Created /api/v1/keys, access-requests, telemetry, agent. Documented endpoints at /api/v1/docs

app/apps/access/admin.py

@@ -0,0 +1,19 @@
+from django.contrib import admin
+
+from .models import AccessRequest
+
+
+@admin.register(AccessRequest)
+class AccessRequestAdmin(admin.ModelAdmin):
+    list_display = (
+        "id",
+        "requester",
+        "server",
+        "status",
+        "requested_at",
+        "expires_at",
+        "decided_by",
+    )
+    list_filter = ("status", "server")
+    search_fields = ("requester__username", "requester__email", "server__display_name")
+    ordering = ("-requested_at",)

app/apps/access/apps.py

@@ -0,0 +1,7 @@
+from django.apps import AppConfig
+
+
+class AccessConfig(AppConfig):
+    default_auto_field = "django.db.models.BigAutoField"
+    name = "apps.access"
+    verbose_name = "Access Requests"

app/apps/access/migrations/0001_initial.py

@@ -0,0 +1,78 @@
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+import django.utils.timezone
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ("servers", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="AccessRequest",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name="ID")),
+                (
+                    "status",
+                    models.CharField(
+                        choices=[
+                            ("pending", "Pending"),
+                            ("approved", "Approved"),
+                            ("denied", "Denied"),
+                            ("revoked", "Revoked"),
+                            ("cancelled", "Cancelled"),
+                            ("expired", "Expired"),
+                        ],
+                        db_index=True,
+                        default="pending",
+                        max_length=16,
+                    ),
+                ),
+                ("reason", models.TextField(blank=True)),
+                ("requested_at", models.DateTimeField(default=django.utils.timezone.now, editable=False)),
+                ("decided_at", models.DateTimeField(blank=True, null=True)),
+                ("expires_at", models.DateTimeField(blank=True, null=True)),
+                (
+                    "decided_by",
+                    models.ForeignKey(
+                        blank=True,
+                        null=True,
+                        on_delete=django.db.models.deletion.SET_NULL,
+                        related_name="access_decisions",
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+                (
+                    "requester",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="access_requests",
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+                (
+                    "server",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="access_requests",
+                        to="servers.server",
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "Access request",
+                "verbose_name_plural": "Access requests",
+                "ordering": ["-requested_at"],
+                "indexes": [
+                    models.Index(fields=["status", "requested_at"], name="acc_req_status_req_idx"),
+                    models.Index(fields=["server", "status"], name="acc_req_server_status_idx"),
+                ],
+            },
+        ),
+    ]

app/apps/access/models.py

@@ -0,0 +1,57 @@
+from __future__ import annotations
+
+from django.conf import settings
+from django.db import models
+from django.utils import timezone
+
+from apps.servers.models import Server
+
+
+class AccessRequest(models.Model):
+    class Status(models.TextChoices):
+        PENDING = "pending", "Pending"
+        APPROVED = "approved", "Approved"
+        DENIED = "denied", "Denied"
+        REVOKED = "revoked", "Revoked"
+        CANCELLED = "cancelled", "Cancelled"
+        EXPIRED = "expired", "Expired"
+
+    requester = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        on_delete=models.CASCADE,
+        related_name="access_requests",
+    )
+    server = models.ForeignKey(
+        Server, on_delete=models.CASCADE, related_name="access_requests"
+    )
+    status = models.CharField(
+        max_length=16, choices=Status.choices, default=Status.PENDING, db_index=True
+    )
+    reason = models.TextField(blank=True)
+    requested_at = models.DateTimeField(default=timezone.now, editable=False)
+    decided_at = models.DateTimeField(null=True, blank=True)
+    expires_at = models.DateTimeField(null=True, blank=True)
+    decided_by = models.ForeignKey(
+        settings.AUTH_USER_MODEL,
+        null=True,
+        blank=True,
+        on_delete=models.SET_NULL,
+        related_name="access_decisions",
+    )
+
+    class Meta:
+        verbose_name = "Access request"
+        verbose_name_plural = "Access requests"
+        indexes = [
+            models.Index(fields=["status", "requested_at"], name="acc_req_status_req_idx"),
+            models.Index(fields=["server", "status"], name="acc_req_server_status_idx"),
+        ]
+        ordering = ["-requested_at"]
+
+    def is_expired(self) -> bool:
+        if not self.expires_at:
+            return False
+        return self.expires_at <= timezone.now()
+
+    def __str__(self) -> str:
+        return f"{self.requester_id} -> {self.server_id} ({self.status})"