Merge pull request #3332 from jumpserver/dev_char

[Update] 限制 组织和系统用户 名称中使用的特殊字符

apps/assets/const.py

+# -*- coding: utf-8 -*-
+#
+
+from django.utils.translation import ugettext_lazy as _
+
+
+GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT = _(
+    'Only Numbers、letters、 chinese and characters ( {} ) are allowed'
+).format(" ".join(['.', '_', '@', '-']))
+
+GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN = r"^[\._@\w-]+$"
+
+GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG = \
+    _("* The contains characters that are not allowed")

apps/assets/forms/asset.py

@@ -7,6 +7,7 @@ from common.utils import get_logger
 from orgs.mixins.forms import OrgModelForm
 
 from ..models import Asset, Node
+from ..const import GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT
 
 
 logger = get_logger(__file__)
@@ -14,10 +15,6 @@ __all__ = [
     'AssetCreateForm', 'AssetUpdateForm', 'AssetBulkUpdateForm', 'ProtocolForm',
 ]
 
-HELP_TEXTS_ASSET_HOSTNAME = _(
-    'Only Numbers、letters、 chinese and characters ( {} ) are allowed'
-).format(" ".join(['.', '_', '@']))
-
 
 class ProtocolForm(forms.Form):
     name = forms.ChoiceField(
@@ -72,7 +69,7 @@ class AssetCreateForm(OrgModelForm):
             'nodes': _("Node"),
         }
         help_texts = {
-            'hostname': HELP_TEXTS_ASSET_HOSTNAME,
+            'hostname': GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT,
             'admin_user': _(
                 'root or other NOPASSWD sudo privilege user existed in asset,'
                 'If asset is windows or other set any one, more see admin user left menu'
@@ -119,7 +116,7 @@ class AssetUpdateForm(OrgModelForm):
             'nodes': _("Node"),
         }
         help_texts = {
-            'hostname': HELP_TEXTS_ASSET_HOSTNAME,
+            'hostname': GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT,
             'admin_user': _(
                 'root or other NOPASSWD sudo privilege user existed in asset,'
                 'If asset is windows or other set any one, more see admin user left menu'

apps/assets/forms/user.py

@@ -6,6 +6,7 @@ from django.utils.translation import gettext_lazy as _
 from common.utils import validate_ssh_private_key, ssh_pubkey_gen, get_logger
 from orgs.mixins.forms import OrgModelForm
 from ..models import AdminUser, SystemUser
+from ..const import GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT
 
 logger = get_logger(__file__)
 __all__ = [
@@ -98,6 +99,7 @@ class SystemUserForm(OrgModelForm, PasswordAndKeyAuthForm):
             }),
         }
         help_texts = {
+            'name': GENERAL_LIMIT_SPECIAL_CHARACTERS_HELP_TEXT,
             'auto_push': _('Auto push system user to asset'),
             'priority': _('1-100, High level will be using login asset as default, '
                           'if user was granted more than 2 system user'),

apps/assets/serializers/asset.py

@@ -8,6 +8,10 @@ from django.utils.translation import ugettext_lazy as _
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from common.serializers import AdaptedBulkListSerializer
 from ..models import Asset, Node, Label
+from ..const import (
+    GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN,
+    GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+)
 from .base import ConnectivitySerializer
 
 __all__ = [
@@ -94,10 +98,10 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
 
     @staticmethod
     def validate_hostname(hostname):
-        pattern = r"^[\._@\w-]+$"
+        pattern = GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN
         res = re.match(pattern, hostname)
         if res is None:
-            msg = _("* The hostname contains characters that are not allowed")
+            msg = GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
             raise serializers.ValidationError(msg)
         return hostname
 

apps/assets/serializers/system_user.py

+import re
 from rest_framework import serializers
 
 from django.utils.translation import ugettext_lazy as _
@@ -6,6 +7,10 @@ from common.serializers import AdaptedBulkListSerializer
 from common.utils import ssh_pubkey_gen
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from ..models import SystemUser
+from ..const import (
+    GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN,
+    GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+)
 from .base import AuthSerializer, AuthSerializerMixin
 
 
@@ -33,6 +38,15 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer):
             'created_by': {'read_only': True},
         }
 
+    @staticmethod
+    def validate_name(name):
+        pattern = GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN
+        res = re.match(pattern, name)
+        if res is None:
+            msg = GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+            raise serializers.ValidationError(msg)
+        return name
+
     def validate_auto_push(self, value):
         login_mode = self.initial_data.get("login_mode")
         protocol = self.initial_data.get("protocol")

apps/orgs/serializers.py

 
+import re
 from rest_framework.serializers import ModelSerializer
 from rest_framework import serializers
-
 from users.models import User, UserGroup
 from assets.models import Asset, Domain, AdminUser, SystemUser, Label
+from assets.const import (
+    GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN,
+    GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+)
 from perms.models import AssetPermission
 from common.serializers import AdaptedBulkListSerializer
 from .utils import set_current_org, get_current_org
@@ -18,6 +22,15 @@ class OrgSerializer(ModelSerializer):
         fields = '__all__'
         read_only_fields = ['created_by', 'date_created']
 
+    @staticmethod
+    def validate_name(name):
+        pattern = GENERAL_LIMIT_SPECIAL_CHARACTERS_PATTERN
+        res = re.match(pattern, name)
+        if res is None:
+            msg = GENERAL_LIMIT_SPECIAL_CHARACTERS_ERROR_MSG
+            raise serializers.ValidationError(msg)
+        return name
+
 
 class OrgReadSerializer(ModelSerializer):
     admins = serializers.SlugRelatedField(slug_field='name', many=True, read_only=True)