Merge pull request #5504 from jumpserver/dev

Dev

apps/assets/migrations/0065_auto_20210121_1549.py

@@ -0,0 +1,17 @@
+# Generated by Django 3.1 on 2021-01-21 07:49
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0064_auto_20201203_1100'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='domain',
+            options={'ordering': ('name',), 'verbose_name': 'Domain'},
+        ),
+    ]

apps/locale/zh/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: JumpServer 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2021-01-20 16:09+0800\n"
+"POT-Creation-Date: 2021-01-21 15:49+0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: JumpServer team<ibuler@qq.com>\n"
@@ -381,7 +381,7 @@ msgstr "创建者"
 #: assets/models/cluster.py:26 assets/models/domain.py:24
 #: assets/models/gathered_user.py:19 assets/models/group.py:22
 #: assets/models/label.py:25 common/db/models.py:69 common/mixins/models.py:50
-#: ops/models/adhoc.py:38 ops/models/command.py:27 orgs/models.py:25
+#: ops/models/adhoc.py:38 ops/models/command.py:29 orgs/models.py:25
 #: orgs/models.py:425 perms/models/base.py:55 users/models/group.py:18
 #: users/templates/users/user_group_detail.html:58
 #: xpack/plugins/cloud/models.py:61 xpack/plugins/cloud/models.py:159
@@ -472,7 +472,7 @@ msgstr "命令过滤器"
 msgid "Regex"
 msgstr "正则表达式"
 
-#: assets/models/cmd_filter.py:41 ops/models/command.py:23
+#: assets/models/cmd_filter.py:41 ops/models/command.py:25
 #: terminal/backends/command/serializers.py:15 terminal/models/session.py:48
 msgid "Command"
 msgstr "命令"
@@ -992,7 +992,7 @@ msgstr "文件名"
 msgid "Success"
 msgstr "成功"
 
-#: audits/models.py:43 ops/models/command.py:28 perms/models/base.py:52
+#: audits/models.py:43 ops/models/command.py:30 perms/models/base.py:52
 #: terminal/models/session.py:51
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:43
 #: tickets/serializers/ticket/meta/ticket_type/apply_application.py:74
@@ -1124,7 +1124,7 @@ msgstr "多因子认证状态（显示名称）"
 msgid "Is success"
 msgstr "是否成功"
 
-#: audits/serializers.py:77 ops/models/command.py:24
+#: audits/serializers.py:77 ops/models/command.py:26
 #: xpack/plugins/cloud/models.py:222
 msgid "Result"
 msgstr "结果"
@@ -1734,7 +1734,7 @@ msgstr "完成时间"
 msgid "Time"
 msgstr "时间"
 
-#: ops/models/adhoc.py:246 ops/models/command.py:26
+#: ops/models/adhoc.py:246 ops/models/command.py:28
 #: terminal/serializers/session.py:38
 msgid "Is finished"
 msgstr "是否完成"
@@ -1755,19 +1755,19 @@ msgstr "{} 任务开始: {}"
 msgid "{} Task finish"
 msgstr "{} 任务结束"
 
-#: ops/models/command.py:29
+#: ops/models/command.py:31
 msgid "Date finished"
 msgstr "结束日期"
 
-#: ops/models/command.py:72
+#: ops/models/command.py:74
 msgid "Task start"
 msgstr "任务开始"
 
-#: ops/models/command.py:94
+#: ops/models/command.py:96
 msgid "Command `{}` is forbidden ........"
 msgstr "命令 `{}` 不允许被执行 ......."
 
-#: ops/models/command.py:101
+#: ops/models/command.py:109
 msgid "Task end"
 msgstr "任务结束"
 
@@ -2815,6 +2815,42 @@ msgstr ""
 "        <br>\n"
 "        "
 
+#: terminal/utils.py:114
+#, python-format
+msgid "Insecure Web Command Execution Alert: [%(name)s]"
+msgstr "Web页面-> 命令执行 告警: [%(name)s]"
+
+#: terminal/utils.py:122
+#, python-format
+msgid ""
+"\n"
+"        <br>\n"
+"        Assets: %(assets)s\n"
+"        <br>\n"
+"        User: %(user)s\n"
+"        <br>\n"
+"        Level: %(risk_level)s\n"
+"        <br>\n"
+"\n"
+"        ----------------- Commands ---------------- <br>\n"
+"        %(command)s <br>\n"
+"        ----------------- Commands ---------------- <br>\n"
+"        "
+msgstr ""
+"\n"
+"        <br>\n"
+"        资产: %(assets)s\n"
+"        <br>\n"
+"        用户: %(user)s\n"
+"        <br>\n"
+"        等级: %(risk_level)s\n"
+"        <br>\n"
+"\n"
+"        ----------------- 命令 ---------------- <br>\n"
+"        %(command)s <br>\n"
+"        ----------------- 命令 ---------------- <br>\n"
+"        "
+
 #: tickets/const.py:8
 msgid "General"
 msgstr "一般"
@@ -4576,6 +4612,3 @@ msgstr "旗舰版"
 #: xpack/plugins/license/models.py:77
 msgid "Community edition"
 msgstr "社区版"
-
-#~ msgid "No"
-#~ msgstr "无"

apps/ops/models/command.py

@@ -9,6 +9,8 @@ from django.utils.translation import ugettext_lazy as _
 from django.utils.translation import ugettext
 from django.db import models
 
+from terminal.models import Command
+from terminal.utils import send_command_execution_alert_mail
 from common.utils import lazyproperty
 from orgs.models import Organization
 from orgs.mixins.models import OrgModelMixin
@@ -93,6 +95,12 @@ class CommandExecution(OrgModelMixin):
         else:
             msg = _("Command `{}` is forbidden ........").format(self.command)
             print('\033[31m' + msg + '\033[0m')
+            send_command_execution_alert_mail({
+                'input': self.command,
+                'assets': self.hosts.all(),
+                'user': str(self.user),
+                'risk_level': 5,
+            })
             self.result = {"error":  msg}
         self.org_id = self.run_as.org_id
         self.is_finished = True

apps/terminal/utils.py

@@ -110,6 +110,37 @@ def send_command_alert_mail(command):
     send_mail_async.delay(subject, message, recipient_list, html_message=message)
 
 
+def send_command_execution_alert_mail(command):
+    subject = _("Insecure Web Command Execution Alert: [%(name)s]") % {
+                    'name': command['user'],
+                 }
+    input = command['input']
+    input = input.replace('\n', '<br>')
+    recipient_list = settings.SECURITY_INSECURE_COMMAND_EMAIL_RECEIVER.split(',')
+
+    assets = ', '.join([str(asset) for asset in command['assets']])
+    message = _("""
+        <br>
+        Assets: %(assets)s
+        <br>
+        User: %(user)s
+        <br>
+        Level: %(risk_level)s
+        <br>
+
+        ----------------- Commands ---------------- <br>
+        %(command)s <br>
+        ----------------- Commands ---------------- <br>
+        """) % {
+            'command': input,
+            'assets': assets,
+            'user': command['user'],
+            'risk_level': Command.get_risk_level_str(command['risk_level']),
+        }
+
+    send_mail_async.delay(subject, message, recipient_list, html_message=message)
+
+
 class ComponentsMetricsUtil(object):
 
     @staticmethod

requirements/deb_buster_requirements.txt

@@ -5,8 +5,10 @@ curl
 wget
 vim
 locales
+iputils-ping
 
 # mysql-client
+default-mysql-client
 default-libmysqlclient-dev
 
 # Pillow