2018-01-11 12:10:27 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
#
|
|
|
|
import json
|
|
|
|
|
|
|
|
from django import forms
|
|
|
|
from django.utils.translation import ugettext_lazy as _
|
2018-01-20 14:22:09 +00:00
|
|
|
from django.utils.html import escape
|
2018-01-11 12:10:27 +00:00
|
|
|
from django.db import transaction
|
2018-01-20 14:22:09 +00:00
|
|
|
from django.conf import settings
|
2018-01-11 12:10:27 +00:00
|
|
|
|
|
|
|
from .models import Setting
|
2018-01-12 07:43:26 +00:00
|
|
|
from .fields import DictField
|
2018-01-11 12:10:27 +00:00
|
|
|
|
|
|
|
|
|
|
|
def to_model_value(value):
|
|
|
|
try:
|
|
|
|
return json.dumps(value)
|
|
|
|
except json.JSONDecodeError:
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
|
def to_form_value(value):
|
|
|
|
try:
|
2018-01-12 07:43:26 +00:00
|
|
|
data = json.loads(value)
|
|
|
|
if isinstance(data, dict):
|
|
|
|
data = value
|
|
|
|
return data
|
2018-01-11 12:10:27 +00:00
|
|
|
except json.JSONDecodeError:
|
2018-01-22 09:21:03 +00:00
|
|
|
return ""
|
2018-01-11 12:10:27 +00:00
|
|
|
|
|
|
|
|
|
|
|
class BaseForm(forms.Form):
|
|
|
|
def __init__(self, *args, **kwargs):
|
|
|
|
super().__init__(*args, **kwargs)
|
2018-01-20 14:22:09 +00:00
|
|
|
db_settings = Setting.objects.all()
|
2018-01-12 07:43:26 +00:00
|
|
|
for name, field in self.fields.items():
|
2018-01-20 14:22:09 +00:00
|
|
|
db_value = getattr(db_settings, name).value
|
|
|
|
django_value = getattr(settings, name) if hasattr(settings, name) else None
|
2018-01-22 03:38:40 +00:00
|
|
|
if db_value is False or db_value:
|
2018-01-12 07:43:26 +00:00
|
|
|
field.initial = to_form_value(db_value)
|
2018-01-22 03:38:40 +00:00
|
|
|
elif django_value is False or django_value:
|
2018-01-22 09:21:03 +00:00
|
|
|
field.initial = to_form_value(to_model_value(django_value))
|
2018-01-11 12:10:27 +00:00
|
|
|
|
2018-01-20 14:22:09 +00:00
|
|
|
def save(self, category="default"):
|
2018-01-11 12:10:27 +00:00
|
|
|
if not self.is_bound:
|
|
|
|
raise ValueError("Form is not bound")
|
|
|
|
|
2018-01-20 14:22:09 +00:00
|
|
|
db_settings = Setting.objects.all()
|
2018-01-11 12:10:27 +00:00
|
|
|
if self.is_valid():
|
|
|
|
with transaction.atomic():
|
|
|
|
for name, value in self.cleaned_data.items():
|
|
|
|
field = self.fields[name]
|
|
|
|
if isinstance(field.widget, forms.PasswordInput) and not value:
|
|
|
|
continue
|
2018-01-20 14:22:09 +00:00
|
|
|
if value == to_form_value(getattr(db_settings, name).value):
|
2018-01-12 07:43:26 +00:00
|
|
|
continue
|
|
|
|
|
2018-01-11 12:10:27 +00:00
|
|
|
defaults = {
|
|
|
|
'name': name,
|
2018-01-20 14:22:09 +00:00
|
|
|
'category': category,
|
2018-01-11 12:10:27 +00:00
|
|
|
'value': to_model_value(value)
|
|
|
|
}
|
|
|
|
Setting.objects.update_or_create(defaults=defaults, name=name)
|
|
|
|
else:
|
|
|
|
raise ValueError(self.errors)
|
|
|
|
|
|
|
|
|
2018-01-12 07:43:26 +00:00
|
|
|
class BasicSettingForm(BaseForm):
|
|
|
|
SITE_URL = forms.URLField(
|
|
|
|
label=_("Current SITE URL"),
|
2018-02-27 04:18:36 +00:00
|
|
|
help_text="eg: http://jumpserver.abc.com:8080"
|
2018-01-12 07:43:26 +00:00
|
|
|
)
|
|
|
|
USER_GUIDE_URL = forms.URLField(
|
2018-02-27 07:04:05 +00:00
|
|
|
label=_("User Guide URL"), required=False,
|
2018-01-12 07:43:26 +00:00
|
|
|
help_text=_("User first login update profile done redirect to it")
|
|
|
|
)
|
|
|
|
EMAIL_SUBJECT_PREFIX = forms.CharField(
|
|
|
|
max_length=1024, label=_("Email Subject Prefix"),
|
|
|
|
initial="[Jumpserver] "
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2018-01-11 12:10:27 +00:00
|
|
|
class EmailSettingForm(BaseForm):
|
|
|
|
EMAIL_HOST = forms.CharField(
|
|
|
|
max_length=1024, label=_("SMTP host"), initial='smtp.jumpserver.org'
|
|
|
|
)
|
|
|
|
EMAIL_PORT = forms.CharField(max_length=5, label=_("SMTP port"), initial=25)
|
|
|
|
EMAIL_HOST_USER = forms.CharField(
|
|
|
|
max_length=128, label=_("SMTP user"), initial='noreply@jumpserver.org'
|
|
|
|
)
|
|
|
|
EMAIL_HOST_PASSWORD = forms.CharField(
|
|
|
|
max_length=1024, label=_("SMTP password"), widget=forms.PasswordInput,
|
|
|
|
required=False, help_text=_("Some provider use token except password")
|
|
|
|
)
|
|
|
|
EMAIL_USE_SSL = forms.BooleanField(
|
|
|
|
label=_("Use SSL"), initial=False, required=False,
|
|
|
|
help_text=_("If SMTP port is 465, may be select")
|
|
|
|
)
|
|
|
|
EMAIL_USE_TLS = forms.BooleanField(
|
|
|
|
label=_("Use TLS"), initial=False, required=False,
|
|
|
|
help_text=_("If SMTP port is 587, may be select")
|
|
|
|
)
|
2018-01-12 07:43:26 +00:00
|
|
|
|
|
|
|
|
|
|
|
class LDAPSettingForm(BaseForm):
|
|
|
|
AUTH_LDAP_SERVER_URI = forms.CharField(
|
|
|
|
label=_("LDAP server"), initial='ldap://localhost:389'
|
|
|
|
)
|
|
|
|
AUTH_LDAP_BIND_DN = forms.CharField(
|
|
|
|
label=_("Bind DN"), initial='cn=admin,dc=jumpserver,dc=org'
|
|
|
|
)
|
|
|
|
AUTH_LDAP_BIND_PASSWORD = forms.CharField(
|
|
|
|
label=_("Password"), initial='',
|
|
|
|
widget=forms.PasswordInput, required=False
|
|
|
|
)
|
|
|
|
AUTH_LDAP_SEARCH_OU = forms.CharField(
|
|
|
|
label=_("User OU"), initial='ou=tech,dc=jumpserver,dc=org'
|
|
|
|
)
|
|
|
|
AUTH_LDAP_SEARCH_FILTER = forms.CharField(
|
2018-02-01 04:33:05 +00:00
|
|
|
label=_("User search filter"), initial='(cn=%(user)s)',
|
2018-03-14 11:33:48 +00:00
|
|
|
help_text=_("Choice may be (cn|uid|sAMAccountName)=%(user)s)")
|
2018-01-12 07:43:26 +00:00
|
|
|
)
|
|
|
|
AUTH_LDAP_USER_ATTR_MAP = DictField(
|
|
|
|
label=_("User attr map"),
|
|
|
|
initial=json.dumps({
|
|
|
|
"username": "cn",
|
|
|
|
"name": "sn",
|
|
|
|
"email": "mail"
|
2018-02-01 04:33:05 +00:00
|
|
|
}),
|
2018-02-26 07:06:00 +00:00
|
|
|
help_text=_(
|
|
|
|
"User attr map present how to map LDAP user attr to jumpserver, username,name,email is jumpserver attr")
|
2018-01-12 07:43:26 +00:00
|
|
|
)
|
|
|
|
# AUTH_LDAP_GROUP_SEARCH_OU = CONFIG.AUTH_LDAP_GROUP_SEARCH_OU
|
|
|
|
# AUTH_LDAP_GROUP_SEARCH_FILTER = CONFIG.AUTH_LDAP_GROUP_SEARCH_FILTER
|
|
|
|
AUTH_LDAP_START_TLS = forms.BooleanField(
|
|
|
|
label=_("Use SSL"), initial=False, required=False
|
|
|
|
)
|
2018-02-27 04:18:36 +00:00
|
|
|
AUTH_LDAP = forms.BooleanField(label=_("Enable LDAP auth"), initial=False, required=False)
|
2018-01-20 14:22:09 +00:00
|
|
|
|
|
|
|
|
|
|
|
class TerminalSettingForm(BaseForm):
|
|
|
|
SORT_BY_CHOICES = (
|
|
|
|
('hostname', _('Hostname')),
|
|
|
|
('ip', _('IP')),
|
|
|
|
)
|
|
|
|
TERMINAL_ASSET_LIST_SORT_BY = forms.ChoiceField(
|
|
|
|
choices=SORT_BY_CHOICES, initial='hostname', label=_("List sort by")
|
|
|
|
)
|
|
|
|
TERMINAL_HEARTBEAT_INTERVAL = forms.IntegerField(
|
|
|
|
initial=5, label=_("Heartbeat interval"), help_text=_("Units: seconds")
|
|
|
|
)
|
|
|
|
TERMINAL_PASSWORD_AUTH = forms.BooleanField(
|
|
|
|
initial=True, required=False, label=_("Password auth")
|
|
|
|
)
|
|
|
|
TERMINAL_PUBLIC_KEY_AUTH = forms.BooleanField(
|
|
|
|
initial=True, required=False, label=_("Public key auth")
|
|
|
|
)
|
|
|
|
TERMINAL_COMMAND_STORAGE = DictField(
|
|
|
|
label=_("Command storage"), help_text=_(
|
|
|
|
"Set terminal storage setting, `default` is the using as default,"
|
|
|
|
"You can set other storage and some terminal using"
|
|
|
|
)
|
|
|
|
)
|
2018-02-26 07:06:00 +00:00
|
|
|
TERMINAL_REPLAY_STORAGE = DictField(
|
|
|
|
label=_("Replay storage"), help_text=_(
|
|
|
|
"Set replay storage setting, `default` is the using as default,"
|
|
|
|
"You can set other storage and some terminal using"
|
|
|
|
)
|
|
|
|
)
|
|
|
|
|
2018-06-05 09:26:31 +00:00
|
|
|
|
|
|
|
class SecuritySettingForm(BaseForm):
|
|
|
|
# MFA全局设置
|
|
|
|
SECURITY_MFA_AUTH = forms.BooleanField(
|
|
|
|
initial=False, required=False,
|
|
|
|
label=_("MFA Secondary certification"),
|
|
|
|
help_text=_(
|
|
|
|
'After opening, the user login must use MFA secondary '
|
|
|
|
'authentication (valid for all users, including administrators)'
|
|
|
|
)
|
|
|
|
)
|
|
|
|
# 最小长度
|
|
|
|
SECURITY_PASSWORD_MIN_LENGTH = forms.IntegerField(
|
|
|
|
initial=6, label=_("Password minimum length"),
|
2018-06-05 09:56:58 +00:00
|
|
|
min_value=6
|
2018-06-05 09:26:31 +00:00
|
|
|
)
|
|
|
|
# 大写字母
|
|
|
|
SECURITY_PASSWORD_UPPER_CASE = forms.BooleanField(
|
|
|
|
|
|
|
|
initial=False, required=False,
|
|
|
|
label=_("Must contain capital letters"),
|
|
|
|
help_text=_(
|
|
|
|
'After opening, the user password changes '
|
|
|
|
'and resets must contain uppercase letters')
|
|
|
|
)
|
|
|
|
# 小写字母
|
|
|
|
SECURITY_PASSWORD_LOWER_CASE = forms.BooleanField(
|
|
|
|
initial=False, required=False,
|
|
|
|
label=_("Must contain lowercase letters"),
|
|
|
|
help_text=_('After opening, the user password changes '
|
|
|
|
'and resets must contain lowercase letters')
|
|
|
|
)
|
|
|
|
# 数字
|
|
|
|
SECURITY_PASSWORD_NUMBER = forms.BooleanField(
|
|
|
|
initial=False, required=False,
|
|
|
|
label=_("Must contain numeric characters"),
|
|
|
|
help_text=_('After opening, the user password changes '
|
|
|
|
'and resets must contain numeric characters')
|
|
|
|
)
|
|
|
|
# 特殊字符
|
|
|
|
SECURITY_PASSWORD_SPECIAL_CHAR= forms.BooleanField(
|
|
|
|
initial=False, required=False,
|
|
|
|
label=_("Must contain special characters"),
|
|
|
|
help_text=_('After opening, the user password changes '
|
|
|
|
'and resets must contain special characters')
|
|
|
|
)
|