mirror of https://github.com/jumpserver/jumpserver
Merge branch 'v3' of github.com:jumpserver/jumpserver into v3
commit
6f02b239db
|
@ -61,19 +61,18 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
|
||||||
@classmethod
|
@classmethod
|
||||||
def filter_asset(cls, asset, queryset):
|
def filter_asset(cls, asset, queryset):
|
||||||
queryset = queryset.filter(
|
queryset = queryset.filter(
|
||||||
Q(assets__hostname_group__contains=asset.name) |
|
Q(assets__name_group__contains=asset.name) |
|
||||||
Q(assets__hostname_group__contains='*')
|
Q(assets__name_group__contains='*')
|
||||||
)
|
)
|
||||||
ids = [q.id for q in queryset if contains_ip(asset.address, q.assets.get('ip_group', []))]
|
ids = [
|
||||||
|
q.id for q in queryset if contains_ip(asset.address, q.assets.get('address_group', []))
|
||||||
|
]
|
||||||
queryset = cls.objects.filter(id__in=ids)
|
queryset = cls.objects.filter(id__in=ids)
|
||||||
return queryset
|
return queryset
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def filter_account(cls, account_username, queryset):
|
def filter_account(cls, account_username, queryset):
|
||||||
queryset = queryset.filter(
|
queryset = queryset.filter(
|
||||||
Q(accounts__name_group__contains=account_username) |
|
|
||||||
Q(accounts__name_group__contains='*')
|
|
||||||
).filter(
|
|
||||||
Q(accounts__username_group__contains=account_username) |
|
Q(accounts__username_group__contains=account_username) |
|
||||||
Q(accounts__username_group__contains='*')
|
Q(accounts__username_group__contains='*')
|
||||||
)
|
)
|
||||||
|
|
|
@ -25,34 +25,28 @@ class LoginAssetACLUsersSerializer(serializers.Serializer):
|
||||||
|
|
||||||
|
|
||||||
class LoginAssetACLAssestsSerializer(serializers.Serializer):
|
class LoginAssetACLAssestsSerializer(serializers.Serializer):
|
||||||
ip_group_help_text = _(
|
address_group_help_text = _(
|
||||||
"Format for comma-delimited string, with * indicating a match all. "
|
"Format for comma-delimited string, with * indicating a match all. "
|
||||||
"Such as: "
|
"Such as: "
|
||||||
"192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64"
|
"192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64"
|
||||||
" (Domain name support)"
|
" (Domain name support)"
|
||||||
)
|
)
|
||||||
|
|
||||||
ip_group = serializers.ListField(
|
|
||||||
default=["*"],
|
|
||||||
child=serializers.CharField(max_length=1024),
|
|
||||||
label=_("IP/Host"),
|
|
||||||
help_text=ip_group_help_text,
|
|
||||||
)
|
|
||||||
hostname_group = serializers.ListField(
|
|
||||||
default=["*"],
|
|
||||||
child=serializers.CharField(max_length=128),
|
|
||||||
label=_("Name"),
|
|
||||||
help_text=common_help_text,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class LoginAssetACLAccountsSerializer(serializers.Serializer):
|
|
||||||
name_group = serializers.ListField(
|
name_group = serializers.ListField(
|
||||||
default=["*"],
|
default=["*"],
|
||||||
child=serializers.CharField(max_length=128),
|
child=serializers.CharField(max_length=128),
|
||||||
label=_("Name"),
|
label=_("Name"),
|
||||||
help_text=common_help_text,
|
help_text=common_help_text,
|
||||||
)
|
)
|
||||||
|
address_group = serializers.ListField(
|
||||||
|
default=["*"],
|
||||||
|
child=serializers.CharField(max_length=1024),
|
||||||
|
label=_("IP/Host"),
|
||||||
|
help_text=address_group_help_text,
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
class LoginAssetACLAccountsSerializer(serializers.Serializer):
|
||||||
username_group = serializers.ListField(
|
username_group = serializers.ListField(
|
||||||
default=["*"],
|
default=["*"],
|
||||||
child=serializers.CharField(max_length=128),
|
child=serializers.CharField(max_length=128),
|
||||||
|
|
|
@ -37,9 +37,7 @@ class LoginAssetCheckSerializer(serializers.Serializer):
|
||||||
|
|
||||||
def validate_account_username(self, account_username):
|
def validate_account_username(self, account_username):
|
||||||
asset_id = self.initial_data.get('asset_id')
|
asset_id = self.initial_data.get('asset_id')
|
||||||
account = Account.objects.filter(
|
account = Account.objects.filter(username=account_username, asset_id=asset_id).first()
|
||||||
username=account_username, asset_id=asset_id
|
|
||||||
).first()
|
|
||||||
if not account:
|
if not account:
|
||||||
error = 'Account username does not exist'
|
error = 'Account username does not exist'
|
||||||
raise serializers.ValidationError(error)
|
raise serializers.ValidationError(error)
|
||||||
|
|
|
@ -113,6 +113,13 @@ class JobExecution(JMSOrgBaseModel):
|
||||||
def job_type(self):
|
def job_type(self):
|
||||||
return self.job.type
|
return self.job.type
|
||||||
|
|
||||||
|
def compile_shell(self):
|
||||||
|
if self.job.type != 'adhoc':
|
||||||
|
return
|
||||||
|
result = "{}{}{} ".format('\'', self.job.args, '\'')
|
||||||
|
result += "chdir={}".format(self.job.chdir)
|
||||||
|
return result
|
||||||
|
|
||||||
def get_runner(self):
|
def get_runner(self):
|
||||||
inv = self.job.inventory
|
inv = self.job.inventory
|
||||||
inv.write_to_file(self.inventory_path)
|
inv.write_to_file(self.inventory_path)
|
||||||
|
@ -122,8 +129,9 @@ class JobExecution(JMSOrgBaseModel):
|
||||||
extra_vars = {}
|
extra_vars = {}
|
||||||
|
|
||||||
if self.job.type == 'adhoc':
|
if self.job.type == 'adhoc':
|
||||||
|
args = self.compile_shell()
|
||||||
runner = AdHocRunner(
|
runner = AdHocRunner(
|
||||||
self.inventory_path, self.job.module, module_args=self.job.args,
|
self.inventory_path, self.job.module, module_args=args,
|
||||||
pattern="all", project_dir=self.private_dir, extra_vars=extra_vars,
|
pattern="all", project_dir=self.private_dir, extra_vars=extra_vars,
|
||||||
)
|
)
|
||||||
elif self.job.type == 'playbook':
|
elif self.job.type == 'playbook':
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
# ~*~ coding: utf-8 ~*~
|
# ~*~ coding: utf-8 ~*~
|
||||||
from __future__ import unicode_literals
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
import datetime
|
|
||||||
|
|
||||||
from rest_framework import serializers
|
from rest_framework import serializers
|
||||||
|
|
||||||
from common.drf.fields import ReadableHiddenField
|
from common.drf.fields import ReadableHiddenField
|
||||||
|
@ -17,5 +15,5 @@ class AdHocSerializer(BulkOrgResourceModelSerializer, serializers.ModelSerialize
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
model = AdHoc
|
model = AdHoc
|
||||||
fields = ["id", "name", "module", "row_count", "size", "args", "creator", "comment", "date_created",
|
read_only_field = ["id", "row_count", "size", "creator", "date_created", "date_updated"]
|
||||||
"date_updated"]
|
fields = read_only_field + ["id", "name", "module", "args", "comment"]
|
||||||
|
|
|
@ -24,6 +24,7 @@ class PlaybookSerializer(BulkOrgResourceModelSerializer, serializers.ModelSerial
|
||||||
|
|
||||||
class Meta:
|
class Meta:
|
||||||
model = Playbook
|
model = Playbook
|
||||||
fields = [
|
read_only_fields = ["id", "date_created", "date_updated"]
|
||||||
"id", "name", "path", "comment", "date_created", "creator", "date_updated"
|
fields = read_only_fields + [
|
||||||
|
"id", "name", "comment", "creator",
|
||||||
]
|
]
|
||||||
|
|
Loading…
Reference in New Issue