mirror of https://github.com/jumpserver/jumpserver
parent
c86a036ac6
commit
b45b33380c
|
@ -2,6 +2,9 @@
|
|||
#
|
||||
|
||||
from celery import shared_task
|
||||
from ops.celery.decorator import register_as_period_task
|
||||
from django.contrib.sessions.models import Session
|
||||
from django.utils import timezone
|
||||
|
||||
from .utils import write_login_log
|
||||
|
||||
|
@ -9,3 +12,11 @@ from .utils import write_login_log
|
|||
@shared_task
|
||||
def write_login_log_async(*args, **kwargs):
|
||||
write_login_log(*args, **kwargs)
|
||||
|
||||
|
||||
@register_as_period_task(interval=3600*24)
|
||||
@shared_task
|
||||
def clean_django_sessions():
|
||||
Session.objects.filter(expire_date__lt=timezone.now()).delete()
|
||||
|
||||
|
||||
|
|
|
@ -1,106 +0,0 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
import json
|
||||
|
||||
from django.db import models
|
||||
from django import forms
|
||||
from django.utils import six
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.translation import ugettext as _
|
||||
from rest_framework import serializers
|
||||
from .utils import get_signer
|
||||
|
||||
signer = get_signer()
|
||||
|
||||
|
||||
class FormDictField(forms.Field):
|
||||
widget = forms.Textarea
|
||||
|
||||
def to_python(self, value):
|
||||
"""Returns a Python boolean object."""
|
||||
# Explicitly check for the string 'False', which is what a hidden field
|
||||
# will submit for False. Also check for '0', since this is what
|
||||
# RadioSelect will provide. Because bool("True") == bool('1') == True,
|
||||
# we don't need to handle that explicitly.
|
||||
if isinstance(value, six.string_types):
|
||||
value = value.replace("'", '"')
|
||||
try:
|
||||
value = json.loads(value)
|
||||
return value
|
||||
except json.JSONDecodeError:
|
||||
return ValidationError(_("Not a valid json"))
|
||||
else:
|
||||
return ValidationError(_("Not a string type"))
|
||||
|
||||
def validate(self, value):
|
||||
if isinstance(value, ValidationError):
|
||||
raise value
|
||||
if not value and self.required:
|
||||
raise ValidationError(self.error_messages['required'], code='required')
|
||||
|
||||
def has_changed(self, initial, data):
|
||||
# Sometimes data or initial may be a string equivalent of a boolean
|
||||
# so we should run it through to_python first to get a boolean value
|
||||
return self.to_python(initial) != self.to_python(data)
|
||||
|
||||
|
||||
class StringIDField(serializers.Field):
|
||||
def to_representation(self, value):
|
||||
return {"pk": value.pk, "name": value.__str__()}
|
||||
|
||||
|
||||
class StringManyToManyField(serializers.RelatedField):
|
||||
def to_representation(self, value):
|
||||
return value.__str__()
|
||||
|
||||
|
||||
class EncryptMixin:
|
||||
def from_db_value(self, value, expression, connection, context):
|
||||
if value is not None:
|
||||
return signer.unsign(value)
|
||||
return super().from_db_value(self, value, expression, connection, context)
|
||||
|
||||
def get_prep_value(self, value):
|
||||
if value is None:
|
||||
return value
|
||||
return signer.sign(value)
|
||||
|
||||
|
||||
class EncryptTextField(EncryptMixin, models.TextField):
|
||||
description = _("Encrypt field using Secret Key")
|
||||
|
||||
|
||||
class EncryptCharField(EncryptMixin, models.CharField):
|
||||
def __init__(self, *args, **kwargs):
|
||||
kwargs['max_length'] = 2048
|
||||
super().__init__(*args, **kwargs)
|
||||
|
||||
|
||||
class FormEncryptMixin:
|
||||
pass
|
||||
|
||||
|
||||
class FormEncryptCharField(FormEncryptMixin, forms.CharField):
|
||||
pass
|
||||
|
||||
|
||||
class FormEncryptDictField(FormEncryptMixin, FormDictField):
|
||||
pass
|
||||
|
||||
|
||||
class ChoiceDisplayField(serializers.ChoiceField):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(ChoiceDisplayField, self).__init__(*args, **kwargs)
|
||||
self.choice_strings_to_display = {
|
||||
six.text_type(key): value for key, value in self.choices.items()
|
||||
}
|
||||
|
||||
def to_representation(self, value):
|
||||
if value is None:
|
||||
return value
|
||||
return {
|
||||
'value': self.choice_strings_to_values.get(six.text_type(value),
|
||||
value),
|
||||
'display': self.choice_strings_to_display.get(six.text_type(value),
|
||||
value),
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
from .form import *
|
||||
from .model import *
|
||||
from .serializer import *
|
|
@ -0,0 +1,63 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
import json
|
||||
|
||||
from django import forms
|
||||
from django.utils import six
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.translation import ugettext as _
|
||||
from ..utils import get_signer
|
||||
|
||||
signer = get_signer()
|
||||
|
||||
__all__ = [
|
||||
'FormDictField', 'FormEncryptCharField', 'FormEncryptDictField',
|
||||
'FormEncryptMixin',
|
||||
]
|
||||
|
||||
|
||||
class FormDictField(forms.Field):
|
||||
widget = forms.Textarea
|
||||
|
||||
def to_python(self, value):
|
||||
"""Returns a Python boolean object."""
|
||||
# Explicitly check for the string 'False', which is what a hidden field
|
||||
# will submit for False. Also check for '0', since this is what
|
||||
# RadioSelect will provide. Because bool("True") == bool('1') == True,
|
||||
# we don't need to handle that explicitly.
|
||||
if isinstance(value, six.string_types):
|
||||
value = value.replace("'", '"')
|
||||
try:
|
||||
value = json.loads(value)
|
||||
return value
|
||||
except json.JSONDecodeError:
|
||||
return ValidationError(_("Not a valid json"))
|
||||
else:
|
||||
return ValidationError(_("Not a string type"))
|
||||
|
||||
def validate(self, value):
|
||||
if isinstance(value, ValidationError):
|
||||
raise value
|
||||
if not value and self.required:
|
||||
raise ValidationError(self.error_messages['required'], code='required')
|
||||
|
||||
def has_changed(self, initial, data):
|
||||
# Sometimes data or initial may be a string equivalent of a boolean
|
||||
# so we should run it through to_python first to get a boolean value
|
||||
return self.to_python(initial) != self.to_python(data)
|
||||
|
||||
|
||||
class FormEncryptMixin:
|
||||
pass
|
||||
|
||||
|
||||
class FormEncryptCharField(FormEncryptMixin, forms.CharField):
|
||||
pass
|
||||
|
||||
|
||||
class FormEncryptDictField(FormEncryptMixin, FormDictField):
|
||||
pass
|
||||
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,132 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
import json
|
||||
from django.db import models
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from ..utils import get_signer
|
||||
|
||||
|
||||
__all__ = [
|
||||
'JsonMixin', 'JsonDictMixin', 'JsonListMixin', 'JsonTypeMixin',
|
||||
'JsonCharField', 'JsonTextField', 'JsonListCharField', 'JsonListTextField',
|
||||
'JsonDictCharField', 'JsonDictTextField', 'EncryptCharField',
|
||||
'EncryptTextField', 'EncryptMixin',
|
||||
]
|
||||
signer = get_signer()
|
||||
|
||||
|
||||
class JsonMixin:
|
||||
tp = None
|
||||
|
||||
@staticmethod
|
||||
def json_decode(data):
|
||||
try:
|
||||
return json.loads(data)
|
||||
except (TypeError, json.JSONDecodeError):
|
||||
return None
|
||||
|
||||
@staticmethod
|
||||
def json_encode(data):
|
||||
return json.dumps(data)
|
||||
|
||||
def from_db_value(self, value, expression, connection, context):
|
||||
if value is None:
|
||||
return value
|
||||
return self.json_decode(value)
|
||||
|
||||
def to_python(self, value):
|
||||
if value is None:
|
||||
return value
|
||||
|
||||
if not isinstance(value, str) or not value.startswith('"'):
|
||||
return value
|
||||
else:
|
||||
return self.json_decode(value)
|
||||
|
||||
def get_prep_value(self, value):
|
||||
if value is None:
|
||||
return value
|
||||
return self.json_encode(value)
|
||||
|
||||
|
||||
class JsonTypeMixin(JsonMixin):
|
||||
tp = dict
|
||||
|
||||
def from_db_value(self, value, expression, connection, context):
|
||||
value = super().from_db_value(value, expression, connection, context)
|
||||
if not isinstance(value, self.tp):
|
||||
value = self.tp()
|
||||
return value
|
||||
|
||||
def to_python(self, value):
|
||||
data = super().to_python(value)
|
||||
if not isinstance(data, self.tp):
|
||||
data = self.tp()
|
||||
return data
|
||||
|
||||
def get_prep_value(self, value):
|
||||
if not isinstance(value, self.tp):
|
||||
value = self.tp()
|
||||
return self.json_encode(value)
|
||||
|
||||
|
||||
class JsonDictMixin(JsonTypeMixin):
|
||||
tp = dict
|
||||
|
||||
|
||||
class JsonDictCharField(JsonDictMixin, models.CharField):
|
||||
description = _("Marshal dict data to char field")
|
||||
|
||||
|
||||
class JsonDictTextField(JsonDictMixin, models.TextField):
|
||||
description = _("Marshal dict data to text field")
|
||||
|
||||
|
||||
class JsonListMixin(JsonTypeMixin):
|
||||
tp = list
|
||||
|
||||
|
||||
class JsonStrListMixin(JsonListMixin):
|
||||
pass
|
||||
|
||||
|
||||
class JsonListCharField(JsonListMixin, models.CharField):
|
||||
description = _("Marshal list data to char field")
|
||||
|
||||
|
||||
class JsonListTextField(JsonListMixin, models.TextField):
|
||||
description = _("Marshal list data to text field")
|
||||
|
||||
|
||||
class JsonCharField(JsonMixin, models.CharField):
|
||||
description = _("Marshal data to char field")
|
||||
|
||||
|
||||
class JsonTextField(JsonMixin, models.TextField):
|
||||
description = _("Marshal data to text field")
|
||||
|
||||
|
||||
class EncryptMixin:
|
||||
def from_db_value(self, value, expression, connection, context):
|
||||
if value is not None:
|
||||
return signer.unsign(value)
|
||||
return None
|
||||
|
||||
def get_prep_value(self, value):
|
||||
if value is None:
|
||||
return value
|
||||
return signer.sign(value)
|
||||
|
||||
|
||||
class EncryptTextField(EncryptMixin, models.TextField):
|
||||
description = _("Encrypt field using Secret Key")
|
||||
|
||||
|
||||
class EncryptCharField(EncryptMixin, models.CharField):
|
||||
def __init__(self, *args, **kwargs):
|
||||
kwargs['max_length'] = 2048
|
||||
super().__init__(*args, **kwargs)
|
||||
|
||||
|
||||
|
|
@ -0,0 +1,41 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
from rest_framework import serializers
|
||||
from django.utils import six
|
||||
|
||||
|
||||
__all__ = ['StringIDField', 'StringManyToManyField', 'ChoiceDisplayField']
|
||||
|
||||
|
||||
class StringIDField(serializers.Field):
|
||||
def to_representation(self, value):
|
||||
return {"pk": value.pk, "name": value.__str__()}
|
||||
|
||||
|
||||
class StringManyToManyField(serializers.RelatedField):
|
||||
def to_representation(self, value):
|
||||
return value.__str__()
|
||||
|
||||
|
||||
class ChoiceDisplayField(serializers.ChoiceField):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super(ChoiceDisplayField, self).__init__(*args, **kwargs)
|
||||
self.choice_strings_to_display = {
|
||||
six.text_type(key): value for key, value in self.choices.items()
|
||||
}
|
||||
|
||||
def to_representation(self, value):
|
||||
if value is None:
|
||||
return value
|
||||
return {
|
||||
'value': self.choice_strings_to_values.get(six.text_type(value), value),
|
||||
'display': self.choice_strings_to_display.get(six.text_type(value), value),
|
||||
}
|
||||
|
||||
|
||||
class DictField(serializers.DictField):
|
||||
def to_representation(self, value):
|
||||
if not value or not isinstance(value, dict):
|
||||
value = {}
|
||||
return super().to_representation(value)
|
|
@ -10,28 +10,24 @@ from django.views.i18n import JavaScriptCatalog
|
|||
from .views import IndexView, LunaView, I18NView
|
||||
from .swagger import get_swagger_view
|
||||
|
||||
|
||||
api_v1_patterns = [
|
||||
path('api/', include([
|
||||
path('users/v1/', include('users.urls.api_urls', namespace='api-users')),
|
||||
path('assets/v1/', include('assets.urls.api_urls', namespace='api-assets')),
|
||||
path('perms/v1/', include('perms.urls.api_urls', namespace='api-perms')),
|
||||
path('terminal/v1/', include('terminal.urls.api_urls', namespace='api-terminal')),
|
||||
path('ops/v1/', include('ops.urls.api_urls', namespace='api-ops')),
|
||||
path('audits/v1/', include('audits.urls.api_urls', namespace='api-audits')),
|
||||
path('orgs/v1/', include('orgs.urls.api_urls', namespace='api-orgs')),
|
||||
path('settings/v1/', include('settings.urls.api_urls', namespace='api-settings')),
|
||||
path('authentication/v1/', include('authentication.urls.api_urls', namespace='api-auth')),
|
||||
]))
|
||||
api_v1 = [
|
||||
path('users/v1/', include('users.urls.api_urls', namespace='api-users')),
|
||||
path('assets/v1/', include('assets.urls.api_urls', namespace='api-assets')),
|
||||
path('perms/v1/', include('perms.urls.api_urls', namespace='api-perms')),
|
||||
path('terminal/v1/', include('terminal.urls.api_urls', namespace='api-terminal')),
|
||||
path('ops/v1/', include('ops.urls.api_urls', namespace='api-ops')),
|
||||
path('audits/v1/', include('audits.urls.api_urls', namespace='api-audits')),
|
||||
path('orgs/v1/', include('orgs.urls.api_urls', namespace='api-orgs')),
|
||||
path('settings/v1/', include('settings.urls.api_urls', namespace='api-settings')),
|
||||
path('authentication/v1/', include('authentication.urls.api_urls', namespace='api-auth')),
|
||||
]
|
||||
|
||||
api_v2_patterns = [
|
||||
path('api/', include([
|
||||
path('terminal/v2/', include('terminal.urls.api_urls_v2', namespace='api-terminal-v2')),
|
||||
path('users/v2/', include('users.urls.api_urls_v2', namespace='api-users-v2')),
|
||||
]))
|
||||
api_v2 = [
|
||||
path('terminal/v2/', include('terminal.urls.api_urls_v2', namespace='api-terminal-v2')),
|
||||
path('users/v2/', include('users.urls.api_urls_v2', namespace='api-users-v2')),
|
||||
]
|
||||
|
||||
|
||||
app_view_patterns = [
|
||||
path('users/', include('users.urls.views_urls', namespace='users')),
|
||||
path('assets/', include('assets.urls.views_urls', namespace='assets')),
|
||||
|
@ -45,12 +41,21 @@ app_view_patterns = [
|
|||
|
||||
|
||||
if settings.XPACK_ENABLED:
|
||||
app_view_patterns.append(path('xpack/', include('xpack.urls', namespace='xpack')))
|
||||
app_view_patterns.append(path('xpack/', include('xpack.urls.view_urls', namespace='xpack')))
|
||||
api_v1.append(path('xpack/v1/', include('xpack.urls.api_urls', namespace='api-xpack')))
|
||||
|
||||
js_i18n_patterns = i18n_patterns(
|
||||
path('jsi18n/', JavaScriptCatalog.as_view(), name='javascript-catalog'),
|
||||
)
|
||||
|
||||
api_v1_patterns = [
|
||||
path('api/', include(api_v1))
|
||||
]
|
||||
|
||||
api_v2_patterns = [
|
||||
path('api/', include(api_v2))
|
||||
]
|
||||
|
||||
urlpatterns = [
|
||||
path('', IndexView.as_view(), name='index'),
|
||||
path('', include(api_v2_patterns)),
|
||||
|
@ -63,6 +68,7 @@ urlpatterns = [
|
|||
# External apps url
|
||||
path('captcha/', include('captcha.urls')),
|
||||
]
|
||||
|
||||
urlpatterns += app_view_patterns
|
||||
urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) \
|
||||
+ static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)
|
||||
|
|
|
@ -23,7 +23,7 @@ def on_org_create_or_update(sender, instance=None, created=False, **kwargs):
|
|||
set_current_org(old_org)
|
||||
|
||||
if instance and not created:
|
||||
instance.expire_user_cache()
|
||||
instance.expire_cache()
|
||||
|
||||
|
||||
@receiver(m2m_changed, sender=Organization.users.through)
|
||||
|
|
File diff suppressed because one or more lines are too long
|
@ -11,8 +11,9 @@ from rest_framework.permissions import IsAuthenticated
|
|||
from rest_framework_bulk import BulkModelViewSet
|
||||
from rest_framework.pagination import LimitOffsetPagination
|
||||
|
||||
from common.permissions import IsOrgAdmin, IsCurrentUserOrReadOnly, \
|
||||
IsOrgAdminOrAppUser
|
||||
from common.permissions import (
|
||||
IsOrgAdmin, IsCurrentUserOrReadOnly, IsOrgAdminOrAppUser
|
||||
)
|
||||
from common.mixins import IDInFilterMixin
|
||||
from common.utils import get_logger
|
||||
from orgs.utils import current_org
|
||||
|
|
Loading…
Reference in New Issue