Browse Source

feat: 历史账号定期删除 可设置保留数量

pull/12487/head
feng 11 months ago committed by Bryan
parent
commit
4dd72b109f
  1. 48
      apps/accounts/tasks/remove_account.py
  2. 2
      apps/jumpserver/conf.py
  3. 2
      apps/jumpserver/settings/auth.py
  4. 11
      apps/settings/serializers/feature.py

48
apps/accounts/tasks/remove_account.py

@ -1,9 +1,19 @@
from celery import shared_task import uuid
from collections import defaultdict
from celery import shared_task, current_task
from django.conf import settings
from django.db.models import Count
from django.utils.translation import gettext_noop, gettext_lazy as _ from django.utils.translation import gettext_noop, gettext_lazy as _
from accounts.const import AutomationTypes from accounts.const import AutomationTypes
from accounts.models import Account
from accounts.tasks.common import quickstart_automation_by_snapshot from accounts.tasks.common import quickstart_automation_by_snapshot
from audits.const import ActivityChoices
from common.const.crontab import CRONTAB_AT_AM_TWO
from common.utils import get_logger from common.utils import get_logger
from ops.celery.decorator import register_as_period_task
from orgs.utils import tmp_to_root_org
logger = get_logger(__file__) logger = get_logger(__file__)
@ -29,3 +39,39 @@ def remove_accounts_task(gather_account_ids):
tp = AutomationTypes.remove_account tp = AutomationTypes.remove_account
quickstart_automation_by_snapshot(task_name, tp, task_snapshot) quickstart_automation_by_snapshot(task_name, tp, task_snapshot)
@shared_task(verbose_name=_('Clean historical accounts'))
@register_as_period_task(crontab=CRONTAB_AT_AM_TWO)
@tmp_to_root_org()
def clean_historical_accounts():
from audits.signal_handlers import create_activities
print("Clean historical accounts start.")
if settings.HISTORY_ACCOUNT_CLEAN_LIMIT >= 999:
return
limit = settings.HISTORY_ACCOUNT_CLEAN_LIMIT
history_ids_to_be_deleted = []
history_model = Account.history.model
history_id_mapper = defaultdict(list)
ids = history_model.objects.values('id').annotate(count=Count('id')) \
.filter(count__gte=limit).values_list('id', flat=True)
if not ids:
return
for i in history_model.objects.filter(id__in=ids):
_id = str(i.id)
history_id_mapper[_id].append(i.history_id)
for history_ids in history_id_mapper.values():
history_ids_to_be_deleted.extend(history_ids[limit:])
history_qs = history_model.objects.filter(history_id__in=history_ids_to_be_deleted)
resource_ids = list(history_qs.values_list('history_id', flat=True))
history_qs.delete()
task_id = current_task.request.id if current_task else str(uuid.uuid4())
detail = gettext_noop('Remove historical accounts that are out of range.')
create_activities(resource_ids, detail, task_id, action=ActivityChoices.task, org_id='')

2
apps/jumpserver/conf.py

@ -261,6 +261,8 @@ class Config(dict):
'VAULT_HCP_TOKEN': '', 'VAULT_HCP_TOKEN': '',
'VAULT_HCP_MOUNT_POINT': 'jumpserver', 'VAULT_HCP_MOUNT_POINT': 'jumpserver',
'HISTORY_ACCOUNT_CLEAN_LIMIT': 999,
# Cache login password # Cache login password
'CACHE_LOGIN_PASSWORD_ENABLED': False, 'CACHE_LOGIN_PASSWORD_ENABLED': False,
'CACHE_LOGIN_PASSWORD_TTL': 60 * 60 * 24, 'CACHE_LOGIN_PASSWORD_TTL': 60 * 60 * 24,

2
apps/jumpserver/settings/auth.py

@ -190,6 +190,8 @@ VAULT_HCP_HOST = CONFIG.VAULT_HCP_HOST
VAULT_HCP_TOKEN = CONFIG.VAULT_HCP_TOKEN VAULT_HCP_TOKEN = CONFIG.VAULT_HCP_TOKEN
VAULT_HCP_MOUNT_POINT = CONFIG.VAULT_HCP_MOUNT_POINT VAULT_HCP_MOUNT_POINT = CONFIG.VAULT_HCP_MOUNT_POINT
HISTORY_ACCOUNT_CLEAN_LIMIT = CONFIG.HISTORY_ACCOUNT_CLEAN_LIMIT
# Other setting # Other setting
# 这个是 User Login Private Token # 这个是 User Login Private Token
TOKEN_EXPIRATION = CONFIG.TOKEN_EXPIRATION TOKEN_EXPIRATION = CONFIG.TOKEN_EXPIRATION

11
apps/settings/serializers/feature.py

@ -55,6 +55,17 @@ class VaultSettingSerializer(serializers.Serializer):
max_length=256, allow_blank=True, required=False, label=_('Mount Point') max_length=256, allow_blank=True, required=False, label=_('Mount Point')
) )
HISTORY_ACCOUNT_CLEAN_LIMIT = serializers.IntegerField(
default=999, max_value=999, min_value=1,
required=False, label=_('History Account Count'),
help_text=_(
'If the specific value is less than 999, '
'the system will automatically perform a task every night: '
'check and delete historical accounts that exceed the predetermined number. '
'If the value reaches or exceeds 999, no historical account deletion will be performed.'
)
)
class ChatAISettingSerializer(serializers.Serializer): class ChatAISettingSerializer(serializers.Serializer):
PREFIX_TITLE = _('Chat AI') PREFIX_TITLE = _('Chat AI')

Loading…
Cancel
Save