diff --git a/apps/accounts/automations/base/manager.py b/apps/accounts/automations/base/manager.py index bc33f588e..2dd81eea6 100644 --- a/apps/accounts/automations/base/manager.py +++ b/apps/accounts/automations/base/manager.py @@ -1,5 +1,8 @@ +import threading +import time from copy import deepcopy +from celery import current_task from django.conf import settings from django.utils import timezone from django.utils.translation import gettext_lazy as _ @@ -124,7 +127,42 @@ class BaseChangeSecretPushManager(AccountBasePlaybookManager): return inventory_hosts + @staticmethod + def is_running_in_celery(): + return getattr(current_task, 'request', None) is not None + + def wait_and_save_recorder(self, recorder, max_retries=10, retry_interval=2): + recorder_model = type(recorder) + + for attempt in range(max_retries): + exist = recorder_model.objects.filter( + account_id=recorder.account_id, execution=self.execution + ).exists() + + if exist: + print(f"Data inserted, updating recorder status after {attempt + 1}th query") + recorder.save(update_fields=['status', 'date_finished']) + return True + + print(f"Data not ready, waiting {retry_interval} second(s) and retrying ({attempt + 1}/{max_retries})") + time.sleep(retry_interval) + + print("\033[31m The data is still not inserted, giving up saving the recorder status.\033[0m") + return False + + def save_record(self, recorder): + if self.is_running_in_celery(): + self.wait_and_save_recorder(recorder) + else: + thread = threading.Thread( + target=self.wait_and_save_recorder, + args=(recorder,), + daemon=True + ) + thread.start() + def on_host_success(self, host, result): + recorder = self.name_recorder_mapper.get(host) if not recorder: return @@ -141,10 +179,6 @@ class BaseChangeSecretPushManager(AccountBasePlaybookManager): account.date_change_secret = timezone.now() account.change_secret_status = ChangeSecretRecordStatusChoice.success - with safe_db_connection(): - recorder.save(update_fields=['status', 'date_finished']) - account.save(update_fields=['secret', 'date_updated', 'date_change_secret', 'change_secret_status']) - self.summary['ok_accounts'] += 1 self.result['ok_accounts'].append( { @@ -154,6 +188,10 @@ class BaseChangeSecretPushManager(AccountBasePlaybookManager): ) super().on_host_success(host, result) + with safe_db_connection(): + account.save(update_fields=['secret', 'date_updated', 'date_change_secret', 'change_secret_status']) + self.save_record(recorder) + def on_host_error(self, host, error, result): recorder = self.name_recorder_mapper.get(host) if not recorder: @@ -161,10 +199,7 @@ class BaseChangeSecretPushManager(AccountBasePlaybookManager): recorder.status = ChangeSecretRecordStatusChoice.failed.value recorder.date_finished = timezone.now() recorder.error = error - try: - recorder.save() - except Exception as e: - print(f"\033[31m Save {host} recorder error: {e} \033[0m\n") + self.summary['fail_accounts'] += 1 self.result['fail_accounts'].append( { @@ -173,3 +208,6 @@ class BaseChangeSecretPushManager(AccountBasePlaybookManager): } ) super().on_host_error(host, error, result) + + with safe_db_connection(): + self.save_record(recorder) diff --git a/apps/accounts/automations/gather_account/manager.py b/apps/accounts/automations/gather_account/manager.py index ad44de481..f23fabbb2 100644 --- a/apps/accounts/automations/gather_account/manager.py +++ b/apps/accounts/automations/gather_account/manager.py @@ -378,6 +378,11 @@ class GatherAccountsManager(AccountBasePlaybookManager): continue gathered_accounts = GatheredAccount.objects.filter(asset=asset) GatheredAccount.sync_accounts(gathered_accounts, self.is_sync_account) + GatheredAccount.objects.filter( + asset=asset, username__in=ori_users, present=False + ).update( + present=True + ) # 因为有 bulk create, bulk update, 所以这里需要 sleep 一下,等待数据同步 time.sleep(0.5) diff --git a/apps/accounts/risk_handlers.py b/apps/accounts/risk_handlers.py index a12e94815..9429fbf18 100644 --- a/apps/accounts/risk_handlers.py +++ b/apps/accounts/risk_handlers.py @@ -171,4 +171,8 @@ class RiskHandler: } execution.save() execution.start() + + GatheredAccount.objects.filter(asset=self.asset, username=self.username).update( + present=True + ) return execution.summary diff --git a/apps/accounts/serializers/automations/change_secret.py b/apps/accounts/serializers/automations/change_secret.py index 0c27d9f9c..e80246c38 100644 --- a/apps/accounts/serializers/automations/change_secret.py +++ b/apps/accounts/serializers/automations/change_secret.py @@ -86,8 +86,8 @@ class ChangeSecretAutomationSerializer(AuthValidateMixin, BaseAutomationSerializ msg = _("* Please enter the correct password length") raise serializers.ValidationError(msg) - if length < 6 or length > 30: - msg = _('* Password length range 6-30 bits') + if length < 8 or length > 36: + msg = _('* Password length range 8-36 bits') raise serializers.ValidationError(msg) return password_rules diff --git a/apps/i18n/core/en/LC_MESSAGES/django.po b/apps/i18n/core/en/LC_MESSAGES/django.po index 4db94b51b..354bec483 100644 --- a/apps/i18n/core/en/LC_MESSAGES/django.po +++ b/apps/i18n/core/en/LC_MESSAGES/django.po @@ -1395,7 +1395,7 @@ msgid "* Please enter the correct password length" msgstr "" #: accounts/serializers/automations/change_secret.py:90 -msgid "* Password length range 6-30 bits" +msgid "* Password length range 8-36 bits" msgstr "" #: accounts/serializers/automations/change_secret.py:112 diff --git a/apps/i18n/core/ja/LC_MESSAGES/django.po b/apps/i18n/core/ja/LC_MESSAGES/django.po index d3d4f122e..f9a8d8fb1 100644 --- a/apps/i18n/core/ja/LC_MESSAGES/django.po +++ b/apps/i18n/core/ja/LC_MESSAGES/django.po @@ -1441,8 +1441,8 @@ msgid "* Please enter the correct password length" msgstr "* 正しいパスワードの長さを入力してください" #: accounts/serializers/automations/change_secret.py:90 -msgid "* Password length range 6-30 bits" -msgstr "* パスワードの長さ範囲は6-30文字です" +msgid "* Password length range 8-36 bits" +msgstr "* パスワードの長さ範囲は8-36文字です" #: accounts/serializers/automations/change_secret.py:112 #: accounts/serializers/automations/change_secret.py:147 diff --git a/apps/i18n/core/pt_BR/LC_MESSAGES/django.po b/apps/i18n/core/pt_BR/LC_MESSAGES/django.po index 2861a160e..0a2aa4ca4 100644 --- a/apps/i18n/core/pt_BR/LC_MESSAGES/django.po +++ b/apps/i18n/core/pt_BR/LC_MESSAGES/django.po @@ -1454,8 +1454,8 @@ msgid "* Please enter the correct password length" msgstr "* Por favor, insira um comprimento de senha correto" #: accounts/serializers/automations/change_secret.py:90 -msgid "* Password length range 6-30 bits" -msgstr "* O comprimento da senha deve estar entre 6 e 30 caracteres" +msgid "* Password length range 8-36 bits" +msgstr "* O comprimento da senha deve estar entre 8 e 36 caracteres" #: accounts/serializers/automations/change_secret.py:112 #: accounts/serializers/automations/change_secret.py:147 diff --git a/apps/i18n/core/zh/LC_MESSAGES/django.po b/apps/i18n/core/zh/LC_MESSAGES/django.po index e1384efa9..6e0415185 100644 --- a/apps/i18n/core/zh/LC_MESSAGES/django.po +++ b/apps/i18n/core/zh/LC_MESSAGES/django.po @@ -1414,8 +1414,8 @@ msgid "* Please enter the correct password length" msgstr "* 请输入正确的密码长度" #: accounts/serializers/automations/change_secret.py:90 -msgid "* Password length range 6-30 bits" -msgstr "* 密码长度范围 6-30 位" +msgid "* Password length range 8-36 bits" +msgstr "* 密码长度范围 8-36 位" #: accounts/serializers/automations/change_secret.py:112 #: accounts/serializers/automations/change_secret.py:147 diff --git a/apps/i18n/core/zh_Hant/LC_MESSAGES/django.po b/apps/i18n/core/zh_Hant/LC_MESSAGES/django.po index 110aea830..f455b8750 100644 --- a/apps/i18n/core/zh_Hant/LC_MESSAGES/django.po +++ b/apps/i18n/core/zh_Hant/LC_MESSAGES/django.po @@ -1416,8 +1416,8 @@ msgid "* Please enter the correct password length" msgstr "* 請輸入正確的密碼長度" #: accounts/serializers/automations/change_secret.py:90 -msgid "* Password length range 6-30 bits" -msgstr "* 密碼長度範圍 6-30 位" +msgid "* Password length range 8-36 bits" +msgstr "* 密碼長度範圍 8-36 位" #: accounts/serializers/automations/change_secret.py:112 #: accounts/serializers/automations/change_secret.py:147 diff --git a/apps/i18n/lina/en.json b/apps/i18n/lina/en.json index b7c08a811..1ab7c94a5 100644 --- a/apps/i18n/lina/en.json +++ b/apps/i18n/lina/en.json @@ -476,6 +476,7 @@ "DisableSuccessMsg": "Successfully disabled", "DiscoverAccountTask": "Account discovery task | Account discovery tasks", "DiscoverAccounts": "Discover accounts", + "DiscoverAccountDetail": "Discover account details", "DiscoverAccountsHelpText": "Collect account information on assets. the collected account information can be imported into the system for centralized management.", "DiscoveredAccountList": "Discovered accounts", "DisplayName": "Name", @@ -1506,5 +1507,7 @@ "removeWarningMsg": "Are you sure you want to remove", "setVariable": "Set variable", "IgnoreAlert": "Ignore alert", - "DeleteGatherAccountTitle": "Delete gather account" + "DeleteGatherAccountTitle": "Delete gather account", + "DeleteRemoteAccount": "Delete remote account", + "AddAccountAfterChangingPassword": "Add account after changing password" } \ No newline at end of file diff --git a/apps/i18n/lina/zh.json b/apps/i18n/lina/zh.json index 67439fc3c..ceb10623c 100644 --- a/apps/i18n/lina/zh.json +++ b/apps/i18n/lina/zh.json @@ -473,6 +473,7 @@ "DisableSuccessMsg": "禁用成功", "DiscoverAccountTask": "账号发现任务", "DiscoverAccounts": "帐号发现", + "DiscoverAccountDetail": "帐号发现详情", "DiscoverAccountsHelpText": "采集资产的账务信息,可将采集到的账务信息导入系统进行集中管理。", "DiscoveredAccountList": "发现账号", "DisplayName": "名称", @@ -1505,6 +1506,7 @@ "removeWarningMsg": "你确定要移除", "setVariable": "设置参数", "IgnoreAlert": "忽略警报", - "DeleteGatherAccountTitle": "删除发现的账号" - + "DeleteGatherAccountTitle": "删除发现的账号", + "DeleteRemoteAccount": "删除远端账号", + "AddAccountAfterChangingPassword": "修改密码后添加账号" } \ No newline at end of file