github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-02 07:55:16 +00:00
Code Issues Projects Releases Wiki Activity

perf: 配置CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED 对改密的特权账号过滤 (#10033)

Browse Source 
Co-authored-by: feng <1304903146@qq.com>
This commit is contained in:
fit2bot
2023-03-22 14:48:05 +08:00
committed by GitHub
parent 81b04c449a
commit 43d805d0ca
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
apps/accounts/automations/change_secret/manager.py
View File

@@ -76,6 +76,9 @@ class ChangeSecretManager(AccountBasePlaybookManager):
accounts = accounts.filter(id__in=self.account_ids)
if self.secret_type:
accounts = accounts.filter(secret_type=self.secret_type)
if settings.CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED:
accounts = accounts.filter(privileged=False)
return accounts
def host_callback(

3
apps/settings/serializers/security.py
View File

@@ -168,9 +168,6 @@ class SecuritySettingSerializer(SecurityPasswordRuleSerializer, SecurityAuthSeri
SECURITY_LUNA_REMEMBER_AUTH = serializers.BooleanField(
label=_("Remember manual auth")
)
CHANGE_AUTH_PLAN_SECURE_MODE_ENABLED = serializers.BooleanField(
label=_("Enable change auth secure mode")
)
SECURITY_INSECURE_COMMAND = serializers.BooleanField(
required=False, label=_('Insecure command alert')
)