diff --git a/apps/assets/migrations/0036_auto_20190716_1535.py b/apps/assets/migrations/0036_auto_20190716_1535.py
new file mode 100644
index 000000000..317d427f0
--- /dev/null
+++ b/apps/assets/migrations/0036_auto_20190716_1535.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.1.7 on 2019-07-16 07:35
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+ dependencies = [
+ ('assets', '0035_auto_20190711_2018'),
+ ]
+
+ operations = [
+ migrations.AlterField(
+ model_name='commandfilter',
+ name='name',
+ field=models.CharField(max_length=64, unique=True, verbose_name='Name'),
+ ),
+ ]
diff --git a/apps/assets/models/cmd_filter.py b/apps/assets/models/cmd_filter.py
index 5bd031187..92135894c 100644
--- a/apps/assets/models/cmd_filter.py
+++ b/apps/assets/models/cmd_filter.py
@@ -17,7 +17,7 @@ __all__ = [
class CommandFilter(OrgModelMixin):
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
- name = models.CharField(max_length=64, verbose_name=_("Name"))
+ name = models.CharField(max_length=64, unique=True, verbose_name=_("Name"))
is_active = models.BooleanField(default=True, verbose_name=_('Is active'))
comment = models.TextField(blank=True, default='', verbose_name=_("Comment"))
date_created = models.DateTimeField(auto_now_add=True)
diff --git a/apps/assets/serializers/asset.py b/apps/assets/serializers/asset.py
index 5fdb3a362..0207f4e7d 100644
--- a/apps/assets/serializers/asset.py
+++ b/apps/assets/serializers/asset.py
@@ -112,7 +112,7 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
protocol = protocols_data[0].split('/')
validated_data["protocol"] = protocol[0]
validated_data["port"] = int(protocol[1])
- if validated_data:
+ if protocols_data:
validated_data["protocols"] = ' '.join(protocols_data)
def create(self, validated_data):
diff --git a/apps/assets/serializers/base.py b/apps/assets/serializers/base.py
index ca4aa7502..257bb95ab 100644
--- a/apps/assets/serializers/base.py
+++ b/apps/assets/serializers/base.py
@@ -1,7 +1,9 @@
# -*- coding: utf-8 -*-
#
+from django.utils.translation import ugettext as _
from rest_framework import serializers
+
from common.utils import ssh_pubkey_gen, validate_ssh_private_key
diff --git a/apps/assets/serializers/cmd_filter.py b/apps/assets/serializers/cmd_filter.py
index 3f29ca686..bd925fd9d 100644
--- a/apps/assets/serializers/cmd_filter.py
+++ b/apps/assets/serializers/cmd_filter.py
@@ -22,7 +22,7 @@ class CommandFilterSerializer(BulkOrgResourceModelSerializer):
extra_kwargs = {
'rules': {'read_only': True},
- 'system_users': {'read_only': True}
+ 'system_users': {'required': False},
}
diff --git a/apps/assets/templates/assets/asset_create.html b/apps/assets/templates/assets/asset_create.html
index 1b5636be5..6df7ff862 100644
--- a/apps/assets/templates/assets/asset_create.html
+++ b/apps/assets/templates/assets/asset_create.html
@@ -216,6 +216,8 @@ $(document).ready(function () {
var form = $("form");
var protocols = {};
var data = form.serializeObject();
+ objectAttrsIsBool(data, ['is_active']);
+ objectAttrsIsList(data, ['nodes', 'labels']);
$.each(data, function (k, v) {
if (k.startsWith("form")){
delete data[k];
@@ -233,12 +235,6 @@ $(document).ready(function () {
return v.name + '/' + v.port
});
data["protocols"] = protocols;
- if (typeof data.labels === "string") {
- data["labels"] = [data["labels"]];
- }
- if (typeof data["nodes"] == "string") {
- data["nodes"] = [data["nodes"]]
- }
var props = {
url: the_url,
data: data,
diff --git a/apps/assets/templates/assets/cmd_filter_detail.html b/apps/assets/templates/assets/cmd_filter_detail.html
index b98828f4e..e68cba47c 100644
--- a/apps/assets/templates/assets/cmd_filter_detail.html
+++ b/apps/assets/templates/assets/cmd_filter_detail.html
@@ -29,7 +29,7 @@
{% trans 'Update' %}
-
+
{% trans 'Delete' %}
@@ -164,5 +164,13 @@ $(document).ready(function () {
});
updateCMDFilterSystemUsers(system_users)
})
+.on('click', '.btn-delete-cmd-filter', function () {
+ var $this = $(this);
+ var name = "{{object.name }}";
+ var uid = "{{ object.id }}";
+ var the_url = '{% url "api-assets:cmd-filter-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+ var redirect_url = "{% url 'assets:cmd-filter-list' %}";
+ objectDelete($this, name, the_url, redirect_url);
+})
{% endblock %}
diff --git a/apps/assets/templates/assets/domain_detail.html b/apps/assets/templates/assets/domain_detail.html
index e60daa334..06fd0d28d 100644
--- a/apps/assets/templates/assets/domain_detail.html
+++ b/apps/assets/templates/assets/domain_detail.html
@@ -24,7 +24,7 @@
{% trans 'Update' %}
-
+
{% trans 'Delete' %}
@@ -127,6 +127,15 @@ $(document).ready(function(){
setTimeout( function () {
$data_table.ajax.reload();
}, 3000);
-});
+})
+.on('click', '.btn-delete-domain', function () {
+ var $this = $(this);
+ var name = "{{ object.name }}";
+ var uid = "{{ object.id }}";
+ var the_url = '{% url "api-assets:domain-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
+ var redirect_url = "{% url 'assets:domain-list' %}";
+ objectDelete($this, name, the_url, redirect_url);
+})
+;
{% endblock %}
\ No newline at end of file
diff --git a/apps/jumpserver/const.py b/apps/jumpserver/const.py
index c6b7e0e63..72350b1e4 100644
--- a/apps/jumpserver/const.py
+++ b/apps/jumpserver/const.py
@@ -1,3 +1,3 @@
# -*- coding: utf-8 -*-
#
-VERSION = '1.5.1'
+VERSION = '1.5.2'
diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo
index 9dc31d0c8..a19a73d5b 100644
Binary files a/apps/locale/zh/LC_MESSAGES/django.mo and b/apps/locale/zh/LC_MESSAGES/django.mo differ
diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po
index 1da5e158c..fe50f06d6 100644
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: Jumpserver 0.3.3\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2019-07-15 14:43+0800\n"
+"POT-Creation-Date: 2019-07-16 17:04+0800\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: ibuler \n"
"Language-Team: Jumpserver team\n"
@@ -555,7 +555,7 @@ msgid "Connect"
msgstr "连接"
#: applications/views/remote_app.py:31 applications/views/remote_app.py:47
-#: applications/views/remote_app.py:69 applications/views/remote_app.py:87
+#: applications/views/remote_app.py:70 applications/views/remote_app.py:89
#: templates/_nav.html:33
msgid "Applications"
msgstr "应用管理"
@@ -564,15 +564,15 @@ msgstr "应用管理"
msgid "RemoteApp list"
msgstr "远程应用列表"
-#: applications/views/remote_app.py:70
+#: applications/views/remote_app.py:71
msgid "Update RemoteApp"
msgstr "更新远程应用"
-#: applications/views/remote_app.py:88
+#: applications/views/remote_app.py:90
msgid "RemoteApp detail"
msgstr "远程应用详情"
-#: applications/views/remote_app.py:100
+#: applications/views/remote_app.py:102
msgid "My RemoteApp"
msgstr "我的远程应用"
@@ -695,7 +695,7 @@ msgstr "如果有多个的互相隔离的网络,设置资产属于的网域,
msgid "Select assets"
msgstr "选择资产"
-#: assets/forms/cmd_filter.py:37 assets/serializers/cmd_filter.py:40
+#: assets/forms/cmd_filter.py:38 assets/serializers/cmd_filter.py:43
msgid "Content should not be contain: {}"
msgstr "内容不能包含: {}"
@@ -1249,86 +1249,86 @@ msgstr "自动登录模式,必须填写用户名"
msgid "Password or private key required"
msgstr "密码或密钥密码需要一个"
-#: assets/tasks.py:33
+#: assets/tasks.py:34
msgid "Asset has been disabled, skipped: {}"
msgstr "资产或许不支持ansible, 跳过: {}"
-#: assets/tasks.py:37
+#: assets/tasks.py:38
msgid "Asset may not be support ansible, skipped: {}"
msgstr "资产或许不支持ansible, 跳过: {}"
-#: assets/tasks.py:50
+#: assets/tasks.py:51
msgid "No assets matched, stop task"
msgstr "没有匹配到资产,结束任务"
-#: assets/tasks.py:60
+#: assets/tasks.py:61
msgid "No assets matched related system user protocol, stop task"
msgstr "没有匹配到与系统用户协议相关的资产,结束任务"
-#: assets/tasks.py:86
+#: assets/tasks.py:87
msgid "Get asset info failed: {}"
msgstr "获取资产信息失败:{}"
-#: assets/tasks.py:136
+#: assets/tasks.py:137
msgid "Update some assets hardware info"
msgstr "更新资产硬件信息"
-#: assets/tasks.py:153
+#: assets/tasks.py:154
msgid "Update asset hardware info: {}"
msgstr "更新资产硬件信息: {}"
-#: assets/tasks.py:178
+#: assets/tasks.py:179
msgid "Test assets connectivity"
msgstr "测试资产可连接性"
-#: assets/tasks.py:232
+#: assets/tasks.py:233
msgid "Test assets connectivity: {}"
msgstr "测试资产可连接性: {}"
-#: assets/tasks.py:274
+#: assets/tasks.py:275
msgid "Test admin user connectivity period: {}"
msgstr "定期测试管理账号可连接性: {}"
-#: assets/tasks.py:281
+#: assets/tasks.py:282
msgid "Test admin user connectivity: {}"
msgstr "测试管理行号可连接性: {}"
-#: assets/tasks.py:349
+#: assets/tasks.py:350
msgid "Test system user connectivity: {}"
msgstr "测试系统用户可连接性: {}"
-#: assets/tasks.py:356
+#: assets/tasks.py:357
msgid "Test system user connectivity: {} => {}"
msgstr "测试系统用户可连接性: {} => {}"
-#: assets/tasks.py:369
+#: assets/tasks.py:370
msgid "Test system user connectivity period: {}"
msgstr "定期测试系统用户可连接性: {}"
-#: assets/tasks.py:470 assets/tasks.py:556
+#: assets/tasks.py:471 assets/tasks.py:557
#: xpack/plugins/change_auth_plan/models.py:522
msgid "The asset {} system platform {} does not support run Ansible tasks"
msgstr "资产 {} 系统平台 {} 不支持运行 Ansible 任务"
-#: assets/tasks.py:482
+#: assets/tasks.py:483
msgid ""
"Push system user task skip, auto push not enable or protocol is not ssh or "
"rdp: {}"
msgstr "推送系统用户任务跳过,自动推送没有打开,或协议不是ssh或rdp: {}"
-#: assets/tasks.py:489
+#: assets/tasks.py:490
msgid "For security, do not push user {}"
msgstr "为了安全,禁止推送用户 {}"
-#: assets/tasks.py:517 assets/tasks.py:531
+#: assets/tasks.py:518 assets/tasks.py:532
msgid "Push system users to assets: {}"
msgstr "推送系统用户到入资产: {}"
-#: assets/tasks.py:523
+#: assets/tasks.py:524
msgid "Push system users to asset: {} => {}"
msgstr "推送系统用户到入资产: {} => {}"
-#: assets/tasks.py:603
+#: assets/tasks.py:604
msgid "Test asset user connectivity: {}"
msgstr "测试资产用户可连接性: {}"
@@ -5307,8 +5307,6 @@ msgstr "密码长度"
#: xpack/plugins/change_auth_plan/forms.py:45
#: xpack/plugins/change_auth_plan/models.py:213
-#, fuzzy
-#| msgid "For security, do not change {} user's password"
msgid "* For security, do not change {} user's password"
msgstr "* 为了安全,禁止更改 {} 用户的密码"
@@ -5934,9 +5932,6 @@ msgstr "密码匣子"
msgid "vault create"
msgstr "创建"
-#~ msgid "* For security, please do not change root user's password"
-#~ msgstr "* 为了安全,请不要更改root用户的密码"
-
#~ msgid "Interface"
#~ msgstr "界面"
diff --git a/apps/perms/api/mixin.py b/apps/perms/api/mixin.py
index 24bd9abd2..9c726691f 100644
--- a/apps/perms/api/mixin.py
+++ b/apps/perms/api/mixin.py
@@ -174,6 +174,8 @@ class GrantAssetsMixin(LabelFilterMixin):
system_user = system_users_map.get(sid)
if not system_user:
continue
+ if not asset.has_protocol(system_user.protocol):
+ continue
system_user.actions = action
system_users_granted.append(system_user)
asset.system_users_granted = system_users_granted
diff --git a/apps/perms/api/user_permission.py b/apps/perms/api/user_permission.py
index 0746252cb..13ee07951 100644
--- a/apps/perms/api/user_permission.py
+++ b/apps/perms/api/user_permission.py
@@ -256,6 +256,8 @@ class UserGrantedNodesWithAssetsApi(UserPermissionCacheMixin, NodesWithUngroupMi
system_user = _system_users_map.get(system_user_id)
if not system_user:
continue
+ if not asset.has_protocol(system_user.protocol):
+ continue
system_user.actions = action
system_user_granted.append(system_user)
asset.system_users_granted = system_user_granted
diff --git a/apps/perms/templates/perms/asset_permission_detail.html b/apps/perms/templates/perms/asset_permission_detail.html
index beaa5a362..9054d57fd 100644
--- a/apps/perms/templates/perms/asset_permission_detail.html
+++ b/apps/perms/templates/perms/asset_permission_detail.html
@@ -206,7 +206,7 @@ $(document).ready(function () {
})
.on('click', '.btn-delete-perm', function () {
var $this = $(this);
- var name = "{{ asset_permission.name }}";
+ var name = "{{ object.name }}";
var uid = "{{ object.id }}";
var the_url = '{% url "api-perms:asset-permission-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
var redirect_url = "{% url 'perms:asset-permission-list' %}";
diff --git a/apps/perms/utils/asset_permission.py b/apps/perms/utils/asset_permission.py
index c437753b6..2c2eaac05 100644
--- a/apps/perms/utils/asset_permission.py
+++ b/apps/perms/utils/asset_permission.py
@@ -499,7 +499,7 @@ class AssetPermissionUtil(AssetPermissionCacheMixin):
if pattern:
assets_ids = Asset.objects.filter(
nodes__key__regex=pattern
- ).values_list("id", flat=True).distinct()
+ ).valid().values_list("id", flat=True).distinct()
else:
assets_ids = []
self.tree.add_assets_without_system_users(assets_ids)
@@ -523,8 +523,8 @@ class AssetPermissionUtil(AssetPermissionCacheMixin):
assets_ids = defaultdict(lambda: defaultdict(int))
for perm in self.permissions:
actions = [perm.actions]
- _assets_ids = [a.id for a in perm.assets.all()]
- system_users_ids = [s.id for s in perm.system_users.all()]
+ _assets_ids = perm.assets.valid().values_list("id", flat=True)
+ system_users_ids = perm.system_users.values_list("id", flat=True)
iterable = itertools.product(_assets_ids, system_users_ids, actions)
for asset_id, sys_id, action in iterable:
assets_ids[asset_id][sys_id] |= action
diff --git a/apps/static/js/jumpserver.js b/apps/static/js/jumpserver.js
index c880a5499..ad1ec17f5 100644
--- a/apps/static/js/jumpserver.js
+++ b/apps/static/js/jumpserver.js
@@ -1110,6 +1110,7 @@ function objectAttrsIsBool(obj, attrs) {
}
function cleanDate(d) {
+ if (typeof d === 'number'){return d}
for (var i=0; i<2; i++) {
if (isNaN(Date.parse(d))) {
d = d.split('+')[0].trimRight();