ):
+                if manufacturer_pattern in manufacturer_slug or manufacturer_pattern in manufacturer_name:
                     manufacturer_match = True
 
         if not manufacturer_match:
@@ -94,15 +91,12 @@ def get_device_lookup_method(device):
         if device_type_pattern:
             device_type_match = False
             try:
-                if re.search(
-                    device_type_pattern, device_type_slug, re.IGNORECASE
-                ) or re.search(device_type_pattern, device_type_model, re.IGNORECASE):
+                if re.search(device_type_pattern, device_type_slug, re.IGNORECASE) or re.search(
+                    device_type_pattern, device_type_model, re.IGNORECASE
+                ):
                     device_type_match = True
             except re.error:
-                if (
-                    device_type_pattern in device_type_slug
-                    or device_type_pattern in device_type_model
-                ):
+                if device_type_pattern in device_type_slug or device_type_pattern in device_type_model:
                     device_type_match = True
 
             if not device_type_match:
@@ -169,11 +163,7 @@ class DeviceISEContentView(LoginRequiredMixin, PermissionRequiredMixin, View):
 
     def get(self, request, pk):
         """Fetch ISE data and return HTML content."""
-        device = (
-            Device.objects.select_related("device_type__manufacturer")
-            .prefetch_related("interfaces")
-            .get(pk=pk)
-        )
+        device = Device.objects.select_related("device_type__manufacturer").prefetch_related("interfaces").get(pk=pk)
 
         client = get_client()
         config = settings.PLUGINS_CONFIG.get("netbox_cisco_ise", {})
@@ -195,10 +185,7 @@ class DeviceISEContentView(LoginRequiredMixin, PermissionRequiredMixin, View):
                     if "error" not in ise_data:
                         # Also get session data for connected endpoints
                         session_data = client.get_active_session_by_mac(mac_address)
-                        if (
-                            "error" in session_data
-                            and session_data.get("connected") is False
-                        ):
+                        if "error" in session_data and session_data.get("connected") is False:
                             # Not connected is fine, just no active session
                             pass
                     else:
@@ -220,11 +207,7 @@ class DeviceISEContentView(LoginRequiredMixin, PermissionRequiredMixin, View):
 
                 # If IP lookup failed or no IP, try hostname
                 # Use VC name for virtual chassis members (original hostname)
-                lookup_hostname = (
-                    device.virtual_chassis.name
-                    if device.virtual_chassis
-                    else device.name
-                )
+                lookup_hostname = device.virtual_chassis.name if device.virtual_chassis else device.name
                 if ("error" in ise_data or not ise_data) and lookup_hostname:
                     ise_data = client.get_network_device_by_name(lookup_hostname)
 
@@ -298,3 +281,130 @@ class TestConnectionView(View):
             return JsonResponse(result, status=400)
 
         return JsonResponse(result)
+
+
+# Endpoint-specific functions for netbox_endpoints plugin
+def should_show_ise_tab_endpoint(endpoint):
+    """
+    Determine if the ISE tab should be visible for this endpoint.
+
+    Shows tab if endpoint has a MAC address and matches configured endpoint_mappings
+    (or if endpoint_mappings is empty, show for all endpoints with MAC).
+    """
+    if not ENDPOINTS_PLUGIN_INSTALLED:
+        return False
+
+    # Must have MAC address for ISE lookup
+    if not endpoint.mac_address:
+        return False
+
+    config = settings.PLUGINS_CONFIG.get("netbox_cisco_ise", {})
+    mappings = config.get("endpoint_mappings", [])
+
+    # If no mappings configured, show for all endpoints with MAC
+    if not mappings:
+        return True
+
+    # Check if endpoint matches any mapping
+    if not endpoint.endpoint_type:
+        return False
+
+    manufacturer = endpoint.endpoint_type.manufacturer
+    manufacturer_slug = manufacturer.slug.lower() if manufacturer and manufacturer.slug else ""
+    manufacturer_name = manufacturer.name.lower() if manufacturer and manufacturer.name else ""
+    endpoint_type_slug = endpoint.endpoint_type.slug.lower() if endpoint.endpoint_type.slug else ""
+    endpoint_type_model = endpoint.endpoint_type.model.lower() if endpoint.endpoint_type.model else ""
+
+    for mapping in mappings:
+        manufacturer_pattern = mapping.get("manufacturer", "").lower()
+        endpoint_type_pattern = mapping.get("endpoint_type", "").lower()
+
+        # Check manufacturer match
+        manufacturer_match = False
+        if manufacturer_pattern:
+            try:
+                if re.search(manufacturer_pattern, manufacturer_slug, re.IGNORECASE) or re.search(
+                    manufacturer_pattern, manufacturer_name, re.IGNORECASE
+                ):
+                    manufacturer_match = True
+            except re.error:
+                if manufacturer_pattern in manufacturer_slug or manufacturer_pattern in manufacturer_name:
+                    manufacturer_match = True
+
+        if not manufacturer_match:
+            continue
+
+        # Check endpoint_type match if specified
+        if endpoint_type_pattern:
+            endpoint_type_match = False
+            try:
+                if re.search(endpoint_type_pattern, endpoint_type_slug, re.IGNORECASE) or re.search(
+                    endpoint_type_pattern, endpoint_type_model, re.IGNORECASE
+                ):
+                    endpoint_type_match = True
+            except re.error:
+                if endpoint_type_pattern in endpoint_type_slug or endpoint_type_pattern in endpoint_type_model:
+                    endpoint_type_match = True
+
+            if not endpoint_type_match:
+                continue
+
+        # Mapping matches
+        return True
+
+    return False
+
+
+# Endpoint views - only available if netbox_endpoints is installed
+if ENDPOINTS_PLUGIN_INSTALLED:
+
+    class EndpointISEContentView(LoginRequiredMixin, PermissionRequiredMixin, View):
+        """HTMX endpoint that returns ISE content for netbox Endpoint async loading."""
+
+        permission_required = "netbox_endpoints.view_endpoint"
+
+        def get(self, request, pk):
+            """Fetch ISE data and return HTML content."""
+            endpoint = Endpoint.objects.select_related("endpoint_type__manufacturer").get(pk=pk)
+
+            client = get_client()
+            config = settings.PLUGINS_CONFIG.get("netbox_cisco_ise", {})
+
+            ise_data = {}
+            session_data = {}
+            error = None
+
+            if not client:
+                error = "Cisco ISE not configured. Configure the plugin in NetBox settings."
+            elif not endpoint.mac_address:
+                error = "No MAC address configured for this endpoint."
+            else:
+                # Endpoint lookup by MAC address
+                mac_address = str(endpoint.mac_address)
+                ise_data = client.get_endpoint_by_mac(mac_address)
+                if "error" not in ise_data:
+                    # Also get session data for connected endpoints
+                    session_data = client.get_active_session_by_mac(mac_address)
+                    if "error" in session_data and session_data.get("connected") is False:
+                        # Not connected is fine, just no active session
+                        pass
+                else:
+                    error = ise_data.get("error")
+                    ise_data = {}
+
+            # Get ISE URL for external links
+            ise_url = config.get("ise_url", "").rstrip("/")
+
+            return HttpResponse(
+                render_to_string(
+                    "netbox_cisco_ise/endpoint_tab_content.html",
+                    {
+                        "object": endpoint,
+                        "ise_data": ise_data,
+                        "session_data": session_data,
+                        "error": error,
+                        "ise_url": ise_url,
+                    },
+                    request=request,
+                )
+            )

{netbox_cisco_ise-0.1.5 → netbox_cisco_ise-0.1.7}/netbox_cisco_ise.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: netbox-cisco-ise
-Version: 0.1.5
+Version: 0.1.7
 Summary: NetBox plugin for Cisco ISE integration - endpoint tracking, NAD management, and session visibility
 Author-email: sieteunoseis <jeremy.worden@gmail.com>
 License: Apache-2.0

{netbox_cisco_ise-0.1.5 → netbox_cisco_ise-0.1.7}/netbox_cisco_ise.egg-info/SOURCES.txt

@@ -16,4 +16,5 @@ netbox_cisco_ise/templates/netbox_cisco_ise/endpoint_tab.html
 netbox_cisco_ise/templates/netbox_cisco_ise/endpoint_tab_content.html
 netbox_cisco_ise/templates/netbox_cisco_ise/nad_tab.html
 netbox_cisco_ise/templates/netbox_cisco_ise/nad_tab_content.html
+netbox_cisco_ise/templates/netbox_cisco_ise/netbox_endpoint_tab.html
 netbox_cisco_ise/templates/netbox_cisco_ise/settings.html

{netbox_cisco_ise-0.1.5 → netbox_cisco_ise-0.1.7}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "netbox-cisco-ise"
-version = "0.1.5"
+version = "0.1.7"
 description = "NetBox plugin for Cisco ISE integration - endpoint tracking, NAD management, and session visibility"
 readme = "README.md"
 license = {text = "Apache-2.0"}

netbox_cisco_ise-0.1.5/netbox_cisco_ise/__init__.py

@@ -1,60 +0,0 @@
-"""
-NetBox Cisco ISE Plugin
-
-Display Cisco Identity Services Engine (ISE) endpoint and NAD information in Device detail pages.
-Shows endpoint identity, profiling data, active session status, and network access device details.
-"""
-
-from netbox.plugins import PluginConfig
-
-__version__ = "0.1.5"
-
-
-class CiscoISEConfig(PluginConfig):
-    """Plugin configuration for NetBox Cisco ISE integration."""
-
-    name = "netbox_cisco_ise"
-    verbose_name = "Cisco ISE"
-    description = "Display Cisco ISE endpoint and NAD information in device pages"
-    version = __version__
-    author = "sieteunoseis"
-    author_email = "jeremy.worden@gmail.com"
-    base_url = "cisco-ise"
-    min_version = "4.0.0"
-    max_version = "4.99"
-
-    # Required settings - plugin won't load without these
-    required_settings = []
-
-    # Default configuration values
-    default_settings = {
-        # ISE Connection Settings
-        "ise_url": "",  # e.g., "https://ise.example.com"
-        "ise_username": "",  # ERS Admin username
-        "ise_password": "",  # ERS Admin password
-        "timeout": 30,  # API timeout in seconds
-        "cache_timeout": 60,  # Cache results for 60 seconds
-        "verify_ssl": False,  # Skip SSL verification for self-signed certs
-        # Device mappings - determines which devices show ISE tab and lookup method
-        # Format: list of dicts with manufacturer (regex), device_type (regex, optional), lookup method
-        #
-        # lookup types:
-        #   "endpoint" - MAC address lookup (for wireless clients, phones, badges)
-        #   "nad" - Network Access Device lookup (for switches, routers, WLCs)
-        #
-        # Example:
-        # "device_mappings": [
-        #     {"manufacturer": "cisco", "lookup": "nad"},  # Cisco network devices as NADs
-        #     {"manufacturer": "vocera", "lookup": "endpoint"},  # Vocera badges by MAC
-        #     {"manufacturer": "cisco", "device_type": ".*phone.*", "lookup": "endpoint"},  # Cisco phones by MAC
-        # ]
-        "device_mappings": [
-            {
-                "manufacturer": r"cisco",
-                "lookup": "nad",
-            },  # Default: Cisco devices as NADs
-        ],
-    }
-
-
-config = CiscoISEConfig

netbox_cisco_ise-0.1.5/netbox_cisco_ise/urls.py

@@ -1,13 +0,0 @@
-"""
-URL routing for NetBox Cisco ISE Plugin
-"""
-
-from django.urls import path
-
-from .views import DeviceISEContentView, ISESettingsView, TestConnectionView
-
-urlpatterns = [
-    path("settings/", ISESettingsView.as_view(), name="settings"),
-    path("test-connection/", TestConnectionView.as_view(), name="test_connection"),
-    path("device/<int:pk>/content/", DeviceISEContentView.as_view(), name="device_content"),
-]