diff --git a/apps/authentication/serializers/__init__.py b/apps/authentication/serializers/__init__.py index 65994a58c..d6e1671cf 100644 --- a/apps/authentication/serializers/__init__.py +++ b/apps/authentication/serializers/__init__.py @@ -1,4 +1,5 @@ -from .token import * +from .confirm import * +from .connect_token_secret import * from .connection_token import * from .password_mfa import * -from .confirm import * +from .token import * diff --git a/apps/authentication/serializers/connect_token_secret.py b/apps/authentication/serializers/connect_token_secret.py new file mode 100644 index 000000000..dd8804ac7 --- /dev/null +++ b/apps/authentication/serializers/connect_token_secret.py @@ -0,0 +1,105 @@ +from django.utils.translation import ugettext_lazy as _ +from rest_framework import serializers + +from acls.models import CommandGroup +from assets.models import Asset, Account, Platform +from assets.serializers import PlatformSerializer, AssetProtocolsSerializer +from authentication.models import ConnectionToken +from orgs.mixins.serializers import OrgResourceModelSerializerMixin +from perms.serializers.permission import ActionChoicesField +from users.models import User + +__all__ = [ + 'ConnectionTokenSecretSerializer', +] + + +class _ConnectionTokenUserSerializer(serializers.ModelSerializer): + class Meta: + model = User + fields = ['id', 'name', 'username', 'email'] + + +class _ConnectionTokenAssetSerializer(serializers.ModelSerializer): + protocols = AssetProtocolsSerializer(many=True, required=False, label=_('Protocols')) + + class Meta: + model = Asset + fields = [ + 'id', 'name', 'address', 'protocols', + 'category', 'type', 'org_id', 'specific' + ] + + +class _SimpleAccountSerializer(serializers.ModelSerializer): + """ Account """ + + class Meta: + model = Account + fields = ['name', 'username', 'secret_type', 'secret'] + + +class _ConnectionTokenAccountSerializer(serializers.ModelSerializer): + """ Account """ + su_from = _SimpleAccountSerializer(required=False, label=_('Su from')) + + class Meta: + model = Account + fields = [ + 'name', 'username', 'secret_type', 'secret', 'su_from', + ] + + +class _ConnectionTokenGatewaySerializer(serializers.ModelSerializer): + """ Gateway """ + + class Meta: + model = Asset + fields = [ + 'id', 'address', 'port', + # 'username', 'password', 'private_key' + ] + + +class _ConnectionTokenACLCmdGroupSerializer(serializers.ModelSerializer): + """ ACL command group""" + + class Meta: + model = CommandGroup + fields = [ + 'id', 'type', 'content', 'ignore_case', 'pattern' + ] + + +class _ConnectionTokenPlatformSerializer(PlatformSerializer): + class Meta(PlatformSerializer.Meta): + model = Platform + + def get_field_names(self, declared_fields, info): + names = super().get_field_names(declared_fields, info) + names = [n for n in names if n not in ['automation']] + return names + + +class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin): + user = _ConnectionTokenUserSerializer(read_only=True) + asset = _ConnectionTokenAssetSerializer(read_only=True) + account = _ConnectionTokenAccountSerializer(read_only=True) + gateway = _ConnectionTokenGatewaySerializer(read_only=True) + platform = _ConnectionTokenPlatformSerializer(read_only=True) + acl_command_groups = _ConnectionTokenACLCmdGroupSerializer(read_only=True, many=True) + actions = ActionChoicesField() + expire_at = serializers.IntegerField() + expire_now = serializers.BooleanField(label=_('Expired now'), write_only=True, default=True) + connect_method = serializers.CharField(label=_('Connect method'), write_only=True, default='ssh') + + class Meta: + model = ConnectionToken + fields = [ + 'id', 'value', 'user', 'asset', 'account', + 'platform', 'acl_command_groups', 'protocol', + 'gateway', 'actions', 'expire_at', 'expire_now', + ] + extra_kwargs = { + 'value': {'read_only': True}, + } diff --git a/apps/authentication/serializers/connection_token.py b/apps/authentication/serializers/connection_token.py index 3fefbb5af..dddcd0866 100644 --- a/apps/authentication/serializers/connection_token.py +++ b/apps/authentication/serializers/connection_token.py @@ -1,17 +1,11 @@ from django.utils.translation import ugettext_lazy as _ from rest_framework import serializers -from assets.models import Asset, CommandFilterRule, Account, Platform -from acls.models import CommandGroup -from assets.serializers import PlatformSerializer, AssetProtocolsSerializer from authentication.models import ConnectionToken from orgs.mixins.serializers import OrgResourceModelSerializerMixin -from perms.serializers.permission import ActionChoicesField -from users.models import User __all__ = [ - 'ConnectionTokenSerializer', 'ConnectionTokenSecretSerializer', - 'SuperConnectionTokenSerializer', 'ConnectionTokenDisplaySerializer' + 'ConnectionTokenSerializer', 'SuperConnectionTokenSerializer', ] @@ -22,11 +16,9 @@ class ConnectionTokenSerializer(OrgResourceModelSerializerMixin): model = ConnectionToken fields_mini = ['id', 'value'] fields_small = fields_mini + [ - 'user', 'asset', 'account_name', - 'input_username', 'input_secret', - 'connect_method', 'protocol', - 'actions', 'date_expired', 'date_created', - 'date_updated', 'created_by', + 'user', 'asset', 'account_name', 'input_username', + 'input_secret', 'connect_method', 'protocol', 'actions', + 'date_expired', 'date_created', 'date_updated', 'created_by', 'updated_by', 'org_id', 'org_name', ] read_only_fields = [ @@ -48,121 +40,9 @@ class ConnectionTokenSerializer(OrgResourceModelSerializerMixin): return self.get_request_user() -class ConnectionTokenDisplaySerializer(ConnectionTokenSerializer): - class Meta(ConnectionTokenSerializer.Meta): - extra_kwargs = { - 'secret': {'write_only': True}, - } - - -# -# SuperConnectionTokenSerializer -# - - class SuperConnectionTokenSerializer(ConnectionTokenSerializer): class Meta(ConnectionTokenSerializer.Meta): - read_only_fields = [ - 'validity', 'user_display', 'system_user_display', - 'asset_display', 'application_display', - ] + pass def get_user(self, attrs): return attrs.get('user') or self.get_request_user() - - -# -# Connection Token Secret -# - - -class ConnectionTokenUserSerializer(serializers.ModelSerializer): - """ User """ - - class Meta: - model = User - fields = ['id', 'name', 'username', 'email'] - - -class ConnectionTokenAssetSerializer(serializers.ModelSerializer): - """ Asset """ - protocols = AssetProtocolsSerializer(many=True, required=False, label=_('Protocols')) - - class Meta: - model = Asset - fields = [ - 'id', 'name', 'address', 'protocols', 'category', 'type', 'org_id', 'specific' - ] - - -class SimpleAccountSerializer(serializers.ModelSerializer): - """ Account """ - - class Meta: - model = Account - fields = ['name', 'username', 'secret_type', 'secret'] - - -class ConnectionTokenAccountSerializer(serializers.ModelSerializer): - """ Account """ - su_from = SimpleAccountSerializer(required=False, label=_('Su from')) - - class Meta: - model = Account - fields = [ - 'name', 'username', 'secret_type', 'secret', 'su_from', - ] - - -class ConnectionTokenGatewaySerializer(serializers.ModelSerializer): - """ Gateway """ - - class Meta: - model = Asset - fields = [ - 'id', 'address', 'port', - # 'username', 'password', 'private_key' - ] - - -class ConnectionTokenACLCmdGroupSerializer(serializers.ModelSerializer): - """ ACL command group""" - - class Meta: - model = CommandGroup - fields = [ - 'id', 'type', 'content', 'ignore_case', 'pattern' - ] - - -class ConnectionTokenPlatform(PlatformSerializer): - class Meta(PlatformSerializer.Meta): - model = Platform - - def get_field_names(self, declared_fields, info): - names = super().get_field_names(declared_fields, info) - names = [n for n in names if n not in ['automation']] - return names - - -class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin): - user = ConnectionTokenUserSerializer(read_only=True) - asset = ConnectionTokenAssetSerializer(read_only=True) - account = ConnectionTokenAccountSerializer(read_only=True) - gateway = ConnectionTokenGatewaySerializer(read_only=True) - platform = ConnectionTokenPlatform(read_only=True) - acl_command_groups = ConnectionTokenACLCmdGroupSerializer(read_only=True, many=True) - actions = ActionChoicesField() - expire_at = serializers.IntegerField() - expire_now = serializers.BooleanField(label=_('Expired now'), write_only=True, default=True) - - class Meta: - model = ConnectionToken - fields = [ - 'id', 'value', 'user', 'asset', 'account', 'platform', - 'acl_command_groups', - 'protocol', 'gateway', 'actions', 'expire_at', 'expire_now', - ] - extra_kwargs = { - 'value': {'read_only': True}, - } diff --git a/apps/terminal/serializers/terminal.py b/apps/terminal/serializers/terminal.py index f7f935f50..340a0b0f7 100644 --- a/apps/terminal/serializers/terminal.py +++ b/apps/terminal/serializers/terminal.py @@ -139,5 +139,5 @@ class ConnectMethodSerializer(serializers.Serializer): value = serializers.CharField(max_length=128) label = serializers.CharField(max_length=128) type = serializers.CharField(max_length=128) - listen = serializers.CharField(max_length=128) + endpoint_protocol = serializers.CharField(max_length=128) component = serializers.CharField(max_length=128)