github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-07-16 16:01:35 +00:00
Code Issues Projects Releases Wiki Activity

[Update] Middleware 写法升级到新版本, Task login require

Browse Source
This commit is contained in:
ibuler 2018-01-08 14:18:02 +08:00
parent 07a70311df
commit c7d1ba1944
3 changed files with 39 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
apps/jumpserver/middleware.py
View File

@ -4,24 +4,44 @@ import os
import re import re
import pytz import pytz
from django.utils import timezone from django.utils import timezone
from django.utils.deprecation import MiddlewareMixin
from django.shortcuts import HttpResponse from django.shortcuts import HttpResponse
DEMO_MODE = os.environ.get("DEMO_MODE", "") class TimezoneMiddleware:
SAFE_URL = r'^/users/login|^/api/terminal/v1/.*|/api/terminal/.*|/api/users/v1/auth/|/api/users/v1/profile/' def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
class TimezoneMiddleware(MiddlewareMixin):
def process_request(self, request):
tzname = request.META.get('TZ') tzname = request.META.get('TZ')
if tzname: if tzname:
timezone.activate(pytz.timezone(tzname)) timezone.activate(pytz.timezone(tzname))
else: else:
timezone.deactivate() timezone.deactivate()
response = self.get_response(request)
return response
class DemoMiddleware(MiddlewareMixin): class DemoMiddleware:
def process_request(self, request): DEMO_MODE_ENABLED = os.environ.get("DEMO_MODE", "") in ("1", "ok", "True")
if DEMO_MODE and request.method not in ["GET", "HEAD"] and not re.match(SAFE_URL, request.path): SAFE_URL_PATTERN = re.compile(
return HttpResponse("Demo mode, only get request accept", status=403) r'^/users/login|'
r'^/api/terminal/v1/.*|'
r'^/api/terminal/.*|'
r'^/api/users/v1/auth/|'
r'^/api/users/v1/profile/'
)
SAFE_METHOD = ("GET", "HEAD")
def __init__(self, get_response):
self.get_response = get_response
if self.DEMO_MODE_ENABLED:
print("Demo mode enabled, reject unsafe method and url")
def __call__(self, request):
if self.DEMO_MODE_ENABLED and request.method not in self.SAFE_METHOD \
and not self.SAFE_URL_PATTERN.match(request.path):
return HttpResponse("Demo mode, only safe request accepted", status=403)
else:
response = self.get_response(request)
return response

2
apps/ops/hands.py
View File

@ -1,4 +1,4 @@
# ~*~ coding: utf-8 ~*~ # ~*~ coding: utf-8 ~*~
from users.permissions import IsSuperUser from users.permissions import IsSuperUser
from users.utils import AdminUserRequiredMixin

15
apps/ops/views.py
View File

@ -6,9 +6,10 @@ from django.views.generic import ListView, DetailView
from common.mixins import DatetimeSearchMixin from common.mixins import DatetimeSearchMixin
from .models import Task, AdHoc, AdHocRunHistory from .models import Task, AdHoc, AdHocRunHistory
from .hands import AdminUserRequiredMixin
class TaskListView(DatetimeSearchMixin, ListView): class TaskListView(AdminUserRequiredMixin, DatetimeSearchMixin, ListView):
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
model = Task model = Task
ordering = ('-date_created',) ordering = ('-date_created',)
@ -42,7 +43,7 @@ class TaskListView(DatetimeSearchMixin, ListView):
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class TaskDetailView(DetailView): class TaskDetailView(AdminUserRequiredMixin, DetailView):
model = Task model = Task
template_name = 'ops/task_detail.html' template_name = 'ops/task_detail.html'
@ -55,7 +56,7 @@ class TaskDetailView(DetailView):
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class TaskAdhocView(DetailView): class TaskAdhocView(AdminUserRequiredMixin, DetailView):
model = Task model = Task
template_name = 'ops/task_adhoc.html' template_name = 'ops/task_adhoc.html'
@ -68,7 +69,7 @@ class TaskAdhocView(DetailView):
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class TaskHistoryView(DetailView): class TaskHistoryView(AdminUserRequiredMixin, DetailView):
model = Task model = Task
template_name = 'ops/task_history.html' template_name = 'ops/task_history.html'
@ -81,7 +82,7 @@ class TaskHistoryView(DetailView):
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class AdHocDetailView(DetailView): class AdHocDetailView(AdminUserRequiredMixin, DetailView):
model = AdHoc model = AdHoc
template_name = 'ops/adhoc_detail.html' template_name = 'ops/adhoc_detail.html'
@ -94,7 +95,7 @@ class AdHocDetailView(DetailView):
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class AdHocHistoryView(DetailView): class AdHocHistoryView(AdminUserRequiredMixin, DetailView):
model = AdHoc model = AdHoc
template_name = 'ops/adhoc_history.html' template_name = 'ops/adhoc_history.html'
@ -107,7 +108,7 @@ class AdHocHistoryView(DetailView):
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
class AdHocHistoryDetailView(DetailView): class AdHocHistoryDetailView(AdminUserRequiredMixin, DetailView):
model = AdHocRunHistory model = AdHocRunHistory
template_name = 'ops/adhoc_history_detail.html' template_name = 'ops/adhoc_history_detail.html'