diff --git a/apps/acls/models/login_acl.py b/apps/acls/models/login_acl.py index bdc1c8d9e..6e1fbff73 100644 --- a/apps/acls/models/login_acl.py +++ b/apps/acls/models/login_acl.py @@ -1,11 +1,10 @@ from django.db import models -from django.db.models import Q -from django.utils import timezone from django.utils.translation import ugettext_lazy as _ from .base import BaseACL, BaseACLQuerySet from common.utils import get_request_ip, get_ip_city from common.utils.ip import contains_ip from common.utils.time_period import contains_time_period +from common.utils.timezone import local_now_display class ACLManager(models.Manager): @@ -59,7 +58,9 @@ class LoginACL(BaseACL): @staticmethod def allow_user_confirm_if_need(user, ip): - acl = LoginACL.filter_acl(user).filter(action=LoginACL.ActionChoices.confirm).first() + acl = LoginACL.filter_acl(user).filter( + action=LoginACL.ActionChoices.confirm + ).first() acl = acl if acl and acl.reviewers.exists() else None if not acl: return False, acl @@ -71,7 +72,9 @@ class LoginACL(BaseACL): @staticmethod def allow_user_to_login(user, ip): - acl = LoginACL.filter_acl(user).exclude(action=LoginACL.ActionChoices.confirm).first() + acl = LoginACL.filter_acl(user).exclude( + action=LoginACL.ActionChoices.confirm + ).first() if not acl: return True, '' ip_group = acl.rules.get('ip_group') @@ -99,7 +102,7 @@ class LoginACL(BaseACL): login_ip = get_request_ip(request) if request else '' login_ip = login_ip or '0.0.0.0' login_city = get_ip_city(login_ip) - login_datetime = timezone.now().strftime('%Y-%m-%d %H:%M:%S') + login_datetime = local_now_display() ticket_meta = { 'apply_login_ip': login_ip, 'apply_login_city': login_city, diff --git a/apps/acls/serializers/login_acl.py b/apps/acls/serializers/login_acl.py index 78236ea64..47b909ad7 100644 --- a/apps/acls/serializers/login_acl.py +++ b/apps/acls/serializers/login_acl.py @@ -11,7 +11,7 @@ common_help_text = _('Format for comma-delimited string, with * indicating a mat class LoginACLSerializer(BulkModelSerializer): - user_display = serializers.ReadOnlyField(source='user.name', label=_('Username')) + user_display = serializers.ReadOnlyField(source='user.username', label=_('Username')) reviewers_display = serializers.SerializerMethodField(label=_('Reviewers')) action_display = serializers.ReadOnlyField(source='get_action_display', label=_('Action')) reviewers_amount = serializers.IntegerField(read_only=True, source='reviewers.count') diff --git a/apps/assets/signals_handler/authbook.py b/apps/assets/signals_handler/authbook.py index f42d8627e..513488763 100644 --- a/apps/assets/signals_handler/authbook.py +++ b/apps/assets/signals_handler/authbook.py @@ -37,8 +37,10 @@ def on_authbook_post_delete(sender, instance, **kwargs): def on_authbook_post_create(sender, instance, created, **kwargs): instance.sync_to_system_user_account() if created: + pass + # # 不再自动更新资产管理用户,只允许用户手动指定。 # 只在创建时进行更新资产的管理用户 - instance.update_asset_admin_user_if_need() + # instance.update_asset_admin_user_if_need() @receiver(pre_save, sender=AuthBook) diff --git a/apps/assets/tasks/common.py b/apps/assets/tasks/common.py index ad2749e29..06b656e24 100644 --- a/apps/assets/tasks/common.py +++ b/apps/assets/tasks/common.py @@ -23,5 +23,6 @@ def add_nodes_assets_to_system_users(nodes_keys, system_users): instance, created = AuthBook.objects.update_or_create( defaults=defaults, asset=asset, systemuser=system_user ) + # # 不再自动更新资产管理用户,只允许用户手动指定。 # 只要关联都需要更新资产的管理用户 - instance.update_asset_admin_user_if_need() + # instance.update_asset_admin_user_if_need() diff --git a/apps/authentication/templates/authentication/login_wait_confirm.html b/apps/authentication/templates/authentication/login_wait_confirm.html index e72a44738..518e2f03e 100644 --- a/apps/authentication/templates/authentication/login_wait_confirm.html +++ b/apps/authentication/templates/authentication/login_wait_confirm.html @@ -159,7 +159,9 @@ $(document).ready(function () { }).on('click', '.btn-return', function () { cancelTicket(); cancelCloseConfirm(); - window.location = "{% url 'authentication:login' %}" + setTimeout(() => { + window.location = "{% url 'authentication:login' %}" + }, 1000); }) diff --git a/apps/common/sdk/im/dingtalk/__init__.py b/apps/common/sdk/im/dingtalk/__init__.py index bd802a8d5..af57f2cf5 100644 --- a/apps/common/sdk/im/dingtalk/__init__.py +++ b/apps/common/sdk/im/dingtalk/__init__.py @@ -38,6 +38,7 @@ class URL: class DingTalkRequests(BaseRequest): invalid_token_errcodes = (ErrorCode.INVALID_TOKEN,) + msg_key = 'errmsg' def __init__(self, appid, appsecret, agentid, timeout=None): self._appid = appid or '' diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo index aa4a2071d..8d7ab082e 100644 --- a/apps/locale/zh/LC_MESSAGES/django.mo +++ b/apps/locale/zh/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:cc8a022ddc7438e50aa0cdb4ce24eec327638143731dbe0ed0ad783df06ecbaf -size 89882 +oid sha256:bdad14124356449843ef2e77801fd1add5147862488baa2f24f5f14f1ad8f125 +size 90869 diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index 763d0a248..64cea435b 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -98,7 +98,7 @@ msgstr "用户" #: acls/models/login_acl.py:29 msgid "Rule" -msgstr "" +msgstr "规则" #: acls/models/login_acl.py:32 acls/models/login_asset_acl.py:26 #: acls/serializers/login_acl.py:16 acls/serializers/login_asset_acl.py:75 @@ -240,7 +240,7 @@ msgstr "" #: acls/serializers/rules/rules.py:34 msgid "Time Period" -msgstr "" +msgstr "时段" #: applications/api/mixin.py:20 templates/_nav_user.html:10 msgid "My applications" @@ -927,7 +927,7 @@ msgstr "Ad 网域" #: assets/serializers/system_user.py:60 msgid "Is asset protocol" -msgstr "" +msgstr "资产协议" #: assets/serializers/system_user.py:100 msgid "Username same with user with protocol {} only allow 1" @@ -2427,7 +2427,7 @@ msgstr "监控告警" #: ops/notifications.py:22 msgid "Terminal health check warning" -msgstr "" +msgstr "终端健康状况检查警告" #: ops/notifications.py:63 #, python-brace-format @@ -4392,7 +4392,7 @@ msgstr "忽略证书认证" #: terminal/serializers/terminal.py:44 msgid "Load status" -msgstr "" +msgstr "负载状态" #: terminal/serializers/terminal.py:83 terminal/serializers/terminal.py:91 msgid "Not found" diff --git a/apps/settings/serializers/other.py b/apps/settings/serializers/other.py index 65e1e5e07..a999ae6fe 100644 --- a/apps/settings/serializers/other.py +++ b/apps/settings/serializers/other.py @@ -9,7 +9,7 @@ class OtherSettingSerializer(serializers.Serializer): ) OTP_ISSUER_NAME = serializers.CharField( - required=False, max_length=1024, label=_('OTP issuer name'), + required=False, max_length=16, label=_('OTP issuer name'), ) OTP_VALID_WINDOW = serializers.IntegerField( min_value=1, max_value=10, diff --git a/apps/settings/utils/ldap.py b/apps/settings/utils/ldap.py index 890ac32e8..cb65d5539 100644 --- a/apps/settings/utils/ldap.py +++ b/apps/settings/utils/ldap.py @@ -184,7 +184,7 @@ class LDAPServerUtil(object): if attr == 'is_active' and mapping.lower() == 'useraccountcontrol' \ and value: value = int(value) & LDAP_AD_ACCOUNT_DISABLE != LDAP_AD_ACCOUNT_DISABLE - user[attr] = value + user[attr] = value.strip() if isinstance(value, str) else value return user def user_entries_to_dict(self, user_entries): diff --git a/apps/templates/flash_message_standalone.html b/apps/templates/flash_message_standalone.html index 463d6c00e..c038beb41 100644 --- a/apps/templates/flash_message_standalone.html +++ b/apps/templates/flash_message_standalone.html @@ -31,7 +31,7 @@ {% if confirm_button %} {{ confirm_button }} {% else %} - {% trans 'Go' %} + {% trans 'Confirm' %} {% endif %} diff --git a/apps/tickets/api/ticket.py b/apps/tickets/api/ticket.py index 82fd8bd55..0c9b1d104 100644 --- a/apps/tickets/api/ticket.py +++ b/apps/tickets/api/ticket.py @@ -30,7 +30,7 @@ class TicketViewSet(CommonApiMixin, viewsets.ModelViewSet): 'title', 'action', 'type', 'status', 'applicant_display' ] ordering_fields = ('title', 'applicant_display', 'status', 'state', 'action_display', 'date_created') - ordering = ('title', ) + ordering = ('-date_created', ) def create(self, request, *args, **kwargs): raise MethodNotAllowed(self.action) diff --git a/apps/tickets/serializers/ticket/meta/ticket_type/apply_application.py b/apps/tickets/serializers/ticket/meta/ticket_type/apply_application.py index 46ef5386d..c3f75ed6d 100644 --- a/apps/tickets/serializers/ticket/meta/ticket_type/apply_application.py +++ b/apps/tickets/serializers/ticket/meta/ticket_type/apply_application.py @@ -80,12 +80,11 @@ class ApplySerializer(serializers.Serializer): applications = Application.objects.filter(id__in=apply_applications, type=type).values_list('id', flat=True) return list(applications) - def validate_apply_date_expired(self, value): - date_start = self.root.initial_data['meta'].get('apply_date_start') - date_start = datetime.strptime(date_start, '%Y-%m-%dT%H:%M:%S.%fZ') - date_expired = self.root.initial_data['meta'].get('apply_date_expired') - date_expired = datetime.strptime(date_expired, '%Y-%m-%dT%H:%M:%S.%fZ') - if date_expired <= date_start: + def validate(self, attrs): + apply_date_start = attrs['apply_date_start'] + apply_date_expired = attrs['apply_date_expired'] + + if apply_date_expired <= apply_date_start: error = _('The expiration date should be greater than the start date') - raise serializers.ValidationError(error) - return value + raise serializers.ValidationError({'apply_date_expired': error}) + return attrs diff --git a/apps/tickets/serializers/ticket/meta/ticket_type/apply_asset.py b/apps/tickets/serializers/ticket/meta/ticket_type/apply_asset.py index 2be6da2a7..a4b78e7d5 100644 --- a/apps/tickets/serializers/ticket/meta/ticket_type/apply_asset.py +++ b/apps/tickets/serializers/ticket/meta/ticket_type/apply_asset.py @@ -63,12 +63,11 @@ class ApplySerializer(serializers.Serializer): 'Permission named `{}` already exists'.format(permission_name) )) - def validate_apply_date_expired(self, value): - date_start = self.root.initial_data['meta'].get('apply_date_start') - date_start = datetime.strptime(date_start, '%Y-%m-%dT%H:%M:%S.%fZ') - date_expired = self.root.initial_data['meta'].get('apply_date_expired') - date_expired = datetime.strptime(date_expired, '%Y-%m-%dT%H:%M:%S.%fZ') - if date_expired <= date_start: + def validate(self, attrs): + apply_date_start = attrs['apply_date_start'] + apply_date_expired = attrs['apply_date_expired'] + + if apply_date_expired <= apply_date_start: error = _('The expiration date should be greater than the start date') - raise serializers.ValidationError(error) - return value + raise serializers.ValidationError({'apply_date_expired': error}) + return attrs diff --git a/apps/tickets/serializers/ticket/ticket.py b/apps/tickets/serializers/ticket/ticket.py index 82ac70122..636f06f4a 100644 --- a/apps/tickets/serializers/ticket/ticket.py +++ b/apps/tickets/serializers/ticket/ticket.py @@ -160,7 +160,7 @@ class TicketFlowApproveSerializer(serializers.ModelSerializer): def validate(self, attrs): if attrs['strategy'] == TicketApprovalStrategy.custom_user and not attrs.get('assignees'): error = _('Please select the Assignees') - raise serializers.ValidationError(error) + raise serializers.ValidationError({'assignees': error}) return super().validate(attrs) diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py index d0357db8a..021437edc 100644 --- a/apps/users/serializers/user.py +++ b/apps/users/serializers/user.py @@ -70,6 +70,7 @@ class UserSerializer(CommonBulkSerializerMixin, serializers.ModelSerializer): read_only_fields = [ 'date_joined', 'last_login', 'created_by', 'is_first_login', + 'wecom_id', 'dingtalk_id', 'feishu_id' ] extra_kwargs = { 'password': {'write_only': True, 'required': False, 'allow_null': True, 'allow_blank': True},