From 48239b0c638ece0f6ab461c50f85ebffaa2429cb Mon Sep 17 00:00:00 2001 From: ewall555 Date: Fri, 9 May 2025 17:21:27 +0800 Subject: [PATCH] feat: Set the default expiration days for adding user and asset permissions --- apps/common/utils/django.py | 13 +++++++++++++ apps/jumpserver/conf.py | 2 ++ apps/jumpserver/settings/custom.py | 4 +++- apps/perms/models/asset_permission.py | 4 ++-- apps/settings/serializers/public.py | 3 +++ apps/users/models/user.py | 4 ++-- 6 files changed, 25 insertions(+), 5 deletions(-) diff --git a/apps/common/utils/django.py b/apps/common/utils/django.py index fc692bc15..2747eb89a 100644 --- a/apps/common/utils/django.py +++ b/apps/common/utils/django.py @@ -51,6 +51,19 @@ def date_expired_default(): years = 70 return timezone.now() + timezone.timedelta(days=365 * years) +def user_date_expired_default(): + try: + days = int(settings.USER_DEFAULT_EXPIRED_DAYS) + except TypeError: + days = 25550 + return timezone.now() + timezone.timedelta(days=days) + +def asset_permission_date_expired_default(): + try: + days = int(settings.ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS) + except TypeError: + days = 25550 + return timezone.now() + timezone.timedelta(days=days) def union_queryset(*args, base_queryset=None): if len(args) == 1: diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index 0791e85ae..d58b98cc3 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -229,6 +229,8 @@ class Config(dict): 'TOKEN_EXPIRATION': 3600 * 24, 'DEFAULT_EXPIRED_YEARS': 70, + 'USER_DEFAULT_EXPIRED_DAYS': 25550, + 'ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS': 25550, 'SESSION_COOKIE_DOMAIN': None, 'CSRF_COOKIE_DOMAIN': None, 'SESSION_COOKIE_NAME_PREFIX': None, diff --git a/apps/jumpserver/settings/custom.py b/apps/jumpserver/settings/custom.py index ae903a629..645ee3d8d 100644 --- a/apps/jumpserver/settings/custom.py +++ b/apps/jumpserver/settings/custom.py @@ -117,7 +117,9 @@ EMAIL_CUSTOM_USER_CREATED_BODY = CONFIG.EMAIL_CUSTOM_USER_CREATED_BODY EMAIL_CUSTOM_USER_CREATED_SIGNATURE = CONFIG.EMAIL_CUSTOM_USER_CREATED_SIGNATURE DISPLAY_PER_PAGE = CONFIG.DISPLAY_PER_PAGE -DEFAULT_EXPIRED_YEARS = 70 +DEFAULT_EXPIRED_YEARS = CONFIG.DEFAULT_EXPIRED_YEARS +USER_DEFAULT_EXPIRED_DAYS = CONFIG.USER_DEFAULT_EXPIRED_DAYS +ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS = CONFIG.ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS USER_GUIDE_URL = CONFIG.USER_GUIDE_URL HTTP_LISTEN_PORT = CONFIG.HTTP_LISTEN_PORT WS_LISTEN_PORT = CONFIG.WS_LISTEN_PORT diff --git a/apps/perms/models/asset_permission.py b/apps/perms/models/asset_permission.py index d8c7026e5..657b459a9 100644 --- a/apps/perms/models/asset_permission.py +++ b/apps/perms/models/asset_permission.py @@ -8,7 +8,7 @@ from django.utils.translation import gettext_lazy as _ from accounts.const import AliasAccount from accounts.models import Account from assets.models import Asset -from common.utils import date_expired_default, lazyproperty +from common.utils import asset_permission_date_expired_default, lazyproperty from common.utils.timezone import local_now from labels.mixins import LabeledMixin from orgs.mixins.models import JMSOrgBaseModel @@ -77,7 +77,7 @@ class AssetPermission(LabeledMixin, JMSOrgBaseModel): actions = models.IntegerField(default=ActionChoices.connect, verbose_name=_("Actions")) date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start")) date_expired = models.DateTimeField( - default=date_expired_default, db_index=True, verbose_name=_('Date expired') + default=asset_permission_date_expired_default, db_index=True, verbose_name=_('Date expired') ) is_active = models.BooleanField(default=True, verbose_name=_('Active')) from_ticket = models.BooleanField(default=False, verbose_name=_('From ticket')) diff --git a/apps/settings/serializers/public.py b/apps/settings/serializers/public.py index 5068dcef5..bad2455ba 100644 --- a/apps/settings/serializers/public.py +++ b/apps/settings/serializers/public.py @@ -64,6 +64,9 @@ class PrivateSettingSerializer(PublicSettingSerializer): GPT_MODEL = serializers.CharField() FILE_UPLOAD_SIZE_LIMIT_MB = serializers.IntegerField() + DEFAULT_EXPIRED_YEARS = serializers.IntegerField() + USER_DEFAULT_EXPIRED_DAYS = serializers.IntegerField() + ASSET_PERMISSION_DEFAULT_EXPIRED_DAYS = serializers.IntegerField() class ServerInfoSerializer(serializers.Serializer): CURRENT_TIME = serializers.DateTimeField() diff --git a/apps/users/models/user.py b/apps/users/models/user.py index e2291edfa..a309092db 100644 --- a/apps/users/models/user.py +++ b/apps/users/models/user.py @@ -22,7 +22,7 @@ from rest_framework.exceptions import PermissionDenied from common.db import fields, models as jms_models from common.utils import ( - date_expired_default, get_logger, lazyproperty, + user_date_expired_default, get_logger, lazyproperty, random_string, bulk_create_with_signal ) from labels.mixins import LabeledMixin @@ -868,7 +868,7 @@ class User(AuthMixin, TokenMixin, RoleMixin, MFAMixin, LabeledMixin, JSONFilterM ) is_first_login = models.BooleanField(default=True, verbose_name=_('Is first login')) date_expired = models.DateTimeField( - default=date_expired_default, blank=True, null=True, + default=user_date_expired_default, blank=True, null=True, db_index=True, verbose_name=_('Date expired') ) created_by = models.CharField(max_length=30, default='', blank=True, verbose_name=_('Created by'))