From 930eb1d2e145589ea655b4048b08ce2e13711d17 Mon Sep 17 00:00:00 2001 From: ibuler Date: Tue, 2 Jul 2019 16:45:26 +0800 Subject: [PATCH] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=AD=A3migrations?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/forms/cmd_filter.py | 12 ++ apps/assets/serializers/cmd_filter.py | 9 + apps/locale/zh/LC_MESSAGES/django.po | 177 +++++++++--------- apps/perms/api/asset_permission.py | 2 +- apps/perms/api/user_permission.py | 4 +- apps/perms/const.py | 22 +-- apps/perms/forms/asset_permission.py | 10 +- apps/perms/migrations/0003_action.py | 9 - .../0004_assetpermission_actions.py | 13 -- .../migrations/0006_auto_20190628_1921.py | 13 +- .../0007_remove_assetpermission_actions.py | 1 + apps/perms/models/asset_permission.py | 27 +-- apps/perms/serializers/asset_permission.py | 10 +- apps/perms/signals_handler.py | 2 +- apps/perms/utils/asset_permission.py | 4 +- apps/perms/views/asset_permission.py | 5 +- 16 files changed, 141 insertions(+), 179 deletions(-) diff --git a/apps/assets/forms/cmd_filter.py b/apps/assets/forms/cmd_filter.py index 6cb35e631..308a008d0 100644 --- a/apps/assets/forms/cmd_filter.py +++ b/apps/assets/forms/cmd_filter.py @@ -1,6 +1,8 @@ # -*- coding: utf-8 -*- # from django import forms +from django.core.exceptions import ValidationError +import re from orgs.mixins import OrgModelForm from ..models import CommandFilter, CommandFilterRule @@ -15,6 +17,8 @@ class CommandFilterForm(OrgModelForm): class CommandFilterRuleForm(OrgModelForm): + invalid_pattern = re.compile(r'[\.\*\+\[\\\?\{\}\^\$\|\(\)\#\<\>]') + class Meta: model = CommandFilterRule fields = [ @@ -25,3 +29,11 @@ class CommandFilterRuleForm(OrgModelForm): 'placeholder': 'eg:\r\nreboot\r\nrm -rf' }), } + + def clean_content(self): + content = self.cleaned_data.get("content") + if self.invalid_pattern.search(content): + invalid_char = self.invalid_pattern.pattern.replace('\\', '') + msg = _("Content should not be contain: {}").format(invalid_char) + raise ValidationError(msg) + return content diff --git a/apps/assets/serializers/cmd_filter.py b/apps/assets/serializers/cmd_filter.py index b523a1779..e5ab62037 100644 --- a/apps/assets/serializers/cmd_filter.py +++ b/apps/assets/serializers/cmd_filter.py @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- # +import re from rest_framework import serializers from common.fields import ChoiceDisplayField @@ -20,8 +21,16 @@ class CommandFilterSerializer(BulkOrgResourceModelSerializer): class CommandFilterRuleSerializer(BulkOrgResourceModelSerializer): serializer_choice_field = ChoiceDisplayField + invalid_pattern = re.compile(r'[\.\*\+\[\\\?\{\}\^\$\|\(\)\#\<\>]') class Meta: model = CommandFilterRule fields = '__all__' list_serializer_class = AdaptedBulkListSerializer + + def validate_content(self, content): + if self.invalid_pattern.search(content): + invalid_char = self.invalid_pattern.pattern.replace('\\', '') + msg = _("Content should not be contain: {}").format(invalid_char) + raise serializers.ValidationError(msg) + return content diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index 3f803b786..056de6126 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: Jumpserver 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2019-06-28 20:08+0800\n" +"POT-Creation-Date: 2019-07-02 14:47+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: ibuler \n" "Language-Team: Jumpserver team\n" @@ -86,7 +86,7 @@ msgstr "运行参数" #: assets/templates/assets/system_user_list.html:55 audits/models.py:19 #: audits/templates/audits/ftp_log_list.html:41 #: audits/templates/audits/ftp_log_list.html:71 -#: perms/forms/asset_permission.py:47 perms/models/asset_permission.py:53 +#: perms/forms/asset_permission.py:68 perms/models/asset_permission.py:85 #: perms/templates/perms/asset_permission_create_update.html:45 #: perms/templates/perms/asset_permission_list.html:48 #: perms/templates/perms/asset_permission_list.html:117 @@ -115,8 +115,8 @@ msgstr "资产" #: assets/models/user.py:160 assets/templates/assets/user_asset_list.html:172 #: audits/models.py:20 audits/templates/audits/ftp_log_list.html:49 #: audits/templates/audits/ftp_log_list.html:72 -#: perms/forms/asset_permission.py:53 perms/models/asset_permission.py:55 -#: perms/models/asset_permission.py:76 +#: perms/forms/asset_permission.py:74 perms/models/asset_permission.py:87 +#: perms/models/asset_permission.py:104 #: perms/templates/perms/asset_permission_detail.html:140 #: perms/templates/perms/asset_permission_list.html:50 #: perms/templates/perms/asset_permission_list.html:71 @@ -149,7 +149,7 @@ msgstr "系统用户" #: assets/templates/assets/system_user_detail.html:58 #: assets/templates/assets/system_user_list.html:51 ops/models/adhoc.py:37 #: ops/templates/ops/task_detail.html:60 ops/templates/ops/task_list.html:27 -#: orgs/models.py:11 perms/models/asset_permission.py:22 +#: orgs/models.py:11 perms/models/asset_permission.py:23 #: perms/models/base.py:35 #: perms/templates/perms/asset_permission_detail.html:62 #: perms/templates/perms/asset_permission_list.html:45 @@ -215,10 +215,10 @@ msgstr "参数" #: assets/templates/assets/domain_detail.html:72 #: assets/templates/assets/system_user_detail.html:100 #: ops/templates/ops/adhoc_detail.html:86 orgs/models.py:14 -#: perms/models/asset_permission.py:79 perms/models/base.py:41 +#: perms/models/asset_permission.py:107 perms/models/base.py:41 #: perms/templates/perms/asset_permission_detail.html:98 #: perms/templates/perms/remote_app_permission_detail.html:90 -#: users/models/user.py:105 users/serializers/v1.py:99 +#: users/models/user.py:105 users/serializers/v1.py:107 #: users/templates/users/user_detail.html:111 #: xpack/plugins/change_auth_plan/models.py:106 #: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:113 @@ -238,7 +238,7 @@ msgstr "创建者" #: assets/templates/assets/domain_detail.html:68 #: assets/templates/assets/system_user_detail.html:96 #: ops/templates/ops/adhoc_detail.html:90 ops/templates/ops/task_detail.html:64 -#: orgs/models.py:15 perms/models/asset_permission.py:80 +#: orgs/models.py:15 perms/models/asset_permission.py:108 #: perms/models/base.py:42 #: perms/templates/perms/asset_permission_detail.html:94 #: perms/templates/perms/remote_app_permission_detail.html:86 @@ -274,7 +274,7 @@ msgstr "创建日期" #: assets/templates/assets/system_user_detail.html:104 #: assets/templates/assets/system_user_list.html:59 #: assets/templates/assets/user_asset_list.html:175 ops/models/adhoc.py:43 -#: orgs/models.py:16 perms/models/asset_permission.py:81 +#: orgs/models.py:16 perms/models/asset_permission.py:109 #: perms/models/base.py:43 #: perms/templates/perms/asset_permission_detail.html:102 #: perms/templates/perms/remote_app_permission_detail.html:94 @@ -440,7 +440,6 @@ msgstr "详情" #: users/templates/users/user_group_list.html:20 #: users/templates/users/user_group_list.html:70 #: users/templates/users/user_list.html:20 -#: users/templates/users/user_list.html:96 #: users/templates/users/user_list.html:99 #: users/templates/users/user_profile.html:177 #: users/templates/users/user_profile.html:187 @@ -481,7 +480,6 @@ msgstr "更新" #: users/templates/users/user_detail.html:30 #: users/templates/users/user_group_detail.html:32 #: users/templates/users/user_group_list.html:72 -#: users/templates/users/user_list.html:104 #: users/templates/users/user_list.html:108 #: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:33 #: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_list.html:57 @@ -529,8 +527,7 @@ msgstr "创建远程应用" #: audits/templates/audits/operate_log_list.html:67 #: ops/templates/ops/adhoc_history.html:59 ops/templates/ops/task_adhoc.html:64 #: ops/templates/ops/task_history.html:65 ops/templates/ops/task_list.html:34 -#: perms/forms/asset_permission.py:56 perms/models/asset_permission.py:26 -#: perms/models/asset_permission.py:57 +#: perms/forms/asset_permission.py:21 perms/models/asset_permission.py:27 #: perms/templates/perms/asset_permission_create_update.html:50 #: perms/templates/perms/asset_permission_list.html:52 #: perms/templates/perms/asset_permission_list.html:126 @@ -552,7 +549,7 @@ msgstr "动作" #: applications/templates/applications/user_remote_app_list.html:57 #: assets/templates/assets/user_asset_list.html:100 perms/const.py:19 -#: perms/models/asset_permission.py:45 +#: perms/models/asset_permission.py:46 msgid "Connect" msgstr "连接" @@ -591,11 +588,11 @@ msgstr "请选择需要更新的资产" msgid "You can't update the root node name" msgstr "不能修改根节点名称" -#: assets/api/node.py:281 +#: assets/api/node.py:283 msgid "Update node asset hardware information: {}" msgstr "更新节点资产硬件信息: {}" -#: assets/api/node.py:295 +#: assets/api/node.py:297 msgid "Test if the assets under the node are connectable: {}" msgstr "测试节点下资产是否可连接: {}" @@ -622,7 +619,7 @@ msgstr "未知" #: assets/templates/assets/asset_detail.html:194 #: assets/templates/assets/asset_detail.html:202 #: assets/templates/assets/system_user_assets.html:83 -#: perms/models/asset_permission.py:54 +#: perms/models/asset_permission.py:86 #: xpack/plugins/change_auth_plan/models.py:72 msgid "Nodes" msgstr "节点" @@ -656,8 +653,8 @@ msgstr "网域" #: assets/forms/asset.py:64 assets/forms/asset.py:86 assets/forms/asset.py:99 #: assets/forms/asset.py:134 assets/models/node.py:248 #: assets/templates/assets/asset_create.html:42 -#: perms/forms/asset_permission.py:50 perms/forms/asset_permission.py:60 -#: perms/models/asset_permission.py:74 +#: perms/forms/asset_permission.py:71 perms/forms/asset_permission.py:79 +#: perms/models/asset_permission.py:102 #: perms/templates/perms/asset_permission_list.html:49 #: perms/templates/perms/asset_permission_list.html:70 #: perms/templates/perms/asset_permission_list.html:120 @@ -695,6 +692,10 @@ msgstr "如果有多个的互相隔离的网络,设置资产属于的网域, msgid "Select assets" msgstr "选择资产" +#: assets/forms/cmd_filter.py:37 assets/serializers/cmd_filter.py:34 +msgid "Content should not be contain: {}" +msgstr "内容不能包含: {}" + #: assets/forms/domain.py:51 msgid "Password should not contain special characters" msgstr "不能包含特殊字符" @@ -1000,7 +1001,7 @@ msgid "Operator" msgstr "运营商" #: assets/models/cluster.py:36 assets/models/group.py:34 -#: perms/utils/asset_permission.py:67 +#: perms/utils/asset_permission.py:106 msgid "Default" msgstr "默认" @@ -1112,7 +1113,7 @@ msgstr "默认资产组" #: audits/templates/audits/password_change_log_list.html:50 #: ops/templates/ops/command_execution_list.html:35 #: ops/templates/ops/command_execution_list.html:60 -#: perms/forms/asset_permission.py:41 perms/forms/remote_app_permission.py:31 +#: perms/forms/asset_permission.py:62 perms/forms/remote_app_permission.py:31 #: perms/models/base.py:36 #: perms/templates/perms/asset_permission_create_update.html:41 #: perms/templates/perms/asset_permission_list.html:46 @@ -1124,9 +1125,9 @@ msgstr "默认资产组" #: terminal/templates/terminal/command_list.html:72 #: terminal/templates/terminal/session_list.html:33 #: terminal/templates/terminal/session_list.html:71 users/forms.py:301 -#: users/models/user.py:38 users/models/user.py:431 users/serializers/v1.py:88 +#: users/models/user.py:38 users/models/user.py:431 users/serializers/v1.py:96 #: users/templates/users/user_group_detail.html:78 -#: users/templates/users/user_group_list.html:36 users/views/user.py:407 +#: users/templates/users/user_group_list.html:36 users/views/user.py:264 #: xpack/plugins/orgs/forms.py:26 #: xpack/plugins/orgs/templates/orgs/org_detail.html:113 #: xpack/plugins/orgs/templates/orgs/org_list.html:14 @@ -1205,26 +1206,25 @@ msgstr "登录模式" msgid "%(value)s is not an even number" msgstr "%(value)s is not an even number" -#: assets/serializers/admin_user.py:36 assets/serializers/asset.py:47 +#: assets/serializers/admin_user.py:36 assets/serializers/asset.py:46 #: assets/serializers/asset_user.py:30 assets/serializers/system_user.py:30 #: assets/templates/assets/_asset_user_list.html:18 msgid "Connectivity" msgstr "连接" -#: assets/serializers/asset.py:45 assets/serializers/asset.py:155 -#: assets/templates/assets/asset_create.html:24 +#: assets/serializers/asset.py:44 assets/templates/assets/asset_create.html:24 msgid "Protocols" msgstr "协议组" -#: assets/serializers/asset.py:73 +#: assets/serializers/asset.py:72 msgid "Hardware info" msgstr "硬件信息" -#: assets/serializers/asset.py:74 orgs/mixins.py:192 +#: assets/serializers/asset.py:73 orgs/mixins.py:192 msgid "Org name" msgstr "组织名称" -#: assets/serializers/asset.py:92 +#: assets/serializers/asset.py:91 msgid "Protocol duplicate: {}" msgstr "协议重复: {}" @@ -1710,7 +1710,7 @@ msgstr "创建日期" #: assets/templates/assets/asset_detail.html:154 #: assets/templates/assets/user_asset_list.html:46 -#: perms/models/asset_permission.py:77 perms/models/base.py:38 +#: perms/models/asset_permission.py:105 perms/models/base.py:38 #: perms/templates/perms/asset_permission_create_update.html:55 #: perms/templates/perms/asset_permission_detail.html:120 #: perms/templates/perms/remote_app_permission_create_update.html:54 @@ -2056,10 +2056,6 @@ msgstr "批量更新资产" msgid "Update asset" msgstr "更新资产" -#: assets/views/asset.py:347 -msgid "already exists" -msgstr "已经存在" - #: assets/views/cmd_filter.py:32 msgid "Command filter list" msgstr "命令过滤器列表" @@ -2557,8 +2553,8 @@ msgstr "欢迎回来,请输入用户名和密码登录" msgid "Please enable cookies and try again." msgstr "设置你的浏览器支持cookie" -#: authentication/views/login.py:172 users/views/user.py:555 -#: users/views/user.py:580 +#: authentication/views/login.py:172 users/views/user.py:412 +#: users/views/user.py:437 msgid "MFA code invalid, or ntp sync server time" msgstr "MFA验证码不正确,或者服务器端时间不对" @@ -3000,11 +2996,11 @@ msgstr "命令执行" msgid "Organization" msgstr "组织" -#: perms/const.py:18 perms/models/asset_permission.py:44 settings/forms.py:143 +#: perms/const.py:18 perms/models/asset_permission.py:45 settings/forms.py:143 msgid "All" msgstr "全部" -#: perms/const.py:20 perms/models/asset_permission.py:46 +#: perms/const.py:20 perms/models/asset_permission.py:47 msgid "Upload file" msgstr "上传文件" @@ -3012,8 +3008,8 @@ msgstr "上传文件" msgid "Download file" msgstr "下载文件" -#: perms/forms/asset_permission.py:44 perms/forms/remote_app_permission.py:34 -#: perms/models/asset_permission.py:75 perms/models/base.py:37 +#: perms/forms/asset_permission.py:65 perms/forms/remote_app_permission.py:34 +#: perms/models/asset_permission.py:103 perms/models/base.py:37 #: perms/templates/perms/asset_permission_list.html:47 #: perms/templates/perms/asset_permission_list.html:67 #: perms/templates/perms/asset_permission_list.html:114 @@ -3026,30 +3022,34 @@ msgstr "下载文件" msgid "User group" msgstr "用户组" -#: perms/forms/asset_permission.py:63 +#: perms/forms/asset_permission.py:82 msgid "" "Tips: The RDP protocol does not support separate controls for uploading or " "downloading files" msgstr "提示:RDP 协议不支持单独控制上传或下载文件" -#: perms/forms/asset_permission.py:73 perms/forms/remote_app_permission.py:47 +#: perms/forms/asset_permission.py:92 perms/forms/remote_app_permission.py:47 msgid "User or group at least one required" msgstr "用户和用户组至少选一个" -#: perms/forms/asset_permission.py:82 +#: perms/forms/asset_permission.py:101 msgid "Asset or group at least one required" msgstr "资产和节点至少选一个" -#: perms/models/asset_permission.py:47 +#: perms/models/asset_permission.py:49 msgid "Upload download" msgstr "上传下载" -#: perms/models/asset_permission.py:61 perms/models/asset_permission.py:87 +#: perms/models/asset_permission.py:89 +msgid "Actions" +msgstr "动作" + +#: perms/models/asset_permission.py:93 perms/models/asset_permission.py:115 #: templates/_nav.html:44 msgid "Asset permission" msgstr "资产授权" -#: perms/models/asset_permission.py:78 perms/models/base.py:40 +#: perms/models/asset_permission.py:106 perms/models/base.py:40 #: perms/templates/perms/asset_permission_detail.html:90 #: perms/templates/perms/remote_app_permission_detail.html:82 #: users/models/user.py:102 users/templates/users/user_detail.html:107 @@ -3199,8 +3199,8 @@ msgid "Add user group to this permission" msgstr "添加用户组" #: perms/views/asset_permission.py:34 perms/views/asset_permission.py:65 -#: perms/views/asset_permission.py:81 perms/views/asset_permission.py:97 -#: perms/views/asset_permission.py:134 perms/views/asset_permission.py:167 +#: perms/views/asset_permission.py:82 perms/views/asset_permission.py:99 +#: perms/views/asset_permission.py:136 perms/views/asset_permission.py:169 #: perms/views/remote_app_permission.py:33 #: perms/views/remote_app_permission.py:49 #: perms/views/remote_app_permission.py:65 @@ -3219,19 +3219,19 @@ msgstr "资产授权列表" msgid "Create asset permission" msgstr "创建权限规则" -#: perms/views/asset_permission.py:82 +#: perms/views/asset_permission.py:83 msgid "Update asset permission" msgstr "更新资产授权" -#: perms/views/asset_permission.py:98 +#: perms/views/asset_permission.py:100 msgid "Asset permission detail" msgstr "资产授权详情" -#: perms/views/asset_permission.py:135 +#: perms/views/asset_permission.py:137 msgid "Asset permission user list" msgstr "资产授权用户列表" -#: perms/views/asset_permission.py:168 +#: perms/views/asset_permission.py:170 msgid "Asset permission asset list" msgstr "资产授权资产列表" @@ -3828,7 +3828,7 @@ msgstr "商业支持" #: users/templates/users/user_profile.html:17 #: users/templates/users/user_profile_update.html:37 #: users/templates/users/user_profile_update.html:57 -#: users/templates/users/user_pubkey_update.html:37 users/views/user.py:388 +#: users/templates/users/user_pubkey_update.html:37 users/views/user.py:245 msgid "Profile" msgstr "个人信息" @@ -3923,13 +3923,13 @@ msgstr "" #: templates/_nav.html:10 users/views/group.py:28 users/views/group.py:45 #: users/views/group.py:62 users/views/group.py:79 users/views/group.py:96 -#: users/views/login.py:154 users/views/user.py:70 users/views/user.py:87 -#: users/views/user.py:131 users/views/user.py:211 users/views/user.py:374 -#: users/views/user.py:426 users/views/user.py:467 +#: users/views/login.py:154 users/views/user.py:68 users/views/user.py:85 +#: users/views/user.py:129 users/views/user.py:209 users/views/user.py:231 +#: users/views/user.py:283 users/views/user.py:324 msgid "Users" msgstr "用户管理" -#: templates/_nav.html:13 users/views/user.py:71 +#: templates/_nav.html:13 users/views/user.py:69 msgid "User list" msgstr "用户列表" @@ -4369,11 +4369,11 @@ msgid "" "You should use your ssh client tools connect terminal: {}

{}" msgstr "你可以使用ssh客户端工具连接终端" -#: users/api/user.py:79 users/api/user.py:90 users/api/user.py:116 +#: users/api/user.py:93 msgid "You do not have permission." msgstr "你没有权限" -#: users/api/user.py:221 +#: users/api/user.py:186 msgid "Could not reset self otp, use profile reset instead" msgstr "不能再该页面重置MFA, 请去个人信息页面重置" @@ -4405,7 +4405,7 @@ msgstr "添加到用户组" msgid "Public key should not be the same as your old one." msgstr "不能和原来的密钥相同" -#: users/forms.py:90 users/forms.py:237 users/serializers/v1.py:74 +#: users/forms.py:90 users/forms.py:237 users/serializers/v1.py:82 msgid "Not a valid ssh public key" msgstr "ssh密钥不合法" @@ -4532,7 +4532,7 @@ msgid "Date password last updated" msgstr "最后更新密码日期" #: users/models/user.py:139 users/templates/users/user_update.html:22 -#: users/views/login.py:46 users/views/login.py:107 users/views/user.py:439 +#: users/views/login.py:46 users/views/login.py:107 users/views/user.py:296 msgid "User auth from {}, go there change password" msgstr "用户认证源来自 {}, 请去相应系统修改密码" @@ -4569,10 +4569,12 @@ msgid "Avatar url" msgstr "头像路径" #: users/serializers/v1.py:46 -#, fuzzy -#| msgid "Password does not match" +msgid "Role limit to {}" +msgstr "角色只能为 {}" + +#: users/serializers/v1.py:54 msgid "Password does not match security rules" -msgstr "密码不一致" +msgstr "密码不满足安全规则" #: users/serializers_v2/user.py:36 msgid "name not unique" @@ -4624,7 +4626,7 @@ msgid "Import users" msgstr "导入用户" #: users/templates/users/_user_update_modal.html:4 -#: users/templates/users/user_update.html:4 users/views/user.py:132 +#: users/templates/users/user_update.html:4 users/views/user.py:130 msgid "Update user" msgstr "更新用户" @@ -4762,12 +4764,12 @@ msgid "Very strong" msgstr "很强" #: users/templates/users/user_create.html:4 -#: users/templates/users/user_list.html:28 users/views/user.py:88 +#: users/templates/users/user_list.html:28 users/views/user.py:86 msgid "Create user" msgstr "创建用户" #: users/templates/users/user_detail.html:19 -#: users/templates/users/user_granted_asset.html:18 users/views/user.py:212 +#: users/templates/users/user_granted_asset.html:18 users/views/user.py:210 msgid "User detail" msgstr "用户详情" @@ -4967,8 +4969,7 @@ msgstr "安装完成后点击下一步进入绑定页面(如已安装,直接 msgid "Administrator Settings force MFA login" msgstr "管理员设置强制使用MFA登录" -#: users/templates/users/user_profile.html:120 users/views/user.py:248 -#: users/views/user.py:303 +#: users/templates/users/user_profile.html:120 msgid "User groups" msgstr "用户组" @@ -5243,7 +5244,7 @@ msgstr "Token错误或失效" msgid "Password not same" msgstr "密码不一致" -#: users/views/login.py:114 users/views/user.py:146 users/views/user.py:449 +#: users/views/login.py:114 users/views/user.py:144 users/views/user.py:306 msgid "* Your password does not meet the requirements" msgstr "* 您的密码不符合要求" @@ -5251,51 +5252,47 @@ msgstr "* 您的密码不符合要求" msgid "First login" msgstr "首次登录" -#: users/views/user.py:163 +#: users/views/user.py:161 msgid "Bulk update user success" msgstr "批量更新用户成功" -#: users/views/user.py:191 +#: users/views/user.py:189 msgid "Bulk update user" msgstr "批量更新用户" -#: users/views/user.py:278 -msgid "Invalid file." -msgstr "文件不合法" - -#: users/views/user.py:375 +#: users/views/user.py:232 msgid "User granted assets" msgstr "用户授权资产" -#: users/views/user.py:408 +#: users/views/user.py:265 msgid "Profile setting" msgstr "个人信息设置" -#: users/views/user.py:427 +#: users/views/user.py:284 msgid "Password update" msgstr "密码更新" -#: users/views/user.py:468 +#: users/views/user.py:325 msgid "Public key update" msgstr "密钥更新" -#: users/views/user.py:510 +#: users/views/user.py:367 msgid "Password invalid" msgstr "用户名或密码无效" -#: users/views/user.py:610 +#: users/views/user.py:467 msgid "MFA enable success" msgstr "MFA 绑定成功" -#: users/views/user.py:611 +#: users/views/user.py:468 msgid "MFA enable success, return login page" msgstr "MFA 绑定成功,返回到登录页面" -#: users/views/user.py:613 +#: users/views/user.py:470 msgid "MFA disable success" msgstr "MFA 解绑成功" -#: users/views/user.py:614 +#: users/views/user.py:471 msgid "MFA disable success, return login page" msgstr "MFA 解绑成功,返回登录页面" @@ -5783,10 +5780,8 @@ msgid "Restore default failed." msgstr "恢复默认失败!" #: xpack/plugins/interface/views.py:24 -#, fuzzy -#| msgid "Interval" msgid "Interface" -msgstr "间隔" +msgstr "界面" #: xpack/plugins/interface/views.py:51 msgid "It is already in the default setting state!" @@ -5946,6 +5941,12 @@ msgstr "密码匣子" msgid "vault create" msgstr "创建" +#~ msgid "already exists" +#~ msgstr "已经存在" + +#~ msgid "Invalid file." +#~ msgstr "文件不合法" + #~ msgid "Refresh all node assets amount" #~ msgstr "刷新所有节点资产数量" diff --git a/apps/perms/api/asset_permission.py b/apps/perms/api/asset_permission.py index 267d83971..38e44abd0 100644 --- a/apps/perms/api/asset_permission.py +++ b/apps/perms/api/asset_permission.py @@ -10,7 +10,7 @@ from rest_framework.pagination import LimitOffsetPagination from common.permissions import IsOrgAdmin from common.utils import get_object_or_none -from ..models import AssetPermission, Action +from ..models import AssetPermission from ..hands import ( User, UserGroup, Asset, Node, SystemUser, ) diff --git a/apps/perms/api/user_permission.py b/apps/perms/api/user_permission.py index ca583c388..cf259fb4f 100644 --- a/apps/perms/api/user_permission.py +++ b/apps/perms/api/user_permission.py @@ -21,7 +21,7 @@ from ..utils import ( from ..hands import User, Asset, Node, SystemUser, NodeSerializer from .. import serializers, const from ..mixins import AssetsFilterMixin -from ..models import ActionFlag +from ..models import Action logger = get_logger(__name__) @@ -423,7 +423,7 @@ class ValidateUserAssetPermissionApi(UserPermissionCacheMixin, APIView): return Response({'msg': False}, status=403) action = granted_system_users[su] - choices = ActionFlag.value_to_choices(action) + choices = Action.value_to_choices(action) if action_name not in choices: return Response({'msg': False}, status=403) diff --git a/apps/perms/const.py b/apps/perms/const.py index 457db580c..23d2ba044 100644 --- a/apps/perms/const.py +++ b/apps/perms/const.py @@ -1,24 +1,4 @@ # -*- coding: utf-8 -*- # -from django.utils.translation import ugettext_lazy as _ - -__all__ = [ - 'PERMS_ACTION_NAME_ALL', 'PERMS_ACTION_NAME_CONNECT', - 'PERMS_ACTION_NAME_DOWNLOAD_FILE', 'PERMS_ACTION_NAME_UPLOAD_FILE', - 'PERMS_ACTION_NAME_CHOICES' -] - -PERMS_ACTION_NAME_ALL = 'all' -PERMS_ACTION_NAME_CONNECT = 'connect' -PERMS_ACTION_NAME_UPLOAD_FILE = 'upload_file' -PERMS_ACTION_NAME_DOWNLOAD_FILE = 'download_file' - -PERMS_ACTION_NAME_CHOICES = ( - (PERMS_ACTION_NAME_ALL, _('All')), - (PERMS_ACTION_NAME_CONNECT, _('Connect')), - (PERMS_ACTION_NAME_UPLOAD_FILE, _('Upload file')), - (PERMS_ACTION_NAME_DOWNLOAD_FILE, _('Download file')), -) - -UNGROUPED_NODE_ID = "00000000-0000-0000-0000-000000000000" +UNGROUPED_NODE_ID = "00000000-0000-0000-0000-000000000002" diff --git a/apps/perms/forms/asset_permission.py b/apps/perms/forms/asset_permission.py index fb63517ff..c061f8d2a 100644 --- a/apps/perms/forms/asset_permission.py +++ b/apps/perms/forms/asset_permission.py @@ -7,7 +7,7 @@ from django.utils.translation import ugettext_lazy as _ from orgs.mixins import OrgModelForm from orgs.utils import current_org from assets.models import Asset, Node -from ..models import AssetPermission, ActionFlag +from ..models import AssetPermission, Action __all__ = [ 'AssetPermissionForm', @@ -16,20 +16,20 @@ __all__ = [ class ActionField(forms.MultipleChoiceField): def __init__(self, *args, **kwargs): - kwargs['choices'] = ActionFlag.CHOICES - kwargs['initial'] = ActionFlag.ALL + kwargs['choices'] = Action.CHOICES + kwargs['initial'] = Action.ALL kwargs['label'] = _("Action") kwargs['widget'] = forms.CheckboxSelectMultiple() super().__init__(*args, **kwargs) def to_python(self, value): value = super().to_python(value) - return ActionFlag.choices_to_value(value) + return Action.choices_to_value(value) def prepare_value(self, value): if value is None: return value - value = ActionFlag.value_to_choices(value) + value = Action.value_to_choices(value) return value diff --git a/apps/perms/migrations/0003_action.py b/apps/perms/migrations/0003_action.py index 41c0f9f39..c9dea7736 100644 --- a/apps/perms/migrations/0003_action.py +++ b/apps/perms/migrations/0003_action.py @@ -4,14 +4,6 @@ from django.db import migrations, models import uuid -def add_default_actions(apps, schema_editor): - from ..const import PERMS_ACTION_NAME_CHOICES - action_model = apps.get_model('perms', 'Action') - db_alias = schema_editor.connection.alias - for action, _ in PERMS_ACTION_NAME_CHOICES: - action_model.objects.using(db_alias).update_or_create(name=action) - - class Migration(migrations.Migration): dependencies = [ @@ -29,5 +21,4 @@ class Migration(migrations.Migration): 'verbose_name': 'Action', }, ), - migrations.RunPython(add_default_actions) ] diff --git a/apps/perms/migrations/0004_assetpermission_actions.py b/apps/perms/migrations/0004_assetpermission_actions.py index be468e7f0..dfe07f317 100644 --- a/apps/perms/migrations/0004_assetpermission_actions.py +++ b/apps/perms/migrations/0004_assetpermission_actions.py @@ -3,18 +3,6 @@ from django.db import migrations, models -def set_default_action_to_existing_perms(apps, schema_editor): - from orgs.utils import set_to_root_org - from ..models import Action - set_to_root_org() - perm_model = apps.get_model('perms', 'AssetPermission') - db_alias = schema_editor.connection.alias - perms = perm_model.objects.using(db_alias).all() - default_action = Action.get_action_all() - for perm in perms: - perm.actions.add(default_action.id) - - class Migration(migrations.Migration): dependencies = [ @@ -27,5 +15,4 @@ class Migration(migrations.Migration): name='actions', field=models.ManyToManyField(blank=True, related_name='permissions', to='perms.Action', verbose_name='Action'), ), - migrations.RunPython(set_default_action_to_existing_perms) ] diff --git a/apps/perms/migrations/0006_auto_20190628_1921.py b/apps/perms/migrations/0006_auto_20190628_1921.py index 0ea832751..f0faec017 100644 --- a/apps/perms/migrations/0006_auto_20190628_1921.py +++ b/apps/perms/migrations/0006_auto_20190628_1921.py @@ -6,21 +6,22 @@ from functools import reduce def migrate_old_actions(apps, schema_editor): from orgs.utils import set_to_root_org - from ..models import ActionFlag set_to_root_org() perm_model = apps.get_model('perms', 'AssetPermission') db_alias = schema_editor.connection.alias perms = perm_model.objects.using(db_alias).all() actions_map = { - "all": ActionFlag.ALL, - "connect": ActionFlag.CONNECT, - "upload_file": ActionFlag.UPLOAD, - "download_file": ActionFlag.DOWNLOAD, + "all": 0b11111111, + "connect": 0b00000001, + "upload_file": 0b00000010, + "download_file": 0b00000100, } for perm in perms: actions = perm.actions.all() - new_actions = [actions_map.get(action.name, ActionFlag.ALL) for action in actions] + if not actions: + continue + new_actions = [actions_map.get(action.name, 0b11111111) for action in actions] new_action = reduce(lambda x, y: x | y, new_actions) perm.action = new_action perm.save() diff --git a/apps/perms/migrations/0007_remove_assetpermission_actions.py b/apps/perms/migrations/0007_remove_assetpermission_actions.py index 63391ff85..1d8b3fbbb 100644 --- a/apps/perms/migrations/0007_remove_assetpermission_actions.py +++ b/apps/perms/migrations/0007_remove_assetpermission_actions.py @@ -19,4 +19,5 @@ class Migration(migrations.Migration): old_name='action', new_name='actions', ), + migrations.DeleteModel(name='Action'), ] diff --git a/apps/perms/models/asset_permission.py b/apps/perms/models/asset_permission.py index da8001227..bcb4fb0ee 100644 --- a/apps/perms/models/asset_permission.py +++ b/apps/perms/models/asset_permission.py @@ -4,37 +4,18 @@ from functools import reduce from django.db import models from django.utils.translation import ugettext_lazy as _ -from common.utils import date_expired_default, set_or_append_attr_bulk +from common.utils import date_expired_default from orgs.mixins import OrgModelMixin -from ..const import PERMS_ACTION_NAME_CHOICES, PERMS_ACTION_NAME_ALL from .base import BasePermission __all__ = [ - 'Action', 'AssetPermission', 'NodePermission', 'ActionFlag' + 'AssetPermission', 'NodePermission', 'Action', ] -class Action(models.Model): - id = models.UUIDField(default=uuid.uuid4, primary_key=True) - name = models.CharField( - max_length=128, unique=True, choices=PERMS_ACTION_NAME_CHOICES, - verbose_name=_('Name') - ) - - class Meta: - verbose_name = _('Action') - - def __str__(self): - return self.get_name_display() - - @classmethod - def get_action_all(cls): - return cls.objects.get(name=PERMS_ACTION_NAME_ALL) - - -class ActionFlag: +class Action: CONNECT = 0b00000001 UPLOAD = 0b00000010 DOWNLOAD = 0b00000100 @@ -86,7 +67,7 @@ class AssetPermission(BasePermission): nodes = models.ManyToManyField('assets.Node', related_name='granted_by_permissions', blank=True, verbose_name=_("Nodes")) system_users = models.ManyToManyField('assets.SystemUser', related_name='granted_by_permissions', verbose_name=_("System user")) # actions = models.ManyToManyField(Action, related_name='permissions', blank=True, verbose_name=_('Action')) - actions = models.IntegerField(choices=ActionFlag.DB_CHOICES, default=ActionFlag.ALL, verbose_name=_("Actions")) + actions = models.IntegerField(choices=Action.DB_CHOICES, default=Action.ALL, verbose_name=_("Actions")) class Meta: unique_together = [('org_id', 'name')] diff --git a/apps/perms/serializers/asset_permission.py b/apps/perms/serializers/asset_permission.py index 5a770b527..13197dd24 100644 --- a/apps/perms/serializers/asset_permission.py +++ b/apps/perms/serializers/asset_permission.py @@ -5,7 +5,7 @@ from rest_framework import serializers from common.fields import StringManyToManyField from orgs.mixins import BulkOrgResourceModelSerializer -from perms.models import AssetPermission, ActionFlag +from perms.models import AssetPermission, Action __all__ = [ 'AssetPermissionCreateUpdateSerializer', 'AssetPermissionListSerializer', @@ -16,20 +16,20 @@ __all__ = [ class ActionField(serializers.MultipleChoiceField): def __init__(self, *args, **kwargs): - kwargs['choices'] = ActionFlag.CHOICES + kwargs['choices'] = Action.CHOICES super().__init__(*args, **kwargs) def to_representation(self, value): - return ActionFlag.value_to_choices(value) + return Action.value_to_choices(value) def to_internal_value(self, data): - return ActionFlag.choices_to_value(data) + return Action.choices_to_value(data) class ActionDisplayField(ActionField): def to_representation(self, value): values = super().to_representation(value) - choices = dict(ActionFlag.CHOICES) + choices = dict(Action.CHOICES) return [choices.get(i) for i in values] diff --git a/apps/perms/signals_handler.py b/apps/perms/signals_handler.py index a1813916d..e8f2eecbf 100644 --- a/apps/perms/signals_handler.py +++ b/apps/perms/signals_handler.py @@ -6,7 +6,7 @@ from django.db import transaction from common.utils import get_logger from .utils import AssetPermissionUtil -from .models import AssetPermission, Action +from .models import AssetPermission logger = get_logger(__file__) diff --git a/apps/perms/utils/asset_permission.py b/apps/perms/utils/asset_permission.py index fbf0e0d6b..4f2b8561f 100644 --- a/apps/perms/utils/asset_permission.py +++ b/apps/perms/utils/asset_permission.py @@ -17,7 +17,7 @@ from orgs.utils import set_to_root_org from common.utils import get_logger from common.tree import TreeNode from .. import const -from ..models import AssetPermission, Action, ActionFlag +from ..models import AssetPermission, Action from ..hands import Node, Asset from assets.utils import NodeUtil @@ -569,7 +569,7 @@ def parse_asset_to_tree_node(node, asset, system_users): 'protocol': system_user.protocol, 'priority': system_user.priority, 'login_mode': system_user.login_mode, - 'actions': [ActionFlag.value_to_choices(action)], + 'actions': [Action.value_to_choices(action)], }) data = { 'id': str(asset.id), diff --git a/apps/perms/views/asset_permission.py b/apps/perms/views/asset_permission.py index e354e7479..cf4b6a1ed 100644 --- a/apps/perms/views/asset_permission.py +++ b/apps/perms/views/asset_permission.py @@ -10,10 +10,9 @@ from django.conf import settings from common.permissions import PermissionsMixin, IsOrgAdmin from orgs.utils import current_org -from perms.hands import Node, Asset, SystemUser, User, UserGroup -from perms.models import AssetPermission, Action +from perms.hands import Node, Asset, SystemUser, UserGroup +from perms.models import AssetPermission from perms.forms import AssetPermissionForm -from perms.const import PERMS_ACTION_NAME_ALL __all__ = [