perf: Enhance SQL query and update risk handling in accounts

apps/accounts/automations/gather_account/database/sqlserver/main.yml

@@ -12,7 +12,26 @@
         login_port: "{{ jms_asset.port }}"
         name: '{{ jms_asset.spec_info.db_name }}'
         script: |
-          select * from sys.sql_logins
+          SELECT 
+              l.name,
+              l.modify_date,
+              l.is_disabled,
+              l.create_date,
+              l.default_database_name,
+              LOGINPROPERTY(name, 'DaysUntilExpiration') AS days_until_expiration,
+              MAX(s.login_time) AS last_login_time
+          FROM 
+              sys.sql_logins l
+          LEFT JOIN 
+              sys.dm_exec_sessions s
+          ON 
+              l.name = s.login_name
+          WHERE 
+              s.is_user_process = 1 OR s.login_name IS NULL
+          GROUP BY 
+              l.name, l.create_date, l.modify_date, l.is_disabled, l.default_database_name
+          ORDER BY 
+              last_login_time DESC;
         output: dict
       register: db_info
 

apps/accounts/automations/gather_account/filter.py

@@ -72,11 +72,14 @@ class GatherAccountsFilter:
             return {}
         result = {}
         for user_info in info[0][0]:
+            days_until_expiration = user_info.get('days_until_expiration')
+            date_password_expired = timezone.now() + timezone.timedelta(
+                days=int(days_until_expiration)) if days_until_expiration else None
             user = {
                 'username': user_info.get('name', ''),
-                'date_password_change': None,
-                'date_password_expired': None,
-                'date_last_login': None,
+                'date_password_change': parse_date(user_info.get('modify_date')),
+                'date_password_expired': date_password_expired,
+                'date_last_login': parse_date(user_info.get('last_login_time')),
                 'groups': '',
             }
             detail = {
@@ -84,6 +87,7 @@ class GatherAccountsFilter:
                 'is_disabled': user_info.get('is_disabled', ''),
                 'default_database_name': user_info.get('default_database_name', ''),
             }
+            print(user)
             user['detail'] = detail
             result[user['username']] = user
         return result

apps/accounts/automations/gather_account/manager.py

@@ -270,7 +270,7 @@ class GatherAccountsManager(AccountBasePlaybookManager):
         lost_users = ori_ga_users - remote_users
         if lost_users:
             queryset.filter(username__in=lost_users).update(
-                status="", remote_present=False
+                status=ConfirmOrIgnore.pending, remote_present=False
             )
             self.summary["lost_accounts"] += len(lost_users)
             for username in lost_users:
@@ -285,7 +285,7 @@ class GatherAccountsManager(AccountBasePlaybookManager):
         # 标识状态为 待处理, 让管理员去确认
         ga_added_users = ori_ga_users - ori_users
         if ga_added_users:
-            queryset.filter(username__in=ga_added_users).update(status="")
+            queryset.filter(username__in=ga_added_users).update(status=ConfirmOrIgnore.pending)
 
         # 收集的账号 比 账号列表少的
         # 这个好像不不用对比，原始情况就这样

apps/accounts/risk_handlers.py

@@ -53,7 +53,8 @@ class RiskHandler:
         return r.first()
 
     def handle_ignore(self):
-        pass
+        GatheredAccount.objects.filter(asset=self.asset, username=self.username).update(status=ConfirmOrIgnore.ignored)
+        self.risk = 'ignored'
 
     def handle_review(self):
         pass