mirror of https://github.com/jumpserver/jumpserver
Jiangjie.Bai
GitHub
commit
1ef3f24465
|
|
@ -149,6 +149,7 @@ class SystemUserListSerializer(SystemUserSerializer):
|
|||
class Meta(SystemUserSerializer.Meta):
|
||||
fields = [
|
||||
'id', 'name', 'username', 'protocol',
|
||||
'password', 'public_key', 'private_key',
|
||||
'login_mode', 'login_mode_display',
|
||||
'priority', "username_same_with_user",
|
||||
'auto_push', 'sudo', 'shell', 'comment',
|
||||
|
|
@ -157,6 +158,12 @@ class SystemUserListSerializer(SystemUserSerializer):
|
|||
'sftp_root',
|
||||
]
|
||||
|
||||
extra_kwargs = {
|
||||
'password': {"write_only": True},
|
||||
'public_key': {"write_only": True},
|
||||
'private_key': {"write_only": True},
|
||||
}
|
||||
|
||||
@classmethod
|
||||
def setup_eager_loading(cls, queryset):
|
||||
""" Perform necessary eager loading of data. """
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ from django.conf import settings
|
|||
from django.contrib.auth import user_logged_in
|
||||
from django.core.cache import cache
|
||||
from django.dispatch import receiver
|
||||
from django_cas_ng.signals import cas_user_authenticated
|
||||
|
||||
from jms_oidc_rp.signals import openid_user_login_failed, openid_user_login_success
|
||||
|
||||
|
|
@ -29,3 +30,8 @@ def on_oidc_user_login_success(sender, request, user, **kwargs):
|
|||
@receiver(openid_user_login_failed)
|
||||
def on_oidc_user_login_failed(sender, username, request, reason, **kwargs):
|
||||
post_auth_failed.send(sender, username=username, request=request, reason=reason)
|
||||
|
||||
|
||||
@receiver(cas_user_authenticated)
|
||||
def on_cas_user_login_success(sender, request, user, **kwargs):
|
||||
post_auth_success.send(sender, user=user, request=request)
|
||||
|
|
@ -82,12 +82,27 @@
|
|||
return jsencrypt.encrypt(password); //加密
|
||||
}
|
||||
function doLogin() {
|
||||
//公钥加密
|
||||
var rsaPublicKey = "{{ rsa_public_key }}"
|
||||
var password =$('#password').val(); //明文密码
|
||||
var passwordEncrypted = encryptLoginPassword(password, rsaPublicKey)
|
||||
$('#password').val(passwordEncrypted); //返回给密码输入input
|
||||
$('#form').submit();//post提交
|
||||
}
|
||||
var rsaPublicKey = "{{ rsa_public_key }}";
|
||||
var password =$('#password').val();
|
||||
var passwordEncrypted = encryptLoginPassword(password, rsaPublicKey);
|
||||
var serialize_array = $('#form').serializeArray();
|
||||
$.each(serialize_array, function(index,obj){
|
||||
if(obj.name=='password'){
|
||||
obj.value=passwordEncrypted};
|
||||
});
|
||||
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: '',
|
||||
data: serialize_array,
|
||||
success: function(data){
|
||||
$('body').html(data);
|
||||
},
|
||||
error: function(data){
|
||||
alert('服务器异常');
|
||||
},
|
||||
});
|
||||
};
|
||||
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -153,13 +153,28 @@
|
|||
return jsencrypt.encrypt(password); //加密
|
||||
}
|
||||
function doLogin() {
|
||||
//公钥加密
|
||||
var rsaPublicKey = "{{ rsa_public_key }}"
|
||||
var password =$('#password').val(); //明文密码
|
||||
var passwordEncrypted = encryptLoginPassword(password, rsaPublicKey)
|
||||
$('#password').val(passwordEncrypted); //返回给密码输入input
|
||||
$('#contact-form').submit();//post提交
|
||||
}
|
||||
var rsaPublicKey = "{{ rsa_public_key }}";
|
||||
var password =$('#password').val();
|
||||
var passwordEncrypted = encryptLoginPassword(password, rsaPublicKey);
|
||||
var serialize_array = $('#contact-form').serializeArray();
|
||||
$.each(serialize_array, function(index,obj){
|
||||
if(obj.name=='password'){
|
||||
obj.value=passwordEncrypted};
|
||||
});
|
||||
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
url: '',
|
||||
data: serialize_array,
|
||||
success: function(data){
|
||||
$('body').html(data);
|
||||
},
|
||||
error: function(data){
|
||||
alert('服务器异常');
|
||||
},
|
||||
});
|
||||
};
|
||||
|
||||
</script>
|
||||
</html>
|
||||
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ class Config(dict):
|
|||
'AUTH_LDAP_SEARCH_FILTER': '(cn=%(user)s)',
|
||||
'AUTH_LDAP_START_TLS': False,
|
||||
'AUTH_LDAP_USER_ATTR_MAP': {"username": "cn", "name": "sn", "email": "mail"},
|
||||
'AUTH_LDAP_CONNECT_TIMEOUT': 30,
|
||||
'AUTH_LDAP_CONNECT_TIMEOUT': 10,
|
||||
'AUTH_LDAP_SEARCH_PAGED_SIZE': 1000,
|
||||
'AUTH_LDAP_SYNC_IS_PERIODIC': False,
|
||||
'AUTH_LDAP_SYNC_INTERVAL': None,
|
||||
|
|
@ -267,7 +267,8 @@ class Config(dict):
|
|||
'LANGUAGE_CODE': 'zh',
|
||||
'TIME_ZONE': 'Asia/Shanghai',
|
||||
'CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED': True,
|
||||
'USER_LOGIN_SINGLE_MACHINE_ENABLED': False
|
||||
'USER_LOGIN_SINGLE_MACHINE_ENABLED': False,
|
||||
'TICKETS_ENABLED': True
|
||||
}
|
||||
|
||||
def compatible_auth_openid_of_key(self):
|
||||
|
|
|
|||
|
|
@ -32,7 +32,8 @@ if os.path.isfile(LDAP_CERT_FILE):
|
|||
# AUTH_LDAP_GROUP_SEARCH_OU, ldap.SCOPE_SUBTREE, AUTH_LDAP_GROUP_SEARCH_FILTER
|
||||
# )
|
||||
AUTH_LDAP_CONNECTION_OPTIONS = {
|
||||
ldap.OPT_TIMEOUT: CONFIG.AUTH_LDAP_CONNECT_TIMEOUT
|
||||
ldap.OPT_TIMEOUT: CONFIG.AUTH_LDAP_CONNECT_TIMEOUT,
|
||||
ldap.OPT_NETWORK_TIMEOUT: CONFIG.AUTH_LDAP_CONNECT_TIMEOUT
|
||||
}
|
||||
AUTH_LDAP_CACHE_TIMEOUT = 1
|
||||
AUTH_LDAP_ALWAYS_UPDATE_USER = True
|
||||
|
|
|
|||
|
|
@ -101,3 +101,5 @@ LOGO_URLS = DYNAMIC.LOGO_URLS
|
|||
CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED = CONFIG.CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED
|
||||
|
||||
DATETIME_DISPLAY_FORMAT = '%Y-%m-%d %H:%M:%S'
|
||||
|
||||
TICKETS_ENABLED = CONFIG.TICKETS_ENABLED
|
||||
|
|
|
|||
|
|
@ -52,9 +52,9 @@ class OrgReadSerializer(OrgSerializer):
|
|||
|
||||
|
||||
class OrgMemberSerializer(BulkModelSerializer):
|
||||
org_display = serializers.CharField()
|
||||
user_display = serializers.CharField()
|
||||
role_display = serializers.CharField(source='get_role_display')
|
||||
org_display = serializers.CharField(read_only=True)
|
||||
user_display = serializers.CharField(read_only=True)
|
||||
role_display = serializers.CharField(source='get_role_display', read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = OrganizationMember
|
||||
|
|
|
|||
|
|
@ -279,6 +279,7 @@ class PublicSettingApi(generics.RetrieveAPIView):
|
|||
"SECURITY_MFA_VERIFY_TTL": settings.SECURITY_MFA_VERIFY_TTL,
|
||||
"SECURITY_COMMAND_EXECUTION": settings.SECURITY_COMMAND_EXECUTION,
|
||||
"LOGO_URLS": settings.LOGO_URLS,
|
||||
"TICKETS_ENABLED": settings.TICKETS_ENABLED,
|
||||
"PASSWORD_RULE": {
|
||||
'SECURITY_PASSWORD_MIN_LENGTH': settings.SECURITY_PASSWORD_MIN_LENGTH,
|
||||
'SECURITY_PASSWORD_UPPER_CASE': settings.SECURITY_PASSWORD_UPPER_CASE,
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
from rest_framework import serializers
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from common.drf.serializers import BulkModelSerializer, AdaptedBulkListSerializer
|
||||
from common.utils import is_uuid
|
||||
from ..models import (
|
||||
Terminal, Status, Session, Task
|
||||
Terminal, Status, Session, Task, CommandStorage, ReplayStorage
|
||||
)
|
||||
|
||||
|
||||
|
|
@ -18,6 +20,31 @@ class TerminalSerializer(BulkModelSerializer):
|
|||
'is_alive', 'date_created', 'command_storage', 'replay_storage'
|
||||
]
|
||||
|
||||
@staticmethod
|
||||
def get_kwargs_may_be_uuid(value):
|
||||
kwargs = {}
|
||||
if is_uuid(value):
|
||||
kwargs['id'] = value
|
||||
else:
|
||||
kwargs['name'] = value
|
||||
return kwargs
|
||||
|
||||
def validate_command_storage(self, value):
|
||||
kwargs = self.get_kwargs_may_be_uuid(value)
|
||||
storage = CommandStorage.objects.filter(**kwargs).first()
|
||||
if storage:
|
||||
return storage.name
|
||||
else:
|
||||
raise serializers.ValidationError(_('Not found'))
|
||||
|
||||
def validate_replay_storage(self, value):
|
||||
kwargs = self.get_kwargs_may_be_uuid(value)
|
||||
storage = ReplayStorage.objects.filter(**kwargs).first()
|
||||
if storage:
|
||||
return storage.name
|
||||
else:
|
||||
raise serializers.ValidationError(_('Not found'))
|
||||
|
||||
@staticmethod
|
||||
def get_session_online(obj):
|
||||
return Session.objects.filter(terminal=obj, is_finished=False).count()
|
||||
|
|
|
|||
Loading…
Reference in New Issue