jumpserver/apps/assets/api.py

# ~*~ coding: utf-8 ~*~

from rest_framework import viewsets, generics, mixins
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin, ListBulkCreateUpdateDestroyAPIView
from django.shortcuts import get_object_or_404

from common.mixins import BulkDeleteApiMixin
from common.utils import get_object_or_none, signer
from .hands import IsSuperUserOrTerminalUser, IsSuperUser
from .models import AssetGroup, Asset, IDC, SystemUser, AdminUser
from . import serializers


class AssetViewSet(viewsets.ModelViewSet):
    """API endpoint that allows Asset to be viewed or edited."""
    queryset = Asset.objects.all()
    serializer_class = serializers.AssetSerializer

    def get_queryset(self):
        queryset = super(AssetViewSet, self).get_queryset()
        idc_id = self.request.query_params.get('idc_id', '')
        asset_group_id = self.request.query_params.get('asset_group_id', '')
        if idc_id:
            queryset = queryset.filter(idc__id=idc_id)

        if asset_group_id:
            queryset = queryset.filter(groups__id=asset_group_id)

        return queryset


class AssetGroupViewSet(viewsets.ModelViewSet):
    """ API endpoint that allows AssetGroup to be viewed or edited.
        some other comment
    """
    queryset = AssetGroup.objects.all()
    serializer_class = serializers.AssetGroupSerializer


class IDCViewSet(viewsets.ModelViewSet):
    """API endpoint that allows IDC to be viewed or edited."""
    queryset = IDC.objects.all()
    serializer_class = serializers.IDCSerializer
    permission_classes = (IsSuperUser,)


class AdminUserViewSet(viewsets.ModelViewSet):
    queryset = AdminUser.objects.all()
    serializer_class = serializers.AdminUserSerializer
    permission_classes = (IsSuperUser,)


class SystemUserViewSet(viewsets.ModelViewSet):
    queryset = SystemUser.objects.all()
    serializer_class = serializers.SystemUserSerializer
    permission_classes = (IsSuperUser,)


# class IDCAssetsApi(generics.ListAPIView):
#     model = IDC
#     serializer_class = serializers.AssetSerializer
#
#     def get(self, request, *args, **kwargs):
#         filter_kwargs = {self.lookup_field: self.kwargs[self.lookup_field]}
#         self.object = get_object_or_404(self.model, **filter_kwargs)
#         return super(IDCAssetsApi, self).get(request, *args, **kwargs)
#
#     def get_queryset(self):
#         return self.object.assets.all()


class AssetListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):
    queryset = Asset.objects.all()
    serializer_class = serializers.AssetSerializer
    permission_classes = (IsSuperUser,)


class SystemUserAuthApi(APIView):
    permission_classes = (IsSuperUserOrTerminalUser,)

    def get(self, request, *args, **kwargs):
        system_user_id = request.query_params.get('system_user_id', -1)
        system_user_username = request.query_params.get('system_user_username', '')

        system_user = get_object_or_none(SystemUser, id=system_user_id, username=system_user_username)

        if system_user:
            if system_user.password:
                password = signer.sign(system_user.password)
            else:
                password = signer.sign('')

            if system_user.private_key:
                private_key = signer.sign(system_user.private_key)
            else:
                private_key = signer.sign(None)

            response = {
                'id': system_user.id,
                'password': password,
                'private_key': private_key,
            }

            return Response(response)
        else:
            return Response({'msg': 'error system user id or username'}, status=401)
添加 utils和api样例文件 2016-08-09 09:27:37 +00:00			`# ~~ coding: utf-8 ~~`
Add user perm model and form 2016-09-11 01:50:42 +00:00
Stash 2016-11-06 13:29:04 +00:00			`from rest_framework import viewsets, generics, mixins`
Add token 2016-11-01 11:31:35 +00:00			`from rest_framework.response import Response`
Update signer 2016-11-01 09:21:16 +00:00			`from rest_framework.views import APIView`
			`from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin, ListBulkCreateUpdateDestroyAPIView`
Stash 2016-11-06 13:29:04 +00:00			`from django.shortcuts import get_object_or_404`
Update signer 2016-11-01 09:21:16 +00:00
asset:add assets_bulk 2016-10-21 13:14:49 +00:00			`from common.mixins import BulkDeleteApiMixin`
Add token 2016-11-01 11:31:35 +00:00			`from common.utils import get_object_or_none, signer`
			`from .hands import IsSuperUserOrTerminalUser, IsSuperUser`
Stash 2016-11-06 13:29:04 +00:00			`from .models import AssetGroup, Asset, IDC, SystemUser, AdminUser`
			`from . import serializers`
add asset amdin\|sys user model 2016-09-04 09:43:03 +00:00

add asset add 2016-09-03 11:05:50 +00:00			`class AssetViewSet(viewsets.ModelViewSet):`
asset:add assets_bulk_update 2016-10-28 13:19:37 +00:00			`"""API endpoint that allows Asset to be viewed or edited."""`
add asset add 2016-09-03 11:05:50 +00:00			`queryset = Asset.objects.all()`
Stash 2016-11-06 13:29:04 +00:00			`serializer_class = serializers.AssetSerializer`
add asset add 2016-09-03 11:05:50 +00:00
Finish system user list 2016-11-06 14:45:26 +00:00			`def get_queryset(self):`
			`queryset = super(AssetViewSet, self).get_queryset()`
Update asset 2016-11-17 11:28:45 +00:00			`idc_id = self.request.query_params.get('idc_id', '')`
			`asset_group_id = self.request.query_params.get('asset_group_id', '')`
			`if idc_id:`
			`queryset = queryset.filter(idc__id=idc_id)`

			`if asset_group_id:`
			`queryset = queryset.filter(groups__id=asset_group_id)`

Finish system user list 2016-11-06 14:45:26 +00:00			`return queryset`

add asset amdin\|sys user model 2016-09-04 09:43:03 +00:00
Update perm api 2016-11-09 16:18:57 +00:00			`class AssetGroupViewSet(viewsets.ModelViewSet):`
			`""" API endpoint that allows AssetGroup to be viewed or edited.`
			`some other comment`
			`"""`
			`queryset = AssetGroup.objects.all()`
			`serializer_class = serializers.AssetGroupSerializer`


Stash 2016-11-06 13:29:04 +00:00			`class IDCViewSet(viewsets.ModelViewSet):`
asset:add assets_bulk_update 2016-10-28 13:19:37 +00:00			`"""API endpoint that allows IDC to be viewed or edited."""`
add asset add 2016-09-03 11:05:50 +00:00			`queryset = IDC.objects.all()`
Stash 2016-11-06 13:29:04 +00:00			`serializer_class = serializers.IDCSerializer`
Add token 2016-11-01 11:31:35 +00:00			`permission_classes = (IsSuperUser,)`
update assets-group 2016-09-22 10:31:04 +00:00

Stash 2016-11-06 13:29:04 +00:00			`class AdminUserViewSet(viewsets.ModelViewSet):`
			`queryset = AdminUser.objects.all()`
			`serializer_class = serializers.AdminUserSerializer`
			`permission_classes = (IsSuperUser,)`


			`class SystemUserViewSet(viewsets.ModelViewSet):`
			`queryset = SystemUser.objects.all()`
			`serializer_class = serializers.SystemUserSerializer`
			`permission_classes = (IsSuperUser,)`


Finish system user list 2016-11-06 14:45:26 +00:00			`# class IDCAssetsApi(generics.ListAPIView):`
			`# model = IDC`
			`# serializer_class = serializers.AssetSerializer`
			`#`
			`# def get(self, request, args, *kwargs):`
			`# filter_kwargs = {self.lookup_field: self.kwargs[self.lookup_field]}`
			`# self.object = get_object_or_404(self.model, **filter_kwargs)`
			`# return super(IDCAssetsApi, self).get(request, args, *kwargs)`
			`#`
			`# def get_queryset(self):`
			`# return self.object.assets.all()`
Stash 2016-11-06 13:29:04 +00:00
asset:add assets_bulk_update 2016-10-28 13:19:37 +00:00
asset:add assets_bulk 2016-10-21 13:14:49 +00:00			`class AssetListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):`
			`queryset = Asset.objects.all()`
Update perm api 2016-11-09 16:18:57 +00:00			`serializer_class = serializers.AssetSerializer`
Add token 2016-11-01 11:31:35 +00:00			`permission_classes = (IsSuperUser,)`
Update signer 2016-11-01 09:21:16 +00:00

Add token 2016-11-01 11:31:35 +00:00			`class SystemUserAuthApi(APIView):`
			`permission_classes = (IsSuperUserOrTerminalUser,)`

Update signer 2016-11-01 09:21:16 +00:00			`def get(self, request, args, *kwargs):`
Add token 2016-11-01 11:31:35 +00:00			`system_user_id = request.query_params.get('system_user_id', -1)`
			`system_user_username = request.query_params.get('system_user_username', '')`
Update signer 2016-11-01 09:21:16 +00:00
Add token 2016-11-01 11:31:35 +00:00			`system_user = get_object_or_none(SystemUser, id=system_user_id, username=system_user_username)`
Update signer 2016-11-01 09:21:16 +00:00
			`if system_user:`
Finish some bug 2016-11-02 11:44:11 +00:00			`if system_user.password:`
			`password = signer.sign(system_user.password)`
			`else:`
			`password = signer.sign('')`

			`if system_user.private_key:`
			`private_key = signer.sign(system_user.private_key)`
			`else:`
			`private_key = signer.sign(None)`
Add token 2016-11-01 11:31:35 +00:00
			`response = {`
			`'id': system_user.id,`
			`'password': password,`
			`'private_key': private_key,`
			`}`

			`return Response(response)`
			`else:`
			`return Response({'msg': 'error system user id or username'}, status=401)`
asset:add assets_bulk_update 2016-10-28 13:19:37 +00:00