mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-10-31 05:41:59 +00:00
c465fccc33
* feat: 添加 SECURITY_SESSION_SHARE 配置 * feat: 添加 SessionShare / ShareJoinRecord Model * feat: 添加 SessionShare / ShareJoinRecord Model * feat: 添加 SessionSharing / SessionJoinRecord Model * feat: 添加 SessionSharing API * feat: 添加 SessionJoinRecord API * feat: 修改迁移文件 * feat: 修改迁移文件 * feat: 修改迁移文件 * feat: 修改API权限
80 lines
2.8 KiB
Python
80 lines
2.8 KiB
Python
from rest_framework.exceptions import MethodNotAllowed, ValidationError
|
|
from rest_framework.decorators import action
|
|
from rest_framework.response import Response
|
|
from django.conf import settings
|
|
from django.utils.translation import ugettext_lazy as _
|
|
from common.permissions import IsAppUser, IsSuperUser
|
|
from common.const.http import PATCH
|
|
from orgs.mixins.api import OrgModelViewSet
|
|
from .. import serializers, models
|
|
|
|
__all__ = ['SessionSharingViewSet', 'SessionJoinRecordsViewSet']
|
|
|
|
|
|
class SessionSharingViewSet(OrgModelViewSet):
|
|
serializer_class = serializers.SessionSharingSerializer
|
|
permission_classes = (IsAppUser | IsSuperUser, )
|
|
search_fields = ('session', 'creator', 'is_active', 'expired_time')
|
|
filterset_fields = search_fields
|
|
model = models.SessionSharing
|
|
|
|
def get_permissions(self):
|
|
if self.request.method.lower() in ['post']:
|
|
self.permission_classes = (IsAppUser,)
|
|
return super().get_permissions()
|
|
|
|
def create(self, request, *args, **kwargs):
|
|
if not settings.SECURITY_SESSION_SHARE:
|
|
detail = _('Secure session sharing settings is disabled')
|
|
raise MethodNotAllowed(self.action, detail=detail)
|
|
return super().create(request, *args, **kwargs)
|
|
|
|
def destroy(self, request, *args, **kwargs):
|
|
raise MethodNotAllowed(self.action)
|
|
|
|
|
|
class SessionJoinRecordsViewSet(OrgModelViewSet):
|
|
serializer_class = serializers.SessionJoinRecordSerializer
|
|
permission_classes = (IsAppUser | IsSuperUser, )
|
|
search_fields = (
|
|
'sharing', 'session', 'joiner', 'date_joined', 'date_left',
|
|
'login_from', 'is_success', 'is_finished'
|
|
)
|
|
filterset_fields = search_fields
|
|
model = models.SessionJoinRecord
|
|
|
|
def get_permissions(self):
|
|
if self.request.method.lower() in ['post']:
|
|
self.permission_classes = (IsAppUser,)
|
|
return super().get_permissions()
|
|
|
|
def create(self, request, *args, **kwargs):
|
|
try:
|
|
response = super().create(request, *args, **kwargs)
|
|
except ValidationError as e:
|
|
error = e.args[0] if e.args else ''
|
|
response = Response(
|
|
data={'error': str(error)}, status=e.status_code
|
|
)
|
|
return response
|
|
|
|
def perform_create(self, serializer):
|
|
instance = serializer.save()
|
|
self.can_join(instance)
|
|
|
|
@staticmethod
|
|
def can_join(instance):
|
|
can_join, reason = instance.can_join()
|
|
if not can_join:
|
|
instance.join_failed(reason=reason)
|
|
raise ValidationError(reason)
|
|
|
|
@action(methods=[PATCH], detail=True)
|
|
def finished(self, request, *args, **kwargs):
|
|
instance = self.get_object()
|
|
instance.finished()
|
|
return Response(data={'msg': 'ok'})
|
|
|
|
def destroy(self, request, *args, **kwargs):
|
|
raise MethodNotAllowed(self.action)
|