github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

update some user api

pull/530/head
ibuler 2016-11-09 23:49:10 +08:00
parent c5d625e261
commit 47090eb0f7
14 changed files with 102 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
apps/common/utils.py
View File

@ -11,6 +11,7 @@ import datetime
import paramiko
import paramiko
import sshpubkeys
from itsdangerous import TimedJSONWebSignatureSerializer, JSONWebSignatureSerializer, \
BadSignature, SignatureExpired
from django.shortcuts import reverse as dj_reverse
@ -236,4 +237,15 @@ def validate_ssh_private_key(text):
return True
def validate_ssh_public_key(text):
ssh = sshpubkeys.SSHKey(text)
try:
ssh.parse()
except sshpubkeys.InvalidKeyException:
return False
except NotImplementedError as e:
return False
return True
signer = Signer()

3
apps/static/js/jumpserver.js
View File

@ -191,7 +191,6 @@ function APIUpdateAttr(props) {
props = props || {};
var success_message = props.success_message || 'Update Successfully!';
var fail_message = props.fail_message || 'Error occurred while updating.';
console.log(props.body);
$.ajax({
url: props.url,
type: props.method || "PATCH",
@ -208,7 +207,7 @@ function APIUpdateAttr(props) {
if (typeof props.error === 'function') {
return props.error(errorThrown);
} else {
toastr.error(fail_message);
toastr.error(textStatue);
}
});
return true;

38
apps/users/api.py
View File

@ -29,10 +29,10 @@ class UserViewSet(BulkModelViewSet):
permission_classes = (IsSuperUser,)
# class UserAndGroupEditApi(generics.RetrieveUpdateAPIView):
# queryset = User.objects.all()
# serializer_class = serializers.UserAndGroupSerializer
# permission_classes = (IsSuperUser,)
class UserAndGroupEditApi(generics.RetrieveUpdateAPIView):
queryset = User.objects.all()
serializer_class = serializers.UserAndGroupSerializer
permission_classes = (IsSuperUser,)
class UserResetPasswordApi(generics.UpdateAPIView):
@ -50,7 +50,7 @@ class UserResetPasswordApi(generics.UpdateAPIView):
send_reset_password_mail(user)
class UserResetPubKeyApi(generics.UpdateAPIView):
class UserResetPKApi(generics.UpdateAPIView):
queryset = User.objects.all()
serializer_class = serializers.UserSerializer
@ -61,16 +61,16 @@ class UserResetPubKeyApi(generics.UpdateAPIView):
user.save()
send_reset_ssh_key_mail(user)
#
# class UserUpdatePKApi(generics.UpdateAPIView):
# queryset = User.objects.all()
# serializer_class = serializers.UserPKUpdateSerializer
#
# def perform_update(self, serializer):
# user = self.get_object()
# user.private_key = serializer.validated_data['_public_key']
# user.save()
#
class UserUpdatePKApi(generics.UpdateAPIView):
queryset = User.objects.all()
serializer_class = serializers.UserPKUpdateSerializer
def perform_update(self, serializer):
user = self.get_object()
user.public_key = serializer.validated_data['_public_key']
user.save()
#
# class GroupDetailApi(generics.RetrieveUpdateDestroyAPIView):
# queryset = UserGroup.objects.all()
@ -87,8 +87,8 @@ class UserResetPubKeyApi(generics.UpdateAPIView):
# group.save()
# return
# serializer.save()
#
#
# class UserListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):
# queryset = User.objects.all()
# serializer_class = serializers.UserBulkUpdateSerializer
@ -96,12 +96,12 @@ class UserResetPubKeyApi(generics.UpdateAPIView):
#
# def get(self, request, *args, **kwargs):
# return super(UserListUpdateApi, self).get(request, *args, **kwargs)
#
#
# class GroupListUpdateApi(BulkDeleteApiMixin, ListBulkCreateUpdateDestroyAPIView):
# queryset = UserGroup.objects.all()
# serializer_class = serializers.GroupBulkUpdateSerializer
#
# class DeleteUserFromGroupApi(generics.DestroyAPIView):
# queryset = UserGroup.objects.all()

55
apps/users/forms.py
View File

@ -5,6 +5,7 @@ from django.contrib.auth.forms import AuthenticationForm
from django.utils.translation import gettext_lazy as _
from captcha.fields import CaptchaField
from common.utils import validate_ssh_public_key
from .models import User, UserGroup
from .hands import AssetPermission
@ -17,7 +18,7 @@ class UserLoginForm(AuthenticationForm):
captcha = CaptchaField()
class UserCreateForm(forms.ModelForm):
class UserCreateUpdateForm(forms.ModelForm):
class Meta:
model = User
@ -42,22 +43,22 @@ class UserBulkImportForm(forms.ModelForm):
fields = ['username', 'email', 'enable_otp', 'role']
class UserUpdateForm(forms.ModelForm):
class Meta:
model = User
fields = [
'name', 'email', 'groups', 'wechat',
'phone', 'enable_otp', 'role', 'date_expired', 'comment',
]
help_texts = {
'username': '* required',
'email': '* required',
'groups': '* required'
}
widgets = {
'groups': forms.SelectMultiple(attrs={'class': 'select2', 'data-placeholder': _('Join user groups')}),
}
# class UserUpdateForm(forms.ModelForm):
#
# class Meta:
# model = User
# fields = [
# 'name', 'email', 'groups', 'wechat',
# 'phone', 'enable_otp', 'role', 'date_expired', 'comment',
# ]
# help_texts = {
# 'username': '* required',
# 'email': '* required',
# 'groups': '* required'
# }
# widgets = {
# 'groups': forms.SelectMultiple(attrs={'class': 'select2', 'data-placeholder': _('Join user groups')}),
# }
class UserGroupForm(forms.ModelForm):
@ -84,22 +85,14 @@ class UserKeyForm(forms.Form):
public_key = forms.CharField(
label=_('ssh public key'), max_length=5000,
widget=forms.Textarea(attrs={'placeholder': _('ssh-rsa AAAA...')}),
help_text=_('Paste your id_ras.pub here.'))
help_text=_('Paste your id_rsa.pub here.'))
def clean_public_key(self):
public_key = self.cleaned_data['public_key']
if self.user._public_key and public_key == self.user.public_key:
if self.user.public_key and public_key == self.user.public_key:
raise forms.ValidationError(_('Public key should not be the same as your old one.'))
from sshpubkeys import SSHKey
from sshpubkeys.exceptions import InvalidKeyException
ssh = SSHKey(public_key)
try:
ssh.parse()
except InvalidKeyException as e:
print e
raise forms.ValidationError(_('Not a valid ssh public key'))
except NotImplementedError as e:
print e
if not validate_ssh_public_key(public_key):
raise forms.ValidationError(_('Not a valid ssh public key'))
return public_key
@ -126,3 +119,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
'system_users': forms.SelectMultiple(attrs={'class': 'select2',
'data-placeholder': _('Select system users')}),
}
class FileForm(forms.Form):
excel = forms.FileField()

15
apps/users/serializers.py
View File

@ -5,7 +5,7 @@ from django.utils.translation import ugettext_lazy as _
from rest_framework import serializers
from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
from common.utils import signer
from common.utils import signer, validate_ssh_public_key
from .models import User, UserGroup
@ -47,16 +47,9 @@ class UserPKUpdateSerializer(serializers.ModelSerializer):
@staticmethod
def validate__public_key(value):
from sshpubkeys import SSHKey
from sshpubkeys.exceptions import InvalidKeyException
ssh = SSHKey(value)
try:
ssh.parse()
except InvalidKeyException as e:
print e
raise serializers.ValidationError(_('Not a valid ssh public key'))
except NotImplementedError as e:
print e
if not validate_ssh_public_key(value):
print('Not a valid key')
print(value)
raise serializers.ValidationError(_('Not a valid ssh public key'))
return value

4
apps/users/templates/users/_user.html
View File

@ -6,7 +6,7 @@
<form method="post" class="form-horizontal" action="" enctype="multipart/form-data">
{% csrf_token %}
<h3>{% trans 'Account' %}</h3>
{% block username %} {% endblock %}
{{ form.username|bootstrap_horizontal }}
{{ form.name|bootstrap_horizontal }}
{{ form.email|bootstrap_horizontal }}
{{ form.groups|bootstrap_horizontal }}
@ -27,7 +27,7 @@
<span class="help-block ">{{ form.date_expired.errors }}</span>
</div>
</div>
{{ form.date_expired|bootstrap_horizontal }}#}
{{ form.date_expired|bootstrap_horizontal }}
<div class="form-group">
<label for="{{ form.enable_otp.id_for_label }}" class="col-sm-2 control-label">{% trans 'Enable OTP' %}</label>
<div class="col-sm-8">

6
apps/users/templates/users/user_create.html
View File

@ -2,9 +2,9 @@
{% load i18n %}
{% load bootstrap %}
{% block user_template_title %}{% trans "Create user" %}{% endblock %}
{% block username %}
{{ form.username|bootstrap_horizontal }}
{% endblock %}
{#{% block username %}#}
{# {{ form.username|bootstrap_horizontal }}#}
{#{% endblock %}#}
{% block password %}
<h3>{% trans 'Password' %}</h3>
<div class="form-group">

16
apps/users/templates/users/user_detail.html
View File

@ -225,7 +225,7 @@
jumpserver.selected_groups = {};
function updateUserGroups(user_groups) {
{# var the_url = "{% url 'users:group-user-edit-api' pk=user.id %}";#}
var the_url = "{% url 'users:group-user-edit-api' pk=user.id %}";
var body = {
id: {{ user.id }},
groups: Object.assign([], user_groups)
@ -313,10 +313,11 @@ $(document).ready(function() {
var user_groups = $('.bdg_user_group').map(function() {
return $(this).data('gid');
}).get();
console.log(user_groups);
updateUserGroups(user_groups)
}).on('click', '#btn_reset_password', function() {
function doReset() {
var the_url = '{% url "users:user-reset-password-api" pk=user.id %}';
var the_url = '{% url "users:api-user-reset-password" pk=user.id %}';
var body = {};
var success = function() {
var msg = "{% trans "An e-mail has been sent to the user\'s mailbox." %}";
@ -341,7 +342,7 @@ $(document).ready(function() {
});
}).on('click', '#btn_reset_pk', function() {
function doReset() {
{# var the_url = '{% url "users:user-reset-pk-api" pk=user.id %}';#}
var the_url = '{% url "users:api-user-reset-pk" pk=user.id %}';
var body = {};
var success = function() {
var msg = "{% trans 'The reset-ssh-public-key E-mail has been sent successfully. Please inform the user to update his new ssh public key.' %}";
@ -349,7 +350,7 @@ $(document).ready(function() {
};
APIUpdateAttr({
url: the_url,
body: JSON.stringify(body),
body: body,
success: success
});
}
@ -367,7 +368,7 @@ $(document).ready(function() {
}).on('click', '#btn_user_update_pk', function(){
var $this = $(this);
var pk = $('#txt_pk').val();
{# var the_url = '{% url "users:user-update-pk-api" pk=user.id %}';#}
var the_url = '{% url "users:api-user-update-pk" pk=user.id %}';
var body = {'_public_key': pk};
var success = function() {
$('#txt_pk').val('');
@ -375,8 +376,7 @@ $(document).ready(function() {
var msg = "{% trans 'Successfully updated the SSH public key.' %}";
swal("{% trans 'User SSH Public Key Update' %}", msg, "success");
};
var fail = function() {
var msg = "{% trans 'Failed to update the user\'s SSH public key.' %}";
var fail = function(msg) {
swal({
title: "{% trans 'User SSH Public Key Update' %}",
text: msg,
@ -389,7 +389,7 @@ $(document).ready(function() {
$('#txt_pk').focus();
}
);
}
};
APIUpdateAttr({ url: the_url, body: JSON.stringify(body), success: success, error: fail});
});
</script>

2
apps/users/templates/users/user_list.html
View File

@ -2,8 +2,8 @@
{% load i18n static %}
{% block table_search %}{% endblock %}
{% block table_container %}
<div class="uc pull-left"><a href="javascript:void(0);" class="btn btn-sm btn-primary" data-toggle="modal" data-target="#user_import_modal"> {% trans "Import user" %} </a></div>
<div class="uc pull-left m-l-5 m-r-5"><a href="{% url "users:user-create" %}" class="btn btn-sm btn-primary"> {% trans "Create user" %} </a></div>
<div class="uc pull-left"><a href="javascript:void(0);" class="btn btn-sm btn-primary" data-toggle="modal" data-target="#user_import_modal"> {% trans "Import user" %} </a></div>
<table class="table table-striped table-bordered table-hover " id="user_list_table" >
<thead>
<tr>

16
apps/users/templates/users/user_update.html
View File

@ -1,14 +1,14 @@
{% extends 'users/_user.html' %}
{% load i18n %}
{% block user_template_title %}{% trans "Update user" %}{% endblock %}
{% block username %}
<div class="form-group">
<label for="{{ form.username.id_for_label }}" class="col-sm-2 control-label">{% trans 'Username' %}</label>
<div class="col-sm-9 controls" >
<input id="{{ form.username.id_for_label }}" name="{{ form.username.html_name }}" type="text" value="{{ user_object.username }}" readonly class="form-control">
</div>
</div>
{% endblock %}
{#{% block username %}#}
{# <div class="form-group">#}
{# <label for="{{ form.username.id_for_label }}" class="col-sm-2 control-label">{% trans 'Username' %}</label>#}
{# <div class="col-sm-9 controls" >#}
{# <input id="{{ form.username.id_for_label }}" name="{{ form.username.html_name }}" type="text" value="{{ user_object.username }}" readonly class="form-control">#}
{# </div>#}
{# </div>#}
{#{% endblock %}#}
{% block password %}
<h3>{% trans 'Password' %}</h3>
<div class="form-group">

12
apps/users/urls.py
View File

@ -44,16 +44,16 @@ router.register(r'v1/users', api.UserViewSet, 'api-user')
urlpatterns += [
# url(r'^v1/users/$', api.UserListUpdateApi.as_view(), name='user-bulk-update-api'),
url(r'^v1/users/token/$', api.UserAuthApi.as_view(), name='user-token-api'),
url(r'^v1/users/(?P<pk>\d+)/reset-password/$', api.UserResetPasswordApi.as_view(), name='user-reset-password-api'),
# url(r'^v1/users/(?P<pk>\d+)/reset-pk/$', api.UserResetPKApi.as_view(), name='user-reset-pk-api'),
# url(r'^v1/users/(?P<pk>\d+)/update-pk/$', api.UserUpdatePKApi.as_view(), name='user-update-pk-api'),
url(r'^v1/users/token/$', api.UserAuthApi.as_view(), name='api-user-token'),
url(r'^v1/users/(?P<pk>\d+)/reset-password/$', api.UserResetPasswordApi.as_view(), name='api-user-reset-password'),
url(r'^v1/users/(?P<pk>\d+)/reset-pk/$', api.UserResetPKApi.as_view(), name='api-user-reset-pk'),
url(r'^v1/users/(?P<pk>\d+)/update-pk/$', api.UserUpdatePKApi.as_view(), name='api-user-update-pk'),
# url(r'^v1/user-groups/$', api.GroupListUpdateApi.as_view(), name='user-group-bulk-update-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/$', api.GroupDetailApi.as_view(), name='user-group-detail-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/user/(?P<uid>\d+)/$',
# api.DeleteUserFromGroupApi.as_view(), name='delete-user-from-group-api'),
# url(r'^v1/user-groups/(?P<pk>\d+)/users/$',
# api.UserAndGroupEditApi.as_view(), name='group-user-edit-api'),
url(r'^v1/users/(?P<pk>\d+)/groups/$',
api.UserAndGroupEditApi.as_view(), name='group-user-edit-api'),
]
urlpatterns += router.urls

3
apps/users/utils.py
View File

@ -34,9 +34,6 @@ class AdminUserRequiredMixin(UserPassesTestMixin):
return self.request.user.is_staff
def user_add_success_next(user):
subject = _('Create account successfully')
recipient_list = [user.email]

27
apps/users/views.py
View File

@ -27,10 +27,9 @@ from formtools.wizard.views import SessionWizardView
from common.mixins import JSONResponseMixin
from common.utils import get_object_or_none, get_logger
from .models import User, UserGroup
from .forms import UserCreateForm, UserUpdateForm, UserGroupForm, UserLoginForm, UserInfoForm, UserKeyForm, \
UserPrivateAssetPermissionForm, UserBulkImportForm
from .utils import AdminUserRequiredMixin, user_add_success_next, send_reset_password_mail
from .hands import AssetPermission, get_user_granted_asset_groups, get_user_granted_assets
from . import forms
logger = get_logger(__name__)
@ -41,7 +40,7 @@ logger = get_logger(__name__)
@method_decorator(never_cache, name='dispatch')
class UserLoginView(FormView):
template_name = 'users/login.html'
form_class = UserLoginForm
form_class = forms.UserLoginForm
redirect_field_name = 'next'
def get(self, request, *args, **kwargs):
@ -92,7 +91,7 @@ class UserListView(AdminUserRequiredMixin, TemplateView):
class UserCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
model = User
form_class = UserCreateForm
form_class = forms.UserCreateUpdateForm
template_name = 'users/user_create.html'
success_url = reverse_lazy('users:user-list')
success_message = _('Create user <a href="%s">%s</a> successfully.')
@ -118,7 +117,7 @@ class UserCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
class UserUpdateView(AdminUserRequiredMixin, UpdateView):
model = User
form_class = UserUpdateForm
form_class = forms.UserCreateUpdateForm
template_name = 'users/user_update.html'
context_object_name = 'user_object'
success_url = reverse_lazy('users:user-list')
@ -162,7 +161,7 @@ class UserGroupListView(AdminUserRequiredMixin, TemplateView):
class UserGroupCreateView(AdminUserRequiredMixin, CreateView):
model = UserGroup
form_class = UserGroupForm
form_class = forms.UserGroupForm
template_name = 'users/user_group_create.html'
success_url = reverse_lazy('users:user-group-list')
@ -184,7 +183,7 @@ class UserGroupCreateView(AdminUserRequiredMixin, CreateView):
class UserGroupUpdateView(AdminUserRequiredMixin, UpdateView):
model = UserGroup
form_class = UserGroupForm
form_class = forms.UserGroupForm
template_name = 'users/user_group_create.html'
success_url = reverse_lazy('users:user-group-list')
@ -294,7 +293,7 @@ class UserResetPasswordView(TemplateView):
class UserFirstLoginView(LoginRequiredMixin, SessionWizardView):
template_name = 'users/first_login.html'
form_list = [UserInfoForm, UserKeyForm]
form_list = [forms.UserInfoForm, forms.UserKeyForm]
file_storage = default_storage
def dispatch(self, request, *args, **kwargs):
@ -346,7 +345,7 @@ class UserAssetPermissionView(AdminUserRequiredMixin, FormMixin, SingleObjectMix
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
template_name = 'users/user_asset_permission.html'
context_object_name = 'user_object'
form_class = UserPrivateAssetPermissionForm
form_class = forms.UserPrivateAssetPermissionForm
def get(self, request, *args, **kwargs):
self.object = self.get_object(queryset=User.objects.all())
@ -379,7 +378,7 @@ class UserAssetPermissionView(AdminUserRequiredMixin, FormMixin, SingleObjectMix
class UserAssetPermissionCreateView(AdminUserRequiredMixin, CreateView):
form_class = UserPrivateAssetPermissionForm
form_class = forms.UserPrivateAssetPermissionForm
model = AssetPermission
def get(self, request, *args, **kwargs):
@ -432,12 +431,8 @@ class UserGrantedAssetView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
return super(UserGrantedAssetView, self).get_context_data(**kwargs)
class FileForm(forms.Form):
excel = forms.FileField()
class BulkImportUserView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
form_class = FileForm
form_class = forms.FileForm
def form_invalid(self, form):
try:
@ -478,7 +473,7 @@ class BulkImportUserView(AdminUserRequiredMixin, JSONResponseMixin, FormView):
'enable_otp': True if enable_otp in ['T', '1', 1, True] else False,
'role': role
}
form = UserBulkImportForm(data, auto_id=False)
form = forms.UserBulkImportForm(data, auto_id=False)
if form.is_valid():
form.save()
else:

1
run_server.py
View File

@ -28,6 +28,7 @@ def start_django():
def start_celery():
os.chdir(apps_dir)
os.environ.setdefault('C_FORCE_ROOT', '1')
print('start celery')
subprocess.call('celery -A common worker -l info', shell=True)