Merge remote-tracking branch 'origin/v3' into v3

2022-11-28 11:48:33 +08:00 · 2022-11-28 11:48:33 +08:00 · 0417c6142d
parent 7f2267cf13 072c44974e
commit 0417c6142d
6 changed files with 10 additions and 11 deletions
--- a/2
+++ b/2
@ -100,6 +100,6 @@ VOLUME /opt/jumpserver/logs

 ENV LANG=zh_CN.UTF-8

-EXPOSE 8070
 EXPOSE 8080
+
 ENTRYPOINT ["./entrypoint.sh"]
--- a/Dockerfile.loong64
+++ b/Dockerfile.loong64
@ -91,6 +91,6 @@ VOLUME /opt/jumpserver/logs

 ENV LANG=zh_CN.UTF-8

-EXPOSE 8070
 EXPOSE 8080
+
 ENTRYPOINT ["./entrypoint.sh"]
--- a/apps/authentication/api/connection_token.py
+++ b/apps/authentication/api/connection_token.py
@ -1,7 +1,6 @@
 import base64
 import json
 import os
-import time
 import urllib.parse

 from django.http import HttpResponse
--- a/apps/authentication/models/connection_token.py
+++ b/apps/authentication/models/connection_token.py
@ -77,7 +77,7 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
    def permed_account(self):
        from perms.utils import PermAccountUtil
        permed_account = PermAccountUtil().validate_permission(
-            self.user, self.asset, self.login
+            self.user, self.asset, self.account_name
        )
        return permed_account

@ -100,13 +100,13 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
            is_valid = False
            error = _('No asset or inactive asset')
            return is_valid, error
-        if not self.login:
+        if not self.account_name:
            error = _('No account')
            raise PermissionDenied(error)

        if not self.permed_account or not self.permed_account.actions:
            msg = 'user `{}` not has asset `{}` permission for login `{}`'.format(
-                self.user, self.asset, self.login
+                self.user, self.asset, self.account_name
            )
            raise PermissionDenied(msg)

@ -123,10 +123,10 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
        if not self.asset:
            return None

-        account = self.asset.accounts.filter(name=self.login).first()
-        if self.login == '@INPUT' or not account:
+        account = self.asset.accounts.filter(name=self.account_name).first()
+        if self.account_name == '@INPUT' or not account:
            return {
-                'name': self.login,
+                'name': self.account_name,
                'username': self.username,
                'secret_type': 'password',
                'secret': self.secret
--- a/apps/authentication/serializers/connection_token.py
+++ b/apps/authentication/serializers/connection_token.py
@ -154,7 +154,7 @@ class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
    class Meta:
        model = ConnectionToken
        fields = [
-            'id', 'secret', 'user', 'asset', 'account',
+            'id', 'value', 'user', 'asset', 'account',
            'protocol', 'domain', 'gateway',
            'actions', 'expire_at', 'platform',
        ]
--- a/apps/orgs/signal_handlers/cache.py
+++ b/apps/orgs/signal_handlers/cache.py
@ -91,7 +91,7 @@ class OrgResourceStatisticsRefreshUtil:
        if not cache_field_name:
            return
        OrgResourceStatisticsCache(Organization.root()).expire(*cache_field_name)
-        if instance.org:
+        if getattr(instance, 'org', None):
            OrgResourceStatisticsCache(instance.org).expire(*cache_field_name)