2023-07-24 03:52:25 +00:00
|
|
|
from django.utils.translation import gettext_lazy as _
|
2021-09-09 06:00:50 +00:00
|
|
|
from rest_framework import serializers
|
|
|
|
|
2023-01-16 11:02:09 +00:00
|
|
|
from common.serializers.fields import EncryptedField
|
2022-05-07 08:20:12 +00:00
|
|
|
|
2021-09-09 06:00:50 +00:00
|
|
|
__all__ = [
|
|
|
|
'LDAPTestConfigSerializer', 'LDAPUserSerializer', 'LDAPTestLoginSerializer',
|
|
|
|
'LDAPSettingSerializer',
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
class LDAPTestConfigSerializer(serializers.Serializer):
|
|
|
|
AUTH_LDAP_SERVER_URI = serializers.CharField(max_length=1024)
|
|
|
|
AUTH_LDAP_BIND_DN = serializers.CharField(max_length=1024, required=False, allow_blank=True)
|
2022-05-20 02:01:41 +00:00
|
|
|
AUTH_LDAP_BIND_PASSWORD = EncryptedField(required=False, allow_blank=True)
|
2021-09-09 06:00:50 +00:00
|
|
|
AUTH_LDAP_SEARCH_OU = serializers.CharField()
|
|
|
|
AUTH_LDAP_SEARCH_FILTER = serializers.CharField()
|
2023-02-02 09:05:05 +00:00
|
|
|
AUTH_LDAP_USER_ATTR_MAP = serializers.JSONField()
|
2021-09-09 06:00:50 +00:00
|
|
|
AUTH_LDAP_START_TLS = serializers.BooleanField(required=False)
|
|
|
|
AUTH_LDAP = serializers.BooleanField(required=False)
|
|
|
|
|
|
|
|
|
|
|
|
class LDAPTestLoginSerializer(serializers.Serializer):
|
|
|
|
username = serializers.CharField(max_length=1024, required=True)
|
2022-05-16 09:50:28 +00:00
|
|
|
password = EncryptedField(max_length=2014, required=True, label=_("Password"))
|
2021-09-09 06:00:50 +00:00
|
|
|
|
|
|
|
|
|
|
|
class LDAPUserSerializer(serializers.Serializer):
|
|
|
|
id = serializers.CharField()
|
|
|
|
username = serializers.CharField()
|
|
|
|
name = serializers.CharField()
|
|
|
|
email = serializers.CharField()
|
2022-05-10 11:15:17 +00:00
|
|
|
groups = serializers.ListField(child=serializers.CharField(), default=[])
|
2021-09-09 06:00:50 +00:00
|
|
|
existing = serializers.BooleanField(read_only=True)
|
|
|
|
|
|
|
|
|
|
|
|
class LDAPSettingSerializer(serializers.Serializer):
|
|
|
|
# encrypt_fields 现在使用 write_only 来判断了
|
2023-02-23 08:38:44 +00:00
|
|
|
PREFIX_TITLE = _('LDAP')
|
2021-09-09 06:00:50 +00:00
|
|
|
|
|
|
|
AUTH_LDAP_SERVER_URI = serializers.CharField(
|
|
|
|
required=True, max_length=1024, label=_('LDAP server'),
|
|
|
|
help_text=_('eg: ldap://localhost:389')
|
|
|
|
)
|
|
|
|
AUTH_LDAP_BIND_DN = serializers.CharField(required=False, max_length=1024, label=_('Bind DN'))
|
2022-05-20 02:01:41 +00:00
|
|
|
AUTH_LDAP_BIND_PASSWORD = EncryptedField(
|
|
|
|
max_length=1024, required=False, label=_('Password')
|
2022-04-01 07:33:14 +00:00
|
|
|
)
|
2021-09-09 06:00:50 +00:00
|
|
|
AUTH_LDAP_SEARCH_OU = serializers.CharField(
|
|
|
|
max_length=1024, allow_blank=True, required=False, label=_('User OU'),
|
|
|
|
help_text=_('Use | split multi OUs')
|
|
|
|
)
|
|
|
|
AUTH_LDAP_SEARCH_FILTER = serializers.CharField(
|
|
|
|
max_length=1024, required=True, label=_('User search filter'),
|
|
|
|
help_text=_('Choice may be (cn|uid|sAMAccountName)=%(user)s)')
|
|
|
|
)
|
2023-06-08 02:06:14 +00:00
|
|
|
AUTH_LDAP_USER_ATTR_MAP = serializers.JSONField(
|
2021-09-09 06:00:50 +00:00
|
|
|
required=True, label=_('User attr map'),
|
|
|
|
help_text=_('User attr map present how to map LDAP user attr to '
|
|
|
|
'jumpserver, username,name,email is jumpserver attr')
|
|
|
|
)
|
2023-05-25 09:35:36 +00:00
|
|
|
AUTH_LDAP_SYNC_ORG_IDS = serializers.ListField(
|
2022-04-01 07:33:14 +00:00
|
|
|
required=False, label=_('Organization'), max_length=36
|
|
|
|
)
|
2022-02-15 09:53:42 +00:00
|
|
|
AUTH_LDAP_SYNC_IS_PERIODIC = serializers.BooleanField(
|
2024-02-01 08:02:31 +00:00
|
|
|
required=False, label=_('Periodic run')
|
2021-09-09 06:00:50 +00:00
|
|
|
)
|
|
|
|
AUTH_LDAP_SYNC_CRONTAB = serializers.CharField(
|
2022-02-15 09:53:42 +00:00
|
|
|
required=False, max_length=128, allow_null=True, allow_blank=True,
|
2024-02-01 08:02:31 +00:00
|
|
|
label=_('Crontab')
|
2022-02-15 09:53:42 +00:00
|
|
|
)
|
|
|
|
AUTH_LDAP_SYNC_INTERVAL = serializers.IntegerField(
|
2024-02-01 08:02:31 +00:00
|
|
|
required=False, default=24, allow_null=True, label=_('Interval')
|
2021-09-09 06:00:50 +00:00
|
|
|
)
|
2021-09-15 08:22:51 +00:00
|
|
|
AUTH_LDAP_CONNECT_TIMEOUT = serializers.IntegerField(
|
|
|
|
min_value=1, max_value=300,
|
2023-03-14 03:13:43 +00:00
|
|
|
required=False, label=_('Connect timeout (s)'),
|
2021-09-15 08:22:51 +00:00
|
|
|
)
|
2023-03-14 03:13:43 +00:00
|
|
|
AUTH_LDAP_SEARCH_PAGED_SIZE = serializers.IntegerField(required=False, label=_('Search paged size (piece)'))
|
2024-01-11 11:07:54 +00:00
|
|
|
AUTH_LDAP_SYNC_RECEIVERS = serializers.ListField(
|
|
|
|
required=False, label=_('Recipient'), max_length=36
|
|
|
|
)
|
2021-09-09 06:00:50 +00:00
|
|
|
|
|
|
|
AUTH_LDAP = serializers.BooleanField(required=False, label=_('Enable LDAP auth'))
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def post_save():
|
2023-02-19 09:57:48 +00:00
|
|
|
from settings.tasks import import_ldap_user_periodic
|
2021-09-09 06:00:50 +00:00
|
|
|
import_ldap_user_periodic()
|