From 6565f8c0a8b354545f77b47e8ec7f39c67990e08 Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Thu, 21 Dec 2023 19:49:24 +0800 Subject: [PATCH 01/22] =?UTF-8?q?perf:=20=E5=9C=A8=20ansible=20=E4=B8=AD?= =?UTF-8?q?=E5=88=87=E6=8D=A2=E7=94=A8=E6=88=B7=E6=97=B6=20=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0=E8=B6=85=E6=97=B6=E6=93=8D=E4=BD=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/ops/ansible/modules_utils/custom_common.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/apps/ops/ansible/modules_utils/custom_common.py b/apps/ops/ansible/modules_utils/custom_common.py index 29b1132b5..0cf1420d2 100644 --- a/apps/ops/ansible/modules_utils/custom_common.py +++ b/apps/ops/ansible/modules_utils/custom_common.py @@ -26,6 +26,7 @@ def common_argument_spec(): class SSHClient: + TIMEOUT = 20 SLEEP_INTERVAL = 2 COMPLETE_FLAG = 'complete' @@ -170,7 +171,12 @@ class SSHClient: time.sleep(self.SLEEP_INTERVAL) output += self._get_recv() continue + start_time = time.time() while self.COMPLETE_FLAG not in output: + if time.time() - start_time > self.TIMEOUT: + error_msg = output + print("切换用户操作超时,跳出循环。") + break time.sleep(self.SLEEP_INTERVAL) received_output = self._get_recv().replace(f'"{self.COMPLETE_FLAG}"', '') output += received_output From d5224968bc3dcc53649eead6e231397c102d57ad Mon Sep 17 00:00:00 2001 From: Bryan Date: Fri, 22 Dec 2023 15:26:53 +0800 Subject: [PATCH 02/22] Update README.md --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 4f1699b82..0144572d8 100644 --- a/README.md +++ b/README.md @@ -94,7 +94,8 @@ JumpServer 堡垒机帮助企业以更安全的方式管控和登录各种类型 | [KoKo](https://github.com/jumpserver/koko) | Koko release | JumpServer 字符协议 Connector 项目 | | [Lion](https://github.com/jumpserver/lion-release) | Lion release | JumpServer 图形协议 Connector 项目,依赖 [Apache Guacamole](https://guacamole.apache.org/) | | [Razor](https://github.com/jumpserver/razor) | Chen | JumpServer RDP 代理 Connector 项目 | -| [Tinker](https://github.com/jumpserver/tinker) | Tinker | JumpServer 远程应用 Connector 项目 | +| [Tinker](https://github.com/jumpserver/tinker) | Tinker | JumpServer 远程应用 Connector 项目 (Windows) | +| [Panda](https://github.com/jumpserver/Panda) | Tinker | JumpServer 远程应用 Connector 项目 (Linux) | | [Magnus](https://github.com/jumpserver/magnus-release) | Magnus release | JumpServer 数据库代理 Connector 项目 | | [Chen](https://github.com/jumpserver/chen-release) | Chen release | JumpServer Web DB 项目,替代原来的 OmniDB | | [Kael](https://github.com/jumpserver/kael) | Kael release | JumpServer 连接 GPT 资产的组件项目 | From fae5392a038f9c7d422a04362fab5fef87d907d8 Mon Sep 17 00:00:00 2001 From: Bryan Date: Fri, 22 Dec 2023 15:29:13 +0800 Subject: [PATCH 03/22] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0144572d8..15728ce9b 100644 --- a/README.md +++ b/README.md @@ -95,7 +95,7 @@ JumpServer 堡垒机帮助企业以更安全的方式管控和登录各种类型 | [Lion](https://github.com/jumpserver/lion-release) | Lion release | JumpServer 图形协议 Connector 项目,依赖 [Apache Guacamole](https://guacamole.apache.org/) | | [Razor](https://github.com/jumpserver/razor) | Chen | JumpServer RDP 代理 Connector 项目 | | [Tinker](https://github.com/jumpserver/tinker) | Tinker | JumpServer 远程应用 Connector 项目 (Windows) | -| [Panda](https://github.com/jumpserver/Panda) | Tinker | JumpServer 远程应用 Connector 项目 (Linux) | +| [Panda](https://github.com/jumpserver/Panda) | Panda | JumpServer 远程应用 Connector 项目 (Linux) | | [Magnus](https://github.com/jumpserver/magnus-release) | Magnus release | JumpServer 数据库代理 Connector 项目 | | [Chen](https://github.com/jumpserver/chen-release) | Chen release | JumpServer Web DB 项目,替代原来的 OmniDB | | [Kael](https://github.com/jumpserver/kael) | Kael release | JumpServer 连接 GPT 资产的组件项目 | From f6f1be423c888d1e740541b230a0a0cd1fdeb9c1 Mon Sep 17 00:00:00 2001 From: wangruidong <940853815@qq.com> Date: Fri, 22 Dec 2023 16:51:46 +0800 Subject: [PATCH 04/22] =?UTF-8?q?perf:=20=E7=BB=9F=E8=AE=A1=E4=BB=BB?= =?UTF-8?q?=E5=8A=A1=E6=89=A7=E8=A1=8C=E7=BB=93=E6=9E=9C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/ops/api/job.py | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/ops/api/job.py b/apps/ops/api/job.py index f16fefde2..61768f5d9 100644 --- a/apps/ops/api/job.py +++ b/apps/ops/api/job.py @@ -217,6 +217,7 @@ class JobExecutionTaskDetail(APIView): 'is_success': execution.is_success, 'time_cost': execution.time_cost, 'job_id': execution.job.id, + 'summary': execution.summary }) From 81b49090165f968253c6372644003023070401ef Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Mon, 25 Dec 2023 14:11:42 +0800 Subject: [PATCH 05/22] =?UTF-8?q?fix:=20=E3=80=90=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E4=BC=9A=E8=AF=9D=E5=A4=B1=E6=95=88=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E3=80=91SESSION=5FCOOKIE=5FAGE=20=E9=85=8D=E7=BD=AE?= =?UTF-8?q?=E4=B8=8D=E7=94=9F=E6=95=88=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/middleware.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/authentication/middleware.py b/apps/authentication/middleware.py index 10659a53a..eabb90263 100644 --- a/apps/authentication/middleware.py +++ b/apps/authentication/middleware.py @@ -152,6 +152,8 @@ class SessionCookieMiddleware(MiddlewareMixin): value = 'close' age = request.session.get_expiry_age() + expire_timestamp = request.session.get_expiry_date().timestamp() + response.set_cookie('jms_session_expire_timestamp', expire_timestamp) response.set_cookie('jms_session_expire', value, max_age=age) request.session.pop('auth_session_expiration_required', None) From edb2d1bd7bde8124c4cd22c1ca5fa06add65473b Mon Sep 17 00:00:00 2001 From: wangruidong <940853815@qq.com> Date: Mon, 25 Dec 2023 16:49:39 +0800 Subject: [PATCH 06/22] =?UTF-8?q?fix:=20=E6=88=91=E7=9A=84=E8=B5=84?= =?UTF-8?q?=E4=BA=A7=E5=88=97=E8=A1=A8=E6=A0=87=E7=AD=BE=E4=BF=A1=E6=81=AF?= =?UTF-8?q?=E6=B2=A1=E6=9C=89=E6=98=BE=E7=A4=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/serializers/user_permission.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/perms/serializers/user_permission.py b/apps/perms/serializers/user_permission.py index 9f7f89cee..0bd9bdc02 100644 --- a/apps/perms/serializers/user_permission.py +++ b/apps/perms/serializers/user_permission.py @@ -10,6 +10,7 @@ from assets.const import Category, AllTypes from assets.models import Node, Asset, Platform from assets.serializers.asset.common import AssetLabelSerializer, AssetProtocolsPermsSerializer from common.serializers.fields import ObjectRelatedField, LabeledChoiceField +from common.serializers import ResourceLabelsMixin from orgs.mixins.serializers import OrgResourceModelSerializerMixin from perms.serializers.permission import ActionChoicesField @@ -19,12 +20,11 @@ __all__ = [ ] -class AssetPermedSerializer(OrgResourceModelSerializerMixin): +class AssetPermedSerializer(OrgResourceModelSerializerMixin, ResourceLabelsMixin): """ 被授权资产的数据结构 """ platform = ObjectRelatedField(required=False, queryset=Platform.objects, label=_('Platform')) category = LabeledChoiceField(choices=Category.choices, read_only=True, label=_('Category')) type = LabeledChoiceField(choices=AllTypes.choices(), read_only=True, label=_('Type')) - labels = AssetLabelSerializer(many=True, required=False, label=_('Label')) domain = ObjectRelatedField(required=False, queryset=Node.objects, label=_('Domain')) class Meta: From 6ac956c62631b780f0c1819c13aca3a06c6e97ca Mon Sep 17 00:00:00 2001 From: Bai Date: Mon, 25 Dec 2023 19:01:08 +0800 Subject: [PATCH 07/22] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=20api/docs=20?= =?UTF-8?q?=E6=8A=A5=E9=94=99=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/rbac/serializers/permission.py | 4 ++-- apps/settings/serializers/feature.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/rbac/serializers/permission.py b/apps/rbac/serializers/permission.py index cc97b6c8a..3af435e33 100644 --- a/apps/rbac/serializers/permission.py +++ b/apps/rbac/serializers/permission.py @@ -7,14 +7,14 @@ from ..models import Permission __all__ = ['PermissionSerializer', 'UserPermsSerializer'] -class ContentTypeSerializer(serializers.ModelSerializer): +class PermissionContentTypeSerializer(serializers.ModelSerializer): class Meta: model = ContentType fields = ['id', 'app_label', 'model'] class PermissionSerializer(serializers.ModelSerializer): - content_type = ContentTypeSerializer(read_only=True) + content_type = PermissionContentTypeSerializer(read_only=True) class Meta: model = Permission diff --git a/apps/settings/serializers/feature.py b/apps/settings/serializers/feature.py index 8dc0de959..083e2749a 100644 --- a/apps/settings/serializers/feature.py +++ b/apps/settings/serializers/feature.py @@ -86,7 +86,7 @@ class ChatAISettingSerializer(serializers.Serializer): return gpt_api_model = Protocol.gpt_protocols()[Protocol.chatgpt]['setting']['api_mode'] choices = gpt_api_model['choices'] - field_gpt_model._choices = choices + field_gpt_model.choices = choices field_gpt_model.default = gpt_api_model['default'] cls = self.__class__ if cls.GPT_MODEL_CHOICES: From 3e090eb701cbcfd85777b45cfcec860d0bbf0950 Mon Sep 17 00:00:00 2001 From: Bai Date: Mon, 25 Dec 2023 19:19:11 +0800 Subject: [PATCH 08/22] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=20=E8=BF=9E?= =?UTF-8?q?=E6=8E=A5=E8=BF=9C=E7=A8=8B=E5=BA=94=E7=94=A8=E6=97=B6=E6=A0=87?= =?UTF-8?q?=E7=AD=BE=E5=8C=B9=E9=85=8D=E5=A4=B1=E8=B4=A5=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/terminal/models/applet/applet.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/apps/terminal/models/applet/applet.py b/apps/terminal/models/applet/applet.py index fd5934285..9e501eb50 100644 --- a/apps/terminal/models/applet/applet.py +++ b/apps/terminal/models/applet/applet.py @@ -172,8 +172,9 @@ class Applet(JMSBaseModel): return None spec_label = asset.labels.filter(label__name__in=['AppletHost', '发布机']).first() - if spec_label: - matched = [host for host in hosts if host.name == spec_label.value] + if spec_label and spec_label.label: + label_value = spec_label.label.value + matched = [host for host in hosts if host.name == label_value] if matched: return matched[0] From 48bcbc6c533dfd10b02b614e98ca0fff992f0b56 Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Tue, 26 Dec 2023 14:16:11 +0800 Subject: [PATCH 09/22] =?UTF-8?q?perf:=20=E7=BF=BB=E8=AF=91=20(#12426)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: feng <1304903146@qq.com> --- apps/locale/ja/LC_MESSAGES/django.po | 29 +++++++++++++------------- apps/locale/zh/LC_MESSAGES/django.mo | 2 +- apps/locale/zh/LC_MESSAGES/django.po | 31 ++++++++++++++-------------- 3 files changed, 30 insertions(+), 32 deletions(-) diff --git a/apps/locale/ja/LC_MESSAGES/django.po b/apps/locale/ja/LC_MESSAGES/django.po index d46d47829..92d6c4552 100644 --- a/apps/locale/ja/LC_MESSAGES/django.po +++ b/apps/locale/ja/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2023-12-21 16:12+0800\n" +"POT-Creation-Date: 2023-12-26 14:13+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -476,7 +476,7 @@ msgstr "終了日" #: accounts/models/automations/change_secret.py:43 #: assets/models/automations/base.py:113 audits/models.py:208 #: audits/serializers.py:54 ops/models/base.py:49 ops/models/job.py:227 -#: terminal/models/applet/applet.py:319 terminal/models/applet/host.py:140 +#: terminal/models/applet/applet.py:320 terminal/models/applet/host.py:140 #: terminal/models/component/status.py:30 #: terminal/models/virtualapp/virtualapp.py:99 #: terminal/serializers/applet.py:18 terminal/serializers/applet_host.py:136 @@ -742,7 +742,7 @@ msgstr "アカウントの存在ポリシー" #: assets/models/label.py:21 assets/models/platform.py:96 #: assets/serializers/asset/common.py:122 assets/serializers/cagegory.py:12 #: assets/serializers/platform.py:140 assets/serializers/platform.py:236 -#: perms/serializers/user_permission.py:25 settings/models.py:35 +#: perms/serializers/user_permission.py:26 settings/models.py:35 #: tickets/models/ticket/apply_application.py:13 users/models/preference.py:12 msgid "Category" msgstr "カテゴリ" @@ -756,7 +756,7 @@ msgstr "カテゴリ" #: assets/serializers/platform.py:139 audits/serializers.py:53 #: audits/serializers.py:170 #: authentication/serializers/connect_token_secret.py:126 ops/models/job.py:144 -#: perms/serializers/user_permission.py:26 terminal/models/applet/applet.py:39 +#: perms/serializers/user_permission.py:27 terminal/models/applet/applet.py:39 #: terminal/models/component/storage.py:57 #: terminal/models/component/storage.py:146 terminal/serializers/applet.py:29 #: terminal/serializers/session.py:21 terminal/serializers/storage.py:264 @@ -923,7 +923,7 @@ msgstr "关联平台,可以配置推送参数,如果不关联,则使用默 #: assets/models/group.py:20 common/db/models.py:36 ops/models/adhoc.py:26 #: ops/models/job.py:152 ops/models/playbook.py:31 rbac/models/role.py:37 #: settings/models.py:38 terminal/models/applet/applet.py:45 -#: terminal/models/applet/applet.py:320 terminal/models/applet/host.py:143 +#: terminal/models/applet/applet.py:321 terminal/models/applet/host.py:143 #: terminal/models/component/endpoint.py:25 #: terminal/models/component/endpoint.py:105 #: terminal/models/session/session.py:46 @@ -1720,7 +1720,7 @@ msgstr "アドレス" #: assets/models/asset/common.py:161 assets/models/platform.py:126 #: authentication/backends/passkey/models.py:12 #: authentication/serializers/connect_token_secret.py:118 -#: perms/serializers/user_permission.py:24 xpack/plugins/cloud/models.py:329 +#: perms/serializers/user_permission.py:25 xpack/plugins/cloud/models.py:329 msgid "Platform" msgstr "プラットフォーム" @@ -1886,8 +1886,7 @@ msgstr "値" #: assets/serializers/platform.py:119 #: authentication/serializers/connect_token_secret.py:124 #: common/serializers/common.py:85 labels/models.py:17 labels/models.py:33 -#: labels/serializers.py:45 perms/serializers/user_permission.py:27 -#: settings/serializers/msg.py:83 +#: labels/serializers.py:45 settings/serializers/msg.py:83 msgid "Label" msgstr "ラベル" @@ -3707,7 +3706,7 @@ msgid "Invalid ids for ids, should be a list" msgstr "無効なID、リストでなければなりません" #: common/db/fields.py:585 common/db/fields.py:590 -#: common/serializers/fields.py:134 tickets/serializers/ticket/common.py:58 +#: common/serializers/fields.py:133 tickets/serializers/ticket/common.py:58 #: xpack/plugins/cloud/serializers/account_attrs.py:56 #: xpack/plugins/cloud/serializers/account_attrs.py:79 #: xpack/plugins/cloud/serializers/account_attrs.py:150 @@ -3880,21 +3879,21 @@ msgstr "{} 秒待ってから送信してください" msgid "Children" msgstr "ノード" -#: common/serializers/fields.py:135 +#: common/serializers/fields.py:134 #, python-brace-format msgid "Invalid pk \"{pk_value}\" - object does not exist." msgstr "無効な pk \"{pk_value}\" - オブジェクトが存在しません" -#: common/serializers/fields.py:136 +#: common/serializers/fields.py:135 #, python-brace-format msgid "Incorrect type. Expected pk value, received {data_type}." msgstr "エラータイプ。 予想される pk 値、受信 {data_type}。" -#: common/serializers/fields.py:210 +#: common/serializers/fields.py:209 msgid "Invalid data type, should be list" msgstr "間違ったデータ タイプです。リストにする必要があります" -#: common/serializers/fields.py:225 +#: common/serializers/fields.py:224 msgid "Invalid choice: {}" msgstr "無効なオプション: {}" @@ -4815,7 +4814,7 @@ msgid "My assets" msgstr "私の資産" #: rbac/tree.py:58 terminal/models/applet/applet.py:52 -#: terminal/models/applet/applet.py:316 terminal/models/applet/host.py:30 +#: terminal/models/applet/applet.py:317 terminal/models/applet/host.py:30 #: terminal/serializers/applet.py:15 msgid "Applet" msgstr "リモートアプリケーション" @@ -6597,7 +6596,7 @@ msgstr "カスタムプラットフォームのみをサポート" msgid "Missing type in platform.yml" msgstr "platform.ymlにタイプがありません" -#: terminal/models/applet/applet.py:318 terminal/models/applet/host.py:36 +#: terminal/models/applet/applet.py:319 terminal/models/applet/host.py:36 #: terminal/models/applet/host.py:138 msgid "Hosting" msgstr "ホスト マシン" diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo index abcc5b418..1fe3d019d 100644 --- a/apps/locale/zh/LC_MESSAGES/django.mo +++ b/apps/locale/zh/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:853320b42ac7795fa983c4216f89b3a776a889453d90e11dc425d1388ff9b803 +oid sha256:80dd11dde678e4f9b64df18906175125218fd9f719bfe9aaa667ad6e2d055d40 size 139012 diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index bd5989a79..472fb7b2e 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2023-12-21 16:12+0800\n" +"POT-Creation-Date: 2023-12-26 14:13+0800\n" "PO-Revision-Date: 2021-05-20 10:54+0800\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -475,7 +475,7 @@ msgstr "结束日期" #: accounts/models/automations/change_secret.py:43 #: assets/models/automations/base.py:113 audits/models.py:208 #: audits/serializers.py:54 ops/models/base.py:49 ops/models/job.py:227 -#: terminal/models/applet/applet.py:319 terminal/models/applet/host.py:140 +#: terminal/models/applet/applet.py:320 terminal/models/applet/host.py:140 #: terminal/models/component/status.py:30 #: terminal/models/virtualapp/virtualapp.py:99 #: terminal/serializers/applet.py:18 terminal/serializers/applet_host.py:136 @@ -740,7 +740,7 @@ msgstr "账号存在策略" #: assets/models/label.py:21 assets/models/platform.py:96 #: assets/serializers/asset/common.py:122 assets/serializers/cagegory.py:12 #: assets/serializers/platform.py:140 assets/serializers/platform.py:236 -#: perms/serializers/user_permission.py:25 settings/models.py:35 +#: perms/serializers/user_permission.py:26 settings/models.py:35 #: tickets/models/ticket/apply_application.py:13 users/models/preference.py:12 msgid "Category" msgstr "类别" @@ -754,7 +754,7 @@ msgstr "类别" #: assets/serializers/platform.py:139 audits/serializers.py:53 #: audits/serializers.py:170 #: authentication/serializers/connect_token_secret.py:126 ops/models/job.py:144 -#: perms/serializers/user_permission.py:26 terminal/models/applet/applet.py:39 +#: perms/serializers/user_permission.py:27 terminal/models/applet/applet.py:39 #: terminal/models/component/storage.py:57 #: terminal/models/component/storage.py:146 terminal/serializers/applet.py:29 #: terminal/serializers/session.py:21 terminal/serializers/storage.py:264 @@ -921,7 +921,7 @@ msgstr "关联平台,可配置推送参数,如果不关联,将使用默认 #: assets/models/group.py:20 common/db/models.py:36 ops/models/adhoc.py:26 #: ops/models/job.py:152 ops/models/playbook.py:31 rbac/models/role.py:37 #: settings/models.py:38 terminal/models/applet/applet.py:45 -#: terminal/models/applet/applet.py:320 terminal/models/applet/host.py:143 +#: terminal/models/applet/applet.py:321 terminal/models/applet/host.py:143 #: terminal/models/component/endpoint.py:25 #: terminal/models/component/endpoint.py:105 #: terminal/models/session/session.py:46 @@ -1712,7 +1712,7 @@ msgstr "地址" #: assets/models/asset/common.py:161 assets/models/platform.py:126 #: authentication/backends/passkey/models.py:12 #: authentication/serializers/connect_token_secret.py:118 -#: perms/serializers/user_permission.py:24 xpack/plugins/cloud/models.py:329 +#: perms/serializers/user_permission.py:25 xpack/plugins/cloud/models.py:329 msgid "Platform" msgstr "系统平台" @@ -1878,8 +1878,7 @@ msgstr "值" #: assets/serializers/platform.py:119 #: authentication/serializers/connect_token_secret.py:124 #: common/serializers/common.py:85 labels/models.py:17 labels/models.py:33 -#: labels/serializers.py:45 perms/serializers/user_permission.py:27 -#: settings/serializers/msg.py:83 +#: labels/serializers.py:45 settings/serializers/msg.py:83 msgid "Label" msgstr "标签" @@ -3663,7 +3662,7 @@ msgid "Invalid ids for ids, should be a list" msgstr "无效的ID,应为列表" #: common/db/fields.py:585 common/db/fields.py:590 -#: common/serializers/fields.py:134 tickets/serializers/ticket/common.py:58 +#: common/serializers/fields.py:133 tickets/serializers/ticket/common.py:58 #: xpack/plugins/cloud/serializers/account_attrs.py:56 #: xpack/plugins/cloud/serializers/account_attrs.py:79 #: xpack/plugins/cloud/serializers/account_attrs.py:150 @@ -3834,21 +3833,21 @@ msgstr "请在 {} 秒后发送" msgid "Children" msgstr "节点" -#: common/serializers/fields.py:135 +#: common/serializers/fields.py:134 #, python-brace-format msgid "Invalid pk \"{pk_value}\" - object does not exist." msgstr "错误的 pk \"{pk_value}\" - 对象不存在" -#: common/serializers/fields.py:136 +#: common/serializers/fields.py:135 #, python-brace-format msgid "Incorrect type. Expected pk value, received {data_type}." msgstr "错误类型。期望 pk 值,收到 {data_type}。" -#: common/serializers/fields.py:210 +#: common/serializers/fields.py:209 msgid "Invalid data type, should be list" msgstr "错误的数据类型,应该是列表" -#: common/serializers/fields.py:225 +#: common/serializers/fields.py:224 msgid "Invalid choice: {}" msgstr "无效选项: {}" @@ -4762,7 +4761,7 @@ msgid "My assets" msgstr "我的资产" #: rbac/tree.py:58 terminal/models/applet/applet.py:52 -#: terminal/models/applet/applet.py:316 terminal/models/applet/host.py:30 +#: terminal/models/applet/applet.py:317 terminal/models/applet/host.py:30 #: terminal/serializers/applet.py:15 msgid "Applet" msgstr "远程应用" @@ -5464,7 +5463,7 @@ msgstr "启用 Vault" #: settings/serializers/feature.py:55 msgid "Mount Point" -msgstr "挂在点" +msgstr "挂载点" #: settings/serializers/feature.py:60 msgid "Chat AI" @@ -6504,7 +6503,7 @@ msgstr "只支持自定义平台" msgid "Missing type in platform.yml" msgstr "在 platform.yml 中缺少类型" -#: terminal/models/applet/applet.py:318 terminal/models/applet/host.py:36 +#: terminal/models/applet/applet.py:319 terminal/models/applet/host.py:36 #: terminal/models/applet/host.py:138 msgid "Hosting" msgstr "宿主机" From 33ea5eb41fb91a1cdbeb5be593773d8ca88686e9 Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Tue, 26 Dec 2023 14:23:04 +0800 Subject: [PATCH 10/22] =?UTF-8?q?perf:=20=E8=B5=84=E4=BA=A7=E5=8F=AF?= =?UTF-8?q?=E4=BB=A5=E9=80=9A=E8=BF=87address=20=E6=8E=92=E5=BA=8F=20(#124?= =?UTF-8?q?27)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: feng <1304903146@qq.com> --- apps/assets/api/asset/asset.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/assets/api/asset/asset.py b/apps/assets/api/asset/asset.py index e0b1aa3bf..eef18a773 100644 --- a/apps/assets/api/asset/asset.py +++ b/apps/assets/api/asset/asset.py @@ -93,7 +93,7 @@ class AssetViewSet(SuggestionMixin, NodeFilterMixin, OrgBulkModelViewSet): model = Asset filterset_class = AssetFilterSet search_fields = ("name", "address", "comment") - ordering_fields = ('name', 'connectivity', 'platform', 'date_updated', 'date_created') + ordering_fields = ('name', 'address', 'connectivity', 'platform', 'date_updated', 'date_created') serializer_classes = ( ("default", serializers.AssetSerializer), ("platform", serializers.PlatformSerializer), From f1db5d6f443d3b4d2ac25deb5ad1b434b6215306 Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Tue, 26 Dec 2023 12:42:20 +0800 Subject: [PATCH 11/22] =?UTF-8?q?perf:=20=E9=87=8D=E5=86=99GenericForeignK?= =?UTF-8?q?ey?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/jumpserver/__init__.py | 2 +- apps/jumpserver/rewriting/__init__.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/jumpserver/__init__.py b/apps/jumpserver/__init__.py index 8b1378917..ff4333aa4 100644 --- a/apps/jumpserver/__init__.py +++ b/apps/jumpserver/__init__.py @@ -1 +1 @@ - +from jumpserver.rewriting import db # noqa 采用猴子补丁的方式,重写atomic ForeignKey OneToOneField diff --git a/apps/jumpserver/rewriting/__init__.py b/apps/jumpserver/rewriting/__init__.py index 72949abe2..139597f9c 100644 --- a/apps/jumpserver/rewriting/__init__.py +++ b/apps/jumpserver/rewriting/__init__.py @@ -1,2 +1,2 @@ -from . import db + From 8f67922c80de1925a9a48d8503462b0a5523d45f Mon Sep 17 00:00:00 2001 From: wangruidong <940853815@qq.com> Date: Mon, 25 Dec 2023 15:24:35 +0800 Subject: [PATCH 12/22] =?UTF-8?q?perf:=20=E8=B5=84=E4=BA=A7=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E6=8F=90=E9=86=92=E5=92=8C=E7=94=A8=E6=88=B7=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E6=8F=90=E9=86=92=E8=83=BD=E6=98=BE=E7=A4=BA=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E5=90=8D=E7=A7=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/acls/notifications.py | 9 ++++++--- apps/acls/templates/acls/asset_login_reminder.html | 6 +++--- apps/acls/templates/acls/user_login_reminder.html | 4 ++-- apps/audits/signal_handlers/login_log.py | 3 ++- 4 files changed, 13 insertions(+), 9 deletions(-) diff --git a/apps/acls/notifications.py b/apps/acls/notifications.py index cf19b7a51..dc4db25ac 100644 --- a/apps/acls/notifications.py +++ b/apps/acls/notifications.py @@ -1,6 +1,7 @@ from django.template.loader import render_to_string from django.utils.translation import gettext_lazy as _ +from accounts.models import Account from assets.models import Asset from audits.models import UserLoginLog from notifications.notifications import UserMessage @@ -16,12 +17,11 @@ class UserLoginReminderMsg(UserMessage): def get_html_msg(self) -> dict: user_log = self.user_log - context = { 'ip': user_log.ip, 'city': user_log.city, 'username': user_log.username, - 'recipient': self.user.username, + 'recipient': self.user, 'user_agent': user_log.user_agent, } message = render_to_string('acls/user_login_reminder.html', context) @@ -48,11 +48,14 @@ class AssetLoginReminderMsg(UserMessage): super().__init__(user) def get_html_msg(self) -> dict: + account = Account.objects.get(asset=self.asset, username=self.account_username) context = { - 'recipient': self.user.username, + 'recipient': self.user, 'username': self.login_user.username, + 'name': self.login_user.name, 'asset': str(self.asset), 'account': self.account_username, + 'account_name': account.name, } message = render_to_string('acls/asset_login_reminder.html', context) diff --git a/apps/acls/templates/acls/asset_login_reminder.html b/apps/acls/templates/acls/asset_login_reminder.html index af836cab5..672c5e8de 100644 --- a/apps/acls/templates/acls/asset_login_reminder.html +++ b/apps/acls/templates/acls/asset_login_reminder.html @@ -1,10 +1,10 @@ {% load i18n %} -

{% trans 'Respectful' %}{{ recipient }},

+

{% trans 'Respectful' %}: {{ recipient.name }}[{{ recipient.username }}]

-

{% trans 'Username' %}: [{{ username }}]

+

{% trans 'User' %}: [{{ name }}({{ username }})]

{% trans 'Assets' %}: [{{ asset }}]

-

{% trans 'Account' %}: [{{ account }}]

+

{% trans 'Account' %}: [{{ account_name }}({{ account }})]

{% trans 'The user has just logged in to the asset. Please ensure that this is an authorized operation. If you suspect that this is an unauthorized access, please take appropriate measures immediately.' %}

diff --git a/apps/acls/templates/acls/user_login_reminder.html b/apps/acls/templates/acls/user_login_reminder.html index 3af4fd52a..fe4c1d9a9 100644 --- a/apps/acls/templates/acls/user_login_reminder.html +++ b/apps/acls/templates/acls/user_login_reminder.html @@ -1,8 +1,8 @@ {% load i18n %} -

{% trans 'Respectful' %}{{ recipient }},

+

{% trans 'Respectful' %}: {{ recipient.name }}[{{ recipient.username }}]

-

{% trans 'Username' %}: [{{ username }}]

+

{% trans 'User' %}: [{{ username }}]

IP: [{{ ip }}]

{% trans 'Login city' %}: [{{ city }}]

{% trans 'User agent' %}: [{{ user_agent }}]

diff --git a/apps/audits/signal_handlers/login_log.py b/apps/audits/signal_handlers/login_log.py index 5829e4f5e..ea53716b4 100644 --- a/apps/audits/signal_handlers/login_log.py +++ b/apps/audits/signal_handlers/login_log.py @@ -122,7 +122,8 @@ def send_login_info_to_reviewers(instance: UserLoginLog | str, auth_acl_id): def on_user_auth_success(sender, user, request, login_type=None, **kwargs): logger.debug('User login success: {}'.format(user.username)) check_different_city_login_if_need(user, request) - data = generate_data(user.username, request, login_type=login_type) + username = f"{user.name}({user.username})" + data = generate_data(username, request, login_type=login_type) request.session['login_time'] = data['datetime'].strftime('%Y-%m-%d %H:%M:%S') data.update({'mfa': int(user.mfa_enabled), 'status': True}) instance = write_login_log(**data) From a09b7b29e24b7ff5a50b5123a8c54a4f1c084640 Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Tue, 26 Dec 2023 16:05:28 +0800 Subject: [PATCH 13/22] =?UTF-8?q?fix:=20=E3=80=90=E8=B4=A6=E5=8F=B7?= =?UTF-8?q?=E6=94=B6=E9=9B=86=E3=80=91=E8=B4=A6=E5=8F=B7=E6=94=B6=E9=9B=86?= =?UTF-8?q?=E4=BB=BB=E5=8A=A1=EF=BC=8C=E5=85=B3=E9=97=AD=E5=90=8C=E6=AD=A5?= =?UTF-8?q?=E5=88=B0=E8=B5=84=E4=BA=A7=E6=97=B6=EF=BC=8C=E5=8F=AA=E6=94=B6?= =?UTF-8?q?=E9=9B=86=E4=BA=86=E4=B8=80=E4=B8=AA=E8=B5=84=E4=BA=A7=E7=9A=84?= =?UTF-8?q?=E8=B4=A6=E5=8F=B7=EF=BC=8C=E5=85=B6=E4=BB=96=E8=B5=84=E4=BA=A7?= =?UTF-8?q?=E7=9A=84=E8=B4=A6=E5=8F=B7=E6=9C=AA=E6=94=B6=E9=9B=86=20(#1242?= =?UTF-8?q?8)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: feng <1304903146@qq.com> --- apps/accounts/automations/gather_accounts/manager.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/accounts/automations/gather_accounts/manager.py b/apps/accounts/automations/gather_accounts/manager.py index 0941a78fa..1c9ae990f 100644 --- a/apps/accounts/automations/gather_accounts/manager.py +++ b/apps/accounts/automations/gather_accounts/manager.py @@ -72,7 +72,7 @@ class GatherAccountsManager(AccountBasePlaybookManager): ) gathered_accounts.append(gathered_account) if not self.is_sync_account: - return + continue GatheredAccount.sync_accounts(gathered_accounts) def run(self, *args, **kwargs): From af44ffab0ade11a5b1feda998dcf4c241a6bccb5 Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Wed, 27 Dec 2023 14:39:11 +0800 Subject: [PATCH 14/22] =?UTF-8?q?fix:=20=E8=B5=84=E4=BA=A7=E8=B4=A6?= =?UTF-8?q?=E5=8F=B7=E4=B8=8D=E5=AD=98=E5=9C=A8=E6=97=B6=20=E5=90=8C?= =?UTF-8?q?=E6=AD=A5=E5=88=A0=E9=99=A4=E8=B5=84=E4=BA=A7=E8=B4=A6=E5=8F=B7?= =?UTF-8?q?=E4=BB=BB=E5=8A=A1=E6=8A=A5=E9=94=99=20(#12437)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: feng <1304903146@qq.com> --- apps/accounts/automations/remove_account/host/posix/main.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/accounts/automations/remove_account/host/posix/main.yml b/apps/accounts/automations/remove_account/host/posix/main.yml index de91b8552..cddac5541 100644 --- a/apps/accounts/automations/remove_account/host/posix/main.yml +++ b/apps/accounts/automations/remove_account/host/posix/main.yml @@ -16,10 +16,11 @@ - name: "Rename user home directory if it exists" ansible.builtin.command: cmd: "mv {{ user_home_dir.stdout }} {{ user_home_dir.stdout }}.bak" - when: home_dir.stat.exists and user_home_dir.stdout != "" + when: home_dir.stat | default(false) and user_home_dir.stdout != "" - name: "Remove account" ansible.builtin.user: name: "{{ account.username }}" state: absent remove: "{{ home_dir.stat.exists }}" + when: home_dir.stat | default(false) From a4d0e3fd17bac413469f89f80754473154e0ce16 Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Tue, 26 Dec 2023 19:13:16 +0800 Subject: [PATCH 15/22] =?UTF-8?q?fix:=20=E7=89=B9=E5=AE=9Akey=20paramiko?= =?UTF-8?q?=20=E6=B5=8B=E8=AF=95=E5=8F=AF=E8=BF=9E=E6=8E=A5=E6=80=A7?= =?UTF-8?q?=E5=A4=B1=E8=B4=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ansible/modules_utils/custom_common.py | 26 ++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) diff --git a/apps/ops/ansible/modules_utils/custom_common.py b/apps/ops/ansible/modules_utils/custom_common.py index 0cf1420d2..975932565 100644 --- a/apps/ops/ansible/modules_utils/custom_common.py +++ b/apps/ops/ansible/modules_utils/custom_common.py @@ -2,8 +2,11 @@ import re import time import paramiko +from paramiko import DSSKey, RSAKey, Ed25519Key, ECDSAKey from sshtunnel import SSHTunnelForwarder +KEY_CLASSES = (RSAKey, DSSKey, ECDSAKey, Ed25519Key) + def common_argument_spec(): options = dict( @@ -39,21 +42,38 @@ class SSHClient: self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self.connect_params = self.get_connect_params() + @staticmethod + def get_encrypt_cls(key_path): + for key_cls in KEY_CLASSES: + try: + key_cls.from_private_key_file(key_path) + return key_cls + except paramiko.SSHException: + continue + raise paramiko.SSHException('Invalid key file') + + def get_pkey(self, key_path): + if not key_path: + return None + key_cls = self.get_encrypt_cls(key_path) + return key_cls.from_private_key_file(key_path) + def get_connect_params(self): params = { 'allow_agent': False, 'look_for_keys': False, 'hostname': self.module.params['login_host'], 'port': self.module.params['login_port'], - 'key_filename': self.module.params['login_private_key_path'] or None + # TODO: https://github.com/paramiko/paramiko/issues/2048 + 'pkey': self.get_pkey(self.module.params['login_private_key_path']) } if self.module.params['become']: params['username'] = self.module.params['become_user'] params['password'] = self.module.params['become_password'] - params['key_filename'] = self.module.params['become_private_key_path'] or None + params['pkey'] = self.get_pkey(self.module.params['become_private_key_path']) else: params['username'] = self.module.params['login_user'] params['password'] = self.module.params['login_password'] - params['key_filename'] = self.module.params['login_private_key_path'] or None + params['pkey'] = self.get_pkey(self.module.params['login_private_key_path']) return params def _get_channel(self): From 6c1c8b241ef20ae9c40e829eeaa1f3802341b617 Mon Sep 17 00:00:00 2001 From: Bai Date: Thu, 28 Dec 2023 15:17:10 +0800 Subject: [PATCH 16/22] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=E8=B5=84?= =?UTF-8?q?=E4=BA=A7=E7=AE=A1=E7=90=86=E4=B8=AD=E7=9A=84=E6=A0=87=E7=AD=BE?= =?UTF-8?q?=E6=9D=83=E9=99=90=E4=BD=8D=E4=B8=8D=E6=98=BE=E7=A4=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/rbac/const.py | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/rbac/const.py b/apps/rbac/const.py index 71eb47fbc..c47c22dba 100644 --- a/apps/rbac/const.py +++ b/apps/rbac/const.py @@ -30,6 +30,7 @@ exclude_permissions = ( ('users', 'userpasswordhistory', '*', '*'), ('users', 'usersession', '*', '*'), ('assets', 'adminuser', '*', '*'), + ('assets', 'label', '*', '*'), ('assets', 'assetgroup', '*', '*'), ('assets', 'cluster', '*', '*'), ('assets', 'systemuser', '*', '*'), From 219fad9b6209f57502779f12abdea2ce34814b8a Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Thu, 28 Dec 2023 16:26:49 +0800 Subject: [PATCH 17/22] =?UTF-8?q?fix:=20=E8=B4=A6=E5=8F=B7=E5=A4=87?= =?UTF-8?q?=E4=BB=BD=E5=AF=86=E7=A0=81=E5=A6=82=20t08\x08fIE=20=E5=A4=87?= =?UTF-8?q?=E4=BB=BD=E5=A4=B1=E8=B4=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../automations/backup_account/handlers.py | 11 ++++++----- .../automations/change_secret/manager.py | 9 +++++---- poetry.lock | 18 +++++++++++++++++- pyproject.toml | 1 + 4 files changed, 29 insertions(+), 10 deletions(-) diff --git a/apps/accounts/automations/backup_account/handlers.py b/apps/accounts/automations/backup_account/handlers.py index df801cda0..763428308 100644 --- a/apps/accounts/automations/backup_account/handlers.py +++ b/apps/accounts/automations/backup_account/handlers.py @@ -3,13 +3,13 @@ import time from collections import defaultdict, OrderedDict from django.conf import settings -from openpyxl import Workbook from rest_framework import serializers +from xlsxwriter import Workbook from accounts.const.automation import AccountBackupType +from accounts.models.automations.backup_account import AccountBackupAutomation from accounts.notifications import AccountBackupExecutionTaskMsg, AccountBackupByObjStorageExecutionTaskMsg from accounts.serializers import AccountSecretSerializer -from accounts.models.automations.backup_account import AccountBackupAutomation from assets.const import AllTypes from common.utils.file import encrypt_and_compress_zip_file, zip_files from common.utils.timezone import local_now_filename, local_now_display @@ -144,10 +144,11 @@ class AccountBackupHandler: wb = Workbook(filename) for sheet, data in data_map.items(): - ws = wb.create_sheet(str(sheet)) + ws = wb.add_worksheet(str(sheet)) for row in data: - ws.append(row) - wb.save(filename) + for col, _data in enumerate(row): + ws.write_string(0, col, _data) + wb.close() files.append(filename) timedelta = round((time.time() - time_start), 2) print('创建备份文件完成: 用时 {}s'.format(timedelta)) diff --git a/apps/accounts/automations/change_secret/manager.py b/apps/accounts/automations/change_secret/manager.py index 46d3ef2b6..74dfc717e 100644 --- a/apps/accounts/automations/change_secret/manager.py +++ b/apps/accounts/automations/change_secret/manager.py @@ -4,7 +4,7 @@ from copy import deepcopy from django.conf import settings from django.utils import timezone -from openpyxl import Workbook +from xlsxwriter import Workbook from accounts.const import AutomationTypes, SecretType, SSHKeyStrategy, SecretStrategy from accounts.models import ChangeSecretRecord @@ -227,8 +227,9 @@ class ChangeSecretManager(AccountBasePlaybookManager): rows.insert(0, header) wb = Workbook(filename) - ws = wb.create_sheet('Sheet1') + ws = wb.add_worksheet('Sheet1') for row in rows: - ws.append(row) - wb.save(filename) + for col, data in enumerate(row): + ws.write_string(0, col, data) + wb.close() return True diff --git a/poetry.lock b/poetry.lock index 3bf68f9c9..4b7cac7ea 100644 --- a/poetry.lock +++ b/poetry.lock @@ -7540,6 +7540,22 @@ type = "legacy" url = "https://pypi.tuna.tsinghua.edu.cn/simple" reference = "tsinghua" +[[package]] +name = "xlsxwriter" +version = "3.1.9" +description = "A Python module for creating Excel XLSX files." +optional = false +python-versions = ">=3.6" +files = [ + {file = "XlsxWriter-3.1.9-py3-none-any.whl", hash = "sha256:b61c1a0c786f82644936c0936ec96ee96cd3afb9440094232f7faef9b38689f0"}, + {file = "XlsxWriter-3.1.9.tar.gz", hash = "sha256:de810bf328c6a4550f4ffd6b0b34972aeb7ffcf40f3d285a0413734f9b63a929"}, +] + +[package.source] +type = "legacy" +url = "https://pypi.tuna.tsinghua.edu.cn/simple" +reference = "tsinghua" + [[package]] name = "xmlsec" version = "1.3.13" @@ -7755,4 +7771,4 @@ reference = "tsinghua" [metadata] lock-version = "2.0" python-versions = "^3.11" -content-hash = "397cb294c81da3ce74f1a1c3044bd778669284c0c280177162ed9d51e623a7c8" +content-hash = "19950a5300f8a4425e3e3c9a096fc3782cb544e02152e92ac1bc09d1d9b5274a" diff --git a/pyproject.toml b/pyproject.toml index eff9f4444..58b9991f6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -145,6 +145,7 @@ user-agents = "^2.2.0" django-cors-headers = "^4.3.0" mistune = "0.8.4" openai = "^1.3.7" +xlsxwriter = "^3.1.9" [tool.poetry.group.xpack.dependencies] From b72a446bbd7534f914239af3b3d267d8e01d00c8 Mon Sep 17 00:00:00 2001 From: Bai Date: Thu, 28 Dec 2023 17:18:55 +0800 Subject: [PATCH 18/22] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8Dlabel=E5=85=B3?= =?UTF-8?q?=E8=81=94=E7=94=A8=E6=88=B7=E6=97=B6=E4=B8=8D=E6=98=BE=E7=A4=BA?= =?UTF-8?q?=E6=9C=8D=E5=8A=A1=E8=B4=A6=E5=8F=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/users/models/user.py | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/users/models/user.py b/apps/users/models/user.py index bf03dadce..290c0c1f1 100644 --- a/apps/users/models/user.py +++ b/apps/users/models/user.py @@ -867,6 +867,7 @@ class User(AuthMixin, TokenMixin, RoleMixin, MFAMixin, LabeledMixin, JSONFilterM queryset = cls.objects.all() if not current_org.is_root(): queryset = current_org.get_members() + queryset = queryset.exclude(is_service_account=True) return queryset @property From 7a708156eebd4bb3f428084906330e0ad10cb061 Mon Sep 17 00:00:00 2001 From: feng626 <57284900+feng626@users.noreply.github.com> Date: Thu, 28 Dec 2023 17:31:44 +0800 Subject: [PATCH 19/22] =?UTF-8?q?Revert=20"fix:=20=E7=89=B9=E5=AE=9Akey=20?= =?UTF-8?q?paramiko=20=E6=B5=8B=E8=AF=95=E5=8F=AF=E8=BF=9E=E6=8E=A5?= =?UTF-8?q?=E6=80=A7=E5=A4=B1=E8=B4=A5"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit a4d0e3fd17bac413469f89f80754473154e0ce16. --- .../ansible/modules_utils/custom_common.py | 26 +++---------------- 1 file changed, 3 insertions(+), 23 deletions(-) diff --git a/apps/ops/ansible/modules_utils/custom_common.py b/apps/ops/ansible/modules_utils/custom_common.py index 975932565..0cf1420d2 100644 --- a/apps/ops/ansible/modules_utils/custom_common.py +++ b/apps/ops/ansible/modules_utils/custom_common.py @@ -2,11 +2,8 @@ import re import time import paramiko -from paramiko import DSSKey, RSAKey, Ed25519Key, ECDSAKey from sshtunnel import SSHTunnelForwarder -KEY_CLASSES = (RSAKey, DSSKey, ECDSAKey, Ed25519Key) - def common_argument_spec(): options = dict( @@ -42,38 +39,21 @@ class SSHClient: self.client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self.connect_params = self.get_connect_params() - @staticmethod - def get_encrypt_cls(key_path): - for key_cls in KEY_CLASSES: - try: - key_cls.from_private_key_file(key_path) - return key_cls - except paramiko.SSHException: - continue - raise paramiko.SSHException('Invalid key file') - - def get_pkey(self, key_path): - if not key_path: - return None - key_cls = self.get_encrypt_cls(key_path) - return key_cls.from_private_key_file(key_path) - def get_connect_params(self): params = { 'allow_agent': False, 'look_for_keys': False, 'hostname': self.module.params['login_host'], 'port': self.module.params['login_port'], - # TODO: https://github.com/paramiko/paramiko/issues/2048 - 'pkey': self.get_pkey(self.module.params['login_private_key_path']) + 'key_filename': self.module.params['login_private_key_path'] or None } if self.module.params['become']: params['username'] = self.module.params['become_user'] params['password'] = self.module.params['become_password'] - params['pkey'] = self.get_pkey(self.module.params['become_private_key_path']) + params['key_filename'] = self.module.params['become_private_key_path'] or None else: params['username'] = self.module.params['login_user'] params['password'] = self.module.params['login_password'] - params['pkey'] = self.get_pkey(self.module.params['login_private_key_path']) + params['key_filename'] = self.module.params['login_private_key_path'] or None return params def _get_channel(self): From 32255c6077c33f44b82d9a0ffc1536a68053318e Mon Sep 17 00:00:00 2001 From: wangruidong <940853815@qq.com> Date: Fri, 29 Dec 2023 10:19:41 +0800 Subject: [PATCH 20/22] =?UTF-8?q?fix:=20=E6=9B=B4=E6=96=B0=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E7=BB=84=E6=9D=83=E9=99=90=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/users/api/relation.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/apps/users/api/relation.py b/apps/users/api/relation.py index 4fbf29cc5..15654848f 100644 --- a/apps/users/api/relation.py +++ b/apps/users/api/relation.py @@ -16,6 +16,10 @@ class UserUserGroupRelationViewSet(JMSBulkRelationModelViewSet): search_fields = filterset_fields serializer_class = serializers.User2GroupRelationSerializer m2m_field = User.groups.field + rbac_perms = { + 'create': 'users.change_usergroup', + 'destroy': 'users.change_usergroup' + } def get_queryset(self): return super().get_queryset().annotate( From 653a6752b649c60e888f923141c77c08444dc29c Mon Sep 17 00:00:00 2001 From: wangruidong <940853815@qq.com> Date: Fri, 29 Dec 2023 13:31:46 +0800 Subject: [PATCH 21/22] =?UTF-8?q?fix:=20=E7=94=A8=E6=88=B7=E7=BB=84?= =?UTF-8?q?=E5=88=A0=E9=99=A4=E7=94=A8=E6=88=B7=E6=9D=83=E9=99=90=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/users/api/relation.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/users/api/relation.py b/apps/users/api/relation.py index 15654848f..e0fa8af2f 100644 --- a/apps/users/api/relation.py +++ b/apps/users/api/relation.py @@ -18,7 +18,7 @@ class UserUserGroupRelationViewSet(JMSBulkRelationModelViewSet): m2m_field = User.groups.field rbac_perms = { 'create': 'users.change_usergroup', - 'destroy': 'users.change_usergroup' + 'bulk_destroy': 'users.change_usergroup', } def get_queryset(self): From 4b961a626b8855663fa2be07a13c156c8746c92a Mon Sep 17 00:00:00 2001 From: feng <1304903146@qq.com> Date: Fri, 29 Dec 2023 14:09:05 +0800 Subject: [PATCH 22/22] =?UTF-8?q?perf:=20=E7=94=A8=E6=88=B7=E7=BB=84?= =?UTF-8?q?=E5=88=97=E8=A1=A8=E4=B8=AD=E7=9A=84=E7=94=A8=E6=88=B7=E6=B7=BB?= =?UTF-8?q?=E5=8A=A0=20is=5Fservice=5Faccount=20=E5=B1=9E=E6=80=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/users/serializers/group.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/users/serializers/group.py b/apps/users/serializers/group.py index e05546bba..2276b6e0e 100644 --- a/apps/users/serializers/group.py +++ b/apps/users/serializers/group.py @@ -16,7 +16,8 @@ __all__ = [ class UserGroupSerializer(ResourceLabelsMixin, BulkOrgResourceModelSerializer): users = ObjectRelatedField( - required=False, many=True, queryset=User.objects, label=_('User'), + required=False, many=True, queryset=User.objects, + attrs=("id", "name", "is_service_account"), label=_('User'), ) class Meta: