mirror of
https://github.com/jumpserver/jumpserver.git
synced 2026-01-16 07:28:59 +00:00
e259d2a9e9
* feat: 添加 RBAC 应用模块 * feat: 添加 RBAC Model、API * feat: 添加 RBAC Model、API 2 * feat: 添加 RBAC Model、API 3 * feat: 添加 RBAC Model、API 4 * feat: RBAC * feat: RBAC * feat: RBAC * feat: RBAC * feat: RBAC * feat: RBAC 整理权限位 * feat: RBAC 整理权限位2 * feat: RBAC 整理权限位2 * feat: RBAC 整理权限位 * feat: RBAC 添加默认角色 * feat: RBAC 添加迁移文件;迁移用户角色->用户角色绑定 * feat: RBAC 添加迁移文件;迁移用户角色->用户角色绑定 * feat: RBAC 修改用户模块API * feat: RBAC 添加组织模块迁移文件 & 修改组织模块API * feat: RBAC 添加组织模块迁移文件 & 修改组织模块API * feat: RBAC 修改用户角色属性的使用 * feat: RBAC No.1 * xxx * perf: 暂存 * perf: ... * perf(rbac): 添加 perms 到 profile serializer 中 * stash * perf: 使用init * perf: 修改migrations * perf: rbac * stash * stash * pref: 修改rbac * stash it * stash: 先去修复其他bug * perf: 修改 role 添加 users * pref: 修改 RBAC Model * feat: 添加权限的 tree api * stash: 暂存一下 * stash: 暂存一下 * perf: 修改 model verbose name * feat: 添加model各种 verbose name * perf: 生成 migrations * perf: 优化权限位 * perf: 添加迁移脚本 * feat: 添加组织角色迁移 * perf: 添加迁移脚本 * stash * perf: 添加migrateion * perf: 暂存一下 * perf: 修改rbac * perf: stash it * fix: 迁移冲突 * fix: 迁移冲突 * perf: 暂存一下 * perf: 修改 rbac 逻辑 * stash: 暂存一下 * perf: 修改内置角色 * perf: 解决 root 组织的问题 * perf: stash it * perf: 优化 rbac * perf: 优化 rolebinding 处理 * perf: 完成用户离开组织的问题 * perf: 暂存一下 * perf: 修改翻译 * perf: 去掉了 IsSuperUser * perf: IsAppUser 去掉完成 * perf: 修改 connection token 的权限 * perf: 去掉导入的问题 * perf: perms define 格式,修改 app 用户 的全新啊 * perf: 修改 permission * perf: 去掉一些 org admin * perf: 去掉部分 org admin * perf: 再去掉点 org admin role * perf: 再去掉部分 org admin * perf: user 角色搜索 * perf: 去掉很多 js * perf: 添加权限位 * perf: 修改权限 * perf: 去掉一个 todo * merge: with dev * fix: 修复冲突 Co-authored-by: Bai <bugatti_it@163.com> Co-authored-by: Michael Bai <baijiangjie@gmail.com> Co-authored-by: ibuler <ibuler@qq.com>
94 lines
3.4 KiB
Python
94 lines
3.4 KiB
Python
# -*- coding: utf-8 -*-
|
|
#
|
|
|
|
from rest_framework import generics
|
|
from django.conf import settings
|
|
|
|
from jumpserver.conf import Config
|
|
from rbac.permissions import RBACPermission
|
|
from common.utils import get_logger
|
|
from .. import serializers
|
|
from ..models import Setting
|
|
|
|
logger = get_logger(__file__)
|
|
|
|
|
|
class SettingsApi(generics.RetrieveUpdateAPIView):
|
|
permission_classes = (RBACPermission,)
|
|
|
|
serializer_class_mapper = {
|
|
'all': serializers.SettingsSerializer,
|
|
'basic': serializers.BasicSettingSerializer,
|
|
'terminal': serializers.TerminalSettingSerializer,
|
|
'security': serializers.SecuritySettingSerializer,
|
|
'ldap': serializers.LDAPSettingSerializer,
|
|
'email': serializers.EmailSettingSerializer,
|
|
'email_content': serializers.EmailContentSettingSerializer,
|
|
'wecom': serializers.WeComSettingSerializer,
|
|
'dingtalk': serializers.DingTalkSettingSerializer,
|
|
'feishu': serializers.FeiShuSettingSerializer,
|
|
'auth': serializers.AuthSettingSerializer,
|
|
'oidc': serializers.OIDCSettingSerializer,
|
|
'keycloak': serializers.KeycloakSettingSerializer,
|
|
'radius': serializers.RadiusSettingSerializer,
|
|
'cas': serializers.CASSettingSerializer,
|
|
'sso': serializers.SSOSettingSerializer,
|
|
'saml2': serializers.SAML2SettingSerializer,
|
|
'clean': serializers.CleaningSerializer,
|
|
'other': serializers.OtherSettingSerializer,
|
|
'sms': serializers.SMSSettingSerializer,
|
|
'alibaba': serializers.AlibabaSMSSettingSerializer,
|
|
'tencent': serializers.TencentSMSSettingSerializer,
|
|
}
|
|
|
|
def get_queryset(self):
|
|
return Setting.objects.all()
|
|
|
|
def get_serializer_class(self):
|
|
category = self.request.query_params.get('category', 'basic')
|
|
default = serializers.BasicSettingSerializer
|
|
cls = self.serializer_class_mapper.get(category, default)
|
|
return cls
|
|
|
|
def get_fields(self):
|
|
serializer = self.get_serializer_class()()
|
|
fields = serializer.get_fields()
|
|
return fields
|
|
|
|
def get_object(self):
|
|
items = self.get_fields().keys()
|
|
obj = {}
|
|
for item in items:
|
|
if hasattr(settings, item):
|
|
obj[item] = getattr(settings, item)
|
|
else:
|
|
obj[item] = Config.defaults[item]
|
|
return obj
|
|
|
|
def parse_serializer_data(self, serializer):
|
|
data = []
|
|
fields = self.get_fields()
|
|
encrypted_items = [name for name, field in fields.items() if field.write_only]
|
|
category = self.request.query_params.get('category', '')
|
|
for name, value in serializer.validated_data.items():
|
|
encrypted = name in encrypted_items
|
|
if encrypted and value in ['', None]:
|
|
continue
|
|
data.append({
|
|
'name': name, 'value': value,
|
|
'encrypted': encrypted, 'category': category
|
|
})
|
|
return data
|
|
|
|
def perform_update(self, serializer):
|
|
settings_items = self.parse_serializer_data(serializer)
|
|
serializer_data = getattr(serializer, 'data', {})
|
|
for item in settings_items:
|
|
changed, setting = Setting.update_or_create(**item)
|
|
if not changed:
|
|
continue
|
|
serializer_data[setting.name] = setting.cleaned_value
|
|
setattr(serializer, '_data', serializer_data)
|
|
if hasattr(serializer, 'post_save'):
|
|
serializer.post_save()
|