Merge branch 'v3' of github.com:jumpserver/jumpserver into v3

pull/9134/head
ibuler 2022-11-30 16:33:52 +08:00
commit 6f02b239db
6 changed files with 30 additions and 32 deletions

View File

@ -61,19 +61,18 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
@classmethod @classmethod
def filter_asset(cls, asset, queryset): def filter_asset(cls, asset, queryset):
queryset = queryset.filter( queryset = queryset.filter(
Q(assets__hostname_group__contains=asset.name) | Q(assets__name_group__contains=asset.name) |
Q(assets__hostname_group__contains='*') Q(assets__name_group__contains='*')
) )
ids = [q.id for q in queryset if contains_ip(asset.address, q.assets.get('ip_group', []))] ids = [
q.id for q in queryset if contains_ip(asset.address, q.assets.get('address_group', []))
]
queryset = cls.objects.filter(id__in=ids) queryset = cls.objects.filter(id__in=ids)
return queryset return queryset
@classmethod @classmethod
def filter_account(cls, account_username, queryset): def filter_account(cls, account_username, queryset):
queryset = queryset.filter( queryset = queryset.filter(
Q(accounts__name_group__contains=account_username) |
Q(accounts__name_group__contains='*')
).filter(
Q(accounts__username_group__contains=account_username) | Q(accounts__username_group__contains=account_username) |
Q(accounts__username_group__contains='*') Q(accounts__username_group__contains='*')
) )

View File

@ -25,34 +25,28 @@ class LoginAssetACLUsersSerializer(serializers.Serializer):
class LoginAssetACLAssestsSerializer(serializers.Serializer): class LoginAssetACLAssestsSerializer(serializers.Serializer):
ip_group_help_text = _( address_group_help_text = _(
"Format for comma-delimited string, with * indicating a match all. " "Format for comma-delimited string, with * indicating a match all. "
"Such as: " "Such as: "
"192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64" "192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64"
" (Domain name support)" " (Domain name support)"
) )
ip_group = serializers.ListField(
default=["*"],
child=serializers.CharField(max_length=1024),
label=_("IP/Host"),
help_text=ip_group_help_text,
)
hostname_group = serializers.ListField(
default=["*"],
child=serializers.CharField(max_length=128),
label=_("Name"),
help_text=common_help_text,
)
class LoginAssetACLAccountsSerializer(serializers.Serializer):
name_group = serializers.ListField( name_group = serializers.ListField(
default=["*"], default=["*"],
child=serializers.CharField(max_length=128), child=serializers.CharField(max_length=128),
label=_("Name"), label=_("Name"),
help_text=common_help_text, help_text=common_help_text,
) )
address_group = serializers.ListField(
default=["*"],
child=serializers.CharField(max_length=1024),
label=_("IP/Host"),
help_text=address_group_help_text,
)
class LoginAssetACLAccountsSerializer(serializers.Serializer):
username_group = serializers.ListField( username_group = serializers.ListField(
default=["*"], default=["*"],
child=serializers.CharField(max_length=128), child=serializers.CharField(max_length=128),

View File

@ -37,9 +37,7 @@ class LoginAssetCheckSerializer(serializers.Serializer):
def validate_account_username(self, account_username): def validate_account_username(self, account_username):
asset_id = self.initial_data.get('asset_id') asset_id = self.initial_data.get('asset_id')
account = Account.objects.filter( account = Account.objects.filter(username=account_username, asset_id=asset_id).first()
username=account_username, asset_id=asset_id
).first()
if not account: if not account:
error = 'Account username does not exist' error = 'Account username does not exist'
raise serializers.ValidationError(error) raise serializers.ValidationError(error)

View File

@ -113,6 +113,13 @@ class JobExecution(JMSOrgBaseModel):
def job_type(self): def job_type(self):
return self.job.type return self.job.type
def compile_shell(self):
if self.job.type != 'adhoc':
return
result = "{}{}{} ".format('\'', self.job.args, '\'')
result += "chdir={}".format(self.job.chdir)
return result
def get_runner(self): def get_runner(self):
inv = self.job.inventory inv = self.job.inventory
inv.write_to_file(self.inventory_path) inv.write_to_file(self.inventory_path)
@ -122,8 +129,9 @@ class JobExecution(JMSOrgBaseModel):
extra_vars = {} extra_vars = {}
if self.job.type == 'adhoc': if self.job.type == 'adhoc':
args = self.compile_shell()
runner = AdHocRunner( runner = AdHocRunner(
self.inventory_path, self.job.module, module_args=self.job.args, self.inventory_path, self.job.module, module_args=args,
pattern="all", project_dir=self.private_dir, extra_vars=extra_vars, pattern="all", project_dir=self.private_dir, extra_vars=extra_vars,
) )
elif self.job.type == 'playbook': elif self.job.type == 'playbook':

View File

@ -1,8 +1,6 @@
# ~*~ coding: utf-8 ~*~ # ~*~ coding: utf-8 ~*~
from __future__ import unicode_literals from __future__ import unicode_literals
import datetime
from rest_framework import serializers from rest_framework import serializers
from common.drf.fields import ReadableHiddenField from common.drf.fields import ReadableHiddenField
@ -17,5 +15,5 @@ class AdHocSerializer(BulkOrgResourceModelSerializer, serializers.ModelSerialize
class Meta: class Meta:
model = AdHoc model = AdHoc
fields = ["id", "name", "module", "row_count", "size", "args", "creator", "comment", "date_created", read_only_field = ["id", "row_count", "size", "creator", "date_created", "date_updated"]
"date_updated"] fields = read_only_field + ["id", "name", "module", "args", "comment"]

View File

@ -24,6 +24,7 @@ class PlaybookSerializer(BulkOrgResourceModelSerializer, serializers.ModelSerial
class Meta: class Meta:
model = Playbook model = Playbook
fields = [ read_only_fields = ["id", "date_created", "date_updated"]
"id", "name", "path", "comment", "date_created", "creator", "date_updated" fields = read_only_fields + [
"id", "name", "comment", "creator",
] ]