jumpserver/apps/audits/api.py

# -*- coding: utf-8 -*-
#
from rest_framework.mixins import ListModelMixin
from django.db.models import F, Value
from django.db.models.functions import Concat

from common.permissions import IsOrgAdminOrAppUser, IsOrgAuditor, IsOrgAdmin
from common.drf.filters import DatetimeRangeFilter, current_user_filter
from common.api import CommonGenericViewSet
from orgs.mixins.api import OrgGenericViewSet, OrgBulkModelViewSet, OrgRelationMixin
from orgs.utils import current_org
from ops.models import CommandExecution
from .models import FTPLog, UserLoginLog, OperateLog, PasswordChangeLog
from .serializers import FTPLogSerializer, UserLoginLogSerializer, CommandExecutionSerializer
from .serializers import OperateLogSerializer, PasswordChangeLogSerializer, CommandExecutionHostsRelationSerializer
from .filters import CurrentOrgMembersFilter


class FTPLogViewSet(ListModelMixin, OrgGenericViewSet):
    model = FTPLog
    serializer_class = FTPLogSerializer
    permission_classes = (IsOrgAdminOrAppUser | IsOrgAuditor,)
    extra_filter_backends = [DatetimeRangeFilter]
    date_range_filter_fields = [
        ('date_start', ('date_from', 'date_to'))
    ]
    filter_fields = ['user', 'asset', 'system_user', 'filename']
    search_fields = filter_fields


class UserLoginLogViewSet(ListModelMixin, CommonGenericViewSet):
    queryset = UserLoginLog.objects.all()
    permission_classes = [IsOrgAdmin | IsOrgAuditor]
    serializer_class = UserLoginLogSerializer
    extra_filter_backends = [DatetimeRangeFilter]
    date_range_filter_fields = [
        ('datetime', ('date_from', 'date_to'))
    ]
    filter_fields = ['username', 'ip', 'city', 'type', 'status', 'mfa']
    search_fields =['username', 'ip', 'city']

    @staticmethod
    def get_org_members():
        users = current_org.get_org_members().values_list('username', flat=True)
        return users

    def get_queryset(self):
        queryset = super().get_queryset()
        if not current_org.is_default():
            users = self.get_org_members()
            queryset = queryset.filter(username__in=users)
        return queryset


class OperateLogViewSet(ListModelMixin, OrgGenericViewSet):
    model = OperateLog
    serializer_class = OperateLogSerializer
    permission_classes = [IsOrgAdmin | IsOrgAuditor]
    extra_filter_backends = [DatetimeRangeFilter]
    date_range_filter_fields = [
        ('datetime', ('date_from', 'date_to'))
    ]
    filter_fields = ['user', 'action', 'resource_type', 'resource', 'remote_addr']
    search_fields = ['resource']
    ordering = ['-datetime']


class PasswordChangeLogViewSet(ListModelMixin, CommonGenericViewSet):
    queryset = PasswordChangeLog.objects.all()
    permission_classes = [IsOrgAdmin | IsOrgAuditor]
    serializer_class = PasswordChangeLogSerializer
    extra_filter_backends = [DatetimeRangeFilter]
    date_range_filter_fields = [
        ('datetime', ('date_from', 'date_to'))
    ]
    filter_fields = ['user', 'change_by', 'remote_addr']
    ordering = ['-datetime']

    def get_queryset(self):
        users = current_org.get_org_members()
        queryset = super().get_queryset().filter(
            user__in=[user.__str__() for user in users]
        )
        return queryset


class CommandExecutionViewSet(ListModelMixin, OrgGenericViewSet):
    model = CommandExecution
    serializer_class = CommandExecutionSerializer
    permission_classes = [IsOrgAdmin | IsOrgAuditor]
    extra_filter_backends = [DatetimeRangeFilter, CurrentOrgMembersFilter]
    date_range_filter_fields = [
        ('date_start', ('date_from', 'date_to'))
    ]
    filter_fields = ['user__name', 'command', 'run_as__name', 'is_finished']
    search_fields = ['command', 'user__name', 'run_as__name']
    ordering = ['-date_created']


class CommandExecutionHostRelationViewSet(OrgRelationMixin, OrgBulkModelViewSet):
    serializer_class = CommandExecutionHostsRelationSerializer
    m2m_field = CommandExecution.hosts.field
    permission_classes = (IsOrgAdmin,)
    filter_fields = [
        'id', 'asset', 'commandexecution'
    ]
    search_fields = ('asset__hostname', )
    http_method_names = ['options', 'get']

    def get_queryset(self):
        queryset = super().get_queryset()
        queryset = queryset.annotate(
            asset_display=Concat(
                F('asset__hostname'), Value('('),
                F('asset__ip'), Value(')')
            )
        )
        return queryset
[Update] 添加审计模块 7 years ago			`# -- coding: utf-8 --`
			`#`
[feature] 添加 login-logs API 5 years ago			`from rest_framework.mixins import ListModelMixin`
feat: 添加批量命令的relation 5 years ago			`from django.db.models import F, Value`
			`from django.db.models.functions import Concat`
[Update] 添加审计模块 7 years ago
[feature] 添加 login-logs API 5 years ago			`from common.permissions import IsOrgAdminOrAppUser, IsOrgAuditor, IsOrgAdmin`
[Add] audits apis 5 years ago			`from common.drf.filters import DatetimeRangeFilter, current_user_filter`
			`from common.api import CommonGenericViewSet`
feat: 添加批量命令的relation 5 years ago			`from orgs.mixins.api import OrgGenericViewSet, OrgBulkModelViewSet, OrgRelationMixin`
[feature] 添加 login-logs API 5 years ago			`from orgs.utils import current_org`
[Add] audits apis 5 years ago			`from ops.models import CommandExecution`
			`from .models import FTPLog, UserLoginLog, OperateLog, PasswordChangeLog`
			`from .serializers import FTPLogSerializer, UserLoginLogSerializer, CommandExecutionSerializer`
feat: 添加批量命令的relation 5 years ago			`from .serializers import OperateLogSerializer, PasswordChangeLogSerializer, CommandExecutionHostsRelationSerializer`
[Add] audits apis 5 years ago			`from .filters import CurrentOrgMembersFilter`
[Update] 添加审计模块 7 years ago

[Add] ftp-logs api 5 years ago			`class FTPLogViewSet(ListModelMixin, OrgGenericViewSet):`
Asset favor (#3352) * [Update] 拆分filter org * [Update] 修改session支持protocol搜索 * [Bugfix] 修复判断问题 * [Update] 支持收藏资产 * [update] 修改org resource queryset * [Update] 修改form serializer 对应的多对多字段 * [Bugfix] 修复其他组织取消收藏的bug * [Update] 去掉debug信息 * [Update] 修改remote app get queryset * [Update] 修改remote app get queryset * [Update] 修改没有授权时显示情况 * [Bugfix] 修复组织管理员查看用户权限失败问题 * [Update] 优化forms assets queryset设置 5 years ago			`model = FTPLog`
[Update] 添加审计模块 7 years ago			`serializer_class = FTPLogSerializer`
超级管理员可创建超级审计员并可设置审计员为组织审计员 (#3141) * [Update] 超级管理员可创建超级审计员并可设置审计员为组织审计员 * [Update] 修改小问题 * [Update] 修改普通用户角色可以是组织审计员 * [Update] 更改组织审计员切换组织问题 * [Update] 修改小问题 * [Update] 普通用户是组织审计员的页面左侧栏显示 * [Update] 修改删除权限问题和组织显示问题 * [Update] 优化逻辑 * [Update] 优化类名 * [Update] 修改小问题 * [Update] 优化逻辑 * [Update] 优化切换到某一个组织逻辑 * [Update] 修改用户详情页的删除/更新按钮是否可点击 * [Update] 优化代码 * [Update] 组织管理列表增加审计员显示 * [Update] 优化代码细节 * [Update] 优化权限类逻辑 * [Update] 优化导航菜单控制 * [Update] 优化页面控制逻辑 * [Update] 修改变量名错误问题 * [Update] 修改页面上的小问题 * [Update] 审计员或组织审计员能够更新个人部分信息 * [Update] 用户名为admin的用户不能被删除 * [Update] 不同用户在不同组织下扮演不同角色的权限不同，为了避免切换组织时出现403,重定向到index * [Update] 一个用户在同一个组织既是管理员又是审计员，隐藏个人信息模块，仅当是审计员，在当前组织显示个人信息模块 * [Update] 修改方法命名 * [Update] 优化代码细节 * [Update] 修改命令执行列表方法 * [Update] 优化用户之间操作的权限逻辑；添加 UserModel 的 property 属性；修改 Organization 的 related name 名称； * [Update] 修改OrgProcessor Anonymous问题 * [Update] 修改用户序列类校验组织和转换raw密码的逻辑 5 years ago			`permission_classes = (IsOrgAdminOrAppUser \| IsOrgAuditor,)`
[Add] ftp-logs api 5 years ago			`extra_filter_backends = [DatetimeRangeFilter]`
			`date_range_filter_fields = [`
			`('date_start', ('date_from', 'date_to'))`
			`]`
feat: 修改filterset_fields => filter_fields，option方法不支持filterset 5 years ago			`filter_fields = ['user', 'asset', 'system_user', 'filename']`
			`search_fields = filter_fields`
[feature] 添加 login-logs API 5 years ago

feat: 修改filterset_fields => filter_fields，option方法不支持filterset 5 years ago			`class UserLoginLogViewSet(ListModelMixin, CommonGenericViewSet):`
[feature] 添加 login-logs API 5 years ago			`queryset = UserLoginLog.objects.all()`
			`permission_classes = [IsOrgAdmin \| IsOrgAuditor]`
			`serializer_class = UserLoginLogSerializer`
			`extra_filter_backends = [DatetimeRangeFilter]`
			`date_range_filter_fields = [`
			`('datetime', ('date_from', 'date_to'))`
			`]`
feat: audits中添加id字段 5 years ago			`filter_fields = ['username', 'ip', 'city', 'type', 'status', 'mfa']`
			`search_fields =['username', 'ip', 'city']`
[feature] 添加 login-logs API 5 years ago
			`@staticmethod`
			`def get_org_members():`
			`users = current_org.get_org_members().values_list('username', flat=True)`
			`return users`

			`def get_queryset(self):`
			`queryset = super().get_queryset()`
			`if not current_org.is_default():`
			`users = self.get_org_members()`
			`queryset = queryset.filter(username__in=users)`
			`return queryset`
[Add] audits apis 5 years ago

			`class OperateLogViewSet(ListModelMixin, OrgGenericViewSet):`
			`model = OperateLog`
			`serializer_class = OperateLogSerializer`
			`permission_classes = [IsOrgAdmin \| IsOrgAuditor]`
			`extra_filter_backends = [DatetimeRangeFilter]`
			`date_range_filter_fields = [`
			`('datetime', ('date_from', 'date_to'))`
			`]`
feat: 修改filterset_fields => filter_fields，option方法不支持filterset 5 years ago			`filter_fields = ['user', 'action', 'resource_type', 'resource', 'remote_addr']`
feat: audits中添加id字段 5 years ago			`search_fields = ['resource']`
[Fix] 日志审计日期过滤与排序bug (#4063) 5 years ago			`ordering = ['-datetime']`
[Add] audits apis 5 years ago

			`class PasswordChangeLogViewSet(ListModelMixin, CommonGenericViewSet):`
			`queryset = PasswordChangeLog.objects.all()`
			`permission_classes = [IsOrgAdmin \| IsOrgAuditor]`
			`serializer_class = PasswordChangeLogSerializer`
			`extra_filter_backends = [DatetimeRangeFilter]`
			`date_range_filter_fields = [`
			`('datetime', ('date_from', 'date_to'))`
			`]`
feat: 修改filterset_fields => filter_fields，option方法不支持filterset 5 years ago			`filter_fields = ['user', 'change_by', 'remote_addr']`
[Fix] 日志审计日期过滤与排序bug (#4063) 5 years ago			`ordering = ['-datetime']`
[Add] audits apis 5 years ago
			`def get_queryset(self):`
			`users = current_org.get_org_members()`
			`queryset = super().get_queryset().filter(`
			`user__in=[user.__str__() for user in users]`
			`)`
			`return queryset`


			`class CommandExecutionViewSet(ListModelMixin, OrgGenericViewSet):`
			`model = CommandExecution`
			`serializer_class = CommandExecutionSerializer`
			`permission_classes = [IsOrgAdmin \| IsOrgAuditor]`
feat: 添加批量命令的relation 5 years ago			`extra_filter_backends = [DatetimeRangeFilter, CurrentOrgMembersFilter]`
[Add] audits apis 5 years ago			`date_range_filter_fields = [`
			`('date_start', ('date_from', 'date_to'))`
			`]`
feat: command exexution audit log的搜索 5 years ago			`filter_fields = ['user__name', 'command', 'run_as__name', 'is_finished']`
			`search_fields = ['command', 'user__name', 'run_as__name']`
[Fix] 日志审计日期过滤与排序bug (#4063) 5 years ago			`ordering = ['-date_created']`
feat: 添加批量命令的relation 5 years ago

			`class CommandExecutionHostRelationViewSet(OrgRelationMixin, OrgBulkModelViewSet):`
			`serializer_class = CommandExecutionHostsRelationSerializer`
			`m2m_field = CommandExecution.hosts.field`
			`permission_classes = (IsOrgAdmin,)`
			`filter_fields = [`
			`'id', 'asset', 'commandexecution'`
			`]`
			`search_fields = ('asset__hostname', )`
			`http_method_names = ['options', 'get']`

			`def get_queryset(self):`
			`queryset = super().get_queryset()`
			`queryset = queryset.annotate(`
			`asset_display=Concat(`
			`F('asset__hostname'), Value('('),`
			`F('asset__ip'), Value(')')`
			`)`
			`)`
			`return queryset`