Monitor (#2485)

* [Update]

* [Update] 修改fields

apps/authentication/tasks.py

@@ -2,6 +2,9 @@
 #
 
 from celery import shared_task
+from ops.celery.decorator import register_as_period_task
+from django.contrib.sessions.models import Session
+from django.utils import timezone
 
 from .utils import write_login_log
 
@@ -9,3 +12,11 @@ from .utils import write_login_log
 @shared_task
 def write_login_log_async(*args, **kwargs):
     write_login_log(*args, **kwargs)
+
+
+@register_as_period_task(interval=3600*24)
+@shared_task
+def clean_django_sessions():
+    Session.objects.filter(expire_date__lt=timezone.now()).delete()
+
+

apps/common/fields.py

@@ -1,106 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-import json
-
-from django.db import models
-from django import forms
-from django.utils import six
-from django.core.exceptions import ValidationError
-from django.utils.translation import ugettext as _
-from rest_framework import serializers
-from .utils import get_signer
-
-signer = get_signer()
-
-
-class FormDictField(forms.Field):
-    widget = forms.Textarea
-
-    def to_python(self, value):
-        """Returns a Python boolean object."""
-        # Explicitly check for the string 'False', which is what a hidden field
-        # will submit for False. Also check for '0', since this is what
-        # RadioSelect will provide. Because bool("True") == bool('1') == True,
-        # we don't need to handle that explicitly.
-        if isinstance(value, six.string_types):
-            value = value.replace("'", '"')
-            try:
-                value = json.loads(value)
-                return value
-            except json.JSONDecodeError:
-                return ValidationError(_("Not a valid json"))
-        else:
-            return ValidationError(_("Not a string type"))
-
-    def validate(self, value):
-        if isinstance(value, ValidationError):
-            raise value
-        if not value and self.required:
-            raise ValidationError(self.error_messages['required'], code='required')
-
-    def has_changed(self, initial, data):
-        # Sometimes data or initial may be a string equivalent of a boolean
-        # so we should run it through to_python first to get a boolean value
-        return self.to_python(initial) != self.to_python(data)
-
-
-class StringIDField(serializers.Field):
-    def to_representation(self, value):
-        return {"pk": value.pk, "name": value.__str__()}
-
-
-class StringManyToManyField(serializers.RelatedField):
-    def to_representation(self, value):
-        return value.__str__()
-
-
-class EncryptMixin:
-    def from_db_value(self, value, expression, connection, context):
-        if value is not None:
-            return signer.unsign(value)
-        return super().from_db_value(self, value, expression, connection, context)
-
-    def get_prep_value(self, value):
-        if value is None:
-            return value
-        return signer.sign(value)
-
-
-class EncryptTextField(EncryptMixin, models.TextField):
-    description = _("Encrypt field using Secret Key")
-
-
-class EncryptCharField(EncryptMixin, models.CharField):
-    def __init__(self, *args, **kwargs):
-        kwargs['max_length'] = 2048
-        super().__init__(*args, **kwargs)
-
-
-class FormEncryptMixin:
-    pass
-
-
-class FormEncryptCharField(FormEncryptMixin, forms.CharField):
-    pass
-
-
-class FormEncryptDictField(FormEncryptMixin, FormDictField):
-    pass
-
-
-class ChoiceDisplayField(serializers.ChoiceField):
-    def __init__(self, *args, **kwargs):
-        super(ChoiceDisplayField, self).__init__(*args, **kwargs)
-        self.choice_strings_to_display = {
-            six.text_type(key): value for key, value in self.choices.items()
-        }
-
-    def to_representation(self, value):
-        if value is None:
-            return value
-        return {
-            'value': self.choice_strings_to_values.get(six.text_type(value),
-                                                       value),
-            'display': self.choice_strings_to_display.get(six.text_type(value),
-                                                          value),
-        }

apps/common/fields/__init__.py

@@ -0,0 +1,6 @@
+# -*- coding: utf-8 -*-
+#
+
+from .form import *
+from .model import *
+from .serializer import *

apps/common/fields/form.py

@@ -0,0 +1,63 @@
+# -*- coding: utf-8 -*-
+#
+import json
+
+from django import forms
+from django.utils import six
+from django.core.exceptions import ValidationError
+from django.utils.translation import ugettext as _
+from ..utils import get_signer
+
+signer = get_signer()
+
+__all__ = [
+    'FormDictField', 'FormEncryptCharField', 'FormEncryptDictField',
+    'FormEncryptMixin',
+]
+
+
+class FormDictField(forms.Field):
+    widget = forms.Textarea
+
+    def to_python(self, value):
+        """Returns a Python boolean object."""
+        # Explicitly check for the string 'False', which is what a hidden field
+        # will submit for False. Also check for '0', since this is what
+        # RadioSelect will provide. Because bool("True") == bool('1') == True,
+        # we don't need to handle that explicitly.
+        if isinstance(value, six.string_types):
+            value = value.replace("'", '"')
+            try:
+                value = json.loads(value)
+                return value
+            except json.JSONDecodeError:
+                return ValidationError(_("Not a valid json"))
+        else:
+            return ValidationError(_("Not a string type"))
+
+    def validate(self, value):
+        if isinstance(value, ValidationError):
+            raise value
+        if not value and self.required:
+            raise ValidationError(self.error_messages['required'], code='required')
+
+    def has_changed(self, initial, data):
+        # Sometimes data or initial may be a string equivalent of a boolean
+        # so we should run it through to_python first to get a boolean value
+        return self.to_python(initial) != self.to_python(data)
+
+
+class FormEncryptMixin:
+    pass
+
+
+class FormEncryptCharField(FormEncryptMixin, forms.CharField):
+    pass
+
+
+class FormEncryptDictField(FormEncryptMixin, FormDictField):
+    pass
+
+
+
+

apps/common/fields/model.py

@@ -0,0 +1,132 @@
+# -*- coding: utf-8 -*-
+#
+import json
+from django.db import models
+from django.utils.translation import ugettext_lazy as _
+
+from ..utils import get_signer
+
+
+__all__ = [
+    'JsonMixin', 'JsonDictMixin', 'JsonListMixin', 'JsonTypeMixin',
+    'JsonCharField', 'JsonTextField', 'JsonListCharField', 'JsonListTextField',
+    'JsonDictCharField', 'JsonDictTextField', 'EncryptCharField',
+    'EncryptTextField', 'EncryptMixin',
+]
+signer = get_signer()
+
+
+class JsonMixin:
+    tp = None
+
+    @staticmethod
+    def json_decode(data):
+        try:
+            return json.loads(data)
+        except (TypeError, json.JSONDecodeError):
+            return None
+
+    @staticmethod
+    def json_encode(data):
+        return json.dumps(data)
+
+    def from_db_value(self, value, expression, connection, context):
+        if value is None:
+            return value
+        return self.json_decode(value)
+
+    def to_python(self, value):
+        if value is None:
+            return value
+
+        if not isinstance(value, str) or not value.startswith('"'):
+            return value
+        else:
+            return self.json_decode(value)
+
+    def get_prep_value(self, value):
+        if value is None:
+            return value
+        return self.json_encode(value)
+
+
+class JsonTypeMixin(JsonMixin):
+    tp = dict
+
+    def from_db_value(self, value, expression, connection, context):
+        value = super().from_db_value(value, expression, connection, context)
+        if not isinstance(value, self.tp):
+            value = self.tp()
+        return value
+
+    def to_python(self, value):
+        data = super().to_python(value)
+        if not isinstance(data, self.tp):
+            data = self.tp()
+        return data
+
+    def get_prep_value(self, value):
+        if not isinstance(value, self.tp):
+            value = self.tp()
+        return self.json_encode(value)
+
+
+class JsonDictMixin(JsonTypeMixin):
+    tp = dict
+
+
+class JsonDictCharField(JsonDictMixin, models.CharField):
+    description = _("Marshal dict data to char field")
+
+
+class JsonDictTextField(JsonDictMixin, models.TextField):
+    description = _("Marshal dict data to text field")
+
+
+class JsonListMixin(JsonTypeMixin):
+    tp = list
+
+
+class JsonStrListMixin(JsonListMixin):
+    pass
+
+
+class JsonListCharField(JsonListMixin, models.CharField):
+    description = _("Marshal list data to char field")
+
+
+class JsonListTextField(JsonListMixin, models.TextField):
+    description = _("Marshal list data to text field")
+
+
+class JsonCharField(JsonMixin, models.CharField):
+    description = _("Marshal data to char field")
+
+
+class JsonTextField(JsonMixin, models.TextField):
+    description = _("Marshal data to text field")
+
+
+class EncryptMixin:
+    def from_db_value(self, value, expression, connection, context):
+        if value is not None:
+            return signer.unsign(value)
+        return None
+
+    def get_prep_value(self, value):
+        if value is None:
+            return value
+        return signer.sign(value)
+
+
+class EncryptTextField(EncryptMixin, models.TextField):
+    description = _("Encrypt field using Secret Key")
+
+
+class EncryptCharField(EncryptMixin, models.CharField):
+    def __init__(self, *args, **kwargs):
+        kwargs['max_length'] = 2048
+        super().__init__(*args, **kwargs)
+
+
+

apps/common/fields/serializer.py

@@ -0,0 +1,41 @@
+# -*- coding: utf-8 -*-
+#
+
+from rest_framework import serializers
+from django.utils import six
+
+
+__all__ = ['StringIDField', 'StringManyToManyField', 'ChoiceDisplayField']
+
+
+class StringIDField(serializers.Field):
+    def to_representation(self, value):
+        return {"pk": value.pk, "name": value.__str__()}
+
+
+class StringManyToManyField(serializers.RelatedField):
+    def to_representation(self, value):
+        return value.__str__()
+
+
+class ChoiceDisplayField(serializers.ChoiceField):
+    def __init__(self, *args, **kwargs):
+        super(ChoiceDisplayField, self).__init__(*args, **kwargs)
+        self.choice_strings_to_display = {
+            six.text_type(key): value for key, value in self.choices.items()
+        }
+
+    def to_representation(self, value):
+        if value is None:
+            return value
+        return {
+            'value': self.choice_strings_to_values.get(six.text_type(value), value),
+            'display': self.choice_strings_to_display.get(six.text_type(value), value),
+        }
+
+
+class DictField(serializers.DictField):
+    def to_representation(self, value):
+        if not value or not isinstance(value, dict):
+            value = {}
+        return super().to_representation(value)

apps/jumpserver/urls.py

@@ -10,28 +10,24 @@ from django.views.i18n import JavaScriptCatalog
 from .views import IndexView, LunaView, I18NView
 from .swagger import get_swagger_view
 
-
+api_v1 = [
-api_v1_patterns = [
+   path('users/v1/', include('users.urls.api_urls', namespace='api-users')),
-   path('api/', include([
+   path('assets/v1/', include('assets.urls.api_urls', namespace='api-assets')),
-        path('users/v1/', include('users.urls.api_urls', namespace='api-users')),
+   path('perms/v1/', include('perms.urls.api_urls', namespace='api-perms')),
-        path('assets/v1/', include('assets.urls.api_urls', namespace='api-assets')),
+   path('terminal/v1/', include('terminal.urls.api_urls', namespace='api-terminal')),
-        path('perms/v1/', include('perms.urls.api_urls', namespace='api-perms')),
+   path('ops/v1/', include('ops.urls.api_urls', namespace='api-ops')),
-        path('terminal/v1/', include('terminal.urls.api_urls', namespace='api-terminal')),
+   path('audits/v1/', include('audits.urls.api_urls', namespace='api-audits')),
-        path('ops/v1/', include('ops.urls.api_urls', namespace='api-ops')),
+   path('orgs/v1/', include('orgs.urls.api_urls', namespace='api-orgs')),
-        path('audits/v1/', include('audits.urls.api_urls', namespace='api-audits')),
+   path('settings/v1/', include('settings.urls.api_urls', namespace='api-settings')),
-        path('orgs/v1/', include('orgs.urls.api_urls', namespace='api-orgs')),
+   path('authentication/v1/', include('authentication.urls.api_urls', namespace='api-auth')),
-        path('settings/v1/', include('settings.urls.api_urls', namespace='api-settings')),
-        path('authentication/v1/', include('authentication.urls.api_urls', namespace='api-auth')),
-   ]))
 ]
 
-api_v2_patterns = [
+api_v2 = [
-    path('api/', include([
+   path('terminal/v2/', include('terminal.urls.api_urls_v2', namespace='api-terminal-v2')),
-        path('terminal/v2/', include('terminal.urls.api_urls_v2', namespace='api-terminal-v2')),
+   path('users/v2/', include('users.urls.api_urls_v2', namespace='api-users-v2')),
-        path('users/v2/', include('users.urls.api_urls_v2', namespace='api-users-v2')),
-    ]))
 ]
 
+
 app_view_patterns = [
     path('users/', include('users.urls.views_urls', namespace='users')),
     path('assets/', include('assets.urls.views_urls', namespace='assets')),
@@ -45,12 +41,21 @@ app_view_patterns = [
 
 
 if settings.XPACK_ENABLED:
-    app_view_patterns.append(path('xpack/', include('xpack.urls', namespace='xpack')))
+    app_view_patterns.append(path('xpack/', include('xpack.urls.view_urls', namespace='xpack')))
+    api_v1.append(path('xpack/v1/', include('xpack.urls.api_urls', namespace='api-xpack')))
 
 js_i18n_patterns = i18n_patterns(
     path('jsi18n/', JavaScriptCatalog.as_view(), name='javascript-catalog'),
 )
 
+api_v1_patterns = [
+    path('api/', include(api_v1))
+]
+
+api_v2_patterns = [
+    path('api/', include(api_v2))
+]
+
 urlpatterns = [
     path('', IndexView.as_view(), name='index'),
     path('', include(api_v2_patterns)),
@@ -63,6 +68,7 @@ urlpatterns = [
     # External apps url
     path('captcha/', include('captcha.urls')),
 ]
+
 urlpatterns += app_view_patterns
 urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) \
             + static(settings.STATIC_URL, document_root=settings.STATIC_ROOT)

apps/orgs/signals_handler.py

@@ -23,7 +23,7 @@ def on_org_create_or_update(sender, instance=None, created=False, **kwargs):
         set_current_org(old_org)
 
     if instance and not created:
-        instance.expire_user_cache()
+        instance.expire_cache()
 
 
 @receiver(m2m_changed, sender=Organization.users.through)

apps/users/api/user.py

@@ -11,8 +11,9 @@ from rest_framework.permissions import IsAuthenticated
 from rest_framework_bulk import BulkModelViewSet
 from rest_framework.pagination import LimitOffsetPagination
 
-from common.permissions import IsOrgAdmin, IsCurrentUserOrReadOnly, \
+from common.permissions import (
-    IsOrgAdminOrAppUser
+    IsOrgAdmin, IsCurrentUserOrReadOnly, IsOrgAdminOrAppUser
+)
 from common.mixins import IDInFilterMixin
 from common.utils import get_logger
 from orgs.utils import current_org