diff --git a/apps/assets/api/asset.py b/apps/assets/api/asset.py
index 79e5a451d..ef4003c39 100644
--- a/apps/assets/api/asset.py
+++ b/apps/assets/api/asset.py
@@ -206,7 +206,7 @@ class AssetGatewayListApi(generics.ListAPIView):
class BaseAssetPermUserOrUserGroupListApi(ListAPIView):
rbac_perms = {
- 'GET': 'assets.view_asset'
+ 'GET': 'perms.view_assetpermission'
}
def get_object(self):
@@ -226,7 +226,7 @@ class AssetPermUserListApi(BaseAssetPermUserOrUserGroupListApi):
search_fields = ('username', 'email', 'name', 'id', 'source', 'role')
serializer_class = UserSerializer
rbac_perms = {
- 'GET': 'assets.view_asset'
+ 'GET': 'perms.view_assetpermission'
}
def get_queryset(self):
diff --git a/apps/assets/api/system_user_relation.py b/apps/assets/api/system_user_relation.py
index 36c16a09b..2d8018e4d 100644
--- a/apps/assets/api/system_user_relation.py
+++ b/apps/assets/api/system_user_relation.py
@@ -68,6 +68,7 @@ class BaseRelationViewSet(RelationMixin, OrgBulkModelViewSet):
class SystemUserAssetRelationViewSet(BaseRelationViewSet):
+ perm_model = models.AuthBook
serializer_class = serializers.SystemUserAssetRelationSerializer
model = models.SystemUser.assets.through
filterset_fields = [
diff --git a/apps/assets/serializers/label.py b/apps/assets/serializers/label.py
index 26ab0ceb9..450b13a44 100644
--- a/apps/assets/serializers/label.py
+++ b/apps/assets/serializers/label.py
@@ -27,7 +27,7 @@ class LabelSerializer(BulkOrgResourceModelSerializer):
'category', 'date_created', 'asset_count',
)
extra_kwargs = {
- 'assets': {'required': False}
+ 'assets': {'required': False, 'label': _('Asset')}
}
@staticmethod
diff --git a/apps/authentication/views/login.py b/apps/authentication/views/login.py
index ee831eb6c..d5eaa8f9a 100644
--- a/apps/authentication/views/login.py
+++ b/apps/authentication/views/login.py
@@ -257,7 +257,7 @@ class UserLoginWaitConfirmView(TemplateView):
context = super().get_context_data(**kwargs)
if ticket:
timestamp_created = datetime.datetime.timestamp(ticket.date_created)
- ticket_detail_url = TICKET_DETAIL_URL.format(id=ticket_id)
+ ticket_detail_url = TICKET_DETAIL_URL.format(id=ticket_id, type=ticket.type)
assignees = ticket.current_node.first().ticket_assignees.all()
assignees_display = ', '.join([str(i.assignee) for i in assignees])
msg = _("""Wait for {} confirm, You also can copy link to her/him
diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo
index a3e26b6ec..7095c929c 100644
--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:43b38f824f3e62af12575cc853ec0ad7f9b0ac935e1d99116ebe3ddb6c93485c
-size 104599
+oid sha256:449810c3661c09f6448b9c67e7a193f303a3bef7ccc3d0f1efe6e099804e782a
+size 104323
diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po
index 6d166475b..f815acd61 100644
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: JumpServer 0.3.3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-03-17 15:19+0800\n"
+"POT-Creation-Date: 2022-03-17 19:16+0800\n"
"PO-Revision-Date: 2021-05-20 10:54+0800\n"
"Last-Translator: ibuler \n"
"Language-Team: JumpServer team\n"
@@ -137,9 +137,10 @@ msgstr "系统用户"
#: applications/serializers/attrs/application_category/remote_app.py:36
#: assets/models/asset.py:355 assets/models/authbook.py:19
#: assets/models/backup.py:31 assets/models/cmd_filter.py:38
-#: assets/models/gathered_user.py:14 assets/serializers/system_user.py:264
-#: audits/models.py:39 perms/models/asset_permission.py:23
-#: templates/index.html:82 terminal/backends/command/models.py:20
+#: assets/models/gathered_user.py:14 assets/serializers/label.py:30
+#: assets/serializers/system_user.py:264 audits/models.py:39
+#: perms/models/asset_permission.py:23 templates/index.html:82
+#: terminal/backends/command/models.py:20
#: terminal/backends/command/serializers.py:13 terminal/models/session.py:44
#: terminal/notifications.py:90
#: users/templates/users/user_asset_permission.html:40
@@ -968,7 +969,7 @@ msgstr "新节点"
msgid "empty"
msgstr "空"
-#: assets/models/node.py:545 perms/models/asset_permission.py:103
+#: assets/models/node.py:545 perms/models/asset_permission.py:101
msgid "Key"
msgstr "键"
@@ -976,7 +977,7 @@ msgstr "键"
msgid "Full value"
msgstr "全称"
-#: assets/models/node.py:550 perms/models/asset_permission.py:104
+#: assets/models/node.py:550 perms/models/asset_permission.py:102
msgid "Parent key"
msgstr "ssh私钥"
@@ -1154,10 +1155,8 @@ msgid "private key invalid or passphrase error"
msgstr "密钥不合法或密钥密码错误"
#: assets/serializers/cmd_filter.py:51
-#, fuzzy
-#| msgid "Application display"
msgid "Action display"
-msgstr "应用名称"
+msgstr "动作"
#: assets/serializers/domain.py:13 assets/serializers/label.py:12
#: assets/serializers/system_user.py:59
@@ -2808,19 +2807,19 @@ msgstr "任务执行"
msgid "Date finished"
msgstr "结束日期"
-#: ops/models/command.py:109
+#: ops/models/command.py:113
msgid "Task start"
msgstr "任务开始"
-#: ops/models/command.py:143
+#: ops/models/command.py:147
msgid "Command `{}` is forbidden ........"
msgstr "命令 `{}` 不允许被执行 ......."
-#: ops/models/command.py:156
+#: ops/models/command.py:160
msgid "Task end"
msgstr "任务结束"
-#: ops/models/command.py:160
+#: ops/models/command.py:164
msgid "Command execution"
msgstr "命令执行"
@@ -2911,55 +2910,43 @@ msgstr "管理员正在修改授权,请稍等"
msgid "The authorization cannot be revoked for the time being"
msgstr "该授权暂时不能撤销"
-#: perms/models/application_permission.py:40
-msgid "Can view application of permission to user"
-msgstr "可以查看授权给用户的应用"
-
-#: perms/models/application_permission.py:112
+#: perms/models/application_permission.py:111
msgid "Permed application"
msgstr "授权的应用"
-#: perms/models/application_permission.py:115
+#: perms/models/application_permission.py:114
msgid "Can view my apps"
msgstr "可以查看我的应用"
-#: perms/models/application_permission.py:116
+#: perms/models/application_permission.py:115
msgid "Can view user apps"
msgstr "可以查看用户授权的应用"
-#: perms/models/application_permission.py:117
+#: perms/models/application_permission.py:116
msgid "Can view usergroup apps"
msgstr "可以查看用户组授权的应用"
-#: perms/models/asset_permission.py:32
-msgid "Can view asset of permission to user"
-msgstr "可以查看授权给用户的资产"
-
-#: perms/models/asset_permission.py:33
-msgid "Can view asset of permission to user group"
-msgstr "可以查看授权给用户组的资产"
-
-#: perms/models/asset_permission.py:136
+#: perms/models/asset_permission.py:134
msgid "Ungrouped"
msgstr "未分组"
-#: perms/models/asset_permission.py:138
+#: perms/models/asset_permission.py:136
msgid "Favorite"
msgstr "收藏夹"
-#: perms/models/asset_permission.py:185
+#: perms/models/asset_permission.py:183
msgid "Permed asset"
msgstr "授权的资产"
-#: perms/models/asset_permission.py:187
+#: perms/models/asset_permission.py:185
msgid "Can view my assets"
msgstr "可以查看我的资产"
-#: perms/models/asset_permission.py:188
+#: perms/models/asset_permission.py:186
msgid "Can view user assets"
msgstr "可以查看用户授权的资产"
-#: perms/models/asset_permission.py:189
+#: perms/models/asset_permission.py:187
msgid "Can view usergroup assets"
msgstr "可以查看用户组授权的资产"
@@ -6684,11 +6671,11 @@ msgstr "华南-广州-友好用户环境"
#: xpack/plugins/cloud/serializers/account.py:58
msgid "Validity display"
-msgstr "有效显示"
+msgstr "有效性显示"
#: xpack/plugins/cloud/serializers/account.py:59
msgid "Provider display"
-msgstr "服务商名称"
+msgstr "服务商显示"
#: xpack/plugins/cloud/serializers/account_attrs.py:13
msgid "AccessKey ID"
@@ -6848,256 +6835,3 @@ msgstr "旗舰版"
#: xpack/plugins/license/models.py:77
msgid "Community edition"
msgstr "社区版"
-
-#, fuzzy
-#~| msgid "Date created"
-#~ msgid "date created"
-#~ msgstr "创建日期"
-
-#, fuzzy
-#~| msgid "Date updated"
-#~ msgid "date updated"
-#~ msgstr "更新日期"
-
-#~ msgid "Can view system user asset"
-#~ msgstr "可以查看系统用户资产列表"
-
-#~ msgid "Can add asset to system user"
-#~ msgstr "可以添加资产到系统用户"
-
-#~ msgid "Can remove system user asset"
-#~ msgstr "可以移除系统用户资产"
-
-#, fuzzy
-#~| msgid "Create"
-#~ msgid "create"
-#~ msgstr "创建"
-
-#, fuzzy
-#~| msgid "Update"
-#~ msgid "update"
-#~ msgstr "更新"
-
-#, fuzzy
-#~| msgid "Delete"
-#~ msgid "delete"
-#~ msgstr "删除"
-
-#~ msgid "Can connect my assets"
-#~ msgstr "可以连接我的资产"
-
-#~ msgid "Can view dashboard"
-#~ msgstr "仪表盘"
-
-#~ msgid "Detail"
-#~ msgstr "详情"
-
-#~ msgid "View menu"
-#~ msgstr "视图菜单"
-
-#~ msgid "User management"
-#~ msgstr "用户管理"
-
-#~ msgid "User list"
-#~ msgstr "用户列表"
-
-#~ msgid "Online/Offline Session record"
-#~ msgstr "在线/离线会话记录"
-
-#~ msgid "Asset management"
-#~ msgstr "资产管理"
-
-#~ msgid "Asset list"
-#~ msgstr "资产列表"
-
-#~ msgid "My application"
-#~ msgstr "我的应用"
-
-#~ msgid "Bulk command"
-#~ msgstr "批量命令"
-
-#~ msgid "Ticket system"
-#~ msgstr "工单系统"
-
-#~ msgid "API permission"
-#~ msgstr "API权限"
-
-#~ msgid "Application management"
-#~ msgstr "应用管理"
-
-#~ msgid "Account management"
-#~ msgstr "账号管理"
-
-#~ msgid "Permission management"
-#~ msgstr "权限管理"
-
-#~ msgid "Access control"
-#~ msgstr "访问控制"
-
-#~ msgid "Job center"
-#~ msgstr "作业中心"
-
-#~ msgid "Session audit"
-#~ msgstr "会话审计"
-
-#~ msgid "Log audit"
-#~ msgstr "日志审计"
-
-#~ msgid "Role list"
-#~ msgstr "角色列表"
-
-#~ msgid "User login acl"
-#~ msgstr "用户登录规则"
-
-#~ msgid "Permission list"
-#~ msgstr "权限列表"
-
-#~ msgid "Node tree"
-#~ msgstr "节点树"
-
-#~ msgid "Cloud sync"
-#~ msgstr "云同步"
-
-#~ msgid "Sync instance task list"
-#~ msgstr "同步实例任务列表"
-
-#~ msgid "Account list"
-#~ msgstr "账号列表"
-
-#~ msgid "Common/Admin User"
-#~ msgstr "普通/特权用户"
-
-#~ msgid "Platform list"
-#~ msgstr "平台列表"
-
-#~ msgid "Label management"
-#~ msgstr "标签管理"
-
-#~ msgid "Remote application"
-#~ msgstr "远程应用"
-
-#~ msgid "Database application"
-#~ msgstr "数据库应用"
-
-#~ msgid "Asset account"
-#~ msgstr "资产账号"
-
-#~ msgid "Gathered user list"
-#~ msgstr "收集用户列表"
-
-#~ msgid "Gathered user task list"
-#~ msgstr "收集用户任务列表"
-
-#~ msgid "Account backup"
-#~ msgstr "账号备份"
-
-#~ msgid "Asset login"
-#~ msgstr "资产登录"
-
-#~ msgid "Task list"
-#~ msgstr "任务列表"
-
-#~ msgid "File transfer"
-#~ msgstr "文件传输"
-
-#~ msgid "Remote App"
-#~ msgstr "远程应用"
-
-#~ msgid "Terminal management"
-#~ msgstr "终端管理"
-
-#~ msgid "Organization management"
-#~ msgstr "组织管理"
-
-#~ msgid "View all permission"
-#~ msgstr "查看所有权限"
-
-#~ msgid "Domain list"
-#~ msgstr "网域列表"
-
-#~ msgid "Gateway list"
-#~ msgstr "网关列表"
-
-#~ msgid "Run gather user task"
-#~ msgstr "执行收集用户任务"
-
-#~ msgid "Run asset change auth plan"
-#~ msgstr "执行资产改密计划"
-
-#~ msgid "Run application change auth plan"
-#~ msgstr "执行应用改密计划"
-
-#~ msgid "Run account backup plan"
-#~ msgstr "执行账号备份计划"
-
-#~ msgid "Run task"
-#~ msgstr "运行任务"
-
-#~ msgid "View task version"
-#~ msgstr "查看任务版本"
-
-#~ msgid "View execution history"
-#~ msgstr "查看执行历史"
-
-#~ msgid "Message subscription"
-#~ msgstr "消息订阅"
-
-#~ msgid "Component monitor"
-#~ msgstr "组件监控"
-
-#~ msgid "View my/assigned ticket"
-#~ msgstr "查看我的/待审批工单"
-
-#~ msgid "Create asset/application ticket"
-#~ msgstr "创建资产/应用申请工单"
-
-#~ msgid "Change/close ticket"
-#~ msgstr "更新/关闭工单"
-
-#~ msgid "View some of the assets searched"
-#~ msgstr "查看搜索的部分资产"
-
-#~ msgid "Overview"
-#~ msgstr "概览"
-
-#~ msgid "Add user to role"
-#~ msgstr "添加用户到角色"
-
-#~ msgid "Remove user from role"
-#~ msgstr "从角色移除用户"
-
-#~ msgid "Run sync instance task"
-#~ msgstr "执行同步实例任务"
-
-#~ msgid "Can change basic setting"
-#~ msgstr "基本设置"
-
-#~ msgid "Enable tickets"
-#~ msgstr "启用工单"
-
-#~ msgid "Permed remote application"
-#~ msgstr "授权的远程应用"
-
-#~ msgid "Can view my remoteapp"
-#~ msgstr "可以查看我的应用"
-
-#~ msgid "Can connect my remoteapp"
-#~ msgstr "可以连接我的远程应用"
-
-#~ msgid "Can view my database application"
-#~ msgstr "可以查看我的数据库应用"
-
-#~ msgid "Can connect my database application"
-#~ msgstr "可以连接我的数据库应用"
-
-#~ msgid "Can view my kubernetes application"
-#~ msgstr "可以查看我的Kubernetes"
-
-#~ msgid "Can connect my kubernetes application"
-#~ msgstr "可以连接我的Kubernetes"
-
-#~ msgid "Can change terminal basic setting"
-#~ msgstr "基本设置"
-
-#~ msgid "Can view resource statistics"
-#~ msgstr "可以查看资源统计"
diff --git a/apps/notifications/api/notifications.py b/apps/notifications/api/notifications.py
index afcce3564..5aa404896 100644
--- a/apps/notifications/api/notifications.py
+++ b/apps/notifications/api/notifications.py
@@ -43,8 +43,7 @@ class SystemMsgSubscriptionViewSet(ListModelMixin,
'partial_update': SystemMsgSubscriptionSerializer
}
rbac_perms = {
- 'list': 'settings.change_systemmsgsubscription',
- 'update': 'settings.change_systemmsgsubscription'
+ '*': 'settings.change_systemmsgsubscription'
}
def list(self, request, *args, **kwargs):
diff --git a/apps/rbac/const.py b/apps/rbac/const.py
index 250a30a0e..b5d584e0b 100644
--- a/apps/rbac/const.py
+++ b/apps/rbac/const.py
@@ -39,7 +39,7 @@ exclude_permissions = (
('assets', 'assetuser', '*', '*'),
('assets', 'gathereduser', 'add,delete,change', 'gathereduser'),
('assets', 'accountbackupplanexecution', 'delete,change', 'accountbackupplanexecution'),
- ('assets', 'authbook', 'add,change', 'authbook'),
+ ('assets', 'authbook', 'change', 'authbook'),
('perms', 'userassetgrantedtreenoderelation', '*', '*'),
('perms', 'usergrantedmappingnode', '*', '*'),
('perms', 'permnode', '*', '*'),