diff --git a/apps/assets/models/authbook.py b/apps/assets/models/authbook.py index 7d0a3f472..35b7e3894 100644 --- a/apps/assets/models/authbook.py +++ b/apps/assets/models/authbook.py @@ -57,7 +57,7 @@ class AuthBook(BaseUser): 同时设置自己的 is_latest=True, version=max_version + 1 """ username = kwargs['username'] - asset = kwargs['asset'] + asset = kwargs.get('asset') or kwargs.get('asset_id') with transaction.atomic(): # 使用select_for_update限制并发创建相同的username、asset条目 instances = cls.objects.select_for_update().filter(username=username, asset=asset) diff --git a/apps/audits/signals_handler.py b/apps/audits/signals_handler.py index 5543cca3b..4b527c846 100644 --- a/apps/audits/signals_handler.py +++ b/apps/audits/signals_handler.py @@ -125,7 +125,8 @@ def on_audits_log_create(sender, instance=None, **kwargs): def get_login_backend(request): - backend = request.session.get(BACKEND_SESSION_KEY, '') + backend = request.session.get('auth_backend', '') or request.session.get(BACKEND_SESSION_KEY, '') + backend = backend.rsplit('.', maxsplit=1)[-1] if backend in LOGIN_BACKEND: return LOGIN_BACKEND[backend] diff --git a/apps/authentication/models.py b/apps/authentication/models.py index b2f6ad602..5764e84c8 100644 --- a/apps/authentication/models.py +++ b/apps/authentication/models.py @@ -69,17 +69,16 @@ class LoginConfirmSetting(CommonModelMixin): from tickets import const from tickets.models import Ticket ticket_title = _('Login confirm') + ' {}'.format(self.user) - ticket_applicant = self.user ticket_meta = self.construct_confirm_ticket_meta(request) ticket_assignees = self.reviewers.all() data = { 'title': ticket_title, 'type': const.TicketTypeChoices.login_confirm.value, - 'applicant': ticket_applicant, 'meta': ticket_meta, } ticket = Ticket.objects.create(**data) ticket.assignees.set(ticket_assignees) + ticket.open(self.user) return ticket def __str__(self): diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo index 0e3edb301..56fb9b8d2 100644 Binary files a/apps/locale/zh/LC_MESSAGES/django.mo and b/apps/locale/zh/LC_MESSAGES/django.mo differ diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index d5e9ddc26..57fff2e30 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2021-01-19 20:03+0800\n" +"POT-Creation-Date: 2021-01-20 16:09+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -268,7 +268,7 @@ msgstr "主机名" #: assets/models/asset.py:194 assets/models/domain.py:54 #: assets/models/user.py:120 terminal/serializers/session.py:29 -#: terminal/serializers/storage.py:68 +#: terminal/serializers/storage.py:69 msgid "Protocol" msgstr "协议" @@ -555,7 +555,7 @@ msgstr "默认资产组" #: assets/models/label.py:15 audits/models.py:36 audits/models.py:56 #: audits/models.py:69 audits/serializers.py:81 authentication/models.py:44 -#: authentication/models.py:96 orgs/models.py:18 orgs/models.py:423 +#: authentication/models.py:95 orgs/models.py:18 orgs/models.py:423 #: perms/models/asset_permission.py:173 perms/models/base.py:49 #: templates/index.html:78 terminal/backends/command/models.py:18 #: terminal/backends/command/serializers.py:12 terminal/models/session.py:37 @@ -653,7 +653,7 @@ msgstr "登录模式" msgid "SFTP Root" msgstr "SFTP根路径" -#: assets/models/user.py:127 authentication/models.py:94 +#: assets/models/user.py:127 authentication/models.py:93 msgid "Token" msgstr "" @@ -726,7 +726,7 @@ msgstr "硬件信息" msgid "Org name" msgstr "组织名称" -#: assets/serializers/asset.py:162 assets/serializers/asset.py:193 +#: assets/serializers/asset.py:162 assets/serializers/asset.py:201 msgid "Connectivity" msgstr "连接" @@ -1129,7 +1129,7 @@ msgstr "是否成功" msgid "Result" msgstr "结果" -#: audits/serializers.py:79 terminal/serializers/storage.py:177 +#: audits/serializers.py:79 terminal/serializers/storage.py:178 msgid "Hosts" msgstr "主机" @@ -1324,7 +1324,7 @@ msgstr "审批人" msgid "Login confirm" msgstr "登录复核" -#: authentication/models.py:95 +#: authentication/models.py:94 msgid "Expired" msgstr "过期时间" @@ -2714,60 +2714,60 @@ msgstr "是否可重放" msgid "Can join" msgstr "是否可加入" -#: terminal/serializers/storage.py:20 +#: terminal/serializers/storage.py:21 msgid "Endpoint invalid: remove path `{}`" msgstr "端点无效: 移除路径 `{}`" -#: terminal/serializers/storage.py:26 +#: terminal/serializers/storage.py:27 msgid "Bucket" msgstr "桶名称" -#: terminal/serializers/storage.py:29 +#: terminal/serializers/storage.py:30 msgid "Access key" msgstr "" -#: terminal/serializers/storage.py:33 +#: terminal/serializers/storage.py:34 msgid "Secret key" msgstr "" -#: terminal/serializers/storage.py:38 terminal/serializers/storage.py:50 -#: terminal/serializers/storage.py:80 +#: terminal/serializers/storage.py:39 terminal/serializers/storage.py:51 +#: terminal/serializers/storage.py:81 msgid "Endpoint" msgstr "端点" -#: terminal/serializers/storage.py:65 xpack/plugins/cloud/models.py:276 +#: terminal/serializers/storage.py:66 xpack/plugins/cloud/models.py:276 msgid "Region" msgstr "地域" -#: terminal/serializers/storage.py:90 +#: terminal/serializers/storage.py:91 msgid "Container name" msgstr "容器名称" -#: terminal/serializers/storage.py:92 +#: terminal/serializers/storage.py:93 msgid "Account name" msgstr "账户名称" -#: terminal/serializers/storage.py:93 +#: terminal/serializers/storage.py:94 msgid "Account key" msgstr "账户密钥" -#: terminal/serializers/storage.py:96 +#: terminal/serializers/storage.py:97 msgid "Endpoint suffix" msgstr "端点后缀" -#: terminal/serializers/storage.py:154 +#: terminal/serializers/storage.py:155 msgid "The address format is incorrect" msgstr "地址格式不正确" -#: terminal/serializers/storage.py:161 +#: terminal/serializers/storage.py:162 msgid "Host invalid" msgstr "主机无效" -#: terminal/serializers/storage.py:164 +#: terminal/serializers/storage.py:165 msgid "Port invalid" msgstr "端口无效" -#: terminal/serializers/storage.py:180 +#: terminal/serializers/storage.py:181 msgid "Index" msgstr "索引" @@ -2911,8 +2911,8 @@ msgid "Approved actions" msgstr "批准的动作" #: tickets/handler/base.py:62 -msgid "User {} {} the ticket" -msgstr "用户 {} {} 这个工单" +msgid "{} {} the ticket" +msgstr "{} {}工单" #: tickets/handler/base.py:91 msgid "Ticket title" @@ -3236,7 +3236,7 @@ msgid "Join user groups" msgstr "添加到用户组" #: users/forms/user.py:103 users/views/profile/password.py:59 -#: users/views/profile/reset.py:127 +#: users/views/profile/reset.py:126 msgid "* Your password does not meet the requirements" msgstr "* 您的密码不符合要求" @@ -3867,7 +3867,7 @@ msgstr "新的公钥已设置成功,请下载对应的私钥" msgid "Update user" msgstr "更新用户" -#: users/templates/users/user_update.html:22 users/views/profile/reset.py:120 +#: users/templates/users/user_update.html:22 users/views/profile/reset.py:119 msgid "User auth from {}, go there change password" msgstr "用户认证源来自 {}, 请去相应系统修改密码" @@ -3975,7 +3975,7 @@ msgstr "" "
\n" " " -#: users/utils.py:116 users/views/profile/reset.py:80 +#: users/utils.py:116 users/views/profile/reset.py:79 msgid "Reset password success" msgstr "重置密码成功" @@ -4188,20 +4188,20 @@ msgid "" "password" msgstr "用户来自 {} 请去相应系统修改密码" -#: users/views/profile/reset.py:66 +#: users/views/profile/reset.py:65 msgid "Send reset password message" msgstr "发送重置密码邮件" -#: users/views/profile/reset.py:67 +#: users/views/profile/reset.py:66 msgid "Send reset password mail success, login your mail box and follow it " msgstr "" "发送重置邮件成功, 请登录邮箱查看, 按照提示操作 (如果没收到,请等待3-5分钟)" -#: users/views/profile/reset.py:81 +#: users/views/profile/reset.py:80 msgid "Reset password success, return to login page" msgstr "重置密码成功,返回到登录页面" -#: users/views/profile/reset.py:105 users/views/profile/reset.py:115 +#: users/views/profile/reset.py:104 users/views/profile/reset.py:114 msgid "Token invalid or expired" msgstr "Token错误或失效" diff --git a/apps/terminal/backends/command/serializers.py b/apps/terminal/backends/command/serializers.py index d31cfd82f..698b2fd99 100644 --- a/apps/terminal/backends/command/serializers.py +++ b/apps/terminal/backends/command/serializers.py @@ -9,7 +9,7 @@ class SessionCommandSerializer(serializers.Serializer): """使用这个类作为基础Command Log Serializer类, 用来序列化""" id = serializers.UUIDField(read_only=True) - user = serializers.CharField(max_length=64, label=_("User")) + user = serializers.CharField(label=_("User")) # 限制 64 字符,见 validate_user asset = serializers.CharField(max_length=128, label=_("Asset")) system_user = serializers.CharField(max_length=64, label=_("System user")) input = serializers.CharField(max_length=128, label=_("Command")) @@ -25,6 +25,11 @@ class SessionCommandSerializer(serializers.Serializer): risk_mapper = dict(AbstractSessionCommand.RISK_LEVEL_CHOICES) return risk_mapper.get(obj.risk_level) + def validate_user(self, value): + if len(value) > 64: + value = value[:32] + value[-32:] + return value + class InsecureCommandAlertSerializer(serializers.Serializer): input = serializers.CharField() diff --git a/apps/terminal/serializers/storage.py b/apps/terminal/serializers/storage.py index 0f3bb4df4..24d619540 100644 --- a/apps/terminal/serializers/storage.py +++ b/apps/terminal/serializers/storage.py @@ -6,6 +6,7 @@ from urllib.parse import urlparse from django.utils.translation import ugettext_lazy as _ from django.db.models import TextChoices from common.drf.serializers import MethodSerializer +from common.drf.fields import ReadableHiddenField from ..models import ReplayStorage, CommandStorage from .. import const @@ -170,7 +171,7 @@ class CommandStorageTypeESSerializer(serializers.Serializer): hosts_help_text = ''' Tip: If there are multiple hosts, use a comma (,) to separate them. - (eg: http://www.jumpserver.a.com, http://www.jumpserver.b.com) + (eg: http://www.jumpserver.a.com:9100, http://www.jumpserver.b.com:9100) ''' HOSTS = serializers.ListField( child=serializers.CharField(validators=[command_storage_es_host_format_validator]), @@ -179,9 +180,8 @@ class CommandStorageTypeESSerializer(serializers.Serializer): INDEX = serializers.CharField( max_length=1024, default='jumpserver', label=_('Index'), allow_null=True ) - DOC_TYPE = serializers.CharField( - max_length=1024, read_only=True, default='command', label=_('Doc type'), allow_null=True - ) + DOC_TYPE = ReadableHiddenField(default='command', label=_('Doc type'), allow_null=True) + # mapping diff --git a/apps/tickets/handler/base.py b/apps/tickets/handler/base.py index a0092a96a..b095a2791 100644 --- a/apps/tickets/handler/base.py +++ b/apps/tickets/handler/base.py @@ -59,7 +59,7 @@ class BaseHandler(object): user_display = str(user) action_display = self.ticket.get_action_display() data = { - 'body': _('User {} {} the ticket'.format(user_display, action_display)), + 'body': _('{} {} the ticket').format(user_display, action_display), 'user': user, 'user_display': user_display } diff --git a/apps/users/views/profile/reset.py b/apps/users/views/profile/reset.py index c5fa09eb5..8c676c756 100644 --- a/apps/users/views/profile/reset.py +++ b/apps/users/views/profile/reset.py @@ -49,8 +49,7 @@ class UserForgotPasswordView(FormView): if not user.is_local: error = _( 'The user is from {}, please go to the corresponding system to change the password' - ''.format(user.get_source_display()) - ) + ).format(user.get_source_display()) form.add_error('email', error) return self.form_invalid(form)