github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: web 和 自定义类型资产支持匿名账号

pull/10829/head
ibuler 2023-06-27 11:23:56 +08:00
parent eeba0a4bfc
commit 77bcb05d80
8 changed files with 188 additions and 171 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/accounts/const/account.py
View File

@ -13,6 +13,7 @@ class AliasAccount(TextChoices):
ALL = '@ALL', _('All')
INPUT = '@INPUT', _('Manual input')
USER = '@USER', _('Dynamic user')
ANON = '@ANON', _('Anonymous user')
class Source(TextChoices):

13
apps/accounts/models/account.py
View File

@ -88,11 +88,24 @@ class Account(AbsConnectivity, BaseAccount):
def has_secret(self):
return bool(self.secret)
@classmethod
def get_special_account(cls, name):
if name == AliasAccount.INPUT.value:
return cls.get_manual_account()
elif name == AliasAccount.ANON.value:
return cls.get_anonymous_account()
else:
return cls(name=name, username=name, secret=None)
@classmethod
def get_manual_account(cls):
""" @INPUT 手动登录的账号(any) """
return cls(name=AliasAccount.INPUT.label, username=AliasAccount.INPUT.value, secret=None)
@classmethod
def get_anonymous_account(cls):
return cls(name=AliasAccount.ANON.label, username=AliasAccount.ANON.value, secret=None)
@lazyproperty
def versions(self):
return self.history.count()

32
apps/authentication/models/connection_token.py
View File

@ -209,29 +209,17 @@ class ConnectionToken(JMSOrgBaseModel):
if not self.asset:
return None
account = self.asset.accounts.filter(name=self.account).first()
if self.account == '@INPUT' or not account:
data = {
'name': self.account,
'username': self.input_username,
'secret_type': 'password',
'secret': self.input_secret,
'su_from': None,
'org_id': self.asset.org_id,
'asset': self.asset
}
if self.account == '@ANON' and self.asset.category not in ['web', 'custom']:
raise JMSException({'error': 'Anonymous account is not supported in {}'.format(self.asset.category)})
if self.account.startswith('@'):
account = Account.get_special_account(self.account)
else:
data = {
'name': account.name,
'username': account.username,
'secret_type': account.secret_type,
'secret': account.secret or self.input_secret,
'su_from': account.su_from,
'org_id': account.org_id,
'privileged': account.privileged,
'asset': self.asset
}
return Account(**data)
account = self.asset.accounts.filter(name=self.account).first()
account.asset = self.asset
account.secret = account.secret or self.input_secret
return account
@lazyproperty
def domain(self):

4
apps/locale/ja/LC_MESSAGES/django.mo
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:cd4fb6a0396c8636f8a36645354a5102790c020d73cdeb1f0e1d1f1b34ea39e9
size 145760
oid sha256:36918c53144eaae27cb3b68d47882f6ca9b75669862f28f611fb737f6ca39631
size 145810

143
apps/locale/ja/LC_MESSAGES/django.po
View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-06-15 15:35+0800\n"
"POT-Creation-Date: 2023-06-27 10:17+0800\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -62,32 +62,36 @@ msgstr "手動入力"
msgid "Dynamic user"
msgstr "動的コード"
#: accounts/const/account.py:19 users/models/user.py:699
#: accounts/const/account.py:16
msgid "Anonymous user"
msgstr "匿名ユーザー"
#: accounts/const/account.py:20 users/models/user.py:699
msgid "Local"
msgstr "ローカル"
#: accounts/const/account.py:20
#: accounts/const/account.py:21
msgid "Collected"
msgstr "集めました"
#: accounts/const/account.py:21 accounts/serializers/account/account.py:27
#: accounts/const/account.py:22 accounts/serializers/account/account.py:27
#: settings/serializers/auth/sms.py:75
msgid "Template"
msgstr "テンプレート"
#: accounts/const/account.py:25 ops/const.py:45
#: accounts/const/account.py:26 ops/const.py:45
msgid "Skip"
msgstr "スキップ"
#: accounts/const/account.py:26 audits/const.py:24 rbac/tree.py:229
#: accounts/const/account.py:27 audits/const.py:24 rbac/tree.py:229
#: templates/_csv_import_export.html:18 templates/_csv_update_modal.html:6
msgid "Update"
msgstr "更新"
#: accounts/const/account.py:27
#: accounts/const/account.py:28
#: accounts/serializers/automations/change_secret.py:156 audits/const.py:54
#: audits/signal_handlers/activity_log.py:33 common/const/choices.py:19
#: ops/const.py:58 terminal/const.py:61 xpack/plugins/cloud/const.py:41
#: ops/const.py:58 terminal/const.py:62 xpack/plugins/cloud/const.py:41
msgid "Failed"
msgstr "失敗しました"
@ -187,17 +191,17 @@ msgstr "作成のみ"
#: accounts/serializers/automations/change_secret.py:112
#: accounts/serializers/automations/change_secret.py:132
#: acls/serializers/base.py:118 assets/models/asset/common.py:93
#: assets/models/asset/common.py:332 assets/models/cmd_filter.py:36
#: assets/models/asset/common.py:331 assets/models/cmd_filter.py:36
#: assets/serializers/domain.py:19 assets/serializers/label.py:27
#: audits/models.py:53 authentication/models/connection_token.py:35
#: perms/models/asset_permission.py:64 perms/serializers/permission.py:34
#: terminal/backends/command/models.py:20 terminal/models/session/session.py:32
#: terminal/backends/command/models.py:20 terminal/models/session/session.py:31
#: terminal/notifications.py:95 terminal/serializers/command.py:17
#: tickets/models/ticket/apply_asset.py:16 xpack/plugins/cloud/models.py:212
msgid "Asset"
msgstr "資産"
#: accounts/models/account.py:53 accounts/models/account.py:113
#: accounts/models/account.py:53 accounts/models/account.py:117
#: accounts/serializers/account/account.py:208
#: accounts/serializers/account/account.py:247
#: accounts/serializers/account/template.py:16
@ -225,7 +229,7 @@ msgstr "ソース ID"
#: acls/serializers/base.py:119 assets/serializers/asset/common.py:125
#: assets/serializers/gateway.py:28 audits/models.py:54 ops/models/base.py:18
#: perms/models/asset_permission.py:70 perms/serializers/permission.py:39
#: terminal/backends/command/models.py:21 terminal/models/session/session.py:34
#: terminal/backends/command/models.py:21 terminal/models/session/session.py:33
#: tickets/models/ticket/command_confirm.py:13 xpack/plugins/cloud/models.py:85
msgid "Account"
msgstr "アカウント"
@ -250,15 +254,15 @@ msgstr "アカウントを確認できます"
msgid "Can push account"
msgstr "アカウントをプッシュできます"
#: accounts/models/account.py:117
#: accounts/models/account.py:121
msgid "Account template"
msgstr "アカウント テンプレート"
#: accounts/models/account.py:122
#: accounts/models/account.py:126
msgid "Can view asset account template secret"
msgstr "アセット アカウント テンプレートのパスワードを表示できます"
#: accounts/models/account.py:123
#: accounts/models/account.py:127
msgid "Can change asset account template secret"
msgstr "アセット アカウント テンプレートのパスワードを変更できます"
@ -279,7 +283,7 @@ msgstr "アカウントバックアップ計画"
#: ops/models/base.py:55 ops/models/celery.py:63 ops/models/job.py:192
#: ops/templates/ops/celery_task_log.html:75
#: perms/models/asset_permission.py:72 terminal/models/applet/host.py:137
#: terminal/models/session/session.py:45
#: terminal/models/session/session.py:44
#: tickets/models/ticket/apply_application.py:30
#: tickets/models/ticket/apply_asset.py:19
msgid "Date start"
@ -479,7 +483,7 @@ msgstr "アカウントの確認"
#: applications/models.py:9 assets/models/_user.py:22
#: assets/models/asset/common.py:91 assets/models/asset/common.py:149
#: assets/models/cmd_filter.py:21 assets/models/domain.py:18
#: assets/models/group.py:20 assets/models/label.py:18
#: assets/models/group.py:17 assets/models/label.py:18
#: assets/models/platform.py:13 assets/models/platform.py:81
#: assets/serializers/asset/common.py:145 assets/serializers/platform.py:99
#: assets/serializers/platform.py:199
@ -505,7 +509,8 @@ msgstr "特権アカウント"
#: assets/models/automations/base.py:21 assets/models/cmd_filter.py:39
#: assets/models/label.py:22
#: authentication/serializers/connect_token_secret.py:114
#: terminal/models/applet/applet.py:39 users/serializers/user.py:169
#: terminal/models/applet/applet.py:39
#: terminal/models/component/endpoint.py:101 users/serializers/user.py:169
msgid "Is active"
msgstr "アクティブです。"
@ -644,7 +649,7 @@ msgstr "ID"
#: perms/api/user_permission/mixin.py:55 perms/models/asset_permission.py:58
#: perms/serializers/permission.py:30 rbac/builtin.py:122
#: rbac/models/rolebinding.py:49 terminal/backends/command/models.py:19
#: terminal/models/session/session.py:30 terminal/models/session/sharing.py:32
#: terminal/models/session/session.py:29 terminal/models/session/sharing.py:32
#: terminal/notifications.py:96 terminal/notifications.py:144
#: terminal/serializers/command.py:16 tickets/models/comment.py:21
#: users/const.py:14 users/models/user.py:947 users/models/user.py:978
@ -729,7 +734,7 @@ msgstr "自動タスク実行履歴"
#: accounts/serializers/automations/change_secret.py:155 audits/const.py:53
#: audits/models.py:59 audits/signal_handlers/activity_log.py:33
#: common/const/choices.py:18 ops/const.py:56 ops/serializers/celery.py:40
#: terminal/const.py:60 terminal/models/session/sharing.py:107
#: terminal/const.py:61 terminal/models/session/sharing.py:107
#: tickets/views/approve.py:114
msgid "Success"
msgstr "成功"
@ -825,8 +830,8 @@ msgid "Accounts"
msgstr "アカウント"
#: acls/models/command_acl.py:16 assets/models/cmd_filter.py:60
#: ops/serializers/job.py:55 terminal/const.py:68
#: terminal/models/session/session.py:43 terminal/serializers/command.py:18
#: ops/serializers/job.py:55 terminal/const.py:69
#: terminal/models/session/session.py:42 terminal/serializers/command.py:18
#: terminal/templates/terminal/_msg_command_alert.html:12
#: terminal/templates/terminal/_msg_command_execute_alert.html:10
msgid "Command"
@ -970,7 +975,7 @@ msgstr ""
"資産を直接作成することはできません。ホストまたはその他を作成する必要がありま"
"す"
#: assets/api/domain.py:60
#: assets/api/domain.py:62
msgid "Number required"
msgstr "必要な数"
@ -1106,7 +1111,7 @@ msgstr "ファイアウォール"
msgid "Other"
msgstr "その他"
#: assets/const/types.py:223
#: assets/const/types.py:222
msgid "All types"
msgstr "いろんなタイプ"
@ -1141,20 +1146,20 @@ msgid "SSH public key"
msgstr "SSHパブリックキー"
#: assets/models/_user.py:27 assets/models/cmd_filter.py:40
#: assets/models/cmd_filter.py:88 assets/models/group.py:23
#: assets/models/cmd_filter.py:88 assets/models/group.py:20
#: common/db/models.py:36 ops/models/adhoc.py:27 ops/models/job.py:111
#: ops/models/playbook.py:26 rbac/models/role.py:37 settings/models.py:38
#: terminal/models/applet/applet.py:44 terminal/models/applet/applet.py:244
#: terminal/models/applet/applet.py:44 terminal/models/applet/applet.py:248
#: terminal/models/applet/host.py:139 terminal/models/component/endpoint.py:24
#: terminal/models/component/endpoint.py:100
#: terminal/models/session/session.py:47 tickets/models/comment.py:32
#: terminal/models/session/session.py:46 tickets/models/comment.py:32
#: tickets/models/ticket/general.py:297 users/models/user.py:792
#: xpack/plugins/cloud/models.py:35 xpack/plugins/cloud/models.py:111
msgid "Comment"
msgstr "コメント"
#: assets/models/_user.py:28 assets/models/automations/base.py:114
#: assets/models/cmd_filter.py:41 assets/models/group.py:22
#: assets/models/cmd_filter.py:41 assets/models/group.py:19
#: common/db/models.py:34 ops/models/base.py:54 ops/models/job.py:191
#: users/models/user.py:979
msgid "Date created"
@ -1166,7 +1171,7 @@ msgid "Date updated"
msgstr "更新日"
#: assets/models/_user.py:30 assets/models/cmd_filter.py:44
#: assets/models/cmd_filter.py:91 assets/models/group.py:21
#: assets/models/cmd_filter.py:91 assets/models/group.py:18
#: common/db/models.py:32 users/models/user.py:799
#: users/serializers/group.py:29
msgid "Created by"
@ -1283,19 +1288,19 @@ msgstr "資産ハードウェア情報の収集"
msgid "Custom info"
msgstr "カスタム属性"
#: assets/models/asset/common.py:335
#: assets/models/asset/common.py:334
msgid "Can refresh asset hardware info"
msgstr "資産ハードウェア情報を更新できます"
#: assets/models/asset/common.py:336
#: assets/models/asset/common.py:335
msgid "Can test asset connectivity"
msgstr "資産接続をテストできます"
#: assets/models/asset/common.py:337
#: assets/models/asset/common.py:336
msgid "Can match asset"
msgstr "アセットを一致させることができます"
#: assets/models/asset/common.py:338
#: assets/models/asset/common.py:337
msgid "Can change asset nodes"
msgstr "資産ノードを変更できます"
@ -1356,7 +1361,7 @@ msgstr "アセットの自動化タスク"
#: assets/models/automations/base.py:113 audits/models.py:199
#: audits/serializers.py:49 ops/models/base.py:49 ops/models/job.py:184
#: terminal/models/applet/applet.py:243 terminal/models/applet/host.py:136
#: terminal/models/applet/applet.py:247 terminal/models/applet/host.py:136
#: terminal/models/component/status.py:30 terminal/serializers/applet.py:18
#: terminal/serializers/applet_host.py:107 tickets/models/ticket/general.py:283
#: tickets/serializers/super_ticket.py:13
@ -1419,17 +1424,17 @@ msgstr "お気に入りのアセット"
msgid "Gateway"
msgstr "ゲートウェイ"
#: assets/models/group.py:30
#: assets/models/group.py:27
msgid "Asset group"
msgstr "資産グループ"
#: assets/models/group.py:34 assets/models/platform.py:17
#: assets/models/group.py:31 assets/models/platform.py:17
#: assets/serializers/platform.py:102
#: xpack/plugins/cloud/providers/nutanix.py:30
msgid "Default"
msgstr "デフォルト"
#: assets/models/group.py:34
#: assets/models/group.py:31
msgid "Default asset group"
msgstr "デフォルトアセットグループ"
@ -1950,7 +1955,7 @@ msgid "Job audit log"
msgstr "ジョブ監査ログ"
#: audits/models.py:51 audits/models.py:95 audits/models.py:166
#: terminal/models/session/session.py:39 terminal/models/session/sharing.py:99
#: terminal/models/session/session.py:38 terminal/models/session/sharing.py:99
msgid "Remote addr"
msgstr "リモートaddr"
@ -2090,14 +2095,14 @@ msgid "Auth Token"
msgstr "認証トークン"
#: audits/signal_handlers/login_log.py:31 authentication/notifications.py:73
#: authentication/views/login.py:74 authentication/views/wecom.py:159
#: authentication/views/login.py:75 authentication/views/wecom.py:159
#: notifications/backends/__init__.py:11 settings/serializers/auth/wecom.py:10
#: users/models/user.py:706 users/models/user.py:814
msgid "WeCom"
msgstr "企業微信"
#: audits/signal_handlers/login_log.py:32 authentication/views/feishu.py:123
#: authentication/views/login.py:86 notifications/backends/__init__.py:14
#: authentication/views/login.py:87 notifications/backends/__init__.py:14
#: settings/serializers/auth/feishu.py:10
#: settings/serializers/auth/feishu.py:13 users/models/user.py:708
#: users/models/user.py:816
@ -2105,7 +2110,7 @@ msgid "FeiShu"
msgstr "本を飛ばす"
#: audits/signal_handlers/login_log.py:33 authentication/views/dingtalk.py:160
#: authentication/views/login.py:80 notifications/backends/__init__.py:12
#: authentication/views/login.py:81 notifications/backends/__init__.py:12
#: settings/serializers/auth/dingtalk.py:10 users/models/user.py:707
#: users/models/user.py:815
msgid "DingTalk"
@ -2981,23 +2986,23 @@ msgstr "本を飛ばすのバインドに成功"
msgid "Failed to get user from FeiShu"
msgstr "本を飛ばすからユーザーを取得できませんでした"
#: authentication/views/login.py:182
#: authentication/views/login.py:183
msgid "Redirecting"
msgstr "リダイレクト"
#: authentication/views/login.py:183
#: authentication/views/login.py:184
msgid "Redirecting to {} authentication"
msgstr "{} 認証へのリダイレクト"
#: authentication/views/login.py:206
#: authentication/views/login.py:207
msgid "Please enable cookies and try again."
msgstr "クッキーを有効にして、もう一度お試しください。"
#: authentication/views/login.py:247
#: authentication/views/login.py:248
msgid "User email already exists ({})"
msgstr "ユーザー メールボックスは既に存在します ({})"
#: authentication/views/login.py:325
#: authentication/views/login.py:326
msgid ""
"Wait for <b>{}</b> confirm, You also can copy link to her/him <br/>\n"
" Don't close this page"
@ -3005,15 +3010,15 @@ msgstr ""
"<b>{}</b> 確認を待ちます。彼女/彼へのリンクをコピーすることもできます <br/>\n"
" このページを閉じないでください"
#: authentication/views/login.py:330
#: authentication/views/login.py:331
msgid "No ticket found"
msgstr "チケットが見つかりません"
#: authentication/views/login.py:366
#: authentication/views/login.py:367
msgid "Logout success"
msgstr "ログアウト成功"
#: authentication/views/login.py:367
#: authentication/views/login.py:368
msgid "Logout success, return login page"
msgstr "ログアウト成功、ログインページを返す"
@ -3061,7 +3066,7 @@ msgstr "タイミングトリガー"
msgid "Ready"
msgstr "の準備を"
#: common/const/choices.py:16 terminal/const.py:59 tickets/const.py:29
#: common/const/choices.py:16 terminal/const.py:60 tickets/const.py:29
#: tickets/const.py:39
msgid "Pending"
msgstr "未定"
@ -4118,7 +4123,7 @@ msgid "My assets"
msgstr "私の資産"
#: rbac/tree.py:56 terminal/models/applet/applet.py:51
#: terminal/models/applet/applet.py:240 terminal/models/applet/host.py:28
#: terminal/models/applet/applet.py:244 terminal/models/applet/host.py:28
#: terminal/serializers/applet.py:15
msgid "Applet"
msgstr "リモートアプリケーション"
@ -5640,7 +5645,7 @@ msgstr "クリティカル"
msgid "High"
msgstr "高い"
#: terminal/const.py:32 terminal/const.py:66
#: terminal/const.py:32 terminal/const.py:67
#: users/templates/users/reset_password.html:50
msgid "Normal"
msgstr "正常"
@ -5649,19 +5654,19 @@ msgstr "正常"
msgid "Offline"
msgstr "オフライン"
#: terminal/const.py:62
#: terminal/const.py:63
msgid "Mismatch"
msgstr "一致しない"
#: terminal/const.py:67
#: terminal/const.py:68
msgid "Tunnel"
msgstr ""
#: terminal/const.py:72
#: terminal/const.py:73
msgid "Read Only"
msgstr "読み取り専用"
#: terminal/const.py:73
#: terminal/const.py:74
msgid "Writable"
msgstr "書き込み可能"
@ -5717,7 +5722,7 @@ msgstr "カスタムプラットフォームのみをサポート"
msgid "Missing type in platform.yml"
msgstr "platform.ymlにタイプがありません"
#: terminal/models/applet/applet.py:242 terminal/models/applet/host.py:34
#: terminal/models/applet/applet.py:246 terminal/models/applet/host.py:34
#: terminal/models/applet/host.py:134
msgid "Hosting"
msgstr "ホスト マシン"
@ -5786,7 +5791,7 @@ msgstr "エンドポイント"
msgid "IP group"
msgstr "IP グループ"
#: terminal/models/component/endpoint.py:103
#: terminal/models/component/endpoint.py:104
msgid "Endpoint rule"
msgstr "エンドポイントルール"
@ -5864,39 +5869,39 @@ msgstr "セッションのリプレイをアップロードできます"
msgid "Can download session replay"
msgstr "セッション再生をダウンロードできます"
#: terminal/models/session/session.py:35
#: terminal/models/session/session.py:34
msgid "Account id"
msgstr "アカウント ID"
#: terminal/models/session/session.py:37 terminal/models/session/sharing.py:104
#: terminal/models/session/session.py:36 terminal/models/session/sharing.py:104
msgid "Login from"
msgstr "ログイン元"
#: terminal/models/session/session.py:42
#: terminal/models/session/session.py:41
msgid "Replay"
msgstr "リプレイ"
#: terminal/models/session/session.py:46
#: terminal/models/session/session.py:45
msgid "Date end"
msgstr "終了日"
#: terminal/models/session/session.py:243
#: terminal/models/session/session.py:240
msgid "Session record"
msgstr "セッション記録"
#: terminal/models/session/session.py:245
#: terminal/models/session/session.py:242
msgid "Can monitor session"
msgstr "セッションを監視できます"
#: terminal/models/session/session.py:246
#: terminal/models/session/session.py:243
msgid "Can share session"
msgstr "セッションを共有できます"
#: terminal/models/session/session.py:247
#: terminal/models/session/session.py:244
msgid "Can terminate session"
msgstr "セッションを終了できます"
#: terminal/models/session/session.py:248
#: terminal/models/session/session.py:245
msgid "Can validate session action perm"
msgstr "セッションアクションのパーマを検証できます"
@ -6447,11 +6452,11 @@ msgstr "承認ステップ"
msgid "Relation snapshot"
msgstr "製造オーダスナップショット"
#: tickets/models/ticket/general.py:392
#: tickets/models/ticket/general.py:398
msgid "Please try again"
msgstr "もう一度お試しください"
#: tickets/models/ticket/general.py:461
#: tickets/models/ticket/general.py:467
msgid "Super ticket"
msgstr "スーパーチケット"

4
apps/locale/zh/LC_MESSAGES/django.mo
View File

@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:0efb248e80873f34d20f0fc3d4dd5c5a346048cb683c2b6bda3df939697fc52c
size 119261
oid sha256:1f4301cf32731559d2e5ce41c2ab00e4655931914d8ce36bde4ad831cc5ee3f9
size 119305

143
apps/locale/zh/LC_MESSAGES/django.po
View File

@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: JumpServer 0.3.3\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2023-06-15 15:35+0800\n"
"POT-Creation-Date: 2023-06-27 10:17+0800\n"
"PO-Revision-Date: 2021-05-20 10:54+0800\n"
"Last-Translator: ibuler <ibuler@qq.com>\n"
"Language-Team: JumpServer team<ibuler@qq.com>\n"
@ -61,32 +61,36 @@ msgstr "手动输入"
msgid "Dynamic user"
msgstr "同名账号"
#: accounts/const/account.py:19 users/models/user.py:699
#: accounts/const/account.py:16
msgid "Anonymous user"
msgstr "匿名用户"
#: accounts/const/account.py:20 users/models/user.py:699
msgid "Local"
msgstr "数据库"
#: accounts/const/account.py:20
#: accounts/const/account.py:21
msgid "Collected"
msgstr "收集"
#: accounts/const/account.py:21 accounts/serializers/account/account.py:27
#: accounts/const/account.py:22 accounts/serializers/account/account.py:27
#: settings/serializers/auth/sms.py:75
msgid "Template"
msgstr "模板"
#: accounts/const/account.py:25 ops/const.py:45
#: accounts/const/account.py:26 ops/const.py:45
msgid "Skip"
msgstr "跳过"
#: accounts/const/account.py:26 audits/const.py:24 rbac/tree.py:229
#: accounts/const/account.py:27 audits/const.py:24 rbac/tree.py:229
#: templates/_csv_import_export.html:18 templates/_csv_update_modal.html:6
msgid "Update"
msgstr "更新"
#: accounts/const/account.py:27
#: accounts/const/account.py:28
#: accounts/serializers/automations/change_secret.py:156 audits/const.py:54
#: audits/signal_handlers/activity_log.py:33 common/const/choices.py:19
#: ops/const.py:58 terminal/const.py:61 xpack/plugins/cloud/const.py:41
#: ops/const.py:58 terminal/const.py:62 xpack/plugins/cloud/const.py:41
msgid "Failed"
msgstr "失败"
@ -186,17 +190,17 @@ msgstr "仅创建"
#: accounts/serializers/automations/change_secret.py:112
#: accounts/serializers/automations/change_secret.py:132
#: acls/serializers/base.py:118 assets/models/asset/common.py:93
#: assets/models/asset/common.py:332 assets/models/cmd_filter.py:36
#: assets/models/asset/common.py:331 assets/models/cmd_filter.py:36
#: assets/serializers/domain.py:19 assets/serializers/label.py:27
#: audits/models.py:53 authentication/models/connection_token.py:35
#: perms/models/asset_permission.py:64 perms/serializers/permission.py:34
#: terminal/backends/command/models.py:20 terminal/models/session/session.py:32
#: terminal/backends/command/models.py:20 terminal/models/session/session.py:31
#: terminal/notifications.py:95 terminal/serializers/command.py:17
#: tickets/models/ticket/apply_asset.py:16 xpack/plugins/cloud/models.py:212
msgid "Asset"
msgstr "资产"
#: accounts/models/account.py:53 accounts/models/account.py:113
#: accounts/models/account.py:53 accounts/models/account.py:117
#: accounts/serializers/account/account.py:208
#: accounts/serializers/account/account.py:247
#: accounts/serializers/account/template.py:16
@ -224,7 +228,7 @@ msgstr "来源 ID"
#: acls/serializers/base.py:119 assets/serializers/asset/common.py:125
#: assets/serializers/gateway.py:28 audits/models.py:54 ops/models/base.py:18
#: perms/models/asset_permission.py:70 perms/serializers/permission.py:39
#: terminal/backends/command/models.py:21 terminal/models/session/session.py:34
#: terminal/backends/command/models.py:21 terminal/models/session/session.py:33
#: tickets/models/ticket/command_confirm.py:13 xpack/plugins/cloud/models.py:85
msgid "Account"
msgstr "账号"
@ -249,15 +253,15 @@ msgstr "可以验证账号"
msgid "Can push account"
msgstr "可以推送账号"
#: accounts/models/account.py:117
#: accounts/models/account.py:121
msgid "Account template"
msgstr "账号模版"
#: accounts/models/account.py:122
#: accounts/models/account.py:126
msgid "Can view asset account template secret"
msgstr "可以查看资产账号模版密码"
#: accounts/models/account.py:123
#: accounts/models/account.py:127
msgid "Can change asset account template secret"
msgstr "可以更改资产账号模版密码"
@ -278,7 +282,7 @@ msgstr "账号备份计划"
#: ops/models/base.py:55 ops/models/celery.py:63 ops/models/job.py:192
#: ops/templates/ops/celery_task_log.html:75
#: perms/models/asset_permission.py:72 terminal/models/applet/host.py:137
#: terminal/models/session/session.py:45
#: terminal/models/session/session.py:44
#: tickets/models/ticket/apply_application.py:30
#: tickets/models/ticket/apply_asset.py:19
msgid "Date start"
@ -478,7 +482,7 @@ msgstr "账号验证"
#: applications/models.py:9 assets/models/_user.py:22
#: assets/models/asset/common.py:91 assets/models/asset/common.py:149
#: assets/models/cmd_filter.py:21 assets/models/domain.py:18
#: assets/models/group.py:20 assets/models/label.py:18
#: assets/models/group.py:17 assets/models/label.py:18
#: assets/models/platform.py:13 assets/models/platform.py:81
#: assets/serializers/asset/common.py:145 assets/serializers/platform.py:99
#: assets/serializers/platform.py:199
@ -504,7 +508,8 @@ msgstr "特权账号"
#: assets/models/automations/base.py:21 assets/models/cmd_filter.py:39
#: assets/models/label.py:22
#: authentication/serializers/connect_token_secret.py:114
#: terminal/models/applet/applet.py:39 users/serializers/user.py:169
#: terminal/models/applet/applet.py:39
#: terminal/models/component/endpoint.py:101 users/serializers/user.py:169
msgid "Is active"
msgstr "激活"
@ -640,7 +645,7 @@ msgstr "ID"
#: perms/api/user_permission/mixin.py:55 perms/models/asset_permission.py:58
#: perms/serializers/permission.py:30 rbac/builtin.py:122
#: rbac/models/rolebinding.py:49 terminal/backends/command/models.py:19
#: terminal/models/session/session.py:30 terminal/models/session/sharing.py:32
#: terminal/models/session/session.py:29 terminal/models/session/sharing.py:32
#: terminal/notifications.py:96 terminal/notifications.py:144
#: terminal/serializers/command.py:16 tickets/models/comment.py:21
#: users/const.py:14 users/models/user.py:947 users/models/user.py:978
@ -725,7 +730,7 @@ msgstr "自动化任务执行历史"
#: accounts/serializers/automations/change_secret.py:155 audits/const.py:53
#: audits/models.py:59 audits/signal_handlers/activity_log.py:33
#: common/const/choices.py:18 ops/const.py:56 ops/serializers/celery.py:40
#: terminal/const.py:60 terminal/models/session/sharing.py:107
#: terminal/const.py:61 terminal/models/session/sharing.py:107
#: tickets/views/approve.py:114
msgid "Success"
msgstr "成功"
@ -821,8 +826,8 @@ msgid "Accounts"
msgstr "账号管理"
#: acls/models/command_acl.py:16 assets/models/cmd_filter.py:60
#: ops/serializers/job.py:55 terminal/const.py:68
#: terminal/models/session/session.py:43 terminal/serializers/command.py:18
#: ops/serializers/job.py:55 terminal/const.py:69
#: terminal/models/session/session.py:42 terminal/serializers/command.py:18
#: terminal/templates/terminal/_msg_command_alert.html:12
#: terminal/templates/terminal/_msg_command_execute_alert.html:10
msgid "Command"
@ -963,7 +968,7 @@ msgstr "匹配应用"
msgid "Cannot create asset directly, you should create a host or other"
msgstr "不能直接创建资产, 你应该创建主机或其他资产"
#: assets/api/domain.py:60
#: assets/api/domain.py:62
msgid "Number required"
msgstr "需要为数字"
@ -1099,7 +1104,7 @@ msgstr "防火墙"
msgid "Other"
msgstr "其它"
#: assets/const/types.py:223
#: assets/const/types.py:222
msgid "All types"
msgstr "所有类型"
@ -1134,20 +1139,20 @@ msgid "SSH public key"
msgstr "SSH公钥"
#: assets/models/_user.py:27 assets/models/cmd_filter.py:40
#: assets/models/cmd_filter.py:88 assets/models/group.py:23
#: assets/models/cmd_filter.py:88 assets/models/group.py:20
#: common/db/models.py:36 ops/models/adhoc.py:27 ops/models/job.py:111
#: ops/models/playbook.py:26 rbac/models/role.py:37 settings/models.py:38
#: terminal/models/applet/applet.py:44 terminal/models/applet/applet.py:244
#: terminal/models/applet/applet.py:44 terminal/models/applet/applet.py:248
#: terminal/models/applet/host.py:139 terminal/models/component/endpoint.py:24
#: terminal/models/component/endpoint.py:100
#: terminal/models/session/session.py:47 tickets/models/comment.py:32
#: terminal/models/session/session.py:46 tickets/models/comment.py:32
#: tickets/models/ticket/general.py:297 users/models/user.py:792
#: xpack/plugins/cloud/models.py:35 xpack/plugins/cloud/models.py:111
msgid "Comment"
msgstr "备注"
#: assets/models/_user.py:28 assets/models/automations/base.py:114
#: assets/models/cmd_filter.py:41 assets/models/group.py:22
#: assets/models/cmd_filter.py:41 assets/models/group.py:19
#: common/db/models.py:34 ops/models/base.py:54 ops/models/job.py:191
#: users/models/user.py:979
msgid "Date created"
@ -1159,7 +1164,7 @@ msgid "Date updated"
msgstr "更新日期"
#: assets/models/_user.py:30 assets/models/cmd_filter.py:44
#: assets/models/cmd_filter.py:91 assets/models/group.py:21
#: assets/models/cmd_filter.py:91 assets/models/group.py:18
#: common/db/models.py:32 users/models/user.py:799
#: users/serializers/group.py:29
msgid "Created by"
@ -1276,19 +1281,19 @@ msgstr "收集资产硬件信息"
msgid "Custom info"
msgstr "自定义属性"
#: assets/models/asset/common.py:335
#: assets/models/asset/common.py:334
msgid "Can refresh asset hardware info"
msgstr "可以更新资产硬件信息"
#: assets/models/asset/common.py:336
#: assets/models/asset/common.py:335
msgid "Can test asset connectivity"
msgstr "可以测试资产连接性"
#: assets/models/asset/common.py:337
#: assets/models/asset/common.py:336
msgid "Can match asset"
msgstr "可以匹配资产"
#: assets/models/asset/common.py:338
#: assets/models/asset/common.py:337
msgid "Can change asset nodes"
msgstr "可以修改资产节点"
@ -1349,7 +1354,7 @@ msgstr "资产自动化任务"
#: assets/models/automations/base.py:113 audits/models.py:199
#: audits/serializers.py:49 ops/models/base.py:49 ops/models/job.py:184
#: terminal/models/applet/applet.py:243 terminal/models/applet/host.py:136
#: terminal/models/applet/applet.py:247 terminal/models/applet/host.py:136
#: terminal/models/component/status.py:30 terminal/serializers/applet.py:18
#: terminal/serializers/applet_host.py:107 tickets/models/ticket/general.py:283
#: tickets/serializers/super_ticket.py:13
@ -1412,17 +1417,17 @@ msgstr "收藏的资产"
msgid "Gateway"
msgstr "网关"
#: assets/models/group.py:30
#: assets/models/group.py:27
msgid "Asset group"
msgstr "资产组"
#: assets/models/group.py:34 assets/models/platform.py:17
#: assets/models/group.py:31 assets/models/platform.py:17
#: assets/serializers/platform.py:102
#: xpack/plugins/cloud/providers/nutanix.py:30
msgid "Default"
msgstr "默认"
#: assets/models/group.py:34
#: assets/models/group.py:31
msgid "Default asset group"
msgstr "默认资产组"
@ -1939,7 +1944,7 @@ msgid "Job audit log"
msgstr "作业审计日志"
#: audits/models.py:51 audits/models.py:95 audits/models.py:166
#: terminal/models/session/session.py:39 terminal/models/session/sharing.py:99
#: terminal/models/session/session.py:38 terminal/models/session/sharing.py:99
msgid "Remote addr"
msgstr "远端地址"
@ -2079,14 +2084,14 @@ msgid "Auth Token"
msgstr "认证令牌"
#: audits/signal_handlers/login_log.py:31 authentication/notifications.py:73
#: authentication/views/login.py:74 authentication/views/wecom.py:159
#: authentication/views/login.py:75 authentication/views/wecom.py:159
#: notifications/backends/__init__.py:11 settings/serializers/auth/wecom.py:10
#: users/models/user.py:706 users/models/user.py:814
msgid "WeCom"
msgstr "企业微信"
#: audits/signal_handlers/login_log.py:32 authentication/views/feishu.py:123
#: authentication/views/login.py:86 notifications/backends/__init__.py:14
#: authentication/views/login.py:87 notifications/backends/__init__.py:14
#: settings/serializers/auth/feishu.py:10
#: settings/serializers/auth/feishu.py:13 users/models/user.py:708
#: users/models/user.py:816
@ -2094,7 +2099,7 @@ msgid "FeiShu"
msgstr "飞书"
#: audits/signal_handlers/login_log.py:33 authentication/views/dingtalk.py:160
#: authentication/views/login.py:80 notifications/backends/__init__.py:12
#: authentication/views/login.py:81 notifications/backends/__init__.py:12
#: settings/serializers/auth/dingtalk.py:10 users/models/user.py:707
#: users/models/user.py:815
msgid "DingTalk"
@ -2946,23 +2951,23 @@ msgstr "绑定 飞书 成功"
msgid "Failed to get user from FeiShu"
msgstr "从飞书获取用户失败"
#: authentication/views/login.py:182
#: authentication/views/login.py:183
msgid "Redirecting"
msgstr "跳转中"
#: authentication/views/login.py:183
#: authentication/views/login.py:184
msgid "Redirecting to {} authentication"
msgstr "正在跳转到 {} 认证"
#: authentication/views/login.py:206
#: authentication/views/login.py:207
msgid "Please enable cookies and try again."
msgstr "设置你的浏览器支持cookie"
#: authentication/views/login.py:247
#: authentication/views/login.py:248
msgid "User email already exists ({})"
msgstr "用户邮箱已存在 ({})"
#: authentication/views/login.py:325
#: authentication/views/login.py:326
msgid ""
"Wait for <b>{}</b> confirm, You also can copy link to her/him <br/>\n"
" Don't close this page"
@ -2970,15 +2975,15 @@ msgstr ""
"等待 <b>{}</b> 确认, 你也可以复制链接发给他/她 <br/>\n"
" 不要关闭本页面"
#: authentication/views/login.py:330
#: authentication/views/login.py:331
msgid "No ticket found"
msgstr "没有发现工单"
#: authentication/views/login.py:366
#: authentication/views/login.py:367
msgid "Logout success"
msgstr "退出登录成功"
#: authentication/views/login.py:367
#: authentication/views/login.py:368
msgid "Logout success, return login page"
msgstr "退出登录成功,返回到登录页面"
@ -3026,7 +3031,7 @@ msgstr "定时触发"
msgid "Ready"
msgstr "准备"
#: common/const/choices.py:16 terminal/const.py:59 tickets/const.py:29
#: common/const/choices.py:16 terminal/const.py:60 tickets/const.py:29
#: tickets/const.py:39
msgid "Pending"
msgstr "待定的"
@ -4074,7 +4079,7 @@ msgid "My assets"
msgstr "我的资产"
#: rbac/tree.py:56 terminal/models/applet/applet.py:51
#: terminal/models/applet/applet.py:240 terminal/models/applet/host.py:28
#: terminal/models/applet/applet.py:244 terminal/models/applet/host.py:28
#: terminal/serializers/applet.py:15
msgid "Applet"
msgstr "远程应用"
@ -5558,7 +5563,7 @@ msgstr "严重"
msgid "High"
msgstr "较高"
#: terminal/const.py:32 terminal/const.py:66
#: terminal/const.py:32 terminal/const.py:67
#: users/templates/users/reset_password.html:50
msgid "Normal"
msgstr "正常"
@ -5567,19 +5572,19 @@ msgstr "正常"
msgid "Offline"
msgstr "离线"
#: terminal/const.py:62
#: terminal/const.py:63
msgid "Mismatch"
msgstr "未匹配"
#: terminal/const.py:67
#: terminal/const.py:68
msgid "Tunnel"
msgstr "隧道"
#: terminal/const.py:72
#: terminal/const.py:73
msgid "Read Only"
msgstr "只读"
#: terminal/const.py:73
#: terminal/const.py:74
msgid "Writable"
msgstr "读写"
@ -5635,7 +5640,7 @@ msgstr "只支持自定义平台"
msgid "Missing type in platform.yml"
msgstr "在 platform.yml 中缺少类型"
#: terminal/models/applet/applet.py:242 terminal/models/applet/host.py:34
#: terminal/models/applet/applet.py:246 terminal/models/applet/host.py:34
#: terminal/models/applet/host.py:134
msgid "Hosting"
msgstr "宿主机"
@ -5704,7 +5709,7 @@ msgstr "端点"
msgid "IP group"
msgstr "IP 组"
#: terminal/models/component/endpoint.py:103
#: terminal/models/component/endpoint.py:104
msgid "Endpoint rule"
msgstr "端点规则"
@ -5782,39 +5787,39 @@ msgstr "可以上传会话录像"
msgid "Can download session replay"
msgstr "可以下载会话录像"
#: terminal/models/session/session.py:35
#: terminal/models/session/session.py:34
msgid "Account id"
msgstr "账号 ID"
#: terminal/models/session/session.py:37 terminal/models/session/sharing.py:104
#: terminal/models/session/session.py:36 terminal/models/session/sharing.py:104
msgid "Login from"
msgstr "登录来源"
#: terminal/models/session/session.py:42
#: terminal/models/session/session.py:41
msgid "Replay"
msgstr "回放"
#: terminal/models/session/session.py:46
#: terminal/models/session/session.py:45
msgid "Date end"
msgstr "结束日期"
#: terminal/models/session/session.py:243
#: terminal/models/session/session.py:240
msgid "Session record"
msgstr "会话记录"
#: terminal/models/session/session.py:245
#: terminal/models/session/session.py:242
msgid "Can monitor session"
msgstr "可以监控会话"
#: terminal/models/session/session.py:246
#: terminal/models/session/session.py:243
msgid "Can share session"
msgstr "可以分享会话"
#: terminal/models/session/session.py:247
#: terminal/models/session/session.py:244
msgid "Can terminate session"
msgstr "可以终断会话"
#: terminal/models/session/session.py:248
#: terminal/models/session/session.py:245
msgid "Can validate session action perm"
msgstr "可以验证会话动作权限"
@ -6356,11 +6361,11 @@ msgstr "审批步骤"
msgid "Relation snapshot"
msgstr "工单快照"
#: tickets/models/ticket/general.py:392
#: tickets/models/ticket/general.py:398
msgid "Please try again"
msgstr "请再次尝试"
#: tickets/models/ticket/general.py:461
#: tickets/models/ticket/general.py:467
msgid "Super ticket"
msgstr "超级工单"

19
apps/perms/utils/account.py
View File

@ -1,8 +1,8 @@
from collections import defaultdict
from orgs.utils import tmp_to_org
from accounts.models import Account
from accounts.const import AliasAccount
from accounts.models import Account
from orgs.utils import tmp_to_org
from .permission import AssetPermissionUtil
__all__ = ['PermAccountUtil']
@ -31,14 +31,14 @@ class PermAccountUtil(AssetPermissionUtil):
@staticmethod
def get_permed_accounts_from_perms(perms, user, asset):
# alias: is a collection of account usernames and special accounts [@ALL, @INPUT, @USER]
# alias: is a collection of account usernames and special accounts [@ALL, @INPUT, @USER, @ANON]
alias_action_bit_mapper = defaultdict(int)
alias_expired_mapper = defaultdict(list)
alias_date_expired_mapper = defaultdict(list)
for perm in perms:
for alias in perm.accounts:
alias_action_bit_mapper[alias] |= perm.actions
alias_expired_mapper[alias].append(perm.date_expired)
alias_date_expired_mapper[alias].append(perm.date_expired)
asset_accounts = asset.accounts.all().active()
username_account_mapper = {account.username: account for account in asset_accounts}
@ -52,7 +52,7 @@ class PermAccountUtil(AssetPermissionUtil):
for account in asset_accounts:
cleaned_accounts_action_bit[account] |= all_action_bit
cleaned_accounts_expired[account].extend(
alias_expired_mapper[AliasAccount.ALL]
alias_date_expired_mapper[AliasAccount.ALL]
)
for alias, action_bit in alias_action_bit_mapper.items():
@ -63,6 +63,10 @@ class PermAccountUtil(AssetPermissionUtil):
account = Account.get_user_account()
elif alias == AliasAccount.INPUT:
account = Account.get_manual_account()
elif alias == AliasAccount.ANON:
account = Account.get_anonymous_account()
elif alias.startswith('@'):
continue
elif alias in username_account_mapper:
account = username_account_mapper[alias]
else:
@ -70,11 +74,12 @@ class PermAccountUtil(AssetPermissionUtil):
if account:
cleaned_accounts_action_bit[account] |= action_bit
cleaned_accounts_expired[account].extend(alias_expired_mapper[alias])
cleaned_accounts_expired[account].extend(alias_date_expired_mapper[alias])
accounts = []
for account, action_bit in cleaned_accounts_action_bit.items():
account.actions = action_bit
account.date_expired = max(cleaned_accounts_expired[account])
accounts.append(account)
print("Accounts: ", accounts)
return accounts