[Update] 修改表结构

apps/assets/api/asset_user.py

@@ -1,8 +1,6 @@
 # -*- coding: utf-8 -*-
 #
 
-import time
-
 from rest_framework.response import Response
 from rest_framework import viewsets, status, generics
 from rest_framework.pagination import LimitOffsetPagination

apps/assets/migrations/0032_auto_20190624_2108.py

@@ -0,0 +1,75 @@
+# Generated by Django 2.1.7 on 2019-06-24 13:08
+
+import assets.models.utils
+import common.fields.model
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0031_auto_20190621_1332'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='adminuser',
+            name='_password',
+            field=common.fields.model.EncryptCharField(blank=True, max_length=256, null=True, verbose_name='Password'),
+        ),
+        migrations.AlterField(
+            model_name='adminuser',
+            name='_private_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, validators=[assets.models.utils.private_key_validator], verbose_name='SSH private key'),
+        ),
+        migrations.AlterField(
+            model_name='adminuser',
+            name='_public_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, verbose_name='SSH public key'),
+        ),
+        migrations.AlterField(
+            model_name='authbook',
+            name='_password',
+            field=common.fields.model.EncryptCharField(blank=True, max_length=256, null=True, verbose_name='Password'),
+        ),
+        migrations.AlterField(
+            model_name='authbook',
+            name='_private_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, validators=[assets.models.utils.private_key_validator], verbose_name='SSH private key'),
+        ),
+        migrations.AlterField(
+            model_name='authbook',
+            name='_public_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, verbose_name='SSH public key'),
+        ),
+        migrations.AlterField(
+            model_name='gateway',
+            name='_password',
+            field=common.fields.model.EncryptCharField(blank=True, max_length=256, null=True, verbose_name='Password'),
+        ),
+        migrations.AlterField(
+            model_name='gateway',
+            name='_private_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, validators=[assets.models.utils.private_key_validator], verbose_name='SSH private key'),
+        ),
+        migrations.AlterField(
+            model_name='gateway',
+            name='_public_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, verbose_name='SSH public key'),
+        ),
+        migrations.AlterField(
+            model_name='systemuser',
+            name='_password',
+            field=common.fields.model.EncryptCharField(blank=True, max_length=256, null=True, verbose_name='Password'),
+        ),
+        migrations.AlterField(
+            model_name='systemuser',
+            name='_private_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, validators=[assets.models.utils.private_key_validator], verbose_name='SSH private key'),
+        ),
+        migrations.AlterField(
+            model_name='systemuser',
+            name='_public_key',
+            field=common.fields.model.EncryptTextField(blank=True, null=True, verbose_name='SSH public key'),
+        ),
+    ]

apps/assets/migrations/0033_auto_20190624_2108.py

@@ -0,0 +1,74 @@
+# Generated by Django 2.1.7 on 2019-06-24 13:08
+
+import common.fields.model
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0032_auto_20190624_2108'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='adminuser',
+            old_name='_private_key',
+            new_name='private_key',
+        ),
+        migrations.RenameField(
+            model_name='adminuser',
+            old_name='_public_key',
+            new_name='public_key',
+        ),
+        migrations.RenameField(
+            model_name='authbook',
+            old_name='_private_key',
+            new_name='private_key',
+        ),
+        migrations.RenameField(
+            model_name='authbook',
+            old_name='_public_key',
+            new_name='public_key',
+        ),
+        migrations.RenameField(
+            model_name='gateway',
+            old_name='_private_key',
+            new_name='private_key',
+        ),
+        migrations.RenameField(
+            model_name='gateway',
+            old_name='_public_key',
+            new_name='public_key',
+        ),
+        migrations.RenameField(
+            model_name='systemuser',
+            old_name='_private_key',
+            new_name='private_key',
+        ),
+        migrations.RenameField(
+            model_name='systemuser',
+            old_name='_public_key',
+            new_name='public_key',
+        ),
+        migrations.RenameField(
+            model_name='adminuser',
+            old_name='_password',
+            new_name='password',
+        ),
+        migrations.RenameField(
+            model_name='authbook',
+            old_name='_password',
+            new_name='password',
+        ),
+        migrations.RenameField(
+            model_name='gateway',
+            old_name='_password',
+            new_name='password',
+        ),
+        migrations.RenameField(
+            model_name='systemuser',
+            old_name='_password',
+            new_name='password',
+        ),
+    ]

apps/assets/models/base.py

@@ -26,9 +26,9 @@ class AssetUser(OrgModelMixin):
     id = models.UUIDField(default=uuid.uuid4, primary_key=True)
     name = models.CharField(max_length=128, verbose_name=_('Name'))
     username = models.CharField(max_length=32, blank=True, verbose_name=_('Username'), validators=[alphanumeric])
-    _password = fields.EncryptCharField(max_length=256, blank=True, null=True, verbose_name=_('Password'))
+    password = fields.EncryptCharField(max_length=256, blank=True, null=True, verbose_name=_('Password'))
-    _private_key = models.TextField(max_length=4096, blank=True, null=True, verbose_name=_('SSH private key'), validators=[private_key_validator, ])
+    private_key = fields.EncryptTextField(blank=True, null=True, verbose_name=_('SSH private key'), validators=[private_key_validator, ])
-    _public_key = models.TextField(max_length=4096, blank=True, verbose_name=_('SSH public key'))
+    public_key = fields.EncryptTextField(blank=True, null=True, verbose_name=_('SSH public key'))
     comment = models.TextField(blank=True, verbose_name=_('Comment'))
     date_created = models.DateTimeField(auto_now_add=True, verbose_name=_("Date created"))
     date_updated = models.DateTimeField(auto_now=True, verbose_name=_("Date updated"))
@@ -38,28 +38,6 @@ class AssetUser(OrgModelMixin):
 
     _prefer = "system_user"
 
-    @property
-    def password(self):
-        if self._password:
-            return signer.unsign(self._password)
-        else:
-            return None
-
-    @password.setter
-    def password(self, password_raw):
-        # raise AttributeError("Using set_auth do that")
-        self._password = signer.sign(password_raw)
-
-    @property
-    def private_key(self):
-        if self._private_key:
-            return signer.unsign(self._private_key)
-
-    @private_key.setter
-    def private_key(self, private_key_raw):
-        # raise AttributeError("Using set_auth do that")
-        self._private_key = signer.sign(private_key_raw)
-
     @property
     def private_key_obj(self):
         if self._private_key:
@@ -82,19 +60,6 @@ class AssetUser(OrgModelMixin):
             os.chmod(key_path, 0o400)
         return key_path
 
-    @property
-    def public_key(self):
-        key = signer.unsign(self._public_key)
-        if key:
-            return key
-        else:
-            return None
-
-    @public_key.setter
-    def public_key(self, public_key_raw):
-        # raise AttributeError("Using set_auth do that")
-        self._public_key = signer.sign(public_key_raw)
-
     @property
     def public_key_obj(self):
         if self.public_key:
@@ -192,9 +157,9 @@ class AssetUser(OrgModelMixin):
         self.private_key = other.private_key
 
     def clear_auth(self):
-        self._password = ''
+        self.password = ''
-        self._private_key = ''
+        self.private_key = ''
-        self._public_key = ''
+        self.public_key = ''
         self.save()
 
     def auto_gen_auth(self):
@@ -231,7 +196,7 @@ class AssetUser(OrgModelMixin):
         from . import AuthBook
         fields = [
             'name', 'username', 'comment', 'org_id',
-            '_password', '_private_key', '_public_key',
+            'password', 'private_key', 'public_key',
             'date_created', 'date_updated', 'created_by'
         ]
         i = self.generate_id_with_asset(asset)

apps/common/fields/model.py

@@ -124,10 +124,27 @@ class EncryptTextField(EncryptMixin, models.TextField):
 
 
 class EncryptCharField(EncryptMixin, models.CharField):
+    @staticmethod
+    def change_max_length(kwargs):
+        kwargs.setdefault('max_length', 1024)
+        max_length = kwargs.get('max_length')
+        if max_length < 129:
+            max_length = 128
+        max_length = max_length * 2
+        kwargs['max_length'] = max_length
+
     def __init__(self, *args, **kwargs):
-        kwargs['max_length'] = 2048
+        self.change_max_length(kwargs)
         super().__init__(*args, **kwargs)
 
+    def deconstruct(self):
+        name, path, args, kwargs = super().deconstruct()
+        max_length = kwargs.pop('max_length')
+        if max_length > 255:
+            max_length = max_length // 2
+        kwargs['max_length'] = max_length
+        return name, path, args, kwargs
+
 
 class EncryptJsonDictTextField(EncryptMixin, JsonDictTextField):
     pass

apps/common/tests.py

@@ -1,3 +1,16 @@
 from django.test import TestCase
 
 # Create your tests here.
+
+from .utils import random_string, get_signer
+
+
+def test_signer_len():
+    signer = get_signer()
+    results = {}
+    for i in range(1, 4096):
+        s = random_string(i)
+        encs = signer.sign(s)
+        results[i] = (len(encs)/len(s))
+    results = sorted(results.items(), key=lambda x: x[1], reverse=True)
+    print(results)

apps/locale/zh/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Jumpserver 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2019-06-24 20:17+0800\n"
+"POT-Creation-Date: 2019-06-24 21:38+0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: Jumpserver team<ibuler@qq.com>\n"
@@ -411,7 +411,7 @@ msgstr "详情"
 
 #: applications/templates/applications/remote_app_detail.html:21
 #: applications/templates/applications/remote_app_list.html:56
-#: assets/templates/assets/_asset_user_list.html:69
+#: assets/templates/assets/_asset_user_list.html:70
 #: assets/templates/assets/admin_user_detail.html:24
 #: assets/templates/assets/admin_user_list.html:29
 #: assets/templates/assets/admin_user_list.html:114
@@ -1435,11 +1435,11 @@ msgstr "日期"
 msgid "Test datetime: "
 msgstr "测试日期: "
 
-#: assets/templates/assets/_asset_user_list.html:68
+#: assets/templates/assets/_asset_user_list.html:69
 msgid "View"
 msgstr "查看"
 
-#: assets/templates/assets/_asset_user_list.html:70
+#: assets/templates/assets/_asset_user_list.html:71
 #: assets/templates/assets/admin_user_assets.html:61
 #: assets/templates/assets/asset_asset_user_list.html:57
 #: assets/templates/assets/asset_detail.html:182
@@ -1448,7 +1448,7 @@ msgstr "查看"
 msgid "Test"
 msgstr "测试"
 
-#: assets/templates/assets/_asset_user_list.html:71
+#: assets/templates/assets/_asset_user_list.html:72
 #: assets/templates/assets/system_user_assets.html:72
 #: assets/templates/assets/system_user_detail.html:142
 msgid "Push"
@@ -1632,7 +1632,7 @@ msgstr "比例"
 #: users/templates/users/user_group_list.html:194
 #: users/templates/users/user_list.html:158
 #: users/templates/users/user_list.html:190
-#: xpack/plugins/vault/templates/vault/vault.html:223
+#: xpack/plugins/vault/templates/vault/vault.html:224
 msgid "Please select file"
 msgstr "选择文件"