merge: with pam (#14911)

* perf: change i18n

* perf: pam

* perf: change translate

* perf: add check account

* perf: add date field

* perf: add account filter

* perf: remove some js

* perf: add account status action

* perf: update pam

* perf: 修改 discover account

* perf: update filter

* perf: update gathered account

* perf: 修改账号同步

* perf: squash migrations

* perf: update pam

* perf: change i18n

* perf: update account risk

* perf: 更新风险发现

* perf: remove css

* perf: Admin connection token

* perf: Add a switch to check connectivity after changing the password, and add a custom ssh command for push tasks

* perf: Modify account migration files

* perf: update pam

* perf: remove to check account dir

* perf: Admin connection token

* perf: update check account

* perf: 优化发送结果

* perf: update pam

* perf: update bulk update create

* perf: prepaire using thread timer for bulk_create_decorator

* perf: update bulk create decorator

* perf: 优化 playbook manager

* perf: 优化收集账号的报表

* perf: Update poetry

* perf: Update Dockerfile with new base image tag

* fix: Account migrate 0012 file

* perf: 修改备份

* perf: update pam

* fix: Expand resource_type filter to include raw type

* feat: PAM Service (#14552)

* feat: PAM Service

* perf: import package name

---------

Co-authored-by: jiangweidong <1053570670@qq.com>

* perf: Change secret dashboard (#14551)

Co-authored-by: feng <1304903146@qq.com>

* perf: update migrations

* perf: 修改支持 pam

* perf: Change secret record table dashboard

* perf: update status

* fix: Automation send report

* perf: Change secret report

* feat: windows accounts gather

* perf: update change status

* perf: Account backup

* perf: Account backup report

* perf: Account migrate

* perf: update service to application

* perf: update migrations

* perf: update logo

* feat: oracle accounts gather (#14571)

* feat: oracle accounts gather

* feat: sqlserver accounts gather

* feat: postgresql accounts gather

* feat: mysql accounts gather

---------

Co-authored-by: wangruidong <940853815@qq.com>

* feat: mongodb accounts gather

* perf: Change secret

* perf: Migrate

* perf: Merge conflicting migration files

* perf: Change secret

* perf: Automation filter org

* perf: Account push

* perf: Random secret string

* perf: Enhance SQL query and update risk handling in accounts

* perf: Ticket filter assignee_id

* perf: 修改 account remote

* perf: 修改一些 adhoc 任务

* perf: Change secret

* perf: Remove push account extra api

* perf: update status

* perf: The entire organization can view activity log

* fix: risk field check

* perf: add account details api

* perf: add demo mode

* perf: Delete gather_account

* perf: Perfect solution to account version problem

* perf: Update status action to handle multiple accounts

* perf: Add GatherAccountDetailField and update serializers

* perf: Display account history in combination with password change records

* perf: Lina translate

* fix: Update mysql_filter to handle nested user info

* perf: Admin connection token validate_permission account

* perf: copy move account

* perf: account filter risk

* perf: account risk filter

* perf: Copy move account failed message

* fix: gather account sync account to asset

* perf: Pam dashboard

* perf: Account dashboard total accounts

* perf: Pam dashboard

* perf: Change secret filter account secret_reset

* perf: 修改 risk filter

* perf: pam translate

* feat: Check for leaked duplicate passwords. (#14711)

* feat: Check for leaked duplicate passwords.

* perf: Use SQLite instead of txt as leak password database

---------

Co-authored-by: jiangweidong <1053570670@qq.com>
Co-authored-by: 老广 <ibuler@qq.com>

* perf: merge with remote

* perf: Add risk change_password_add handle

* perf: Pam dashboard

* perf: check account manager import

* perf: 重构扫描

* perf: 修改 db

* perf: Gather account manager

* perf: update change db lib

* perf: dashboard

* perf: Account gather

* perf: 修改 asset get queryset

* perf: automation report

* perf: Pam account

* perf: Pam dashboard api

* perf: risk add account

* perf: 修改 risk check

* perf: Risk account

* perf: update risk add reopen action

* perf: add pylintrc

* Revert "perf: automation report"

This reverts commit 22aee54207.

* perf: check account engine

* perf: Perf: Optimism Gather Report Style

* Perf: Remove unuser actions

* Perf: Perf push account

* perf: perf gather account

* perf: Automation report

* perf: Push account recorder

* perf: Push account record

* perf: Pam dashboard

* perf: perf

* perf: update intergration

* perf: integrations application detail add account tab page

* feat: Custom change password supports configuration of interactive items

* perf: Go and Python demo code

* perf: Custom secret change

* perf: add user filter

* perf: translate

* perf: Add demo code docs

* perf: update some i18n

* perf: update some i18n

* perf: Add Java, Node, Go, and cURL demo code

* perf: Translate

* perf: Change secret translate

* perf: Translate

* perf: update some i18n

* perf: translate

* perf: Ansible playbook

* perf: update some choice

* perf: update some choice

* perf: update account serializer remote unused code

* perf: conflict

* perf: update import

---------

Co-authored-by: ibuler <ibuler@qq.com>
Co-authored-by: feng <1304903146@qq.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: wangruidong <940853815@qq.com>
Co-authored-by: jiangweidong <1053570670@qq.com>
Co-authored-by: feng626 <57284900+feng626@users.noreply.github.com>
Co-authored-by: zhaojisen <1301338853@qq.com>

apps/accounts/demos/java/Demo.java

@@ -0,0 +1,78 @@
+import java.net.URI;
+import java.net.http.HttpClient;
+import java.net.http.HttpRequest;
+import java.net.http.HttpResponse;
+import java.nio.charset.StandardCharsets;
+import java.time.ZonedDateTime;
+import java.time.format.DateTimeFormatter;
+import java.util.Base64;
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import java.net.URLEncoder;
+
+public class Demo {
+    private static final String API_URL = System.getenv().getOrDefault("API_URL", "http://127.0.0.1:8080");
+    private static final String KEY_ID = System.getenv().getOrDefault("API_KEY_ID", "72b0b0aa-ad82-4182-a631-ae4865e8ae0e");
+    private static final String KEY_SECRET = System.getenv().getOrDefault("API_KEY_SECRET", "6fuSO7P1m4cj8SSlgaYdblOjNAmnxDVD7tr8");
+    private static final String ORG_ID = System.getenv().getOrDefault("ORG_ID", "00000000-0000-0000-0000-000000000002");
+
+    public static void main(String[] args) throws Exception {
+        APIClient client = new APIClient();
+        String result = client.getAccountSecret("ubuntu_docker", "root");
+        System.out.println(result);
+    }
+
+    static class APIClient {
+        private final HttpClient httpClient = HttpClient.newHttpClient();
+
+        public String getAccountSecret(String asset, String account) throws Exception {
+            // 编码 URL 参数
+            String queryString = "asset=" + URLEncoder.encode(asset, StandardCharsets.UTF_8) +
+                                 "&account=" + URLEncoder.encode(account, StandardCharsets.UTF_8);
+
+            // 完整的 URL（带参数）
+            String url = API_URL + "/api/v1/accounts/integration-applications/account-secret/?" + queryString;
+
+            // 获取当前 UTC 时间
+            String date = ZonedDateTime.now().format(DateTimeFormatter.RFC_1123_DATE_TIME);
+
+            // 构造 (request-target)，包括查询参数
+            String requestTarget = "get /api/v1/accounts/integration-applications/account-secret/?" + queryString;
+
+            // 生成签名字符串
+            String signingString = "(request-target): " + requestTarget + "\n" +
+                                   "accept: application/json\n" +
+                                   "date: " + date + "\n" +
+                                   "x-jms-org: " + ORG_ID;
+            String signature = sign(signingString, KEY_SECRET);
+
+            // 构造 HTTP 请求
+            HttpRequest request = HttpRequest.newBuilder()
+                    .uri(URI.create(url))
+                    .header("Accept", "application/json")
+                    .header("Date", date)
+                    .header("X-JMS-ORG", ORG_ID)
+                    .header("X-Source", "jms-pam")
+                    .header("Authorization", "Signature keyId=\"" + KEY_ID + "\",algorithm=\"hmac-sha256\",headers=\"(request-target) accept date x-jms-org\",signature=\"" + signature + "\"")
+                    .build();
+
+            // 发送请求
+            HttpResponse<String> response = httpClient.send(request, HttpResponse.BodyHandlers.ofString());
+            if (response.statusCode() == 200) {
+                return response.body();
+            } else {
+                System.err.println("API 请求失败: " + response.statusCode());
+                return null;
+            }
+        }
+
+        // HMAC-SHA256 签名计算
+        private String sign(String data, String key) throws Exception {
+            Mac mac = Mac.getInstance("HmacSHA256");
+            SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes(StandardCharsets.UTF_8), "HmacSHA256");
+            mac.init(secretKeySpec);
+            byte[] rawHmac = mac.doFinal(data.getBytes(StandardCharsets.UTF_8));
+            return Base64.getEncoder().encodeToString(rawHmac);
+        }
+    }
+}

apps/accounts/demos/java/README.en.md

@@ -0,0 +1,42 @@
+# Instructions
+
+## 1. Introduction
+
+This API provides PAM asset account viewing service, supports RESTful style calls, and returns data in JSON format.
+
+## 2. Environment Requirements
+
+- `Java 8+`
+- `HttpClient`
+
+## 3. Usage
+
+**Request Method**: `GET api/v1/accounts/integration-applications/account-secret/`
+
+**Request Parameters**
+
+| Parameter Name | Type | Required | Description       |
+|----------------|------|----------|-------------------|
+| asset          | str  | Yes      | Asset ID / Name   |
+| account        | str  | Yes      | Account ID / Name |
+
+**Response Example**:
+```json
+{
+    "id": "72b0b0aa-ad82-4182-a631-ae4865e8ae0e", 
+    "secret": "123456"
+}
+```
+
+## Frequently Asked Questions (FAQ)
+
+Q: How to obtain the API Key?
+
+A: You can create an application in PAM - Application Management to generate KEY_ID and KEY_SECRET.
+
+## Changelog
+
+
+| Version | Changes                | Date       |
+|---------|------------------------|------------|
+| 1.0.0   | Initial version        | 2025-02-11 |

apps/accounts/demos/java/README.ja.md

@@ -0,0 +1,42 @@
+# 使用方法
+
+## 1. 概要
+
+本 API は PAM 資産アカウントサービスの表示を提供し、RESTful スタイルの呼び出しをサポートし、データは JSON 形式で返されます。
+
+## 2. 環境要件
+
+- `Java 8+`
+- `HttpClient`
+
+## 3. 使用方法
+
+**リクエスト方法**: `GET api/v1/accounts/integration-applications/account-secret/`
+
+**リクエストパラメータ**
+
+| パラメータ名 | タイプ | 必須 | 説明            |
+|-------------|------|----|----------------|
+| asset       | str  | はい | 資産 ID / 資産名 |
+| account     | str  | はい | アカウント ID / アカウント名 |
+
+**レスポンス例**:
+```json
+{
+    "id": "72b0b0aa-ad82-4182-a631-ae4865e8ae0e", 
+    "secret": "123456"
+}
+```
+
+## よくある質問（FAQ）
+
+Q: APIキーはどのように取得しますか？
+
+A: PAM - アプリケーション管理でアプリケーションを作成し、KEY_IDとKEY_SECRETを生成できます。
+
+## バージョン履歴（Changelog）
+
+
+| バージョン | 変更内容              | 日付         |
+| -------- | ----------------- |------------|
+| 1.0.0    | 初期バージョン          | 2025-02-11 |

apps/accounts/demos/java/README.zh-hans.md

@@ -0,0 +1,41 @@
+# 使用说明
+
+## 1. 简介
+
+本 API 提供了 PAM 查看资产账号服务，支持 RESTful 风格的调用，返回数据采用 JSON 格式。
+
+## 2. 环境要求
+
+- `Java 8+`
+- `HttpClient`
+
+## 3. 使用方法
+
+**请求方式**: `GET api/v1/accounts/integration-applications/account-secret/`
+
+**请求参数**
+
+| 参数名    | 类型   | 必填 | 说明            |
+|----------|------|-----|---------------|
+| asset    | str  | 是   | 资产 ID / 资产名称 |
+| account  | str  | 是   | 账号 ID / 账号名称 |
+
+**响应示例**:
+```json
+{
+    "id": "72b0b0aa-ad82-4182-a631-ae4865e8ae0e", 
+    "secret": "123456"
+}
+```
+
+## 常见问题（FAQ）
+
+Q: API Key 如何获取？
+
+A: 你可以在 PAM - 应用管理 创建应用生成 KEY_ID 和 KEY_SECRET。
+
+## 版本历史（Changelog）
+
+| 版本号   | 变更内容              | 日期         |
+| ----- | ----------------- |------------|
+| 1.0.0 | 初始版本              | 2025-02-11 |

apps/accounts/demos/java/README.zh-hant.md

@@ -0,0 +1,40 @@
+## 1. 簡介
+
+本 API 提供了 PAM 查看資產賬號服務，支持 RESTful 風格的調用，返回數據採用 JSON 格式。
+
+## 2. 環境要求
+
+- `Java 8+`
+- `HttpClient`
+
+## 3. 使用方法
+
+**請求方式**: `GET api/v1/accounts/integration-applications/account-secret/`
+
+**請求參數**
+
+| 參數名    | 類型   | 必填 | 說明            |
+|----------|------|-----|---------------|
+| asset    | str  | 是   | 資產 ID / 資產名稱 |
+| account  | str  | 是   | 賬號 ID / 賬號名稱 |
+
+**響應示例**:
+```json
+{
+    "id": "72b0b0aa-ad82-4182-a631-ae4865e8ae0e", 
+    "secret": "123456"
+}
+```
+
+## 常見問題（FAQ）
+
+Q: API Key 如何獲取？
+
+A: 你可以在 PAM - 應用管理 創建應用生成 KEY_ID 和 KEY_SECRET。
+
+## 版本歷史（Changelog）
+
+
+| 版本號   | 變更內容              | 日期         |
+| ----- | ----------------- |------------|
+| 1.0.0 | 初始版本              | 2025-02-11 |