github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: Remove account_deleted, password_error, no_admin_account others risk

pull/15011/head
wangruidong 2025-03-12 15:37:29 +08:00 committed by w940853815
parent 6e83420e67
commit 153be1508f
3 changed files with 3 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/accounts/api/account/pam_dashboard.py
View File

@ -43,25 +43,22 @@ class PamDashboardApi(APIView):
'total_sudo_changed_accounts': ('sudo_changed_count', Q(risk='sudo_changed')), 'total_sudo_changed_accounts': ('sudo_changed_count', Q(risk='sudo_changed')),
'total_authorized_keys_changed_accounts': ( 'total_authorized_keys_changed_accounts': (
'authorized_keys_changed_count', Q(risk='authorized_keys_changed')), 'authorized_keys_changed_count', Q(risk='authorized_keys_changed')),
'total_account_deleted_accounts': ('account_deleted_count', Q(risk='account_deleted')),
'total_password_expired_accounts': ('password_expired_count', Q(risk='password_expired')), 'total_password_expired_accounts': ('password_expired_count', Q(risk='password_expired')),
'total_long_time_password_accounts': ('long_time_password_count', Q(risk='long_time_password')), 'total_long_time_password_accounts': ('long_time_password_count', Q(risk='long_time_password')),
'total_weak_password_accounts': ('weak_password_count', Q(risk='weak_password')), 'total_weak_password_accounts': ('weak_password_count', Q(risk='weak_password')),
'total_leaked_password_accounts': ('leaked_password_count', Q(risk='leaked_password')), 'total_leaked_password_accounts': ('leaked_password_count', Q(risk='leaked_password')),
'total_repeated_password_accounts': ('repeated_password_count', Q(risk='repeated_password')), 'total_repeated_password_accounts': ('repeated_password_count', Q(risk='repeated_password')),
'total_password_error_accounts': ('password_error_count', Q(risk='password_error')),
'total_no_admin_account_accounts': ('no_admin_account_count', Q(risk='no_admin_account')),
} }
aggregations = { aggregations = {
agg_key: Count('account_id', distinct=True, filter=agg_filter) agg_key: Count('id', distinct=True, filter=agg_filter)
for param_key, (agg_key, agg_filter) in agg_map.items() for param_key, (agg_key, agg_filter) in agg_map.items()
if _all or query_params.get(param_key) if _all or query_params.get(param_key)
} }
data = {} data = {}
if aggregations: if aggregations:
account_stats = AccountRisk.objects.filter(account__isnull=False).aggregate(**aggregations) account_stats = AccountRisk.objects.aggregate(**aggregations)
data = {param_key: account_stats.get(agg_key) for param_key, (agg_key, _) in agg_map.items() if data = {param_key: account_stats.get(agg_key) for param_key, (agg_key, _) in agg_map.items() if
agg_key in account_stats} agg_key in account_stats}

4
apps/accounts/migrations/0005_accountrisk_backupaccountautomation_and_more.py
View File

@ -142,15 +142,11 @@ class Migration(migrations.Migration):
("groups_changed", "Groups change"), ("groups_changed", "Groups change"),
("sudoers_changed", "Sudo changed"), ("sudoers_changed", "Sudo changed"),
("authorized_keys_changed", "Authorized keys changed"), ("authorized_keys_changed", "Authorized keys changed"),
("account_deleted", "Account delete"),
("password_expired", "Password expired"), ("password_expired", "Password expired"),
("long_time_password", "Long time no change"), ("long_time_password", "Long time no change"),
("weak_password", "Weak password"), ("weak_password", "Weak password"),
("leaked_password", "Leaked password"), ("leaked_password", "Leaked password"),
("repeated_password", "Repeated password"), ("repeated_password", "Repeated password"),
("password_error", "Password error"),
("no_admin_account", "No admin account"),
("others", "Others"),
], ],
max_length=128, max_length=128,
verbose_name="Risk", verbose_name="Risk",

7
apps/accounts/models/automations/check_account.py
View File

@ -1,9 +1,8 @@
from itertools import islice
from django.db import models from django.db import models
from django.db.models import TextChoices from django.db.models import TextChoices
from django.utils import timezone from django.utils import timezone
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
from itertools import islice
from common.const import ConfirmOrIgnore from common.const import ConfirmOrIgnore
from common.db.models import JMSBaseModel from common.db.models import JMSBaseModel
@ -45,16 +44,12 @@ class RiskChoice(TextChoices):
group_changed = 'groups_changed', _('Groups change') # 组变更, 确认 group_changed = 'groups_changed', _('Groups change') # 组变更, 确认
sudo_changed = 'sudoers_changed', _('Sudo changed') # sudo 变更, 确认 sudo_changed = 'sudoers_changed', _('Sudo changed') # sudo 变更, 确认
authorized_keys_changed = 'authorized_keys_changed', _('Authorized keys changed') # authorized_keys 变更, 确认 authorized_keys_changed = 'authorized_keys_changed', _('Authorized keys changed') # authorized_keys 变更, 确认
account_deleted = 'account_deleted', _('Account delete') # 账号被删除, 确认
password_expired = 'password_expired', _('Password expired') # 密码过期, 修改密码 password_expired = 'password_expired', _('Password expired') # 密码过期, 修改密码
long_time_password = 'long_time_password', _('Long time no change') # 好久没改密码的账号, 改密码 long_time_password = 'long_time_password', _('Long time no change') # 好久没改密码的账号, 改密码
weak_password = 'weak_password', _('Weak password') # 弱密码, 改密 weak_password = 'weak_password', _('Weak password') # 弱密码, 改密
leaked_password = 'leaked_password', _('Leaked password') # 可能泄露的密码, 改密 leaked_password = 'leaked_password', _('Leaked password') # 可能泄露的密码, 改密
repeated_password = 'repeated_password', _('Repeated password') # 重复度高的密码, 改密 repeated_password = 'repeated_password', _('Repeated password') # 重复度高的密码, 改密
password_error = 'password_error', _('Password error') # 密码错误, 修改账号
no_admin_account = 'no_admin_account', _('No admin account') # 无管理员账号, 设置账号
others = 'others', _('Others') # 其他风险, 确认
class AccountRisk(JMSOrgBaseModel): class AccountRisk(JMSOrgBaseModel):