Bugfix (#2350)

* [Update] 权限页面增加过滤规则 * [Update] 修改terminal注册，更新以后使用api完成 * [Update] 修改terminal注册，更新以后使用api完成 * [Update] 修改更新注册逻辑

Bugfix (#2350)
* [Update] 权限页面增加过滤规则 * [Update] 修改terminal注册，更新以后使用api完成 * [Update] 修改terminal注册，更新以后使用api完成 * [Update] 修改更新注册逻辑
2a0e68c5 · 老广 · GitHub · 176052e8 · 2a0e68c5 · 2a0e68c5
Unverified Commit 2a0e68c5 authored Jan 16, 2019 by 老广 Committed by GitHub Jan 16, 2019
11 changed files
--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Jumpserver 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2019-01-15 17:56+0800\n"
+"POT-Creation-Date: 2019-01-16 17:58+0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: Jumpserver team<ibuler@qq.com>\n"
@@ -67,8 +67,8 @@ msgstr "网域"
 #: assets/templates/assets/asset_update.html:35 perms/forms.py:45
 #: perms/forms.py:52 perms/models.py:85
 #: perms/templates/perms/asset_permission_list.html:57
-#: perms/templates/perms/asset_permission_list.html:77
+#: perms/templates/perms/asset_permission_list.html:78
-#: perms/templates/perms/asset_permission_list.html:126
+#: perms/templates/perms/asset_permission_list.html:128
 #: xpack/plugins/cloud/models.py:123
 #: xpack/plugins/cloud/templates/cloud/sync_instance_task_detail.html:63
 #: xpack/plugins/cloud/templates/cloud/sync_instance_task_instance.html:66
@@ -119,7 +119,7 @@ msgstr "端口"
 #: perms/models.py:31
 #: perms/templates/perms/asset_permission_create_update.html:45
 #: perms/templates/perms/asset_permission_list.html:56
-#: perms/templates/perms/asset_permission_list.html:123
+#: perms/templates/perms/asset_permission_list.html:125
 #: terminal/backends/command/models.py:13 terminal/models.py:143
 #: terminal/templates/terminal/command_list.html:40
 #: terminal/templates/terminal/command_list.html:73
@@ -185,7 +185,7 @@ msgstr "名称"
 #: assets/templates/assets/system_user_detail.html:62
 #: assets/templates/assets/system_user_list.html:30
 #: audits/templates/audits/login_log_list.html:49
-#: perms/templates/perms/asset_permission_list.html:76
+#: perms/templates/perms/asset_permission_list.html:74
 #: perms/templates/perms/asset_permission_user.html:55 users/forms.py:15
 #: users/forms.py:33 users/models/authentication.py:77 users/models/user.py:53
 #: users/templates/users/_select_user_modal.html:14
@@ -277,7 +277,7 @@ msgstr "IP"
 #: assets/templates/assets/user_asset_list.html:45
 #: assets/templates/assets/user_asset_list.html:150 common/forms.py:130
 #: perms/templates/perms/asset_permission_asset.html:54
-#: perms/templates/perms/asset_permission_list.html:75
+#: perms/templates/perms/asset_permission_list.html:77
 #: users/templates/users/user_granted_asset.html:44
 #: users/templates/users/user_group_granted_asset.html:44
 msgid "Hostname"
@@ -637,7 +637,7 @@ msgstr "默认资产组"
 #: perms/models.py:29
 #: perms/templates/perms/asset_permission_create_update.html:41
 #: perms/templates/perms/asset_permission_list.html:54
-#: perms/templates/perms/asset_permission_list.html:117 templates/index.html:87
+#: perms/templates/perms/asset_permission_list.html:119 templates/index.html:87
 #: terminal/backends/command/models.py:12 terminal/models.py:142
 #: terminal/templates/terminal/command_list.html:32
 #: terminal/templates/terminal/command_list.html:72
@@ -724,7 +724,8 @@ msgstr "登录模式"
 #: perms/models.py:33 perms/models.py:87
 #: perms/templates/perms/asset_permission_detail.html:140
 #: perms/templates/perms/asset_permission_list.html:58
-#: perms/templates/perms/asset_permission_list.html:129 templates/_nav.html:25
+#: perms/templates/perms/asset_permission_list.html:79
+#: perms/templates/perms/asset_permission_list.html:131 templates/_nav.html:25
 #: terminal/backends/command/models.py:14 terminal/models.py:144
 #: terminal/templates/terminal/command_list.html:48
 #: terminal/templates/terminal/command_list.html:74
@@ -884,7 +885,7 @@ msgstr "自动生成密钥"
 #: assets/templates/assets/asset_update.html:64
 #: assets/templates/assets/gateway_create_update.html:53
 #: perms/templates/perms/asset_permission_create_update.html:50
-#: terminal/templates/terminal/terminal_update.html:42
+#: terminal/templates/terminal/terminal_update.html:40
 msgid "Other"
 msgstr "其它"
@@ -906,7 +907,7 @@ msgstr "其它"
 #: common/templates/common/security_setting.html:70
 #: common/templates/common/terminal_setting.html:68
 #: perms/templates/perms/asset_permission_create_update.html:80
-#: terminal/templates/terminal/terminal_update.html:47
+#: terminal/templates/terminal/terminal_update.html:45
 #: users/templates/users/_user.html:50
 #: users/templates/users/user_bulk_update.html:23
 #: users/templates/users/user_detail.html:176
@@ -941,7 +942,7 @@ msgstr "重置"
 #: perms/templates/perms/asset_permission_create_update.html:81
 #: terminal/templates/terminal/command_list.html:103
 #: terminal/templates/terminal/session_list.html:127
-#: terminal/templates/terminal/terminal_update.html:48
+#: terminal/templates/terminal/terminal_update.html:46
 #: users/templates/users/_user.html:51
 #: users/templates/users/forgot_password.html:45
 #: users/templates/users/user_bulk_update.html:24
@@ -1025,7 +1026,7 @@ msgstr "测试"
 #: assets/templates/assets/system_user_detail.html:26
 #: assets/templates/assets/system_user_list.html:92 audits/models.py:32
 #: perms/templates/perms/asset_permission_detail.html:30
-#: perms/templates/perms/asset_permission_list.html:175
+#: perms/templates/perms/asset_permission_list.html:177
 #: terminal/templates/terminal/terminal_detail.html:16
 #: terminal/templates/terminal/terminal_list.html:71
 #: users/templates/users/user_detail.html:25
@@ -1060,7 +1061,7 @@ msgstr "更新"
 #: common/templates/common/terminal_setting.html:112
 #: ops/templates/ops/task_list.html:72
 #: perms/templates/perms/asset_permission_detail.html:34
-#: perms/templates/perms/asset_permission_list.html:176
+#: perms/templates/perms/asset_permission_list.html:178
 #: terminal/templates/terminal/terminal_list.html:73
 #: users/templates/users/user_detail.html:30
 #: users/templates/users/user_group_detail.html:32
@@ -1173,7 +1174,6 @@ msgstr "快速修改"
 #: perms/models.py:88
 #: perms/templates/perms/asset_permission_create_update.html:52
 #: perms/templates/perms/asset_permission_detail.html:120
-#: perms/templates/perms/asset_permission_list.html:73
 #: terminal/templates/terminal/terminal_list.html:34
 #: users/templates/users/_select_user_modal.html:18
 #: users/templates/users/user_detail.html:144
@@ -2572,7 +2572,8 @@ msgstr "组织管理"
 #: perms/forms.py:39 perms/models.py:30 perms/models.py:86
 #: perms/templates/perms/asset_permission_list.html:55
-#: perms/templates/perms/asset_permission_list.html:120 templates/_nav.html:14
+#: perms/templates/perms/asset_permission_list.html:75
+#: perms/templates/perms/asset_permission_list.html:122 templates/_nav.html:14
 #: users/forms.py:273 users/models/group.py:26 users/models/user.py:61
 #: users/templates/users/_select_user_modal.html:16
 #: users/templates/users/user_detail.html:213
@@ -2658,6 +2659,7 @@ msgid "Create permission"
 msgstr "创建授权规则"
 #: perms/templates/perms/asset_permission_list.html:59
+#: perms/templates/perms/asset_permission_list.html:73
 #: users/templates/users/user_list.html:28 xpack/plugins/cloud/models.py:53
 #: xpack/plugins/cloud/templates/cloud/account_detail.html:60
 #: xpack/plugins/cloud/templates/cloud/account_list.html:14
@@ -3545,6 +3547,10 @@ msgstr "用户认证源来自 {}, 请去相应系统修改密码"
 msgid "Administrator is the super user of system"
 msgstr "Administrator是初始的超级管理员"
+#: users/serializers/v2.py:40
+msgid "name not unique"
+msgstr "名称重复"
 #: users/templates/users/_base_otp.html:27
 msgid "Home page"
 msgstr "首页"

--- a/apps/static/js/jumpserver.js
+++ b/apps/static/js/jumpserver.js
@@ -161,6 +161,87 @@ function activeNav() {
    }
 }
+function formSubmit(props) {
+    /*
+    {
+      "form": $("form"),
+      "url": "",
+      "method": "POST",
+      "redirect_to": "",
+      "success": function(data, textStatue, jqXHR){},
+      "error": function(jqXHR, textStatus, errorThrown) {}
+    }
+    */
+    props = props || {};
+    var data = props.data || props.form.serializeObject();
+    var redirect_to = props.redirect_to;
+    $.ajax({
+        url: props.url,
+        type: props.method || 'POST',
+        data: JSON.stringify(data),
+        contentType: props.content_type || "application/json; charset=utf-8",
+        dataType: props.data_type || "json"
+    }).done(function (data, textState, jqXHR) {
+        if (redirect_to) {
+            location.href = redirect_to;
+        } else if (typeof props.success === 'function') {
+            return props.success(data, textState, jqXHR);
+        }
+    }).fail(function(jqXHR, textStatus, errorThrown) {
+        if (typeof props.error === 'function') {
+            return props.error(jqXHR, textStatus, errorThrown)
+        }
+        if (!props.form) {
+            alert(jqXHR.responseText);
+            return
+        }
+        if (jqXHR.status === 400) {
+            var errors = jqXHR.responseJSON;
+            var noneFieldErrorRef = props.form.children('.alert-danger');
+            if (noneFieldErrorRef.length !== 1) {
+                props.form.prepend('<div class="alert alert-danger" style="display: none"></div>');
+                noneFieldErrorRef = props.form.children('.alert-danger');
+            }
+            var noneFieldErrorMsg = "";
+            noneFieldErrorRef.css("display", "none");
+            noneFieldErrorRef.html("");
+            props.form.find(".help-block.error").html("");
+            props.form.find(".form-group.has-error").removeClass("has-error");
+            if (typeof errors !== "object") {
+                noneFieldErrorMsg = errors;
+                if (noneFieldErrorRef.length === 1) {
+                    noneFieldErrorRef.css('display', 'block');
+                    noneFieldErrorRef.html(noneFieldErrorMsg);
+                }
+                return
+            }
+            $.each(errors, function (k, v) {
+                var fieldRef = props.form.find('input[name="' + k + '"]');
+                var formGroupRef = fieldRef.parents('.form-group');
+                var parentRef = fieldRef.parent();
+                var helpBlockRef = parentRef.children('.help-block.error');
+                if (helpBlockRef.length === 0) {
+                    parentRef.append('<div class="help-block error"></div>');
+                    helpBlockRef = parentRef.children('.help-block.error');
+                }
+                if (fieldRef.length === 1 && formGroupRef.length === 1) {
+                    formGroupRef.addClass('has-error');
+                    var help_msg = v.join("<br/>") ;
+                    helpBlockRef.html(help_msg);
+                } else {
+                    noneFieldErrorMsg += v + '<br/>';
+                }
+            });
+            if (noneFieldErrorRef.length === 1 && noneFieldErrorMsg !== '') {
+                noneFieldErrorRef.css('display', 'block');
+                noneFieldErrorRef.html(noneFieldErrorMsg);
+            }
+        }
+    })
+}
 function APIUpdateAttr(props) {
    // props = {url: .., body: , success: , error: , method: ,}
    props = props || {};
@@ -195,9 +276,6 @@ function APIUpdateAttr(props) {
    }).fail(function(jqXHR, textStatus, errorThrown) {
        if (flash_message) {
            var msg = "";
-            console.log(jqXHR);
-            console.log(textStatus);
-            console.log(errorThrown);
            if (user_fail_message) {
                msg = user_fail_message;
            } else if (jqXHR.responseJSON) {
@@ -213,6 +291,7 @@ function APIUpdateAttr(props) {
            toastr.error(msg);
        }
        if (typeof props.error === 'function') {
+            console.log(jqXHR);
            return props.error(jqXHR.responseText, jqXHR.status);
        }
    });

--- a/apps/terminal/api/v2/terminal.py
+++ b/apps/terminal/api/v2/terminal.py
 # -*- coding: utf-8 -*-
 #
-from rest_framework import viewsets
+from rest_framework import viewsets, generics
+from rest_framework import status
+from rest_framework.response import Response
 from common.permissions import IsSuperUser, WithBootstrapToken
 from ...models import Terminal
 from ...serializers import v2 as serializers
-__all__ = ['TerminalViewSet', 'TerminalRegistrationViewSet']
+__all__ = ['TerminalViewSet', 'TerminalRegistrationApi']
 class TerminalViewSet(viewsets.ModelViewSet):
@@ -15,8 +19,19 @@ class TerminalViewSet(viewsets.ModelViewSet):
    permission_classes = [IsSuperUser]
-class TerminalRegistrationViewSet(viewsets.ModelViewSet):
+class TerminalRegistrationApi(generics.CreateAPIView):
-    queryset = Terminal.objects.filter(is_deleted=False)
    serializer_class = serializers.TerminalRegistrationSerializer
    permission_classes = [WithBootstrapToken]
    http_method_names = ['post']
+    def create(self, request, *args, **kwargs):
+        data = request.data
+        serializer = serializers.TerminalSerializer(
+            data=data, context={'request': request}
+        )
+        serializer.is_valid(raise_exception=True)
+        terminal = serializer.save()
+        sa_serializer = serializer.sa_serializer_class(instance=terminal.user)
+        data['service_account'] = sa_serializer.data
+        return Response(data, status=status.HTTP_201_CREATED)
--- a/apps/terminal/forms.py
+++ b/apps/terminal/forms.py
@@ -39,5 +39,3 @@ class TerminalForm(forms.ModelForm):
            'name', 'remote_addr', 'comment',
            'command_storage', 'replay_storage',
        ]
-        help_texts = {
-        }
--- a/apps/terminal/serializers/v1.py
+++ b/apps/terminal/serializers/v1.py
@@ -31,8 +31,6 @@ class TerminalSerializer(serializers.ModelSerializer):
        return cache.get(key)
 class SessionSerializer(BulkSerializerMixin, serializers.ModelSerializer):
    command_amount = serializers.SerializerMethodField()
    command_store = get_multi_command_storage()

--- a/apps/terminal/serializers/v2.py
+++ b/apps/terminal/serializers/v2.py
@@ -3,7 +3,7 @@
 from rest_framework import serializers
 from common.utils import get_request_ip
-from users.serializers.v2 import ServiceAccountRegistrationSerializer
+from users.serializers.v2 import ServiceAccountSerializer
 from ..models import Terminal
@@ -11,36 +11,48 @@ __all__ = ['TerminalSerializer', 'TerminalRegistrationSerializer']
 class TerminalSerializer(serializers.ModelSerializer):
-    class Meta:
+    sa_serializer_class = ServiceAccountSerializer
-        model = Terminal
+    sa_serializer = None
-        fields = [
-            'id', 'name', 'remote_addr', 'comment',
-        ]
-        read_only_fields = ['id', 'remote_addr']
-class TerminalRegistrationSerializer(serializers.ModelSerializer):
-    service_account = ServiceAccountRegistrationSerializer(read_only=True)
-    service_account_serializer = None
    class Meta:
        model = Terminal
        fields = [
-            'id', 'name', 'remote_addr', 'comment', 'service_account'
+            'id', 'name', 'remote_addr', 'command_storage',
+            'replay_storage', 'user', 'is_accepted', 'is_deleted',
+            'date_created', 'comment'
        ]
-        read_only_fields = ['id', 'remote_addr', 'service_account']
+        read_only_fields = ['id', 'remote_addr', 'user', 'date_created']
-    def validate(self, attrs):
+    def is_valid(self, raise_exception=False):
-        self.service_account_serializer = ServiceAccountRegistrationSerializer(data=attrs)
+        valid = super().is_valid(raise_exception=raise_exception)
-        self.service_account_serializer.is_valid(raise_exception=True)
+        if not valid:
-        return attrs
+            return valid
+        data = {'name': self.validated_data.get('name')}
+        kwargs = {'data': data}
+        if self.instance and self.instance.user:
+            kwargs['instance'] = self.instance.user
+        self.sa_serializer = ServiceAccountSerializer(**kwargs)
+        valid = self.sa_serializer.is_valid(raise_exception=True)
+        return valid
+    def save(self, **kwargs):
+        instance = super().save(**kwargs)
+        sa = self.sa_serializer.save()
+        instance.user = sa
+        instance.save()
+        return instance
    def create(self, validated_data):
        request = self.context.get('request')
-        sa = self.service_account_serializer.save()
        instance = super().create(validated_data)
        instance.is_accepted = True
-        instance.user = sa
+        if request:
-        instance.remote_addr = get_request_ip(request)
+            instance.remote_addr = get_request_ip(request)
        instance.save()
        return instance
+class TerminalRegistrationSerializer(serializers.Serializer):
+    name = serializers.CharField(max_length=128)
+    comment = serializers.CharField(max_length=128)
+    service_account = ServiceAccountSerializer(read_only=True)
--- a/apps/terminal/templates/terminal/terminal_update.html
+++ b/apps/terminal/templates/terminal/terminal_update.html
@@ -33,8 +33,6 @@
                            <h3>{% trans 'Info' %}</h3>
                            {% bootstrap_field form.name layout="horizontal" %}
                            {% bootstrap_field form.remote_addr layout="horizontal" %}
-{#                            {% bootstrap_field form.ssh_port layout="horizontal" %}#}
-{#                            {% bootstrap_field form.http_port layout="horizontal" %}#}
                            {% bootstrap_field form.command_storage layout="horizontal" %}
                            {% bootstrap_field form.replay_storage layout="horizontal" %}
@@ -60,14 +58,14 @@
    <script>
        $(document).ready(function () {
            $('.select2').select2();
+        }).on('submit', 'form', function (e) {
-            $('.input-group.date').datepicker({
+            e.preventDefault();
-                format: "yyyy-mm-dd",
+            var form = $('form');
-                todayBtn: "linked",
+            formSubmit({
-                keyboardNavigation: false,
+                'url': '{% url 'api-terminal-v2:terminal-detail' pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}',  '{{ object.id }}'),
-                forceParse: false,
+                'form': form,
-                calendarWeeks: true,
+                'method': 'PUT',
-                autoclose: true
+                'redirect_to': '{% url "terminal:terminal-list" %}'
            });
        })
    </script>

--- a/apps/terminal/urls/api_urls_v2.py
+++ b/apps/terminal/urls/api_urls_v2.py
@@ -11,10 +11,11 @@ app_name = 'terminal'
 router = BulkRouter()
 router.register(r'terminal', api.TerminalViewSet, 'terminal')
-router.register(r'terminal-registrations', api.TerminalRegistrationViewSet, 'terminal-registration')
 urlpatterns = [
+    path('terminal-registrations/', api.TerminalRegistrationApi.as_view(),
+         name='terminal-registration')
 ]
 urlpatterns += router.urls
--- a/apps/users/api/v2/user.py
+++ b/apps/users/api/v2/user.py
@@ -7,6 +7,6 @@ from ...serializers import v2 as serializers
 class ServiceAccountRegistrationViewSet(viewsets.ModelViewSet):
-    serializer_class = serializers.ServiceAccountRegistrationSerializer
+    serializer_class = serializers.ServiceAccountSerializer
    permission_classes = (WithBootstrapToken,)
    http_method_names = ['post']
--- a/apps/users/serializers/v2.py
+++ b/apps/users/serializers/v2.py
 # -*- coding: utf-8 -*-
 #
+from django.utils.translation import ugettext as _
 from rest_framework import serializers
 from ..models import User, AccessKey
@@ -12,7 +13,7 @@ class AccessKeySerializer(serializers.ModelSerializer):
        read_only_fields = ['id', 'secret']
-class ServiceAccountRegistrationSerializer(serializers.ModelSerializer):
+class ServiceAccountSerializer(serializers.ModelSerializer):
    access_key = AccessKeySerializer(read_only=True)
    class Meta:
@@ -30,15 +31,22 @@ class ServiceAccountRegistrationSerializer(serializers.ModelSerializer):
    def validate_name(self, name):
        email = self.get_email()
        username = self.get_username()
-        if User.objects.filter(email=email) or \
+        if self.instance:
-                User.objects.filter(username=username):
+            users = User.objects.exclude(id=self.instance.id)
-            raise serializers.ValidationError('name not unique', code='unique')
+        else:
+            users = User.objects.all()
+        if users.filter(email=email) or \
+                users.filter(username=username):
+            raise serializers.ValidationError(_('name not unique'), code='unique')
        return name
+    def save(self, **kwargs):
+        self.validated_data['email'] = self.get_email()
+        self.validated_data['username'] = self.get_username()
+        self.validated_data['role'] = User.ROLE_APP
+        return super().save(**kwargs)
    def create(self, validated_data):
-        validated_data['email'] = self.get_email()
-        validated_data['username'] = self.get_username()
-        validated_data['role'] = User.ROLE_APP
        instance = super().create(validated_data)
        instance.create_access_key()
        return instance