From a88ebeff150801f85a27f9a978b166663579b501 Mon Sep 17 00:00:00 2001
From: ewall555 <a03216@foxmail.com>
Date: Mon, 12 May 2025 11:41:58 +0800
Subject: [PATCH] feat: Set the default expiration days for adding user and
 asset permissions

---
 apps/common/utils/django.py           | 15 +++++++++++++++
 apps/jumpserver/conf.py               |  2 ++
 apps/jumpserver/settings/custom.py    |  2 ++
 apps/perms/models/asset_permission.py |  4 ++--
 apps/settings/serializers/public.py   |  2 ++
 apps/users/models/user/__init__.py    |  4 ++--
 6 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/apps/common/utils/django.py b/apps/common/utils/django.py
index fc692bc15..2ae5a479b 100644
--- a/apps/common/utils/django.py
+++ b/apps/common/utils/django.py
@@ -51,6 +51,21 @@ def date_expired_default():
         years = 70
     return timezone.now() + timezone.timedelta(days=365 * years)
 
+def user_date_expired_default():
+    try:
+        days = int(settings.USER_DEFAULT_EXPIRED_DAYS)
+    except TypeError:
+        days = 25550
+    return timezone.now() + timezone.timedelta(days=days)
+
+
+def asset_permission_date_expired_default():
+    try:
+        days = int(settings.ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS)
+    except TypeError:
+        days = 25550
+    return timezone.now() + timezone.timedelta(days=days)
+
 
 def union_queryset(*args, base_queryset=None):
     if len(args) == 1:
diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py
index 655aa763b..6d492bc9e 100644
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@@ -229,6 +229,8 @@ class Config(dict):
 
         'TOKEN_EXPIRATION': 3600 * 24,
         'DEFAULT_EXPIRED_YEARS': 70,
+        'USER_DEFAULT_EXPIRED_DAYS': 25550,
+        'ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS': 25550,
         'SESSION_COOKIE_DOMAIN': None,
         'CSRF_COOKIE_DOMAIN': None,
         'SESSION_COOKIE_NAME_PREFIX': None,
diff --git a/apps/jumpserver/settings/custom.py b/apps/jumpserver/settings/custom.py
index 38f30eac9..7c656d019 100644
--- a/apps/jumpserver/settings/custom.py
+++ b/apps/jumpserver/settings/custom.py
@@ -118,6 +118,8 @@ EMAIL_CUSTOM_USER_CREATED_SIGNATURE = CONFIG.EMAIL_CUSTOM_USER_CREATED_SIGNATURE
 
 DISPLAY_PER_PAGE = CONFIG.DISPLAY_PER_PAGE
 DEFAULT_EXPIRED_YEARS = CONFIG.DEFAULT_EXPIRED_YEARS
+USER_DEFAULT_EXPIRED_DAYS = CONFIG.USER_DEFAULT_EXPIRED_DAYS
+ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS = CONFIG.ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS
 USER_GUIDE_URL = CONFIG.USER_GUIDE_URL
 HTTP_LISTEN_PORT = CONFIG.HTTP_LISTEN_PORT
 WS_LISTEN_PORT = CONFIG.WS_LISTEN_PORT
diff --git a/apps/perms/models/asset_permission.py b/apps/perms/models/asset_permission.py
index 07c90ec13..ee72932b1 100644
--- a/apps/perms/models/asset_permission.py
+++ b/apps/perms/models/asset_permission.py
@@ -8,7 +8,7 @@ from django.utils.translation import gettext_lazy as _
 from accounts.const import AliasAccount
 from accounts.models import Account
 from assets.models import Asset
-from common.utils import date_expired_default, lazyproperty
+from common.utils import asset_permission_date_expired_default, lazyproperty
 from common.utils.timezone import local_now
 from labels.mixins import LabeledMixin
 from orgs.mixins.models import JMSOrgBaseModel
@@ -77,7 +77,7 @@ class AssetPermission(LabeledMixin, JMSOrgBaseModel):
     actions = models.IntegerField(default=ActionChoices.connect, verbose_name=_("Actions"))
     date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start"))
     date_expired = models.DateTimeField(
-        default=date_expired_default, db_index=True, verbose_name=_('Date expired')
+        default=asset_permission_date_expired_default, db_index=True, verbose_name=_('Date expired')
     )
     is_active = models.BooleanField(default=True, verbose_name=_('Active'))
     from_ticket = models.BooleanField(default=False, verbose_name=_('From ticket'))
diff --git a/apps/settings/serializers/public.py b/apps/settings/serializers/public.py
index 47cd75771..6e72e59e2 100644
--- a/apps/settings/serializers/public.py
+++ b/apps/settings/serializers/public.py
@@ -78,6 +78,8 @@ class PrivateSettingSerializer(PublicSettingSerializer):
     TOOL_USER_ENABLED = serializers.BooleanField()
 
     DEFAULT_EXPIRED_YEARS = serializers.IntegerField()
+    USER_DEFAULT_EXPIRED_DAYS = serializers.IntegerField()
+    ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS = serializers.IntegerField()
     PRIVACY_MODE = serializers.BooleanField()
 
 
diff --git a/apps/users/models/user/__init__.py b/apps/users/models/user/__init__.py
index c3c398a0b..920bb5bfc 100644
--- a/apps/users/models/user/__init__.py
+++ b/apps/users/models/user/__init__.py
@@ -13,7 +13,7 @@ from rest_framework.exceptions import PermissionDenied
 
 from common.db import fields, models as jms_models
 from common.utils import (
-    date_expired_default, get_logger, lazyproperty
+    user_date_expired_default, get_logger, lazyproperty
 )
 from labels.mixins import LabeledMixin
 from orgs.utils import current_org
@@ -99,7 +99,7 @@ class User(
     comment = models.TextField(blank=True, null=True, verbose_name=_("Comment"))
     is_first_login = models.BooleanField(default=True, verbose_name=_("Is first login"))
     date_expired = models.DateTimeField(
-        default=date_expired_default,
+        default=user_date_expired_default,
         blank=True,
         null=True,
         db_index=True,