Merge branch 'v3' of github.com:jumpserver/jumpserver into v3

2022-11-30 17:11:43 +08:00 · 2022-11-30 17:11:43 +08:00 · d524e9885d
parent 2dea891b15 6bb706efcf
commit d524e9885d
6 changed files with 64 additions and 14 deletions
--- a/.github/workflows/jms-build-test.yml
+++ b/.github/workflows/jms-build-test.yml
@ -0,0 +1,32 @@
+name: "Run Build Test"
+on:
+  push:
+    branches:
+      - pr@*
+      - repr@*
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+
+    - uses: docker/setup-qemu-action@v2
+
+    - uses: docker/setup-buildx-action@v2
+
+    - uses: docker/build-push-action@v3
+      with:
+        context: .
+        push: false
+        tags: jumpserver/core:test
+        file: Dockerfile
+        cache-from: type=gha
+        cache-to: type=gha,mode=max
+
+    - uses: LouisBrunner/checks-action@v1.5.0
+      if: always()
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+        name: Check Build
+        conclusion: ${{ job.status }}
--- a/apps/authentication/models/connection_token.py
+++ b/apps/authentication/models/connection_token.py
@ -128,16 +128,18 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
        if self.account_name == '@INPUT' or not account:
            return {
                'name': self.account_name,
-                'username': self.username,
+                'username': self.input_username,
                'secret_type': 'password',
-                'secret': self.secret
+                'secret': self.input_secret,
+                'su_from': None
            }
        else:
            return {
                'name': account.name,
                'username': account.username,
                'secret_type': account.secret_type,
-                'secret': account.secret or self.secret
+                'secret': account.secret or self.input_secret,
+                'su_from': account.su_from,
            }

    @lazyproperty
--- a/apps/authentication/serializers/connection_token.py
+++ b/apps/authentication/serializers/connection_token.py
@ -93,13 +93,22 @@ class ConnectionTokenAssetSerializer(serializers.ModelSerializer):
                  'org_id', 'specific']


-class ConnectionTokenAccountSerializer(serializers.ModelSerializer):
+class SimpleAccountSerializer(serializers.ModelSerializer):
    """ Account """

+    class Meta:
+        model = Account
+        fields = ['name', 'username', 'secret_type', 'secret']
+
+
+class ConnectionTokenAccountSerializer(serializers.ModelSerializer):
+    """ Account """
+    su_from = SimpleAccountSerializer(required=False, label=_('Su from'))
+
    class Meta:
        model = Account
        fields = [
-            'name', 'username', 'secret_type', 'secret',
+            'name', 'username', 'secret_type', 'secret', 'su_from',
        ]


@ -139,9 +148,9 @@ class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
    expire_now = serializers.BooleanField(label=_('Expired now'), default=True)
    user = ConnectionTokenUserSerializer(read_only=True)
    asset = ConnectionTokenAssetSerializer(read_only=True)
-    platform = ConnectionTokenPlatform(read_only=True)
    account = ConnectionTokenAccountSerializer(read_only=True)
    gateway = ConnectionTokenGatewaySerializer(read_only=True)
+    platform = ConnectionTokenPlatform(read_only=True)
    # cmd_filter_rules = ConnectionTokenCmdFilterRuleSerializer(many=True)
    actions = ActionChoicesField()
    expire_at = serializers.IntegerField()
@ -149,7 +158,7 @@ class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
    class Meta:
        model = ConnectionToken
        fields = [
-            'id', 'value', 'user', 'asset', 'platform', 'account',
+            'id', 'value', 'user', 'asset', 'account', 'platform',
            'protocol', 'gateway', 'actions', 'expire_at', 'expire_now',
        ]
        extra_kwargs = {
--- a/apps/ops/models/job.py
+++ b/apps/ops/models/job.py
@ -113,6 +113,13 @@ class JobExecution(JMSOrgBaseModel):
    def job_type(self):
        return self.job.type

+    def compile_shell(self):
+        if self.job.type != 'adhoc':
+            return
+        result = "{}{}{} ".format('\'', self.job.args, '\'')
+        result += "chdir={}".format(self.job.chdir)
+        return result
+
    def get_runner(self):
        inv = self.job.inventory
        inv.write_to_file(self.inventory_path)
@ -122,8 +129,9 @@ class JobExecution(JMSOrgBaseModel):
            extra_vars = {}

        if self.job.type == 'adhoc':
+            args = self.compile_shell()
            runner = AdHocRunner(
-                self.inventory_path, self.job.module, module_args=self.job.args,
+                self.inventory_path, self.job.module, module_args=args,
                pattern="all", project_dir=self.private_dir, extra_vars=extra_vars,
            )
        elif self.job.type == 'playbook':
--- a/apps/ops/serializers/adhoc.py
+++ b/apps/ops/serializers/adhoc.py
@ -1,8 +1,6 @@
 # ~*~ coding: utf-8 ~*~
 from __future__ import unicode_literals

-import datetime
-
 from rest_framework import serializers

 from common.drf.fields import ReadableHiddenField
@ -17,5 +15,5 @@ class AdHocSerializer(BulkOrgResourceModelSerializer, serializers.ModelSerialize

    class Meta:
        model = AdHoc
-        fields = ["id", "name", "module", "row_count", "size", "args", "creator", "comment", "date_created",
-                  "date_updated"]
+        read_only_field = ["id", "row_count", "size", "creator", "date_created", "date_updated"]
+        fields = read_only_field + ["id", "name", "module", "args", "comment"]
--- a/apps/ops/serializers/playbook.py
+++ b/apps/ops/serializers/playbook.py
@ -24,6 +24,7 @@ class PlaybookSerializer(BulkOrgResourceModelSerializer, serializers.ModelSerial

    class Meta:
        model = Playbook
-        fields = [
-            "id", "name", "path", "comment", "date_created", "creator", "date_updated"
+        read_only_fields = ["id", "date_created", "date_updated"]
+        fields = read_only_fields + [
+            "id", "name", "comment", "creator",
        ]