From fa52e2bf5e221cb984abe97388395c526b330913 Mon Sep 17 00:00:00 2001
From: Bai <baijiangjie@gmail.com>
Date: Wed, 19 Jul 2023 11:00:58 +0800
Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=E6=89=B9=E9=87=8F?=
 =?UTF-8?q?=E5=91=BD=E4=BB=A4=E5=91=8A=E8=AD=A6=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/ops/models/job.py                        |  20 ++--
 apps/terminal/api/session/command.py          |  48 ++++----
 apps/terminal/backends/command/models.py      |   5 -
 apps/terminal/const.py                        |   6 +-
 apps/terminal/notifications.py                |  12 +-
 .../terminal/_msg_command_warning.html        | 105 +++---------------
 6 files changed, 57 insertions(+), 139 deletions(-)

diff --git a/apps/ops/models/job.py b/apps/ops/models/job.py
index d3647bdc3..6431780a3 100644
--- a/apps/ops/models/job.py
+++ b/apps/ops/models/job.py
@@ -396,29 +396,29 @@ class JobExecution(JMSOrgBaseModel):
                     CommandExecutionAlert({
                         "assets": self.current_job.assets.all(),
                         "input": self.material,
-                        "risk_level": 5,
+                        "risk_level": RiskLevelChoices.reject,
                         "user": self.creator,
                     }).publish_async()
                     raise Exception("command is rejected by ACL")
                 elif acl.is_action(CommandFilterACL.ActionChoices.warning):
-                    user = self.creator
                     command = {
                         'input': self.material,
-                        'user': user.name,
-                        '_user_id': user.id,
+                        'user': self.creator.name,
                         'asset': asset.name,
+                        'cmd_filter_acl': str(acl.id),
+                        'cmd_group': str(cg.id),
+                        'risk_level': RiskLevelChoices.warning,
+                        'org_id': self.org_id,
+                        '_user_id': self.creator.id,
                         '_asset_id': asset.id,
                         '_account': self.current_job.runas,
                         '_cmd_filter_acl': acl,
                         '_cmd_group': cg,
-                        'session': '',
-                        '_risk_level': RiskLevelChoices.warning.label,
-                        'org_id': self.org.id,
-                        '_org_name': self.org.name or self.org.id,
+                        '_org_name': self.org_name,
                     }
-                    CommandWarningMessage(user, command).publish_async()
+                    for reviewer in acl.reviewers.all():
+                        CommandWarningMessage(reviewer, command).publish_async()
                     return True
-
         return False
 
     def check_command_acl(self):
diff --git a/apps/terminal/api/session/command.py b/apps/terminal/api/session/command.py
index c933a12ad..f95155fd1 100644
--- a/apps/terminal/api/session/command.py
+++ b/apps/terminal/api/session/command.py
@@ -216,31 +216,29 @@ class InsecureCommandAlertAPI(generics.CreateAPIView):
         cmd_groups = CommandGroup.objects.filter(id__in=cmd_group_ids).only('id', 'name')
         cmd_group_mapper = {str(i.id): i for i in cmd_groups}
 
-        lang = request.stream.COOKIES.get('django_language', 'zh')
-        with translation.override(lang):
-            for command in commands:
-                cmd_acl = acl_mapper.get(command['cmd_filter_acl'])
-                command['_cmd_filter_acl'] = cmd_acl
-                cmd_group = cmd_group_mapper.get(command['cmd_group'])
-                command['_cmd_group'] = cmd_group
-                session = session_mapper.get(command['session'])
-                risk_level = command.get('risk_level')
-                if session:
-                    command.update({
-                        '_user_id': session.user_id,
-                        '_asset_id': session.asset_id,
-                        '_account': session.account,
-                        '_account_id': session.account_id,
-                        '_org_name': session.org.name,
-                        '_risk_level': RiskLevelChoices.get_risk_level_str(risk_level),
-                    })
+        for command in commands:
+            cmd_acl = acl_mapper.get(command['cmd_filter_acl'])
+            command['_cmd_filter_acl'] = cmd_acl
+            cmd_group = cmd_group_mapper.get(command['cmd_group'])
+            command['_cmd_group'] = cmd_group
+            session = session_mapper.get(command['session'])
+            risk_level = command.get('risk_level')
 
-                if risk_level in [RiskLevelChoices.reject, RiskLevelChoices.review_reject]:
-                    CommandAlertMessage(command).publish_async()
-                elif risk_level in [RiskLevelChoices.warning]:
-                    for reviewer in cmd_acl.reviewers.all():
-                        CommandWarningMessage(reviewer, command).publish_async()
-                else:
-                    logger.info(f'Risk level ignore: {risk_level}')
+            if session:
+                command.update({
+                    '_user_id': session.user_id,
+                    '_asset_id': session.asset_id,
+                    '_account': session.account,
+                    '_account_id': session.account_id,
+                    '_org_name': session.org.name,
+                })
+
+            if risk_level in [RiskLevelChoices.reject, RiskLevelChoices.review_reject]:
+                CommandAlertMessage(command).publish_async()
+            elif risk_level in [RiskLevelChoices.warning]:
+                for reviewer in cmd_acl.reviewers.all():
+                    CommandWarningMessage(reviewer, command).publish_async()
+            else:
+                logger.info(f'Risk level ignore: {RiskLevelChoices.get_label(risk_level)}({risk_level})')
 
         return Response({'msg': 'ok'})
diff --git a/apps/terminal/backends/command/models.py b/apps/terminal/backends/command/models.py
index f588a177d..801b3cdf1 100644
--- a/apps/terminal/backends/command/models.py
+++ b/apps/terminal/backends/command/models.py
@@ -42,11 +42,6 @@ class AbstractSessionCommand(OrgModelMixin):
         else:
             return ''
 
-    @classmethod
-    def get_risk_level_str(cls, risk_level):
-        risk_mapper = dict(RiskLevelChoices.choices)
-        return risk_mapper.get(risk_level)
-
     def to_dict(self):
         d = {}
         for field in self._meta.fields:
diff --git a/apps/terminal/const.py b/apps/terminal/const.py
index 7b2284b8e..f34233e3a 100644
--- a/apps/terminal/const.py
+++ b/apps/terminal/const.py
@@ -14,9 +14,9 @@ class RiskLevelChoices(IntegerChoices):
     review_cancel = 8, _('Review & Cancel')
 
     @classmethod
-    def get_risk_level_str(cls, risk_level):
-        risk_mapper = dict(cls.choices)
-        return risk_mapper.get(risk_level)
+    def get_label(cls, level):
+        label = dict(cls.choices).get(level)
+        return label
 
 
 class ReplayStorageType(TextChoices):
diff --git a/apps/terminal/notifications.py b/apps/terminal/notifications.py
index 753845de1..6d49946dd 100644
--- a/apps/terminal/notifications.py
+++ b/apps/terminal/notifications.py
@@ -12,6 +12,7 @@ from notifications.models import SystemMsgSubscription
 from notifications.notifications import SystemMessage, UserMessage
 from terminal.models import Session, Command
 from users.models import User
+from terminal.const import RiskLevelChoices
 
 logger = get_logger(__name__)
 
@@ -86,8 +87,8 @@ class CommandWarningMessage(CommandAlertMixin, UserMessage):
         account_id = command.get('_account_id', '')
         cmd_acl = command.get('_cmd_filter_acl')
         cmd_group = command.get('_cmd_group')
-        session_id = command['session']
-        risk_level = command['_risk_level']
+        session_id = command.get('session', '')
+        risk_level = command['risk_level']
         org_id = command['org_id']
         org_name = command.get('_org_name') or org_id
 
@@ -137,7 +138,7 @@ class CommandWarningMessage(CommandAlertMixin, UserMessage):
             'cmd_group': cmd_group_name,
             'cmd_group_url': cmd_group_url,
             'session_url': session_url,
-            'risk_level': risk_level,
+            'risk_level': RiskLevelChoices.get_label(risk_level),
             'org': org_name,
         }
 
@@ -174,7 +175,7 @@ class CommandAlertMessage(CommandAlertMixin, SystemMessage):
         session_detail_url = session_detail_url.replace(
             '/terminal/sessions/', '/audit/sessions/sessions/'
         )
-        level = Command.get_risk_level_str(command['risk_level'])
+        level = RiskLevelChoices.get_label(command['risk_level'])
         items = {
             _("Asset"): command['asset'],
             _("User"): command['user'],
@@ -223,7 +224,8 @@ class CommandExecutionAlert(CommandAlertMixin, SystemMessage):
             ) + '?oid={}'.format(asset.org_id)
             assets_with_url.append([asset, url])
 
-        level = Command.get_risk_level_str(command['risk_level'])
+        level = RiskLevelChoices.get_label(command['risk_level'])
+
         items = {
             _("User"): command['user'],
             _("Level"): level,
diff --git a/apps/terminal/templates/terminal/_msg_command_warning.html b/apps/terminal/templates/terminal/_msg_command_warning.html
index 814947278..23469e3a4 100644
--- a/apps/terminal/templates/terminal/_msg_command_warning.html
+++ b/apps/terminal/templates/terminal/_msg_command_warning.html
@@ -1,100 +1,23 @@
 {% load i18n %}
 
 <div>
-    <!-- <table style="
-    display: inline-block;
-    margin: .6em 0;
-    max-width: 100%;
-    min-width: 60%;
-    white-space: nowrap;">
-        <thead>
-            <tr style="
-            text-align: left;
-            text-transform: uppercase;
-            background: rgb(249, 238, 181);
-            border: 1px solid #d9d7ce;">
-                <th style="
-                padding: 0 .6em;">
-                    {% trans 'Item' %}
-                </th>
-                <th style="
-                padding: 0 .6em;">
-                    {% trans 'Url' %}
-                </th>
-            </tr>
-        </thead>
-        <tbody style="
-        background: #fbfbf9;
-        border: 1px solid #d9d7ce;">
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'User' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <a href="{{ user_url }}" target="_blank">{{ user }}</a>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Asset' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <a href="{{ asset_url }}" target="_blank">{{ asset }}</a>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Account' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <a href="{{ account_url }}" target="_blank">{{ account }}</a>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Command' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <span>{{ command }}</span>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Command acl' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <a href="{{ cmd_filter_acl_url }}" target="_blank">{{ cmd_filter_acl }}</a>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Command acl group' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <a href="{{ cmd_group_url }}" target="_blank">{{ cmd_group }}</a>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Session' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <a href="{{ session_url }}" target="_blank">{% trans 'View' %}</a>
-                </td>
-            </tr>
-            <tr>
-                <td style="padding: 0 .6em;">{% trans 'Organization' %}</td>
-                <td style="white-space: normal; padding: 0 .6em;">
-                    <span>{{ org }}</span>
-                </td>
-            </tr>
-        </tbody>
-    </table> -->
-
-
-    <b>{% trans 'User' %}:</b> <a href="{{ user_url }}" target="_blank">{{ user }}</a><br />
-    <b>{% trans 'Asset' %}:</b> <a href="{{ asset_url }}" target="_blank">{{ asset }}</a><br />
-    <b>{% trans 'Account' %}:</b>
-    {% if account_url %}
-    <a href="{{ account_url }}" target="_blank">{{ account }}</a>
-    {% else %}
-    <span>{{ account }}</span>
-    {% endif %}
+    <b>{% trans 'Asset' %}: </b> <a href="{{ asset_url }}" target="_blank">{{ asset }}</a><br />
+    <b>{% trans 'User' %}: </b> <a href="{{ user_url }}" target="_blank">{{ user }}</a><br />
+    <b>{% trans 'Account' %}: </b>
+        {% if account_url %}
+            <a href="{{ account_url }}" target="_blank">{{ account }}</a>
+        {% else %}
+            <span>{{ account }}</span>
+        {% endif %}
     <br />
-    <b>{% trans 'Command' %}: </b><span>{{ command }}</span><br />
     <b>{% trans 'Risk level' %}: </b><span>{{ risk_level }}</span><br />
-    <b>{% trans 'Command acl' %}:</b> <a href="{{ cmd_filter_acl_url }}" target="_blank">{{ user }}</a><br />
-    <b>{% trans 'Command acl group' %}:</b> <a href="{{ cmd_group_url }}" target="_blank">{{ user }}</a><br />
+    <b>{% trans 'Command acl' %}: </b> <a href="{{ cmd_filter_acl_url }}" target="_blank">{{ user }}</a><br />
+    <b>{% trans 'Command acl group' %}: </b> <a href="{{ cmd_group_url }}" target="_blank">{{ user }}</a><br />
     {% if session_url %}
-    <b>{% trans 'Session' %}:</b>
-    <a href="{{ session_url }}" target="_blank">{% trans 'View' %}</a><br />
+        <b>{% trans 'Session' %}: </b>
+        <a href="{{ session_url }}" target="_blank">{% trans 'View' %}</a><br />
     {% endif %}
-    <b>{% trans 'Organization' %}:</b> <span>{{ org }}</span><br />
+    <b>{% trans 'Organization' %}: </b> <span>{{ org }}</span><br />
+    <b>{% trans 'Command' %}: </b><span>{{ command }}</span><br />
 
 </div>