diff --git a/apps/assets/forms/domain.py b/apps/assets/forms/domain.py index 5a88a1dd7..90db16fd0 100644 --- a/apps/assets/forms/domain.py +++ b/apps/assets/forms/domain.py @@ -64,7 +64,7 @@ class GatewayForm(PasswordAndKeyAuthForm, OrgModelForm): model = Gateway fields = [ 'name', 'ip', 'port', 'username', 'protocol', 'domain', 'password', - 'private_key_file', 'is_active', 'comment', + 'private_key', 'is_active', 'comment', ] help_texts = { 'protocol': _("SSH gateway support proxy SSH,RDP,VNC") diff --git a/apps/assets/forms/user.py b/apps/assets/forms/user.py index 34a9e3c52..b0096c2f0 100644 --- a/apps/assets/forms/user.py +++ b/apps/assets/forms/user.py @@ -26,39 +26,39 @@ class PasswordAndKeyAuthForm(forms.ModelForm): label=_("Password"), ) # Need use upload private key file except paste private key content - private_key_file = forms.FileField(required=False, label=_("Private key")) + private_key = forms.FileField(required=False, label=_("Private key")) - def clean_private_key_file(self): - private_key_file = self.cleaned_data['private_key_file'] + def clean_private_key(self): + private_key_f = self.cleaned_data['private_key'] password = self.cleaned_data['password'] - if private_key_file: - key_string = private_key_file.read() - private_key_file.seek(0) + if private_key_f: + key_string = private_key_f.read() + private_key_f.seek(0) key_string = key_string.decode() if not validate_ssh_private_key(key_string, password): msg = _('Invalid private key, Only support ' 'RSA/DSA format key') raise forms.ValidationError(msg) - return private_key_file + return private_key_f def validate_password_key(self): password = self.cleaned_data['password'] - private_key_file = self.cleaned_data.get('private_key_file', '') + private_key_f = self.cleaned_data.get('private_key', '') - if not password and not private_key_file: + if not password and not private_key_f: raise forms.ValidationError(_( 'Password and private key file must be input one' )) def gen_keys(self): password = self.cleaned_data.get('password', '') or None - private_key_file = self.cleaned_data['private_key_file'] + private_key_f = self.cleaned_data['private_key'] public_key = private_key = None - if private_key_file: - private_key = private_key_file.read().strip().decode('utf-8') + if private_key_f: + private_key = private_key_f.read().strip().decode('utf-8') public_key = ssh_pubkey_gen(private_key=private_key, password=password) return private_key, public_key @@ -69,7 +69,7 @@ class AdminUserForm(PasswordAndKeyAuthForm): class Meta: model = AdminUser - fields = ['name', 'username', 'password', 'private_key_file', 'comment'] + fields = ['name', 'username', 'password', 'private_key', 'comment'] widgets = { 'name': forms.TextInput(attrs={'placeholder': _('Name')}), 'username': forms.TextInput(attrs={'placeholder': _('Username')}), @@ -87,7 +87,7 @@ class SystemUserForm(OrgModelForm, PasswordAndKeyAuthForm): model = SystemUser fields = [ 'name', 'username', 'protocol', 'auto_generate_key', - 'password', 'private_key_file', 'auto_push', 'sudo', + 'password', 'private_key', 'auto_push', 'sudo', 'comment', 'shell', 'priority', 'login_mode', 'cmd_filters', ] widgets = { diff --git a/apps/assets/serializers/base.py b/apps/assets/serializers/base.py index 257bb95ab..5e853219b 100644 --- a/apps/assets/serializers/base.py +++ b/apps/assets/serializers/base.py @@ -40,6 +40,10 @@ class AuthSerializerMixin: def validate_private_key(self, private_key): if not private_key: return + if 'OPENSSH' in private_key: + msg = _("Not support openssh format key, using " + "ssh-keygen -t rsa -m pem to generate") + raise serializers.ValidationError(msg) password = self.initial_data.get("password") valid = validate_ssh_private_key(private_key, password) if not valid: diff --git a/apps/assets/templates/assets/_system_user.html b/apps/assets/templates/assets/_system_user.html index 5cc3e04ba..1f34f3f55 100644 --- a/apps/assets/templates/assets/_system_user.html +++ b/apps/assets/templates/assets/_system_user.html @@ -53,7 +53,7 @@