github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

refactor: ConnectionToken 修改表字段名称 account -> account_username

pull/8997/head
Jiangjie.Bai 2022-10-28 15:01:17 +08:00
parent bd9afaba1e
commit 2b5b4ad605
2 changed files with 17 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/authentication/migrations/0012_auto_20220816_1629.py
View File

@ -16,9 +16,9 @@ def migrate_system_user_to_account(apps, schema_editor):
count += len(connection_tokens)
updated = []
for connection_token in connection_tokens:
connection_token.account = connection_token.system_user.username
connection_token.account_username = connection_token.system_user.username
updated.append(connection_token)
connection_token_model.objects.bulk_update(updated, ['account'])
connection_token_model.objects.bulk_update(updated, ['account_username'])
class Migration(migrations.Migration):
@ -42,7 +42,7 @@ class Migration(migrations.Migration):
),
migrations.AddField(
model_name='connectiontoken',
name='account',
name='account_username',
field=models.CharField(default='', max_length=128, verbose_name='Account'),
),
migrations.RunPython(migrate_system_user_to_account),

37
apps/authentication/models/connection_token.py
View File

@ -25,12 +25,12 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
'assets.Asset', on_delete=models.SET_NULL, null=True, blank=True,
related_name='connection_tokens', verbose_name=_('Asset'),
)
user_display = models.CharField(max_length=128, default='', verbose_name=_("User display"))
asset_display = models.CharField(max_length=128, default='', verbose_name=_("Asset display"))
account = models.CharField(max_length=128, default='', verbose_name=_("Account"))
protocol = models.CharField(
choices=Protocol.choices, max_length=16, default=Protocol.ssh, verbose_name=_("Protocol")
)
user_display = models.CharField(max_length=128, default='', verbose_name=_("User display"))
asset_display = models.CharField(max_length=128, default='', verbose_name=_("Asset display"))
account_username = models.CharField(max_length=128, default='', verbose_name=_("Account"))
secret = models.CharField(max_length=64, default='', verbose_name=_("Secret"))
date_expired = models.DateTimeField(
default=date_expired_default, verbose_name=_("Date expired")
@ -43,6 +43,10 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
('view_connectiontokensecret', _('Can view connection token secret'))
]
@property
def is_valid(self):
return not self.is_expired
@property
def is_expired(self):
return self.date_expired < timezone.now()
@ -55,10 +59,6 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
seconds = 0
return int(seconds)
@property
def is_valid(self):
return not self.is_expired
@classmethod
def get_default_date_expired(cls):
return date_expired_default()
@ -81,30 +81,21 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
is_valid = False
error = _('Connection token expired at: {}').format(as_current_tz(self.date_expired))
return is_valid, error
if not self.user:
if not self.user or not self.user.is_valid:
is_valid = False
error = _('User not exists')
error = _('No user or invalid user')
return is_valid, error
if not self.user.is_valid:
if not self.asset or self.asset.is_active:
is_valid = False
error = _('User invalid, disabled or expired')
return is_valid, error
if not self.asset:
is_valid = False
error = _('Asset not exists')
return is_valid, error
if not self.asset.is_active:
is_valid = False
error = _('Asset inactive')
error = _('No asset or inactive asset')
return is_valid, error
if not self.account:
is_valid = False
error = _('Account not exists')
error = _('No account')
return is_valid, error
actions, expire_at = PermAccountUtil().validate_permission(
self.user, self.asset, self.account
)
account_util = PermAccountUtil()
actions, expire_at = account_util.validate_permission(self.user, self.asset, self.account)
if not actions or expire_at < time.time():
is_valid = False
error = _('User has no permission to access asset or permission expired')