예제 #1
0
    def get_secret_detail(self, request, *args, **kwargs):
        token = request.data.get('token', '')
        try:
            value, user, system_user, asset, app, expired_at, actions = self.valid_token(token)
        except serializers.ValidationError as e:
            post_auth_failed.send(
                sender=self.__class__, username='', request=self.request,
                reason=_('Invalid token')
            )
            raise e

        data = dict(
            id=token, secret=value.get('secret', ''),
            user=user, system_user=system_user,
            expired_at=expired_at, actions=actions
        )
        if asset:
            asset_detail = self._get_asset_secret_detail(asset)
            system_user.load_asset_more_auth(asset.id, user.username, user.id)
            data['type'] = 'asset'
            data.update(asset_detail)
        else:
            app_detail = self._get_application_secret_detail(app)
            system_user.load_app_more_auth(app.id, user.username, user.id)
            data['type'] = 'application'
            data.update(app_detail)

        serializer = self.get_serializer(data)
        return Response(data=serializer.data, status=200)
예제 #2
0
    def get_secret_detail(self, request, *args, **kwargs):
        token = request.data.get('token', '')
        try:
            value, user, system_user, asset, app, expired_at = self.valid_token(
                token)
        except serializers.ValidationError as e:
            post_auth_failed.send(sender=self.__class__,
                                  username='',
                                  request=self.request,
                                  reason=_('Invalid token'))
            raise e

        data = dict(user=user, system_user=system_user, expired_at=expired_at)
        if asset:
            asset_detail = self._get_asset_secret_detail(
                asset, user=user, system_user=system_user)
            system_user.load_asset_more_auth(asset.id, user.username, user.id)
            data['type'] = 'asset'
            data.update(asset_detail)
        else:
            app_detail = self._get_application_secret_detail(app)
            system_user.load_app_more_auth(app.id, user.id)
            data['type'] = 'application'
            data.update(app_detail)

        self.request.session['auth_backend'] = settings.AUTH_BACKEND_AUTH_TOKEN
        post_auth_success.send(sender=self.__class__,
                               user=user,
                               request=self.request,
                               login_type='T')

        serializer = self.get_serializer(data)
        return Response(data=serializer.data, status=200)
예제 #3
0
    def get_secret_detail(self, request, *args, **kwargs):
        perm_required = 'authentication.view_connectiontokensecret'

        # 非常重要的 api,再逻辑层再判断一下,双重保险
        if not request.user.has_perm(perm_required):
            raise PermissionDenied('Not allow to view secret')

        token = request.data.get('token', '')
        try:
            value, user, system_user, asset, app, expired_at, actions = self.valid_token(
                token)
        except serializers.ValidationError as e:
            post_auth_failed.send(sender=self.__class__,
                                  username='',
                                  request=self.request,
                                  reason=_('Invalid token'))
            raise e

        data = dict(id=token,
                    secret=value.get('secret', ''),
                    user=user,
                    system_user=system_user,
                    expired_at=expired_at,
                    actions=actions)
        cmd_filter_kwargs = {
            'system_user_id': system_user.id,
            'user_id': user.id,
        }
        if asset:
            asset_detail = self._get_asset_secret_detail(asset)
            system_user.load_asset_more_auth(asset.id, user.username, user.id)
            data['type'] = 'asset'
            data.update(asset_detail)
            cmd_filter_kwargs['asset_id'] = asset.id
        else:
            app_detail = self._get_application_secret_detail(app)
            system_user.load_app_more_auth(app.id, user.username, user.id)
            data['type'] = 'application'
            data.update(app_detail)
            cmd_filter_kwargs['application_id'] = app.id

        from assets.models import CommandFilterRule
        cmd_filter_rules = CommandFilterRule.get_queryset(**cmd_filter_kwargs)
        data['cmd_filter_rules'] = cmd_filter_rules

        serializer = self.get_serializer(data)
        return Response(data=serializer.data, status=200)