github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity
jumpserver/apps/settings/serializers/auth/ldap.py

109 lines
4.2 KiB
Python
Raw Blame History

from django.utils.translation import gettext_lazy as _
from rest_framework import serializers
from common.serializers.fields import EncryptedField
__all__ = [
'LDAPTestConfigSerializer', 'LDAPUserSerializer', 'LDAPTestLoginSerializer',
'LDAPSettingSerializer',
]
class LDAPTestConfigSerializer(serializers.Serializer):
AUTH_LDAP_SERVER_URI = serializers.CharField(max_length=1024)
AUTH_LDAP_BIND_DN = serializers.CharField(max_length=1024, required=False, allow_blank=True)
AUTH_LDAP_BIND_PASSWORD = EncryptedField(required=False, allow_blank=True)
AUTH_LDAP_SEARCH_OU = serializers.CharField()
AUTH_LDAP_SEARCH_FILTER = serializers.CharField()
AUTH_LDAP_USER_ATTR_MAP = serializers.JSONField()
AUTH_LDAP_START_TLS = serializers.BooleanField(required=False)
AUTH_LDAP = serializers.BooleanField(required=False)
class LDAPTestLoginSerializer(serializers.Serializer):
username = serializers.CharField(max_length=1024, required=True)
password = EncryptedField(max_length=2014, required=True, label=_("Password"))
class LDAPUserSerializer(serializers.Serializer):
id = serializers.CharField()
username = serializers.CharField()
name = serializers.CharField()
email = serializers.CharField()
groups = serializers.ListField(child=serializers.CharField(), default=[])
existing = serializers.BooleanField(read_only=True)
class LDAPSettingSerializer(serializers.Serializer):
# encrypt_fields 现在使用 write_only 来判断了
PREFIX_TITLE = _('LDAP')
AUTH_LDAP_SERVER_URI = serializers.CharField(
required=True, max_length=1024, label=_('Server'),
help_text=_('LDAP server URI')
)
AUTH_LDAP_BIND_DN = serializers.CharField(
required=False, max_length=1024, label=_('Bind DN'),
help_text=_('Binding Distinguished Name')
)
AUTH_LDAP_BIND_PASSWORD = EncryptedField(
max_length=1024, required=False, label=_('Password'),
help_text=_('Binding password')
)
AUTH_LDAP_SEARCH_OU = serializers.CharField(
max_length=1024, allow_blank=True, required=False, label=_('Search OU'),
help_text=_(
'User Search Base, if there are multiple OUs, you can separate them with the `|` symbol'
)
)
AUTH_LDAP_SEARCH_FILTER = serializers.CharField(
max_length=1024, required=True, label=_('Search filter'),
help_text=_('Selection could include (cn|uid|sAMAccountName=%(user)s)')
)
AUTH_LDAP_USER_ATTR_MAP = serializers.JSONField(
required=True, label=_('User attribute'),
help_text=_(
'User attribute mapping, where the `key` is the JumpServer user attribute name and the '
'`value` is the LDAP service user attribute name'
)
)
AUTH_LDAP_SYNC_ORG_IDS = serializers.ListField(
required=False, label=_('Organization'), max_length=36
)
AUTH_LDAP_SYNC_IS_PERIODIC = serializers.BooleanField(
required=False, label=_('Periodic run')
)
AUTH_LDAP_SYNC_CRONTAB = serializers.CharField(
required=False, max_length=128, allow_null=True, allow_blank=True,
label=_('Crontab')
)
AUTH_LDAP_SYNC_INTERVAL = serializers.IntegerField(
required=False, default=24, allow_null=True, label=_('Interval')
)
AUTH_LDAP_CONNECT_TIMEOUT = serializers.IntegerField(
min_value=1, max_value=300,
required=False, label=_('Connect timeout (s)'),
)
AUTH_LDAP_CACHE_TIMEOUT = serializers.IntegerField(
min_value=0, max_value=3600 * 24 * 30 * 12,
default=3600 * 24 * 30,
required=False, label=_('User DN cache timeout (s)'),
help_text=_(
'Caching the User DN obtained during user login authentication can effectively'
'improve the speed of user authentication., 0 means no cache'
)
)
AUTH_LDAP_SEARCH_PAGED_SIZE = serializers.IntegerField(
required=False, label=_('Search paged size (piece)')
)
AUTH_LDAP_SYNC_RECEIVERS = serializers.ListField(
required=False, label=_('Recipient'), max_length=36
)
AUTH_LDAP = serializers.BooleanField(required=False, label=_('LDAP'))
@staticmethod
def post_save():
from settings.tasks import import_ldap_user_periodic
import_ldap_user_periodic()
Reference in New Issue View Git Blame Copy Permalink