from django.utils.translation import gettext_lazy as _ from rest_framework import serializers from common.serializers.fields import EncryptedField from .base import OrgListField __all__ = ['LDAPHATestConfigSerializer', 'LDAPHASettingSerializer'] class LDAPHATestConfigSerializer(serializers.Serializer): AUTH_LDAP_HA_SERVER_URI = serializers.CharField(max_length=1024) AUTH_LDAP_HA_BIND_DN = serializers.CharField(max_length=1024, required=False, allow_blank=True) AUTH_LDAP_HA_BIND_PASSWORD = EncryptedField(required=False, allow_blank=True) AUTH_LDAP_HA_SEARCH_OU = serializers.CharField() AUTH_LDAP_HA_SEARCH_FILTER = serializers.CharField() AUTH_LDAP_HA_USER_ATTR_MAP = serializers.JSONField() AUTH_LDAP_HA_START_TLS = serializers.BooleanField(required=False) AUTH_LDAP_HA = serializers.BooleanField(required=False) class LDAPHASettingSerializer(serializers.Serializer): # encrypt_fields 现在使用 write_only 来判断了 PREFIX_TITLE = _('LDAP HA') AUTH_LDAP_HA_SERVER_URI = serializers.CharField( required=True, max_length=1024, label=_('Server'), help_text=_('LDAP HA server URI') ) AUTH_LDAP_HA_BIND_DN = serializers.CharField( required=False, max_length=1024, label=_('Bind DN'), help_text=_('Binding Distinguished Name') ) AUTH_LDAP_HA_BIND_PASSWORD = EncryptedField( max_length=1024, required=False, label=_('Password'), help_text=_('Binding password') ) AUTH_LDAP_HA_SEARCH_OU = serializers.CharField( max_length=1024, allow_blank=True, required=False, label=_('Search OU'), help_text=_( 'User Search Base, if there are multiple OUs, you can separate them with the `|` symbol' ) ) AUTH_LDAP_HA_SEARCH_FILTER = serializers.CharField( max_length=1024, required=True, label=_('Search filter'), help_text=_('Selection could include (cn|uid|sAMAccountName=%(user)s)') ) AUTH_LDAP_HA_USER_ATTR_MAP = serializers.JSONField( required=True, label=_('User attribute'), help_text=_( 'User attribute mapping, where the `key` is the JumpServer user attribute name and the ' '`value` is the LDAP service user attribute name' ) ) AUTH_LDAP_HA_SYNC_IS_PERIODIC = serializers.BooleanField( required=False, label=_('Periodic run') ) AUTH_LDAP_HA_SYNC_CRONTAB = serializers.CharField( required=False, max_length=128, allow_null=True, allow_blank=True, label=_('Crontab') ) AUTH_LDAP_HA_SYNC_INTERVAL = serializers.IntegerField( required=False, default=24, allow_null=True, label=_('Interval') ) AUTH_LDAP_HA_CONNECT_TIMEOUT = serializers.IntegerField( min_value=1, max_value=300, required=False, label=_('Connect timeout (s)'), ) AUTH_LDAP_HA_CACHE_TIMEOUT = serializers.IntegerField( min_value=0, max_value=3600 * 24 * 30 * 12, default=3600 * 24 * 30, required=False, label=_('User DN cache timeout (s)'), help_text=_( 'Caching the User DN obtained during user login authentication can effectively' 'improve the speed of user authentication., 0 means no cache
' 'If the user OU structure has been adjusted, click Submit to clear the user DN cache' ) ) AUTH_LDAP_HA_SEARCH_PAGED_SIZE = serializers.IntegerField( required=False, label=_('Search paged size (piece)') ) AUTH_LDAP_HA_SYNC_RECEIVERS = serializers.ListField( required=False, label=_('Recipient'), max_length=36 ) AUTH_LDAP_HA = serializers.BooleanField(required=False, label=_('LDAP HA')) AUTH_LDAP_HA_SYNC_ORG_IDS = OrgListField() def post_save(self): keys = ['AUTH_LDAP_HA_SYNC_IS_PERIODIC', 'AUTH_LDAP_HA_SYNC_INTERVAL', 'AUTH_LDAP_HA_SYNC_CRONTAB'] kwargs = {k: self.validated_data[k] for k in keys if k in self.validated_data} if not kwargs: return from settings.tasks import import_ldap_ha_user_periodic import_ldap_ha_user_periodic(**kwargs)