jumpserver/apps/assets/models/account.py

108 lines
3.8 KiB
Python
Raw Normal View History

2022-07-12 02:54:23 +00:00
from django.db import models
from django.utils.translation import gettext_lazy as _
from simple_history.models import HistoricalRecords
2022-09-06 11:57:03 +00:00
from common.utils import lazyproperty
2022-11-11 07:04:31 +00:00
from .base import AbsConnectivity, BaseAccount
2022-07-12 02:54:23 +00:00
2022-08-19 10:49:00 +00:00
__all__ = ['Account', 'AccountTemplate']
2022-07-12 02:54:23 +00:00
class AccountHistoricalRecords(HistoricalRecords):
def __init__(self, *args, **kwargs):
self.included_fields = kwargs.pop('included_fields', None)
super().__init__(*args, **kwargs)
2022-10-20 12:06:58 +00:00
def post_save(self, instance, created, using=None, **kwargs):
if not self.included_fields:
return super().post_save(instance, created, using=using, **kwargs)
check_fields = set(self.included_fields) - {'version'}
history_attrs = instance.history.all().values(*check_fields).first()
if history_attrs is None:
return super().post_save(instance, created, using=using, **kwargs)
attrs = {field: getattr(instance, field) for field in check_fields}
history_attrs = set(history_attrs.items())
attrs = set(attrs.items())
diff = attrs - history_attrs
if not diff:
return
super().post_save(instance, created, using=using, **kwargs)
2022-11-03 08:55:38 +00:00
def create_history_model(self, model, inherited):
if self.included_fields and not self.excluded_fields:
self.excluded_fields = [
field.name for field in model._meta.fields
if field.name not in self.included_fields
]
return super().create_history_model(model, inherited)
2022-10-22 03:17:02 +00:00
class Account(AbsConnectivity, BaseAccount):
2022-11-11 07:04:31 +00:00
class AliasAccount(models.TextChoices):
ALL = '@ALL', _('All')
INPUT = '@INPUT', _('Manual input')
USER = '@USER', _('Dynamic user')
2022-09-13 06:06:25 +00:00
asset = models.ForeignKey(
'assets.Asset', related_name='accounts',
on_delete=models.CASCADE, verbose_name=_('Asset')
)
su_from = models.ForeignKey(
'assets.Account', related_name='su_to', null=True,
on_delete=models.SET_NULL, verbose_name=_("Su from")
)
2022-07-15 10:57:52 +00:00
version = models.IntegerField(default=0, verbose_name=_('Version'))
2022-10-20 12:06:58 +00:00
history = AccountHistoricalRecords(included_fields=['id', 'secret', 'secret_type', 'version'])
2022-07-12 02:54:23 +00:00
class Meta:
verbose_name = _('Account')
2022-09-13 13:07:20 +00:00
unique_together = [
2022-09-20 05:54:25 +00:00
('username', 'asset', 'secret_type'),
2022-09-13 13:07:20 +00:00
('name', 'asset'),
]
2022-07-12 02:54:23 +00:00
permissions = [
2022-07-27 08:51:39 +00:00
('view_accountsecret', _('Can view asset account secret')),
('change_accountsecret', _('Can change asset account secret')),
('view_historyaccount', _('Can view asset history account')),
('view_historyaccountsecret', _('Can view asset history account secret')),
2022-07-12 02:54:23 +00:00
]
2022-07-13 08:36:49 +00:00
2022-09-06 11:57:03 +00:00
@lazyproperty
2022-09-23 10:59:19 +00:00
def platform(self):
return self.asset.platform
2022-09-06 11:57:03 +00:00
2022-07-13 08:36:49 +00:00
def __str__(self):
2022-11-01 07:04:13 +00:00
return '{}'.format(self.username)
2022-08-19 10:49:00 +00:00
@classmethod
2022-11-11 07:04:31 +00:00
def get_manual_account(cls):
""" @INPUT 手动登录的账号(any) """
2022-11-11 07:04:31 +00:00
return cls(name=cls.AliasAccount.INPUT.label, username=cls.AliasAccount.INPUT.value, secret=None)
@classmethod
def get_user_account(cls, username):
""" @USER 动态用户的账号(self) """
2022-11-11 07:04:31 +00:00
return cls(name=cls.AliasAccount.USER.label, username=cls.AliasAccount.USER.value)
2022-12-06 09:32:48 +00:00
def get_su_from_accounts(self):
""" 排除自己和以自己为 su-from 的账号 """
return self.asset.accounts.exclude(id=self.id).exclude(su_from=self)
2022-12-06 09:32:48 +00:00
2022-08-19 10:49:00 +00:00
2022-09-06 11:57:03 +00:00
class AccountTemplate(BaseAccount):
2022-08-19 10:49:00 +00:00
class Meta:
verbose_name = _('Account template')
2022-09-06 11:57:03 +00:00
unique_together = (
('name', 'org_id'),
)
permissions = [
('view_accounttemplatesecret', _('Can view asset account template secret')),
('change_accounttemplatesecret', _('Can change asset account template secret')),
]
2022-08-19 10:49:00 +00:00
def __str__(self):
2022-09-06 11:57:03 +00:00
return self.username