Add private token and change user group

5b4ce709 · ibuler · 875aaa00 · 5b4ce709 · 5b4ce709 · 5b4ce709
Commit 5b4ce709 authored Dec 21, 2016 by ibuler
13 changed files
--- a/apps/assets/models/asset.py
+++ b/apps/assets/models/asset.py
@@ -73,7 +73,7 @@ class Asset(models.Model):
    def __unicode__(self):
        return '%(ip)s:%(port)s' % {'ip': self.ip, 'port': self.port}

-    __str__ = __unicode__()
+    __str__ = __unicode__

    @property
    def is_valid(self):
@@ -88,7 +88,6 @@ class Asset(models.Model):
        pass

    class Meta:
-        db_table = 'asset'
        unique_together = ('ip', 'port')

    @classmethod
@@ -126,4 +125,4 @@ class Tag(models.Model):
    __str__ = __unicode__

    class Meta:
-        db_table = 'tag'
\ No newline at end of file
+        ordering = ['name']
--- a/apps/assets/models/group.py
+++ b/apps/assets/models/group.py
@@ -25,7 +25,7 @@ class AssetGroup(models.Model):
        return self.name

    class Meta:
-        db_table = 'asset_group'
+        ordering = ['name']

    @classmethod
    def initial(cls):

--- a/apps/assets/models/idc.py
+++ b/apps/assets/models/idc.py
@@ -34,7 +34,7 @@ class IDC(models.Model):
        return cls.objects.get_or_create(name=_('Default'), created_by=_('System'), comment=_('Default IDC'))[0]

    class Meta:
-        db_table = 'idc'
+        ordering = ['name']

    @classmethod
    def generate_fake(cls, count=100):

--- a/apps/assets/models/user.py
+++ b/apps/assets/models/user.py
@@ -37,6 +37,8 @@ class AdminUser(models.Model):
    def __unicode__(self):
        return self.name

+    __str__ = __unicode__
+
    @property
    def password(self):
        return signer.unsign(self._password)
@@ -66,7 +68,7 @@ class AdminUser(models.Model):
        return self.assets.count()

    class Meta:
-        db_table = 'admin_user'
+        ordering = ['name']

    @classmethod
    def generate_fake(cls, count=100):
@@ -161,7 +163,7 @@ class SystemUser(models.Model):
        return self.asset_groups.count()

    class Meta:
-        db_table = 'system_user'
+        ordering = ['name']

    @classmethod
    def generate_fake(cls, count=100):

--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@@ -60,7 +60,6 @@ INSTALLED_APPS = [
    'common.apps.CommonConfig',
    'terminal.apps.TerminalConfig',
    'rest_framework',
-    'rest_framework.authtoken',
    'bootstrapform',
    'captcha',
    'django.contrib.auth',

--- a/apps/terminal/api.py
+++ b/apps/terminal/api.py
@@ -14,6 +14,18 @@ from .serializers import TerminalSerializer, TerminalHeatbeatSerializer
 from .hands import IsSuperUserOrTerminalUser, User


+class TerminalRegister(ListCreateAPIView):
+    queryset = Terminal.objects.all()
+    serializer_class = TerminalSerializer
+    permission_classes = (AllowAny,)
+
+    def create(self, request, *args, **kwargs):
+        name = signer.unsign(request.data.get('name', ''))
+        remote_addr = request.Meta.get('REMOTE_ADDR')
+        serializer = self.serializer_class({'name': name, 'remote_addr': remote_addr})
+
+
+

 class TerminalViewSet(viewsets.ModelViewSet):
    queryset = Terminal.objects.all()

--- a/apps/terminal/forms.py
+++ b/apps/terminal/forms.py
@@ -10,7 +10,7 @@ from .models import Terminal
 class TerminalForm(forms.ModelForm):
    class Meta:
        model = Terminal
-        fields = ['name', 'ip', 'is_active', 'type', 'url', 'comment']
+        fields = ['name', 'remote_addr', 'type', 'url', 'comment']
        help_texts = {
            'url': 'Example: ssh://192.168.1.1:22 or http://jms.jumpserver.org, that user login'
        }

--- a/apps/terminal/models.py
+++ b/apps/terminal/models.py
@@ -8,20 +8,42 @@ from users.models import User

 class Terminal(models.Model):
    TYPE_CHOICES = (
-        ('S', 'SSH Terminal'),
-        ('WT', 'Web Terminal')
+        ('SSH', 'SSH Terminal'),
+        ('Web', 'Web Terminal')
    )
    name = models.CharField(max_length=30, unique=True, verbose_name=_('Name'))
-    ip = models.GenericIPAddressField(verbose_name=_('From ip'))
-    is_active = models.BooleanField(default=False, verbose_name=_('Is active'))
-    is_bound_ip = models.BooleanField(default=False, verbose_name=_('Is bound ip'))
+    remote_addr = models.GenericIPAddressField(verbose_name=_('Remote address'), blank=True, null=True)
    type = models.CharField(choices=TYPE_CHOICES, max_length=2, verbose_name=_('Terminal type'))
+    user = models.OneToOneField(User, verbose_name='Application user', null=True)
    url = models.CharField(max_length=100, verbose_name=_('URL to login'))
    date_created = models.DateTimeField(auto_now_add=True)
    comment = models.TextField(blank=True, verbose_name=_('Comment'))

-    def is_valid(self):
-        return self.is_active and self.is_accepted
+    @property
+    def is_active(self):
+        if self.user and self.user.is_active:
+            return True
+        return False
+
+    @is_active.setter
+    def is_active(self, active):
+        if self.user:
+            self.user.is_active = active
+            self.user.save()
+
+    @property
+    def is_accepted(self):
+        if self.user:
+            return True
+        else:
+            return False
+
+    @is_accepted.setter
+    def is_accepted(self, accepted):
+        if accepted:
+            user = User.create_app_user(name=self.name, comment=self.comment)
+            self.user = user
+            self.save()

    @property
    def is_superuser(self):
@@ -31,9 +53,14 @@ class Terminal(models.Model):
    def is_terminal(self):
        return True

+    def __unicode__(self):
+        active = 'Active' if self.user and self.user.is_active else 'Disabled'
+        return '%s: %s' % (self.name, active)
+
+    __str__ = __unicode__
+
    class Meta:
        db_table = 'terminal'
-        ordering = ['is_active']


 class TerminalHeatbeat(models.Model):

--- a/apps/users/models/__init__.py
+++ b/apps/users/models/__init__.py
@@ -4,6 +4,4 @@

 from .group import *
 from .user import *
-from .access_key import *
-
-
+from .authentication import *
--- a/apps/users/models/access_key.py
+++ b/apps/users/models/access_key.py
@@ -3,21 +3,38 @@
 #

 import uuid
-
 from django.db import models
+from django.utils.translation import ugettext_lazy as _
+from rest_framework.authtoken.models import Token
 from . import User

+__all__ = ['AccessKey']

 def get_uuid_string():
    return uuid.uuid4().__str__()


 class AccessKey(models.Model):
-    id = models.UUIDField(verbose_name='AccessKeyID', primary_key=True, default=get_uuid_string, editable=False)
-    secret = models.UUIDField(verbose_name='AccessKeySecret', default=get_uuid_string, editable=False)
-    user = models.ForeignKey(User, verbose_name='User')
+    id = models.UUIDField(verbose_name='AccessKeyID', primary_key=True,
+                          default=uuid.uuid4, editable=False)
+    secret = models.UUIDField(verbose_name='AccessKeySecret',
+                              default=uuid.uuid4, editable=False)
+    user = models.ForeignKey(User, verbose_name='User', related_name='access_key')
+
+    def get_id(self):
+        return str(self.id)
+
+    def get_secret(self):
+        return str(self.secret)

    def __unicode__(self):
-        return self.id
+        return str(self.id)

    __str__ = __unicode__
+
+
+class PrivateToken(Token):
+    """Inherit from auth token, otherwise migration is boring"""
+
+    class Meta:
+        verbose_name = _('Private Token')
--- a/apps/users/models/group.py
+++ b/apps/users/models/group.py
@@ -5,6 +5,7 @@
 from __future__ import unicode_literals

 from django.db import models, IntegrityError
+from django.contrib.auth.models import Group
 from django.utils.translation import ugettext_lazy as _

 from common.utils import signer, date_expired_default
@@ -13,8 +14,7 @@ from common.mixins import NoDeleteModelMixin
 __all__ = ['UserGroup']


-class UserGroup(NoDeleteModelMixin):
-    name = models.CharField(max_length=100, unique=True, verbose_name=_('Name'))
+class UserGroup(NoDeleteModelMixin, Group):
    comment = models.TextField(blank=True, verbose_name=_('Comment'))
    date_created = models.DateTimeField(auto_now_add=True)
    created_by = models.CharField(max_length=100)
@@ -34,7 +34,7 @@ class UserGroup(NoDeleteModelMixin):
        return True

    class Meta:
-        db_table = 'user_group'
+        ordering = ['name']

    @classmethod
    def initial(cls):

--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -15,7 +15,7 @@ from django.shortcuts import reverse
 from rest_framework.authtoken.models import Token

 from common.utils import signer, date_expired_default
-from . import UserGroup, AccessKey
+from . import UserGroup


 __all__ = ['User']
@@ -178,11 +178,12 @@ class User(AbstractUser):

    @classmethod
    def create_app_user(cls, name, comment):
-        domain_name = settings.DOMAIN_NAME or 'jumpserver.org'
+        from . import AccessKey
+        domain_name = settings.CONFIG.DOMAIN_NAME or 'jumpserver.org'
        app = cls.objects.create(username=name, name=name, email='%s@%s' % (name, domain_name),
                                 role='App', enable_otp=False, comment=comment, is_first_login=False,
                                 created_by='System')
-        AccessKey.object.create(user=app)
+        AccessKey.objects.create(user=app)
        return app

    @classmethod
@@ -207,7 +208,7 @@ class User(AbstractUser):
        return super(User, self).delete()

    class Meta:
-        db_table = 'user'
+        ordering = ['username']

    #: Use this method initial user
    @classmethod

--- a/apps/users/models/utils.py
+++ b/apps/users/models/utils.py
@@ -7,10 +7,11 @@ from . import User, UserGroup

 def initial_model():
    for cls in [User, UserGroup]:
-        cls.initial()
+        if getattr(cls, 'initial'):
+            cls.initial()


 def generate_fake():
    for cls in [User, UserGroup]:
-        cls.generate_fake()
-
+        if getattr(cls, 'generate_fake'):
+            cls.generate_fake()