first commit

app/models/audit_log.py

@@ -0,0 +1,43 @@
+from sqlalchemy import Column, Integer, String, DateTime, ForeignKey, Text, Enum
+from sqlalchemy.sql import func
+from app.database import Base
+import enum
+
+class AuditAction(str, enum.Enum):
+    LOGIN = "login"
+    LOGOUT = "logout"
+    VM_CONNECT = "vm_connect"
+    VM_DISCONNECT = "vm_disconnect"
+    VM_START = "vm_start"
+    VM_STOP = "vm_stop"
+    VM_REBOOT = "vm_reboot"
+    TUNNEL_CREATE = "tunnel_create"
+    TUNNEL_CLOSE = "tunnel_close"
+    USER_CREATE = "user_create"
+    USER_UPDATE = "user_update"
+    USER_DELETE = "user_delete"
+    ACCESS_DENIED = "access_denied"
+
+class AuditLog(Base):
+    """감사 로그 - 모든 중요 작업 기록"""
+    __tablename__ = "audit_logs"
+    
+    id = Column(Integer, primary_key=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"))
+    username = Column(String(50))  # 비정규화 (삭제된 사용자 추적)
+    
+    action = Column(Enum(AuditAction), nullable=False, index=True)
+    resource_type = Column(String(50))  # "vm", "user", "tunnel"
+    resource_id = Column(String(100))  # VM ID, User ID 등
+    
+    ip_address = Column(String(50))
+    user_agent = Column(String(255))
+    
+    details = Column(Text)  # JSON 형태로 추가 정보 저장
+    success = Column(Integer, default=True)
+    error_message = Column(Text)
+    
+    created_at = Column(DateTime(timezone=True), server_default=func.now(), index=True)
+    
+    def __repr__(self):
+        return f"<AuditLog(user='{self.username}', action='{self.action}', created_at='{self.created_at}')>"

app/models/user.py

@@ -0,0 +1,28 @@
+from sqlalchemy import Column, Integer, String, Boolean, DateTime, Enum
+from sqlalchemy.sql import func
+from sqlalchemy.orm import relationship
+from app.database import Base
+import enum
+
+class UserRole(str, enum.Enum):
+    ADMIN = "admin"
+    USER = "user"
+
+class User(Base):
+    __tablename__ = "users"
+    
+    id = Column(Integer, primary_key=True, index=True)
+    username = Column(String(50), unique=True, index=True, nullable=False)
+    email = Column(String(100), unique=True, index=True, nullable=False)
+    hashed_password = Column(String(255), nullable=False)
+    full_name = Column(String(100))
+    role = Column(Enum(UserRole), default=UserRole.USER, nullable=False)
+    is_active = Column(Boolean, default=True, nullable=False)
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+    updated_at = Column(DateTime(timezone=True), onupdate=func.now())
+    last_login = Column(DateTime(timezone=True))
+
+    vm_accesses = relationship("VMAccess", back_populates="user")
+    
+    def __repr__(self):
+        return f"<User(id={self.id}, username='{self.username}', role='{self.role}')>"

app/models/vm.py

@@ -0,0 +1,62 @@
+from sqlalchemy import Column, Integer, String, Boolean, DateTime, ForeignKey
+from sqlalchemy.sql import func
+from sqlalchemy.orm import relationship
+from app.database import Base
+
+class VMAccess(Base):
+    """사용자별 VM 접근 권한"""
+    __tablename__ = "vm_access"
+    
+    id = Column(Integer, primary_key=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"), nullable=False)
+    vm_id = Column(Integer, nullable=False)  # Proxmox VM ID
+    node = Column(String(50), nullable=False)  # Proxmox 노드명
+    vm_name = Column(String(100))
+    
+    # RDP 접속 정보
+    rdp_username = Column(String(50))
+    rdp_password = Column(String(255))  # 암호화 저장
+    rdp_port = Column(Integer, default=3389)
+    
+    # 권한
+    can_start = Column(Boolean, default=True)
+    can_stop = Column(Boolean, default=True)
+    can_reboot = Column(Boolean, default=True)
+    can_connect = Column(Boolean, default=True)
+    
+    is_active = Column(Boolean, default=True)
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+    updated_at = Column(DateTime(timezone=True), onupdate=func.now())
+    
+    # Guest Agent 없을 때 사용할 고정 IP
+    static_ip = Column(String(50), nullable=True)
+    
+    # 관계
+    user = relationship("User", back_populates="vm_accesses")
+    
+    def __repr__(self):
+        return f"<VMAccess(user_id={self.user_id}, vm_id={self.vm_id}, node='{self.node}')>"
+
+
+class SSHTunnel(Base):
+    """활성 SSH 터널 세션"""
+    __tablename__ = "ssh_tunnels"
+    
+    id = Column(Integer, primary_key=True, index=True)
+    user_id = Column(Integer, ForeignKey("users.id"), nullable=False)
+    vm_id = Column(Integer, nullable=False)
+    
+    # 터널 정보
+    local_port = Column(Integer, nullable=False)  # 클라이언트가 사용할 포트
+    remote_host = Column(String(50), nullable=False)  # VM IP
+    remote_port = Column(Integer, nullable=False)  # VM RDP 포트
+    
+    # 세션 정보
+    session_id = Column(String(100), unique=True, index=True)
+    is_active = Column(Boolean, default=True)
+    
+    created_at = Column(DateTime(timezone=True), server_default=func.now())
+    closed_at = Column(DateTime(timezone=True))
+    
+    def __repr__(self):
+        return f"<SSHTunnel(session_id='{self.session_id}', local_port={self.local_port})>"