diff --git a/apps/settings/api/public.py b/apps/settings/api/public.py index b9076618d..108970c59 100644 --- a/apps/settings/api/public.py +++ b/apps/settings/api/public.py @@ -1,5 +1,5 @@ from rest_framework import generics -from rest_framework.permissions import AllowAny +from rest_framework.permissions import AllowAny, IsAuthenticated from django.conf import settings from jumpserver.utils import has_valid_xpack_license, get_xpack_license_info @@ -9,10 +9,10 @@ from ..utils import get_interface_setting logger = get_logger(__name__) -__all__ = ['PublicSettingApi'] +__all__ = ['PublicSettingApi', 'OpenPublicSettingApi'] -class PublicSettingApi(generics.RetrieveAPIView): +class OpenPublicSettingApi(generics.RetrieveAPIView): permission_classes = (AllowAny,) serializer_class = serializers.PublicSettingSerializer @@ -27,49 +27,68 @@ class PublicSettingApi(generics.RetrieveAPIView): interface = get_interface_setting() return interface['login_title'] - def get_object(self): - instance = { - "data": { - # Security - "WINDOWS_SKIP_ALL_MANUAL_PASSWORD": settings.WINDOWS_SKIP_ALL_MANUAL_PASSWORD, - "OLD_PASSWORD_HISTORY_LIMIT_COUNT": settings.OLD_PASSWORD_HISTORY_LIMIT_COUNT, - "SECURITY_MAX_IDLE_TIME": settings.SECURITY_MAX_IDLE_TIME, - "SECURITY_VIEW_AUTH_NEED_MFA": settings.SECURITY_VIEW_AUTH_NEED_MFA, - "SECURITY_MFA_VERIFY_TTL": settings.SECURITY_MFA_VERIFY_TTL, - "SECURITY_COMMAND_EXECUTION": settings.SECURITY_COMMAND_EXECUTION, - "SECURITY_PASSWORD_EXPIRATION_TIME": settings.SECURITY_PASSWORD_EXPIRATION_TIME, - "SECURITY_LUNA_REMEMBER_AUTH": settings.SECURITY_LUNA_REMEMBER_AUTH, - "PASSWORD_RULE": { - 'SECURITY_PASSWORD_MIN_LENGTH': settings.SECURITY_PASSWORD_MIN_LENGTH, - 'SECURITY_ADMIN_USER_PASSWORD_MIN_LENGTH': settings.SECURITY_ADMIN_USER_PASSWORD_MIN_LENGTH, - 'SECURITY_PASSWORD_UPPER_CASE': settings.SECURITY_PASSWORD_UPPER_CASE, - 'SECURITY_PASSWORD_LOWER_CASE': settings.SECURITY_PASSWORD_LOWER_CASE, - 'SECURITY_PASSWORD_NUMBER': settings.SECURITY_PASSWORD_NUMBER, - 'SECURITY_PASSWORD_SPECIAL_CHAR': settings.SECURITY_PASSWORD_SPECIAL_CHAR, - }, - 'SECURITY_WATERMARK_ENABLED': settings.SECURITY_WATERMARK_ENABLED, - 'SECURITY_SESSION_SHARE': settings.SECURITY_SESSION_SHARE, - # XPACK - "XPACK_ENABLED": settings.XPACK_ENABLED, - "XPACK_LICENSE_IS_VALID": has_valid_xpack_license(), - "XPACK_LICENSE_INFO": get_xpack_license_info(), - # Performance - "LOGIN_TITLE": self.get_login_title(), - "LOGO_URLS": self.get_logo_urls(), - "HELP_DOCUMENT_URL": settings.HELP_DOCUMENT_URL, - "HELP_SUPPORT_URL": settings.HELP_SUPPORT_URL, - # Auth - "AUTH_WECOM": settings.AUTH_WECOM, - "AUTH_DINGTALK": settings.AUTH_DINGTALK, - "AUTH_FEISHU": settings.AUTH_FEISHU, - # Terminal - "XRDP_ENABLED": settings.XRDP_ENABLED, - "TERMINAL_MAGNUS_ENABLED": settings.TERMINAL_MAGNUS_ENABLED, - "TERMINAL_KOKO_SSH_ENABLED": settings.TERMINAL_KOKO_SSH_ENABLED, - # Announcement - "ANNOUNCEMENT_ENABLED": settings.ANNOUNCEMENT_ENABLED, - "ANNOUNCEMENT": settings.ANNOUNCEMENT, - "AUTH_TEMP_TOKEN": settings.AUTH_TEMP_TOKEN, - } + def get_open_public_settings(self): + return { + "XPACK_ENABLED": settings.XPACK_ENABLED, + "LOGIN_TITLE": self.get_login_title(), + "LOGO_URLS": self.get_logo_urls(), + 'SECURITY_WATERMARK_ENABLED': settings.SECURITY_WATERMARK_ENABLED, } - return instance + + def get_object(self): + return self.get_open_public_settings() + + +class PublicSettingApi(OpenPublicSettingApi): + permission_classes = (IsAuthenticated,) + serializer_class = serializers.PrivateSettingSerializer + + @staticmethod + def get_public_settings(): + return { + # Security + "WINDOWS_SKIP_ALL_MANUAL_PASSWORD": settings.WINDOWS_SKIP_ALL_MANUAL_PASSWORD, + "OLD_PASSWORD_HISTORY_LIMIT_COUNT": settings.OLD_PASSWORD_HISTORY_LIMIT_COUNT, + "SECURITY_MAX_IDLE_TIME": settings.SECURITY_MAX_IDLE_TIME, + "SECURITY_VIEW_AUTH_NEED_MFA": settings.SECURITY_VIEW_AUTH_NEED_MFA, + "SECURITY_MFA_VERIFY_TTL": settings.SECURITY_MFA_VERIFY_TTL, + "SECURITY_COMMAND_EXECUTION": settings.SECURITY_COMMAND_EXECUTION, + "SECURITY_PASSWORD_EXPIRATION_TIME": settings.SECURITY_PASSWORD_EXPIRATION_TIME, + "SECURITY_LUNA_REMEMBER_AUTH": settings.SECURITY_LUNA_REMEMBER_AUTH, + "PASSWORD_RULE": { + 'SECURITY_PASSWORD_MIN_LENGTH': settings.SECURITY_PASSWORD_MIN_LENGTH, + 'SECURITY_ADMIN_USER_PASSWORD_MIN_LENGTH': settings.SECURITY_ADMIN_USER_PASSWORD_MIN_LENGTH, + 'SECURITY_PASSWORD_UPPER_CASE': settings.SECURITY_PASSWORD_UPPER_CASE, + 'SECURITY_PASSWORD_LOWER_CASE': settings.SECURITY_PASSWORD_LOWER_CASE, + 'SECURITY_PASSWORD_NUMBER': settings.SECURITY_PASSWORD_NUMBER, + 'SECURITY_PASSWORD_SPECIAL_CHAR': settings.SECURITY_PASSWORD_SPECIAL_CHAR, + }, + 'SECURITY_SESSION_SHARE': settings.SECURITY_SESSION_SHARE, + # XPACK + "XPACK_LICENSE_IS_VALID": has_valid_xpack_license(), + "XPACK_LICENSE_INFO": get_xpack_license_info(), + # Performance + "HELP_DOCUMENT_URL": settings.HELP_DOCUMENT_URL, + "HELP_SUPPORT_URL": settings.HELP_SUPPORT_URL, + # Auth + "AUTH_WECOM": settings.AUTH_WECOM, + "AUTH_DINGTALK": settings.AUTH_DINGTALK, + "AUTH_FEISHU": settings.AUTH_FEISHU, + # Terminal + "XRDP_ENABLED": settings.XRDP_ENABLED, + "TERMINAL_MAGNUS_ENABLED": settings.TERMINAL_MAGNUS_ENABLED, + "TERMINAL_KOKO_SSH_ENABLED": settings.TERMINAL_KOKO_SSH_ENABLED, + # Announcement + "ANNOUNCEMENT_ENABLED": settings.ANNOUNCEMENT_ENABLED, + "ANNOUNCEMENT": settings.ANNOUNCEMENT, + "AUTH_TEMP_TOKEN": settings.AUTH_TEMP_TOKEN, + } + + def get_object(self): + open_public = self.get_open_public_settings() + public = self.get_public_settings() + return { + **open_public, + **public + } + diff --git a/apps/settings/serializers/public.py b/apps/settings/serializers/public.py index 52e39a954..852f9ccca 100644 --- a/apps/settings/serializers/public.py +++ b/apps/settings/serializers/public.py @@ -3,8 +3,40 @@ from rest_framework import serializers -__all__ = ['PublicSettingSerializer'] +__all__ = ['PublicSettingSerializer', 'PrivateSettingSerializer'] class PublicSettingSerializer(serializers.Serializer): - data = serializers.DictField(read_only=True) + XPACK_ENABLED = serializers.BooleanField() + SECURITY_WATERMARK_ENABLED = serializers.BooleanField() + LOGIN_TITLE = serializers.CharField() + LOGO_URLS = serializers.DictField() + + +class PrivateSettingSerializer(PublicSettingSerializer): + WINDOWS_SKIP_ALL_MANUAL_PASSWORD = serializers.BooleanField() + OLD_PASSWORD_HISTORY_LIMIT_COUNT = serializers.IntegerField() + SECURITY_MAX_IDLE_TIME = serializers.IntegerField() + SECURITY_VIEW_AUTH_NEED_MFA = serializers.BooleanField() + SECURITY_MFA_VERIFY_TTL = serializers.IntegerField() + SECURITY_COMMAND_EXECUTION = serializers.BooleanField() + SECURITY_PASSWORD_EXPIRATION_TIME = serializers.IntegerField() + SECURITY_LUNA_REMEMBER_AUTH = serializers.BooleanField() + PASSWORD_RULE = serializers.DictField() + SECURITY_SESSION_SHARE = serializers.BooleanField() + XPACK_LICENSE_IS_VALID = serializers.BooleanField() + XPACK_LICENSE_INFO = serializers.DictField() + HELP_DOCUMENT_URL = serializers.CharField() + HELP_SUPPORT_URL = serializers.CharField() + + AUTH_WECOM = serializers.BooleanField() + AUTH_DINGTALK = serializers.BooleanField() + AUTH_FEISHU = serializers.BooleanField() + AUTH_TEMP_TOKEN = serializers.BooleanField() + + XRDP_ENABLED = serializers.BooleanField() + TERMINAL_MAGNUS_ENABLED = serializers.BooleanField() + TERMINAL_KOKO_SSH_ENABLED = serializers.BooleanField() + + ANNOUNCEMENT_ENABLED = serializers.BooleanField() + ANNOUNCEMENT = serializers.CharField() \ No newline at end of file diff --git a/apps/settings/urls/api_urls.py b/apps/settings/urls/api_urls.py index 22825f4e8..728baf0ae 100644 --- a/apps/settings/urls/api_urls.py +++ b/apps/settings/urls/api_urls.py @@ -22,4 +22,5 @@ urlpatterns = [ path('setting/', api.SettingsApi.as_view(), name='settings-setting'), path('public/', api.PublicSettingApi.as_view(), name='public-setting'), + path('public/open/', api.OpenPublicSettingApi.as_view(), name='open-public-setting'), ]