github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: 修改 risk check

pull/14806/head^2
ibuler 2025-01-13 17:27:19 +08:00
parent 39f266eb71
commit cf8c4ea050
4 changed files with 48 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/accounts/automations/check_account/manager.py
View File

@ -189,12 +189,12 @@ class CheckAccountManager(BaseManager):
ori_risk_map = {} ori_risk_map = {}
for risk in account_risks: for risk in account_risks:
key = f'{risk.asset_id}_{risk.username}_{risk.risk}' key = f'{risk.account_id}_{risk.risk}'
ori_risk_map[key] = risk ori_risk_map[key] = risk
now = timezone.now().isoformat() now = timezone.now().isoformat()
for d in self.batch_risks: for d in self.batch_risks:
key = f'{d["account"].asset_id}_{d["account"].username}_{d["risk"]}' key = f'{d["account"].id}_{d["risk"]}'
origin_risk = ori_risk_map.get(key) origin_risk = ori_risk_map.get(key)
if origin_risk and origin_risk.status != ConfirmOrIgnore.pending: if origin_risk and origin_risk.status != ConfirmOrIgnore.pending:
@ -209,6 +209,7 @@ class CheckAccountManager(BaseManager):
update_risk(origin_risk) update_risk(origin_risk)
else: else:
create_risk({ create_risk({
"account": d["account"],
"asset": d["account"].asset, "asset": d["account"].asset,
"username": d["account"].username, "username": d["account"].username,
"risk": d["risk"], "risk": d["risk"],

24
apps/accounts/automations/gather_account/manager.py
View File

@ -83,8 +83,8 @@ class AnalyseAccountRisk:
self.now = timezone.now() self.now = timezone.now()
self.pending_add_risks = [] self.pending_add_risks = []
def _analyse_item_changed(self, ori_account, d): def _analyse_item_changed(self, ori_ga, d):
diff = get_items_diff(ori_account, d) diff = get_items_diff(ori_ga, d)
if not diff: if not diff:
return return
@ -94,8 +94,9 @@ class AnalyseAccountRisk:
continue continue
risks.append( risks.append(
dict( dict(
asset_id=str(ori_account.asset_id), asset_id=str(ori_ga.asset_id),
username=ori_account.username, username=ori_ga.username,
gathered_account=ori_ga,
risk=k + "_changed", risk=k + "_changed",
detail={"diff": v}, detail={"diff": v},
) )
@ -153,13 +154,13 @@ class AnalyseAccountRisk:
def _update_risk(self, account): def _update_risk(self, account):
return account return account
def analyse_risk(self, asset, ori_account, d, sys_found): def analyse_risk(self, asset, ga, d, sys_found):
if not self.check_risk: if not self.check_risk:
return return
basic = {"asset": asset, "username": d["username"]} basic = {"asset": asset, "username": d["username"], 'gathered_account': ga.id}
if ori_account: if ga:
self._analyse_item_changed(ori_account, d) self._analyse_item_changed(ga, d)
elif not sys_found: elif not sys_found:
self._create_risk( self._create_risk(
dict( dict(
@ -168,7 +169,7 @@ class AnalyseAccountRisk:
details=[{"datetime": self.now.isoformat()}], details=[{"datetime": self.now.isoformat()}],
) )
) )
self._analyse_datetime_changed(ori_account, d, asset, d["username"]) self._analyse_datetime_changed(ga, d, asset, d["username"])
class GatherAccountsManager(AccountBasePlaybookManager): class GatherAccountsManager(AccountBasePlaybookManager):
@ -363,11 +364,12 @@ class GatherAccountsManager(AccountBasePlaybookManager):
"{}_{}".format(asset.id, username) "{}_{}".format(asset.id, username)
) )
if not ori_account: if not ori_account:
self.create_gathered_account(d) ga = self.create_gathered_account(d)
else: else:
ga = ori_account
self.update_gathered_account(ori_account, d) self.update_gathered_account(ori_account, d)
ori_found = username in ori_users ori_found = username in ori_users
risk_analyser.analyse_risk(asset, ori_account, d, ori_found) risk_analyser.analyse_risk(asset, ga, d, ori_found)
self.create_gathered_account.finish() self.create_gathered_account.finish()
self.update_gathered_account.finish() self.update_gathered_account.finish()

24
apps/accounts/migrations/0027_accountrisk_gathered_account.py Normal file
View File

@ -0,0 +1,24 @@
# Generated by Django 4.1.13 on 2025-01-13 07:36
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
("accounts", "0026_accountrisk_account"),
]
operations = [
migrations.AddField(
model_name="accountrisk",
name="gathered_account",
field=models.ForeignKey(
null=True,
on_delete=django.db.models.deletion.CASCADE,
related_name="risks",
to="accounts.gatheredaccount",
),
),
]

10
apps/accounts/models/automations/check_account.py
View File

@ -60,8 +60,14 @@ class RiskChoice(TextChoices):
class AccountRisk(JMSOrgBaseModel): class AccountRisk(JMSOrgBaseModel):
asset = models.ForeignKey('assets.Asset', on_delete=models.CASCADE, related_name='risks', verbose_name=_('Asset')) asset = models.ForeignKey('assets.Asset', on_delete=models.CASCADE, related_name='risks', verbose_name=_('Asset'))
username = models.CharField(max_length=32, verbose_name=_('Username')) username = models.CharField(max_length=32, verbose_name=_('Username'))
account = models.ForeignKey('accounts.Account', on_delete=models.CASCADE, related_name='risks', account = models.ForeignKey(
verbose_name=_('Account'), null=True) 'accounts.Account', on_delete=models.CASCADE, related_name='risks',
verbose_name=_('Account'), null=True
)
gathered_account = models.ForeignKey(
'accounts.GatheredAccount', on_delete=models.CASCADE,
related_name='risks', null=True
)
risk = models.CharField(max_length=128, verbose_name=_('Risk'), choices=RiskChoice.choices) risk = models.CharField(max_length=128, verbose_name=_('Risk'), choices=RiskChoice.choices)
status = models.CharField(max_length=32, choices=ConfirmOrIgnore.choices, default=ConfirmOrIgnore.pending, status = models.CharField(max_length=32, choices=ConfirmOrIgnore.choices, default=ConfirmOrIgnore.pending,
blank=True, verbose_name=_('Status')) blank=True, verbose_name=_('Status'))