perf: update account risk

3 weeks ago · d3804156c8
parent 0b9887d18f
commit d3804156c8
5 changed files with 79 additions and 16 deletions
--- a/apps/accounts/const/account.py
+++ b/apps/accounts/const/account.py
@ -24,7 +24,7 @@ class AliasAccount(TextChoices):

 class Source(TextChoices):
    LOCAL = 'local', _('Local')
-    COLLECTED = 'collected', _('Collected')
+    DISCOVERY = 'collected', _('Discovery')
    TEMPLATE = 'template', _('Template')


--- a/apps/accounts/migrations/0008_remove_accountrisk_confirmed_accountrisk_status_and_more.py
+++ b/apps/accounts/migrations/0008_remove_accountrisk_confirmed_accountrisk_status_and_more.py
@ -0,0 +1,50 @@
+# Generated by Django 4.1.13 on 2024-11-06 08:17
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("accounts", "0007_alter_accountrisk_risk"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="accountrisk",
+            name="confirmed",
+        ),
+        migrations.AddField(
+            model_name="accountrisk",
+            name="status",
+            field=models.CharField(
+                blank=True,
+                choices=[("confirmed", "Confirmed"), ("ignored", "Ignored")],
+                default="",
+                max_length=32,
+                verbose_name="Status",
+            ),
+        ),
+        migrations.AlterField(
+            model_name="accountrisk",
+            name="risk",
+            field=models.CharField(
+                choices=[
+                    ("zombie", "Long time no login"),
+                    ("ghost", "Not managed"),
+                    ("long_time_password", "Long time no change"),
+                    ("weak_password", "Weak password"),
+                    ("password_error", "Password error"),
+                    ("password_expired", "Password expired"),
+                    ("group_changed", "Group change"),
+                    ("sudo_changed", "Sudo changed"),
+                    ("authorized_keys_changed", "Authorized keys changed"),
+                    ("account_deleted", "Account delete"),
+                    ("no_admin_account", "No admin account"),
+                    ("others", "Others"),
+                ],
+                max_length=128,
+                verbose_name="Risk",
+            ),
+        ),
+    ]
--- a/apps/accounts/models/automations/check_account.py
+++ b/apps/accounts/models/automations/check_account.py
@ -4,7 +4,7 @@ from django.db import models
 from django.db.models import TextChoices
 from django.utils.translation import gettext_lazy as _

-from common.const import Trigger
+from common.const import Trigger, ConfirmOrIgnore
 from orgs.mixins.models import JMSOrgBaseModel
 from .base import AccountBaseAutomation
 from ...const import AutomationTypes
@ -37,24 +37,25 @@ class AccountCheckAutomation(AccountBaseAutomation):


 class RiskChoice(TextChoices):
-    zombie = 'zombie', _('Long time no login')  # 好久没登录的账号
-    ghost = 'ghost', _('Not managed')  # 未被纳管的账号
-    long_time_password = 'long_time_password', _('Long time no change')
-    weak_password = 'weak_password', _('Weak password')
-    password_error = 'password_error', _('Password error')
-    password_expired = 'password_expired', _('Password expired')
-    group_changed = 'group_changed', _('Group change')
-    sudo_changed = 'sudo_changed', _('Sudo changed')
-    account_deleted = 'account_deleted', _('Account delete')
-    no_admin_account = 'no_admin_account', _('No admin account')  # 为什么不叫 No privileged 呢，是因为有 privileged，但是不可用
-    other = 'others', _('Others')
+    zombie = 'zombie', _('Long time no login')  # 好久没登录的账号, 禁用、删除
+    ghost = 'ghost', _('Not managed')  # 未被纳管的账号, 纳管, 删除, 禁用
+    long_time_password = 'long_time_password', _('Long time no change')  # 好久没改密码的账号, 改密码
+    weak_password = 'weak_password', _('Weak password')  # 弱密码, 改密
+    password_error = 'password_error', _('Password error')  # 密码错误, 修改账号
+    password_expired = 'password_expired', _('Password expired')  # 密码过期, 修改密码
+    group_changed = 'group_changed', _('Group change')  # 组变更, 确认
+    sudo_changed = 'sudo_changed', _('Sudo changed')  # sudo 变更, 确认
+    authorized_keys_changed = 'authorized_keys_changed', _('Authorized keys changed')  # authorized_keys 变更, 确认
+    account_deleted = 'account_deleted', _('Account delete')  # 账号被删除, 确认
+    no_admin_account = 'no_admin_account', _('No admin account')  # 无管理员账号, 设置账号
+    others = 'others', _('Others')  # 其他风险, 确认


 class AccountRisk(JMSOrgBaseModel):
    asset = models.ForeignKey('assets.Asset', on_delete=models.CASCADE, related_name='risks', verbose_name=_('Asset'))
    username = models.CharField(max_length=32, verbose_name=_('Username'))
    risk = models.CharField(max_length=128, verbose_name=_('Risk'), choices=RiskChoice.choices)
-    confirmed = models.BooleanField(default=False, verbose_name=_('Confirmed'))
+    status = models.CharField(max_length=32, choices=ConfirmOrIgnore.choices, default='', blank=True, verbose_name=_('Status'))

    class Meta:
        verbose_name = _('Account risk')
@ -62,6 +63,18 @@ class AccountRisk(JMSOrgBaseModel):
    def __str__(self):
        return f"{self.username}@{self.asset} - {self.risk}"

+    def disable_account(self):
+        pass
+
+    def remove_account(self):
+        pass
+
+    def change_password(self):
+        pass
+
+    def handle_risk(self):
+        pass
+
    @classmethod
    def gen_fake_data(cls, count=1000, batch_size=50):
        from assets.models import Asset
--- a/apps/accounts/models/automations/gather_account.py
+++ b/apps/accounts/models/automations/gather_account.py
@ -58,7 +58,7 @@ class GatheredAccount(JMSOrgBaseModel):
        username = gathered_account.username
        account = Account(
            asset_id=asset_id, username=username,
-            name=username, source=Source.COLLECTED,
+            name=username, source=Source.DISCOVERY,
            date_last_login=gathered_account.date_last_login,
        )
        account_objs.append(account)
--- a/apps/accounts/serializers/automations/check_accounts.py
+++ b/apps/accounts/serializers/automations/check_accounts.py
@ -27,7 +27,7 @@ class AccountRiskSerializer(serializers.ModelSerializer):
    class Meta:
        model = AccountRisk
        fields = [
-            'id', 'asset', 'username', 'risk', 'confirmed',
+            'id', 'asset', 'username', 'risk', 'status',
            'date_created'
        ]