2020-04-29 03:08:09 +00:00
# coding: utf-8
from django . utils . translation import ugettext_lazy as _
from rest_framework import serializers
2021-01-26 09:54:12 +00:00
__all__ = [
' BasicSettingSerializer ' , ' EmailSettingSerializer ' , ' EmailContentSettingSerializer ' ,
' LDAPSettingSerializer ' , ' TerminalSettingSerializer ' , ' SecuritySettingSerializer ' ,
2021-03-24 11:01:35 +00:00
' SettingsSerializer ' , ' WeComSettingSerializer ' , ' DingTalkSettingSerializer ' ,
2021-01-26 09:54:12 +00:00
]
2020-04-29 03:08:09 +00:00
2020-04-29 09:04:48 +00:00
class BasicSettingSerializer ( serializers . Serializer ) :
2021-01-26 09:54:12 +00:00
SITE_URL = serializers . URLField (
required = True , label = _ ( " Site url " ) ,
2021-05-31 07:01:14 +00:00
help_text = _ ( ' eg: http://dev.jumpserver.org:8080 ' )
)
2021-06-08 07:23:40 +00:00
2021-01-26 09:54:12 +00:00
USER_GUIDE_URL = serializers . URLField (
2021-03-10 03:21:12 +00:00
required = False , allow_blank = True , allow_null = True , label = _ ( " User guide url " ) ,
2021-01-26 09:54:12 +00:00
help_text = _ ( ' User first login update profile done redirect to it ' )
)
2021-03-10 03:21:12 +00:00
FORGOT_PASSWORD_URL = serializers . URLField (
required = False , allow_blank = True , allow_null = True , label = _ ( " Forgot password url " ) ,
help_text = _ ( ' The forgot password url on login page, If you use '
' ldap or cas external authentication, you can set it ' )
)
2021-04-08 05:55:58 +00:00
GLOBAL_ORG_DISPLAY_NAME = serializers . CharField (
required = False , max_length = 1024 , allow_blank = True , allow_null = True , label = _ ( " Global organization name " ) ,
help_text = _ ( ' The name of global organization to display ' )
)
2020-04-29 03:08:09 +00:00
2020-04-29 09:04:48 +00:00
class EmailSettingSerializer ( serializers . Serializer ) :
2021-01-26 09:54:12 +00:00
# encrypt_fields 现在使用 write_only 来判断了
EMAIL_HOST = serializers . CharField ( max_length = 1024 , required = True , label = _ ( " SMTP host " ) )
EMAIL_PORT = serializers . CharField ( max_length = 5 , required = True , label = _ ( " SMTP port " ) )
EMAIL_HOST_USER = serializers . CharField ( max_length = 128 , required = True , label = _ ( " SMTP account " ) )
EMAIL_HOST_PASSWORD = serializers . CharField (
max_length = 1024 , write_only = True , required = False , label = _ ( " SMTP password " ) ,
help_text = _ ( " Tips: Some provider use token except password " )
)
EMAIL_FROM = serializers . CharField (
max_length = 128 , allow_blank = True , required = False , label = _ ( ' Send user ' ) ,
help_text = _ ( ' Tips: Send mail account, default SMTP account as the send account ' )
)
EMAIL_RECIPIENT = serializers . CharField (
max_length = 128 , allow_blank = True , required = False , label = _ ( ' Test recipient ' ) ,
help_text = _ ( ' Tips: Used only as a test mail recipient ' )
)
EMAIL_USE_SSL = serializers . BooleanField (
required = False , label = _ ( ' Use SSL ' ) ,
help_text = _ ( ' If SMTP port is 465, may be select ' )
)
EMAIL_USE_TLS = serializers . BooleanField (
required = False , label = _ ( " Use TLS " ) ,
help_text = _ ( ' If SMTP port is 587, may be select ' )
)
EMAIL_SUBJECT_PREFIX = serializers . CharField (
max_length = 1024 , required = True , label = _ ( ' Subject prefix ' )
)
2020-04-29 03:08:09 +00:00
2020-04-29 09:04:48 +00:00
class EmailContentSettingSerializer ( serializers . Serializer ) :
2021-01-26 09:54:12 +00:00
EMAIL_CUSTOM_USER_CREATED_SUBJECT = serializers . CharField (
max_length = 1024 , allow_blank = True , required = False ,
label = _ ( ' Create user email subject ' ) ,
help_text = _ ( ' Tips: When creating a user, send the subject of the email (eg:Create account successfully) ' )
)
EMAIL_CUSTOM_USER_CREATED_HONORIFIC = serializers . CharField (
max_length = 1024 , allow_blank = True , required = False ,
label = _ ( ' Create user honorific ' ) ,
help_text = _ ( ' Tips: When creating a user, send the honorific of the email (eg:Hello) ' )
)
EMAIL_CUSTOM_USER_CREATED_BODY = serializers . CharField (
max_length = 4096 , allow_blank = True , required = False ,
label = _ ( ' Create user email content ' ) ,
help_text = _ ( ' Tips:When creating a user, send the content of the email ' )
)
EMAIL_CUSTOM_USER_CREATED_SIGNATURE = serializers . CharField (
max_length = 512 , allow_blank = True , required = False , label = _ ( ' Signature ' ) ,
help_text = _ ( ' Tips: Email signature (eg:jumpserver) ' )
)
2020-04-29 03:08:09 +00:00
2021-01-26 09:54:12 +00:00
class LDAPSettingSerializer ( serializers . Serializer ) :
# encrypt_fields 现在使用 write_only 来判断了
2020-04-29 03:08:09 +00:00
2021-01-26 09:54:12 +00:00
AUTH_LDAP_SERVER_URI = serializers . CharField (
required = True , max_length = 1024 , label = _ ( ' LDAP server ' ) , help_text = _ ( ' eg: ldap://localhost:389 ' )
)
AUTH_LDAP_BIND_DN = serializers . CharField ( required = False , max_length = 1024 , label = _ ( ' Bind DN ' ) )
AUTH_LDAP_BIND_PASSWORD = serializers . CharField ( max_length = 1024 , write_only = True , required = False , label = _ ( ' Password ' ) )
AUTH_LDAP_SEARCH_OU = serializers . CharField (
max_length = 1024 , allow_blank = True , required = False , label = _ ( ' User OU ' ) ,
help_text = _ ( ' Use | split multi OUs ' )
)
AUTH_LDAP_SEARCH_FILTER = serializers . CharField (
max_length = 1024 , required = True , label = _ ( ' User search filter ' ) ,
help_text = _ ( ' Choice may be (cn|uid|sAMAccountName)= %(user)s ) ' )
)
AUTH_LDAP_USER_ATTR_MAP = serializers . DictField (
required = True , label = _ ( ' User attr map ' ) ,
help_text = _ ( ' User attr map present how to map LDAP user attr to jumpserver, username,name,email is jumpserver attr ' )
)
AUTH_LDAP = serializers . BooleanField ( required = False , label = _ ( ' Enable LDAP auth ' ) )
2020-04-29 03:08:09 +00:00
2020-04-29 09:04:48 +00:00
class TerminalSettingSerializer ( serializers . Serializer ) :
2020-04-29 03:08:09 +00:00
SORT_BY_CHOICES = (
( ' hostname ' , _ ( ' Hostname ' ) ) ,
( ' ip ' , _ ( ' IP ' ) )
)
PAGE_SIZE_CHOICES = (
( ' all ' , _ ( ' All ' ) ) ,
( ' auto ' , _ ( ' Auto ' ) ) ,
2020-06-03 06:06:44 +00:00
( ' 10 ' , ' 10 ' ) ,
( ' 15 ' , ' 15 ' ) ,
( ' 25 ' , ' 25 ' ) ,
( ' 50 ' , ' 50 ' ) ,
2020-04-29 03:08:09 +00:00
)
2021-01-26 09:54:12 +00:00
TERMINAL_PASSWORD_AUTH = serializers . BooleanField ( required = False , label = _ ( ' Password auth ' ) )
2021-04-26 02:21:22 +00:00
TERMINAL_PUBLIC_KEY_AUTH = serializers . BooleanField (
required = False , label = _ ( ' Public key auth ' ) ,
help_text = _ ( ' Tips: If use other auth method, like AD/LDAP, you should disable this to '
' avoid being able to log in after deleting ' )
)
2021-01-26 09:54:12 +00:00
TERMINAL_ASSET_LIST_SORT_BY = serializers . ChoiceField ( SORT_BY_CHOICES , required = False , label = _ ( ' List sort by ' ) )
TERMINAL_ASSET_LIST_PAGE_SIZE = serializers . ChoiceField ( PAGE_SIZE_CHOICES , required = False , label = _ ( ' List page size ' ) )
TERMINAL_SESSION_KEEP_DURATION = serializers . IntegerField (
min_value = 1 , max_value = 99999 , required = True , label = _ ( ' Session keep duration ' ) ,
help_text = _ ( ' Units: days, Session, record, command will be delete if more than duration, only in database ' )
)
TERMINAL_TELNET_REGEX = serializers . CharField ( allow_blank = True , max_length = 1024 , required = False , label = _ ( ' Telnet login regex ' ) )
2021-06-08 07:23:40 +00:00
TERMINAL_RDP_ADDR = serializers . CharField (
required = False , label = _ ( " RDP address " ) ,
max_length = 1024 ,
2021-06-08 12:50:15 +00:00
allow_blank = True ,
2021-06-08 07:23:40 +00:00
help_text = _ ( ' RDP visit address, eg: dev.jumpserver.org:3389 ' )
)
2020-04-29 03:08:09 +00:00
2020-04-29 09:04:48 +00:00
class SecuritySettingSerializer ( serializers . Serializer ) :
2021-01-26 09:54:12 +00:00
SECURITY_MFA_AUTH = serializers . BooleanField (
required = False , label = _ ( " Global MFA auth " ) ,
help_text = _ ( ' All user enable MFA ' )
)
SECURITY_COMMAND_EXECUTION = serializers . BooleanField (
required = False , label = _ ( ' Batch command execution ' ) ,
help_text = _ ( ' Allow user run batch command or not using ansible ' )
)
SECURITY_SERVICE_ACCOUNT_REGISTRATION = serializers . BooleanField (
required = True , label = _ ( ' Enable terminal register ' ) ,
help_text = _ ( " Allow terminal register, after all terminal setup, you should disable this for security " )
)
SECURITY_LOGIN_LIMIT_COUNT = serializers . IntegerField (
min_value = 3 , max_value = 99999 ,
label = _ ( ' Limit the number of login failures ' )
)
SECURITY_LOGIN_LIMIT_TIME = serializers . IntegerField (
min_value = 5 , max_value = 99999 , required = True ,
label = _ ( ' Block logon interval ' ) ,
help_text = _ ( ' Tip: (unit/minute) if the user has failed to log in for a limited number of times, no login is allowed during this time interval. ' )
)
SECURITY_MAX_IDLE_TIME = serializers . IntegerField (
min_value = 1 , max_value = 99999 , required = False ,
label = _ ( ' Connection max idle time ' ) ,
help_text = _ ( ' If idle time more than it, disconnect connection Unit: minute ' )
)
SECURITY_PASSWORD_EXPIRATION_TIME = serializers . IntegerField (
min_value = 1 , max_value = 99999 , required = True ,
label = _ ( ' User password expiration ' ) ,
help_text = _ ( ' Tip: (unit: day) If the user does not update the password during the time, the user password will expire failure;The password expiration reminder mail will be automatic sent to the user by system within 5 days (daily) before the password expires ' )
)
2021-04-28 09:03:20 +00:00
OLD_PASSWORD_HISTORY_LIMIT_COUNT = serializers . IntegerField (
min_value = 0 , max_value = 99999 , required = True ,
label = _ ( ' Number of repeated historical passwords ' ) ,
2021-05-17 11:11:28 +00:00
help_text = _ ( ' Tip: When the user resets the password, it cannot be the previous n historical passwords of the user ' )
2021-04-28 09:03:20 +00:00
)
2021-01-26 09:54:12 +00:00
SECURITY_PASSWORD_MIN_LENGTH = serializers . IntegerField (
min_value = 6 , max_value = 30 , required = True ,
label = _ ( ' Password minimum length ' )
)
SECURITY_PASSWORD_UPPER_CASE = serializers . BooleanField (
required = False , label = _ ( ' Must contain capital ' )
)
SECURITY_PASSWORD_LOWER_CASE = serializers . BooleanField ( required = False , label = _ ( ' Must contain lowercase ' ) )
SECURITY_PASSWORD_NUMBER = serializers . BooleanField ( required = False , label = _ ( ' Must contain numeric ' ) )
SECURITY_PASSWORD_SPECIAL_CHAR = serializers . BooleanField ( required = False , label = _ ( ' Must contain special ' ) )
SECURITY_INSECURE_COMMAND = serializers . BooleanField ( required = False , label = _ ( ' Insecure command alert ' ) )
SECURITY_INSECURE_COMMAND_EMAIL_RECEIVER = serializers . CharField (
max_length = 8192 , required = False , allow_blank = True , label = _ ( ' Email recipient ' ) ,
help_text = _ ( ' Multiple user using , split ' )
)
2021-03-24 11:01:35 +00:00
class WeComSettingSerializer ( serializers . Serializer ) :
2021-05-17 06:20:51 +00:00
WECOM_CORPID = serializers . CharField ( max_length = 256 , required = True , label = ' corpid ' )
WECOM_AGENTID = serializers . CharField ( max_length = 256 , required = True , label = ' agentid ' )
WECOM_SECRET = serializers . CharField ( max_length = 256 , required = False , label = ' secret ' , write_only = True )
2021-03-24 11:01:35 +00:00
AUTH_WECOM = serializers . BooleanField ( default = False , label = _ ( ' Enable WeCom Auth ' ) )
class DingTalkSettingSerializer ( serializers . Serializer ) :
2021-05-17 06:20:51 +00:00
DINGTALK_AGENTID = serializers . CharField ( max_length = 256 , required = True , label = ' AgentId ' )
DINGTALK_APPKEY = serializers . CharField ( max_length = 256 , required = True , label = ' AppKey ' )
DINGTALK_APPSECRET = serializers . CharField ( max_length = 256 , required = False , label = ' AppSecret ' , write_only = True )
2021-03-24 11:01:35 +00:00
AUTH_DINGTALK = serializers . BooleanField ( default = False , label = _ ( ' Enable DingTalk Auth ' ) )
2021-01-26 09:54:12 +00:00
class SettingsSerializer (
BasicSettingSerializer ,
EmailSettingSerializer ,
EmailContentSettingSerializer ,
LDAPSettingSerializer ,
TerminalSettingSerializer ,
2021-03-24 11:01:35 +00:00
SecuritySettingSerializer ,
WeComSettingSerializer ,
DingTalkSettingSerializer ,
2021-01-26 09:54:12 +00:00
) :
# encrypt_fields 现在使用 write_only 来判断了
pass