merge: with remote

apps/accounts/automations/change_secret/manager.py

@@ -98,9 +98,11 @@ class ChangeSecretManager(AccountBasePlaybookManager):
 
         accounts = self.get_accounts(account)
         if not accounts:
-            print('没有发现待处理的账号: %s 用户ID: %s 类型: %s' % (
-                asset.name, self.account_ids, self.secret_type
-            ))
+            print(
+                _("No pending accounts found: {name} User ID: {account_ids} Type: {secret_type}").format(
+                    name=asset.name,
+                    account_ids=self.account_ids,
+                    secret_type=self.secret_type))
             return []
 
         records = []

apps/assets/automations/base/manager.py

@@ -320,19 +320,19 @@ class BasePlaybookManager:
         shutil.rmtree(self.runtime_dir, ignore_errors=True)
 
     def run(self, *args, **kwargs):
-        print(">>> 任务准备阶段\n")
+        print(_(">>> Task preparation phase"), end="\n")
         runners = self.get_runners()
         if len(runners) > 1:
-            print("### 分次执行任务, 总共 {}\n".format(len(runners)))
+            print(_(">>> Executing tasks in batches, total {runner_count}").format(runner_count=len(runners)))
         elif len(runners) == 1:
-            print(">>> 开始执行任务\n")
+            print(_(">>> Start executing tasks"))
         else:
-            print("### 没有需要执行的任务\n")
+            print(_(">>> No tasks need to be executed"), end="\n")
 
         self.execution.date_start = timezone.now()
         for i, runner in enumerate(runners, start=1):
             if len(runners) > 1:
-                print(">>> 开始执行第 {} 批任务".format(i))
+                print(_(">>> Begin executing batch {index} of tasks").format(index=i))
             ssh_tunnel = SSHTunnelManager()
             ssh_tunnel.local_gateway_prepare(runner)
             try:

apps/i18n/lina/ja.json

@@ -180,7 +180,18 @@
     "BatchProcessing": "バルク処理（{Number} アイテムが選択されています）",
     "BatchReject": "一括拒否",
     "BatchTest": "一括テスト",
-    "BatchTransfer": "一括転送",
+    "BasicSettings": "基本設定",
+    "BasicTools": "基本的なツール",
+    "BatchActivate": "一括アクティブ化",
+    "BatchApproval": "大量承認です",
+    "BatchCommand": "一括コマンド",
+    "BatchCommandNotExecuted": "未実行コマンド",
+    "BatchDelete": "一括削除",
+    "BatchDisable": "一括無効化",
+    "BatchRemoval": "一括除去",
+    "BatchRetry": "一括リトライ",
+    "BatchScript": "バッチ スクリプト",
+    "BatchUpdate": "ロット更新",
     "BeforeChange": "変更前",
     "Beian": "登記",
     "BelongAll": "同時に含む",
@@ -1123,7 +1134,7 @@
     "TaskDetail": "タスクの詳細",
     "TaskDone": "ジョブ終了",
     "TaskID": "タスク ID",
-    "TaskList": "タスクリスト",
+    "SystemTasks": "タスクリスト",
     "TaskMonitor": "タスクモニタリング",
     "TechnologyConsult": "技術相談",
     "TempPasswordTip": "一時的なパスワードの有効期間は300秒で、使用後すぐに無効になります",

apps/i18n/lina/zh.json

@@ -197,13 +197,12 @@
     "BasePort": "监听端口",
     "Basic": "基本设置",
     "BasicInfo": "基本信息",
-    "BasicSetting": "基本设置",
+    "BasicSettings": "基本设置",
     "BatchConsent": "批量同意",
     "BatchDeployment": "批量部署",
     "BatchProcessing": "批量处理(选中 {Number} 项)",
     "BatchReject": "批量拒绝",
     "BatchTest": "批量测试",
-    "BatchTransfer": "批量传输",
     "BeforeChange": "变更前",
     "Beian": "备案",
     "BelongAll": "同时包含",
@@ -238,7 +237,7 @@
     "ChangeField": "变更字段",
     "ChangeOrganization": "更改组织",
     "ChangePassword": "更新密码",
-    "ChangeReceiver": "修改消息接收人",
+    "EditRecipient": "编辑接收人",
     "ChangeSecretParams": "改密参数",
     "ChangeViewHelpText": "点击切换不同视图",
     "Chat": "聊天",
@@ -523,8 +522,6 @@
     "HardwareInfo": "硬件信息",
     "HasImportErrorItemMsg": "存在导入失败项，点击左侧 x 查看失败原因，点击表格编辑后，可以继续导入失败项",
     "Help": "帮助",
-    "HelpDocumentTip": "可以更改网站导航栏 帮助 -> 文档 的网址",
-    "HelpSupportTip": "可以更改网站导航栏 帮助 -> 支持 的网址",
     "HighLoad": "较高",
     "HistoricalSessionNum": "历史会话数",
     "History": "历史记录",
@@ -603,7 +600,7 @@
     "JobUpdate": "更新作业",
     "KingSoftCloud": "金山云",
     "KokoSetting": "KoKo 配置",
-    "GenericSetting": "通用配置",
+    "GeneralSetting": "通用配置",
     "LAN": "局域网",
     "LDAPUser": "LDAP 用户",
     "Label": "标签",
@@ -1122,7 +1119,7 @@
     "TaskDetail": "任务详情",
     "TaskDone": "任务结束",
     "TaskID": "任务 ID",
-    "TaskList": "任务列表",
+    "SystemTasks": "任务列表",
     "TaskMonitor": "任务监控",
     "TechnologyConsult": "技术咨询",
     "TempPasswordTip": "临时密码有效期为 300 秒，使用后立刻失效",
@@ -1295,5 +1292,9 @@
     "InformationModification": "信息更改",
     "Phone": "手机",
     "TailLog": "追踪日志",
-    "NoLog": "无日志"
+    "NoLog": "无日志",
+    "SiteURLTip": "例如：https://demo.jumpserver.org",
+    "Settings...": "设置...",
+    "EmailTemplate": "邮件模版",
+    "EmailTemplateHelpTip": "邮件模版是用于发送邮件的模版，包括邮件标题前缀和邮件内容"
 }

apps/i18n/lina/zh_hant.json

@@ -215,7 +215,7 @@
     "BasePort": "監聽埠",
     "Basic": "基本設置",
     "BasicInfo": "基本資訊",
-    "BasicSetting": "基本設置",
+    "BasicSettings": "基本設置",
     "BasicTools": "基本工具",
     "BatchActivate": "批次啟用",
     "BatchApproval": "批次審批",
@@ -1308,7 +1308,7 @@
     "TaskDispatch": "任務下發成功",
     "TaskDone": "任務結束",
     "TaskID": "任務 ID",
-    "TaskList": "任務列表",
+    "SystemTasks": "任務列表",
     "TaskMonitor": "任務監控",
     "TechnologyConsult": "技術諮詢",
     "TempPassword": "臨時密碼有效期為 300 秒，使用後立刻失效",

apps/jumpserver/conf.py

@@ -587,7 +587,7 @@ class Config(dict):
 
         # 导航栏 帮助
         'HELP_DOCUMENT_URL': 'https://docs.jumpserver.org/zh/v3/',
-        'HELP_SUPPORT_URL': 'http://www.jumpserver.org/support/',
+        'HELP_SUPPORT_URL': 'https://www.jumpserver.org/support/',
 
         'FORGOT_PASSWORD_URL': '',
         'HEALTH_CHECK_TOKEN': '',

apps/notifications/migrations/0003_initial_admin_msg.py

@@ -0,0 +1,24 @@
+# Generated by Django 4.1.13 on 2024-05-21 11:04
+
+from django.db import migrations
+
+
+def init_user_msg_subscription(apps, schema_editor):
+    User = apps.get_model('users', 'User')
+    UserMsgSubscription = apps.get_model('notifications', 'UserMsgSubscription')
+
+    receive_backends = ['site_msg', 'email']
+    user = User.objects.get(username='admin')
+    UserMsgSubscription.objects.update_or_create(
+        defaults={'receive_backends': receive_backends}, user=user
+    )
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('notifications', '0002_auto_20210909_1946'),
+    ]
+
+    operations = [
+        migrations.RunPython(init_user_msg_subscription),
+    ]

apps/settings/serializers/auth/base.py

@@ -22,10 +22,23 @@ class AuthSettingSerializer(serializers.Serializer):
     AUTH_SLACK = serializers.BooleanField(default=False, label=_('WeCom Auth'))
     AUTH_SSO = serializers.BooleanField(default=False, label=_("SSO Auth"))
     AUTH_PASSKEY = serializers.BooleanField(default=False, label=_("Passkey Auth"))
+    EMAIL_SUFFIX = serializers.CharField(
+        required=False, max_length=1024, label=_("Email suffix"),
+        help_text=_(
+            "After third-party user authentication is successful, "
+            "if the third-party authentication service platform does not return the user's email "
+            "information, the system will automatically create the user using this email suffix"
+        )
+    )
     FORGOT_PASSWORD_URL = serializers.CharField(
         required=False, allow_blank=True, max_length=1024,
-        label=_("Forgot Password URL")
+        label=_("Forgot Password"), 
+        help_text=_("The URL for Forgotten Password on the user login page")
     )
     LOGIN_REDIRECT_MSG_ENABLED = serializers.BooleanField(
-        required=False, label=_("Login redirection prompt")
+        required=False, label=_("Login redirection"),
+        help_text=_(
+            "Should an flash page be displayed before the user is redirected to third-party "
+            "authentication when the administrator enables third-party redirect authentication"
+        )
     )

apps/settings/serializers/auth/cas.py

@@ -15,7 +15,10 @@ class CASSettingSerializer(serializers.Serializer):
         required=False, allow_null=True, allow_blank=True,
         max_length=1024, label=_('Proxy Server')
     )
-    CAS_LOGOUT_COMPLETELY = serializers.BooleanField(required=False, label=_('Logout completely'))
+    CAS_LOGOUT_COMPLETELY = serializers.BooleanField(
+        required=False, label=_('Logout completely'), 
+        help_text=_('When the user signs out, they also be logged out from the CAS Server')
+    )
     CAS_VERSION = serializers.IntegerField(
         required=False, label=_('Version'), min_value=1, max_value=3
     )
@@ -25,8 +28,17 @@ class CASSettingSerializer(serializers.Serializer):
     CAS_APPLY_ATTRIBUTES_TO_USER = serializers.BooleanField(
         required=False, label=_('Enable attributes map')
     )
-    CAS_RENAME_ATTRIBUTES = serializers.JSONField(required=False, label=_('User attribute'))
+    CAS_RENAME_ATTRIBUTES = serializers.JSONField(
+        required=False, label=_('User attribute'),
+        help_text=_(
+            "User attribute mapping, where the `key` is the CAS service user attribute name "
+            "and the `value` is the JumpServer user attribute name"
+        )
+    )
     CAS_CREATE_USER = serializers.BooleanField(
         required=False, label=_('Create user'), 
-        help_text=_('Automatically create a new user if not found.')
+        help_text=_(
+            'After successful user authentication, if the user does not exist, '
+            'automatically create the user'
+        )
     )

apps/settings/serializers/auth/ldap.py

@@ -40,24 +40,32 @@ class LDAPSettingSerializer(serializers.Serializer):
 
     AUTH_LDAP_SERVER_URI = serializers.CharField(
         required=True, max_length=1024, label=_('Server'),
-        help_text=_('eg: ldap://localhost:389')
+        help_text=_('LDAP server URI')
+    )
+    AUTH_LDAP_BIND_DN = serializers.CharField(
+        required=False, max_length=1024, label=_('Bind DN'),
+        help_text=_('Binding Distinguished Name')
     )
-    AUTH_LDAP_BIND_DN = serializers.CharField(required=False, max_length=1024, label=_('Bind DN'))
     AUTH_LDAP_BIND_PASSWORD = EncryptedField(
-        max_length=1024, required=False, label=_('Password')
+        max_length=1024, required=False, label=_('Password'),
+        help_text=_('Binding password')
     )
     AUTH_LDAP_SEARCH_OU = serializers.CharField(
-        max_length=1024, allow_blank=True, required=False, label=_('User OU'),
-        help_text=_('Use | split multi OUs')
+        max_length=1024, allow_blank=True, required=False, label=_('Search OU'),
+        help_text=_(
+            'User Search Base, if there are multiple OUs, you can separate them with the `|` symbol'
+        )
     )
     AUTH_LDAP_SEARCH_FILTER = serializers.CharField(
-        max_length=1024, required=True, label=_('User search filter'),
-        help_text=_('Choice may be (cn|uid|sAMAccountName)=%(user)s)')
+        max_length=1024, required=True, label=_('Search filter'),
+        help_text=_('Selection could include (cn|uid|sAMAccountName=%(user)s)')
     )
     AUTH_LDAP_USER_ATTR_MAP = serializers.JSONField(
         required=True, label=_('User attribute'),
-        help_text=_('User attr map present how to map LDAP user attr to '
-                    'jumpserver, username,name,email is jumpserver attr')
+        help_text=_(
+            'User attribute mapping, where the `key` is the JumpServer user attribute name and the '
+            '`value` is the LDAP service user attribute name'
+        )
     )
     AUTH_LDAP_SYNC_ORG_IDS = serializers.ListField(
         required=False, label=_('Organization'), max_length=36
@@ -85,7 +93,9 @@ class LDAPSettingSerializer(serializers.Serializer):
             'improve the speed of user authentication., 0 means no cache'
         )
     )
-    AUTH_LDAP_SEARCH_PAGED_SIZE = serializers.IntegerField(required=False, label=_('Search paged size (piece)'))
+    AUTH_LDAP_SEARCH_PAGED_SIZE = serializers.IntegerField(
+        required=False, label=_('Search paged size (piece)')
+    )
     AUTH_LDAP_SYNC_RECEIVERS = serializers.ListField(
         required=False, label=_('Recipient'), max_length=36
     )

apps/settings/serializers/auth/oidc.py

@@ -13,7 +13,8 @@ class CommonSettingSerializer(serializers.Serializer):
     # OpenID 公有配置参数 (version <= 1.5.8 或 version >= 1.5.8)
     BASE_SITE_URL = serializers.CharField(
         required=False, allow_null=True, allow_blank=True,
-        max_length=1024, label=_('Base site URL')
+        max_length=1024, label=_('Base site URL'), 
+        help_text=_("The current site's URL is used to construct the callback address")
     )
     AUTH_OPENID_CLIENT_ID = serializers.CharField(
         required=False, max_length=1024, label=_('Client Id')
@@ -35,8 +36,10 @@ class CommonSettingSerializer(serializers.Serializer):
     )
     AUTH_OPENID_USER_ATTR_MAP = serializers.JSONField(
         required=True, label=_('User attribute'),
-        help_text=_('User attr map present how to map OpenID user attr to '
-                    'jumpserver, username,name,email is jumpserver attr')
+        help_text=_(
+            "User attribute mapping, where the `key` is the JumpServer user attribute name "
+            "and the `value` is the OIDC service user attribute name"
+        )
     )
     AUTH_OPENID_PKCE = serializers.BooleanField(required=False, label=_('Enable PKCE'))
     AUTH_OPENID_CODE_CHALLENGE_METHOD = serializers.ChoiceField(
@@ -48,7 +51,10 @@ class CommonSettingSerializer(serializers.Serializer):
 class KeycloakSettingSerializer(CommonSettingSerializer):
     # OpenID 旧配置参数 (version <= 1.5.8 (discarded))
     AUTH_OPENID_KEYCLOAK = serializers.BooleanField(
-        label=_("Use Keycloak"), required=False, default=False
+        label=_("Use Keycloak"), required=False, default=False,
+        help_text=_(
+            "Use Keycloak as the OpenID Connect server, or use standard OpenID Connect Protocol"
+        )
     )
     AUTH_OPENID_SERVER_URL = serializers.CharField(
         required=False, max_length=1024, label=_('Server')
@@ -60,7 +66,9 @@ class KeycloakSettingSerializer(CommonSettingSerializer):
 
 class OIDCSettingSerializer(KeycloakSettingSerializer):
     # OpenID 新配置参数 (version >= 1.5.9)
-    AUTH_OPENID = serializers.BooleanField(required=False, label=_('OIDC'))
+    AUTH_OPENID = serializers.BooleanField(
+        required=False, label=_('OIDC'), help_text=_('OpenID Connect')
+    )
     AUTH_OPENID_PROVIDER_ENDPOINT = serializers.CharField(
         required=False, max_length=1024, label=_('Provider endpoint')
     )
@@ -85,15 +93,21 @@ class OIDCSettingSerializer(KeycloakSettingSerializer):
     AUTH_OPENID_PROVIDER_SIGNATURE_KEY = serializers.CharField(
         required=False, max_length=1024, allow_null=True, label=_('Signing key')
     )
-    AUTH_OPENID_SCOPES = serializers.CharField(required=False, max_length=1024, label=_('Scopes'))
+    AUTH_OPENID_SCOPES = serializers.CharField(
+        required=False, max_length=1024, label=_('Scopes')
+    )
     AUTH_OPENID_ID_TOKEN_MAX_AGE = serializers.IntegerField(
         required=False, label=_('ID Token max age (s)')
     )
     AUTH_OPENID_ID_TOKEN_INCLUDE_CLAIMS = serializers.BooleanField(
         required=False, label=_('ID Token include claims')
     )
-    AUTH_OPENID_USE_STATE = serializers.BooleanField(required=False, label=_('Use state'))
-    AUTH_OPENID_USE_NONCE = serializers.BooleanField(required=False, label=_('Use nonce'))
+    AUTH_OPENID_USE_STATE = serializers.BooleanField(
+        required=False, label=_('Use state')
+    )
+    AUTH_OPENID_USE_NONCE = serializers.BooleanField(
+        required=False, label=_('Use nonce')
+        )
     AUTH_OPENID_ALWAYS_UPDATE_USER = serializers.BooleanField(
         required=False, label=_('Always update user')
     )

apps/settings/serializers/auth/sms.py

@@ -14,12 +14,16 @@ __all__ = [
 
 
 class SMSSettingSerializer(serializers.Serializer):
-    SMS_ENABLED = serializers.BooleanField(default=False, label=_('SMS'))
+    SMS_ENABLED = serializers.BooleanField(
+        default=False, label=_('SMS'), help_text=_('Enable Short Message Service (SMS)')
+    )
     SMS_BACKEND = serializers.ChoiceField(
-        choices=BACKENDS.choices, default=BACKENDS.ALIBABA, label=_('SMS provider / Protocol')
+        choices=BACKENDS.choices, default=BACKENDS.ALIBABA, label=_('Provider'),
+        help_text=_('Short Message Service (SMS) provider or protocol')
     )
     SMS_CODE_LENGTH = serializers.IntegerField(
-        default=4, min_value=4, max_value=16, label=_('SMS code length')
+        default=4, min_value=4, max_value=16, label=_('Code length'),
+        help_text=_('Length of the sent verification code')
     )
 
 
@@ -32,7 +36,8 @@ class BaseSMSSettingSerializer(serializers.Serializer):
     PREFIX_TITLE = _('SMS')
 
     SMS_TEST_PHONE = PhoneField(
-        validators=[PhoneValidator()], required=False, allow_blank=True, allow_null=True, label=_('Test phone')
+        validators=[PhoneValidator()], required=False, allow_blank=True, allow_null=True, 
+        label=_('Phone')
     )
 
     def to_representation(self, instance):

apps/settings/serializers/basic.py

@@ -10,8 +10,8 @@ class BasicSettingSerializer(serializers.Serializer):
     SITE_URL = serializers.URLField(
         required=True, label=_("Site URL"),
         help_text=_(
-            'External URL, email links or other system callbacks are used to access it, '
-            'eg: http://dev.jumpserver.org:8080'
+            'Site URL is the externally accessible address of the current product '
+            'service and is usually used in links in system emails'
         )
     )
     USER_GUIDE_URL = serializers.URLField(
@@ -23,12 +23,12 @@ class BasicSettingSerializer(serializers.Serializer):
         help_text=_('The name of global organization to display')
     )
     HELP_DOCUMENT_URL = serializers.URLField(
-        required=False, allow_blank=True, allow_null=True, label=_("Help Docs URL"),
-        help_text=_('default: http://docs.jumpserver.org')
+        required=False, allow_blank=True, allow_null=True, label=_("Document URL"),
+        help_text=_('Document URL refers to the address in the top navigation bar Help - Document')
     )
     HELP_SUPPORT_URL = serializers.URLField(
-        required=False, allow_blank=True, allow_null=True, label=_("Help Support URL"),
-        help_text=_('default: http://www.jumpserver.org/support/')
+        required=False, allow_blank=True, allow_null=True, label=_("Support URL"),
+        help_text=_('Support URL refers to the address in the top navigation bar Help - Support')
     )
 
     @staticmethod

apps/settings/serializers/feature.py

@@ -19,7 +19,7 @@ class AnnouncementSerializer(serializers.Serializer):
     CONTENT = serializers.CharField(label=_("Content"))
     LINK = serializers.URLField(
         required=False, allow_null=True, allow_blank=True,
-        label=_("More URL"), default='',
+        label=_("More Link"), default='',
     )
 
     def to_representation(self, instance):
@@ -57,12 +57,13 @@ class VaultSettingSerializer(serializers.Serializer):
 
     HISTORY_ACCOUNT_CLEAN_LIMIT = serializers.IntegerField(
         default=999, max_value=999, min_value=1,
-        required=False, label=_('Historical accounts retained count'),
+        required=False, label=_('Record limit'),
         help_text=_(
-            'If the specific value is less than 999, '
+            'If the specific value is less than 999 (default), '
             'the system will automatically perform a task every night: '
             'check and delete historical accounts that exceed the predetermined number. '
-            'If the value reaches or exceeds 999, no historical account deletion will be performed.'
+            'If the value reaches or exceeds 999 (default), '
+            'no historical account deletion will be performed'
         )
     )
 
@@ -75,13 +76,15 @@ class ChatAISettingSerializer(serializers.Serializer):
         required=False, label=_('Chat AI')
     )
     GPT_BASE_URL = serializers.CharField(
-        allow_blank=True, required=False, label=_('Base Url')
+        allow_blank=True, required=False, label=_('Base URL'),
+        help_text=_('The base URL of the GPT service. For example: https://api.openai.com/v1')
     )
     GPT_API_KEY = EncryptedField(
         allow_blank=True, required=False, label=_('API Key'),
     )
     GPT_PROXY = serializers.CharField(
-        allow_blank=True, required=False, label=_('Proxy')
+        allow_blank=True, required=False, label=_('Proxy'),
+        help_text=_('The proxy server address of the GPT service. For example: http://ip:port')
     )
     GPT_MODEL = serializers.ChoiceField(
         default='', choices=GPT_MODEL_CHOICES, label=_("GPT Model"), required=False,
@@ -108,15 +111,19 @@ class ChatAISettingSerializer(serializers.Serializer):
 class TicketSettingSerializer(serializers.Serializer):
     PREFIX_TITLE = _('Ticket')
 
-    TICKETS_ENABLED = serializers.BooleanField(required=False, default=True, label=_("Enable tickets"))
-    TICKETS_DIRECT_APPROVE = serializers.BooleanField(required=False, default=False, label=_("No login approval"))
+    TICKETS_ENABLED = serializers.BooleanField(required=False, default=True, label=_("Ticket"))
+    TICKETS_DIRECT_APPROVE = serializers.BooleanField(
+        required=False, default=False, label=_("Approval without login"), 
+        help_text=_('Allow direct approval ticket without login')
+    )
     TICKET_AUTHORIZE_DEFAULT_TIME = serializers.IntegerField(
         min_value=1, max_value=999999, required=False,
-        label=_("Default period")
+        label=_("Period"), 
+        help_text=_("The default authorization time period when applying for assets via a ticket")
     )
     TICKET_AUTHORIZE_DEFAULT_TIME_UNIT = serializers.ChoiceField(
         choices=[('day', _("day")), ('hour', _("hour"))],
-        label=_("Default unit"), required=False,
+        label=_("Unit"), required=False, help_text=_("The unit of period")
     )
 
 
@@ -124,13 +131,13 @@ class OpsSettingSerializer(serializers.Serializer):
     PREFIX_TITLE = _('Feature')
 
     SECURITY_COMMAND_EXECUTION = serializers.BooleanField(
-        required=False, label=_('Job center'),
-        help_text=_('Allow user run batch command or not using ansible')
+        required=False, label=_('Adhoc'),
+        help_text=_('Allow users to execute batch commands in the Workbench - Job Center - Adhoc')
     )
     SECURITY_COMMAND_BLACKLIST = serializers.ListField(
         child=serializers.CharField(max_length=1024, ),
         label=_('Command blacklist'),
-        help_text=_("Commands that are not allowed execute.")
+        help_text=_("Command blacklist in Adhoc")
     )
 
 
@@ -138,5 +145,9 @@ class VirtualAppSerializer(serializers.Serializer):
     PREFIX_TITLE = _('Virtual app')
 
     VIRTUAL_APP_ENABLED = serializers.BooleanField(
-        required=False, label=_('Virtual app'),
+        required=False, label=_('vApp'), 
+        help_text=_(
+            'Virtual applications, you can use the Linux operating system as an application server '
+            'in remote applications.'
+        )
     )

apps/settings/serializers/msg.py

@@ -30,39 +30,37 @@ class EmailSettingSerializer(serializers.Serializer):
     )
     EMAIL_HOST = serializers.CharField(max_length=1024, required=True, label=_("Host"))
     EMAIL_PORT = serializers.CharField(max_length=5, required=True, label=_("Port"))
-    EMAIL_HOST_USER = serializers.CharField(max_length=128, required=True, label=_("Account"))
+    EMAIL_HOST_USER = serializers.CharField(
+        max_length=128, required=True, label=_("User"), help_text=_("The user to be used for email server authentication")
+    )
     EMAIL_HOST_PASSWORD = EncryptedField(
         max_length=1024, required=False, label=_("Password"),
-        help_text=_("Tips: Some provider use token except password")
+        help_text=_("Password to use for the email server. It is used in conjunction with `User` when authenticating to the email server")
     )
     EMAIL_FROM = serializers.CharField(
-        max_length=128, allow_blank=True, required=False, label=_('Sender'),
-        help_text=_('Tips: Send mail account, default SMTP account as the send account')
+        max_length=128, allow_blank=True, required=False, label=_('From'),
+        help_text=_('Sender email address (default to using the `User`)')
     )
     EMAIL_RECIPIENT = serializers.CharField(
-        max_length=128, allow_blank=True, required=False, label=_('Test recipient'),
-        help_text=_('Tips: Used only as a test mail recipient')
+        max_length=128, allow_blank=True, required=False, label=_('Recipient'),
+        help_text=_("The recipient is used for testing the email server's connectivity")
     )
     EMAIL_USE_SSL = serializers.BooleanField(
         required=False, label=_('Use SSL'),
-        help_text=_('If SMTP port is 465, may be select')
+        help_text=_('Whether to use an implicit TLS (secure) connection when talking to the SMTP server. In most email documentation this type of TLS connection is referred to as SSL. It is generally used on port 465')
     )
     EMAIL_USE_TLS = serializers.BooleanField(
         required=False, label=_("Use TLS"),
-        help_text=_('If SMTP port is 587, may be select')
-    )
-    EMAIL_SUBJECT_PREFIX = serializers.CharField(
-        max_length=1024, required=True, label=_('Subject prefix')
-    )
-    EMAIL_SUFFIX = serializers.CharField(
-        required=False, max_length=1024, label=_("Email suffix"),
-        help_text=_('This is used by default if no email is returned during SSO authentication')
+        help_text=_('Whether to use a TLS (secure) connection when talking to the SMTP server. This is used for explicit TLS connections, generally on port 587')
     )
 
 
 class EmailContentSettingSerializer(serializers.Serializer):
     PREFIX_TITLE = _('Email')
 
+    EMAIL_SUBJECT_PREFIX = serializers.CharField(
+        max_length=1024, required=True, label=_('Subject prefix')
+    )
     EMAIL_CUSTOM_USER_CREATED_SUBJECT = serializers.CharField(
         max_length=1024, allow_blank=True, required=False,
         label=_('Subject'),

apps/settings/serializers/terminal.py

@@ -38,4 +38,4 @@ class TerminalSettingSerializer(serializers.Serializer):
     )
     TERMINAL_MAGNUS_ENABLED = serializers.BooleanField(label="Magnus")
     TERMINAL_RAZOR_ENABLED = serializers.BooleanField(label="Razor")
-    TERMINAL_KOKO_SSH_ENABLED = serializers.BooleanField(label="Koko")
+    TERMINAL_KOKO_SSH_ENABLED = serializers.BooleanField(label="SSH Client")

apps/tickets/migrations/0003_initial_ticket_flow_data.py

@@ -0,0 +1,27 @@
+# Generated by Django 4.1.13 on 2024-05-21 09:14
+
+from django.db import migrations
+
+
+def create_ticket_flow_and_approval_rule(apps, schema_editor):
+    org_id = '00000000-0000-0000-0000-000000000000'
+
+    User = apps.get_model("users", "User")
+    TicketFlow = apps.get_model("tickets", "TicketFlow")
+    ApprovalRule = apps.get_model("tickets", "ApprovalRule")
+
+    super_user = User.objects.get(username='admin')
+    flow = TicketFlow.objects.create(created_by='System', type='apply_asset', org_id=org_id)
+    rule_instance = ApprovalRule.objects.create(strategy='super_admin')
+    rule_instance.assignees.set([super_user])
+    flow.rules.set([rule_instance, ])
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('tickets', '0002_auto_20200728_1146'),
+    ]
+
+    operations = [
+        migrations.RunPython(create_ticket_flow_and_approval_rule),
+    ]

apps/users/models/user.py

@@ -700,11 +700,13 @@ class MFAMixin:
     @property
     def mfa_force_enabled(self):
         force_level = settings.SECURITY_MFA_AUTH
+        # 1 All users
         if force_level in [True, 1]:
             return True
-        # 2 管理员强制开启
+        # 2 仅管理员强制开启
         if force_level == 2 and self.is_org_admin:
             return True
+        # 3 仅用户开启
         return self.mfa_level == 2
 
     def enable_mfa(self):