Merge pull request #1599 from jumpserver/dev

Dev
2018-07-26 21:45:32 -05:00 · 2018-07-26 21:45:32 -05:00 · dded4e10fb
parent 16b23a37fe 8386f107c6
commit dded4e10fb
12 changed files with 59 additions and 12 deletions
--- a/apps/assets/forms/asset.py
+++ b/apps/assets/forms/asset.py
@ -45,7 +45,7 @@ class AssetCreateForm(forms.ModelForm):
                'root or other NOPASSWD sudo privilege user existed in asset,'
                'If asset is windows or other set any one, more see admin user left menu'
            ),
-            'platform': _("* required Must set exact system platform, Windows, Linux ..."),
+            # 'platform': _("* required Must set exact system platform, Windows, Linux ..."),
            'domain': _("If your have some network not connect with each other, you can set domain")
        }

@ -85,7 +85,7 @@ class AssetUpdateForm(forms.ModelForm):
                'root or other NOPASSWD sudo privilege user existed in asset,'
                'If asset is windows or other set any one, more see admin user left menu'
            ),
-            'platform': _("* required Must set exact system platform, Windows, Linux ..."),
+            # 'platform': _("* required Must set exact system platform, Windows, Linux ..."),
            'domain': _("If your have some network not connect with each other, you can set domain")
        }

--- a/apps/assets/models/domain.py
+++ b/apps/assets/models/domain.py
@ -43,7 +43,7 @@ class Gateway(AssetUser):
    ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'), db_index=True)
    port = models.IntegerField(default=22, verbose_name=_('Port'))
    protocol = models.CharField(choices=PROTOCOL_CHOICES, max_length=16, default=SSH_PROTOCOL, verbose_name=_("Protocol"))
-    domain = models.ForeignKey(Domain, verbose_name=_("Domain"))
+    domain = models.ForeignKey(Domain, verbose_name=_("Domain"), on_delete=models.CASCADE)
    comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=_("Comment"))
    is_active = models.BooleanField(default=True, verbose_name=_("Is active"))

--- a/apps/assets/models/user.py
+++ b/apps/assets/models/user.py
@ -118,6 +118,8 @@ class SystemUser(AssetUser):
    shell = models.CharField(max_length=64,  default='/bin/bash', verbose_name=_('Shell'))
    login_mode = models.CharField(choices=LOGIN_MODE_CHOICES, default=AUTO_LOGIN, max_length=10, verbose_name=_('Login mode'))

+    cache_key = "__SYSTEM_USER_CACHED_{}"
+
    def __str__(self):
        return '{0.name}({0.username})'.format(self)

@ -154,6 +156,24 @@ class SystemUser(AssetUser):
        else:
            return False

+    def set_cache(self):
+        cache.set(self.cache_key.format(self.id), self, 3600)
+
+    def expire_cache(self):
+        cache.delete(self.cache_key.format(self.id))
+
+    @classmethod
+    def get_system_user_by_id_or_cached(cls, sid):
+        cached = cache.get(cls.cache_key.format(sid))
+        if cached:
+            return cached
+        try:
+            system_user = cls.objects.get(id=sid)
+            system_user.set_cache()
+            return system_user
+        except cls.DoesNotExist:
+            return None
+
    class Meta:
        ordering = ['name']
        verbose_name = _("System user")
--- a/apps/assets/templates/assets/asset_create.html
+++ b/apps/assets/templates/assets/asset_create.html
@ -15,10 +15,10 @@
    {% csrf_token %}
    <h3>{% trans 'Basic' %}</h3>
    {% bootstrap_field form.hostname layout="horizontal" %}
-    {% bootstrap_field form.platform layout="horizontal" %}
    {% bootstrap_field form.ip layout="horizontal" %}
    {% bootstrap_field form.protocol layout="horizontal" %}
    {% bootstrap_field form.port layout="horizontal" %}
+    {% bootstrap_field form.platform layout="horizontal" %}
    {% bootstrap_field form.public_ip layout="horizontal" %}
    {% bootstrap_field form.domain layout="horizontal" %}

--- a/apps/common/forms.py
+++ b/apps/common/forms.py
@ -181,7 +181,7 @@ class SecuritySettingForm(BaseForm):
    )
    # limit login count
    SECURITY_LOGIN_LIMIT_COUNT = forms.IntegerField(
-        initial=3, min_value=3,
+        initial=7, min_value=3,
        label=_("Limit the number of login failures")
    )
    # limit login time
--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@ -406,7 +406,7 @@ TERMINAL_REPLAY_STORAGE = {


 DEFAULT_PASSWORD_MIN_LENGTH = 6
-DEFAULT_LOGIN_LIMIT_COUNT = 3
+DEFAULT_LOGIN_LIMIT_COUNT = 7
 DEFAULT_LOGIN_LIMIT_TIME = 30

 # Django bootstrap3 setting, more see http://django-bootstrap3.readthedocs.io/en/latest/settings.html
--- a/apps/terminal/api.py
+++ b/apps/terminal/api.py
@ -4,7 +4,6 @@ from collections import OrderedDict
 import logging
 import os
 import uuid
-import copy

 from django.core.cache import cache
 from django.shortcuts import get_object_or_404, redirect
@ -16,12 +15,13 @@ from django.conf import settings

 import jms_storage

-from rest_framework import viewsets, serializers
+from rest_framework import viewsets
 from rest_framework.views import APIView, Response
 from rest_framework.permissions import AllowAny
 from rest_framework_bulk import BulkModelViewSet

-from common.utils import get_object_or_none
+from common.utils import get_object_or_none, is_uuid
+from .hands import SystemUser
 from .models import Terminal, Status, Session, Task
 from .serializers import TerminalSerializer, StatusSerializer, \
    SessionSerializer, TaskSerializer, ReplaySerializer
@ -187,8 +187,13 @@ class SessionViewSet(viewsets.ModelViewSet):
        return self.queryset

    def perform_create(self, serializer):
-        if self.request.user.terminal:
+        if hasattr(self.request.user, 'terminal'):
            serializer.validated_data["terminal"] = self.request.user.terminal
+        sid = serializer.validated_data["system_user"]
+        if is_uuid(sid):
+            _system_user = SystemUser.get_system_user_by_id_or_cached(sid)
+            if _system_user:
+                serializer.validated_data["system_user"] = _system_user.name
        return super().perform_create(serializer)


--- a/apps/terminal/hands.py
+++ b/apps/terminal/hands.py
@ -4,4 +4,5 @@
 from users.models import User
 from users.permissions import IsSuperUserOrAppUser, IsAppUser, \
    IsSuperUserOrAppUserOrUserReadonly
-from users.utils import AdminUserRequiredMixin
+from users.utils import AdminUserRequiredMixin
+from assets.models import SystemUser
--- a/apps/terminal/templates/terminal/session_list.html
+++ b/apps/terminal/templates/terminal/session_list.html
@ -58,7 +58,7 @@
        <div class="input-group">
            <div class="input-group-btn">
                <button id='search_btn' type="submit" class="btn btn-sm btn-primary">
-                    搜索
+                    {% trans 'Search' %}
                </button>
            </div>
        </div>
--- a/apps/terminal/templatetags/terminal_tags.py
+++ b/apps/terminal/templatetags/terminal_tags.py
@ -1,6 +1,7 @@
 # ~*~ coding: utf-8 ~*~

 from django import template
+
 from ..backends import get_multi_command_storage

 register = template.Library()
@ -10,3 +11,4 @@ command_store = get_multi_command_storage()
@register.filter
 def get_session_command_amount(session_id):
    return command_store.count(session=session_id)
+
--- a/utils/2018_07_15_set_win_protocol_to_ssh.sh
+++ b/utils/2018_07_15_set_win_protocol_to_ssh.sh
@ -0,0 +1,9 @@
+#!/bin/bash
+#
+
+python ../apps/manage.py shell << EOF
+from assets.models import Asset
+
+Asset.objects.filter(platform__startswith='Win').update(protocol='rdp')
+
+EOF
--- a/utils/unblock_all_user.sh
+++ b/utils/unblock_all_user.sh
@ -0,0 +1,10 @@
+#!/bin/bash
+#
+
+python ../apps/manage.py shell << EOF
+from django.core.cache import cache
+
+cache.delete_pattern('_LOGIN_BLOCK_*')
+cache.delete_pattern('_LOGIN_LIMIT_*')
+
+EOF