Merge pull request #7610 from jumpserver/dev

v2.19.0-rc2

apps/audits/signals_handler.py

@@ -170,9 +170,9 @@ M2M_NEED_RECORD = {
 }
 
 M2M_ACTION = {
-    POST_ADD: 'add',
+    POST_ADD: OperateLog.ACTION_CREATE,
-    POST_REMOVE: 'remove',
+    POST_REMOVE: OperateLog.ACTION_DELETE,
-    POST_CLEAR: 'remove',
+    POST_CLEAR: OperateLog.ACTION_DELETE,
 }
 
 
@@ -187,14 +187,14 @@ def on_m2m_changed(sender, action, instance, reverse, model, pk_set, **kwargs):
 
     sender_name = sender._meta.object_name
     if sender_name in M2M_NEED_RECORD:
-        action = M2M_ACTION[action]
         org_id = current_org.id
         remote_addr = get_request_ip(current_request)
         user = str(user)
         resource_type, resource_tmpl_add, resource_tmpl_remove = M2M_NEED_RECORD[sender_name]
-        if action == 'add':
+        action = M2M_ACTION[action]
+        if action == OperateLog.ACTION_CREATE:
             resource_tmpl = resource_tmpl_add
-        elif action == 'remove':
+        elif action == OperateLog.ACTION_DELETE:
             resource_tmpl = resource_tmpl_remove
 
         to_create = []

apps/authentication/backends/saml2/views.py

@@ -171,6 +171,7 @@ class PrepareRequestMixin:
         valid_attrs = ['username', 'name', 'email', 'comment', 'phone']
 
         for attr, value in attrs.items():
+            attr = attr.rsplit('/', 1)[-1]
             if attr not in valid_attrs:
                 continue
             user_attrs[attr] = self.value_to_str(value)

apps/terminal/models/session.py

@@ -56,7 +56,6 @@ class Session(OrgModelMixin):
 
     upload_to = 'replay'
     ACTIVE_CACHE_KEY_PREFIX = 'SESSION_ACTIVE_{}'
-    _DATE_START_FIRST_HAS_REPLAY_RDP_SESSION = None
     SUFFIX_MAP = {1: '.gz', 2: '.replay.gz', 3: '.cast.gz'}
     DEFAULT_SUFFIXES = ['.replay.gz', '.cast.gz', '.gz']
 
@@ -125,25 +124,8 @@ class Session(OrgModelMixin):
     def user_obj(self):
         return User.objects.get(id=self.user_id)
 
-    @property
-    def _date_start_first_has_replay_rdp_session(self):
-        if self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION is None:
-            instance = self.__class__.objects.filter(
-                protocol='rdp', has_replay=True
-            ).order_by('date_start').first()
-            if not instance:
-                date_start = timezone.now() - timezone.timedelta(days=365)
-            else:
-                date_start = instance.date_start
-            self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION = date_start
-        return self.__class__._DATE_START_FIRST_HAS_REPLAY_RDP_SESSION
-
     def can_replay(self):
-        if self.has_replay:
+        return self.has_replay
-            return True
-        if self.date_start < self._date_start_first_has_replay_rdp_session:
-            return True
-        return False
 
     @property
     def can_join(self):

apps/terminal/tasks.py

@@ -18,7 +18,6 @@ from .models import Status, Session, Command
 from .backends import server_replay_storage
 from .utils import find_session_replay_local
 
-
 CACHE_REFRESH_INTERVAL = 10
 RUNNING = False
 logger = get_task_logger(__name__)
@@ -64,7 +63,7 @@ def clean_expired_session_period():
     logger.info("Clean session item done")
     expired_commands.delete()
     logger.info("Clean session command done")
-    command = "find %s -mtime +%s -name '*.gz' -exec rm -f {} \\;" % (
+    command = "find %s -mtime +%s \\( -name '*.json' -o -name '*.tar' -o -name '*.gz' \\) -exec rm -f {} \\;" % (
         replay_dir, days
     )
     subprocess.call(command, shell=True)

apps/tickets/api/ticket.py

@@ -81,7 +81,7 @@ class TicketViewSet(CommonApiMixin, viewsets.ModelViewSet):
 
 
 class TicketFlowViewSet(JMSBulkModelViewSet):
-    permission_classes = (IsOrgAdmin, IsSuperUser)
+    permission_classes = (IsOrgAdmin,)
     serializer_class = serializers.TicketFlowSerializer
 
     filterset_fields = ['id', 'type']

apps/tickets/models/flow.py

@@ -6,7 +6,8 @@ from django.utils.translation import ugettext_lazy as _
 from users.models import User
 from common.mixins.models import CommonModelMixin
 from orgs.mixins.models import OrgModelMixin
-from orgs.utils import tmp_to_root_org, tmp_to_org, get_current_org_id
+from orgs.models import Organization
+from orgs.utils import tmp_to_org, get_current_org_id
 from ..const import TicketType, TicketApprovalLevel, TicketApprovalStrategy
 
 __all__ = ['TicketFlow', 'ApprovalRule']
@@ -75,6 +76,7 @@ class TicketFlow(CommonModelMixin, OrgModelMixin):
         else:
             flows = cls.objects.all()
         cur_flow_types = flows.values_list('type', flat=True)
-        with tmp_to_root_org():
+        root_id = Organization.ROOT_ID
-            diff_global_flows = cls.objects.exclude(type__in=cur_flow_types)
+        with tmp_to_org(root_id):
+            diff_global_flows = cls.objects.exclude(type__in=cur_flow_types).filter(org_id=root_id)
         return flows | diff_global_flows