jumpserver/apps/terminal/api/terminal.py

# -*- coding: utf-8 -*-
#
from collections import OrderedDict
import logging
import uuid

from django.core.cache import cache
from django.shortcuts import get_object_or_404, redirect
from django.utils import timezone
from rest_framework import viewsets
from rest_framework.views import APIView, Response
from rest_framework.permissions import AllowAny


from common.utils import get_object_or_none
from common.permissions import IsAppUser, IsOrgAdminOrAppUser, IsSuperUser
from ..models import Terminal, Status, Session
from .. import serializers

__all__ = [
    'TerminalViewSet', 'TerminalTokenApi', 'StatusViewSet', 'TerminalConfig',
]
logger = logging.getLogger(__file__)


class TerminalViewSet(viewsets.ModelViewSet):
    queryset = Terminal.objects.filter(is_deleted=False)
    serializer_class = serializers.TerminalSerializer
    permission_classes = (IsSuperUser,)

    def create(self, request, *args, **kwargs):
        name = request.data.get('name')
        remote_ip = request.META.get('REMOTE_ADDR')
        x_real_ip = request.META.get('X-Real-IP')
        remote_addr = x_real_ip or remote_ip

        terminal = get_object_or_none(Terminal, name=name, is_deleted=False)
        if terminal:
            msg = 'Terminal name %s already used' % name
            return Response({'msg': msg}, status=409)

        serializer = self.serializer_class(data={
            'name': name, 'remote_addr': remote_addr
        })

        if serializer.is_valid():
            terminal = serializer.save()

            # App should use id, token get access key, if accepted
            token = uuid.uuid4().hex
            cache.set(token, str(terminal.id), 3600)
            data = {"id": str(terminal.id), "token": token, "msg": "Need accept"}
            return Response(data, status=201)
        else:
            data = serializer.errors
            logger.error("Register terminal error: {}".format(data))
            return Response(data, status=400)

    def get_permissions(self):
        if self.action == "create":
            self.permission_classes = (AllowAny,)
        return super().get_permissions()


class TerminalTokenApi(APIView):
    permission_classes = (AllowAny,)
    queryset = Terminal.objects.filter(is_deleted=False)

    def get(self, request, *args, **kwargs):
        try:
            terminal = self.queryset.get(id=kwargs.get('terminal'))
        except Terminal.DoesNotExist:
            terminal = None

        token = request.query_params.get("token")

        if terminal is None:
            return Response('May be reject by administrator', status=401)

        if token is None or cache.get(token, "") != str(terminal.id):
            return Response('Token is not valid', status=401)

        if not terminal.is_accepted:
            return Response("Terminal was not accepted yet", status=400)

        if not terminal.user or not terminal.user.access_key:
            return Response("No access key generate", status=401)

        access_key = terminal.user.access_key()
        data = OrderedDict()
        data['access_key'] = {'id': access_key.id, 'secret': access_key.secret}
        return Response(data, status=200)


class StatusViewSet(viewsets.ModelViewSet):
    queryset = Status.objects.all()
    serializer_class = serializers.StatusSerializer
    permission_classes = (IsOrgAdminOrAppUser,)
    session_serializer_class = serializers.SessionSerializer
    task_serializer_class = serializers.TaskSerializer

    def create(self, request, *args, **kwargs):
        self.handle_status(request)
        self.handle_sessions()
        tasks = self.request.user.terminal.task_set.filter(is_finished=False)
        serializer = self.task_serializer_class(tasks, many=True)
        return Response(serializer.data, status=201)

    def handle_status(self, request):
        request.user.terminal.is_alive = True

    def handle_sessions(self):
        sessions_id = self.request.data.get('sessions', [])
        Session.set_sessions_active(sessions_id)

    def get_queryset(self):
        terminal_id = self.kwargs.get("terminal", None)
        if terminal_id:
            terminal = get_object_or_404(Terminal, id=terminal_id)
            self.queryset = terminal.status_set.all()
        return self.queryset

    def perform_create(self, serializer):
        serializer.validated_data["terminal"] = self.request.user.terminal
        return super().perform_create(serializer)

    def get_permissions(self):
        if self.action == "create":
            self.permission_classes = (IsAppUser,)
        return super().get_permissions()


class TerminalConfig(APIView):
    permission_classes = (IsAppUser,)

    def get(self, request):
        user = request.user
        terminal = user.terminal
        configs = terminal.config
        return Response(configs, status=200)
服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago			`# -- coding: utf-8 --`
			`#`
			`from collections import OrderedDict`
			`import logging`
			`import uuid`

			`from django.core.cache import cache`
			`from django.shortcuts import get_object_or_404, redirect`
			`from django.utils import timezone`
			`from rest_framework import viewsets`
			`from rest_framework.views import APIView, Response`
			`from rest_framework.permissions import AllowAny`


			`from common.utils import get_object_or_none`
			`from common.permissions import IsAppUser, IsOrgAdminOrAppUser, IsSuperUser`
Bugfix (#2506) * [Update] 增加清理celery日志 * [Update] 修复两周前会话命令数量系那是问题 * [Update] 修复两周前会话命令数量系那是问题 * [Update] 修改结构 * [Update] 添加datatable失败的日志 * [Update] 转换配置文件格式 * [Update] 添加traceback 6 years ago			`from ..models import Terminal, Status, Session`
			`from .. import serializers`
服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago
			`__all__ = [`
			`'TerminalViewSet', 'TerminalTokenApi', 'StatusViewSet', 'TerminalConfig',`
			`]`
			`logger = logging.getLogger(__file__)`


			`class TerminalViewSet(viewsets.ModelViewSet):`
			`queryset = Terminal.objects.filter(is_deleted=False)`
			`serializer_class = serializers.TerminalSerializer`
			`permission_classes = (IsSuperUser,)`

			`def create(self, request, args, *kwargs):`
			`name = request.data.get('name')`
			`remote_ip = request.META.get('REMOTE_ADDR')`
			`x_real_ip = request.META.get('X-Real-IP')`
			`remote_addr = x_real_ip or remote_ip`

			`terminal = get_object_or_none(Terminal, name=name, is_deleted=False)`
			`if terminal:`
			`msg = 'Terminal name %s already used' % name`
			`return Response({'msg': msg}, status=409)`

			`serializer = self.serializer_class(data={`
			`'name': name, 'remote_addr': remote_addr`
			`})`

			`if serializer.is_valid():`
			`terminal = serializer.save()`

			`# App should use id, token get access key, if accepted`
			`token = uuid.uuid4().hex`
			`cache.set(token, str(terminal.id), 3600)`
			`data = {"id": str(terminal.id), "token": token, "msg": "Need accept"}`
			`return Response(data, status=201)`
			`else:`
			`data = serializer.errors`
			`logger.error("Register terminal error: {}".format(data))`
			`return Response(data, status=400)`

			`def get_permissions(self):`
			`if self.action == "create":`
			`self.permission_classes = (AllowAny,)`
			`return super().get_permissions()`


			`class TerminalTokenApi(APIView):`
			`permission_classes = (AllowAny,)`
			`queryset = Terminal.objects.filter(is_deleted=False)`

			`def get(self, request, args, *kwargs):`
			`try:`
			`terminal = self.queryset.get(id=kwargs.get('terminal'))`
			`except Terminal.DoesNotExist:`
			`terminal = None`

			`token = request.query_params.get("token")`

			`if terminal is None:`
			`return Response('May be reject by administrator', status=401)`

			`if token is None or cache.get(token, "") != str(terminal.id):`
			`return Response('Token is not valid', status=401)`

			`if not terminal.is_accepted:`
			`return Response("Terminal was not accepted yet", status=400)`

[Bugfix] 修复accekt的错误 6 years ago			`if not terminal.user or not terminal.user.access_key:`
服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago			`return Response("No access key generate", status=401)`

[Update] 优化资产选择 (#2267) * [Update] 优化资产选择 * [Update] 优化资产任务 6 years ago			`access_key = terminal.user.access_key()`
服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago			`data = OrderedDict()`
			`data['access_key'] = {'id': access_key.id, 'secret': access_key.secret}`
			`return Response(data, status=200)`


			`class StatusViewSet(viewsets.ModelViewSet):`
			`queryset = Status.objects.all()`
			`serializer_class = serializers.StatusSerializer`
			`permission_classes = (IsOrgAdminOrAppUser,)`
			`session_serializer_class = serializers.SessionSerializer`
			`task_serializer_class = serializers.TaskSerializer`

			`def create(self, request, args, *kwargs):`
[Update] 修改一些terminal storage (#2357) 6 years ago			`self.handle_status(request)`
Bugfix (#2346) * [Update] 修改command Post导致的output错误和定时任务创建问题 * [Update] 修改celery 日志 * [Update] 修改task日志方式 * [Update] 修改Docker file 6 years ago			`self.handle_sessions()`
服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago			`tasks = self.request.user.terminal.task_set.filter(is_finished=False)`
			`serializer = self.task_serializer_class(tasks, many=True)`
			`return Response(serializer.data, status=201)`

[Update] 修改一些terminal storage (#2357) 6 years ago			`def handle_status(self, request):`
			`request.user.terminal.is_alive = True`

服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago			`def handle_sessions(self):`
Bugfix (#2346) * [Update] 修改command Post导致的output错误和定时任务创建问题 * [Update] 修改celery 日志 * [Update] 修改task日志方式 * [Update] 修改Docker file 6 years ago			`sessions_id = self.request.data.get('sessions', [])`
[Update] 修改一些terminal storage (#2357) 6 years ago			`Session.set_sessions_active(sessions_id)`
服务账号注册机制更改 (#2079) * [Update] 服务账号注册 * [Update] 修改settings配置 * [Update] 修改settings * [Update] 整理terminal api * [Update] 修改terminal api * [Update] 修改terminal注册机制 6 years ago
			`def get_queryset(self):`
			`terminal_id = self.kwargs.get("terminal", None)`
			`if terminal_id:`
			`terminal = get_object_or_404(Terminal, id=terminal_id)`
			`self.queryset = terminal.status_set.all()`
			`return self.queryset`

			`def perform_create(self, serializer):`
			`serializer.validated_data["terminal"] = self.request.user.terminal`
			`return super().perform_create(serializer)`

			`def get_permissions(self):`
			`if self.action == "create":`
			`self.permission_classes = (IsAppUser,)`
			`return super().get_permissions()`


			`class TerminalConfig(APIView):`
			`permission_classes = (IsAppUser,)`

			`def get(self, request):`
			`user = request.user`
			`terminal = user.terminal`
			`configs = terminal.config`
			`return Response(configs, status=200)`