jumpserver/apps/assets/models/automations/change_secret.py

74 lines
3.0 KiB
Python
Raw Normal View History

2022-09-07 11:49:42 +00:00
from django.db import models
from django.utils.translation import ugettext_lazy as _
2022-09-29 12:44:45 +00:00
from common.db import fields
2022-10-13 09:47:29 +00:00
from common.db.models import JMSBaseModel
2022-10-19 09:05:21 +00:00
from assets.const import AutomationTypes, SecretType, SecretStrategy, SSHKeyStrategy
2022-09-29 12:44:45 +00:00
from .base import BaseAutomation
2022-09-07 11:49:42 +00:00
2022-10-19 09:05:21 +00:00
__all__ = ['ChangeSecretAutomation', 'ChangeSecretRecord']
2022-10-13 09:47:29 +00:00
class ChangeSecretAutomation(BaseAutomation):
2022-10-19 09:05:21 +00:00
secret_type = models.CharField(
choices=SecretType.choices, max_length=16,
default=SecretType.PASSWORD, verbose_name=_('Secret type')
2022-10-19 09:05:21 +00:00
)
secret_strategy = models.CharField(
choices=SecretStrategy.choices, max_length=16,
2022-10-21 10:19:09 +00:00
default=SecretStrategy.custom, verbose_name=_('Secret strategy')
2022-10-19 09:05:21 +00:00
)
secret = fields.EncryptTextField(blank=True, null=True, verbose_name=_('Secret'))
2022-10-13 09:47:29 +00:00
password_rules = models.JSONField(default=dict, verbose_name=_('Password rules'))
2022-10-19 09:05:21 +00:00
ssh_key_change_strategy = models.CharField(
choices=SSHKeyStrategy.choices, max_length=16,
default=SSHKeyStrategy.add, verbose_name=_('SSH key change strategy')
)
recipients = models.ManyToManyField('users.User', verbose_name=_("Recipient"), blank=True)
2022-09-07 11:49:42 +00:00
2022-10-12 10:08:57 +00:00
def save(self, *args, **kwargs):
2022-10-19 09:05:21 +00:00
self.type = AutomationTypes.change_secret
2022-10-12 10:08:57 +00:00
super().save(*args, **kwargs)
2022-09-07 11:49:42 +00:00
class Meta:
2022-10-19 03:39:11 +00:00
verbose_name = _("Change secret automation")
2022-09-07 11:49:42 +00:00
2022-10-19 09:05:21 +00:00
def to_attr_json(self):
attr_json = super().to_attr_json()
attr_json.update({
'secret': self.secret,
'secret_type': self.secret_type,
'secret_strategy': self.secret_strategy,
'password_rules': self.password_rules,
'ssh_key_change_strategy': self.ssh_key_change_strategy,
'recipients': {
str(recipient.id): (str(recipient), bool(recipient.secret_key))
for recipient in self.recipients.all()
}
})
return attr_json
2022-10-13 09:47:29 +00:00
class ChangeSecretRecord(JMSBaseModel):
execution = models.ForeignKey('assets.AutomationExecution', on_delete=models.CASCADE)
asset = models.ForeignKey('assets.Asset', on_delete=models.CASCADE, null=True)
2022-10-13 09:47:29 +00:00
account = models.ForeignKey('assets.Account', on_delete=models.CASCADE, null=True)
old_secret = fields.EncryptTextField(blank=True, null=True, verbose_name=_('Old secret'))
new_secret = fields.EncryptTextField(blank=True, null=True, verbose_name=_('Secret'))
date_started = models.DateTimeField(blank=True, null=True, verbose_name=_('Date started'))
date_finished = models.DateTimeField(blank=True, null=True, verbose_name=_('Date finished'))
status = models.CharField(max_length=16, default='pending')
error = models.TextField(blank=True, null=True, verbose_name=_('Error'))
class Meta:
2022-10-19 09:05:21 +00:00
verbose_name = _("Change secret record")
2022-10-13 09:47:29 +00:00
def __str__(self):
return self.account.__str__()
2022-11-21 07:18:09 +00:00
@property
def timedelta(self):
if self.date_started and self.date_finished:
return self.date_finished - self.date_started
return None