From 0c71190337c0959bc7bfe9eac7d181b4fe085a0c Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Tue, 17 May 2022 21:12:59 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E6=94=B9=20EncryptedField=20?= =?UTF-8?q?=E5=AD=97=E6=AE=B5=E7=9A=84=20write=5Fonly=20=E5=B1=9E=E6=80=A7?= =?UTF-8?q?=20(#8259)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: 修改 EncryptedField 字段的 write_only 属性 fix: 修改 EncryptedField 字段的 write_only 属性 * fix: 修改 EncryptedField 字段的 write_only 属性 Co-authored-by: Jiangjie.Bai Co-authored-by: Jiangjie.Bai <32935519+BaiJiangJie@users.noreply.github.com> --- apps/applications/serializers/application.py | 4 ++-- apps/assets/serializers/account.py | 3 ++- apps/common/drf/serializers.py | 21 +++++++++++++++++++- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/apps/applications/serializers/application.py b/apps/applications/serializers/application.py index 9b62d1dc1..35a07e262 100644 --- a/apps/applications/serializers/application.py +++ b/apps/applications/serializers/application.py @@ -5,7 +5,7 @@ from django.utils.translation import ugettext_lazy as _ from orgs.mixins.serializers import BulkOrgResourceModelSerializer from assets.serializers.base import AuthSerializerMixin -from common.drf.serializers import MethodSerializer +from common.drf.serializers import MethodSerializer, SecretReadableMixin from .attrs import ( category_serializer_classes_mapping, type_serializer_classes_mapping, @@ -152,7 +152,7 @@ class AppAccountSerializer(AppSerializerMixin, AuthSerializerMixin, BulkOrgResou return super().to_representation(instance) -class AppAccountSecretSerializer(AppAccountSerializer): +class AppAccountSecretSerializer(SecretReadableMixin, AppAccountSerializer): class Meta(AppAccountSerializer.Meta): fields_backup = [ 'id', 'app_display', 'attrs', 'username', 'password', 'private_key', diff --git a/apps/assets/serializers/account.py b/apps/assets/serializers/account.py index daa7f38f8..bc4bea563 100644 --- a/apps/assets/serializers/account.py +++ b/apps/assets/serializers/account.py @@ -7,6 +7,7 @@ from orgs.mixins.serializers import BulkOrgResourceModelSerializer from .base import AuthSerializerMixin from .utils import validate_password_contains_left_double_curly_bracket from common.utils.encode import ssh_pubkey_gen +from common.drf.serializers import SecretReadableMixin class AccountSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer): @@ -70,7 +71,7 @@ class AccountSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer): return super().to_representation(instance) -class AccountSecretSerializer(AccountSerializer): +class AccountSecretSerializer(SecretReadableMixin, AccountSerializer): class Meta(AccountSerializer.Meta): fields_backup = [ 'hostname', 'ip', 'platform', 'protocols', 'username', 'password', diff --git a/apps/common/drf/serializers.py b/apps/common/drf/serializers.py index 4beb59fe7..1dde4a77e 100644 --- a/apps/common/drf/serializers.py +++ b/apps/common/drf/serializers.py @@ -8,10 +8,12 @@ from common.mixins import BulkListSerializerMixin from django.utils.functional import cached_property from rest_framework.utils.serializer_helpers import BindingDict from common.mixins.serializers import BulkSerializerMixin +from common.drf.fields import EncryptedField __all__ = [ 'MethodSerializer', - 'EmptySerializer', 'BulkModelSerializer', 'AdaptedBulkListSerializer', 'CeleryTaskSerializer' + 'EmptySerializer', 'BulkModelSerializer', 'AdaptedBulkListSerializer', 'CeleryTaskSerializer', + 'SecretReadableMixin' ] @@ -83,3 +85,20 @@ class CeleryTaskSerializer(serializers.Serializer): task = serializers.CharField(read_only=True) +class SecretReadableMixin(serializers.Serializer): + """ 加密字段 (EncryptedField) 可读性 """ + + def __init__(self, *args, **kwargs): + super(SecretReadableMixin, self).__init__(*args, **kwargs) + if not hasattr(self, 'Meta') or not hasattr(self.Meta, 'extra_kwargs'): + return + extra_kwargs = self.Meta.extra_kwargs + for field_name, serializer_field in self.fields.items(): + if not isinstance(serializer_field, EncryptedField): + continue + if field_name not in extra_kwargs: + continue + field_extra_kwargs = extra_kwargs[field_name] + if 'write_only' not in field_extra_kwargs: + continue + serializer_field.write_only = field_extra_kwargs['write_only']