github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(ops): 修复run as 可能引起的返回多个asset user

pull/5021/head
ibuler 2020-11-17 11:36:35 +08:00 committed by Jiangjie.Bai
parent 83099dcd16
commit 40c0aac5a9
2 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
apps/ops/inventory.py
View File

@ -76,7 +76,7 @@ class JMSInventory(JMSBaseInventory):
write you own inventory, construct you inventory, write you own inventory, construct you inventory,
user_info is obtained from admin_user or asset_user user_info is obtained from admin_user or asset_user
""" """
def __init__(self, assets, run_as_admin=False, run_as=None, become_info=None): def __init__(self, assets, run_as_admin=False, run_as=None, become_info=None, system_user=None):
""" """
:param assets: assets :param assets: assets
:param run_as_admin: True 是否使用管理用户去执行, 每台服务器的管理用户可能不同 :param run_as_admin: True 是否使用管理用户去执行, 每台服务器的管理用户可能不同
@ -86,6 +86,7 @@ class JMSInventory(JMSBaseInventory):
self.assets = assets self.assets = assets
self.using_admin = run_as_admin self.using_admin = run_as_admin
self.run_as = run_as self.run_as = run_as
self.system_user = system_user
self.become_info = become_info self.become_info = become_info
host_list = [] host_list = []
@ -104,18 +105,25 @@ class JMSInventory(JMSBaseInventory):
def get_run_user_info(self, host): def get_run_user_info(self, host):
from assets.backends import AssetUserManager from assets.backends import AssetUserManager
if self.run_as is None: if not self.run_as and not self.system_user:
return {} return {}
asset_id = host.get('id', '')
asset = self.assets.filter(id=asset_id).first()
if not asset:
logger.error('Host not found: ', asset_id)
if self.system_user:
self.system_user.load_asset_special_auth(asset=asset, username=self.run_as)
return self.system_user._to_secret_json()
try: try:
asset = self.assets.get(id=host.get('id'))
manager = AssetUserManager() manager = AssetUserManager()
run_user = manager.get_latest(username=self.run_as, asset=asset, prefer='system_user') run_user = manager.get_latest(username=self.run_as, asset=asset, prefer='system_user')
return run_user._to_secret_json()
except Exception as e: except Exception as e:
logger.error(e, exc_info=True) logger.error(e, exc_info=True)
return {} return {}
else:
return run_user._to_secret_json()
class JMSCustomInventory(JMSBaseInventory): class JMSCustomInventory(JMSBaseInventory):

2
apps/ops/models/command.py
View File

@ -37,7 +37,7 @@ class CommandExecution(OrgModelMixin):
username = self.user.username username = self.user.username
else: else:
username = self.run_as.username username = self.run_as.username
inv = JMSInventory(self.hosts.all(), run_as=username) inv = JMSInventory(self.hosts.all(), run_as=username, system_user=self.run_as)
return inv return inv
@lazyproperty @lazyproperty