Merge pull request #9680 from jumpserver/pr@dev@perf_account_chagne_secret

perf: 修改 acount
2023-02-22 11:29:18 +08:00 · 2023-02-22 11:29:18 +08:00 · 5d61d843f3
parent f103fa22c9 0996b1fbf5
commit 5d61d843f3
11 changed files with 22 additions and 71 deletions
--- a/apps/accounts/automations/change_secret/manager.py
+++ b/apps/accounts/automations/change_secret/manager.py
@ -86,6 +86,10 @@ class ChangeSecretManager(AccountBasePlaybookManager):
            accounts = accounts.filter(username__in=self.snapshot_account_usernames)
        accounts = accounts.filter(secret_type=self.secret_type)
        if not accounts:
            print('没有发现待改密账号: %s 用户名: %s 类型: %s' % (asset.name, account.username, self.secret_type))
            return []
        method_attr = getattr(automation, self.method_type() + '_method')
        method_hosts = self.method_hosts_mapper[method_attr]
        method_hosts = [h for h in method_hosts if h != host['name']]
@ -137,8 +141,10 @@ class ChangeSecretManager(AccountBasePlaybookManager):
        recorder.status = 'success'
        recorder.date_finished = timezone.now()
        recorder.save()
        print('recorder.new_secret', recorder.new_secret)
        account = recorder.account
        if not account:
            print("Account not found, deleted ?", recorder)
            return
        account.secret = recorder.new_secret
        account.save(update_fields=['secret'])
--- a/apps/accounts/automations/push_account/manager.py
+++ b/apps/accounts/automations/push_account/manager.py
@ -36,7 +36,7 @@ class PushAccountManager(ChangeSecretManager, AccountBasePlaybookManager):
    def get_accounts(self, privilege_account, accounts: QuerySet):
        if not privilege_account:
-            logger.debug(f'not privilege account')
+            print(f'not privilege account')
            return []
        snapshot_account_usernames = self.execution.snapshot['accounts']
        if '*' in snapshot_account_usernames:
--- a/apps/accounts/migrations/0008_alter_account_options.py
+++ b/apps/accounts/migrations/0008_alter_account_options.py
@ -1,17 +0,0 @@
 # Generated by Django 3.2.14 on 2023-02-21 05:13
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0007_alter_account_options'),
    ]
    operations = [
        migrations.AlterModelOptions(
            name='account',
            options={'permissions': [('view_accountsecret', 'Can view asset account secret'), ('view_historyaccount', 'Can view asset history account'), ('view_historyaccountsecret', 'Can view asset history account secret'), ('verify_account', 'Can verify account'), ('push_account', 'Can push account')], 'verbose_name': 'Account'},
        ),
    ]
--- a/apps/accounts/models/account.py
+++ b/apps/accounts/models/account.py
@ -68,6 +68,9 @@ class Account(AbsConnectivity, BaseAccount):
            ('push_account', _('Can push account')),
        ]
    def __str__(self):
        return '{}'.format(self.username)
    @lazyproperty
    def platform(self):
        return self.asset.platform
@ -78,9 +81,6 @@ class Account(AbsConnectivity, BaseAccount):
            return self.username
        return self.name
    def __str__(self):
        return '{}'.format(self.username)
    @lazyproperty
    def has_secret(self):
        return bool(self.secret)
@ -99,14 +99,6 @@ class Account(AbsConnectivity, BaseAccount):
        """ 排除自己和以自己为 su-from 的账号 """
        return self.asset.accounts.exclude(id=self.id).exclude(su_from=self)
    def secret_changed(self):
        history = self.history.first()
        if not history:
            return True
        if history.secret != self.secret or history.secret_type != self.secret_type:
            return True
        return False
 class AccountTemplate(BaseAccount):
    class Meta:
--- a/apps/accounts/serializers/account/account.py
+++ b/apps/accounts/serializers/account/account.py
@ -43,7 +43,7 @@ class AccountSerializerCreateValidateMixin:
    def push_account(instance, push_now):
        if not push_now:
            return
-        push_accounts_to_assets_task.delay([instance.id], [instance.asset_id])
+        push_accounts_to_assets_task.delay([instance.id])
    def create(self, validated_data):
        push_now = validated_data.pop('push_now', None)
@ -102,7 +102,7 @@ class AccountSerializer(AccountSerializerCreateMixin, BaseAccountSerializer):
    class Meta(BaseAccountSerializer.Meta):
        model = Account
        fields = BaseAccountSerializer.Meta.fields \
-                 + ['su_from', 'version', 'asset'] \
+                 + ['su_from', 'asset'] \
                 + ['template', 'push_now', 'source']
        extra_kwargs = {
            **BaseAccountSerializer.Meta.extra_kwargs,
--- a/apps/accounts/signal_handlers.py
+++ b/apps/accounts/signal_handlers.py
@ -1,17 +1,3 @@
 from django.db.models.signals import pre_save
 from django.dispatch import receiver
 from common.utils import get_logger
 from .models import Account
 logger = get_logger(__name__)
@receiver(pre_save, sender=Account)
 def on_account_pre_create(sender, instance, update_fields=(), **kwargs):
    # 这是创建时
    if instance.version == 0 or instance.secret_changed():
        instance.version += 1
    # 即使在 root 组织也不怕
    instance.org_id = instance.asset.org_id
--- a/apps/assets/api/asset/asset.py
+++ b/apps/assets/api/asset/asset.py
@ -207,9 +207,9 @@ class AssetTaskCreateApi(AssetsTaskMixin, generics.CreateAPIView):
        asset_ids = [asset.id]
        account_ids = accounts.values_list("id", flat=True)
        if action == "push_account":
-            task = push_accounts_to_assets_task.delay(account_ids, asset_ids)
+            task = push_accounts_to_assets_task.delay(account_ids)
        elif action == "test_account":
-            task = verify_accounts_connectivity_task.delay(account_ids, asset_ids)
+            task = verify_accounts_connectivity_task.delay(account_ids)
        else:
            task = None
        return task
--- a/apps/assets/automations/base/manager.py
+++ b/apps/assets/automations/base/manager.py
@ -64,7 +64,7 @@ class BasePlaybookManager:
        if not os.path.exists(path):
            os.makedirs(path, exist_ok=True, mode=0o755)
        if settings.DEBUG_DEV:
-            logger.debug('Ansible runtime dir: {}'.format(path))
+            print(f'Ansible runtime dir: {path}')
        return path
    @staticmethod
@ -153,10 +153,9 @@ class BasePlaybookManager:
        return sub_playbook_path
    def get_runners(self):
        # TODO 临时打印一下 找一下打印不出日志的原因
        print('ansible runner: 任务开始执行')
        assets_group_by_platform = self.get_assets_group_by_platform()
-        print('ansible runner: 获取资产分组', assets_group_by_platform)
+        if settings.DEBUG_DEV:
            print("assets_group_by_platform: {}".format(assets_group_by_platform))
        runners = []
        for platform, assets in assets_group_by_platform.items():
            assets_bulked = [assets[i:i + self.bulk_size] for i in range(0, len(assets), self.bulk_size)]
@ -216,6 +215,7 @@ class BasePlaybookManager:
        with open(path, 'r') as f:
            d = json.load(f)
        def delete_keys(d, keys_to_delete):
            """
            递归函数：删除嵌套字典中的指定键
@ -229,6 +229,7 @@ class BasePlaybookManager:
                else:
                    delete_keys(d[key], keys_to_delete)
            return d
        d = delete_keys(d, ['secret', 'ansible_password'])
        with open(path, 'w') as f:
            json.dump(d, f)
--- a/apps/assets/migrations/0109_alter_asset_options.py
+++ b/apps/assets/migrations/0109_alter_asset_options.py
@ -12,6 +12,6 @@ class Migration(migrations.Migration):
    operations = [
        migrations.AlterModelOptions(
            name='asset',
-            options={'ordering': ['name'], 'permissions': [('refresh_assethardwareinfo', 'Can refresh asset hardware info'), ('test_assetconnectivity', 'Can test asset connectivity'), ('push_assetaccount', 'Can push account to asset'), ('test_account', 'Can verify account'), ('match_asset', 'Can match asset'), ('change_assettonode', 'Can change asset nodes')], 'verbose_name': 'Asset'},
+            options={'ordering': ['name'], 'permissions': [('refresh_assethardwareinfo', 'Can refresh asset hardware info'), ('test_assetconnectivity', 'Can test asset connectivity'), ('match_asset', 'Can match asset'), ('change_assetnodes', 'Can change asset nodes')], 'verbose_name': 'Asset'},
        ),
    ]
--- a/apps/assets/migrations/0110_alter_asset_options.py
+++ b/apps/assets/migrations/0110_alter_asset_options.py
@ -1,17 +0,0 @@
 # Generated by Django 3.2.14 on 2023-02-21 05:11
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('assets', '0109_alter_asset_options'),
    ]
    operations = [
        migrations.AlterModelOptions(
            name='asset',
            options={'ordering': ['name'], 'permissions': [('refresh_assethardwareinfo', 'Can refresh asset hardware info'), ('test_assetconnectivity', 'Can test asset connectivity'), ('match_asset', 'Can match asset'), ('change_assetnodes', 'Can change asset nodes')], 'verbose_name': 'Asset'},
        ),
    ]
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@ -530,7 +530,7 @@ class Config(dict):
        'PERIOD_TASK_ENABLED': True,
        # 导航栏 帮助
-        'HELP_DOCUMENT_URL': 'http://docs.jumpserver.org',
+        'HELP_DOCUMENT_URL': 'https://docs.jumpserver.org/zh/v3/',
        'HELP_SUPPORT_URL': 'http://www.jumpserver.org/support/',
        'FORGOT_PASSWORD_URL': '',