diff --git a/apps/terminal/api.py b/apps/terminal/api.py index b26f1775a..62257e116 100644 --- a/apps/terminal/api.py +++ b/apps/terminal/api.py @@ -3,66 +3,55 @@ from django.core.cache import cache from django.conf import settings +import copy from rest_framework.generics import ListCreateAPIView, RetrieveUpdateDestroyAPIView from rest_framework import viewsets from rest_framework.views import APIView, Response from rest_framework.permissions import AllowAny +from rest_framework.decorators import api_view -from common.utils import signer, get_object_or_none from .models import Terminal, TerminalHeatbeat from .serializers import TerminalSerializer, TerminalHeatbeatSerializer from .hands import IsSuperUserOrAppUser, User +from common.utils import get_object_or_none -class TerminalRegister(ListCreateAPIView): +class TerminalRegisterView(ListCreateAPIView): queryset = Terminal.objects.all() serializer_class = TerminalSerializer permission_classes = (AllowAny,) def create(self, request, *args, **kwargs): - name = signer.unsign(request.data.get('name', '')) - remote_addr = request.Meta.get('REMOTE_ADDR') - serializer = self.serializer_class({'name': name, 'remote_addr': remote_addr}) - + name = request.data.get('name', '') + remote_addr = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR') + serializer = self.serializer_class(data={'name': name, 'remote_addr': remote_addr}) + + if get_object_or_none(Terminal, name=name): + return Response({'msg': 'Registed, Need admin active it'}, status=200) + + if serializer.is_valid(): + terminal = serializer.save() + app_user, access_key = terminal.create_related_app_user() + data = {} + data['terminal'] = copy.deepcopy(serializer.data) + data['user'] = app_user.to_json() + data['access_key_id'] = access_key.id + data['access_key_secret'] = access_key.secret + return Response(data, status=201) + else: + return Response(serializer.errors, status=400) + def list(self, request, *args, **kwargs): + return Response('', status=404) class TerminalViewSet(viewsets.ModelViewSet): queryset = Terminal.objects.all() serializer_class = TerminalSerializer - permission_classes = (AllowAny,) + permission_classes = (IsSuperUserOrAppUser,) def create(self, request, *args, **kwargs): - name = signer.unsign(request.data.get('name', '')) - if name: - terminal = get_object_or_none(Terminal, name=name) - if terminal: - data = { - 'data': {'name': name, 'id': terminal.id}, - } - if terminal.is_active: - data['msg'] = 'Success' - return Response(data=data, status=200) - else: - data['msg'] = 'Need admin active this terminal' - return Response(data=data, status=203) - - else: - ip = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR') - terminal = Terminal.objects.create(name=name, ip=ip) - data = { - 'data': {'name': name, 'id': terminal.id}, - 'msg': 'Need admin active this terminal', - } - return Response(data=data, status=201) - else: - return Response(data={'msg': 'Secrete key invalid'}, status=401) - - -class TerminalHeatbeatApi(ListCreateAPIView): - queryset = TerminalHeatbeat.objects.all() - serializer_class = TerminalHeatbeatSerializer - permission_classes = (IsSuperUserOrAppUser,) + return Response({'msg': 'Use register view except that'}, status=404) class TerminalHeatbeatViewSet(viewsets.ModelViewSet): diff --git a/apps/terminal/models.py b/apps/terminal/models.py index 07166e6b1..b38f48ad3 100644 --- a/apps/terminal/models.py +++ b/apps/terminal/models.py @@ -13,9 +13,9 @@ class Terminal(models.Model): ) name = models.CharField(max_length=30, unique=True, verbose_name=_('Name')) remote_addr = models.GenericIPAddressField(verbose_name=_('Remote address'), blank=True, null=True) - type = models.CharField(choices=TYPE_CHOICES, max_length=2, verbose_name=_('Terminal type')) + type = models.CharField(choices=TYPE_CHOICES, max_length=2, blank=True, verbose_name=_('Terminal type')) user = models.OneToOneField(User, verbose_name='Application user', null=True) - url = models.CharField(max_length=100, verbose_name=_('URL to login')) + url = models.CharField(max_length=100, blank=True, verbose_name=_('URL to login')) date_created = models.DateTimeField(auto_now_add=True) comment = models.TextField(blank=True, verbose_name=_('Comment')) @@ -39,11 +39,16 @@ class Terminal(models.Model): return False @is_accepted.setter - def is_accepted(self, accepted): - if accepted: - user = User.create_app_user(name=self.name, comment=self.comment) - self.user = user - self.save() + def is_accepted(self, active): + if active is True and self.user: + self.user.is_active = True + self.user.save() + + def create_related_app_user(self): + user, access_key = User.create_app_user(name=self.name, comment=self.comment) + self.user = user + self.save() + return user, access_key @property def is_superuser(self): diff --git a/apps/terminal/serializers.py b/apps/terminal/serializers.py index 60b5c6c26..56843635d 100644 --- a/apps/terminal/serializers.py +++ b/apps/terminal/serializers.py @@ -14,7 +14,7 @@ class TerminalSerializer(serializers.ModelSerializer): class Meta: model = Terminal - fields = ['id', 'name', 'ip', 'type', 'url', 'comment', + fields = ['id', 'name', 'remote_addr', 'type', 'url', 'comment', 'is_active', 'get_type_display', 'proxy_online', 'is_alive'] @staticmethod diff --git a/apps/terminal/urls.py b/apps/terminal/urls.py deleted file mode 100644 index b083b224f..000000000 --- a/apps/terminal/urls.py +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# - -from django.conf.urls import url -from rest_framework import routers - -import views -import api - -app_name = 'terminal' - -urlpatterns = [ - url(r'^terminal$', views.TerminalListView.as_view(), name='terminal-list'), - url(r'^terminal/(?P\d+)/update$', views.TerminalUpdateView.as_view(), name='terminal-update'), -] - -router = routers.DefaultRouter() -router.register(r'v1/terminal/heatbeat', api.TerminalHeatbeatViewSet, 'terminal-heatbeat') -router.register(r'v1/terminal', api.TerminalViewSet, 'terminal') -# urlpatterns += [ -# url(r'v1/terminal/heatbeat/', api.TerminalHeatbeatApi.as_view(), name='api-terminal-heatbeat') -# ] - -urlpatterns += router.urls diff --git a/apps/terminal/urls/api_urls.py b/apps/terminal/urls/api_urls.py index 316e67e1e..96de101b4 100644 --- a/apps/terminal/urls/api_urls.py +++ b/apps/terminal/urls/api_urls.py @@ -2,6 +2,7 @@ # -*- coding: utf-8 -*- # +from django.conf.urls import url from rest_framework import routers from .. import api @@ -12,5 +13,8 @@ router = routers.DefaultRouter() router.register(r'v1/terminal/heatbeat', api.TerminalHeatbeatViewSet, 'terminal-heatbeat') router.register(r'v1/terminal', api.TerminalViewSet, 'terminal') -urlpatterns = router.urls +urlpatterns = [ + url(r'v1/register$', api.TerminalRegisterView.as_view(), name='api-terminal-register') +] +urlpatterns += router.urls \ No newline at end of file diff --git a/apps/users/models/user.py b/apps/users/models/user.py index c97bf922b..7da0383f6 100644 --- a/apps/users/models/user.py +++ b/apps/users/models/user.py @@ -180,11 +180,11 @@ class User(AbstractUser): def create_app_user(cls, name, comment): from . import AccessKey domain_name = settings.CONFIG.DOMAIN_NAME or 'jumpserver.org' - app = cls.objects.create(username=name, name=name, email='%s@%s' % (name, domain_name), + app = cls.objects.create(username=name, name=name, email='%s@%s' % (name, domain_name), is_active=False, role='App', enable_otp=False, comment=comment, is_first_login=False, created_by='System') - AccessKey.objects.create(user=app) - return app + access_key = AccessKey.objects.create(user=app) + return app, access_key @classmethod def validate_reset_token(cls, token):