diff --git a/apps/accounts/api/account/pam_dashboard.py b/apps/accounts/api/account/pam_dashboard.py index cba3aaef7..e83f86ad2 100644 --- a/apps/accounts/api/account/pam_dashboard.py +++ b/apps/accounts/api/account/pam_dashboard.py @@ -4,7 +4,11 @@ from django.db.models import Count, F, Q from django.http.response import JsonResponse from rest_framework.views import APIView -from accounts.models import Account, RiskChoice +from accounts.models import ( + Account, RiskChoice, GatherAccountsAutomation, + PushAccountAutomation, BackupAccountAutomation, + AccountRisk, IntegrationApplication, ChangeSecretAutomation +) from assets.const import AllTypes from common.utils.timezone import local_monday @@ -85,9 +89,39 @@ class PamDashboardApi(APIView): data['total_long_time_change_password_accounts'] = Account.get_risks( risk_type=RiskChoice.long_time_password).count() - if _all or query_params.get('total_count_type_to_accounts_amount'): + if _all or query_params.get('total_count_type_to_accounts'): data.update({ - 'total_count_type_to_accounts_amount': self.get_type_to_accounts(), + 'total_count_type_to_accounts': self.get_type_to_accounts(), + }) + + if _all or query_params.get('total_count_change_secret_automation'): + data.update({ + 'total_count_change_secret_automation': ChangeSecretAutomation.objects.count() + }) + + if _all or query_params.get('total_count_gathered_account_automation'): + data.update({ + 'total_count_gathered_account_automation': GatherAccountsAutomation.objects.count() + }) + + if _all or query_params.get('total_count_push_account_automation'): + data.update({ + 'total_count_push_account_automation': PushAccountAutomation.objects.count() + }) + + if _all or query_params.get('total_count_backup_account_automation'): + data.update({ + 'total_count_backup_account_automation': BackupAccountAutomation.objects.count() + }) + + if _all or query_params.get('total_count_risk_account'): + data.update({ + 'total_count_risk_account': AccountRisk.objects.count() + }) + + if _all or query_params.get('total_count_integration_application'): + data.update({ + 'total_count_integration_application': IntegrationApplication.objects.count() }) return JsonResponse(data, status=200) diff --git a/apps/accounts/api/automations/change_secret_dashboard.py b/apps/accounts/api/automations/change_secret_dashboard.py index c3393f36c..2744cc757 100644 --- a/apps/accounts/api/automations/change_secret_dashboard.py +++ b/apps/accounts/api/automations/change_secret_dashboard.py @@ -117,28 +117,26 @@ class ChangeSecretDashboardApi(APIView): query_params = self.request.query_params data = {} - if query_params.get('total_count_change_secrets'): + _all = query_params.get('all') + + if _all or query_params.get('total_count_change_secrets'): data['total_count_change_secrets'] = self.get_filtered_counts( self.change_secrets_queryset, 'date_updated' ) - if query_params.get('total_count_periodic_change_secrets'): + if _all or query_params.get('total_count_periodic_change_secrets'): data['total_count_periodic_change_secrets'] = self.get_filtered_counts( self.change_secrets_queryset.filter(is_periodic=True), 'date_updated' ) - if query_params.get('total_count_change_secret_assets'): + if _all or query_params.get('total_count_change_secret_assets'): data['total_count_change_secret_assets'] = self.get_change_secret_asset_queryset().count() - if query_params.get('total_count_change_secret_status'): + if _all or query_params.get('total_count_change_secret_status'): records = self.get_queryset_date_filter(self.change_secret_records_queryset, 'date_finished') data.update(self.get_status_counts(records)) - if query_params.get('total_count_change_secret_status'): - records = self.get_queryset_date_filter(self.change_secret_records_queryset, 'date_finished') - data.update(self.get_status_counts(records)) - - if query_params.get('daily_success_and_failure_metrics'): + if _all or query_params.get('daily_success_and_failure_metrics'): success, failed = self.get_daily_success_and_failure_metrics() data.update({ 'dates_metrics_date': [date.strftime('%m-%d') for date in self.date_range_list] or ['0'], @@ -146,17 +144,18 @@ class ChangeSecretDashboardApi(APIView): 'dates_metrics_total_count_failed': failed, }) - if query_params.get('total_count_ongoing_change_secret'): + if _all or query_params.get('total_count_ongoing_change_secret'): execution_ids = [] inspect = app.control.inspect() active_tasks = inspect.active() - for tasks in active_tasks.values(): - for task in tasks: - _id = task.get('id') - name = task.get('name') - tp = task.kwargs.get('tp') - if name == self.task_name and tp == self.tp: - execution_ids.append(_id) + if active_tasks: + for tasks in active_tasks.values(): + for task in tasks: + _id = task.get('id') + name = task.get('name') + tp = task.kwargs.get('tp') + if name == self.task_name and tp == self.tp: + execution_ids.append(_id) snapshots = self.change_secret_executions_queryset.filter( id__in=execution_ids).values_list('id', 'snapshot') diff --git a/apps/accounts/automations/gather_account/manager.py b/apps/accounts/automations/gather_account/manager.py index 24ae065c4..8e5eac6f0 100644 --- a/apps/accounts/automations/gather_account/manager.py +++ b/apps/accounts/automations/gather_account/manager.py @@ -345,7 +345,8 @@ class GatherAccountsManager(AccountBasePlaybookManager): for k in diff: if k not in common_risk_items: continue - setattr(ori_account, k, d[k]) + v = d.get(k) + setattr(ori_account, k, v) return ori_account def do_run(self, *args, **kwargs): diff --git a/apps/accounts/migrations/0025_alter_accountrisk_risk_and_more.py b/apps/accounts/migrations/0025_alter_accountrisk_risk_and_more.py new file mode 100644 index 000000000..e38a566e5 --- /dev/null +++ b/apps/accounts/migrations/0025_alter_accountrisk_risk_and_more.py @@ -0,0 +1,23 @@ +# Generated by Django 4.1.13 on 2025-01-09 11:09 + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + dependencies = [ + ('accounts', '0024_remove_changesecretrecord_date_started_and_more'), + ] + + operations = [ + migrations.AlterField( + model_name='accountrisk', + name='risk', + field=models.CharField(choices=[('long_time_no_login', 'Long time no login'), ('new_found', 'New found'), ('groups_changed', 'Groups change'), ('sudoers_changed', 'Sudo changed'), ('authorized_keys_changed', 'Authorized keys changed'), ('account_deleted', 'Account delete'), ('password_expired', 'Password expired'), ('long_time_password', 'Long time no change'), ('weak_password', 'Weak password'), ('leaked_password', 'Leaked password'), ('repeated_password', 'Repeated password'), ('password_error', 'Password error'), ('no_admin_account', 'No admin account'), ('others', 'Others')], max_length=128, verbose_name='Risk'), + ), + migrations.AlterField( + model_name='gatheredaccount', + name='address_last_login', + field=models.CharField(default='', max_length=39, null=True, verbose_name='Address login'), + ), + ] diff --git a/apps/accounts/models/automations/gather_account.py b/apps/accounts/models/automations/gather_account.py index 2e74b876f..cfb930f75 100644 --- a/apps/accounts/models/automations/gather_account.py +++ b/apps/accounts/models/automations/gather_account.py @@ -15,7 +15,7 @@ __all__ = ['GatherAccountsAutomation', 'GatheredAccount'] class GatheredAccount(JMSOrgBaseModel): asset = models.ForeignKey('assets.Asset', on_delete=models.CASCADE, verbose_name=_("Asset")) username = models.CharField(max_length=32, blank=True, db_index=True, verbose_name=_('Username')) - address_last_login = models.CharField(max_length=39, default='', verbose_name=_("Address login")) + address_last_login = models.CharField(null=True, max_length=39, default='', verbose_name=_("Address login")) date_last_login = models.DateTimeField(null=True, verbose_name=_("Date login")) remote_present = models.BooleanField(default=True, verbose_name=_("Remote present")) # 远端资产上是否还存在 present = models.BooleanField(default=False, verbose_name=_("Present")) # 系统资产上是否还存在