mirror of https://github.com/jumpserver/jumpserver
[Update] Middleware 写法升级到新版本, Task login require
ibuler
parent
07a70311df
commit
c7d1ba1944
|
|
@ -4,24 +4,44 @@ import os
|
|||
import re
|
||||
import pytz
|
||||
from django.utils import timezone
|
||||
from django.utils.deprecation import MiddlewareMixin
|
||||
from django.shortcuts import HttpResponse
|
||||
|
||||
|
||||
DEMO_MODE = os.environ.get("DEMO_MODE", "")
|
||||
SAFE_URL = r'^/users/login|^/api/terminal/v1/.*|/api/terminal/.*|/api/users/v1/auth/|/api/users/v1/profile/'
|
||||
class TimezoneMiddleware:
|
||||
def __init__(self, get_response):
|
||||
self.get_response = get_response
|
||||
|
||||
|
||||
class TimezoneMiddleware(MiddlewareMixin):
|
||||
def process_request(self, request):
|
||||
def __call__(self, request):
|
||||
tzname = request.META.get('TZ')
|
||||
if tzname:
|
||||
timezone.activate(pytz.timezone(tzname))
|
||||
else:
|
||||
timezone.deactivate()
|
||||
response = self.get_response(request)
|
||||
return response
|
||||
|
||||
|
||||
class DemoMiddleware(MiddlewareMixin):
|
||||
def process_request(self, request):
|
||||
if DEMO_MODE and request.method not in ["GET", "HEAD"] and not re.match(SAFE_URL, request.path):
|
||||
return HttpResponse("Demo mode, only get request accept", status=403)
|
||||
class DemoMiddleware:
|
||||
DEMO_MODE_ENABLED = os.environ.get("DEMO_MODE", "") in ("1", "ok", "True")
|
||||
SAFE_URL_PATTERN = re.compile(
|
||||
r'^/users/login|'
|
||||
r'^/api/terminal/v1/.*|'
|
||||
r'^/api/terminal/.*|'
|
||||
r'^/api/users/v1/auth/|'
|
||||
r'^/api/users/v1/profile/'
|
||||
)
|
||||
SAFE_METHOD = ("GET", "HEAD")
|
||||
|
||||
def __init__(self, get_response):
|
||||
self.get_response = get_response
|
||||
|
||||
if self.DEMO_MODE_ENABLED:
|
||||
print("Demo mode enabled, reject unsafe method and url")
|
||||
|
||||
def __call__(self, request):
|
||||
if self.DEMO_MODE_ENABLED and request.method not in self.SAFE_METHOD \
|
||||
and not self.SAFE_URL_PATTERN.match(request.path):
|
||||
return HttpResponse("Demo mode, only safe request accepted", status=403)
|
||||
else:
|
||||
response = self.get_response(request)
|
||||
return response
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# ~*~ coding: utf-8 ~*~
|
||||
|
||||
from users.permissions import IsSuperUser
|
||||
|
||||
from users.utils import AdminUserRequiredMixin
|
||||
|
|
@ -6,9 +6,10 @@ from django.views.generic import ListView, DetailView
|
|||
|
||||
from common.mixins import DatetimeSearchMixin
|
||||
from .models import Task, AdHoc, AdHocRunHistory
|
||||
from .hands import AdminUserRequiredMixin
|
||||
|
||||
|
||||
class TaskListView(DatetimeSearchMixin, ListView):
|
||||
class TaskListView(AdminUserRequiredMixin, DatetimeSearchMixin, ListView):
|
||||
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
|
||||
model = Task
|
||||
ordering = ('-date_created',)
|
||||
|
|
@ -42,7 +43,7 @@ class TaskListView(DatetimeSearchMixin, ListView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class TaskDetailView(DetailView):
|
||||
class TaskDetailView(AdminUserRequiredMixin, DetailView):
|
||||
model = Task
|
||||
template_name = 'ops/task_detail.html'
|
||||
|
||||
|
|
@ -55,7 +56,7 @@ class TaskDetailView(DetailView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class TaskAdhocView(DetailView):
|
||||
class TaskAdhocView(AdminUserRequiredMixin, DetailView):
|
||||
model = Task
|
||||
template_name = 'ops/task_adhoc.html'
|
||||
|
||||
|
|
@ -68,7 +69,7 @@ class TaskAdhocView(DetailView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class TaskHistoryView(DetailView):
|
||||
class TaskHistoryView(AdminUserRequiredMixin, DetailView):
|
||||
model = Task
|
||||
template_name = 'ops/task_history.html'
|
||||
|
||||
|
|
@ -81,7 +82,7 @@ class TaskHistoryView(DetailView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AdHocDetailView(DetailView):
|
||||
class AdHocDetailView(AdminUserRequiredMixin, DetailView):
|
||||
model = AdHoc
|
||||
template_name = 'ops/adhoc_detail.html'
|
||||
|
||||
|
|
@ -94,7 +95,7 @@ class AdHocDetailView(DetailView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AdHocHistoryView(DetailView):
|
||||
class AdHocHistoryView(AdminUserRequiredMixin, DetailView):
|
||||
model = AdHoc
|
||||
template_name = 'ops/adhoc_history.html'
|
||||
|
||||
|
|
@ -107,7 +108,7 @@ class AdHocHistoryView(DetailView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AdHocHistoryDetailView(DetailView):
|
||||
class AdHocHistoryDetailView(AdminUserRequiredMixin, DetailView):
|
||||
model = AdHocRunHistory
|
||||
template_name = 'ops/adhoc_history_detail.html'
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue