merge: with pam (#14911)

* perf: change i18n

* perf: pam

* perf: change translate

* perf: add check account

* perf: add date field

* perf: add account filter

* perf: remove some js

* perf: add account status action

* perf: update pam

* perf: 修改 discover account

* perf: update filter

* perf: update gathered account

* perf: 修改账号同步

* perf: squash migrations

* perf: update pam

* perf: change i18n

* perf: update account risk

* perf: 更新风险发现

* perf: remove css

* perf: Admin connection token

* perf: Add a switch to check connectivity after changing the password, and add a custom ssh command for push tasks

* perf: Modify account migration files

* perf: update pam

* perf: remove to check account dir

* perf: Admin connection token

* perf: update check account

* perf: 优化发送结果

* perf: update pam

* perf: update bulk update create

* perf: prepaire using thread timer for bulk_create_decorator

* perf: update bulk create decorator

* perf: 优化 playbook manager

* perf: 优化收集账号的报表

* perf: Update poetry

* perf: Update Dockerfile with new base image tag

* fix: Account migrate 0012 file

* perf: 修改备份

* perf: update pam

* fix: Expand resource_type filter to include raw type

* feat: PAM Service (#14552)

* feat: PAM Service

* perf: import package name

---------

Co-authored-by: jiangweidong <1053570670@qq.com>

* perf: Change secret dashboard (#14551)

Co-authored-by: feng <1304903146@qq.com>

* perf: update migrations

* perf: 修改支持 pam

* perf: Change secret record table dashboard

* perf: update status

* fix: Automation send report

* perf: Change secret report

* feat: windows accounts gather

* perf: update change status

* perf: Account backup

* perf: Account backup report

* perf: Account migrate

* perf: update service to application

* perf: update migrations

* perf: update logo

* feat: oracle accounts gather (#14571)

* feat: oracle accounts gather

* feat: sqlserver accounts gather

* feat: postgresql accounts gather

* feat: mysql accounts gather

---------

Co-authored-by: wangruidong <940853815@qq.com>

* feat: mongodb accounts gather

* perf: Change secret

* perf: Migrate

* perf: Merge conflicting migration files

* perf: Change secret

* perf: Automation filter org

* perf: Account push

* perf: Random secret string

* perf: Enhance SQL query and update risk handling in accounts

* perf: Ticket filter assignee_id

* perf: 修改 account remote

* perf: 修改一些 adhoc 任务

* perf: Change secret

* perf: Remove push account extra api

* perf: update status

* perf: The entire organization can view activity log

* fix: risk field check

* perf: add account details api

* perf: add demo mode

* perf: Delete gather_account

* perf: Perfect solution to account version problem

* perf: Update status action to handle multiple accounts

* perf: Add GatherAccountDetailField and update serializers

* perf: Display account history in combination with password change records

* perf: Lina translate

* fix: Update mysql_filter to handle nested user info

* perf: Admin connection token validate_permission account

* perf: copy move account

* perf: account filter risk

* perf: account risk filter

* perf: Copy move account failed message

* fix: gather account sync account to asset

* perf: Pam dashboard

* perf: Account dashboard total accounts

* perf: Pam dashboard

* perf: Change secret filter account secret_reset

* perf: 修改 risk filter

* perf: pam translate

* feat: Check for leaked duplicate passwords. (#14711)

* feat: Check for leaked duplicate passwords.

* perf: Use SQLite instead of txt as leak password database

---------

Co-authored-by: jiangweidong <1053570670@qq.com>
Co-authored-by: 老广 <ibuler@qq.com>

* perf: merge with remote

* perf: Add risk change_password_add handle

* perf: Pam dashboard

* perf: check account manager import

* perf: 重构扫描

* perf: 修改 db

* perf: Gather account manager

* perf: update change db lib

* perf: dashboard

* perf: Account gather

* perf: 修改 asset get queryset

* perf: automation report

* perf: Pam account

* perf: Pam dashboard api

* perf: risk add account

* perf: 修改 risk check

* perf: Risk account

* perf: update risk add reopen action

* perf: add pylintrc

* Revert "perf: automation report"

This reverts commit 22aee54207.

* perf: check account engine

* perf: Perf: Optimism Gather Report Style

* Perf: Remove unuser actions

* Perf: Perf push account

* perf: perf gather account

* perf: Automation report

* perf: Push account recorder

* perf: Push account record

* perf: Pam dashboard

* perf: perf

* perf: update intergration

* perf: integrations application detail add account tab page

* feat: Custom change password supports configuration of interactive items

* perf: Go and Python demo code

* perf: Custom secret change

* perf: add user filter

* perf: translate

* perf: Add demo code docs

* perf: update some i18n

* perf: update some i18n

* perf: Add Java, Node, Go, and cURL demo code

* perf: Translate

* perf: Change secret translate

* perf: Translate

* perf: update some i18n

* perf: translate

* perf: Ansible playbook

* perf: update some choice

* perf: update some choice

* perf: update account serializer remote unused code

* perf: conflict

* perf: update import

---------

Co-authored-by: ibuler <ibuler@qq.com>
Co-authored-by: feng <1304903146@qq.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: wangruidong <940853815@qq.com>
Co-authored-by: jiangweidong <1053570670@qq.com>
Co-authored-by: feng626 <57284900+feng626@users.noreply.github.com>
Co-authored-by: zhaojisen <1301338853@qq.com>

apps/common/db/utils.py

@@ -1,6 +1,6 @@
 from contextlib import contextmanager
 
-from django.db import connections, transaction
+from django.db import connections, transaction, connection
 from django.utils.encoding import force_str
 
 from common.utils import get_logger, signer, crypto
@@ -8,12 +8,16 @@ from common.utils import get_logger, signer, crypto
 logger = get_logger(__file__)
 
 
+def default_ip_group():
+    return ["*"]
+
+
 def get_object_if_need(model, pk):
     if not isinstance(pk, model):
         try:
             return model.objects.get(id=pk)
         except model.DoesNotExist as e:
-            logger.error(f'DoesNotExist: <{model.__name__}:{pk}> not exist')
+            logger.error(f"DoesNotExist: <{model.__name__}:{pk}> not exist")
             raise e
     return pk
 
@@ -26,8 +30,8 @@ def get_objects_if_need(model, pks):
         if len(objs) != len(pks):
             pks = set(pks)
             exists_pks = {o.id for o in objs}
-            not_found_pks = ','.join(pks - exists_pks)
-            logger.error(f'DoesNotExist: <{model.__name__}: {not_found_pks}>')
+            not_found_pks = ",".join(pks - exists_pks)
+            logger.error(f"DoesNotExist: <{model.__name__}: {not_found_pks}>")
         return objs
     return pks
 
@@ -41,7 +45,7 @@ def get_objects(model, pks):
         pks = set(pks)
         exists_pks = {o.id for o in objs}
         not_found_pks = pks - exists_pks
-        logger.error(f'DoesNotExist: <{model.__name__}: {not_found_pks}>')
+        logger.error(f"DoesNotExist: <{model.__name__}: {not_found_pks}>")
     return objs
 
 
@@ -53,13 +57,25 @@ def close_old_connections():
 
 @contextmanager
 def safe_db_connection():
-    close_old_connections()
-    yield
-    close_old_connections()
+    in_atomic_block = connection.in_atomic_block  # 当前是否处于事务中
+    autocommit = transaction.get_autocommit()  # 是否启用了自动提交
+    created = False
+
+    try:
+        if not connection.is_usable():
+            connection.close()
+            connection.connect()
+            created = True
+        yield
+    finally:
+        # 如果不是事务中（API 请求中可能需要提交事务），则关闭连接
+        if created and not in_atomic_block and autocommit:
+            print("close connection in safe_db_connection")
+            close_old_connections()
 
 
 @contextmanager
-def open_db_connection(alias='default'):
+def open_db_connection(alias="default"):
     connection = transaction.get_connection(alias)
     try:
         connection.connect()