[Feature] 添加修改用户密码api

2018-01-23 10:36:20 +08:00 · 2018-01-23 10:36:20 +08:00 · f40fbaf602
parent a43d29d446
commit f40fbaf602
5 changed files with 36 additions and 12 deletions
--- a/apps/terminal/forms.py
+++ b/apps/terminal/forms.py
@ -2,12 +2,24 @@
 #

 from django import forms
+from django.conf import settings
 from django.utils.translation import ugettext_lazy as _

 from .models import Terminal


+def get_all_command_storage():
+    # storage_choices = []
+    from common.models import Setting
+    Setting.refresh_all_settings()
+    for k, v in settings.TERMINAL_COMMAND_STORAGE.items():
+        yield (k, k)
+
+
 class TerminalForm(forms.ModelForm):
+    command_storage = forms.ChoiceField(choices=get_all_command_storage(),
+                                        label=_("Command storage"))
+
    class Meta:
        model = Terminal
        fields = ['name', 'remote_addr', 'ssh_port', 'http_port', 'comment', 'command_storage']
--- a/apps/terminal/models.py
+++ b/apps/terminal/models.py
@ -10,21 +10,13 @@ from users.models import User
 from .backends.command.models import AbstractSessionCommand


-def get_all_command_storage():
-    # storage_choices = []
-    from common.models import Setting
-    Setting.refresh_all_settings()
-    for k, v in settings.TERMINAL_COMMAND_STORAGE.items():
-        yield (k, k)
-
-
 class Terminal(models.Model):
    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
    name = models.CharField(max_length=32, verbose_name=_('Name'))
    remote_addr = models.CharField(max_length=128, verbose_name=_('Remote Address'))
    ssh_port = models.IntegerField(verbose_name=_('SSH Port'), default=2222)
    http_port = models.IntegerField(verbose_name=_('HTTP Port'), default=5000)
-    command_storage = models.CharField(max_length=128, verbose_name=_("Command storage"), default='default', choices=get_all_command_storage())
+    command_storage = models.CharField(max_length=128, verbose_name=_("Command storage"), default='default')
    replay_storage = models.CharField(max_length=128, verbose_name=_("Replay storage"), default='default')
    user = models.OneToOneField(User, related_name='terminal', verbose_name='Application User', null=True, on_delete=models.CASCADE)
    is_accepted = models.BooleanField(default=False, verbose_name='Is Accepted')
--- a/apps/users/api.py
+++ b/apps/users/api.py
@ -1,14 +1,14 @@
 # ~*~ coding: utf-8 ~*~

 from rest_framework import generics
-from rest_framework.permissions import AllowAny
+from rest_framework.permissions import AllowAny, IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from rest_framework_bulk import BulkModelViewSet

 from .serializers import UserSerializer, UserGroupSerializer, \
    UserGroupUpdateMemeberSerializer, UserPKUpdateSerializer, \
-    UserUpdateGroupSerializer
+    UserUpdateGroupSerializer, ChangeUserPasswordSerializer
 from .tasks import write_login_log_async
 from .models import User, UserGroup
 from .permissions import IsSuperUser, IsValidUser, IsCurrentUserOrReadOnly
@ -24,10 +24,21 @@ class UserViewSet(CustomFilterMixin, BulkModelViewSet):
    queryset = User.objects.exclude(role="App")
    # queryset = User.objects.all().exclude(role="App").order_by("date_joined")
    serializer_class = UserSerializer
-    permission_classes = (IsSuperUser,)
+    permission_classes = (IsSuperUser, IsAuthenticated)
    filter_fields = ('username', 'email', 'name', 'id')


+class ChangeUserPasswordApi(generics.RetrieveUpdateAPIView):
+    permission_classes = (IsSuperUser,)
+    queryset = User.objects.all()
+    serializer_class = ChangeUserPasswordSerializer
+
+    def perform_update(self, serializer):
+        user = self.get_object()
+        user.password_raw = serializer.validated_data["password"]
+        user.save()
+
+
 class UserUpdateGroupApi(generics.RetrieveUpdateAPIView):
    queryset = User.objects.all()
    serializer_class = UserUpdateGroupSerializer
@ -37,6 +48,7 @@ class UserUpdateGroupApi(generics.RetrieveUpdateAPIView):
 class UserResetPasswordApi(generics.UpdateAPIView):
    queryset = User.objects.all()
    serializer_class = UserSerializer
+    permission_classes = (IsAuthenticated,)

    def perform_update(self, serializer):
        # Note: we are not updating the user object here.
--- a/apps/users/serializers.py
+++ b/apps/users/serializers.py
@ -71,3 +71,9 @@ class UserGroupUpdateMemeberSerializer(serializers.ModelSerializer):
        model = UserGroup
        fields = ['id', 'users']

+
+class ChangeUserPasswordSerializer(serializers.ModelSerializer):
+
+    class Meta:
+        model = User
+        fields = ['password']
--- a/apps/users/urls/api_urls.py
+++ b/apps/users/urls/api_urls.py
@ -19,6 +19,8 @@ urlpatterns = [
    url(r'^v1/token/$', api.UserToken.as_view(), name='user-token'),
    url(r'^v1/profile/$', api.UserProfile.as_view(), name='user-profile'),
    url(r'^v1/auth/$', api.UserAuthApi.as_view(), name='user-auth'),
+    url(r'^v1/users/(?P<pk>[0-9a-zA-Z\-]{36})/password/$',
+        api.ChangeUserPasswordApi.as_view(), name='change-user-password'),
    url(r'^v1/users/(?P<pk>[0-9a-zA-Z\-]{36})/password/reset/$',
        api.UserResetPasswordApi.as_view(), name='user-reset-password'),
    url(r'^v1/users/(?P<pk>[0-9a-zA-Z\-]{36})/pubkey/reset/$',