diff --git a/apps/applications/const.py b/apps/applications/const.py index 313477c25..4e0d2fe50 100644 --- a/apps/applications/const.py +++ b/apps/applications/const.py @@ -83,3 +83,9 @@ class AppType(models.TextChoices): if AppCategory.is_xpack(category): return True return tp in ['oracle', 'postgresql', 'sqlserver'] + + +class OracleVersion(models.TextChoices): + version_11g = '11g', '11g' + version_12c = '12c', '12c' + version_other = 'other', _('Other') diff --git a/apps/applications/models/application.py b/apps/applications/models/application.py index af1e27c2d..1644ab1d5 100644 --- a/apps/applications/models/application.py +++ b/apps/applications/models/application.py @@ -10,6 +10,7 @@ from common.mixins import CommonModelMixin from common.tree import TreeNode from common.utils import is_uuid from assets.models import Asset, SystemUser +from ..const import OracleVersion from ..utils import KubernetesTree from .. import const @@ -214,6 +215,8 @@ class ApplicationTreeNodeMixin: class Application(CommonModelMixin, OrgModelMixin, ApplicationTreeNodeMixin): + APP_TYPE = const.AppType + name = models.CharField(max_length=128, verbose_name=_('Name')) category = models.CharField( max_length=16, choices=const.AppCategory.choices, verbose_name=_('Category') @@ -255,6 +258,9 @@ class Application(CommonModelMixin, OrgModelMixin, ApplicationTreeNodeMixin): def category_db(self): return self.category == const.AppCategory.db.value + def is_type(self, tp): + return self.type == tp + def get_rdp_remote_app_setting(self): from applications.serializers.attrs import get_serializer_class_by_application_type if not self.category_remote_app: @@ -298,6 +304,15 @@ class Application(CommonModelMixin, OrgModelMixin, ApplicationTreeNodeMixin): target_ip = self.attrs.get('host') return target_ip + def get_target_protocol_for_oracle(self): + """ Oracle 类型需要单独处理,因为要携带版本号 """ + if not self.is_type(self.APP_TYPE.oracle): + return + version = self.attrs.get('version', OracleVersion.version_other) + if version == OracleVersion.version_other: + return + return 'oracle_%s' % version + class ApplicationUser(SystemUser): class Meta: diff --git a/apps/applications/serializers/attrs/application_type/oracle.py b/apps/applications/serializers/attrs/application_type/oracle.py index c87c4904d..94cfaa319 100644 --- a/apps/applications/serializers/attrs/application_type/oracle.py +++ b/apps/applications/serializers/attrs/application_type/oracle.py @@ -2,9 +2,15 @@ from rest_framework import serializers from django.utils.translation import ugettext_lazy as _ from ..application_category import DBSerializer +from applications.const import OracleVersion __all__ = ['OracleSerializer'] class OracleSerializer(DBSerializer): + version = serializers.ChoiceField( + choices=OracleVersion.choices, default=OracleVersion.version_other, + allow_null=True, label=_('Version'), + help_text=_('Magnus currently supports only 11g and 12c connections') + ) port = serializers.IntegerField(default=1521, label=_('Port'), allow_null=True) diff --git a/apps/locale/ja/LC_MESSAGES/django.mo b/apps/locale/ja/LC_MESSAGES/django.mo index 6d3f88208..789260264 100644 --- a/apps/locale/ja/LC_MESSAGES/django.mo +++ b/apps/locale/ja/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:326eef1f3134c1500a6641c6616a9d509befd5db42ead551fe5ca01b3e0273c0 -size 128150 +oid sha256:4d5cc27fc996896f8cba5773c99de59ff854f7ef1ae8c470d5c74bb6b371e6ed +size 128472 diff --git a/apps/locale/ja/LC_MESSAGES/django.po b/apps/locale/ja/LC_MESSAGES/django.po index 9205fb974..254383a50 100644 --- a/apps/locale/ja/LC_MESSAGES/django.po +++ b/apps/locale/ja/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2022-07-12 17:58+0800\n" +"POT-Creation-Date: 2022-07-13 16:25+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -23,13 +23,13 @@ msgid "Acls" msgstr "Acls" #: acls/models/base.py:25 acls/serializers/login_asset_acl.py:47 -#: applications/models/application.py:217 assets/models/asset.py:138 +#: applications/models/application.py:220 assets/models/asset.py:138 #: assets/models/base.py:175 assets/models/cluster.py:18 #: assets/models/cmd_filter.py:27 assets/models/domain.py:23 #: assets/models/group.py:20 assets/models/label.py:18 ops/mixin.py:24 #: orgs/models.py:65 perms/models/base.py:83 rbac/models/role.py:29 #: settings/models.py:29 settings/serializers/sms.py:6 -#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:82 +#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:88 #: terminal/models/storage.py:26 terminal/models/task.py:16 #: terminal/models/terminal.py:100 users/forms/profile.py:33 #: users/models/group.py:15 users/models/user.py:661 @@ -38,12 +38,12 @@ msgid "Name" msgstr "名前" #: acls/models/base.py:27 assets/models/cmd_filter.py:84 -#: assets/models/user.py:251 terminal/models/endpoint.py:85 +#: assets/models/user.py:251 terminal/models/endpoint.py:91 msgid "Priority" msgstr "優先順位" #: acls/models/base.py:28 assets/models/cmd_filter.py:84 -#: assets/models/user.py:251 terminal/models/endpoint.py:86 +#: assets/models/user.py:251 terminal/models/endpoint.py:92 msgid "1-100, the lower the value will be match first" msgstr "1-100、低い値は最初に一致します" @@ -53,7 +53,7 @@ msgstr "1-100、低い値は最初に一致します" msgid "Active" msgstr "アクティブ" -#: acls/models/base.py:32 applications/models/application.py:230 +#: acls/models/base.py:32 applications/models/application.py:233 #: assets/models/asset.py:143 assets/models/asset.py:231 #: assets/models/backup.py:54 assets/models/base.py:180 #: assets/models/cluster.py:29 assets/models/cmd_filter.py:48 @@ -61,7 +61,7 @@ msgstr "アクティブ" #: assets/models/domain.py:65 assets/models/group.py:23 #: assets/models/label.py:23 ops/models/adhoc.py:38 orgs/models.py:68 #: perms/models/base.py:93 rbac/models/role.py:37 settings/models.py:34 -#: terminal/models/endpoint.py:21 terminal/models/endpoint.py:92 +#: terminal/models/endpoint.py:23 terminal/models/endpoint.py:98 #: terminal/models/storage.py:29 terminal/models/terminal.py:114 #: tickets/models/comment.py:32 tickets/models/ticket/general.py:288 #: users/models/group.py:16 users/models/user.py:698 @@ -157,7 +157,7 @@ msgstr "コンマ区切り文字列の形式。* はすべて一致すること #: acls/serializers/login_asset_acl.py:51 assets/models/base.py:176 #: assets/models/gathered_user.py:15 audits/models.py:121 #: authentication/forms.py:25 authentication/forms.py:27 -#: authentication/models.py:245 +#: authentication/models.py:253 #: authentication/templates/authentication/_msg_different_city.html:9 #: authentication/templates/authentication/_msg_oauth_bind.html:9 #: ops/models/adhoc.py:159 users/forms/profile.py:32 users/models/user.py:659 @@ -185,7 +185,7 @@ msgstr "" #: authentication/templates/authentication/_msg_oauth_bind.html:12 #: authentication/templates/authentication/_msg_rest_password_success.html:8 #: authentication/templates/authentication/_msg_rest_public_key_success.html:8 -#: settings/serializers/terminal.py:8 terminal/serializers/endpoint.py:42 +#: settings/serializers/terminal.py:8 terminal/serializers/endpoint.py:54 msgid "IP" msgstr "IP" @@ -241,7 +241,7 @@ msgstr "" msgid "Time Period" msgstr "期間" -#: applications/apps.py:9 applications/models/application.py:63 +#: applications/apps.py:9 applications/models/application.py:64 msgid "Applications" msgstr "アプリケーション" @@ -260,7 +260,11 @@ msgstr "リモートアプリ" msgid "Custom" msgstr "カスタム" -#: applications/models/account.py:12 applications/models/application.py:234 +#: applications/const.py:91 rbac/tree.py:29 +msgid "Other" +msgstr "その他" + +#: applications/models/account.py:12 applications/models/application.py:237 #: assets/models/backup.py:32 assets/models/cmd_filter.py:45 #: authentication/models.py:67 authentication/models.py:95 #: perms/models/application_permission.py:28 @@ -278,8 +282,9 @@ msgstr "アプリケーション" msgid "System user" msgstr "システムユーザー" -#: applications/models/account.py:17 assets/models/authbook.py:21 -#: settings/serializers/auth/cas.py:18 +#: applications/models/account.py:17 +#: applications/serializers/attrs/application_type/oracle.py:13 +#: assets/models/authbook.py:21 settings/serializers/auth/cas.py:18 msgid "Version" msgstr "バージョン" @@ -295,7 +300,7 @@ msgstr "アプリケーションアカウントの秘密を表示できます" msgid "Can change application account secret" msgstr "アプリケーションアカウントの秘密を変更できます" -#: applications/models/application.py:219 +#: applications/models/application.py:222 #: applications/serializers/application.py:99 assets/models/label.py:21 #: perms/models/application_permission.py:21 #: perms/serializers/application/user_permission.py:33 @@ -304,7 +309,7 @@ msgstr "アプリケーションアカウントの秘密を変更できます" msgid "Category" msgstr "カテゴリ" -#: applications/models/application.py:222 +#: applications/models/application.py:225 #: applications/serializers/application.py:101 assets/models/backup.py:49 #: assets/models/cmd_filter.py:82 assets/models/user.py:250 #: authentication/models.py:70 perms/models/application_permission.py:24 @@ -318,21 +323,21 @@ msgstr "カテゴリ" msgid "Type" msgstr "タイプ" -#: applications/models/application.py:226 assets/models/asset.py:217 +#: applications/models/application.py:229 assets/models/asset.py:217 #: assets/models/domain.py:29 assets/models/domain.py:64 msgid "Domain" msgstr "ドメイン" -#: applications/models/application.py:228 xpack/plugins/cloud/models.py:33 +#: applications/models/application.py:231 xpack/plugins/cloud/models.py:33 #: xpack/plugins/cloud/serializers/account.py:60 msgid "Attrs" msgstr "ツールバーの" -#: applications/models/application.py:238 +#: applications/models/application.py:241 msgid "Can match application" msgstr "アプリケーションを一致させることができます" -#: applications/models/application.py:305 +#: applications/models/application.py:320 msgid "Application user" msgstr "アプリケーションユーザー" @@ -397,7 +402,7 @@ msgstr "ホスト" #: applications/serializers/attrs/application_type/mongodb.py:10 #: applications/serializers/attrs/application_type/mysql.py:10 #: applications/serializers/attrs/application_type/mysql_workbench.py:22 -#: applications/serializers/attrs/application_type/oracle.py:10 +#: applications/serializers/attrs/application_type/oracle.py:16 #: applications/serializers/attrs/application_type/pgsql.py:10 #: applications/serializers/attrs/application_type/redis.py:10 #: applications/serializers/attrs/application_type/sqlserver.py:10 @@ -467,6 +472,10 @@ msgstr "Mysql workbench のユーザー名" msgid "Mysql workbench password" msgstr "Mysql workbench パスワード" +#: applications/serializers/attrs/application_type/oracle.py:14 +msgid "Magnus currently supports only 11g and 12c connections" +msgstr "現在、Magnusは11gおよび12cバージョンへの接続のみをサポートしています" + #: applications/serializers/attrs/application_type/vmware_client.py:26 msgid "Vmware username" msgstr "Vmware ユーザー名" @@ -768,7 +777,7 @@ msgstr "失敗しました" msgid "Connectivity" msgstr "接続性" -#: assets/models/base.py:40 authentication/models.py:248 +#: assets/models/base.py:40 authentication/models.py:256 msgid "Date verified" msgstr "確認済みの日付" @@ -1616,7 +1625,7 @@ msgstr "本を飛ばす" msgid "DingTalk" msgstr "DingTalk" -#: audits/signal_handlers.py:56 authentication/models.py:252 +#: audits/signal_handlers.py:56 authentication/models.py:260 msgid "Temporary token" msgstr "仮パスワード" @@ -2106,13 +2115,13 @@ msgstr "期限切れ" msgid "SSO token" msgstr "SSO token" -#: authentication/models.py:72 authentication/models.py:246 +#: authentication/models.py:72 authentication/models.py:254 #: authentication/templates/authentication/_access_key_modal.html:31 #: settings/serializers/auth/radius.py:17 msgid "Secret" msgstr "ひみつ" -#: authentication/models.py:74 authentication/models.py:249 +#: authentication/models.py:74 authentication/models.py:257 #: perms/models/base.py:90 tickets/models/ticket/apply_application.py:26 #: tickets/models/ticket/apply_asset.py:24 users/models/user.py:703 msgid "Date expired" @@ -2130,51 +2139,51 @@ msgstr "接続トークン" msgid "Can view connection token secret" msgstr "接続トークンの秘密を表示できます" -#: authentication/models.py:141 +#: authentication/models.py:149 msgid "Connection token expired at: {}" msgstr "接続トークンの有効期限: {}" -#: authentication/models.py:146 +#: authentication/models.py:154 msgid "User not exists" msgstr "ユーザーは存在しません" -#: authentication/models.py:150 +#: authentication/models.py:158 msgid "User invalid, disabled or expired" msgstr "ユーザーが無効、無効、または期限切れです" -#: authentication/models.py:155 +#: authentication/models.py:163 msgid "System user not exists" msgstr "システムユーザーが存在しません" -#: authentication/models.py:161 +#: authentication/models.py:169 msgid "Asset not exists" msgstr "アセットが存在しません" -#: authentication/models.py:165 +#: authentication/models.py:173 msgid "Asset inactive" msgstr "アセットがアクティブ化されていません" -#: authentication/models.py:172 +#: authentication/models.py:180 msgid "User has no permission to access asset or permission expired" msgstr "" "ユーザーがアセットにアクセスする権限を持っていないか、権限の有効期限が切れて" "います" -#: authentication/models.py:180 +#: authentication/models.py:188 msgid "Application not exists" msgstr "アプリが存在しません" -#: authentication/models.py:187 +#: authentication/models.py:195 msgid "User has no permission to access application or permission expired" msgstr "" "ユーザーがアプリにアクセスする権限を持っていないか、権限の有効期限が切れてい" "ます" -#: authentication/models.py:247 +#: authentication/models.py:255 msgid "Verified" msgstr "確認済み" -#: authentication/models.py:268 +#: authentication/models.py:276 msgid "Super connection token" msgstr "スーパー接続トークン" @@ -2191,7 +2200,11 @@ msgstr "バインディングリマインダー" msgid "Validity" msgstr "有効性" -#: authentication/serializers/connection_token.py:73 +#: authentication/serializers/connection_token.py:24 +msgid "Expired time" +msgstr "期限切れ時間" + +#: authentication/serializers/connection_token.py:74 msgid "Asset or application required" msgstr "アセットまたはアプリが必要" @@ -3009,7 +3022,7 @@ msgstr "組織のリソース ({}) は削除できません" msgid "App organizations" msgstr "アプリ組織" -#: orgs/mixins/models.py:46 orgs/mixins/serializers.py:25 orgs/models.py:80 +#: orgs/mixins/models.py:54 orgs/mixins/serializers.py:25 orgs/models.py:80 #: orgs/models.py:211 rbac/const.py:7 rbac/models/rolebinding.py:48 #: rbac/serializers/rolebinding.py:40 settings/serializers/auth/ldap.py:62 #: tickets/models/ticket/general.py:300 tickets/serializers/ticket/ticket.py:64 @@ -3376,10 +3389,6 @@ msgstr "監査ビュー" msgid "System setting" msgstr "システム設定" -#: rbac/tree.py:29 -msgid "Other" -msgstr "その他" - #: rbac/tree.py:37 msgid "Accounts" msgstr "アカウント" @@ -4678,7 +4687,7 @@ msgstr "" msgid "Offline video player" msgstr "オフラインビデオプレーヤー" -#: terminal/api/endpoint.py:26 +#: terminal/api/endpoint.py:33 msgid "Not found protocol query params" msgstr "プロトコルクエリパラメータが見つかりません" @@ -4851,18 +4860,26 @@ msgstr "PostgreSQL ポート" msgid "Redis Port" msgstr "Redis ポート" -#: terminal/models/endpoint.py:26 terminal/models/endpoint.py:90 -#: terminal/serializers/endpoint.py:45 terminal/serializers/storage.py:38 +#: terminal/models/endpoint.py:21 +msgid "Oracle 11g Port" +msgstr "Oracle 11g ポート" + +#: terminal/models/endpoint.py:22 +msgid "Oracle 12c Port" +msgstr "Oracle 12c ポート" + +#: terminal/models/endpoint.py:28 terminal/models/endpoint.py:96 +#: terminal/serializers/endpoint.py:57 terminal/serializers/storage.py:38 #: terminal/serializers/storage.py:50 terminal/serializers/storage.py:80 #: terminal/serializers/storage.py:90 terminal/serializers/storage.py:98 msgid "Endpoint" msgstr "エンドポイント" -#: terminal/models/endpoint.py:83 +#: terminal/models/endpoint.py:89 msgid "IP group" msgstr "IP グループ" -#: terminal/models/endpoint.py:95 +#: terminal/models/endpoint.py:101 msgid "Endpoint rule" msgstr "エンドポイントルール" @@ -5043,7 +5060,11 @@ msgstr "レベル" msgid "Batch danger command alert" msgstr "一括危険コマンド警告" -#: terminal/serializers/endpoint.py:39 +#: terminal/serializers/endpoint.py:12 +msgid "Oracle port" +msgstr "" + +#: terminal/serializers/endpoint.py:51 msgid "" "If asset IP addresses under different endpoints conflict, use asset labels" msgstr "" @@ -6703,12 +6724,11 @@ msgid "" "all instances and randomly match IP addresses.
Format for comma-" "delimited string, Such as: 192.168.1.0/24, 10.1.1.1-10.1.1.20" msgstr "" -"IP範囲に一致するインスタンスのみが同期されます。
" -"インスタンスに複数のIPアドレスが含まれている場合、一致する最初のIPアドレスが作成されたアセットのIPとして使用されます。
" -"デフォルト値の*は、すべてのインスタンスを同期し、IPアドレスをランダムに一致させることを意味します。
" -"形式はコンマ区切りの文字列です。例:192.168.1.0/24,10.1.1.1-10.1.1.20" - - +"IP範囲に一致するインスタンスのみが同期されます。
インスタンスに複数のIPア" +"ドレスが含まれている場合、一致する最初のIPアドレスが作成されたアセットのIPと" +"して使用されます。
デフォルト値の*は、すべてのインスタンスを同期し、IPア" +"ドレスをランダムに一致させることを意味します。
形式はコンマ区切りの文字列" +"です。例:192.168.1.0/24,10.1.1.1-10.1.1.20" #: xpack/plugins/cloud/serializers/task.py:36 msgid "History count" diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo index dcc55a77c..acdae1731 100644 --- a/apps/locale/zh/LC_MESSAGES/django.mo +++ b/apps/locale/zh/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1efe7f07b0877357a42a7f93e075c152e2bd8ee7adc20bcab17427a86cce5ed3 -size 105644 +oid sha256:7ee69ce22224f6cae615752c034e495c29d93ed9dbe86767f044d5c0f663b8cc +size 105904 diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index 1cf1383be..24f5f8ee1 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2022-07-12 17:58+0800\n" +"POT-Creation-Date: 2022-07-13 16:25+0800\n" "PO-Revision-Date: 2021-05-20 10:54+0800\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -22,13 +22,13 @@ msgid "Acls" msgstr "访问控制" #: acls/models/base.py:25 acls/serializers/login_asset_acl.py:47 -#: applications/models/application.py:217 assets/models/asset.py:138 +#: applications/models/application.py:220 assets/models/asset.py:138 #: assets/models/base.py:175 assets/models/cluster.py:18 #: assets/models/cmd_filter.py:27 assets/models/domain.py:23 #: assets/models/group.py:20 assets/models/label.py:18 ops/mixin.py:24 #: orgs/models.py:65 perms/models/base.py:83 rbac/models/role.py:29 #: settings/models.py:29 settings/serializers/sms.py:6 -#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:82 +#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:88 #: terminal/models/storage.py:26 terminal/models/task.py:16 #: terminal/models/terminal.py:100 users/forms/profile.py:33 #: users/models/group.py:15 users/models/user.py:661 @@ -37,12 +37,12 @@ msgid "Name" msgstr "名称" #: acls/models/base.py:27 assets/models/cmd_filter.py:84 -#: assets/models/user.py:251 terminal/models/endpoint.py:85 +#: assets/models/user.py:251 terminal/models/endpoint.py:91 msgid "Priority" msgstr "优先级" #: acls/models/base.py:28 assets/models/cmd_filter.py:84 -#: assets/models/user.py:251 terminal/models/endpoint.py:86 +#: assets/models/user.py:251 terminal/models/endpoint.py:92 msgid "1-100, the lower the value will be match first" msgstr "优先级可选范围为 1-100 (数值越小越优先)" @@ -52,7 +52,7 @@ msgstr "优先级可选范围为 1-100 (数值越小越优先)" msgid "Active" msgstr "激活中" -#: acls/models/base.py:32 applications/models/application.py:230 +#: acls/models/base.py:32 applications/models/application.py:233 #: assets/models/asset.py:143 assets/models/asset.py:231 #: assets/models/backup.py:54 assets/models/base.py:180 #: assets/models/cluster.py:29 assets/models/cmd_filter.py:48 @@ -60,7 +60,7 @@ msgstr "激活中" #: assets/models/domain.py:65 assets/models/group.py:23 #: assets/models/label.py:23 ops/models/adhoc.py:38 orgs/models.py:68 #: perms/models/base.py:93 rbac/models/role.py:37 settings/models.py:34 -#: terminal/models/endpoint.py:21 terminal/models/endpoint.py:92 +#: terminal/models/endpoint.py:23 terminal/models/endpoint.py:98 #: terminal/models/storage.py:29 terminal/models/terminal.py:114 #: tickets/models/comment.py:32 tickets/models/ticket/general.py:288 #: users/models/group.py:16 users/models/user.py:698 @@ -156,7 +156,7 @@ msgstr "格式为逗号分隔的字符串, * 表示匹配所有. " #: acls/serializers/login_asset_acl.py:51 assets/models/base.py:176 #: assets/models/gathered_user.py:15 audits/models.py:121 #: authentication/forms.py:25 authentication/forms.py:27 -#: authentication/models.py:245 +#: authentication/models.py:253 #: authentication/templates/authentication/_msg_different_city.html:9 #: authentication/templates/authentication/_msg_oauth_bind.html:9 #: ops/models/adhoc.py:159 users/forms/profile.py:32 users/models/user.py:659 @@ -183,7 +183,7 @@ msgstr "" #: authentication/templates/authentication/_msg_oauth_bind.html:12 #: authentication/templates/authentication/_msg_rest_password_success.html:8 #: authentication/templates/authentication/_msg_rest_public_key_success.html:8 -#: settings/serializers/terminal.py:8 terminal/serializers/endpoint.py:42 +#: settings/serializers/terminal.py:8 terminal/serializers/endpoint.py:54 msgid "IP" msgstr "IP" @@ -236,7 +236,7 @@ msgstr "" msgid "Time Period" msgstr "时段" -#: applications/apps.py:9 applications/models/application.py:63 +#: applications/apps.py:9 applications/models/application.py:64 msgid "Applications" msgstr "应用管理" @@ -255,7 +255,11 @@ msgstr "远程应用" msgid "Custom" msgstr "自定义" -#: applications/models/account.py:12 applications/models/application.py:234 +#: applications/const.py:91 rbac/tree.py:29 +msgid "Other" +msgstr "其它" + +#: applications/models/account.py:12 applications/models/application.py:237 #: assets/models/backup.py:32 assets/models/cmd_filter.py:45 #: authentication/models.py:67 authentication/models.py:95 #: perms/models/application_permission.py:28 @@ -273,8 +277,9 @@ msgstr "应用程序" msgid "System user" msgstr "系统用户" -#: applications/models/account.py:17 assets/models/authbook.py:21 -#: settings/serializers/auth/cas.py:18 +#: applications/models/account.py:17 +#: applications/serializers/attrs/application_type/oracle.py:13 +#: assets/models/authbook.py:21 settings/serializers/auth/cas.py:18 msgid "Version" msgstr "版本" @@ -290,7 +295,7 @@ msgstr "可以查看应用账号密码" msgid "Can change application account secret" msgstr "可以查看应用账号密码" -#: applications/models/application.py:219 +#: applications/models/application.py:222 #: applications/serializers/application.py:99 assets/models/label.py:21 #: perms/models/application_permission.py:21 #: perms/serializers/application/user_permission.py:33 @@ -299,7 +304,7 @@ msgstr "可以查看应用账号密码" msgid "Category" msgstr "类别" -#: applications/models/application.py:222 +#: applications/models/application.py:225 #: applications/serializers/application.py:101 assets/models/backup.py:49 #: assets/models/cmd_filter.py:82 assets/models/user.py:250 #: authentication/models.py:70 perms/models/application_permission.py:24 @@ -313,21 +318,21 @@ msgstr "类别" msgid "Type" msgstr "类型" -#: applications/models/application.py:226 assets/models/asset.py:217 +#: applications/models/application.py:229 assets/models/asset.py:217 #: assets/models/domain.py:29 assets/models/domain.py:64 msgid "Domain" msgstr "网域" -#: applications/models/application.py:228 xpack/plugins/cloud/models.py:33 +#: applications/models/application.py:231 xpack/plugins/cloud/models.py:33 #: xpack/plugins/cloud/serializers/account.py:60 msgid "Attrs" msgstr "属性" -#: applications/models/application.py:238 +#: applications/models/application.py:241 msgid "Can match application" msgstr "匹配应用" -#: applications/models/application.py:305 +#: applications/models/application.py:320 msgid "Application user" msgstr "应用用户" @@ -392,7 +397,7 @@ msgstr "主机" #: applications/serializers/attrs/application_type/mongodb.py:10 #: applications/serializers/attrs/application_type/mysql.py:10 #: applications/serializers/attrs/application_type/mysql_workbench.py:22 -#: applications/serializers/attrs/application_type/oracle.py:10 +#: applications/serializers/attrs/application_type/oracle.py:16 #: applications/serializers/attrs/application_type/pgsql.py:10 #: applications/serializers/attrs/application_type/redis.py:10 #: applications/serializers/attrs/application_type/sqlserver.py:10 @@ -462,6 +467,10 @@ msgstr "Mysql 工作台 用户名" msgid "Mysql workbench password" msgstr "Mysql 工作台 密码" +#: applications/serializers/attrs/application_type/oracle.py:14 +msgid "Magnus currently supports only 11g and 12c connections" +msgstr "目前 Magnus 只支持连接 11g、12c 版本" + #: applications/serializers/attrs/application_type/vmware_client.py:26 msgid "Vmware username" msgstr "Vmware 用户名" @@ -763,7 +772,7 @@ msgstr "失败" msgid "Connectivity" msgstr "可连接性" -#: assets/models/base.py:40 authentication/models.py:248 +#: assets/models/base.py:40 authentication/models.py:256 msgid "Date verified" msgstr "校验日期" @@ -1604,7 +1613,7 @@ msgstr "飞书" msgid "DingTalk" msgstr "钉钉" -#: audits/signal_handlers.py:56 authentication/models.py:252 +#: audits/signal_handlers.py:56 authentication/models.py:260 msgid "Temporary token" msgstr "临时密码" @@ -2085,13 +2094,13 @@ msgstr "过期时间" msgid "SSO token" msgstr "SSO token" -#: authentication/models.py:72 authentication/models.py:246 +#: authentication/models.py:72 authentication/models.py:254 #: authentication/templates/authentication/_access_key_modal.html:31 #: settings/serializers/auth/radius.py:17 msgid "Secret" msgstr "密钥" -#: authentication/models.py:74 authentication/models.py:249 +#: authentication/models.py:74 authentication/models.py:257 #: perms/models/base.py:90 tickets/models/ticket/apply_application.py:26 #: tickets/models/ticket/apply_asset.py:24 users/models/user.py:703 msgid "Date expired" @@ -2109,47 +2118,47 @@ msgstr "连接令牌" msgid "Can view connection token secret" msgstr "可以查看连接令牌密文" -#: authentication/models.py:141 +#: authentication/models.py:149 msgid "Connection token expired at: {}" msgstr "连接令牌过期: {}" -#: authentication/models.py:146 +#: authentication/models.py:154 msgid "User not exists" msgstr "用户不存在" -#: authentication/models.py:150 +#: authentication/models.py:158 msgid "User invalid, disabled or expired" msgstr "用户无效,已禁用或已过期" -#: authentication/models.py:155 +#: authentication/models.py:163 msgid "System user not exists" msgstr "系统用户不存在" -#: authentication/models.py:161 +#: authentication/models.py:169 msgid "Asset not exists" msgstr "资产不存在" -#: authentication/models.py:165 +#: authentication/models.py:173 msgid "Asset inactive" msgstr "资产未激活" -#: authentication/models.py:172 +#: authentication/models.py:180 msgid "User has no permission to access asset or permission expired" msgstr "用户没有权限访问资产或权限已过期" -#: authentication/models.py:180 +#: authentication/models.py:188 msgid "Application not exists" msgstr "应用不存在" -#: authentication/models.py:187 +#: authentication/models.py:195 msgid "User has no permission to access application or permission expired" msgstr "用户没有权限访问应用或权限已过期" -#: authentication/models.py:247 +#: authentication/models.py:255 msgid "Verified" msgstr "已校验" -#: authentication/models.py:268 +#: authentication/models.py:276 msgid "Super connection token" msgstr "超级连接令牌" @@ -2166,7 +2175,11 @@ msgstr "绑定提醒" msgid "Validity" msgstr "有效" -#: authentication/serializers/connection_token.py:73 +#: authentication/serializers/connection_token.py:24 +msgid "Expired time" +msgstr "过期时间" + +#: authentication/serializers/connection_token.py:74 msgid "Asset or application required" msgstr "资产或应用必填" @@ -2969,7 +2982,7 @@ msgstr "组织存在资源 ({}) 不能被删除" msgid "App organizations" msgstr "组织管理" -#: orgs/mixins/models.py:46 orgs/mixins/serializers.py:25 orgs/models.py:80 +#: orgs/mixins/models.py:54 orgs/mixins/serializers.py:25 orgs/models.py:80 #: orgs/models.py:211 rbac/const.py:7 rbac/models/rolebinding.py:48 #: rbac/serializers/rolebinding.py:40 settings/serializers/auth/ldap.py:62 #: tickets/models/ticket/general.py:300 tickets/serializers/ticket/ticket.py:64 @@ -3333,10 +3346,6 @@ msgstr "审计台" msgid "System setting" msgstr "系统设置" -#: rbac/tree.py:29 -msgid "Other" -msgstr "其它" - #: rbac/tree.py:37 msgid "Accounts" msgstr "账号管理" @@ -4602,7 +4611,7 @@ msgstr "Jmservisor 是在 windows 远程应用发布服务器中用来拉起远 msgid "Offline video player" msgstr "离线录像播放器" -#: terminal/api/endpoint.py:26 +#: terminal/api/endpoint.py:33 msgid "Not found protocol query params" msgstr "" @@ -4775,18 +4784,26 @@ msgstr "PostgreSQL 端口" msgid "Redis Port" msgstr "Redis 端口" -#: terminal/models/endpoint.py:26 terminal/models/endpoint.py:90 -#: terminal/serializers/endpoint.py:45 terminal/serializers/storage.py:38 +#: terminal/models/endpoint.py:21 +msgid "Oracle 11g Port" +msgstr "Oracle 11g 端口" + +#: terminal/models/endpoint.py:22 +msgid "Oracle 12c Port" +msgstr "Oracle 12c 端口" + +#: terminal/models/endpoint.py:28 terminal/models/endpoint.py:96 +#: terminal/serializers/endpoint.py:57 terminal/serializers/storage.py:38 #: terminal/serializers/storage.py:50 terminal/serializers/storage.py:80 #: terminal/serializers/storage.py:90 terminal/serializers/storage.py:98 msgid "Endpoint" msgstr "端点" -#: terminal/models/endpoint.py:83 +#: terminal/models/endpoint.py:89 msgid "IP group" msgstr "IP 组" -#: terminal/models/endpoint.py:95 +#: terminal/models/endpoint.py:101 msgid "Endpoint rule" msgstr "端点规则" @@ -4967,7 +4984,11 @@ msgstr "级别" msgid "Batch danger command alert" msgstr "批量危险命令告警" -#: terminal/serializers/endpoint.py:39 +#: terminal/serializers/endpoint.py:12 +msgid "Oracle port" +msgstr "" + +#: terminal/serializers/endpoint.py:51 msgid "" "If asset IP addresses under different endpoints conflict, use asset labels" msgstr "如果不同端点下的资产 IP 有冲突,使用资产标签实现" @@ -6608,10 +6629,9 @@ msgid "" "all instances and randomly match IP addresses.
Format for comma-" "delimited string, Such as: 192.168.1.0/24, 10.1.1.1-10.1.1.20" msgstr "" -"只有匹配到 IP 段的实例会被同步。
" -"如果实例包含多个 IP 地址,那么第一个匹配到的 IP 地址将被用作创建的资产的 IP。
" -"默认值 * 表示同步所有实例和随机匹配 IP 地址。
" -"格式为以逗号分隔的字符串,例如:192.168.1.0/24,10.1.1.1-10.1.1.20" +"只有匹配到 IP 段的实例会被同步。
如果实例包含多个 IP 地址,那么第一个匹配" +"到的 IP 地址将被用作创建的资产的 IP。
默认值 * 表示同步所有实例和随机匹配 " +"IP 地址。
格式为以逗号分隔的字符串,例如:192.168.1.0/24,10.1.1.1-10.1.1.20" #: xpack/plugins/cloud/serializers/task.py:36 msgid "History count" diff --git a/apps/terminal/api/endpoint.py b/apps/terminal/api/endpoint.py index 5e4c7542d..7a9546c5e 100644 --- a/apps/terminal/api/endpoint.py +++ b/apps/terminal/api/endpoint.py @@ -1,6 +1,7 @@ from rest_framework.decorators import action from rest_framework.response import Response from rest_framework import status +from rest_framework.request import Request from common.drf.api import JMSBulkModelViewSet from django.utils.translation import ugettext_lazy as _ from django.shortcuts import get_object_or_404 @@ -18,39 +19,42 @@ __all__ = ['EndpointViewSet', 'EndpointRuleViewSet'] class SmartEndpointViewMixin: get_serializer: callable + request: Request + + # View 处理过程中用的属性 + target_instance: None + target_protocol: None @action(methods=['get'], detail=False, permission_classes=[IsValidUser], url_path='smart') def smart(self, request, *args, **kwargs): - protocol = request.GET.get('protocol') - if not protocol: + self.target_instance = self.get_target_instance() + self.target_protocol = self.get_target_protocol() + if not self.target_protocol: error = _('Not found protocol query params') return Response(data={'error': error}, status=status.HTTP_404_NOT_FOUND) - endpoint = self.match_endpoint(request, protocol) + endpoint = self.match_endpoint() serializer = self.get_serializer(endpoint) return Response(serializer.data) - def match_endpoint(self, request, protocol): - instance = self.get_target_instance(request) - endpoint = self.match_endpoint_by_label(instance, protocol) + def match_endpoint(self): + endpoint = self.match_endpoint_by_label() if not endpoint: - endpoint = self.match_endpoint_by_target_ip(request, instance, protocol) + endpoint = self.match_endpoint_by_target_ip() return endpoint - @staticmethod - def match_endpoint_by_label(instance, protocol): - return Endpoint.match_by_instance_label(instance, protocol) + def match_endpoint_by_label(self): + return Endpoint.match_by_instance_label(self.target_instance, self.target_protocol) - @staticmethod - def match_endpoint_by_target_ip(request, instance, protocol): + def match_endpoint_by_target_ip(self): # 用来方便测试 - target_ip = request.GET.get('target_ip', '') - if not target_ip and callable(getattr(instance, 'get_target_ip', None)): - target_ip = instance.get_target_ip() - endpoint = EndpointRule.match_endpoint(target_ip, protocol, request) + target_ip = self.request.GET.get('target_ip', '') + if not target_ip and callable(getattr(self.target_instance, 'get_target_ip', None)): + target_ip = self.target_instance.get_target_ip() + endpoint = EndpointRule.match_endpoint(target_ip, self.target_protocol, self.request) return endpoint - @staticmethod - def get_target_instance(request): + def get_target_instance(self): + request = self.request asset_id = request.GET.get('asset_id') app_id = request.GET.get('app_id') session_id = request.GET.get('session_id') @@ -77,6 +81,14 @@ class SmartEndpointViewMixin: instance = get_object_or_404(model, pk=pk) return instance + def get_target_protocol(self): + protocol = None + if isinstance(self.target_instance, Application) and self.target_instance.is_type(Application.APP_TYPE.oracle): + protocol = self.target_instance.get_target_protocol_for_oracle() + if not protocol: + protocol = self.request.GET.get('protocol') + return protocol + class EndpointViewSet(SmartEndpointViewMixin, JMSBulkModelViewSet): filterset_fields = ('name', 'host') diff --git a/apps/terminal/migrations/0052_auto_20220713_1417.py b/apps/terminal/migrations/0052_auto_20220713_1417.py new file mode 100644 index 000000000..87ad6ba6a --- /dev/null +++ b/apps/terminal/migrations/0052_auto_20220713_1417.py @@ -0,0 +1,25 @@ +# Generated by Django 3.2.12 on 2022-07-13 06:17 + +import common.db.fields +import django.core.validators +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('terminal', '0051_sessionsharing_users'), + ] + + operations = [ + migrations.AddField( + model_name='endpoint', + name='oracle_11g_port', + field=common.db.fields.PortField(default=15211, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(65535)], verbose_name='Oracle 11g Port'), + ), + migrations.AddField( + model_name='endpoint', + name='oracle_12c_port', + field=common.db.fields.PortField(default=15212, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(65535)], verbose_name='Oracle 12c Port'), + ), + ] diff --git a/apps/terminal/models/endpoint.py b/apps/terminal/models/endpoint.py index b03075abb..083b9c0a1 100644 --- a/apps/terminal/models/endpoint.py +++ b/apps/terminal/models/endpoint.py @@ -18,6 +18,8 @@ class Endpoint(JMSModel): mariadb_port = PortField(default=33061, verbose_name=_('MariaDB Port')) postgresql_port = PortField(default=54320, verbose_name=_('PostgreSQL Port')) redis_port = PortField(default=63790, verbose_name=_('Redis Port')) + oracle_11g_port = PortField(default=15211, verbose_name=_('Oracle 11g Port')) + oracle_12c_port = PortField(default=15212, verbose_name=_('Oracle 12c Port')) comment = models.TextField(default='', blank=True, verbose_name=_('Comment')) default_id = '00000000-0000-0000-0000-000000000001' @@ -32,6 +34,10 @@ class Endpoint(JMSModel): def get_port(self, protocol): return getattr(self, f'{protocol}_port', 0) + def get_oracle_port(self, version): + protocol = f'oracle_{version}' + return self.get_port(protocol) + def is_default(self): return str(self.id) == self.default_id diff --git a/apps/terminal/serializers/endpoint.py b/apps/terminal/serializers/endpoint.py index fa3e71c35..3d8e858ac 100644 --- a/apps/terminal/serializers/endpoint.py +++ b/apps/terminal/serializers/endpoint.py @@ -8,6 +8,8 @@ __all__ = ['EndpointSerializer', 'EndpointRuleSerializer'] class EndpointSerializer(BulkModelSerializer): + # 解决 luna 处理繁琐的问题,oracle_port 返回匹配到的端口 + oracle_port = serializers.SerializerMethodField(label=_('Oracle port')) class Meta: model = Endpoint @@ -17,6 +19,8 @@ class EndpointSerializer(BulkModelSerializer): 'https_port', 'http_port', 'ssh_port', 'rdp_port', 'mysql_port', 'mariadb_port', 'postgresql_port', 'redis_port', + 'oracle_11g_port', 'oracle_12c_port', + 'oracle_port', ] fields = fields_mini + fields_small + [ 'comment', 'date_created', 'date_updated', 'created_by' @@ -30,8 +34,16 @@ class EndpointSerializer(BulkModelSerializer): 'mariadb_port': {'default': 33061}, 'postgresql_port': {'default': 54320}, 'redis_port': {'default': 63790}, + 'oracle_11g_port': {'default': 15211}, + 'oracle_12c_port': {'default': 15212}, } + def get_oracle_port(self, obj: Endpoint): + view = self.context.get('view') + if not view or view.action not in ['smart']: + return 0 + return obj.get_port(view.target_protocol) + class EndpointRuleSerializer(BulkModelSerializer): _ip_group_help_text = '{}
{}'.format(