[Update] 修改主机名/系统用户名称/组织名称的特殊字符限制（修改为特殊字符黑名单）[/ \]

a57df0e0 · BaiJiangJie · 36d98a23 · a57df0e0 · a57df0e0 · a57df0e0
Commit a57df0e0 authored Oct 25, 2019 by BaiJiangJie
8 changed files
--- a/apps/assets/const.py
+++ b/apps/assets/const.py
@@ -4,11 +4,11 @@
 from django.utils.translation import ugettext_lazy as _


-GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT = _(
-    'Only Numbers、letters、 chinese and characters ( {} ) are allowed'
-).format(" ".join(['.', '_', '@', '-']))
+GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_HELP_TEXT = _(
+    'Cannot contain special characters: [ {} ]'
+).format(" ".join(['/', '\\']))

-GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN = r"^[\._@\w-]+$"
+GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN = r"[/\\]"

-GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG = \
+GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG = \
    _("* The contains characters that are not allowed")
--- a/apps/assets/forms/asset.py
+++ b/apps/assets/forms/asset.py
@@ -7,7 +7,7 @@ from common.utils import get_logger
 from orgs.mixins.forms import OrgModelForm

 from ..models import Asset, Node
-from ..const import GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT
+from ..const import GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_HELP_TEXT


 logger = get_logger(__file__)
@@ -69,7 +69,7 @@ class AssetCreateForm(OrgModelForm):
            'nodes': _("Node"),
        }
        help_texts = {
-            'hostname': GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT,
+            'hostname': GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_HELP_TEXT,
            'admin_user': _(
                'root or other NOPASSWD sudo privilege user existed in asset,'
                'If asset is windows or other set any one, more see admin user left menu'
@@ -116,7 +116,7 @@ class AssetUpdateForm(OrgModelForm):
            'nodes': _("Node"),
        }
        help_texts = {
-            'hostname': GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT,
+            'hostname': GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_HELP_TEXT,
            'admin_user': _(
                'root or other NOPASSWD sudo privilege user existed in asset,'
                'If asset is windows or other set any one, more see admin user left menu'

--- a/apps/assets/forms/user.py
+++ b/apps/assets/forms/user.py
@@ -6,7 +6,7 @@ from django.utils.translation import gettext_lazy as _
 from common.utils import validate_ssh_private_key, ssh_pubkey_gen, get_logger
 from orgs.mixins.forms import OrgModelForm
 from ..models import AdminUser, SystemUser
-from ..const import GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT
+from ..const import GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_HELP_TEXT

 logger = get_logger(__file__)
 __all__ = [
@@ -99,7 +99,7 @@ class SystemUserForm(OrgModelForm, PasswordAndKeyAuthForm):
            }),
        }
        help_texts = {
-            'name': GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT,
+            'name': GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_HELP_TEXT,
            'auto_push': _('Auto push system user to asset'),
            'priority': _('1-100, High level will be using login asset as default, '
                          'if user was granted more than 2 system user'),

--- a/apps/assets/serializers/asset.py
+++ b/apps/assets/serializers/asset.py
@@ -9,8 +9,8 @@ from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from common.serializers import AdaptedBulkListSerializer
 from ..models import Asset, Node, Label
 from ..const import (
-    GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN,
-    GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+    GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN,
+    GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG
 )
 from .base import ConnectivitySerializer

@@ -98,10 +98,10 @@ class AssetSerializer(BulkOrgResourceModelSerializer):

    @staticmethod
    def validate_hostname(hostname):
-        pattern = GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN
-        res = re.match(pattern, hostname)
-        if res is None:
-            msg = GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+        pattern = GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN
+        res = re.search(pattern, hostname)
+        if res is not None:
+            msg = GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG
            raise serializers.ValidationError(msg)
        return hostname


--- a/apps/assets/serializers/system_user.py
+++ b/apps/assets/serializers/system_user.py
@@ -8,8 +8,8 @@ from common.utils import ssh_pubkey_gen
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from ..models import SystemUser
 from ..const import (
-    GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN,
-    GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+    GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN,
+    GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG
 )
 from .base import AuthSerializer, AuthSerializerMixin

@@ -41,10 +41,10 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):

    @staticmethod
    def validate_name(name):
-        pattern = GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN
-        res = re.match(pattern, name)
-        if res is None:
-            msg = GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+        pattern = GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN
+        res = re.search(pattern, name)
+        if res is not None:
+            msg = GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG
            raise serializers.ValidationError(msg)
        return name


--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: Jumpserver 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2019-10-24 18:31+0800\n"
+"POT-Creation-Date: 2019-10-25 10:52+0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: Jumpserver team<ibuler@qq.com>\n"
@@ -583,8 +583,8 @@ msgid "Test if the assets under the node are connectable: {}"
 msgstr "测试节点下资产是否可连接: {}"

 #: assets/const.py:8
-msgid "Only Numbers、letters、 chinese and characters ( {} ) are allowed"
-msgstr "只允许包含数字、字母、中文和特殊字符（ {} ）"
+msgid "Cannot contain special characters: [ {} ]"
+msgstr "不能包含特殊字符：[ {} ]"

 #: assets/const.py:14
 msgid "* The contains characters that are not allowed"

--- a/apps/orgs/serializers.py
+++ b/apps/orgs/serializers.py
@@ -5,8 +5,8 @@ from rest_framework import serializers
 from users.models import User, UserGroup
 from assets.models import Asset, Domain, AdminUser, SystemUser, Label
 from assets.const import (
-    GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN,
-    GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+    GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN,
+    GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG
 )
 from perms.models import AssetPermission
 from common.serializers import AdaptedBulkListSerializer
@@ -24,10 +24,10 @@ class OrgSerializer(ModelSerializer):

    @staticmethod
    def validate_name(name):
-        pattern = GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN
-        res = re.match(pattern, name)
-        if res is None:
-            msg = GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+        pattern = GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_PATTERN
+        res = re.search(pattern, name)
+        if res is not None:
+            msg = GENERAL_FORBIDDEN_SPECIAL_CHARACTERS_ERROR_MSG
            raise serializers.ValidationError(msg)
        return name