jumpserver/apps/audits/api.py

149 lines
5.0 KiB
Python
Raw Normal View History

2018-04-06 03:27:52 +00:00
# -*- coding: utf-8 -*-
#
2020-06-16 08:33:53 +00:00
from rest_framework.mixins import ListModelMixin, CreateModelMixin
2020-06-04 12:00:39 +00:00
from django.db.models import F, Value
from django.db.models.functions import Concat
2021-12-13 02:50:10 +00:00
from rest_framework.permissions import IsAuthenticated
from rest_framework import generics
2018-04-06 03:27:52 +00:00
2021-12-13 02:50:10 +00:00
from common.drf.api import JMSReadOnlyModelViewSet
2020-06-05 06:20:34 +00:00
from common.drf.filters import DatetimeRangeFilter
2020-05-08 08:48:26 +00:00
from common.api import CommonGenericViewSet
2020-06-04 12:00:39 +00:00
from orgs.mixins.api import OrgGenericViewSet, OrgBulkModelViewSet, OrgRelationMixin
2020-04-29 11:05:56 +00:00
from orgs.utils import current_org
2022-10-08 08:55:14 +00:00
# from ops.models import CommandExecution
from . import filters
2020-05-08 08:48:26 +00:00
from .models import FTPLog, UserLoginLog, OperateLog, PasswordChangeLog
2022-10-08 08:55:14 +00:00
from .serializers import FTPLogSerializer, UserLoginLogSerializer
from .serializers import OperateLogSerializer, PasswordChangeLogSerializer
2018-04-06 03:27:52 +00:00
2022-10-08 08:55:14 +00:00
class FTPLogViewSet(CreateModelMixin, ListModelMixin, OrgGenericViewSet):
model = FTPLog
2018-04-06 03:27:52 +00:00
serializer_class = FTPLogSerializer
2020-05-08 04:46:18 +00:00
extra_filter_backends = [DatetimeRangeFilter]
date_range_filter_fields = [
('date_start', ('date_from', 'date_to'))
]
filterset_fields = ['user', 'asset', 'system_user', 'filename']
search_fields = filterset_fields
ordering = ['-date_start']
2020-04-29 11:05:56 +00:00
2021-12-13 02:50:10 +00:00
class UserLoginCommonMixin:
2020-04-29 11:05:56 +00:00
queryset = UserLoginLog.objects.all()
serializer_class = UserLoginLogSerializer
extra_filter_backends = [DatetimeRangeFilter]
date_range_filter_fields = [
('datetime', ('date_from', 'date_to'))
]
filterset_fields = ['username', 'ip', 'city', 'type', 'status', 'mfa']
search_fields = ['username', 'ip', 'city']
2020-04-29 11:05:56 +00:00
2021-12-13 02:50:10 +00:00
class UserLoginLogViewSet(UserLoginCommonMixin, ListModelMixin, CommonGenericViewSet):
2020-04-29 11:05:56 +00:00
@staticmethod
def get_org_members():
2020-07-20 02:42:22 +00:00
users = current_org.get_members().values_list('username', flat=True)
2020-04-29 11:05:56 +00:00
return users
def get_queryset(self):
queryset = super().get_queryset()
if current_org.is_root():
return queryset
users = self.get_org_members()
queryset = queryset.filter(username__in=users)
2020-04-29 11:05:56 +00:00
return queryset
2020-05-08 08:48:26 +00:00
2021-12-13 02:50:10 +00:00
class MyLoginLogAPIView(UserLoginCommonMixin, generics.ListAPIView):
permission_classes = [IsAuthenticated]
def get_queryset(self):
qs = super().get_queryset()
qs = qs.filter(username=self.request.user.username)
return qs
2020-05-08 08:48:26 +00:00
class OperateLogViewSet(ListModelMixin, OrgGenericViewSet):
model = OperateLog
serializer_class = OperateLogSerializer
extra_filter_backends = [DatetimeRangeFilter]
date_range_filter_fields = [
('datetime', ('date_from', 'date_to'))
]
filterset_fields = ['user', 'action', 'resource_type', 'resource', 'remote_addr']
2020-06-02 07:41:27 +00:00
search_fields = ['resource']
ordering = ['-datetime']
2020-05-08 08:48:26 +00:00
class PasswordChangeLogViewSet(ListModelMixin, CommonGenericViewSet):
queryset = PasswordChangeLog.objects.all()
serializer_class = PasswordChangeLogSerializer
extra_filter_backends = [DatetimeRangeFilter]
date_range_filter_fields = [
('datetime', ('date_from', 'date_to'))
]
filterset_fields = ['user', 'change_by', 'remote_addr']
search_fields = filterset_fields
ordering = ['-datetime']
2020-05-08 08:48:26 +00:00
def get_queryset(self):
2020-07-20 02:42:22 +00:00
users = current_org.get_members()
2020-05-08 08:48:26 +00:00
queryset = super().get_queryset().filter(
user__in=[user.__str__() for user in users]
)
return queryset
2022-10-08 08:55:14 +00:00
# Todo: 看看怎么搞
# class CommandExecutionViewSet(ListModelMixin, OrgGenericViewSet):
# model = CommandExecution
# serializer_class = CommandExecutionSerializer
# extra_filter_backends = [DatetimeRangeFilter]
# date_range_filter_fields = [
# ('date_start', ('date_from', 'date_to'))
# ]
# filterset_fields = [
# 'user__name', 'user__username', 'command',
# 'account', 'is_finished'
# ]
# search_fields = [
# 'command', 'user__name', 'user__username',
# 'account__username',
# ]
# ordering = ['-date_created']
#
# def get_queryset(self):
# queryset = super().get_queryset()
# if getattr(self, 'swagger_fake_view', False):
# return queryset.model.objects.none()
# if current_org.is_root():
# return queryset
# # queryset = queryset.filter(run_as__org_id=current_org.org_id())
# return queryset
#
#
# class CommandExecutionHostRelationViewSet(OrgRelationMixin, OrgBulkModelViewSet):
# serializer_class = CommandExecutionHostsRelationSerializer
# m2m_field = CommandExecution.hosts.field
# filterset_fields = [
# 'id', 'asset', 'commandexecution'
# ]
# search_fields = ('asset__name', )
# http_method_names = ['options', 'get']
# rbac_perms = {
# 'GET': 'ops.view_commandexecution',
# 'list': 'ops.view_commandexecution',
# }
#
# def get_queryset(self):
# queryset = super().get_queryset()
# queryset = queryset.annotate(
# asset_display=Concat(
# F('asset__name'), Value('('),
# F('asset__address'), Value(')')
# )
# )
# return queryset