Merge branch 'dev' of github.com:jumpserver/jumpserver into dev

apps/authentication/api/access_key.py

@@ -5,15 +5,16 @@ from django.utils.translation import gettext as _
 from rest_framework import serializers
 from rest_framework.response import Response
 
-from authentication.permissions import UserConfirmation
 from common.api import JMSModelViewSet
 from rbac.permissions import RBACPermission
-from ..const import ConfirmType
-from ..serializers import AccessKeySerializer
+from ..serializers import AccessKeySerializer, AccessKeyCreateSerializer
 
 
 class AccessKeyViewSet(JMSModelViewSet):
-    serializer_class = AccessKeySerializer
+    serializer_classes = {
+        'default': AccessKeySerializer,
+        'create': AccessKeyCreateSerializer
+    }
     search_fields = ['^id']
     permission_classes = [RBACPermission]
 
@@ -26,19 +27,20 @@ class AccessKeyViewSet(JMSModelViewSet):
 
         if self.action == 'create':
             self.permission_classes = [
-                RBACPermission, UserConfirmation.require(ConfirmType.PASSWORD)
+                RBACPermission,
             ]
         return super().get_permissions()
 
+    def create(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)
+        key = self.perform_create(serializer)
+        serializer = self.get_serializer(instance=key)
+        return Response(serializer.data, status=201)
+
     def perform_create(self, serializer):
         user = self.request.user
         if user.access_keys.count() >= 10:
             raise serializers.ValidationError(_('Access keys can be created at most 10'))
         key = user.create_access_key()
         return key
-
-    def create(self, request, *args, **kwargs):
-        serializer = self.get_serializer(data=request.data)
-        serializer.is_valid(raise_exception=True)
-        key = self.perform_create(serializer)
-        return Response({'secret': key.secret, 'id': key.id}, status=201)