github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: Remove account_deleted, password_error, no_admin_account others risk

pull/15011/head
wangruidong 2025-03-12 15:37:29 +08:00 committed by w940853815
parent 6e83420e67
commit 153be1508f
3 changed files with 3 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/accounts/api/account/pam_dashboard.py
View File

@ -43,25 +43,22 @@ class PamDashboardApi(APIView):
'total_sudo_changed_accounts': ('sudo_changed_count', Q(risk='sudo_changed')),
'total_authorized_keys_changed_accounts': (
'authorized_keys_changed_count', Q(risk='authorized_keys_changed')),
'total_account_deleted_accounts': ('account_deleted_count', Q(risk='account_deleted')),
'total_password_expired_accounts': ('password_expired_count', Q(risk='password_expired')),
'total_long_time_password_accounts': ('long_time_password_count', Q(risk='long_time_password')),
'total_weak_password_accounts': ('weak_password_count', Q(risk='weak_password')),
'total_leaked_password_accounts': ('leaked_password_count', Q(risk='leaked_password')),
'total_repeated_password_accounts': ('repeated_password_count', Q(risk='repeated_password')),
'total_password_error_accounts': ('password_error_count', Q(risk='password_error')),
'total_no_admin_account_accounts': ('no_admin_account_count', Q(risk='no_admin_account')),
}
aggregations = {
agg_key: Count('account_id', distinct=True, filter=agg_filter)
agg_key: Count('id', distinct=True, filter=agg_filter)
for param_key, (agg_key, agg_filter) in agg_map.items()
if _all or query_params.get(param_key)
}
data = {}
if aggregations:
account_stats = AccountRisk.objects.filter(account__isnull=False).aggregate(**aggregations)
account_stats = AccountRisk.objects.aggregate(**aggregations)
data = {param_key: account_stats.get(agg_key) for param_key, (agg_key, _) in agg_map.items() if
agg_key in account_stats}

4
apps/accounts/migrations/0005_accountrisk_backupaccountautomation_and_more.py
View File

@ -142,15 +142,11 @@ class Migration(migrations.Migration):
("groups_changed", "Groups change"),
("sudoers_changed", "Sudo changed"),
("authorized_keys_changed", "Authorized keys changed"),
("account_deleted", "Account delete"),
("password_expired", "Password expired"),
("long_time_password", "Long time no change"),
("weak_password", "Weak password"),
("leaked_password", "Leaked password"),
("repeated_password", "Repeated password"),
("password_error", "Password error"),
("no_admin_account", "No admin account"),
("others", "Others"),
],
max_length=128,
verbose_name="Risk",

7
apps/accounts/models/automations/check_account.py
View File

@ -1,9 +1,8 @@
from itertools import islice
from django.db import models
from django.db.models import TextChoices
from django.utils import timezone
from django.utils.translation import gettext_lazy as _
from itertools import islice
from common.const import ConfirmOrIgnore
from common.db.models import JMSBaseModel
@ -45,16 +44,12 @@ class RiskChoice(TextChoices):
group_changed = 'groups_changed', _('Groups change') # 组变更, 确认
sudo_changed = 'sudoers_changed', _('Sudo changed') # sudo 变更, 确认
authorized_keys_changed = 'authorized_keys_changed', _('Authorized keys changed') # authorized_keys 变更, 确认
account_deleted = 'account_deleted', _('Account delete') # 账号被删除, 确认
password_expired = 'password_expired', _('Password expired') # 密码过期, 修改密码
long_time_password = 'long_time_password', _('Long time no change') # 好久没改密码的账号, 改密码
weak_password = 'weak_password', _('Weak password') # 弱密码, 改密
leaked_password = 'leaked_password', _('Leaked password') # 可能泄露的密码, 改密
repeated_password = 'repeated_password', _('Repeated password') # 重复度高的密码, 改密
password_error = 'password_error', _('Password error') # 密码错误, 修改账号
no_admin_account = 'no_admin_account', _('No admin account') # 无管理员账号, 设置账号
others = 'others', _('Others') # 其他风险, 确认
class AccountRisk(JMSOrgBaseModel):