mirror of https://github.com/jumpserver/jumpserver
commit
6319be0ea3
|
@ -31,7 +31,7 @@ class ExistAssetPrimaryKeyRelatedField(serializers.PrimaryKeyRelatedField):
|
|||
|
||||
|
||||
class RemoteAppSerializer(serializers.Serializer):
|
||||
asset_info = serializers.SerializerMethodField()
|
||||
asset_info = serializers.SerializerMethodField(label=_('Asset Info'))
|
||||
asset = ExistAssetPrimaryKeyRelatedField(
|
||||
queryset=Asset.objects, required=True, label=_("Asset"), allow_null=True
|
||||
)
|
||||
|
|
|
@ -231,7 +231,9 @@ class ConnectionTokenViewSet(ConnectionTokenMixin, RootOrgViewMixin, JMSModelVie
|
|||
'get_rdp_file': 'authentication.add_connectiontoken',
|
||||
'get_client_protocol_url': 'authentication.add_connectiontoken',
|
||||
}
|
||||
queryset = ConnectionToken.objects.all()
|
||||
|
||||
def get_queryset(self):
|
||||
return ConnectionToken.objects.filter(user=self.request.user)
|
||||
|
||||
def create_connection_token(self):
|
||||
data = self.request.query_params if self.request.method == 'GET' else self.request.data
|
||||
|
|
|
@ -228,6 +228,13 @@ class ConnectionToken(OrgModelMixin, models.JMSModel):
|
|||
return {}
|
||||
return self.application.get_rdp_remote_app_setting()
|
||||
|
||||
@lazyproperty
|
||||
def asset_or_remote_app_asset(self):
|
||||
if self.asset:
|
||||
return self.asset
|
||||
if self.application and self.application.category_remote_app:
|
||||
return self.application.get_remote_app_asset()
|
||||
|
||||
@lazyproperty
|
||||
def cmd_filter_rules(self):
|
||||
from assets.models import CommandFilterRule
|
||||
|
|
|
@ -177,7 +177,7 @@ class ConnectionTokenCmdFilterRuleSerializer(serializers.ModelSerializer):
|
|||
|
||||
class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
|
||||
user = ConnectionTokenUserSerializer(read_only=True)
|
||||
asset = ConnectionTokenAssetSerializer(read_only=True)
|
||||
asset = ConnectionTokenAssetSerializer(read_only=True, source='asset_or_remote_app_asset')
|
||||
application = ConnectionTokenApplicationSerializer(read_only=True)
|
||||
remote_app = ConnectionTokenRemoteAppSerializer(read_only=True)
|
||||
system_user = ConnectionTokenSystemUserSerializer(read_only=True)
|
||||
|
|
|
@ -8,12 +8,14 @@ from django.utils import timezone
|
|||
from django.db import models
|
||||
from django.db.models.signals import post_save, pre_save
|
||||
|
||||
|
||||
UUID_PATTERN = re.compile(r'[0-9a-zA-Z\-]{36}')
|
||||
|
||||
|
||||
def reverse(view_name, urlconf=None, args=None, kwargs=None,
|
||||
current_app=None, external=False, api_to_ui=False):
|
||||
def reverse(
|
||||
view_name, urlconf=None, args=None, kwargs=None,
|
||||
current_app=None, external=False, api_to_ui=False,
|
||||
is_console=False, is_audit=False, is_workbench=False
|
||||
):
|
||||
url = dj_reverse(view_name, urlconf=urlconf, args=args,
|
||||
kwargs=kwargs, current_app=current_app)
|
||||
|
||||
|
@ -21,7 +23,15 @@ def reverse(view_name, urlconf=None, args=None, kwargs=None,
|
|||
site_url = settings.SITE_URL
|
||||
url = site_url.strip('/') + url
|
||||
if api_to_ui:
|
||||
url = url.replace('api/v1', 'ui/#').rstrip('/')
|
||||
replace_str = 'ui/#'
|
||||
if is_console:
|
||||
replace_str += '/console'
|
||||
elif is_audit:
|
||||
replace_str += '/audit'
|
||||
elif is_workbench:
|
||||
replace_str += '/workbench'
|
||||
|
||||
url = url.replace('api/v1', replace_str).rstrip('/')
|
||||
return url
|
||||
|
||||
|
||||
|
@ -38,7 +48,7 @@ def date_expired_default():
|
|||
years = int(settings.DEFAULT_EXPIRED_YEARS)
|
||||
except TypeError:
|
||||
years = 70
|
||||
return timezone.now() + timezone.timedelta(days=365*years)
|
||||
return timezone.now() + timezone.timedelta(days=365 * years)
|
||||
|
||||
|
||||
def union_queryset(*args, base_queryset=None):
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:4d5cc27fc996896f8cba5773c99de59ff854f7ef1ae8c470d5c74bb6b371e6ed
|
||||
size 128472
|
||||
oid sha256:0f2fdd3a7bd34a26d068fc6ce521d0ea9983c477b13536ba3f51700a554d4ae3
|
||||
size 128706
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-07-15 17:15+0800\n"
|
||||
"POT-Creation-Date: 2022-07-19 10:45+0800\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
@ -88,8 +88,8 @@ msgstr "ログイン確認"
|
|||
#: acls/models/login_acl.py:24 acls/models/login_asset_acl.py:20
|
||||
#: assets/models/cmd_filter.py:30 assets/models/label.py:15 audits/models.py:37
|
||||
#: audits/models.py:62 audits/models.py:87 audits/serializers.py:100
|
||||
#: authentication/models.py:54 authentication/models.py:78 orgs/models.py:214
|
||||
#: perms/models/base.py:84 rbac/builtin.py:117 rbac/models/rolebinding.py:41
|
||||
#: authentication/models.py:54 authentication/models.py:78 orgs/models.py:215
|
||||
#: perms/models/base.py:84 rbac/builtin.py:120 rbac/models/rolebinding.py:41
|
||||
#: terminal/backends/command/models.py:20
|
||||
#: terminal/backends/command/serializers.py:13 terminal/models/session.py:44
|
||||
#: terminal/models/sharing.py:33 terminal/notifications.py:91
|
||||
|
@ -363,7 +363,7 @@ msgstr "タイプ表示"
|
|||
#: assets/serializers/account.py:18 assets/serializers/cmd_filter.py:28
|
||||
#: assets/serializers/cmd_filter.py:48 common/db/models.py:114
|
||||
#: common/mixins/models.py:50 ops/models/adhoc.py:39 ops/models/command.py:30
|
||||
#: orgs/models.py:67 orgs/models.py:217 perms/models/base.py:92
|
||||
#: orgs/models.py:67 orgs/models.py:218 perms/models/base.py:92
|
||||
#: users/models/group.py:18 users/models/user.py:922
|
||||
#: xpack/plugins/cloud/models.py:125
|
||||
msgid "Date created"
|
||||
|
@ -373,7 +373,7 @@ msgstr "作成された日付"
|
|||
#: assets/models/gathered_user.py:20 assets/serializers/account.py:21
|
||||
#: assets/serializers/cmd_filter.py:29 assets/serializers/cmd_filter.py:49
|
||||
#: common/db/models.py:115 common/mixins/models.py:51 ops/models/adhoc.py:40
|
||||
#: orgs/models.py:218
|
||||
#: orgs/models.py:219
|
||||
msgid "Date updated"
|
||||
msgstr "更新日"
|
||||
|
||||
|
@ -412,6 +412,10 @@ msgstr "ホスト"
|
|||
msgid "Port"
|
||||
msgstr "ポート"
|
||||
|
||||
#: applications/serializers/attrs/application_category/remote_app.py:34
|
||||
msgid "Asset Info"
|
||||
msgstr "資産情報"
|
||||
|
||||
#: applications/serializers/attrs/application_category/remote_app.py:39
|
||||
#: applications/serializers/attrs/application_type/chrome.py:14
|
||||
#: applications/serializers/attrs/application_type/mysql_workbench.py:14
|
||||
|
@ -624,7 +628,7 @@ msgstr "ラベル"
|
|||
#: assets/models/cluster.py:28 assets/models/cmd_filter.py:52
|
||||
#: assets/models/cmd_filter.py:99 assets/models/group.py:21
|
||||
#: common/db/models.py:112 common/mixins/models.py:49 orgs/models.py:66
|
||||
#: orgs/models.py:219 perms/models/base.py:91 users/models/user.py:706
|
||||
#: orgs/models.py:220 perms/models/base.py:91 users/models/user.py:706
|
||||
#: users/serializers/group.py:33
|
||||
#: xpack/plugins/change_auth_plan/models/base.py:48
|
||||
#: xpack/plugins/cloud/models.py:122 xpack/plugins/gathered_user/models.py:30
|
||||
|
@ -735,7 +739,7 @@ msgid "Trigger mode"
|
|||
msgstr "トリガーモード"
|
||||
|
||||
#: assets/models/backup.py:119 audits/models.py:127
|
||||
#: terminal/models/sharing.py:106
|
||||
#: terminal/models/sharing.py:108
|
||||
#: xpack/plugins/change_auth_plan/models/base.py:201
|
||||
#: xpack/plugins/change_auth_plan/serializers/app.py:66
|
||||
#: xpack/plugins/change_auth_plan/serializers/asset.py:180
|
||||
|
@ -1435,7 +1439,7 @@ msgid "Symlink"
|
|||
msgstr "Symlink"
|
||||
|
||||
#: audits/models.py:38 audits/models.py:66 audits/models.py:89
|
||||
#: terminal/models/session.py:51 terminal/models/sharing.py:94
|
||||
#: terminal/models/session.py:51 terminal/models/sharing.py:96
|
||||
msgid "Remote addr"
|
||||
msgstr "リモートaddr"
|
||||
|
||||
|
@ -1447,7 +1451,7 @@ msgstr "操作"
|
|||
msgid "Filename"
|
||||
msgstr "ファイル名"
|
||||
|
||||
#: audits/models.py:43 audits/models.py:117 terminal/models/sharing.py:102
|
||||
#: audits/models.py:43 audits/models.py:117 terminal/models/sharing.py:104
|
||||
#: tickets/views/approve.py:115
|
||||
#: xpack/plugins/change_auth_plan/serializers/app.py:87
|
||||
#: xpack/plugins/change_auth_plan/serializers/asset.py:198
|
||||
|
@ -3025,7 +3029,7 @@ msgid "App organizations"
|
|||
msgstr "アプリ組織"
|
||||
|
||||
#: orgs/mixins/models.py:57 orgs/mixins/serializers.py:25 orgs/models.py:80
|
||||
#: orgs/models.py:211 rbac/const.py:7 rbac/models/rolebinding.py:48
|
||||
#: orgs/models.py:212 rbac/const.py:7 rbac/models/rolebinding.py:48
|
||||
#: rbac/serializers/rolebinding.py:40 settings/serializers/auth/ldap.py:62
|
||||
#: tickets/models/ticket/general.py:300 tickets/serializers/ticket/ticket.py:71
|
||||
msgid "Organization"
|
||||
|
@ -3039,7 +3043,11 @@ msgstr "グローバル組織"
|
|||
msgid "Can view root org"
|
||||
msgstr "グローバル組織を表示できます"
|
||||
|
||||
#: orgs/models.py:216 rbac/models/role.py:46 rbac/models/rolebinding.py:44
|
||||
#: orgs/models.py:83
|
||||
msgid "Can view all joined org"
|
||||
msgstr "参加しているすべての組織を表示できます"
|
||||
|
||||
#: orgs/models.py:217 rbac/models/role.py:46 rbac/models/rolebinding.py:44
|
||||
#: users/models/user.py:671
|
||||
msgid "Role"
|
||||
msgstr "ロール"
|
||||
|
@ -3260,27 +3268,27 @@ msgstr "{} 少なくとも1つのシステムロール"
|
|||
msgid "RBAC"
|
||||
msgstr "RBAC"
|
||||
|
||||
#: rbac/builtin.py:108
|
||||
#: rbac/builtin.py:111
|
||||
msgid "SystemAdmin"
|
||||
msgstr "システム管理者"
|
||||
|
||||
#: rbac/builtin.py:111
|
||||
#: rbac/builtin.py:114
|
||||
msgid "SystemAuditor"
|
||||
msgstr "システム監査人"
|
||||
|
||||
#: rbac/builtin.py:114
|
||||
#: rbac/builtin.py:117
|
||||
msgid "SystemComponent"
|
||||
msgstr "システムコンポーネント"
|
||||
|
||||
#: rbac/builtin.py:120
|
||||
#: rbac/builtin.py:123
|
||||
msgid "OrgAdmin"
|
||||
msgstr "組織管理者"
|
||||
|
||||
#: rbac/builtin.py:123
|
||||
#: rbac/builtin.py:126
|
||||
msgid "OrgAuditor"
|
||||
msgstr "監査員を組織する"
|
||||
|
||||
#: rbac/builtin.py:126
|
||||
#: rbac/builtin.py:129
|
||||
msgid "OrgUser"
|
||||
msgstr "組織ユーザー"
|
||||
|
||||
|
@ -3336,18 +3344,22 @@ msgstr "組織の役割"
|
|||
msgid "Role binding"
|
||||
msgstr "ロールバインディング"
|
||||
|
||||
#: rbac/models/rolebinding.py:159
|
||||
#: rbac/models/rolebinding.py:137
|
||||
msgid "All organizations"
|
||||
msgstr "全ての組織"
|
||||
|
||||
#: rbac/models/rolebinding.py:166
|
||||
msgid ""
|
||||
"User last role in org, can not be delete, you can remove user from org "
|
||||
"instead"
|
||||
msgstr ""
|
||||
"ユーザーの最後のロールは削除できません。ユーザーを組織から削除できます。"
|
||||
|
||||
#: rbac/models/rolebinding.py:166
|
||||
#: rbac/models/rolebinding.py:173
|
||||
msgid "Organization role binding"
|
||||
msgstr "組織の役割バインディング"
|
||||
|
||||
#: rbac/models/rolebinding.py:181
|
||||
#: rbac/models/rolebinding.py:188
|
||||
msgid "System role binding"
|
||||
msgstr "システムロールバインディング"
|
||||
|
||||
|
@ -4775,7 +4787,7 @@ msgid "Output"
|
|||
msgstr "出力"
|
||||
|
||||
#: terminal/backends/command/models.py:25 terminal/models/replay.py:9
|
||||
#: terminal/models/sharing.py:19 terminal/models/sharing.py:76
|
||||
#: terminal/models/sharing.py:19 terminal/models/sharing.py:78
|
||||
#: terminal/templates/terminal/_msg_command_alert.html:10
|
||||
#: tickets/models/ticket/command_confirm.py:20
|
||||
msgid "Session"
|
||||
|
@ -4897,7 +4909,7 @@ msgstr "セッションのリプレイをアップロードできます"
|
|||
msgid "Can download session replay"
|
||||
msgstr "セッション再生をダウンロードできます"
|
||||
|
||||
#: terminal/models/session.py:50 terminal/models/sharing.py:99
|
||||
#: terminal/models/session.py:50 terminal/models/sharing.py:101
|
||||
msgid "Login from"
|
||||
msgstr "ログイン元"
|
||||
|
||||
|
@ -4933,7 +4945,7 @@ msgstr "セッションアクションのパーマを検証できます"
|
|||
msgid "Creator"
|
||||
msgstr "作成者"
|
||||
|
||||
#: terminal/models/sharing.py:26 terminal/models/sharing.py:78
|
||||
#: terminal/models/sharing.py:26 terminal/models/sharing.py:80
|
||||
msgid "Verify code"
|
||||
msgstr "コードの確認"
|
||||
|
||||
|
@ -4941,7 +4953,7 @@ msgstr "コードの確認"
|
|||
msgid "Expired time (min)"
|
||||
msgstr "期限切れ時間 (分)"
|
||||
|
||||
#: terminal/models/sharing.py:37 terminal/models/sharing.py:81
|
||||
#: terminal/models/sharing.py:37 terminal/models/sharing.py:83
|
||||
msgid "Session sharing"
|
||||
msgstr "セッション共有"
|
||||
|
||||
|
@ -4949,40 +4961,40 @@ msgstr "セッション共有"
|
|||
msgid "Can add super session sharing"
|
||||
msgstr "スーパーセッション共有を追加できます"
|
||||
|
||||
#: terminal/models/sharing.py:64
|
||||
#: terminal/models/sharing.py:66
|
||||
msgid "Link not active"
|
||||
msgstr "リンクがアクティブでない"
|
||||
|
||||
#: terminal/models/sharing.py:66
|
||||
#: terminal/models/sharing.py:68
|
||||
msgid "Link expired"
|
||||
msgstr "リンク期限切れ"
|
||||
|
||||
#: terminal/models/sharing.py:68
|
||||
#: terminal/models/sharing.py:70
|
||||
msgid "User not allowed to join"
|
||||
msgstr "ユーザーはセッションに参加できません"
|
||||
|
||||
#: terminal/models/sharing.py:85 terminal/serializers/sharing.py:59
|
||||
#: terminal/models/sharing.py:87 terminal/serializers/sharing.py:59
|
||||
msgid "Joiner"
|
||||
msgstr "ジョイナー"
|
||||
|
||||
#: terminal/models/sharing.py:88
|
||||
#: terminal/models/sharing.py:90
|
||||
msgid "Date joined"
|
||||
msgstr "参加日"
|
||||
|
||||
#: terminal/models/sharing.py:91
|
||||
#: terminal/models/sharing.py:93
|
||||
msgid "Date left"
|
||||
msgstr "日付が残っています"
|
||||
|
||||
#: terminal/models/sharing.py:109 tickets/const.py:26
|
||||
#: terminal/models/sharing.py:111 tickets/const.py:26
|
||||
#: xpack/plugins/change_auth_plan/models/base.py:192
|
||||
msgid "Finished"
|
||||
msgstr "終了"
|
||||
|
||||
#: terminal/models/sharing.py:114
|
||||
#: terminal/models/sharing.py:116
|
||||
msgid "Session join record"
|
||||
msgstr "セッション参加記録"
|
||||
|
||||
#: terminal/models/sharing.py:130
|
||||
#: terminal/models/sharing.py:132
|
||||
msgid "Invalid verification code"
|
||||
msgstr "検証コードが無効"
|
||||
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:7ee69ce22224f6cae615752c034e495c29d93ed9dbe86767f044d5c0f663b8cc
|
||||
size 105904
|
||||
oid sha256:9c2b13f7242beec8786179e03de895bd3e9d8d6392b74c2398409c1bfa33d9f8
|
||||
size 106088
|
||||
|
|
|
@ -7,7 +7,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: JumpServer 0.3.3\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-07-15 17:15+0800\n"
|
||||
"POT-Creation-Date: 2022-07-19 10:45+0800\n"
|
||||
"PO-Revision-Date: 2021-05-20 10:54+0800\n"
|
||||
"Last-Translator: ibuler <ibuler@qq.com>\n"
|
||||
"Language-Team: JumpServer team<ibuler@qq.com>\n"
|
||||
|
@ -87,8 +87,8 @@ msgstr "登录复核"
|
|||
#: acls/models/login_acl.py:24 acls/models/login_asset_acl.py:20
|
||||
#: assets/models/cmd_filter.py:30 assets/models/label.py:15 audits/models.py:37
|
||||
#: audits/models.py:62 audits/models.py:87 audits/serializers.py:100
|
||||
#: authentication/models.py:54 authentication/models.py:78 orgs/models.py:214
|
||||
#: perms/models/base.py:84 rbac/builtin.py:117 rbac/models/rolebinding.py:41
|
||||
#: authentication/models.py:54 authentication/models.py:78 orgs/models.py:215
|
||||
#: perms/models/base.py:84 rbac/builtin.py:120 rbac/models/rolebinding.py:41
|
||||
#: terminal/backends/command/models.py:20
|
||||
#: terminal/backends/command/serializers.py:13 terminal/models/session.py:44
|
||||
#: terminal/models/sharing.py:33 terminal/notifications.py:91
|
||||
|
@ -358,7 +358,7 @@ msgstr "类型名称"
|
|||
#: assets/serializers/account.py:18 assets/serializers/cmd_filter.py:28
|
||||
#: assets/serializers/cmd_filter.py:48 common/db/models.py:114
|
||||
#: common/mixins/models.py:50 ops/models/adhoc.py:39 ops/models/command.py:30
|
||||
#: orgs/models.py:67 orgs/models.py:217 perms/models/base.py:92
|
||||
#: orgs/models.py:67 orgs/models.py:218 perms/models/base.py:92
|
||||
#: users/models/group.py:18 users/models/user.py:922
|
||||
#: xpack/plugins/cloud/models.py:125
|
||||
msgid "Date created"
|
||||
|
@ -368,7 +368,7 @@ msgstr "创建日期"
|
|||
#: assets/models/gathered_user.py:20 assets/serializers/account.py:21
|
||||
#: assets/serializers/cmd_filter.py:29 assets/serializers/cmd_filter.py:49
|
||||
#: common/db/models.py:115 common/mixins/models.py:51 ops/models/adhoc.py:40
|
||||
#: orgs/models.py:218
|
||||
#: orgs/models.py:219
|
||||
msgid "Date updated"
|
||||
msgstr "更新日期"
|
||||
|
||||
|
@ -407,6 +407,10 @@ msgstr "主机"
|
|||
msgid "Port"
|
||||
msgstr "端口"
|
||||
|
||||
#: applications/serializers/attrs/application_category/remote_app.py:34
|
||||
msgid "Asset Info"
|
||||
msgstr "资产信息"
|
||||
|
||||
#: applications/serializers/attrs/application_category/remote_app.py:39
|
||||
#: applications/serializers/attrs/application_type/chrome.py:14
|
||||
#: applications/serializers/attrs/application_type/mysql_workbench.py:14
|
||||
|
@ -619,7 +623,7 @@ msgstr "标签管理"
|
|||
#: assets/models/cluster.py:28 assets/models/cmd_filter.py:52
|
||||
#: assets/models/cmd_filter.py:99 assets/models/group.py:21
|
||||
#: common/db/models.py:112 common/mixins/models.py:49 orgs/models.py:66
|
||||
#: orgs/models.py:219 perms/models/base.py:91 users/models/user.py:706
|
||||
#: orgs/models.py:220 perms/models/base.py:91 users/models/user.py:706
|
||||
#: users/serializers/group.py:33
|
||||
#: xpack/plugins/change_auth_plan/models/base.py:48
|
||||
#: xpack/plugins/cloud/models.py:122 xpack/plugins/gathered_user/models.py:30
|
||||
|
@ -730,7 +734,7 @@ msgid "Trigger mode"
|
|||
msgstr "触发模式"
|
||||
|
||||
#: assets/models/backup.py:119 audits/models.py:127
|
||||
#: terminal/models/sharing.py:106
|
||||
#: terminal/models/sharing.py:108
|
||||
#: xpack/plugins/change_auth_plan/models/base.py:201
|
||||
#: xpack/plugins/change_auth_plan/serializers/app.py:66
|
||||
#: xpack/plugins/change_auth_plan/serializers/asset.py:180
|
||||
|
@ -1423,7 +1427,7 @@ msgid "Symlink"
|
|||
msgstr "建立软链接"
|
||||
|
||||
#: audits/models.py:38 audits/models.py:66 audits/models.py:89
|
||||
#: terminal/models/session.py:51 terminal/models/sharing.py:94
|
||||
#: terminal/models/session.py:51 terminal/models/sharing.py:96
|
||||
msgid "Remote addr"
|
||||
msgstr "远端地址"
|
||||
|
||||
|
@ -1435,7 +1439,7 @@ msgstr "操作"
|
|||
msgid "Filename"
|
||||
msgstr "文件名"
|
||||
|
||||
#: audits/models.py:43 audits/models.py:117 terminal/models/sharing.py:102
|
||||
#: audits/models.py:43 audits/models.py:117 terminal/models/sharing.py:104
|
||||
#: tickets/views/approve.py:115
|
||||
#: xpack/plugins/change_auth_plan/serializers/app.py:87
|
||||
#: xpack/plugins/change_auth_plan/serializers/asset.py:198
|
||||
|
@ -2985,7 +2989,7 @@ msgid "App organizations"
|
|||
msgstr "组织管理"
|
||||
|
||||
#: orgs/mixins/models.py:57 orgs/mixins/serializers.py:25 orgs/models.py:80
|
||||
#: orgs/models.py:211 rbac/const.py:7 rbac/models/rolebinding.py:48
|
||||
#: orgs/models.py:212 rbac/const.py:7 rbac/models/rolebinding.py:48
|
||||
#: rbac/serializers/rolebinding.py:40 settings/serializers/auth/ldap.py:62
|
||||
#: tickets/models/ticket/general.py:300 tickets/serializers/ticket/ticket.py:71
|
||||
msgid "Organization"
|
||||
|
@ -2999,7 +3003,11 @@ msgstr "全局组织"
|
|||
msgid "Can view root org"
|
||||
msgstr "可以查看全局组织"
|
||||
|
||||
#: orgs/models.py:216 rbac/models/role.py:46 rbac/models/rolebinding.py:44
|
||||
#: orgs/models.py:83
|
||||
msgid "Can view all joined org"
|
||||
msgstr "可以查看所有加入的组织"
|
||||
|
||||
#: orgs/models.py:217 rbac/models/role.py:46 rbac/models/rolebinding.py:44
|
||||
#: users/models/user.py:671
|
||||
msgid "Role"
|
||||
msgstr "角色"
|
||||
|
@ -3218,27 +3226,27 @@ msgstr "{} 至少有一个系统角色"
|
|||
msgid "RBAC"
|
||||
msgstr "RBAC"
|
||||
|
||||
#: rbac/builtin.py:108
|
||||
#: rbac/builtin.py:111
|
||||
msgid "SystemAdmin"
|
||||
msgstr "系统管理员"
|
||||
|
||||
#: rbac/builtin.py:111
|
||||
#: rbac/builtin.py:114
|
||||
msgid "SystemAuditor"
|
||||
msgstr "系统审计员"
|
||||
|
||||
#: rbac/builtin.py:114
|
||||
#: rbac/builtin.py:117
|
||||
msgid "SystemComponent"
|
||||
msgstr "系统组件"
|
||||
|
||||
#: rbac/builtin.py:120
|
||||
#: rbac/builtin.py:123
|
||||
msgid "OrgAdmin"
|
||||
msgstr "组织管理员"
|
||||
|
||||
#: rbac/builtin.py:123
|
||||
#: rbac/builtin.py:126
|
||||
msgid "OrgAuditor"
|
||||
msgstr "组织审计员"
|
||||
|
||||
#: rbac/builtin.py:126
|
||||
#: rbac/builtin.py:129
|
||||
msgid "OrgUser"
|
||||
msgstr "组织用户"
|
||||
|
||||
|
@ -3294,17 +3302,21 @@ msgstr "组织角色"
|
|||
msgid "Role binding"
|
||||
msgstr "角色绑定"
|
||||
|
||||
#: rbac/models/rolebinding.py:159
|
||||
#: rbac/models/rolebinding.py:137
|
||||
msgid "All organizations"
|
||||
msgstr "所有组织"
|
||||
|
||||
#: rbac/models/rolebinding.py:166
|
||||
msgid ""
|
||||
"User last role in org, can not be delete, you can remove user from org "
|
||||
"instead"
|
||||
msgstr "用户最后一个角色,不能删除,你可以将用户从组织移除"
|
||||
|
||||
#: rbac/models/rolebinding.py:166
|
||||
#: rbac/models/rolebinding.py:173
|
||||
msgid "Organization role binding"
|
||||
msgstr "组织角色绑定"
|
||||
|
||||
#: rbac/models/rolebinding.py:181
|
||||
#: rbac/models/rolebinding.py:188
|
||||
msgid "System role binding"
|
||||
msgstr "系统角色绑定"
|
||||
|
||||
|
@ -4699,7 +4711,7 @@ msgid "Output"
|
|||
msgstr "输出"
|
||||
|
||||
#: terminal/backends/command/models.py:25 terminal/models/replay.py:9
|
||||
#: terminal/models/sharing.py:19 terminal/models/sharing.py:76
|
||||
#: terminal/models/sharing.py:19 terminal/models/sharing.py:78
|
||||
#: terminal/templates/terminal/_msg_command_alert.html:10
|
||||
#: tickets/models/ticket/command_confirm.py:20
|
||||
msgid "Session"
|
||||
|
@ -4821,7 +4833,7 @@ msgstr "可以上传会话录像"
|
|||
msgid "Can download session replay"
|
||||
msgstr "可以下载会话录像"
|
||||
|
||||
#: terminal/models/session.py:50 terminal/models/sharing.py:99
|
||||
#: terminal/models/session.py:50 terminal/models/sharing.py:101
|
||||
msgid "Login from"
|
||||
msgstr "登录来源"
|
||||
|
||||
|
@ -4857,7 +4869,7 @@ msgstr "可以验证会话动作权限"
|
|||
msgid "Creator"
|
||||
msgstr "创建者"
|
||||
|
||||
#: terminal/models/sharing.py:26 terminal/models/sharing.py:78
|
||||
#: terminal/models/sharing.py:26 terminal/models/sharing.py:80
|
||||
msgid "Verify code"
|
||||
msgstr "验证码"
|
||||
|
||||
|
@ -4865,7 +4877,7 @@ msgstr "验证码"
|
|||
msgid "Expired time (min)"
|
||||
msgstr "过期时间 (分)"
|
||||
|
||||
#: terminal/models/sharing.py:37 terminal/models/sharing.py:81
|
||||
#: terminal/models/sharing.py:37 terminal/models/sharing.py:83
|
||||
msgid "Session sharing"
|
||||
msgstr "会话分享"
|
||||
|
||||
|
@ -4873,40 +4885,40 @@ msgstr "会话分享"
|
|||
msgid "Can add super session sharing"
|
||||
msgstr "可以创建超级会话分享"
|
||||
|
||||
#: terminal/models/sharing.py:64
|
||||
#: terminal/models/sharing.py:66
|
||||
msgid "Link not active"
|
||||
msgstr "链接失效"
|
||||
|
||||
#: terminal/models/sharing.py:66
|
||||
#: terminal/models/sharing.py:68
|
||||
msgid "Link expired"
|
||||
msgstr "链接过期"
|
||||
|
||||
#: terminal/models/sharing.py:68
|
||||
#: terminal/models/sharing.py:70
|
||||
msgid "User not allowed to join"
|
||||
msgstr "该用户无权加入会话"
|
||||
|
||||
#: terminal/models/sharing.py:85 terminal/serializers/sharing.py:59
|
||||
#: terminal/models/sharing.py:87 terminal/serializers/sharing.py:59
|
||||
msgid "Joiner"
|
||||
msgstr "加入者"
|
||||
|
||||
#: terminal/models/sharing.py:88
|
||||
#: terminal/models/sharing.py:90
|
||||
msgid "Date joined"
|
||||
msgstr "加入日期"
|
||||
|
||||
#: terminal/models/sharing.py:91
|
||||
#: terminal/models/sharing.py:93
|
||||
msgid "Date left"
|
||||
msgstr "结束日期"
|
||||
|
||||
#: terminal/models/sharing.py:109 tickets/const.py:26
|
||||
#: terminal/models/sharing.py:111 tickets/const.py:26
|
||||
#: xpack/plugins/change_auth_plan/models/base.py:192
|
||||
msgid "Finished"
|
||||
msgstr "结束"
|
||||
|
||||
#: terminal/models/sharing.py:114
|
||||
#: terminal/models/sharing.py:116
|
||||
msgid "Session join record"
|
||||
msgstr "会话加入记录"
|
||||
|
||||
#: terminal/models/sharing.py:130
|
||||
#: terminal/models/sharing.py:132
|
||||
msgid "Invalid verification code"
|
||||
msgstr "验证码不正确"
|
||||
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
# Generated by Django 3.2.12 on 2022-07-18 05:57
|
||||
|
||||
from django.db import migrations
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('orgs', '0012_auto_20220118_1054'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterModelOptions(
|
||||
name='organization',
|
||||
options={'permissions': (('view_rootorg', 'Can view root org'), ('view_alljoinedorg', 'Can view all joined org')), 'verbose_name': 'Organization'},
|
||||
),
|
||||
]
|
|
@ -80,6 +80,7 @@ class Organization(OrgRoleMixin, models.Model):
|
|||
verbose_name = _("Organization")
|
||||
permissions = (
|
||||
('view_rootorg', _('Can view root org')),
|
||||
('view_alljoinedorg', _('Can view all joined org')),
|
||||
)
|
||||
|
||||
def __str__(self):
|
||||
|
|
|
@ -73,7 +73,7 @@ def check_asset_permission_will_expired():
|
|||
|
||||
for asset_perm in asset_perms:
|
||||
date_expired = dt_parser(asset_perm.date_expired)
|
||||
remain_days = (end - date_expired).days
|
||||
remain_days = (date_expired - start).days
|
||||
|
||||
org = asset_perm.org
|
||||
# 资产授权按照组织分类
|
||||
|
@ -121,7 +121,7 @@ def check_app_permission_will_expired():
|
|||
|
||||
for app_perm in app_perms:
|
||||
date_expired = dt_parser(app_perm.date_expired)
|
||||
remain_days = (end - date_expired).days
|
||||
remain_days = (date_expired - start).days
|
||||
|
||||
org = app_perm.org
|
||||
if org in org_perm_remain_day_mapper[remain_days]:
|
||||
|
|
|
@ -5,6 +5,9 @@ from .const import Scope, system_exclude_permissions, org_exclude_permissions
|
|||
_view_root_perms = (
|
||||
('orgs', 'organization', 'view', 'rootorg'),
|
||||
)
|
||||
_view_all_joined_org_perms = (
|
||||
('orgs', 'organization', 'view', 'alljoinedorg'),
|
||||
)
|
||||
|
||||
user_perms = (
|
||||
('rbac', 'menupermission', 'view', 'workbench'),
|
||||
|
@ -20,11 +23,11 @@ user_perms = (
|
|||
)
|
||||
|
||||
system_user_perms = (
|
||||
('authentication', 'connectiontoken', 'add', 'connectiontoken'),
|
||||
('authentication', 'connectiontoken', 'add,view', 'connectiontoken'),
|
||||
('authentication', 'temptoken', 'add,change,view', 'temptoken'),
|
||||
('authentication', 'accesskey', '*', '*'),
|
||||
('tickets', 'ticket', 'view', 'ticket'),
|
||||
) + user_perms + _view_root_perms
|
||||
) + user_perms + _view_all_joined_org_perms
|
||||
|
||||
_auditor_perms = (
|
||||
('rbac', 'menupermission', 'view', 'audit'),
|
||||
|
|
|
@ -60,11 +60,11 @@ class Permission(DjangoPermission):
|
|||
if actions == '*' and resource == '*':
|
||||
pass
|
||||
elif actions == '*' and resource != '*':
|
||||
kwargs['codename__iregex'] = r'[a-z]+_{}'.format(resource)
|
||||
kwargs['codename__iregex'] = r'[a-z]+_{}$'.format(resource)
|
||||
elif actions != '*' and resource == '*':
|
||||
kwargs['codename__iregex'] = r'({})_[a-z]+'.format(actions_regex)
|
||||
else:
|
||||
kwargs['codename__iregex'] = r'({})_{}'.format(actions_regex, resource)
|
||||
kwargs['codename__iregex'] = r'({})_{}$'.format(actions_regex, resource)
|
||||
q |= Q(**kwargs)
|
||||
return q
|
||||
|
||||
|
|
|
@ -126,9 +126,16 @@ class RoleBinding(JMSModel):
|
|||
org_ids = [b.org.id for b in bindings if b.org]
|
||||
orgs = all_orgs.filter(id__in=org_ids)
|
||||
|
||||
workbench_perm = 'rbac.view_workbench'
|
||||
# 全局组织
|
||||
if orgs and user.has_perm('orgs.view_rootorg'):
|
||||
orgs = [Organization.root(), *list(orgs)]
|
||||
if orgs and perm != workbench_perm and user.has_perm('orgs.view_rootorg'):
|
||||
root_org = Organization.root()
|
||||
orgs = [root_org, *list(orgs)]
|
||||
elif orgs and perm == workbench_perm and user.has_perm('orgs.view_alljoinedorg'):
|
||||
# Todo: 先复用组织
|
||||
root_org = Organization.root()
|
||||
root_org.name = _("All organizations")
|
||||
orgs = [root_org, *list(orgs)]
|
||||
return orgs
|
||||
|
||||
|
||||
|
|
|
@ -130,7 +130,7 @@ class CommandExecutionAlert(CommandAlertMixin, SystemMessage):
|
|||
for asset in command['assets']:
|
||||
url = reverse(
|
||||
'assets:asset-detail', kwargs={'pk': asset.id},
|
||||
api_to_ui=True, external=True
|
||||
api_to_ui=True, external=True, is_console=True
|
||||
) + '?oid={}'.format(asset.org_id)
|
||||
assets_with_url.append([asset, url])
|
||||
|
||||
|
|
|
@ -3,6 +3,10 @@ import uuid
|
|||
|
||||
from rest_framework import generics
|
||||
from rest_framework.permissions import IsAuthenticated
|
||||
from common.permissions import IsValidUserOrConnectionToken
|
||||
from common.utils import get_object_or_none
|
||||
from orgs.utils import tmp_to_root_org
|
||||
from authentication.models import ConnectionToken
|
||||
|
||||
from users.notifications import (
|
||||
ResetPasswordMsg, ResetPasswordSuccessMsg, ResetSSHKeyMsg,
|
||||
|
@ -44,12 +48,26 @@ class UserResetPKApi(UserQuerysetMixin, generics.UpdateAPIView):
|
|||
|
||||
|
||||
class UserProfileApi(generics.RetrieveUpdateAPIView):
|
||||
permission_classes = (IsAuthenticated,)
|
||||
permission_classes = (IsValidUserOrConnectionToken,)
|
||||
serializer_class = serializers.UserProfileSerializer
|
||||
|
||||
def get_object(self):
|
||||
if self.request.user.is_anonymous:
|
||||
user = self.get_connection_token_user()
|
||||
if user:
|
||||
return user
|
||||
return self.request.user
|
||||
|
||||
def get_connection_token_user(self):
|
||||
token_id = self.request.query_params.get('token')
|
||||
if not token_id:
|
||||
return
|
||||
with tmp_to_root_org():
|
||||
token = get_object_or_none(ConnectionToken, id=token_id)
|
||||
if not token:
|
||||
return
|
||||
return token.user
|
||||
|
||||
|
||||
class UserPasswordApi(generics.RetrieveUpdateAPIView):
|
||||
permission_classes = (IsAuthenticated,)
|
||||
|
|
|
@ -62,7 +62,7 @@ jsonfield2==4.0.0.post0
|
|||
geoip2==4.5.0
|
||||
ipip-ipdb==1.6.1
|
||||
# Django environment
|
||||
Django==3.2.13
|
||||
Django==3.1.14
|
||||
django-bootstrap3==14.2.0
|
||||
django-filter==2.4.0
|
||||
django-formtools==2.2
|
||||
|
|
Loading…
Reference in New Issue