jumpserver/apps/users/api.py

# ~*~ coding: utf-8 ~*~
#

from rest_framework import generics, viewsets
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework.permissions import AllowAny
from rest_framework_bulk import BulkModelViewSet
# from django_filters.rest_framework import DjangoFilterBackend

from common.mixins import IDInFilterMixin
from common.utils import get_logger
from .utils import check_user_valid, generate_token
from .models import User, UserGroup
from .hands import write_login_log_async
from .permissions import (
    IsSuperUser, IsAppUser, IsValidUser)
from . import serializers


logger = get_logger(__name__)


class UserViewSet(IDInFilterMixin, BulkModelViewSet):
    queryset = User.objects.all()
    serializer_class = serializers.UserSerializer
    permission_classes = (IsSuperUser,)
    # filter_backends = (DjangoFilterBackend,)
    filter_fields = ('username', 'email', 'name', 'id')


class UserUpdateGroupApi(generics.RetrieveUpdateAPIView):
    queryset = User.objects.all()
    serializer_class = serializers.UserUpdateGroupSerializer
    permission_classes = (IsSuperUser,)


class UserResetPasswordApi(generics.UpdateAPIView):
    queryset = User.objects.all()
    serializer_class = serializers.UserSerializer

    def perform_update(self, serializer):
        # Note: we are not updating the user object here.
        # We just do the reset-password staff.
        import uuid
        from .utils import send_reset_password_mail
        user = self.get_object()
        user.password_raw = str(uuid.uuid4())
        user.save()
        send_reset_password_mail(user)


class UserResetPKApi(generics.UpdateAPIView):
    queryset = User.objects.all()
    serializer_class = serializers.UserSerializer

    def perform_update(self, serializer):
        from .utils import send_reset_ssh_key_mail
        user = self.get_object()
        user.is_public_key_valid = False
        user.save()
        send_reset_ssh_key_mail(user)


class UserUpdatePKApi(generics.UpdateAPIView):
    queryset = User.objects.all()
    serializer_class = serializers.UserPKUpdateSerializer

    def perform_update(self, serializer):
        user = self.get_object()
        user.public_key = serializer.validated_data['_public_key']
        user.save()


class UserGroupViewSet(IDInFilterMixin, BulkModelViewSet):
    queryset = UserGroup.objects.all()
    serializer_class = serializers.UserGroupSerializer


class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView):
    queryset = UserGroup.objects.all()
    serializer_class = serializers.UserGroupUpdateMemeberSerializer
    permission_classes = (IsSuperUser,)


class UserToken(APIView):
    permission_classes = (AllowAny,)

    def post(self, request):
        if not request.user:
            username = request.data.get('username', '')
            email = request.data.get('email', '')
            password = request.data.get('password', '')
            public_key = request.data.get('public_key', '')

            user, msg = check_user_valid(
                username=username, email=email,
                password=password, public_key=public_key)
        else:
            user = request.user
            msg = None
        if user:
            token = generate_token(request, user)
            return Response({'Token': token, 'Keyword': 'Bearer'}, status=200)
        else:
            return Response({'error': msg}, status=406)


class UserProfile(APIView):
    permission_classes = (IsValidUser,)

    def get(self, request):
        return Response(request.user.to_json())

    def post(self, request):
        return Response(request.user.to_json())


class UserAuthApi(APIView):
    permission_classes = (AllowAny,)

    def post(self, request):
        username = request.data.get('username', '')
        password = request.data.get('password', '')
        public_key = request.data.get('public_key', '')
        login_type = request.data.get('login_type', '')
        login_ip = request.data.get('remote_addr', None)
        user_agent = request.data.get('HTTP_USER_AGENT', '')

        user, msg = check_user_valid(
            username=username, password=password,
            public_key=public_key)

        if user:
            token = generate_token(request, user)
            write_login_log_async.delay(
                user.username, name=user.name,
                user_agent=user_agent, login_ip=login_ip,
                login_type=login_type)
            return Response({'token': token, 'user': user.to_json()})
        else:
            return Response({'msg': msg}, status=401)
添加 utils和api样例文件 8 years ago			`# ~~ coding: utf-8 ~~`
Add api file 8 years ago			`#`
添加 utils和api样例文件 8 years ago
update asset 8 years ago			`from rest_framework import generics, viewsets`
add user-list-delete support for user-group detail page 8 years ago			`from rest_framework.response import Response`
Finish token access api 8 years ago			`from rest_framework.views import APIView`
Update api 8 years ago			`from rest_framework.permissions import AllowAny`
update asset 8 years ago			`from rest_framework_bulk import BulkModelViewSet`
[Feature] 添加Dockerfile 8 years ago			`# from django_filters.rest_framework import DjangoFilterBackend`
Add api file 8 years ago
Base finish user 8 years ago			`from common.mixins import IDInFilterMixin`
Add auth and permission backends 8 years ago			`from common.utils import get_logger`
Update app terminal name to applications 8 years ago			`from .utils import check_user_valid, generate_token`
Delete Model: Role 8 years ago			`from .models import User, UserGroup`
Add login log 8 years ago			`from .hands import write_login_log_async`
[Change] 拆分user view为多个view 8 years ago			`from .permissions import (`
[Change] 修改perm的代码，强制79个字符内 8 years ago			`IsSuperUser, IsAppUser, IsValidUser)`
Add login log 8 years ago			`from . import serializers`
Add api file 8 years ago

Update table desgin doc and audit log 8 years ago			`logger = get_logger(__name__)`
Add Logger setting . 8 years ago

Base finish user 8 years ago			`class UserViewSet(IDInFilterMixin, BulkModelViewSet):`
Delete Model: Role 8 years ago			`queryset = User.objects.all()`
change user api 8 years ago			`serializer_class = serializers.UserSerializer`
Plan create a new app: terminal 8 years ago			`permission_classes = (IsSuperUser,)`
[Feature] 添加Dockerfile 8 years ago			`# filter_backends = (DjangoFilterBackend,)`
to Commpany 8 years ago			`filter_fields = ('username', 'email', 'name', 'id')`
[BugFix] update some user import bug 8 years ago
Delete Model: Role 8 years ago
User group detail 8 years ago			`class UserUpdateGroupApi(generics.RetrieveUpdateAPIView):`
update some user api 8 years ago			`queryset = User.objects.all()`
User group detail 8 years ago			`serializer_class = serializers.UserUpdateGroupSerializer`
update some user api 8 years ago			`permission_classes = (IsSuperUser,)`
reset user password and ssh pk implement 8 years ago

			`class UserResetPasswordApi(generics.UpdateAPIView):`
			`queryset = User.objects.all()`
change user api 8 years ago			`serializer_class = serializers.UserSerializer`
reset user password and ssh pk implement 8 years ago
			`def perform_update(self, serializer):`
			`# Note: we are not updating the user object here.`
			`# We just do the reset-password staff.`
change user ssh reset type from private key to public key 8 years ago			`import uuid`
change user api 8 years ago			`from .utils import send_reset_password_mail`
			`user = self.get_object()`
change user ssh reset type from private key to public key 8 years ago			`user.password_raw = str(uuid.uuid4())`
			`user.save()`
reset user password and ssh pk implement 8 years ago			`send_reset_password_mail(user)`


update some user api 8 years ago			`class UserResetPKApi(generics.UpdateAPIView):`
reset user password and ssh pk implement 8 years ago			`queryset = User.objects.all()`
change user api 8 years ago			`serializer_class = serializers.UserSerializer`
reset user password and ssh pk implement 8 years ago
			`def perform_update(self, serializer):`
change user api 8 years ago			`from .utils import send_reset_ssh_key_mail`
reset user password and ssh pk implement 8 years ago			`user = self.get_object()`
fix #14 8 years ago			`user.is_public_key_valid = False`
reset user password and ssh pk implement 8 years ago			`user.save()`
change user ssh reset type from private key to public key 8 years ago			`send_reset_ssh_key_mail(user)`
fix #14 8 years ago
update some user api 8 years ago
			`class UserUpdatePKApi(generics.UpdateAPIView):`
			`queryset = User.objects.all()`
			`serializer_class = serializers.UserPKUpdateSerializer`

			`def perform_update(self, serializer):`
			`user = self.get_object()`
			`user.public_key = serializer.validated_data['_public_key']`
			`user.save()`

User group detail 8 years ago
update asset 8 years ago			`class UserGroupViewSet(IDInFilterMixin, BulkModelViewSet):`
User group detail 8 years ago			`queryset = UserGroup.objects.all()`
			`serializer_class = serializers.UserGroupSerializer`


			`class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView):`
			`queryset = UserGroup.objects.all()`
			`serializer_class = serializers.UserGroupUpdateMemeberSerializer`
			`permission_classes = (IsSuperUser,)`

Plan create a new app: terminal 8 years ago
Update api 8 years ago			`class UserToken(APIView):`
Update api 8 years ago			`permission_classes = (AllowAny,)`
Update api 8 years ago
Update api 8 years ago			`def post(self, request):`
[Bugfix] 紧急修复url解析失败错误 8 years ago			`if not request.user:`
			`username = request.data.get('username', '')`
			`email = request.data.get('email', '')`
			`password = request.data.get('password', '')`
			`public_key = request.data.get('public_key', '')`

[Change] 拆分user view为多个view 8 years ago			`user, msg = check_user_valid(`
			`username=username, email=email,`
			`password=password, public_key=public_key)`
[Bugfix] 紧急修复url解析失败错误 8 years ago			`else:`
			`user = request.user`
			`msg = None`
Update api 8 years ago			`if user:`
Update api 8 years ago			`token = generate_token(request, user)`
[Bugfix] 紧急修复url解析失败错误 8 years ago			`return Response({'Token': token, 'Keyword': 'Bearer'}, status=200)`
Update api 8 years ago			`else:`
			`return Response({'error': msg}, status=406)`
Update api 8 years ago

			`class UserProfile(APIView):`
			`permission_classes = (IsValidUser,)`

			`def get(self, request):`
			`return Response(request.user.to_json())`

[Change] 拆分user view为多个view 8 years ago			`def post(self, request):`
			`return Response(request.user.to_json())`

Update api 8 years ago
change user api 8 years ago			`class UserAuthApi(APIView):`
Update api 8 years ago			`permission_classes = (AllowAny,)`
Finish token access api 8 years ago
[Change] 拆分user view为多个view 8 years ago			`def post(self, request):`
Finish token access api 8 years ago			`username = request.data.get('username', '')`
			`password = request.data.get('password', '')`
			`public_key = request.data.get('public_key', '')`
Update api 8 years ago			`login_type = request.data.get('login_type', '')`
[Change] 拆分user view为多个view 8 years ago			`login_ip = request.data.get('remote_addr', None)`
Update api 8 years ago			`user_agent = request.data.get('HTTP_USER_AGENT', '')`

[Fix] 修改一些api bug 8 years ago			`user, msg = check_user_valid(`
			`username=username, password=password,`
			`public_key=public_key)`
change user api 8 years ago
Finish token access api 8 years ago			`if user:`
Update api 8 years ago			`token = generate_token(request, user)`
[Fix] 修改一些api bug 8 years ago			`write_login_log_async.delay(`
			`user.username, name=user.name,`
			`user_agent=user_agent, login_ip=login_ip,`
			`login_type=login_type)`
Update api 8 years ago			`return Response({'token': token, 'user': user.to_json()})`
Finish token access api 8 years ago			`else:`
Update api 8 years ago			`return Response({'msg': msg}, status=401)`