Plan create a new app: terminal

apps/jumpserver/settings.py

@@ -54,7 +54,7 @@ INSTALLED_APPS = [
     'users.apps.UsersConfig',
     'assets.apps.AssetsConfig',
     'perms.apps.PermsConfig',
-    # 'terminal.apps.TerminalConfig',
+    'terminal.apps.TerminalConfig',
     'ops.apps.OpsConfig',
     'audits.apps.AuditsConfig',
     'common.apps.CommonConfig',

apps/terminal/admin.py

+from django.contrib import admin
+
+# Register your models here.

apps/terminal/apps.py

+from __future__ import unicode_literals
+
+from django.apps import AppConfig
+
+
+class TerminalConfig(AppConfig):
+    name = 'terminal'

apps/terminal/models.py

+from __future__ import unicode_literals
+
+from django.db import models
+
+# Create your models here.

apps/terminal/tests.py

+from django.test import TestCase
+
+# Create your tests here.

apps/terminal/views.py

+from django.shortcuts import render
+
+# Create your views here.

apps/users/api.py

@@ -21,11 +21,13 @@ logger = get_logger(__name__)
 class UserDetailApi(generics.RetrieveUpdateDestroyAPIView):
     queryset = User.objects.all()
     serializer_class = UserDetailSerializer
+    permission_classes = (IsSuperUser,)
 
 
 class UserAndGroupEditApi(generics.RetrieveUpdateAPIView):
     queryset = User.objects.all()
     serializer_class = UserAndGroupSerializer
+    permission_classes = (IsSuperUser,)
 
 
 class UserResetPasswordApi(generics.UpdateAPIView):
@@ -109,3 +111,23 @@ class DeleteUserFromGroupApi(generics.DestroyAPIView):
         user_id = kwargs.get('uid')
         user = get_object_or_404(User, id=user_id)
         instance.users.remove(user)
+
+
+class AppUserRegisterApi(generics.CreateAPIView):
+    """App send a post request to register a app user
+
+    request params contains `username_signed`, You can unsign it,
+    username = unsign(username_signed), if you get the username,
+    It's present it's a valid request, or return (401, Invalid request),
+    then your should check if the user exist or not. If exist,
+    return (200, register success), If not, you should be save it, and
+    notice admin user, The user default is not active before admin user
+    unblock it.
+
+    Save fields:
+        username:
+        name: name + request.ip
+        email: username + '@app.org'
+        role: App
+    """
+    pass

apps/users/models.py

@@ -69,7 +69,6 @@ class User(AbstractUser):
     ROLE_CHOICES = (
         ('Admin', _('Administrator')),
         ('User', _('User')),
-        ('App', _('Application')),
     )
 
     username = models.CharField(max_length=20, unique=True, verbose_name=_('Username'))
@@ -149,15 +148,6 @@ class User(AbstractUser):
         else:
             self.role = 'User'
 
-    is_admin = is_superuser
-
-    @property
-    def is_app_user(self):
-        if self.role == 'App':
-            return True
-        else:
-            return False
-
     @property
     def is_staff(self):
         if self.is_authenticated and self.is_valid:
@@ -188,7 +178,6 @@ class User(AbstractUser):
             token = Token.objects.get(user=self)
         except Token.DoesNotExist:
             token = Token.objects.create(user=self)
-
         return token.key
 
     def refresh_private_token(self):

apps/users/serializers.py

@@ -5,23 +5,23 @@ from django.utils.translation import ugettext_lazy as _
 from rest_framework import serializers
 from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
 
+from common.utils import unsign
 from .models import User, UserGroup
 
 
 class UserDetailSerializer(serializers.ModelSerializer):
-
     class Meta:
         model = User
         fields = ['avatar', 'wechat', 'phone', 'enable_otp', 'comment', 'is_active', 'name']
 
 
 class UserPKUpdateSerializer(serializers.ModelSerializer):
-
     class Meta:
         model = User
         fields = ['id', '_public_key']
 
-    def validate__public_key(self, value):
+    @staticmethod
+    def validate__public_key(value):
         from sshpubkeys import SSHKey
         from sshpubkeys.exceptions import InvalidKeyException
         ssh = SSHKey(value)
@@ -45,7 +45,6 @@ class UserAndGroupSerializer(serializers.ModelSerializer):
 
 
 class GroupDetailSerializer(serializers.ModelSerializer):
-
     class Meta:
         model = UserGroup
         fields = ['id', 'name', 'comment', 'date_created', 'created_by', 'users']
@@ -63,16 +62,17 @@ class UserBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer)
                   'enable_otp', 'comment', 'groups', 'get_role_display',
                   'group_display', 'active_display']
 
-    def get_group_display(self, obj):
+    @staticmethod
+    def get_group_display(obj):
         return " ".join([group.name for group in obj.groups.all()])
 
-    def get_active_display(self, obj):
-        # TODO: user ative state
+    @staticmethod
+    def get_active_display(obj):
+        # TODO: user active state
         return not (obj.is_expired and obj.is_active)
 
 
 class GroupBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer):
-
     user_amount = serializers.SerializerMethodField()
 
     class Meta:
@@ -80,5 +80,18 @@ class GroupBulkUpdateSerializer(BulkSerializerMixin, serializers.ModelSerializer
         list_serializer_class = BulkListSerializer
         fields = ['id', 'name', 'comment', 'user_amount']
 
-    def get_user_amount(self, obj):
+    @staticmethod
+    def get_user_amount(obj):
         return obj.users.count()
+
+
+class AppUserRegisterSerializer(serializers.Serializer):
+    username = serializers.CharField(max_length=20)
+
+    def create(self, validated_data):
+        sign = validated_data('username', '')
+        username = unsign(sign)
+        pass
+
+    def update(self, instance, validated_data):
+        pass