perf: 配置CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED 对改密的特权账号过滤 (#10033)

Co-authored-by: feng <1304903146@qq.com>

apps/accounts/automations/change_secret/manager.py

@@ -76,6 +76,9 @@ class ChangeSecretManager(AccountBasePlaybookManager):
         accounts = accounts.filter(id__in=self.account_ids)
         if self.secret_type:
             accounts = accounts.filter(secret_type=self.secret_type)
+
+        if settings.CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED:
+            accounts = accounts.filter(privileged=False)
         return accounts
 
     def host_callback(

apps/settings/serializers/security.py

@@ -168,9 +168,6 @@ class SecuritySettingSerializer(SecurityPasswordRuleSerializer, SecurityAuthSeri
     SECURITY_LUNA_REMEMBER_AUTH = serializers.BooleanField(
         label=_("Remember manual auth")
     )
-    CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED = serializers.BooleanField(
-        label=_("Enable change auth secure mode")
-    )
     SECURITY_INSECURE_COMMAND = serializers.BooleanField(
         required=False, label=_('Insecure command alert')
     )