perf: 修改 migrations，修改 Connect token

2025-06-30 00:32:06 +00:00 · 2022-12-05 12:42:15 +08:00 · 2022-12-05 12:42:15 +08:00 · 38b1701b33
commit 38b1701b33
parent d25d580ba4
12 changed files with 117 additions and 97 deletions
--- a/apps/assets/migrations/0112_gateway_to_asset.py
+++ b/apps/assets/migrations/0112_gateway_to_asset.py
@ -1,6 +1,7 @@
 # Generated by Django 3.2.13 on 2022-09-29 11:03
 from django.db import migrations
 from assets.const.host import GATEWAY_NAME
@ -70,4 +71,18 @@ class Migration(migrations.Migration):
    operations = [
        migrations.RunPython(migrate_gateway_to_asset),
        migrations.DeleteModel(
            name='Gateway',
        ),
        migrations.CreateModel(
            name='Gateway',
            fields=[
            ],
            options={
                'proxy': True,
                'indexes': [],
                'constraints': [],
            },
            bases=('assets.host',),
        ),
    ]
--- a/apps/assets/migrations/0113_alter_accounttemplate_options.py
+++ b/apps/assets/migrations/0113_alter_accounttemplate_options.py
@ -1,10 +1,9 @@
 # Generated by Django 3.2.14 on 2022-11-28 10:39
-from django.db import migrations
+from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('assets', '0112_gateway_to_asset'),
    ]
@ -12,6 +11,33 @@ class Migration(migrations.Migration):
    operations = [
        migrations.AlterModelOptions(
            name='accounttemplate',
-            options={'permissions': [('view_accounttemplatesecret', 'Can view asset account template secret'), ('change_accounttemplatesecret', 'Can change asset account template secret')], 'verbose_name': 'Account template'},
+            options={'permissions': [('view_accounttemplatesecret', 'Can view asset account template secret'),
                                     ('change_accounttemplatesecret', 'Can change asset account template secret')],
                     'verbose_name': 'Account template'},
        ),
        migrations.AddField(
            model_name='database',
            name='allow_invalid_cert',
            field=models.BooleanField(default=False, verbose_name='Allow invalid cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='ca_cert',
            field=models.TextField(blank=True, verbose_name='CA cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='client_cert',
            field=models.TextField(blank=True, verbose_name='Client cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='client_key',
            field=models.TextField(blank=True, verbose_name='Client key'),
        ),
        migrations.AddField(
            model_name='database',
            name='use_ssl',
            field=models.BooleanField(default=False, verbose_name='Use SSL'),
        ),
    ]
--- a/apps/assets/migrations/0114_node_domain.py
+++ b/apps/assets/migrations/0114_node_domain.py
@ -1,14 +1,37 @@
 # Generated by Django 3.2.14 on 2022-11-29 05:14
 from django.db import migrations, models
 import django.db.models.deletion
 # TODO 最后去掉这个迁移
 class Migration(migrations.Migration):
    dependencies = [
        ('assets', '0113_alter_accounttemplate_options'),
    ]
    operations = [
        migrations.AddField(
            model_name='database',
            name='allow_invalid_cert',
            field=models.BooleanField(default=False, verbose_name='Allow invalid cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='ca_cert',
            field=models.TextField(blank=True, verbose_name='CA cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='client_cert',
            field=models.TextField(blank=True, verbose_name='Client cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='client_key',
            field=models.TextField(blank=True, verbose_name='Client key'),
        ),
        migrations.AddField(
            model_name='database',
            name='use_ssl',
            field=models.BooleanField(default=False, verbose_name='Use SSL'),
        ),
    ]
--- a/apps/assets/migrations/0115_auto_20221130_1118.py
+++ b/apps/assets/migrations/0115_auto_20221130_1118.py
@ -1,38 +0,0 @@
 # Generated by Django 3.2.14 on 2022-11-30 03:18
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('assets', '0114_node_domain'),
    ]
    operations = [
        migrations.AddField(
            model_name='database',
            name='allow_invalid_cert',
            field=models.BooleanField(default=False, verbose_name='Allow invalid cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='ca_cert',
            field=models.TextField(blank=True, verbose_name='CA cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='client_cert',
            field=models.TextField(blank=True, verbose_name='Client cert'),
        ),
        migrations.AddField(
            model_name='database',
            name='client_key',
            field=models.TextField(blank=True, verbose_name='Client key'),
        ),
        migrations.AddField(
            model_name='database',
            name='use_ssl',
            field=models.BooleanField(default=False, verbose_name='Use SSL'),
        ),
    ]
--- a/apps/assets/migrations/0116_delete_gateway.py
+++ b/apps/assets/migrations/0116_delete_gateway.py
@ -1,16 +0,0 @@
 # Generated by Django 3.2.14 on 2022-12-01 07:08
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('assets', '0115_auto_20221130_1118'),
    ]
    operations = [
        migrations.DeleteModel(
            name='Gateway',
        ),
    ]
--- a/apps/assets/migrations/0117_gateway.py
+++ b/apps/assets/migrations/0117_gateway.py
@ -1,24 +0,0 @@
 # Generated by Django 3.2.14 on 2022-12-01 07:21
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('assets', '0116_delete_gateway'),
    ]
    operations = [
        migrations.CreateModel(
            name='Gateway',
            fields=[
            ],
            options={
                'proxy': True,
                'indexes': [],
                'constraints': [],
            },
            bases=('assets.host',),
        ),
    ]
--- a/apps/authentication/api/connection_token.py
+++ b/apps/authentication/api/connection_token.py
@ -278,7 +278,7 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
        data = serializer.validated_data
        user = self.get_user(serializer)
        asset = data.get('asset')
-        account_name = data.get('account_name')
+        account_name = data.get('account')
        data['org_id'] = asset.org_id
        data['user'] = user
        data['value'] = random_string(16)
--- a/apps/authentication/migrations/0015_auto_20221205_1136.py
+++ b/apps/authentication/migrations/0015_auto_20221205_1136.py
@ -0,0 +1,17 @@
 # Generated by Django 3.2.14 on 2022-12-05 03:36
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('authentication', '0014_auto_20221122_2152'),
    ]
    operations = [
        migrations.RenameField(
            model_name='connectiontoken',
            old_name='account_name',
            new_name='account',
        ),
    ]
--- a/apps/authentication/models/connection_token.py
+++ b/apps/authentication/models/connection_token.py
@ -28,7 +28,7 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
        'assets.Asset', on_delete=models.SET_NULL, null=True, blank=True,
        related_name='connection_tokens', verbose_name=_('Asset'),
    )
-    account_name = models.CharField(max_length=128, verbose_name=_("Account name"))  # 登录账号Name
+    account = models.CharField(max_length=128, verbose_name=_("Account name"))  # 登录账号Name
    input_username = models.CharField(max_length=128, default='', blank=True, verbose_name=_("Input username"))
    input_secret = EncryptCharField(max_length=64, default='', blank=True, verbose_name=_("Input secret"))
    protocol = models.CharField(max_length=16, default=Protocol.ssh, verbose_name=_("Protocol"))
@ -74,7 +74,7 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
    def permed_account(self):
        from perms.utils import PermAccountUtil
        permed_account = PermAccountUtil().validate_permission(
-            self.user, self.asset, self.account_name
+            self.user, self.asset, self.account
        )
        return permed_account
@ -86,6 +86,12 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
    def expire_at(self):
        return self.permed_account.date_expired.timestamp()
    @lazyproperty
    def connect_method_object(self):
        from terminal.const import TerminalType
        method = TerminalType.get_connect_method(self.connect_method, protocol=self.protocol)
        return method
    def is_valid(self):
        if self.is_expired:
            error = _('Connection token expired at: {}').format(as_current_tz(self.date_expired))
@ -97,13 +103,13 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
            is_valid = False
            error = _('No asset or inactive asset')
            return is_valid, error
-        if not self.account_name:
+        if not self.account:
            error = _('No account')
            raise PermissionDenied(error)
        if not self.permed_account or not self.permed_account.actions:
            msg = 'user `{}` not has asset `{}` permission for login `{}`'.format(
-                self.user, self.asset, self.account_name
+                self.user, self.asset, self.account
            )
            raise PermissionDenied(msg)
@ -116,15 +122,15 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
        return self.asset.platform
    @lazyproperty
-    def account(self):
+    def account_object(self):
        from assets.models import Account
        if not self.asset:
            return None
-        account = self.asset.accounts.filter(name=self.account_name).first()
+        account = self.asset.accounts.filter(name=self.account).first()
-        if self.account_name == '@INPUT' or not account:
+        if self.account == '@INPUT' or not account:
            data = {
-                'name': self.account_name,
+                'name': self.account,
                'username': self.input_username,
                'secret_type': 'password',
                'secret': self.input_secret,
--- a/apps/authentication/serializers/connect_token_secret.py
+++ b/apps/authentication/serializers/connect_token_secret.py
@ -84,14 +84,14 @@ class _ConnectionTokenPlatformSerializer(PlatformSerializer):
 class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
    user = _ConnectionTokenUserSerializer(read_only=True)
    asset = _ConnectionTokenAssetSerializer(read_only=True)
-    account = _ConnectionTokenAccountSerializer(read_only=True)
+    account = _ConnectionTokenAccountSerializer(read_only=True, source='account_object')
    gateway = _ConnectionTokenGatewaySerializer(read_only=True)
    platform = _ConnectionTokenPlatformSerializer(read_only=True)
    acl_command_groups = _ConnectionTokenACLCmdGroupSerializer(read_only=True, many=True)
    actions = ActionChoicesField()
    expire_at = serializers.IntegerField()
    expire_now = serializers.BooleanField(label=_('Expired now'), write_only=True, default=True)
-    connect_method = serializers.CharField(label=_('Connect method'), write_only=True, default='ssh')
+    connect_method = serializers.SerializerMethodField(label=_('Connect method'))
    class Meta:
        model = ConnectionToken
@ -99,7 +99,19 @@ class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
            'id', 'value', 'user', 'asset', 'account',
            'platform', 'acl_command_groups', 'protocol',
            'gateway', 'actions', 'expire_at', 'expire_now',
            'connect_method'
        ]
        extra_kwargs = {
            'value': {'read_only': True},
        }
    def get_connect_method(self, obj):
        from terminal.const import TerminalType
        from common.utils import get_request_os
        request = self.context.get('request')
        if request:
            os = get_request_os(request)
        else:
            os = 'windows'
        method = TerminalType.get_connect_method(obj.connect_method, protocol=obj.protocol, os=os)
        return method
--- a/apps/authentication/serializers/connection_token.py
+++ b/apps/authentication/serializers/connection_token.py
@ -16,7 +16,7 @@ class ConnectionTokenSerializer(OrgResourceModelSerializerMixin):
        model = ConnectionToken
        fields_mini = ['id', 'value']
        fields_small = fields_mini + [
-            'user', 'asset', 'account_name', 'input_username',
+            'user', 'asset', 'account', 'input_username',
            'input_secret', 'connect_method', 'protocol', 'actions',
            'date_expired', 'date_created', 'date_updated', 'created_by',
            'updated_by', 'org_id', 'org_name',
--- a/apps/terminal/const.py
+++ b/apps/terminal/const.py
@ -229,7 +229,7 @@ class TerminalType(TextChoices):
        return protocols
    @classmethod
-    def get_connect_method(cls, name, protocol, os):
+    def get_connect_method(cls, name, protocol, os='linux'):
        methods = cls.get_protocols_connect_methods(os)
        protocol_methods = methods.get(protocol, [])
        for method in protocol_methods:
@ -267,7 +267,6 @@ class TerminalType(TextChoices):
                protocol_web_methods = set(web_methods.get(protocol, [])) \
                                       & set(component_protocol.get('web_methods', []))
                print("protocol_web_methods", protocol, protocol_web_methods)
                methods[protocol.value].extend([
                    {
                        'component': component.value,