diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index 255b7ea10..359734d4e 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -598,6 +598,7 @@ class Config(dict): 'USER_LOGIN_SINGLE_MACHINE_ENABLED': False, 'ONLY_ALLOW_EXIST_USER_AUTH': False, 'ONLY_ALLOW_AUTH_FROM_SOURCE': False, + 'PRIVACY_MODE': False, # 用户登录限制的规则 'SECURITY_LOGIN_LIMIT_COUNT': 7, 'SECURITY_LOGIN_LIMIT_TIME': 30, diff --git a/apps/jumpserver/settings/auth.py b/apps/jumpserver/settings/auth.py index 5dc636bbf..c18259b4e 100644 --- a/apps/jumpserver/settings/auth.py +++ b/apps/jumpserver/settings/auth.py @@ -346,5 +346,6 @@ AUTHENTICATION_BACKENDS_THIRD_PARTY = [ ] ONLY_ALLOW_EXIST_USER_AUTH = CONFIG.ONLY_ALLOW_EXIST_USER_AUTH ONLY_ALLOW_AUTH_FROM_SOURCE = CONFIG.ONLY_ALLOW_AUTH_FROM_SOURCE +PRIVACY_MODE = CONFIG.PRIVACY_MODE SAML_FOLDER = os.path.join(BASE_DIR, 'authentication', 'backends', 'saml2') diff --git a/apps/settings/serializers/public.py b/apps/settings/serializers/public.py index d1f428b86..d3a1b1761 100644 --- a/apps/settings/serializers/public.py +++ b/apps/settings/serializers/public.py @@ -71,6 +71,7 @@ class PrivateSettingSerializer(PublicSettingSerializer): TOOL_USER_ENABLED = serializers.BooleanField() DEFAULT_EXPIRED_YEARS = serializers.IntegerField() + PRIVACY_MODE = serializers.BooleanField() class ServerInfoSerializer(serializers.Serializer): diff --git a/apps/users/serializers/profile.py b/apps/users/serializers/profile.py index d52c7be42..1074576fb 100644 --- a/apps/users/serializers/profile.py +++ b/apps/users/serializers/profile.py @@ -119,6 +119,14 @@ class UserProfileSerializer(UserSerializer): if org_roles_field: org_roles_field.read_only = True + if settings.PRIVACY_MODE: + for field in ( + 'phone', 'wechat', + 'wecom_id', 'dingtalk_id', + 'feishu_id', 'slack_id', 'lark_id' + ): + self.fields.pop(field, None) + @staticmethod def get_guide_url(obj): return settings.USER_GUIDE_URL