feat: 支持工单链接直接免密审批

2024-02-19 11:18:01 +08:00 · 2024-02-19 11:18:01 +08:00 · ba127c506d
parent c21ca70158
commit ba127c506d
8 changed files with 128 additions and 109 deletions
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@ -566,6 +566,7 @@ class Config(dict):
        'PASSWORD_CHANGE_LOG_KEEP_DAYS': 999,
        'TICKETS_ENABLED': True,
        'TICKETS_DIRECT_APPROVE': False,
        # 废弃的
        'DEFAULT_ORG_SHOW_ALL_USERS': True,
--- a/apps/jumpserver/settings/custom.py
+++ b/apps/jumpserver/settings/custom.py
@ -137,6 +137,7 @@ CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED = CONFIG.CHANGE_AUTH_PLAN_SECURE_MODE_ENABL
 DATETIME_DISPLAY_FORMAT = '%Y-%m-%d %H:%M:%S'
 TICKETS_ENABLED = CONFIG.TICKETS_ENABLED
 TICKETS_DIRECT_APPROVE = CONFIG.TICKETS_DIRECT_APPROVE
 REFERER_CHECK_ENABLED = CONFIG.REFERER_CHECK_ENABLED
 CONNECTION_TOKEN_ENABLED = CONFIG.CONNECTION_TOKEN_ENABLED
--- a/apps/locale/ja/LC_MESSAGES/django.po
+++ b/apps/locale/ja/LC_MESSAGES/django.po
@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-02-05 16:29+0800\n"
+"POT-Creation-Date: 2024-02-19 11:14+0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@ -258,7 +258,7 @@ msgstr "ユーザー %s がパスワードを閲覧/導き出しました"
 #: perms/models/asset_permission.py:69 perms/serializers/permission.py:36
 #: terminal/backends/command/models.py:17 terminal/models/session/session.py:31
 #: terminal/notifications.py:155 terminal/serializers/command.py:17
-#: terminal/serializers/session.py:26
+#: terminal/serializers/session.py:28
 #: terminal/templates/terminal/_msg_command_warning.html:4
 #: terminal/templates/terminal/_msg_session_sharing.html:4
 #: tickets/models/ticket/apply_asset.py:16 xpack/plugins/cloud/models.py:256
@ -402,7 +402,7 @@ msgstr "理由"
 #: accounts/models/automations/backup_account.py:135
 #: accounts/serializers/automations/change_secret.py:105
 #: accounts/serializers/automations/change_secret.py:128
-#: ops/serializers/job.py:64 terminal/serializers/session.py:49
+#: ops/serializers/job.py:64 terminal/serializers/session.py:51
 msgid "Is success"
 msgstr "成功は"
@ -767,7 +767,7 @@ msgstr "カテゴリ"
 #: perms/serializers/user_permission.py:27 terminal/models/applet/applet.py:39
 #: terminal/models/component/storage.py:57
 #: terminal/models/component/storage.py:146 terminal/serializers/applet.py:29
-#: terminal/serializers/session.py:21 terminal/serializers/storage.py:264
+#: terminal/serializers/session.py:23 terminal/serializers/storage.py:264
 #: terminal/serializers/storage.py:276 tickets/models/comment.py:26
 #: tickets/models/flow.py:56 tickets/models/ticket/apply_application.py:16
 #: tickets/models/ticket/general.py:275 tickets/serializers/flow.py:53
@ -990,7 +990,7 @@ msgstr "自動タスク実行履歴"
 #: audits/models.py:64 audits/signal_handlers/activity_log.py:33
 #: common/const/choices.py:18 ops/const.py:73 ops/serializers/celery.py:46
 #: terminal/const.py:78 terminal/models/session/sharing.py:121
-#: tickets/views/approve.py:117
+#: tickets/views/approve.py:128
 msgid "Success"
 msgstr "成功"
@ -1675,7 +1675,7 @@ msgstr "ユーザーと同じユーザー名"
 #: authentication/serializers/connect_token_secret.py:114
 #: settings/serializers/msg.py:29 terminal/models/applet/applet.py:42
 #: terminal/models/virtualapp/virtualapp.py:24
-#: terminal/serializers/session.py:19 terminal/serializers/session.py:45
+#: terminal/serializers/session.py:21 terminal/serializers/session.py:47
 #: terminal/serializers/storage.py:71
 msgid "Protocol"
 msgstr "プロトコル"
@ -2371,7 +2371,7 @@ msgstr "名前の変更"
 msgid "Symlink"
 msgstr "Symlink"
-#: audits/const.py:18 audits/const.py:28 terminal/api/session/session.py:146
+#: audits/const.py:18 audits/const.py:28 terminal/api/session/session.py:149
 msgid "Download"
 msgstr "ダウンロード"
@ -2379,7 +2379,7 @@ msgstr "ダウンロード"
 msgid "Rename dir"
 msgstr "マップディレクトリ"
-#: audits/const.py:23 rbac/tree.py:238 terminal/api/session/session.py:257
+#: audits/const.py:23 rbac/tree.py:238 terminal/api/session/session.py:277
 #: terminal/templates/terminal/_msg_command_warning.html:18
 #: terminal/templates/terminal/_msg_session_sharing.html:10
 msgid "View"
@ -2418,8 +2418,8 @@ msgstr "閉じる"
 #: audits/const.py:43 settings/serializers/terminal.py:6
 #: terminal/models/applet/host.py:26 terminal/models/component/terminal.py:174
-#: terminal/models/virtualapp/provider.py:14 terminal/serializers/session.py:52
+#: terminal/models/virtualapp/provider.py:14 terminal/serializers/session.py:54
-#: terminal/serializers/session.py:66
+#: terminal/serializers/session.py:68
 msgid "Terminal"
 msgstr "ターミナル"
@ -2704,7 +2704,7 @@ msgstr "ACL アクションはレビューです"
 msgid "Current user not support mfa type: {}"
 msgstr "現在のユーザーはmfaタイプをサポートしていません: {}"
-#: authentication/api/password.py:33 terminal/api/session/session.py:305
+#: authentication/api/password.py:33 terminal/api/session/session.py:325
 #: users/views/profile/reset.py:63
 msgid "User does not exist: {}"
 msgstr "ユーザーが存在しない: {}"
@ -4387,7 +4387,7 @@ msgstr "保存後に実行"
 msgid "Job type"
 msgstr "タスクの種類"
-#: ops/serializers/job.py:65 terminal/serializers/session.py:53
+#: ops/serializers/job.py:65 terminal/serializers/session.py:55
 msgid "Is finished"
 msgstr "終了しました"
@ -4525,7 +4525,7 @@ msgstr "グローバル組織を表示できます"
 msgid "Can view all joined org"
 msgstr "参加しているすべての組織を表示できます"
-#: orgs/models.py:233
+#: orgs/models.py:236
 msgid "Can not delete virtual org"
 msgstr "仮想組織を削除できませんでした"
@ -4610,7 +4610,7 @@ msgid "today"
 msgstr "今日"
 #: perms/notifications.py:12 perms/notifications.py:44
-#: settings/serializers/feature.py:117
+#: settings/serializers/feature.py:118
 msgid "day"
 msgstr "日"
@ -5603,39 +5603,43 @@ msgstr "GPTモデル"
 msgid "Enable tickets"
 msgstr "チケットを有効にする"
-#: settings/serializers/feature.py:114
+#: settings/serializers/feature.py:112
 msgid "No login approval"
 msgstr "ログイン承認なし"
 #: settings/serializers/feature.py:115
 msgid "Ticket authorize default time"
 msgstr "デフォルト製造オーダ承認時間"
-#: settings/serializers/feature.py:117
+#: settings/serializers/feature.py:118
 msgid "hour"
 msgstr "時"
-#: settings/serializers/feature.py:118
+#: settings/serializers/feature.py:119
 msgid "Ticket authorize default time unit"
 msgstr "デフォルト製造オーダ承認時間単位"
-#: settings/serializers/feature.py:123
+#: settings/serializers/feature.py:124
 msgid "Feature"
 msgstr "機能"
-#: settings/serializers/feature.py:126
+#: settings/serializers/feature.py:127
 msgid "Operation center"
 msgstr "職業センター"
-#: settings/serializers/feature.py:127
+#: settings/serializers/feature.py:128
 msgid "Allow user run batch command or not using ansible"
 msgstr "ユーザー実行バッチコマンドを許可するか、ansibleを使用しない"
-#: settings/serializers/feature.py:131
+#: settings/serializers/feature.py:132
 msgid "Operation center command blacklist"
 msgstr "オペレーション センター コマンド ブラックリスト"
-#: settings/serializers/feature.py:132
+#: settings/serializers/feature.py:133
 msgid "Commands that are not allowed execute."
 msgstr "実行が許可されていないコマンド"
-#: settings/serializers/feature.py:137
+#: settings/serializers/feature.py:138
 #: terminal/models/virtualapp/provider.py:17
 #: terminal/models/virtualapp/virtualapp.py:36
 #: terminal/models/virtualapp/virtualapp.py:97
@ -5643,7 +5647,7 @@ msgstr "実行が許可されていないコマンド"
 msgid "Virtual app"
 msgstr "仮想アプリケーション"
-#: settings/serializers/feature.py:140
+#: settings/serializers/feature.py:141
 msgid "Enable virtual app"
 msgstr "仮想アプリケーションの有効化"
@ -6474,20 +6478,20 @@ msgstr "テストに失敗しました：構成を確認してください"
 msgid "Have online sessions"
 msgstr "オンラインセッションを持つ"
-#: terminal/api/session/session.py:46
+#: terminal/api/session/session.py:48
 #, python-format
 msgid "User %s %s session %s replay"
 msgstr "ユーザー%s %sこのセッション %s の録画です"
-#: terminal/api/session/session.py:297
+#: terminal/api/session/session.py:317
 msgid "Session does not exist: {}"
 msgstr "セッションが存在しません: {}"
-#: terminal/api/session/session.py:300
+#: terminal/api/session/session.py:320
 msgid "Session is finished or the protocol not supported"
 msgstr "セッションが終了したか、プロトコルがサポートされていません"
-#: terminal/api/session/session.py:313
+#: terminal/api/session/session.py:333
 msgid "User does not have permission"
 msgstr "ユーザーに権限がありません"
@ -6835,11 +6839,11 @@ msgstr "ログイン元"
 msgid "Replay"
 msgstr "リプレイ"
-#: terminal/models/session/session.py:47 terminal/serializers/session.py:65
+#: terminal/models/session/session.py:47 terminal/serializers/session.py:67
 msgid "Command amount"
 msgstr "コマンド量"
-#: terminal/models/session/session.py:48 terminal/serializers/session.py:28
+#: terminal/models/session/session.py:48 terminal/serializers/session.py:30
 msgid "Error reason"
 msgstr "間違った理由"
@ -7158,31 +7162,31 @@ msgstr ""
 msgid "Asset IP"
 msgstr "資産 IP"
-#: terminal/serializers/session.py:23 terminal/serializers/session.py:50
+#: terminal/serializers/session.py:25 terminal/serializers/session.py:52
 msgid "Can replay"
 msgstr "再生できます"
-#: terminal/serializers/session.py:24 terminal/serializers/session.py:51
+#: terminal/serializers/session.py:26 terminal/serializers/session.py:53
 msgid "Can join"
 msgstr "参加できます"
-#: terminal/serializers/session.py:25 terminal/serializers/session.py:54
+#: terminal/serializers/session.py:27 terminal/serializers/session.py:56
 msgid "Can terminate"
 msgstr "終了できます"
-#: terminal/serializers/session.py:46
+#: terminal/serializers/session.py:48
 msgid "User ID"
 msgstr "ユーザーID"
-#: terminal/serializers/session.py:47
+#: terminal/serializers/session.py:49
 msgid "Asset ID"
 msgstr "資産ID"
-#: terminal/serializers/session.py:48
+#: terminal/serializers/session.py:50
 msgid "Login from display"
 msgstr "表示からのログイン"
-#: terminal/serializers/session.py:55
+#: terminal/serializers/session.py:57
 msgid "Terminal display"
 msgstr "ターミナルディスプレイ"
@ -7582,19 +7586,19 @@ msgstr "チケット基本情報"
 msgid "Ticket applied info"
 msgstr "チケット適用情報"
-#: tickets/notifications.py:111
+#: tickets/notifications.py:105
 msgid "Your has a new ticket, applicant - {}"
 msgstr "新しいチケットがあります- {}"
-#: tickets/notifications.py:115
+#: tickets/notifications.py:109
 msgid "{}: New Ticket - {} ({})"
 msgstr "新しいチケット- {} ({})"
-#: tickets/notifications.py:159
+#: tickets/notifications.py:155
 msgid "Your ticket has been processed, processor - {}"
 msgstr "チケットが処理されました。プロセッサー- {}"
-#: tickets/notifications.py:163
+#: tickets/notifications.py:159
 msgid "Ticket has processed - {} ({})"
 msgstr "チケットが処理済み- {} ({})"
@ -7660,7 +7664,7 @@ msgid "Ticket information"
 msgstr "作業指示情報"
 #: tickets/templates/tickets/approve_check_password.html:28
-#: tickets/views/approve.py:40 tickets/views/approve.py:77
+#: tickets/views/approve.py:43 tickets/views/approve.py:80
 msgid "Ticket approval"
 msgstr "作業指示の承認"
@ -7668,26 +7672,26 @@ msgstr "作業指示の承認"
 msgid "Approval"
 msgstr "承認"
-#: tickets/views/approve.py:41
+#: tickets/views/approve.py:44
 msgid ""
 "This ticket does not exist, the process has ended, or this link has expired"
 msgstr ""
 "このワークシートが存在しないか、ワークシートが終了したか、このリンクが無効に"
 "なっています"
-#: tickets/views/approve.py:69
+#: tickets/views/approve.py:72
 msgid "Click the button below to approve or reject"
 msgstr "下のボタンをクリックして同意または拒否。"
-#: tickets/views/approve.py:78
+#: tickets/views/approve.py:81
 msgid "After successful authentication, this ticket can be approved directly"
 msgstr "認証に成功した後、作業指示書は直接承認することができる。"
-#: tickets/views/approve.py:95
+#: tickets/views/approve.py:105
 msgid "Illegal approval action"
 msgstr "無効な承認アクション"
-#: tickets/views/approve.py:108
+#: tickets/views/approve.py:119
 msgid "This user is not authorized to approve this ticket"
 msgstr "このユーザーはこの作業指示を承認する権限がありません"
@ -8536,7 +8540,7 @@ msgstr "そして"
 msgid "Or"
 msgstr "または"
-#: xpack/plugins/cloud/manager.py:57
+#: xpack/plugins/cloud/manager.py:56
 msgid "Account unavailable"
 msgstr "利用できないアカウント"
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: JumpServer 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-02-05 16:29+0800\n"
+"POT-Creation-Date: 2024-02-19 11:14+0800\n"
 "PO-Revision-Date: 2021-05-20 10:54+0800\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: JumpServer team<ibuler@qq.com>\n"
@ -257,7 +257,7 @@ msgstr "用户 %s 查看/导出 了密码"
 #: perms/models/asset_permission.py:69 perms/serializers/permission.py:36
 #: terminal/backends/command/models.py:17 terminal/models/session/session.py:31
 #: terminal/notifications.py:155 terminal/serializers/command.py:17
-#: terminal/serializers/session.py:26
+#: terminal/serializers/session.py:28
 #: terminal/templates/terminal/_msg_command_warning.html:4
 #: terminal/templates/terminal/_msg_session_sharing.html:4
 #: tickets/models/ticket/apply_asset.py:16 xpack/plugins/cloud/models.py:256
@ -401,7 +401,7 @@ msgstr "原因"
 #: accounts/models/automations/backup_account.py:135
 #: accounts/serializers/automations/change_secret.py:105
 #: accounts/serializers/automations/change_secret.py:128
-#: ops/serializers/job.py:64 terminal/serializers/session.py:49
+#: ops/serializers/job.py:64 terminal/serializers/session.py:51
 msgid "Is success"
 msgstr "是否成功"
@ -765,7 +765,7 @@ msgstr "类别"
 #: perms/serializers/user_permission.py:27 terminal/models/applet/applet.py:39
 #: terminal/models/component/storage.py:57
 #: terminal/models/component/storage.py:146 terminal/serializers/applet.py:29
-#: terminal/serializers/session.py:21 terminal/serializers/storage.py:264
+#: terminal/serializers/session.py:23 terminal/serializers/storage.py:264
 #: terminal/serializers/storage.py:276 tickets/models/comment.py:26
 #: tickets/models/flow.py:56 tickets/models/ticket/apply_application.py:16
 #: tickets/models/ticket/general.py:275 tickets/serializers/flow.py:53
@ -987,7 +987,7 @@ msgstr "自动化任务执行历史"
 #: audits/models.py:64 audits/signal_handlers/activity_log.py:33
 #: common/const/choices.py:18 ops/const.py:73 ops/serializers/celery.py:46
 #: terminal/const.py:78 terminal/models/session/sharing.py:121
-#: tickets/views/approve.py:117
+#: tickets/views/approve.py:128
 msgid "Success"
 msgstr "成功"
@ -1667,7 +1667,7 @@ msgstr "用户名与用户相同"
 #: authentication/serializers/connect_token_secret.py:114
 #: settings/serializers/msg.py:29 terminal/models/applet/applet.py:42
 #: terminal/models/virtualapp/virtualapp.py:24
-#: terminal/serializers/session.py:19 terminal/serializers/session.py:45
+#: terminal/serializers/session.py:21 terminal/serializers/session.py:47
 #: terminal/serializers/storage.py:71
 msgid "Protocol"
 msgstr "协议"
@ -2354,7 +2354,7 @@ msgstr "重命名"
 msgid "Symlink"
 msgstr "建立软链接"
-#: audits/const.py:18 audits/const.py:28 terminal/api/session/session.py:146
+#: audits/const.py:18 audits/const.py:28 terminal/api/session/session.py:149
 msgid "Download"
 msgstr "下载"
@ -2362,7 +2362,7 @@ msgstr "下载"
 msgid "Rename dir"
 msgstr "映射目录"
-#: audits/const.py:23 rbac/tree.py:238 terminal/api/session/session.py:257
+#: audits/const.py:23 rbac/tree.py:238 terminal/api/session/session.py:277
 #: terminal/templates/terminal/_msg_command_warning.html:18
 #: terminal/templates/terminal/_msg_session_sharing.html:10
 msgid "View"
@ -2401,8 +2401,8 @@ msgstr "关闭"
 #: audits/const.py:43 settings/serializers/terminal.py:6
 #: terminal/models/applet/host.py:26 terminal/models/component/terminal.py:174
-#: terminal/models/virtualapp/provider.py:14 terminal/serializers/session.py:52
+#: terminal/models/virtualapp/provider.py:14 terminal/serializers/session.py:54
-#: terminal/serializers/session.py:66
+#: terminal/serializers/session.py:68
 msgid "Terminal"
 msgstr "终端"
@ -2685,7 +2685,7 @@ msgstr "ACL 动作是复核"
 msgid "Current user not support mfa type: {}"
 msgstr "当前用户不支持 MFA 类型: {}"
-#: authentication/api/password.py:33 terminal/api/session/session.py:305
+#: authentication/api/password.py:33 terminal/api/session/session.py:325
 #: users/views/profile/reset.py:63
 msgid "User does not exist: {}"
 msgstr "用户不存在: {}"
@ -4336,7 +4336,7 @@ msgstr "保存后执行"
 msgid "Job type"
 msgstr "任务类型"
-#: ops/serializers/job.py:65 terminal/serializers/session.py:53
+#: ops/serializers/job.py:65 terminal/serializers/session.py:55
 msgid "Is finished"
 msgstr "是否完成"
@ -4473,7 +4473,7 @@ msgstr "可以查看全局组织"
 msgid "Can view all joined org"
 msgstr "可以查看所有加入的组织"
-#: orgs/models.py:233
+#: orgs/models.py:236
 msgid "Can not delete virtual org"
 msgstr "无法删除虚拟组织"
@ -4558,7 +4558,7 @@ msgid "today"
 msgstr "今天"
 #: perms/notifications.py:12 perms/notifications.py:44
-#: settings/serializers/feature.py:117
+#: settings/serializers/feature.py:118
 msgid "day"
 msgstr "天"
@ -5543,39 +5543,43 @@ msgstr "GPT 模型"
 msgid "Enable tickets"
 msgstr "启用工单"
-#: settings/serializers/feature.py:114
+#: settings/serializers/feature.py:112
 msgid "No login approval"
 msgstr "免登录审批"
 #: settings/serializers/feature.py:115
 msgid "Ticket authorize default time"
 msgstr "默认工单授权时间"
-#: settings/serializers/feature.py:117
+#: settings/serializers/feature.py:118
 msgid "hour"
 msgstr "时"
-#: settings/serializers/feature.py:118
+#: settings/serializers/feature.py:119
 msgid "Ticket authorize default time unit"
 msgstr "默认工单授权时间单位"
-#: settings/serializers/feature.py:123
+#: settings/serializers/feature.py:124
 msgid "Feature"
 msgstr "功能"
-#: settings/serializers/feature.py:126
+#: settings/serializers/feature.py:127
 msgid "Operation center"
 msgstr "作业中心"
-#: settings/serializers/feature.py:127
+#: settings/serializers/feature.py:128
 msgid "Allow user run batch command or not using ansible"
 msgstr "是否允许用户使用 ansible 执行批量命令"
-#: settings/serializers/feature.py:131
+#: settings/serializers/feature.py:132
 msgid "Operation center command blacklist"
 msgstr "作业中心命令黑名单"
-#: settings/serializers/feature.py:132
+#: settings/serializers/feature.py:133
 msgid "Commands that are not allowed execute."
 msgstr "不允许执行的命令"
-#: settings/serializers/feature.py:137
+#: settings/serializers/feature.py:138
 #: terminal/models/virtualapp/provider.py:17
 #: terminal/models/virtualapp/virtualapp.py:36
 #: terminal/models/virtualapp/virtualapp.py:97
@ -5583,7 +5587,7 @@ msgstr "不允许执行的命令"
 msgid "Virtual app"
 msgstr "虚拟应用"
-#: settings/serializers/feature.py:140
+#: settings/serializers/feature.py:141
 msgid "Enable virtual app"
 msgstr "启用虚拟应用"
@ -6380,20 +6384,20 @@ msgstr "测试失败：请检查配置"
 msgid "Have online sessions"
 msgstr "有在线会话"
-#: terminal/api/session/session.py:46
+#: terminal/api/session/session.py:48
 #, python-format
 msgid "User %s %s session %s replay"
 msgstr "用户 %s %s 了会话 %s 的录像"
-#: terminal/api/session/session.py:297
+#: terminal/api/session/session.py:317
 msgid "Session does not exist: {}"
 msgstr "会话不存在: {}"
-#: terminal/api/session/session.py:300
+#: terminal/api/session/session.py:320
 msgid "Session is finished or the protocol not supported"
 msgstr "会话已经完成或协议不支持"
-#: terminal/api/session/session.py:313
+#: terminal/api/session/session.py:333
 msgid "User does not have permission"
 msgstr "用户没有权限"
@ -6741,11 +6745,11 @@ msgstr "登录来源"
 msgid "Replay"
 msgstr "回放"
-#: terminal/models/session/session.py:47 terminal/serializers/session.py:65
+#: terminal/models/session/session.py:47 terminal/serializers/session.py:67
 msgid "Command amount"
 msgstr "命令数量"
-#: terminal/models/session/session.py:48 terminal/serializers/session.py:28
+#: terminal/models/session/session.py:48 terminal/serializers/session.py:30
 msgid "Error reason"
 msgstr "错误原因"
@ -7057,31 +7061,31 @@ msgstr "如果不同端点下的资产 IP 有冲突，使用资产标签实现"
 msgid "Asset IP"
 msgstr "资产 IP"
-#: terminal/serializers/session.py:23 terminal/serializers/session.py:50
+#: terminal/serializers/session.py:25 terminal/serializers/session.py:52
 msgid "Can replay"
 msgstr "是否可重放"
-#: terminal/serializers/session.py:24 terminal/serializers/session.py:51
+#: terminal/serializers/session.py:26 terminal/serializers/session.py:53
 msgid "Can join"
 msgstr "是否可加入"
-#: terminal/serializers/session.py:25 terminal/serializers/session.py:54
+#: terminal/serializers/session.py:27 terminal/serializers/session.py:56
 msgid "Can terminate"
 msgstr "是否可中断"
-#: terminal/serializers/session.py:46
+#: terminal/serializers/session.py:48
 msgid "User ID"
 msgstr "用户 ID"
-#: terminal/serializers/session.py:47
+#: terminal/serializers/session.py:49
 msgid "Asset ID"
 msgstr "资产 ID"
-#: terminal/serializers/session.py:48
+#: terminal/serializers/session.py:50
 msgid "Login from display"
 msgstr "登录来源名称"
-#: terminal/serializers/session.py:55
+#: terminal/serializers/session.py:57
 msgid "Terminal display"
 msgstr "终端显示"
@ -7477,19 +7481,19 @@ msgstr "工单基本信息"
 msgid "Ticket applied info"
 msgstr "工单申请信息"
-#: tickets/notifications.py:111
+#: tickets/notifications.py:105
 msgid "Your has a new ticket, applicant - {}"
 msgstr "你有一个新的工单, 申请人 - {}"
-#: tickets/notifications.py:115
+#: tickets/notifications.py:109
 msgid "{}: New Ticket - {} ({})"
 msgstr "新工单 - {} ({})"
-#: tickets/notifications.py:159
+#: tickets/notifications.py:155
 msgid "Your ticket has been processed, processor - {}"
 msgstr "你的工单已被处理, 处理人 - {}"
-#: tickets/notifications.py:163
+#: tickets/notifications.py:159
 msgid "Ticket has processed - {} ({})"
 msgstr "你的工单已被处理, 处理人 - {} ({})"
@ -7555,7 +7559,7 @@ msgid "Ticket information"
 msgstr "工单信息"
 #: tickets/templates/tickets/approve_check_password.html:28
-#: tickets/views/approve.py:40 tickets/views/approve.py:77
+#: tickets/views/approve.py:43 tickets/views/approve.py:80
 msgid "Ticket approval"
 msgstr "工单审批"
@ -7563,24 +7567,24 @@ msgstr "工单审批"
 msgid "Approval"
 msgstr "同意"
-#: tickets/views/approve.py:41
+#: tickets/views/approve.py:44
 msgid ""
 "This ticket does not exist, the process has ended, or this link has expired"
 msgstr "工单不存在，或者工单流程已经结束，或者此链接已经过期"
-#: tickets/views/approve.py:69
+#: tickets/views/approve.py:72
 msgid "Click the button below to approve or reject"
 msgstr "点击下方按钮同意或者拒绝"
-#: tickets/views/approve.py:78
+#: tickets/views/approve.py:81
 msgid "After successful authentication, this ticket can be approved directly"
 msgstr "认证成功后，工单可直接审批"
-#: tickets/views/approve.py:95
+#: tickets/views/approve.py:105
 msgid "Illegal approval action"
 msgstr "无效的审批动作"
-#: tickets/views/approve.py:108
+#: tickets/views/approve.py:119
 msgid "This user is not authorized to approve this ticket"
 msgstr "此用户无权审批此工单"
@ -8412,7 +8416,7 @@ msgstr "与"
 msgid "Or"
 msgstr "或"
-#: xpack/plugins/cloud/manager.py:57
+#: xpack/plugins/cloud/manager.py:56
 msgid "Account unavailable"
 msgstr "账号无效"
--- a/apps/settings/serializers/feature.py
+++ b/apps/settings/serializers/feature.py
@ -109,6 +109,7 @@ class TicketSettingSerializer(serializers.Serializer):
    PREFIX_TITLE = _('Ticket')
    TICKETS_ENABLED = serializers.BooleanField(required=False, default=True, label=_("Enable tickets"))
    TICKETS_DIRECT_APPROVE = serializers.BooleanField(required=False, default=False, label=_("No login approval"))
    TICKET_AUTHORIZE_DEFAULT_TIME = serializers.IntegerField(
        min_value=1, max_value=999999, required=False,
        label=_("Ticket authorize default time")
--- a/apps/settings/serializers/public.py
+++ b/apps/settings/serializers/public.py
@ -51,6 +51,7 @@ class PrivateSettingSerializer(PublicSettingSerializer):
    ANNOUNCEMENT = serializers.DictField()
    TICKETS_ENABLED = serializers.BooleanField()
    TICKETS_DIRECT_APPROVE = serializers.BooleanField()
    CONNECTION_TOKEN_REUSABLE = serializers.BooleanField()
    CACHE_LOGIN_PASSWORD_ENABLED = serializers.BooleanField()
    VAULT_ENABLED = serializers.BooleanField()
--- a/apps/tickets/notifications.py
+++ b/apps/tickets/notifications.py
@ -96,16 +96,10 @@ class BaseTicketMessage(UserMessage):
 class TicketAppliedToAssigneeMessage(BaseTicketMessage):
    def __init__(self, user, ticket):
-        self._token = None
+        self.token = random_string(32)
        self.ticket = ticket
        super().__init__(user)
    @property
    def token(self):
        if self._token is None:
            self._token = random_string(32)
        return self._token
    @property
    def content_title(self):
        return _('Your has a new ticket, applicant - {}').format(self.ticket.applicant)
@ -133,10 +127,12 @@ class TicketAppliedToAssigneeMessage(BaseTicketMessage):
        ticket_approval_url = self.get_ticket_approval_url()
        context.update({'ticket_approval_url': ticket_approval_url})
        message = render_to_string('tickets/_msg_ticket.html', context)
-        cache.set(self.token, {'ticket_id': self.ticket.id, 'content': self.content}, 3600)
+        cache.set(self.token, {
            'ticket_id': self.ticket.id, 'approver_id': self.user.id,
            'content': self.content,
        }, 3600)
        return {
-            'subject': self.subject,
+            'subject': self.subject, 'message': message
            'message': message
        }
    @classmethod
--- a/apps/tickets/views/approve.py
+++ b/apps/tickets/views/approve.py
@ -5,11 +5,14 @@ from __future__ import unicode_literals
 from django.core.cache import cache
 from django.http import HttpResponse
 from django.conf import settings
 from django.shortcuts import redirect, reverse
 from django.utils.translation import gettext as _
 from django.views.generic.base import TemplateView
 from common.utils import get_logger, FlashMessageUtil
 from common.exceptions import JMSException
 from users.models import User
 from orgs.utils import tmp_to_root_org
 from tickets.const import TicketType
 from tickets.errors import AlreadyClosed
@ -71,7 +74,7 @@ class TicketDirectApproveView(TemplateView):
        return super().get_context_data(**kwargs)
    def get(self, request, *args, **kwargs):
-        if not request.user.is_authenticated:
+        if not (settings.TICKETS_DIRECT_APPROVE or request.user.is_authenticated):
            direct_url = reverse('tickets:direct-approve', kwargs={'token': kwargs['token']})
            message_data = {
                'title': _('Ticket approval'),
@ -87,8 +90,15 @@ class TicketDirectApproveView(TemplateView):
            return self.redirect_message_response(redirect_url=self.login_url)
        return super().get(request, ticket_info=ticket_info, *args, **kwargs)
-    def post(self, request, **kwargs):
+    @staticmethod
    def get_user(request, ticket_info):
        user = request.user
        if not user.is_authenticated and settings.TICKETS_DIRECT_APPROVE:
            user_id = ticket_info.get('approver_id')
            user = User.objects.filter(id=user_id).first()
        return user
    def post(self, request, **kwargs):
        token = kwargs.get('token')
        action = request.POST.get('action')
        if action not in ['approve', 'reject']:
@ -99,13 +109,14 @@ class TicketDirectApproveView(TemplateView):
        if not ticket_info:
            return self.redirect_message_response(redirect_url=self.login_url)
        try:
            user = self.get_user(request, ticket_info)
            ticket_id = ticket_info.get('ticket_id')
            with tmp_to_root_org():
                ticket = Ticket.all().get(id=ticket_id)
                ticket_sub_model = self.TICKET_SUB_MODEL_MAP[ticket.type]
                ticket = ticket_sub_model.objects.get(id=ticket_id)
            if not ticket.has_current_assignee(user):
-                raise Exception(_("This user is not authorized to approve this ticket"))
+                raise JMSException(_("This user is not authorized to approve this ticket"))
            getattr(ticket, action)(user)
        except AlreadyClosed as e:
            self.clear(token)