github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'dev' of github.com:jumpserver/jumpserver into dev

pull/2957/head
ibuler 2019-07-16 10:08:06 +08:00
parent d2516cc328 ab520ee345
commit 106abc24f8
14 changed files with 258 additions and 204 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
apps/applications/templates/applications/remote_app_create_update.html
View File

@ -107,6 +107,21 @@ function hiddenFields(){
}); });
$('.' + app_type + '-fields').removeClass('hidden'); $('.' + app_type + '-fields').removeClass('hidden');
} }
function constructParams(data) {
var typeList = ['chrome', 'mysql_workbench', 'vmware_client', 'custom'];
var params = {};
for (var type in typeList){
if (data.type === type){
for (var k in data){
if (k.startsWith(data.type)){
params[k] = data[k]
}
}
break
}
}
return params;
}
$(document).ready(function () { $(document).ready(function () {
$('.select2').select2({ $('.select2').select2({
closeOnSelect: true closeOnSelect: true
@ -118,6 +133,28 @@ $(document).ready(function () {
.on('change', app_type_id, function(){ .on('change', app_type_id, function(){
hiddenFields(); hiddenFields();
setDefaultValue(); setDefaultValue();
}); })
.on("submit", "form", function (evt) {
evt.preventDefault();
var the_url = '{% url "api-applications:remote-app-list" %}';
var redirect_to = '{% url "applications:remote-app-list" %}';
var method = "POST";
{% if type == "update" %}
the_url = '{% url "api-applications:remote-app-detail" object.id %}';
method = "PUT";
{% endif %}
var form = $("form");
var data = form.serializeObject();
data["params"] = constructParams(data);
var props = {
url: the_url,
data: data,
method: method,
form: form,
redirect_to: redirect_to
};
formSubmit(props);
})
;
</script> </script>
{% endblock %} {% endblock %}

2
apps/applications/views/remote_app.py
View File

@ -46,6 +46,7 @@ class RemoteAppCreateView(PermissionsMixin, SuccessMessageMixin, CreateView):
context = { context = {
'app': _('Applications'), 'app': _('Applications'),
'action': _('Create RemoteApp'), 'action': _('Create RemoteApp'),
'type': 'create'
} }
kwargs.update(context) kwargs.update(context)
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
@ -68,6 +69,7 @@ class RemoteAppUpdateView(PermissionsMixin, SuccessMessageMixin, UpdateView):
context = { context = {
'app': _('Applications'), 'app': _('Applications'),
'action': _('Update RemoteApp'), 'action': _('Update RemoteApp'),
'type': 'update'
} }
kwargs.update(context) kwargs.update(context)
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)

2
apps/assets/api/asset.py
View File

@ -85,7 +85,7 @@ class AssetViewSet(LabelFilter, OrgBulkModelViewSet):
queryset = queryset.filter( queryset = queryset.filter(
nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key), nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key),
) )
return queryset return queryset.distinct()
def filter_admin_user_id(self, queryset): def filter_admin_user_id(self, queryset):
admin_user_id = self.request.query_params.get('admin_user_id') admin_user_id = self.request.query_params.get('admin_user_id')

1
apps/assets/forms/cmd_filter.py
View File

@ -2,6 +2,7 @@
# #
from django import forms from django import forms
from django.core.exceptions import ValidationError from django.core.exceptions import ValidationError
from django.utils.translation import ugettext_lazy as _
import re import re
from orgs.mixins import OrgModelForm from orgs.mixins import OrgModelForm

1
apps/assets/serializers/cmd_filter.py
View File

@ -2,6 +2,7 @@
# #
import re import re
from rest_framework import serializers from rest_framework import serializers
from django.utils.translation import ugettext_lazy as _
from common.fields import ChoiceDisplayField from common.fields import ChoiceDisplayField
from common.serializers import AdaptedBulkListSerializer from common.serializers import AdaptedBulkListSerializer

2
apps/assets/templates/assets/admin_user_list.html
View File

@ -115,7 +115,7 @@ function initTable() {
}}], }}],
ajax_url: '{% url "api-assets:admin-user-list" %}', ajax_url: '{% url "api-assets:admin-user-list" %}',
columns: [ columns: [
{data: function(){return ""}}, {data: "name"}, {data: "username" }, {data: "assets_amount" }, {data: function(){return ""}}, {data: "name"}, {data: "username" }, {data: "assets_amount", orderable: false},
{#{data: "connectivity_amount"}, {data: "connectivity_amount"}, {data: "connectivity_amount"},#} {#{data: "connectivity_amount"}, {data: "connectivity_amount"}, {data: "connectivity_amount"},#}
{data: "comment"}, {data: "id"} {data: "comment"}, {data: "id"}
] ]

1
apps/jumpserver/conf.py
View File

@ -359,6 +359,7 @@ defaults = {
'TERMINAL_TELNET_REGEX': '', 'TERMINAL_TELNET_REGEX': '',
'TERMINAL_COMMAND_STORAGE': {}, 'TERMINAL_COMMAND_STORAGE': {},
'SECURITY_MFA_AUTH': False, 'SECURITY_MFA_AUTH': False,
'SECURITY_SERVICE_ACCOUNT_REGISTRATION': True,
'SECURITY_LOGIN_LIMIT_COUNT': 7, 'SECURITY_LOGIN_LIMIT_COUNT': 7,
'SECURITY_LOGIN_LIMIT_TIME': 30, 'SECURITY_LOGIN_LIMIT_TIME': 30,
'SECURITY_MAX_IDLE_TIME': 30, 'SECURITY_MAX_IDLE_TIME': 30,

2
apps/jumpserver/settings.py
View File

@ -568,7 +568,7 @@ SECURITY_PASSWORD_RULES = [
'SECURITY_PASSWORD_SPECIAL_CHAR' 'SECURITY_PASSWORD_SPECIAL_CHAR'
] ]
SECURITY_MFA_VERIFY_TTL = CONFIG.SECURITY_MFA_VERIFY_TTL SECURITY_MFA_VERIFY_TTL = CONFIG.SECURITY_MFA_VERIFY_TTL
SECURITY_SERVICE_ACCOUNT_REGISTRATION = CONFIG.SECURITY_SERVICE_ACCOUNT_REGISTRATION
TERMINAL_PASSWORD_AUTH = CONFIG.TERMINAL_PASSWORD_AUTH TERMINAL_PASSWORD_AUTH = CONFIG.TERMINAL_PASSWORD_AUTH
TERMINAL_PUBLIC_KEY_AUTH = CONFIG.TERMINAL_PUBLIC_KEY_AUTH TERMINAL_PUBLIC_KEY_AUTH = CONFIG.TERMINAL_PUBLIC_KEY_AUTH
TERMINAL_HEARTBEAT_INTERVAL = CONFIG.TERMINAL_HEARTBEAT_INTERVAL TERMINAL_HEARTBEAT_INTERVAL = CONFIG.TERMINAL_HEARTBEAT_INTERVAL

BIN
apps/locale/zh/LC_MESSAGES/django.mo
View File

Binary file not shown.

394
apps/locale/zh/LC_MESSAGES/django.po
View File

File diff suppressed because it is too large Load Diff

6
apps/perms/api/user_permission.py
View File

@ -344,6 +344,12 @@ class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, RetrieveAPIView
user_id = self.request.query_params.get('user_id', '') user_id = self.request.query_params.get('user_id', '')
asset_id = self.request.query_params.get('asset_id', '') asset_id = self.request.query_params.get('asset_id', '')
system_id = self.request.query_params.get('system_user_id', '') system_id = self.request.query_params.get('system_user_id', '')
try:
user_id = uuid.UUID(user_id)
asset_id = uuid.UUID(asset_id)
system_id = uuid.UUID(system_id)
except ValueError:
return Response({'msg': False}, status=403)
user = get_object_or_404(User, id=user_id) user = get_object_or_404(User, id=user_id)

5
apps/settings/forms.py
View File

@ -192,6 +192,11 @@ class SecuritySettingForm(BaseForm):
required=False, label=_("Batch execute commands"), required=False, label=_("Batch execute commands"),
help_text=_("Allow user batch execute commands") help_text=_("Allow user batch execute commands")
) )
SECURITY_SERVICE_ACCOUNT_REGISTRATION = forms.BooleanField(
required=False, label=_("Service account registration"),
help_text=_("Allow using bootstrap token register service account, "
"when terminal setup, can disable it")
)
# limit login count # limit login count
SECURITY_LOGIN_LIMIT_COUNT = forms.IntegerField( SECURITY_LOGIN_LIMIT_COUNT = forms.IntegerField(
min_value=3, max_value=99999, min_value=3, max_value=99999,

4
apps/terminal/serializers_v2/terminal.py
View File

@ -1,5 +1,6 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# #
from django.conf import settings
from rest_framework import serializers from rest_framework import serializers
from common.utils import get_request_ip from common.utils import get_request_ip
@ -27,6 +28,9 @@ class TerminalSerializer(serializers.ModelSerializer):
valid = super().is_valid(raise_exception=raise_exception) valid = super().is_valid(raise_exception=raise_exception)
if not valid: if not valid:
return valid return valid
if not settings.SECURITY_SERVICE_ACCOUNT_REGISTRATION:
error = {"error": "service account registration disabled"}
raise serializers.ValidationError(error)
data = {'name': self.validated_data.get('name')} data = {'name': self.validated_data.get('name')}
kwargs = {'data': data} kwargs = {'data': data}
if self.instance and self.instance.user: if self.instance and self.instance.user:

3
apps/users/templates/users/_base_otp.html
View File

@ -42,8 +42,7 @@
</div> </div>
<div > <div >
<div class="verify">{% trans 'Security token validation' %}&nbsp;&nbsp;{% trans 'Account' %}&nbsp;<span>{{ user.username }}</span>&nbsp;&nbsp;{% trans 'Follow these steps to complete the binding operation' %}</div> <div class="verify">{% trans 'Security token validation' %}&nbsp;&nbsp;{% trans 'Account' %}&nbsp;<span>{{ user.username }}</span>&nbsp;&nbsp;{% trans 'Follow these steps to complete the binding operation' %}</div>
<div class="line"></div> <hr style="width: 500px; margin: auto; margin-top: 10px;">
{% block content %} {% block content %}
{% endblock %} {% endblock %}
</div> </div>