perf: update account risk

apps/accounts/const/account.py

@@ -24,7 +24,7 @@ class AliasAccount(TextChoices):
 
 class Source(TextChoices):
     LOCAL = 'local', _('Local')
-    COLLECTED = 'collected', _('Collected')
+    DISCOVERY = 'collected', _('Discovery')
     TEMPLATE = 'template', _('Template')
 
 

apps/accounts/migrations/0008_remove_accountrisk_confirmed_accountrisk_status_and_more.py

@@ -0,0 +1,50 @@
+# Generated by Django 4.1.13 on 2024-11-06 08:17
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("accounts", "0007_alter_accountrisk_risk"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="accountrisk",
+            name="confirmed",
+        ),
+        migrations.AddField(
+            model_name="accountrisk",
+            name="status",
+            field=models.CharField(
+                blank=True,
+                choices=[("confirmed", "Confirmed"), ("ignored", "Ignored")],
+                default="",
+                max_length=32,
+                verbose_name="Status",
+            ),
+        ),
+        migrations.AlterField(
+            model_name="accountrisk",
+            name="risk",
+            field=models.CharField(
+                choices=[
+                    ("zombie", "Long time no login"),
+                    ("ghost", "Not managed"),
+                    ("long_time_password", "Long time no change"),
+                    ("weak_password", "Weak password"),
+                    ("password_error", "Password error"),
+                    ("password_expired", "Password expired"),
+                    ("group_changed", "Group change"),
+                    ("sudo_changed", "Sudo changed"),
+                    ("authorized_keys_changed", "Authorized keys changed"),
+                    ("account_deleted", "Account delete"),
+                    ("no_admin_account", "No admin account"),
+                    ("others", "Others"),
+                ],
+                max_length=128,
+                verbose_name="Risk",
+            ),
+        ),
+    ]

apps/accounts/models/automations/check_account.py

@@ -4,7 +4,7 @@ from django.db import models
 from django.db.models import TextChoices
 from django.utils.translation import gettext_lazy as _
 
-from common.const import Trigger
+from common.const import Trigger, ConfirmOrIgnore
 from orgs.mixins.models import JMSOrgBaseModel
 from .base import AccountBaseAutomation
 from ...const import AutomationTypes
@@ -37,24 +37,25 @@ class AccountCheckAutomation(AccountBaseAutomation):
 
 
 class RiskChoice(TextChoices):
-    zombie = 'zombie', _('Long time no login')  # 好久没登录的账号
+    zombie = 'zombie', _('Long time no login')  # 好久没登录的账号, 禁用、删除
-    ghost = 'ghost', _('Not managed')  # 未被纳管的账号
+    ghost = 'ghost', _('Not managed')  # 未被纳管的账号, 纳管, 删除, 禁用
-    long_time_password = 'long_time_password', _('Long time no change')
+    long_time_password = 'long_time_password', _('Long time no change')  # 好久没改密码的账号, 改密码
-    weak_password = 'weak_password', _('Weak password')
+    weak_password = 'weak_password', _('Weak password')  # 弱密码, 改密
-    password_error = 'password_error', _('Password error')
+    password_error = 'password_error', _('Password error')  # 密码错误, 修改账号
-    password_expired = 'password_expired', _('Password expired')
+    password_expired = 'password_expired', _('Password expired')  # 密码过期, 修改密码
-    group_changed = 'group_changed', _('Group change')
+    group_changed = 'group_changed', _('Group change')  # 组变更, 确认
-    sudo_changed = 'sudo_changed', _('Sudo changed')
+    sudo_changed = 'sudo_changed', _('Sudo changed')  # sudo 变更, 确认
-    account_deleted = 'account_deleted', _('Account delete')
+    authorized_keys_changed = 'authorized_keys_changed', _('Authorized keys changed')  # authorized_keys 变更, 确认
-    no_admin_account = 'no_admin_account', _('No admin account')  # 为什么不叫 No privileged 呢，是因为有 privileged，但是不可用
+    account_deleted = 'account_deleted', _('Account delete')  # 账号被删除, 确认
-    other = 'others', _('Others')
+    no_admin_account = 'no_admin_account', _('No admin account')  # 无管理员账号, 设置账号
+    others = 'others', _('Others')  # 其他风险, 确认
 
 
 class AccountRisk(JMSOrgBaseModel):
     asset = models.ForeignKey('assets.Asset', on_delete=models.CASCADE, related_name='risks', verbose_name=_('Asset'))
     username = models.CharField(max_length=32, verbose_name=_('Username'))
     risk = models.CharField(max_length=128, verbose_name=_('Risk'), choices=RiskChoice.choices)
-    confirmed = models.BooleanField(default=False, verbose_name=_('Confirmed'))
+    status = models.CharField(max_length=32, choices=ConfirmOrIgnore.choices, default='', blank=True, verbose_name=_('Status'))
 
     class Meta:
         verbose_name = _('Account risk')
@@ -62,6 +63,18 @@ class AccountRisk(JMSOrgBaseModel):
     def __str__(self):
         return f"{self.username}@{self.asset} - {self.risk}"
 
+    def disable_account(self):
+        pass
+
+    def remove_account(self):
+        pass
+
+    def change_password(self):
+        pass
+
+    def handle_risk(self):
+        pass
+
     @classmethod
     def gen_fake_data(cls, count=1000, batch_size=50):
         from assets.models import Asset

apps/accounts/models/automations/gather_account.py

@@ -58,7 +58,7 @@ class GatheredAccount(JMSOrgBaseModel):
         username = gathered_account.username
         account = Account(
             asset_id=asset_id, username=username,
-            name=username, source=Source.COLLECTED,
+            name=username, source=Source.DISCOVERY,
             date_last_login=gathered_account.date_last_login,
         )
         account_objs.append(account)

apps/accounts/serializers/automations/check_accounts.py

@@ -27,7 +27,7 @@ class AccountRiskSerializer(serializers.ModelSerializer):
     class Meta:
         model = AccountRisk
         fields = [
-            'id', 'asset', 'username', 'risk', 'confirmed',
+            'id', 'asset', 'username', 'risk', 'status',
             'date_created'
         ]