[Update] Merge with master

2020-02-26 16:15:42 +08:00 · 2020-02-26 16:15:42 +08:00 · 1e8ef8c925
parent c354b55f61 4f93a3ca92
commit 1e8ef8c925
13 changed files with 56 additions and 7 deletions
--- a/apps/authentication/api/token.py
+++ b/apps/authentication/api/token.py
@ -23,6 +23,7 @@ class TokenCreateApi(AuthMixin, CreateAPIView):
    def create_session_if_need(self):
        if self.request.session.is_empty():
            self.request.session.create()
+            self.request.session.set_expiry(600)

    def create(self, request, *args, **kwargs):
        self.create_session_if_need()
--- a/apps/common/utils/django.py
+++ b/apps/common/utils/django.py
@ -2,6 +2,7 @@
 #
 import re
 from django.shortcuts import reverse as dj_reverse
+from django.db.models import Subquery, QuerySet
 from django.conf import settings
 from django.utils import timezone

@ -35,3 +36,16 @@ def date_expired_default():
        years = 70
    return timezone.now() + timezone.timedelta(days=365*years)

+
+def union_queryset(*args, base_queryset=None):
+    if len(args) == 1:
+        return args[0]
+    elif len(args) == 0:
+        raise ValueError("args is empty")
+    args = [q.order_by() for q in args]
+    sub_query = args[0].union(*args[1:])
+    queryset_id = list(sub_query.values_list('id', flat=True))
+    if not base_queryset:
+        base_queryset = args[0].model.objects
+    queryset = base_queryset.filter(id__in=queryset_id)
+    return queryset
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@ -193,6 +193,7 @@ class Config(dict):
        'FORCE_SCRIPT_NAME': '',
        'LOGIN_CONFIRM_ENABLE': False,
        'WINDOWS_SKIP_ALL_MANUAL_PASSWORD': False,
+        'ORG_CHANGE_TO_URL': ''
    }

    def convert_type(self, k, v):
--- a/apps/jumpserver/settings/custom.py
+++ b/apps/jumpserver/settings/custom.py
@ -82,4 +82,5 @@ USER_GUIDE_URL = DYNAMIC.USER_GUIDE_URL
 HTTP_LISTEN_PORT = CONFIG.HTTP_LISTEN_PORT
 WS_LISTEN_PORT = CONFIG.WS_LISTEN_PORT
 LOGIN_LOG_KEEP_DAYS = DYNAMIC.LOGIN_LOG_KEEP_DAYS
+ORG_CHANGE_TO_URL = CONFIG.ORG_CHANGE_TO_URL
 WINDOWS_SKIP_ALL_MANUAL_PASSWORD = CONFIG.WINDOWS_SKIP_ALL_MANUAL_PASSWORD
--- a/apps/orgs/views.py
+++ b/apps/orgs/views.py
@ -1,4 +1,5 @@
 from django.shortcuts import redirect, reverse
+from django.conf import settings
 from django.http import HttpResponseForbidden

 from django.views.generic import DetailView, View
@ -16,6 +17,9 @@ class SwitchOrgView(DetailView):
        self.object = Organization.get_instance(pk)
        oid = str(self.object.id)
        request.session['oid'] = oid
+        org_change_to_url = settings.ORG_CHANGE_TO_URL
+        if org_change_to_url:
+            return redirect(org_change_to_url)
        host = request.get_host()
        referer = request.META.get('HTTP_REFERER', '')
        if referer.find(host) == -1:
--- a/apps/perms/api/asset_permission.py
+++ b/apps/perms/api/asset_permission.py
@ -1,6 +1,5 @@
 # -*- coding: utf-8 -*-
 #
-
 from django.db.models import Q

 from common.permissions import IsOrgAdmin
--- a/apps/perms/api/user_permission/common.py
+++ b/apps/perms/api/user_permission/common.py
@ -114,3 +114,4 @@ class UserGrantedAssetSystemUsersApi(UserAssetPermissionMixin, ListAPIView):
            system_users.append(system_user)
        system_users.sort(key=lambda x: x.priority)
        return system_users
+
--- a/apps/perms/models/asset_permission.py
+++ b/apps/perms/models/asset_permission.py
@ -93,7 +93,7 @@ class AssetPermission(BasePermission):
            models.Prefetch('nodes', queryset=Node.objects.all().only('key')),
            models.Prefetch('assets', queryset=Asset.objects.all().only('id')),
            models.Prefetch('system_users', queryset=SystemUser.objects.all().only('id'))
-        )
+        ).order_by()

    def get_all_assets(self):
        from assets.models import Node
--- a/apps/perms/models/base.py
+++ b/apps/perms/models/base.py
@ -8,7 +8,7 @@ from django.db.models import Q
 from django.utils import timezone
 from orgs.mixins.models import OrgModelMixin

-from common.utils import date_expired_default, set_or_append_attr_bulk
+from common.utils import date_expired_default
 from orgs.mixins.models import OrgManager


--- a/apps/perms/utils/database_app_permission.py
+++ b/apps/perms/utils/database_app_permission.py
@ -1,10 +1,10 @@
 # coding: utf-8
 #

-from django.db.models import Q
 from django.utils.translation import ugettext as _
-from orgs.utils import set_to_root_org
+from django.db.models import Q

+from orgs.utils import set_to_root_org
 from ..models import DatabaseAppPermission
 from common.tree import TreeNode
 from applications.models import DatabaseApp
@ -17,6 +17,7 @@ __all__ = [
    'parse_database_app_to_tree_node'
 ]

+
 def get_user_database_app_permissions(user, include_group=True):
    if include_group:
        groups = user.groups.all()
--- a/apps/perms/utils/remote_app_permission.py
+++ b/apps/perms/utils/remote_app_permission.py
@ -1,8 +1,8 @@
 #  coding: utf-8
 #

-from django.db.models import Q
 from django.utils.translation import ugettext as _
+from django.db.models import Q

 from common.tree import TreeNode
 from orgs.utils import set_to_root_org
--- a/apps/terminal/migrations/0021_auto_20200213_1316.py
+++ b/apps/terminal/migrations/0021_auto_20200213_1316.py
@ -0,0 +1,18 @@
+# Generated by Django 2.2.10 on 2020-02-13 05:16
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('terminal', '0020_auto_20191218_1721'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='session',
+            name='is_finished',
+            field=models.BooleanField(db_index=True, default=False),
+        ),
+    ]
--- a/apps/terminal/models.py
+++ b/apps/terminal/models.py
@ -90,6 +90,14 @@ class Terminal(models.Model):
        config = self.get_replay_storage_config()
        return {"TERMINAL_REPLAY_STORAGE": config}

+    @staticmethod
+    def get_login_title_setting():
+        login_title = None
+        if settings.XPACK_ENABLED:
+            from xpack.plugins.interface.models import Interface
+            login_title = Interface.get_login_title()
+        return {'TERMINAL_HEADER_TITLE': login_title}
+
    @property
    def config(self):
        configs = {}
@ -99,6 +107,7 @@ class Terminal(models.Model):
            configs[k] = getattr(settings, k)
        configs.update(self.get_command_storage_setting())
        configs.update(self.get_replay_storage_setting())
+        configs.update(self.get_login_title_setting())
        configs.update({
            'SECURITY_MAX_IDLE_TIME': settings.SECURITY_MAX_IDLE_TIME
        })
@ -181,7 +190,7 @@ class Session(OrgModelMixin):
    system_user_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
    login_from = models.CharField(max_length=2, choices=LOGIN_FROM_CHOICES, default="ST")
    remote_addr = models.CharField(max_length=128, verbose_name=_("Remote addr"), blank=True, null=True)
-    is_finished = models.BooleanField(default=False)
+    is_finished = models.BooleanField(default=False, db_index=True)
    has_replay = models.BooleanField(default=False, verbose_name=_("Replay"))
    has_command = models.BooleanField(default=False, verbose_name=_("Command"))
    terminal = models.ForeignKey(Terminal, null=True, on_delete=models.SET_NULL)