From c95c3099b742673485f95de29edbe3d84647357b Mon Sep 17 00:00:00 2001 From: ibuler Date: Tue, 10 Dec 2024 15:44:16 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BF=AE=E6=94=B9=E4=B8=80=E4=BA=9B=20?= =?UTF-8?q?adhoc=20=E4=BB=BB=E5=8A=A1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../accounts/api/automations/check_account.py | 30 ++++++++++- .../api/automations/gather_account.py | 44 +++++++-------- .../automations/check_account/manager.py | 2 +- .../accounts/check_account_report.html | 2 + .../accounts/gather_account_report.html | 54 ++++++++++--------- 5 files changed, 82 insertions(+), 50 deletions(-) diff --git a/apps/accounts/api/automations/check_account.py b/apps/accounts/api/automations/check_account.py index d645e6d76..cbc7a524d 100644 --- a/apps/accounts/api/automations/check_account.py +++ b/apps/accounts/api/automations/check_account.py @@ -1,9 +1,12 @@ # -*- coding: utf-8 -*- # from django.db.models import Q, Count +from django.http import HttpResponse from rest_framework.decorators import action from rest_framework.exceptions import MethodNotAllowed from operator import itemgetter +from django.shortcuts import get_object_or_404 +from django.utils import timezone from rest_framework.response import Response @@ -14,7 +17,9 @@ from accounts.models import ( AccountRisk, RiskChoice, CheckAccountEngine, + AutomationExecution, ) +from assets.models import Asset from common.api import JMSModelViewSet from common.utils import many_get from orgs.mixins.api import OrgBulkModelViewSet @@ -42,6 +47,7 @@ class CheckAccountExecutionViewSet(AutomationExecutionViewSet): ("list", "accounts.view_checkaccountexecution"), ("retrieve", "accounts.view_checkaccountsexecution"), ("create", "accounts.add_checkaccountexecution"), + ("adhoc", "accounts.add_checkaccountexecution"), ("report", "accounts.view_checkaccountsexecution"), ) ordering = ("-date_created",) @@ -52,6 +58,26 @@ class CheckAccountExecutionViewSet(AutomationExecutionViewSet): queryset = queryset.filter(automation__type=self.tp) return queryset + @action(methods=["get"], detail=False, url_path="adhoc") + def adhoc(self, request, *args, **kwargs): + asset_id = request.query_params.get("asset_id") + if not asset_id: + return Response(status=400, data={"asset_id": "This field is required."}) + + get_object_or_404(Asset, pk=asset_id) + execution = AutomationExecution() + execution.snapshot = { + "assets": [asset_id], + "nodes": [], + "type": AutomationTypes.check_account, + "engines": ["check_account_secret"], + "name": "Check asset risk: {} {}".format(asset_id, timezone.now()), + } + execution.save() + execution.start() + report = execution.manager.gen_report() + return HttpResponse(report) + class AccountRiskViewSet(OrgBulkModelViewSet): model = AccountRisk @@ -99,7 +125,9 @@ class AccountRiskViewSet(OrgBulkModelViewSet): s = self.get_serializer(data=request.data) s.is_valid(raise_exception=True) - asset, username, act, risk = many_get(s.validated_data, ("asset", "username", "action", "risk")) + asset, username, act, risk = many_get( + s.validated_data, ("asset", "username", "action", "risk") + ) handler = RiskHandler(asset=asset, username=username, request=self.request) data = handler.handle(act, risk) if not data: diff --git a/apps/accounts/api/automations/gather_account.py b/apps/accounts/api/automations/gather_account.py index e8e9da320..6250fb219 100644 --- a/apps/accounts/api/automations/gather_account.py +++ b/apps/accounts/api/automations/gather_account.py @@ -36,6 +36,7 @@ class GatherAccountsExecutionViewSet(AutomationExecutionViewSet): ("list", "accounts.view_gatheraccountsexecution"), ("retrieve", "accounts.view_gatheraccountsexecution"), ("create", "accounts.add_gatheraccountsexecution"), + ("adhoc", "accounts.add_gatheraccountsexecution"), ("report", "accounts.view_gatheraccountsexecution"), ) @@ -46,6 +47,27 @@ class GatherAccountsExecutionViewSet(AutomationExecutionViewSet): queryset = queryset.filter(automation__type=self.tp) return queryset + @action(methods=["get"], detail=False, url_path="adhoc") + def adhoc(self, request, *args, **kwargs): + asset_id = request.query_params.get("asset_id") + if not asset_id: + return Response(status=400, data={"asset_id": "This field is required."}) + + get_object_or_404(Asset, pk=asset_id) + execution = AutomationExecution() + execution.snapshot = { + "assets": [asset_id], + "nodes": [], + "type": "gather_accounts", + "is_sync_account": False, + "check_risk": True, + "name": "Adhoc gather accounts: {}".format(asset_id), + } + execution.save() + execution.start() + report = execution.manager.gen_report() + return HttpResponse(report) + class GatheredAccountViewSet(OrgBulkModelViewSet): model = GatheredAccount @@ -58,7 +80,6 @@ class GatheredAccountViewSet(OrgBulkModelViewSet): } rbac_perms = { "sync_accounts": "assets.add_gatheredaccount", - "discover": "assets.add_gatheredaccount", "status": "assets.change_gatheredaccount", } @@ -81,24 +102,3 @@ class GatheredAccountViewSet(OrgBulkModelViewSet): handler = RiskHandler(asset, username, request=self.request) handler.handle_delete_remote() return Response(status=status.HTTP_200_OK) - - @action(methods=["get"], detail=False, url_path="discover") - def discover(self, request, *args, **kwargs): - asset_id = request.query_params.get("asset_id") - if not asset_id: - return Response(status=400, data={"asset_id": "This field is required."}) - - get_object_or_404(Asset, pk=asset_id) - execution = AutomationExecution() - execution.snapshot = { - "assets": [asset_id], - "nodes": [], - "type": "gather_accounts", - "is_sync_account": False, - "check_risk": True, - "name": "Adhoc gather accounts: {}".format(asset_id), - } - execution.save() - execution.start() - report = execution.manager.gen_report() - return HttpResponse(report) diff --git a/apps/accounts/automations/check_account/manager.py b/apps/accounts/automations/check_account/manager.py index 433ad5945..9d802bd3e 100644 --- a/apps/accounts/automations/check_account/manager.py +++ b/apps/accounts/automations/check_account/manager.py @@ -123,7 +123,7 @@ class CheckAccountManager(BaseManager): continue for i in range(0, len(self.assets), self.batch_size): - _assets = self.assets[i : i + self.batch_size] + _assets = self.assets[i: i + self.batch_size] accounts = Account.objects.filter(asset__in=_assets) summary, result = handle(accounts, _assets) diff --git a/apps/accounts/templates/accounts/check_account_report.html b/apps/accounts/templates/accounts/check_account_report.html index 58ad6e906..6444f7f92 100644 --- a/apps/accounts/templates/accounts/check_account_report.html +++ b/apps/accounts/templates/accounts/check_account_report.html @@ -84,6 +84,8 @@ {% endfor %} + {% else %} +

{% trans 'No weak password' %}

{% endif %} diff --git a/apps/accounts/templates/accounts/gather_account_report.html b/apps/accounts/templates/accounts/gather_account_report.html index bb94dafe5..9a0e3e76d 100644 --- a/apps/accounts/templates/accounts/gather_account_report.html +++ b/apps/accounts/templates/accounts/gather_account_report.html @@ -68,6 +68,8 @@ {% endfor %} + {% else %} +

{% trans 'No new accounts found' %}

{% endif %}
@@ -96,32 +98,32 @@
-
-

{% trans 'New found risks' %}: {{ summary.new_risks }}

- {% if summary.new_risks %} - - - - - - - - - - - - {% for risk in result.risks %} - - - - - - - {% endfor %} - -
{% trans 'No.' %}{% trans 'Asset' %}{% trans 'Username' %}{% trans 'Result' %}
{{ forloop.counter }}{{ risk.asset }}{{ risk.username }}{{ risk.risk }}
- {% endif %} -
+{#
#} +{#

{% trans 'New found risks' %}: {{ summary.new_risks }}

#} +{# {% if summary.new_risks %}#} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# {% for risk in result.risks %}#} +{# #} +{# #} +{# #} +{# #} +{# #} +{# #} +{# {% endfor %}#} +{# #} +{#
{% trans 'No.' %}{% trans 'Asset' %}{% trans 'Username' %}{% trans 'Result' %}
{{ forloop.counter }}{{ risk.asset }}{{ risk.username }}{{ risk.risk }}
#} +{# {% endif %}#} +{#
#}