github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Update] Merge with master

pull/3723/head
ibuler 2020-02-26 16:15:42 +08:00
parent c354b55f61 4f93a3ca92
commit 1e8ef8c925
13 changed files with 56 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/authentication/api/token.py
View File

@ -23,6 +23,7 @@ class TokenCreateApi(AuthMixin, CreateAPIView):
def create_session_if_need(self): def create_session_if_need(self):
if self.request.session.is_empty(): if self.request.session.is_empty():
self.request.session.create() self.request.session.create()
self.request.session.set_expiry(600)
def create(self, request, *args, **kwargs): def create(self, request, *args, **kwargs):
self.create_session_if_need() self.create_session_if_need()

14
apps/common/utils/django.py
View File

@ -2,6 +2,7 @@
# #
import re import re
from django.shortcuts import reverse as dj_reverse from django.shortcuts import reverse as dj_reverse
from django.db.models import Subquery, QuerySet
from django.conf import settings from django.conf import settings
from django.utils import timezone from django.utils import timezone
@ -35,3 +36,16 @@ def date_expired_default():
years = 70 years = 70
return timezone.now() + timezone.timedelta(days=365*years) return timezone.now() + timezone.timedelta(days=365*years)
def union_queryset(*args, base_queryset=None):
if len(args) == 1:
return args[0]
elif len(args) == 0:
raise ValueError("args is empty")
args = [q.order_by() for q in args]
sub_query = args[0].union(*args[1:])
queryset_id = list(sub_query.values_list('id', flat=True))
if not base_queryset:
base_queryset = args[0].model.objects
queryset = base_queryset.filter(id__in=queryset_id)
return queryset

1
apps/jumpserver/conf.py
View File

@ -193,6 +193,7 @@ class Config(dict):
'FORCE_SCRIPT_NAME': '', 'FORCE_SCRIPT_NAME': '',
'LOGIN_CONFIRM_ENABLE': False, 'LOGIN_CONFIRM_ENABLE': False,
'WINDOWS_SKIP_ALL_MANUAL_PASSWORD': False, 'WINDOWS_SKIP_ALL_MANUAL_PASSWORD': False,
'ORG_CHANGE_TO_URL': ''
} }
def convert_type(self, k, v): def convert_type(self, k, v):

1
apps/jumpserver/settings/custom.py
View File

@ -82,4 +82,5 @@ USER_GUIDE_URL = DYNAMIC.USER_GUIDE_URL
HTTP_LISTEN_PORT = CONFIG.HTTP_LISTEN_PORT HTTP_LISTEN_PORT = CONFIG.HTTP_LISTEN_PORT
WS_LISTEN_PORT = CONFIG.WS_LISTEN_PORT WS_LISTEN_PORT = CONFIG.WS_LISTEN_PORT
LOGIN_LOG_KEEP_DAYS = DYNAMIC.LOGIN_LOG_KEEP_DAYS LOGIN_LOG_KEEP_DAYS = DYNAMIC.LOGIN_LOG_KEEP_DAYS
ORG_CHANGE_TO_URL = CONFIG.ORG_CHANGE_TO_URL
WINDOWS_SKIP_ALL_MANUAL_PASSWORD = CONFIG.WINDOWS_SKIP_ALL_MANUAL_PASSWORD WINDOWS_SKIP_ALL_MANUAL_PASSWORD = CONFIG.WINDOWS_SKIP_ALL_MANUAL_PASSWORD

4
apps/orgs/views.py
View File

@ -1,4 +1,5 @@
from django.shortcuts import redirect, reverse from django.shortcuts import redirect, reverse
from django.conf import settings
from django.http import HttpResponseForbidden from django.http import HttpResponseForbidden
from django.views.generic import DetailView, View from django.views.generic import DetailView, View
@ -16,6 +17,9 @@ class SwitchOrgView(DetailView):
self.object = Organization.get_instance(pk) self.object = Organization.get_instance(pk)
oid = str(self.object.id) oid = str(self.object.id)
request.session['oid'] = oid request.session['oid'] = oid
org_change_to_url = settings.ORG_CHANGE_TO_URL
if org_change_to_url:
return redirect(org_change_to_url)
host = request.get_host() host = request.get_host()
referer = request.META.get('HTTP_REFERER', '') referer = request.META.get('HTTP_REFERER', '')
if referer.find(host) == -1: if referer.find(host) == -1:

1
apps/perms/api/asset_permission.py
View File

@ -1,6 +1,5 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# #
from django.db.models import Q from django.db.models import Q
from common.permissions import IsOrgAdmin from common.permissions import IsOrgAdmin

1
apps/perms/api/user_permission/common.py
View File

@ -114,3 +114,4 @@ class UserGrantedAssetSystemUsersApi(UserAssetPermissionMixin, ListAPIView):
system_users.append(system_user) system_users.append(system_user)
system_users.sort(key=lambda x: x.priority) system_users.sort(key=lambda x: x.priority)
return system_users return system_users

2
apps/perms/models/asset_permission.py
View File

@ -93,7 +93,7 @@ class AssetPermission(BasePermission):
models.Prefetch('nodes', queryset=Node.objects.all().only('key')), models.Prefetch('nodes', queryset=Node.objects.all().only('key')),
models.Prefetch('assets', queryset=Asset.objects.all().only('id')), models.Prefetch('assets', queryset=Asset.objects.all().only('id')),
models.Prefetch('system_users', queryset=SystemUser.objects.all().only('id')) models.Prefetch('system_users', queryset=SystemUser.objects.all().only('id'))
) ).order_by()
def get_all_assets(self): def get_all_assets(self):
from assets.models import Node from assets.models import Node

2
apps/perms/models/base.py
View File

@ -8,7 +8,7 @@ from django.db.models import Q
from django.utils import timezone from django.utils import timezone
from orgs.mixins.models import OrgModelMixin from orgs.mixins.models import OrgModelMixin
from common.utils import date_expired_default, set_or_append_attr_bulk from common.utils import date_expired_default
from orgs.mixins.models import OrgManager from orgs.mixins.models import OrgManager

5
apps/perms/utils/database_app_permission.py
View File

@ -1,10 +1,10 @@
# coding: utf-8 # coding: utf-8
# #
from django.db.models import Q
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from orgs.utils import set_to_root_org from django.db.models import Q
from orgs.utils import set_to_root_org
from ..models import DatabaseAppPermission from ..models import DatabaseAppPermission
from common.tree import TreeNode from common.tree import TreeNode
from applications.models import DatabaseApp from applications.models import DatabaseApp
@ -17,6 +17,7 @@ __all__ = [
'parse_database_app_to_tree_node' 'parse_database_app_to_tree_node'
] ]
def get_user_database_app_permissions(user, include_group=True): def get_user_database_app_permissions(user, include_group=True):
if include_group: if include_group:
groups = user.groups.all() groups = user.groups.all()

2
apps/perms/utils/remote_app_permission.py
View File

@ -1,8 +1,8 @@
# coding: utf-8 # coding: utf-8
# #
from django.db.models import Q
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from django.db.models import Q
from common.tree import TreeNode from common.tree import TreeNode
from orgs.utils import set_to_root_org from orgs.utils import set_to_root_org

18
apps/terminal/migrations/0021_auto_20200213_1316.py Normal file
View File

@ -0,0 +1,18 @@
# Generated by Django 2.2.10 on 2020-02-13 05:16
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('terminal', '0020_auto_20191218_1721'),
]
operations = [
migrations.AlterField(
model_name='session',
name='is_finished',
field=models.BooleanField(db_index=True, default=False),
),
]

11
apps/terminal/models.py
View File

@ -90,6 +90,14 @@ class Terminal(models.Model):
config = self.get_replay_storage_config() config = self.get_replay_storage_config()
return {"TERMINAL_REPLAY_STORAGE": config} return {"TERMINAL_REPLAY_STORAGE": config}
@staticmethod
def get_login_title_setting():
login_title = None
if settings.XPACK_ENABLED:
from xpack.plugins.interface.models import Interface
login_title = Interface.get_login_title()
return {'TERMINAL_HEADER_TITLE': login_title}
@property @property
def config(self): def config(self):
configs = {} configs = {}
@ -99,6 +107,7 @@ class Terminal(models.Model):
configs[k] = getattr(settings, k) configs[k] = getattr(settings, k)
configs.update(self.get_command_storage_setting()) configs.update(self.get_command_storage_setting())
configs.update(self.get_replay_storage_setting()) configs.update(self.get_replay_storage_setting())
configs.update(self.get_login_title_setting())
configs.update({ configs.update({
'SECURITY_MAX_IDLE_TIME': settings.SECURITY_MAX_IDLE_TIME 'SECURITY_MAX_IDLE_TIME': settings.SECURITY_MAX_IDLE_TIME
}) })
@ -181,7 +190,7 @@ class Session(OrgModelMixin):
system_user_id = models.CharField(blank=True, default='', max_length=36, db_index=True) system_user_id = models.CharField(blank=True, default='', max_length=36, db_index=True)
login_from = models.CharField(max_length=2, choices=LOGIN_FROM_CHOICES, default="ST") login_from = models.CharField(max_length=2, choices=LOGIN_FROM_CHOICES, default="ST")
remote_addr = models.CharField(max_length=128, verbose_name=_("Remote addr"), blank=True, null=True) remote_addr = models.CharField(max_length=128, verbose_name=_("Remote addr"), blank=True, null=True)
is_finished = models.BooleanField(default=False) is_finished = models.BooleanField(default=False, db_index=True)
has_replay = models.BooleanField(default=False, verbose_name=_("Replay")) has_replay = models.BooleanField(default=False, verbose_name=_("Replay"))
has_command = models.BooleanField(default=False, verbose_name=_("Command")) has_command = models.BooleanField(default=False, verbose_name=_("Command"))
terminal = models.ForeignKey(Terminal, null=True, on_delete=models.SET_NULL) terminal = models.ForeignKey(Terminal, null=True, on_delete=models.SET_NULL)