mirror of https://github.com/jumpserver/jumpserver
61 lines
2.0 KiB
Python
61 lines
2.0 KiB
Python
|
from uuid import uuid4
|
||
|
|
||
|
from django.conf import settings
|
||
|
from django.core.cache import cache
|
||
|
from rest_framework.generics import ListAPIView, CreateAPIView
|
||
|
from rest_framework.views import Response
|
||
|
|
||
|
from users.utils import LoginIpBlockUtil
|
||
|
from ..serializers import SecurityBlockIPSerializer
|
||
|
|
||
|
|
||
|
class BlockIPSecurityAPI(ListAPIView):
|
||
|
serializer_class = SecurityBlockIPSerializer
|
||
|
rbac_perms = {
|
||
|
'GET': 'settings.change_security',
|
||
|
'unlock': 'settings.change_security',
|
||
|
}
|
||
|
|
||
|
@staticmethod
|
||
|
def get_ips():
|
||
|
ips = []
|
||
|
prefix = LoginIpBlockUtil.BLOCK_KEY_TMPL.replace('{}', '')
|
||
|
keys = cache.keys(f'{prefix}*')
|
||
|
for key in keys:
|
||
|
ips.append(key.replace(prefix, ''))
|
||
|
|
||
|
white_list = settings.SECURITY_LOGIN_IP_WHITE_LIST
|
||
|
ips = list(set(ips) - set(white_list))
|
||
|
ips = settings.SECURITY_LOGIN_IP_BLACK_LIST
|
||
|
ips = [ip for ip in ips if ip != '*']
|
||
|
return ips
|
||
|
|
||
|
def get_page_offset_and_limit(self):
|
||
|
get_params = self.request.GET
|
||
|
offset = get_params.get('offset', 0)
|
||
|
limit = get_params.get('limit', 15)
|
||
|
return int(offset), int(limit)
|
||
|
|
||
|
def list(self, request, *args, **kwargs):
|
||
|
ips = self.get_ips()
|
||
|
offset, limit = self.get_page_offset_and_limit()
|
||
|
slice_ips = ips[offset:offset + limit]
|
||
|
data = [{'id': str(uuid4()), 'ip': ip} for ip in slice_ips]
|
||
|
ser = self.get_serializer(data, many=True)
|
||
|
data = {'count': len(ips), 'results': ser.data}
|
||
|
return Response(data=data, status=200)
|
||
|
|
||
|
|
||
|
class UnlockIPSecurityAPI(CreateAPIView):
|
||
|
serializer_class = SecurityBlockIPSerializer
|
||
|
rbac_perms = {
|
||
|
'POST': 'settings.change_security',
|
||
|
}
|
||
|
|
||
|
def create(self, request, *args, **kwargs):
|
||
|
ips = request.data.get('ips')
|
||
|
prefix = LoginIpBlockUtil.BLOCK_KEY_TMPL.replace('{}', '')
|
||
|
for ip in ips:
|
||
|
LoginIpBlockUtil(f'{prefix}{ip}').clean_block_if_need()
|
||
|
return Response(status=200)
|