mirror of https://github.com/jumpserver/jumpserver
Jiangjie.Bai
GitHub
commit
3e55447327
|
|
@ -57,7 +57,7 @@ class AuthBook(BaseUser):
|
|||
同时设置自己的 is_latest=True, version=max_version + 1
|
||||
"""
|
||||
username = kwargs['username']
|
||||
asset = kwargs['asset']
|
||||
asset = kwargs.get('asset') or kwargs.get('asset_id')
|
||||
with transaction.atomic():
|
||||
# 使用select_for_update限制并发创建相同的username、asset条目
|
||||
instances = cls.objects.select_for_update().filter(username=username, asset=asset)
|
||||
|
|
|
|||
|
|
@ -125,7 +125,8 @@ def on_audits_log_create(sender, instance=None, **kwargs):
|
|||
|
||||
|
||||
def get_login_backend(request):
|
||||
backend = request.session.get(BACKEND_SESSION_KEY, '')
|
||||
backend = request.session.get('auth_backend', '') or request.session.get(BACKEND_SESSION_KEY, '')
|
||||
|
||||
backend = backend.rsplit('.', maxsplit=1)[-1]
|
||||
if backend in LOGIN_BACKEND:
|
||||
return LOGIN_BACKEND[backend]
|
||||
|
|
|
|||
|
|
@ -69,17 +69,16 @@ class LoginConfirmSetting(CommonModelMixin):
|
|||
from tickets import const
|
||||
from tickets.models import Ticket
|
||||
ticket_title = _('Login confirm') + ' {}'.format(self.user)
|
||||
ticket_applicant = self.user
|
||||
ticket_meta = self.construct_confirm_ticket_meta(request)
|
||||
ticket_assignees = self.reviewers.all()
|
||||
data = {
|
||||
'title': ticket_title,
|
||||
'type': const.TicketTypeChoices.login_confirm.value,
|
||||
'applicant': ticket_applicant,
|
||||
'meta': ticket_meta,
|
||||
}
|
||||
ticket = Ticket.objects.create(**data)
|
||||
ticket.assignees.set(ticket_assignees)
|
||||
ticket.open(self.user)
|
||||
return ticket
|
||||
|
||||
def __str__(self):
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: JumpServer 0.3.3\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2021-01-19 20:03+0800\n"
|
||||
"POT-Creation-Date: 2021-01-20 16:09+0800\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: ibuler <ibuler@qq.com>\n"
|
||||
"Language-Team: JumpServer team<ibuler@qq.com>\n"
|
||||
|
|
@ -268,7 +268,7 @@ msgstr "主机名"
|
|||
|
||||
#: assets/models/asset.py:194 assets/models/domain.py:54
|
||||
#: assets/models/user.py:120 terminal/serializers/session.py:29
|
||||
#: terminal/serializers/storage.py:68
|
||||
#: terminal/serializers/storage.py:69
|
||||
msgid "Protocol"
|
||||
msgstr "协议"
|
||||
|
||||
|
|
@ -555,7 +555,7 @@ msgstr "默认资产组"
|
|||
|
||||
#: assets/models/label.py:15 audits/models.py:36 audits/models.py:56
|
||||
#: audits/models.py:69 audits/serializers.py:81 authentication/models.py:44
|
||||
#: authentication/models.py:96 orgs/models.py:18 orgs/models.py:423
|
||||
#: authentication/models.py:95 orgs/models.py:18 orgs/models.py:423
|
||||
#: perms/models/asset_permission.py:173 perms/models/base.py:49
|
||||
#: templates/index.html:78 terminal/backends/command/models.py:18
|
||||
#: terminal/backends/command/serializers.py:12 terminal/models/session.py:37
|
||||
|
|
@ -653,7 +653,7 @@ msgstr "登录模式"
|
|||
msgid "SFTP Root"
|
||||
msgstr "SFTP根路径"
|
||||
|
||||
#: assets/models/user.py:127 authentication/models.py:94
|
||||
#: assets/models/user.py:127 authentication/models.py:93
|
||||
msgid "Token"
|
||||
msgstr ""
|
||||
|
||||
|
|
@ -726,7 +726,7 @@ msgstr "硬件信息"
|
|||
msgid "Org name"
|
||||
msgstr "组织名称"
|
||||
|
||||
#: assets/serializers/asset.py:162 assets/serializers/asset.py:193
|
||||
#: assets/serializers/asset.py:162 assets/serializers/asset.py:201
|
||||
msgid "Connectivity"
|
||||
msgstr "连接"
|
||||
|
||||
|
|
@ -1129,7 +1129,7 @@ msgstr "是否成功"
|
|||
msgid "Result"
|
||||
msgstr "结果"
|
||||
|
||||
#: audits/serializers.py:79 terminal/serializers/storage.py:177
|
||||
#: audits/serializers.py:79 terminal/serializers/storage.py:178
|
||||
msgid "Hosts"
|
||||
msgstr "主机"
|
||||
|
||||
|
|
@ -1324,7 +1324,7 @@ msgstr "审批人"
|
|||
msgid "Login confirm"
|
||||
msgstr "登录复核"
|
||||
|
||||
#: authentication/models.py:95
|
||||
#: authentication/models.py:94
|
||||
msgid "Expired"
|
||||
msgstr "过期时间"
|
||||
|
||||
|
|
@ -2714,60 +2714,60 @@ msgstr "是否可重放"
|
|||
msgid "Can join"
|
||||
msgstr "是否可加入"
|
||||
|
||||
#: terminal/serializers/storage.py:20
|
||||
#: terminal/serializers/storage.py:21
|
||||
msgid "Endpoint invalid: remove path `{}`"
|
||||
msgstr "端点无效: 移除路径 `{}`"
|
||||
|
||||
#: terminal/serializers/storage.py:26
|
||||
#: terminal/serializers/storage.py:27
|
||||
msgid "Bucket"
|
||||
msgstr "桶名称"
|
||||
|
||||
#: terminal/serializers/storage.py:29
|
||||
#: terminal/serializers/storage.py:30
|
||||
msgid "Access key"
|
||||
msgstr ""
|
||||
|
||||
#: terminal/serializers/storage.py:33
|
||||
#: terminal/serializers/storage.py:34
|
||||
msgid "Secret key"
|
||||
msgstr ""
|
||||
|
||||
#: terminal/serializers/storage.py:38 terminal/serializers/storage.py:50
|
||||
#: terminal/serializers/storage.py:80
|
||||
#: terminal/serializers/storage.py:39 terminal/serializers/storage.py:51
|
||||
#: terminal/serializers/storage.py:81
|
||||
msgid "Endpoint"
|
||||
msgstr "端点"
|
||||
|
||||
#: terminal/serializers/storage.py:65 xpack/plugins/cloud/models.py:276
|
||||
#: terminal/serializers/storage.py:66 xpack/plugins/cloud/models.py:276
|
||||
msgid "Region"
|
||||
msgstr "地域"
|
||||
|
||||
#: terminal/serializers/storage.py:90
|
||||
#: terminal/serializers/storage.py:91
|
||||
msgid "Container name"
|
||||
msgstr "容器名称"
|
||||
|
||||
#: terminal/serializers/storage.py:92
|
||||
#: terminal/serializers/storage.py:93
|
||||
msgid "Account name"
|
||||
msgstr "账户名称"
|
||||
|
||||
#: terminal/serializers/storage.py:93
|
||||
#: terminal/serializers/storage.py:94
|
||||
msgid "Account key"
|
||||
msgstr "账户密钥"
|
||||
|
||||
#: terminal/serializers/storage.py:96
|
||||
#: terminal/serializers/storage.py:97
|
||||
msgid "Endpoint suffix"
|
||||
msgstr "端点后缀"
|
||||
|
||||
#: terminal/serializers/storage.py:154
|
||||
#: terminal/serializers/storage.py:155
|
||||
msgid "The address format is incorrect"
|
||||
msgstr "地址格式不正确"
|
||||
|
||||
#: terminal/serializers/storage.py:161
|
||||
#: terminal/serializers/storage.py:162
|
||||
msgid "Host invalid"
|
||||
msgstr "主机无效"
|
||||
|
||||
#: terminal/serializers/storage.py:164
|
||||
#: terminal/serializers/storage.py:165
|
||||
msgid "Port invalid"
|
||||
msgstr "端口无效"
|
||||
|
||||
#: terminal/serializers/storage.py:180
|
||||
#: terminal/serializers/storage.py:181
|
||||
msgid "Index"
|
||||
msgstr "索引"
|
||||
|
||||
|
|
@ -2911,8 +2911,8 @@ msgid "Approved actions"
|
|||
msgstr "批准的动作"
|
||||
|
||||
#: tickets/handler/base.py:62
|
||||
msgid "User {} {} the ticket"
|
||||
msgstr "用户 {} {} 这个工单"
|
||||
msgid "{} {} the ticket"
|
||||
msgstr "{} {}工单"
|
||||
|
||||
#: tickets/handler/base.py:91
|
||||
msgid "Ticket title"
|
||||
|
|
@ -3236,7 +3236,7 @@ msgid "Join user groups"
|
|||
msgstr "添加到用户组"
|
||||
|
||||
#: users/forms/user.py:103 users/views/profile/password.py:59
|
||||
#: users/views/profile/reset.py:127
|
||||
#: users/views/profile/reset.py:126
|
||||
msgid "* Your password does not meet the requirements"
|
||||
msgstr "* 您的密码不符合要求"
|
||||
|
||||
|
|
@ -3867,7 +3867,7 @@ msgstr "新的公钥已设置成功,请下载对应的私钥"
|
|||
msgid "Update user"
|
||||
msgstr "更新用户"
|
||||
|
||||
#: users/templates/users/user_update.html:22 users/views/profile/reset.py:120
|
||||
#: users/templates/users/user_update.html:22 users/views/profile/reset.py:119
|
||||
msgid "User auth from {}, go there change password"
|
||||
msgstr "用户认证源来自 {}, 请去相应系统修改密码"
|
||||
|
||||
|
|
@ -3975,7 +3975,7 @@ msgstr ""
|
|||
" <br>\n"
|
||||
" "
|
||||
|
||||
#: users/utils.py:116 users/views/profile/reset.py:80
|
||||
#: users/utils.py:116 users/views/profile/reset.py:79
|
||||
msgid "Reset password success"
|
||||
msgstr "重置密码成功"
|
||||
|
||||
|
|
@ -4188,20 +4188,20 @@ msgid ""
|
|||
"password"
|
||||
msgstr "用户来自 {} 请去相应系统修改密码"
|
||||
|
||||
#: users/views/profile/reset.py:66
|
||||
#: users/views/profile/reset.py:65
|
||||
msgid "Send reset password message"
|
||||
msgstr "发送重置密码邮件"
|
||||
|
||||
#: users/views/profile/reset.py:67
|
||||
#: users/views/profile/reset.py:66
|
||||
msgid "Send reset password mail success, login your mail box and follow it "
|
||||
msgstr ""
|
||||
"发送重置邮件成功, 请登录邮箱查看, 按照提示操作 (如果没收到,请等待3-5分钟)"
|
||||
|
||||
#: users/views/profile/reset.py:81
|
||||
#: users/views/profile/reset.py:80
|
||||
msgid "Reset password success, return to login page"
|
||||
msgstr "重置密码成功,返回到登录页面"
|
||||
|
||||
#: users/views/profile/reset.py:105 users/views/profile/reset.py:115
|
||||
#: users/views/profile/reset.py:104 users/views/profile/reset.py:114
|
||||
msgid "Token invalid or expired"
|
||||
msgstr "Token错误或失效"
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ class SessionCommandSerializer(serializers.Serializer):
|
|||
"""使用这个类作为基础Command Log Serializer类, 用来序列化"""
|
||||
|
||||
id = serializers.UUIDField(read_only=True)
|
||||
user = serializers.CharField(max_length=64, label=_("User"))
|
||||
user = serializers.CharField(label=_("User")) # 限制 64 字符,见 validate_user
|
||||
asset = serializers.CharField(max_length=128, label=_("Asset"))
|
||||
system_user = serializers.CharField(max_length=64, label=_("System user"))
|
||||
input = serializers.CharField(max_length=128, label=_("Command"))
|
||||
|
|
@ -25,6 +25,11 @@ class SessionCommandSerializer(serializers.Serializer):
|
|||
risk_mapper = dict(AbstractSessionCommand.RISK_LEVEL_CHOICES)
|
||||
return risk_mapper.get(obj.risk_level)
|
||||
|
||||
def validate_user(self, value):
|
||||
if len(value) > 64:
|
||||
value = value[:32] + value[-32:]
|
||||
return value
|
||||
|
||||
|
||||
class InsecureCommandAlertSerializer(serializers.Serializer):
|
||||
input = serializers.CharField()
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ from urllib.parse import urlparse
|
|||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.db.models import TextChoices
|
||||
from common.drf.serializers import MethodSerializer
|
||||
from common.drf.fields import ReadableHiddenField
|
||||
from ..models import ReplayStorage, CommandStorage
|
||||
from .. import const
|
||||
|
||||
|
|
@ -170,7 +171,7 @@ class CommandStorageTypeESSerializer(serializers.Serializer):
|
|||
|
||||
hosts_help_text = '''
|
||||
Tip: If there are multiple hosts, use a comma (,) to separate them.
|
||||
(eg: http://www.jumpserver.a.com, http://www.jumpserver.b.com)
|
||||
(eg: http://www.jumpserver.a.com:9100, http://www.jumpserver.b.com:9100)
|
||||
'''
|
||||
HOSTS = serializers.ListField(
|
||||
child=serializers.CharField(validators=[command_storage_es_host_format_validator]),
|
||||
|
|
@ -179,9 +180,8 @@ class CommandStorageTypeESSerializer(serializers.Serializer):
|
|||
INDEX = serializers.CharField(
|
||||
max_length=1024, default='jumpserver', label=_('Index'), allow_null=True
|
||||
)
|
||||
DOC_TYPE = serializers.CharField(
|
||||
max_length=1024, read_only=True, default='command', label=_('Doc type'), allow_null=True
|
||||
)
|
||||
DOC_TYPE = ReadableHiddenField(default='command', label=_('Doc type'), allow_null=True)
|
||||
|
||||
|
||||
# mapping
|
||||
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ class BaseHandler(object):
|
|||
user_display = str(user)
|
||||
action_display = self.ticket.get_action_display()
|
||||
data = {
|
||||
'body': _('User {} {} the ticket'.format(user_display, action_display)),
|
||||
'body': _('{} {} the ticket').format(user_display, action_display),
|
||||
'user': user,
|
||||
'user_display': user_display
|
||||
}
|
||||
|
|
|
|||
|
|
@ -49,8 +49,7 @@ class UserForgotPasswordView(FormView):
|
|||
if not user.is_local:
|
||||
error = _(
|
||||
'The user is from {}, please go to the corresponding system to change the password'
|
||||
''.format(user.get_source_display())
|
||||
)
|
||||
).format(user.get_source_display())
|
||||
form.add_error('email', error)
|
||||
return self.form_invalid(form)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue