2017-11-29 11:27:04 +00:00
|
|
|
# ~*~ coding: utf-8 ~*~
|
2020-06-16 05:39:49 +00:00
|
|
|
from django.utils.translation import ugettext_lazy as _
|
2017-11-29 11:27:04 +00:00
|
|
|
from rest_framework import serializers
|
|
|
|
|
2020-06-16 05:39:49 +00:00
|
|
|
from .models import AbstractSessionCommand
|
|
|
|
|
2017-11-29 11:27:04 +00:00
|
|
|
|
|
|
|
class SessionCommandSerializer(serializers.Serializer):
|
|
|
|
"""使用这个类作为基础Command Log Serializer类, 用来序列化"""
|
|
|
|
|
|
|
|
id = serializers.UUIDField(read_only=True)
|
2021-01-20 02:02:33 +00:00
|
|
|
user = serializers.CharField(label=_("User")) # 限制 64 字符,见 validate_user
|
2020-06-16 05:39:49 +00:00
|
|
|
asset = serializers.CharField(max_length=128, label=_("Asset"))
|
|
|
|
system_user = serializers.CharField(max_length=64, label=_("System user"))
|
|
|
|
input = serializers.CharField(max_length=128, label=_("Command"))
|
|
|
|
output = serializers.CharField(max_length=1024, allow_blank=True, label=_("Output"))
|
2020-12-17 10:23:53 +00:00
|
|
|
session = serializers.CharField(max_length=36, label=_("Session ID"))
|
2020-06-16 05:39:49 +00:00
|
|
|
risk_level = serializers.ChoiceField(required=False, label=_("Risk level"), choices=AbstractSessionCommand.RISK_LEVEL_CHOICES)
|
2021-07-15 10:09:29 +00:00
|
|
|
risk_level_display = serializers.SerializerMethodField(label=_('Risk level display'))
|
2018-08-20 13:39:15 +00:00
|
|
|
org_id = serializers.CharField(max_length=36, required=False, default='', allow_null=True, allow_blank=True)
|
2020-11-11 02:27:18 +00:00
|
|
|
timestamp = serializers.IntegerField(label=_('Timestamp'))
|
2021-12-24 09:23:09 +00:00
|
|
|
remote_addr = serializers.CharField(read_only=True, label=_('Remote Address'))
|
2017-11-29 11:27:04 +00:00
|
|
|
|
2020-06-16 05:39:49 +00:00
|
|
|
@staticmethod
|
|
|
|
def get_risk_level_display(obj):
|
|
|
|
risk_mapper = dict(AbstractSessionCommand.RISK_LEVEL_CHOICES)
|
|
|
|
return risk_mapper.get(obj.risk_level)
|
2020-10-27 03:35:31 +00:00
|
|
|
|
2021-01-20 02:02:33 +00:00
|
|
|
def validate_user(self, value):
|
|
|
|
if len(value) > 64:
|
|
|
|
value = value[:32] + value[-32:]
|
|
|
|
return value
|
|
|
|
|
2020-10-27 03:35:31 +00:00
|
|
|
|
|
|
|
class InsecureCommandAlertSerializer(serializers.Serializer):
|
|
|
|
input = serializers.CharField()
|
|
|
|
asset = serializers.CharField()
|
|
|
|
user = serializers.CharField()
|
|
|
|
risk_level = serializers.IntegerField()
|
|
|
|
session = serializers.UUIDField()
|