perf: 优化黑名单命令提示

apps/ops/ansible/runner.py

@@ -7,6 +7,10 @@ from django.conf import settings
 from .callback import DefaultCallback
 
 
+class CommandInBlackListException(Exception):
+    pass
+
+
 class AdHocRunner:
     cmd_modules_choices = ('shell', 'raw', 'command', 'script', 'win_shell')
 
@@ -28,7 +32,7 @@ class AdHocRunner:
         if self.module not in self.cmd_modules_choices:
             return
         if self.module_args and self.module_args.split()[0] in settings.SECURITY_COMMAND_BLACKLIST:
-            raise Exception("command not allowed: {}".format(self.module_args[0]))
+            raise CommandInBlackListException("command not allowed:{}".format(self.module_args.split()[0]))
 
     def run(self, verbosity=0, **kwargs):
         self.check_module()

apps/ops/models/job.py

@@ -19,7 +19,7 @@ from simple_history.models import HistoricalRecords
 from accounts.models import Account
 from acls.models import CommandFilterACL
 from assets.models import Asset
-from ops.ansible import JMSInventory, AdHocRunner, PlaybookRunner
+from ops.ansible import JMSInventory, AdHocRunner, PlaybookRunner, CommandInBlackListException
 from ops.mixin import PeriodTaskModelMixin
 from ops.variables import *
 from ops.const import Types, Modules, RunasPolicies, JobStatus
@@ -450,6 +450,8 @@ class JobExecution(JMSOrgBaseModel):
             cb = runner.run(**kwargs)
             self.set_result(cb)
             return cb
+        except CommandInBlackListException as e:
+            print("command is rejected by black list: {}".format(e))
         except Exception as e:
             logging.error(e, exc_info=True)
             self.set_error(e)