[Fix] 修改一些api bug

apps/applications/api.py

@@ -23,17 +23,20 @@ class TerminalRegisterView(ListCreateAPIView):
 
     def create(self, request, *args, **kwargs):
         name = request.data.get('name', '')
-        remote_addr = request.META.get('X-Real-IP') or request.META.get('REMOTE_ADDR')
-        serializer = self.serializer_class(data={'name': name, 'remote_addr': remote_addr})
+        remote_addr = request.META.get('X-Real-IP') or \
+                      request.META.get('REMOTE_ADDR')
+        serializer = self.serializer_class(
+            data={'name': name, 'remote_addr': remote_addr})
 
         if get_object_or_none(Terminal, name=name):
-            return Response({'msg': 'Already register, Need administrator active it'}, status=200)
+            return Response({'msg': 'Already register, Need '
+                                    'administrator active it'}, status=200)
 
         if serializer.is_valid():
             terminal = serializer.save()
             app_user, access_key = terminal.create_related_app_user()
             data = {}
-            data['applications'] = copy.deepcopy(serializer.data)
+            data['terminal'] = copy.deepcopy(serializer.data)
             data['user'] = app_user.to_json()
             data['access_key_id'] = access_key.id
             data['access_key_secret'] = access_key.secret
@@ -54,11 +57,11 @@ class TerminalViewSet(viewsets.ModelViewSet):
     def create(self, request, *args, **kwargs):
         return Response({'msg': 'Use register view except that'}, status=404)
 
-    def destroy(self, request, *args, **kwargs):
-        instance = self.get_object()
-        if instance.user is not None:
-            instance.user.delete()
-        return super(TerminalViewSet, self).destroy(request, *args, **kwargs)
+    # def destroy(self, request, *args, **kwargs):
+        # instance = self.get_object()
+        # if instance.user is not None:
+        #     instance.user.delete()
+        # return super(TerminalViewSet, self).destroy(request, *args, **kwargs)
 
 
 class TerminalHeatbeatViewSet(viewsets.ModelViewSet):

apps/audits/api.py

@@ -6,6 +6,7 @@ from __future__ import absolute_import, unicode_literals
 
 from rest_framework import generics, viewsets
 from rest_framework.views import APIView, Response
+from rest_framework_bulk import BulkModelViewSet
 
 from . import models, serializers
 from .hands import IsSuperUserOrAppUser, Terminal, IsAppUser
@@ -51,13 +52,3 @@ class CommandLogViewSet(viewsets.ModelViewSet):
     serializer_class = serializers.CommandLogSerializer
     permission_classes = (IsSuperUserOrAppUser,)
 
-
-# class CommandLogTitleApi(APIView):
-#     def get(self, request):
-#         response = [
-#             {"name": "command_no", "title": "ID", "type": "number"},
-#             {"name": "command", "title": "Title", "visible": True, "filterable": True},
-#             {"name": "datetime", "title": "Datetime", "type"},
-#             {"name": "output", "title": "Output", "filterable": True},
-#         ]
-#

apps/perms/api.py

@@ -3,7 +3,6 @@
 
 from django.shortcuts import get_object_or_404
 from rest_framework.views import APIView, Response
-from rest_framework.decorators import api_view
 from rest_framework.generics import ListAPIView, get_object_or_404
 from rest_framework import viewsets
 from users.permissions import IsValidUser, IsSuperUser, IsAppUser
@@ -206,9 +205,9 @@ class ValidateUserAssetPermissionView(APIView):
 
     @staticmethod
     def get(request):
-        user_id = request.params.get('user_id', '')
-        asset_id = request.params.get('asset_id', '')
-        system_id = request.params.get('system_id', '')
+        user_id = request.query_params.get('user_id', '')
+        asset_id = request.query_params.get('asset_id', '')
+        system_id = request.query_params.get('system_user_id', '')
 
         user = get_object_or_404(User, id=user_id)
         asset = get_object_or_404(Asset, id=asset_id)

apps/perms/serializers.py

@@ -11,6 +11,7 @@ from .hands import User
 class AssetPermissionSerializer(serializers.ModelSerializer):
     class Meta:
         model = AssetPermission
+        fields = '__all__'
 
 
 class UserAssetPermissionSerializer(AssetPermissionSerializer):
@@ -23,4 +24,3 @@ class UserAssetPermissionSerializer(AssetPermissionSerializer):
         else:
             return False
 
-

apps/users/api.py

@@ -1,16 +1,12 @@
 # ~*~ coding: utf-8 ~*~
 #
 
-import base64
-
 from rest_framework import generics, viewsets
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from rest_framework.permissions import AllowAny
 from rest_framework_bulk import BulkModelViewSet
-from rest_framework.authentication import CSRFCheck
 # from django_filters.rest_framework import DjangoFilterBackend
-from django.conf import settings
 
 from common.mixins import IDInFilterMixin
 from common.utils import get_logger
@@ -131,14 +127,16 @@ class UserAuthApi(APIView):
         login_ip = request.data.get('remote_addr', None)
         user_agent = request.data.get('HTTP_USER_AGENT', '')
 
-        user, msg = check_user_valid(username=username, password=password,
-                                     public_key=public_key)
+        user, msg = check_user_valid(
+            username=username, password=password,
+            public_key=public_key)
 
         if user:
             token = generate_token(request, user)
-            write_login_log_async.delay(user.username, name=user.name,
-                                        user_agent=user_agent, login_ip=login_ip,
-                                        login_type=login_type)
+            write_login_log_async.delay(
+                user.username, name=user.name,
+                user_agent=user_agent, login_ip=login_ip,
+                login_type=login_type)
             return Response({'token': token, 'user': user.to_json()})
         else:
             return Response({'msg': msg}, status=401)

apps/users/authentication.py

@@ -2,6 +2,7 @@
 #
 
 import base64
+import uuid
 import hashlib
 import time
 
@@ -72,6 +73,10 @@ class AccessKeyAuthentication(authentication.BaseAuthentication):
             raise exceptions.AuthenticationFailed(msg)
 
         access_key_id = sign[0]
+        try:
+            uuid.UUID(access_key_id)
+        except ValueError:
+            raise exceptions.AuthenticationFailed('Access key id invalid')
         request_signature = sign[1]
 
         return self.authenticate_credentials(

apps/users/views/login.py

@@ -87,7 +87,8 @@ class UserForgotPasswordView(TemplateView):
         email = request.POST.get('email')
         user = get_object_or_none(User, email=email)
         if not user:
-            return self.get(request, errors=_('Email address invalid, input again'))
+            return self.get(request, errors=_('Email address invalid, '
+                                              'please input again'))
         else:
             send_reset_password_mail(user)
             return HttpResponseRedirect(
@@ -120,7 +121,8 @@ class UserResetPasswordSuccessView(TemplateView):
             'auto_redirect': True,
         }
         kwargs.update(context)
-        return super(UserResetPasswordSuccessView, self).get_context_data(**kwargs)
+        return super(UserResetPasswordSuccessView, self)\
+            .get_context_data(**kwargs)
 
 
 class UserResetPasswordView(TemplateView):