mirror of
https://github.com/jumpserver/jumpserver.git
synced 2026-01-16 23:52:41 +00:00
164f48e131
* [Update] 统一url地址 * [Update] 修改api * [Update] 使用规范的签名 * [Update] 修改url * [Update] 修改swagger * [Update] 添加serializer class避免报错 * [Update] 修改token * [Update] 支持api key * [Update] 支持生成api key * [Update] 修改api重定向 * [Update] 修改翻译 * [Update] 添加说明文档 * [Update] 修复浏览器关闭后session不失效的问题 * [Update] 修改一些内容 * [Update] 修改 jms脚本 * [Update] 修改重定向 * [Update] 修改搜索trim * [Update] 修改搜索trim * [Update] 添加sys log * [Bugfix] 修改登陆错误 * [Update] 优化User操作private_token的接口 (#3091) * [Update] 优化User操作private_token的接口 * [Update] 优化User操作private_token的接口 2 * [Bugfix] 解决授权了一个节点,当移动节点后,被移动的节点下的资产会放到未分组节点下的问题 * [Update] 升级jquery * [Update] 默认使用page * [Update] 修改使用Orgmodel view set * [Update] 支持 nv的硬盘 https://github.com/jumpserver/jumpserver/issues/1804 * [UPdate] 解决命令执行宽度问题 * [Update] 优化节点 * [Update] 修改nodes过多时创建比较麻烦 * [Update] 修改导入 * [Update] 节点获取更新 * [Update] 修改nodes * [Update] nodes显示full value * [Update] 统一使用nodes select2 函数 * [Update] 修改磁盘大小小数 * [Update] 修改 Node service * [Update] 优化授权节点 * [Update] 修改 node permission * [Update] 修改asset permission * [Stash] * [Update] 修改node assets api * [Update] 修改tree service,支持资产数量 * [Update] 修改暂时完成 * [Update] 修改一些bug
132 lines
4.7 KiB
Python
132 lines
4.7 KiB
Python
from rest_framework import serializers
|
||
|
||
from django.utils.translation import ugettext_lazy as _
|
||
|
||
from common.serializers import AdaptedBulkListSerializer
|
||
from common.utils import ssh_pubkey_gen
|
||
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
|
||
from ..models import SystemUser
|
||
from .base import AuthSerializer, AuthSerializerMixin
|
||
|
||
|
||
class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
|
||
"""
|
||
系统用户
|
||
"""
|
||
auto_generate_key = serializers.BooleanField(initial=True, required=False, write_only=True)
|
||
|
||
class Meta:
|
||
model = SystemUser
|
||
list_serializer_class = AdaptedBulkListSerializer
|
||
fields = [
|
||
'id', 'name', 'username', 'password', 'public_key', 'private_key',
|
||
'login_mode', 'login_mode_display', 'priority', 'protocol',
|
||
'auto_push', 'cmd_filters', 'sudo', 'shell', 'comment', 'nodes',
|
||
'assets_amount', 'auto_generate_key'
|
||
]
|
||
extra_kwargs = {
|
||
'password': {"write_only": True},
|
||
'public_key': {"write_only": True},
|
||
'private_key': {"write_only": True},
|
||
'assets_amount': {'label': _('Asset')},
|
||
'login_mode_display': {'label': _('Login mode display')},
|
||
'created_by': {'read_only': True},
|
||
}
|
||
|
||
def validate_auto_push(self, value):
|
||
login_mode = self.initial_data.get("login_mode")
|
||
protocol = self.initial_data.get("protocol")
|
||
|
||
if login_mode == SystemUser.LOGIN_MANUAL or \
|
||
protocol in [SystemUser.PROTOCOL_TELNET,
|
||
SystemUser.PROTOCOL_VNC]:
|
||
value = False
|
||
return value
|
||
|
||
def validate_auto_generate_key(self, value):
|
||
login_mode = self.initial_data.get("login_mode")
|
||
protocol = self.initial_data.get("protocol")
|
||
|
||
if self.context["request"].method.lower() != "post":
|
||
value = False
|
||
elif self.instance:
|
||
value = False
|
||
elif login_mode == SystemUser.LOGIN_MANUAL:
|
||
value = False
|
||
elif protocol in [SystemUser.PROTOCOL_TELNET, SystemUser.PROTOCOL_VNC]:
|
||
value = False
|
||
return value
|
||
|
||
def validate_username(self, username):
|
||
if username:
|
||
return username
|
||
login_mode = self.initial_data.get("login_mode")
|
||
protocol = self.initial_data.get("protocol")
|
||
if login_mode == SystemUser.LOGIN_AUTO and \
|
||
protocol != SystemUser.PROTOCOL_VNC:
|
||
msg = _('* Automatic login mode must fill in the username.')
|
||
raise serializers.ValidationError(msg)
|
||
return username
|
||
|
||
def validate_password(self, password):
|
||
super().validate_password(password)
|
||
auto_gen_key = self.initial_data.get("auto_generate_key", False)
|
||
private_key = self.initial_data.get("private_key")
|
||
login_mode = self.initial_data.get("login_mode")
|
||
if not self.instance and not auto_gen_key and not password and \
|
||
not private_key and login_mode == SystemUser.LOGIN_AUTO:
|
||
raise serializers.ValidationError(_("Password or private key required"))
|
||
return password
|
||
|
||
def validate(self, attrs):
|
||
username = attrs.get("username", "manual")
|
||
protocol = attrs.get("protocol")
|
||
auto_gen_key = attrs.get("auto_generate_key", False)
|
||
if auto_gen_key:
|
||
password = SystemUser.gen_password()
|
||
attrs["password"] = password
|
||
if protocol == SystemUser.PROTOCOL_SSH:
|
||
private_key, public_key = SystemUser.gen_key(username)
|
||
attrs["private_key"] = private_key
|
||
attrs["public_key"] = public_key
|
||
# 如果设置了private key,没有设置public key则生成
|
||
elif attrs.get("private_key", None):
|
||
private_key = attrs["private_key"]
|
||
password = attrs.get("password")
|
||
public_key = ssh_pubkey_gen(private_key, password=password,
|
||
username=username)
|
||
attrs["public_key"] = public_key
|
||
attrs.pop("auto_generate_key", None)
|
||
return attrs
|
||
|
||
@classmethod
|
||
def setup_eager_loading(cls, queryset):
|
||
""" Perform necessary eager loading of data. """
|
||
queryset = queryset.prefetch_related('cmd_filters', 'nodes')
|
||
return queryset
|
||
|
||
|
||
class SystemUserAuthSerializer(AuthSerializer):
|
||
"""
|
||
系统用户认证信息
|
||
"""
|
||
|
||
class Meta:
|
||
model = SystemUser
|
||
fields = [
|
||
"id", "name", "username", "protocol",
|
||
"login_mode", "password", "private_key",
|
||
]
|
||
|
||
|
||
class SystemUserSimpleSerializer(serializers.ModelSerializer):
|
||
"""
|
||
系统用户最基本信息的数据结构
|
||
"""
|
||
class Meta:
|
||
model = SystemUser
|
||
fields = ('id', 'name', 'username')
|
||
|
||
|
||
|