refactor: 重构危险命令告警类型: Warning (#10970)

* refactor: 重构危险命令告警类型: Warning * Update _msg_command_warning.html * Update _msg_command_warning.html * Update command.py * Update django.po * perf: 优化 command acl warning 的代码逻辑 * perf: 优化 command acl warning 的代码逻辑 * perf: 优化 CommandWarningMessage 逻辑 --------- Co-authored-by: fangfang.dong <fangfang.dong@fit2cloud.com> Co-authored-by: Bai <baijiangjie@gmail.com>
2025-09-08 18:59:47 +00:00 · 2023-07-17 20:52:54 +08:00
parent a2c6e5f3fb
commit 0771b804d1
8 changed files with 390 additions and 228 deletions
--- a/apps/terminal/serializers/command.py
+++ b/apps/terminal/serializers/command.py
@@ -2,12 +2,12 @@
 from django.utils.translation import ugettext_lazy as _
 from rest_framework import serializers

-from common.utils import pretty_string
+from common.utils import pretty_string, is_uuid, get_logger
 from common.serializers.fields import LabeledChoiceField
-from terminal.backends.command.models import AbstractSessionCommand
 from terminal.models import Command
 from terminal.const import RiskLevelChoices

+logger = get_logger(__name__)
 __all__ = ['SessionCommandSerializer', 'InsecureCommandAlertSerializer']


@@ -39,17 +39,32 @@ class SimpleSessionCommandSerializer(serializers.ModelSerializer):

 class InsecureCommandAlertSerializer(SimpleSessionCommandSerializer):
    cmd_filter_acl = serializers.CharField(
-        max_length=128, required=False, label=_("Command Filter ACL")
+        max_length=36, required=False, label=_("Command Filter ACL")
    )
    cmd_group = serializers.CharField(
-        max_length=128, required=True, label=_("Command Group")
+        max_length=36, required=True, label=_("Command Group")
    )

    class Meta(SimpleSessionCommandSerializer.Meta):
        fields = SimpleSessionCommandSerializer.Meta.fields + [
-            'cmd_filter_acl', 'cmd_group'
+            'cmd_filter_acl', 'cmd_group',
        ]

+    def validate(self, attrs):
+        if not is_uuid(attrs['cmd_filter_acl']):
+            raise serializers.ValidationError(
+                _("Invalid command filter ACL id")
+            )
+        if not is_uuid(attrs['cmd_group']):
+            raise serializers.ValidationError(
+                _("Invalid command group id")
+            )
+        if not is_uuid(attrs['session']):
+            raise serializers.ValidationError(
+                _("Invalid session id")
+            )
+        return super().validate(attrs)
+

 class SessionCommandSerializerMixin(serializers.Serializer):
    """使用这个类作为基础Command Log Serializer类, 用来序列化"""
@@ -74,4 +89,3 @@ class SessionCommandSerializer(SessionCommandSerializerMixin, SimpleSessionComma
        fields = SimpleSessionCommandSerializer.Meta.fields + [
            'id', 'account', 'output', 'timestamp', 'timestamp_display', 'remote_addr'
        ]
-