github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-02 07:55:16 +00:00
Code Issues Projects Releases Wiki Activity

perf: 优化资产登录通知信息 (#11834)

Browse Source 
Co-authored-by: feng <1304903146@qq.com>
This commit is contained in:
fit2bot
2023-10-13 15:08:56 +08:00
committed by GitHub
parent 7eb497f9d3
commit 588723a76c
6 changed files with 128 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
apps/authentication/api/connection_token.py
View File

@@ -361,9 +361,10 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
if account.has_secret:
data['input_secret'] = ''
input_username = data.get('input_username', '')
if account.username != AliasAccount.INPUT:
data['input_username'] = ''
ticket = self._validate_acl(user, asset, account)
ticket = self._validate_acl(user, asset, account, input_username)
if ticket:
data['from_ticket'] = ticket
data['is_active'] = False
@@ -382,10 +383,13 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
return account
@staticmethod
def _record_operate_log(acl, asset):
def _record_operate_log(acl, asset, input_username):
from audits.handler import create_or_update_operate_log
with tmp_to_org(asset.org_id):
after = {str(_('Assets')): str(asset)}
after = {
str(_('Assets')): str(asset),
str(_('Account')): input_username
}
object_name = acl._meta.object_name
resource_type = acl._meta.verbose_name
create_or_update_operate_log(
@@ -393,7 +397,7 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
after=after, object_name=object_name
)
def _validate_acl(self, user, asset, account):
def _validate_acl(self, user, asset, account, input_username):
from acls.models import LoginAssetACL
acls = LoginAssetACL.filter_queryset(user=user, asset=asset, account=account)
ip = get_request_ip(self.request)
@@ -401,19 +405,19 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
if not acl:
return
if acl.is_action(acl.ActionChoices.accept):
self._record_operate_log(acl, asset)
self._record_operate_log(acl, asset, input_username)
return
if acl.is_action(acl.ActionChoices.reject):
self._record_operate_log(acl, asset)
self._record_operate_log(acl, asset, input_username)
msg = _('ACL action is reject: {}({})'.format(acl.name, acl.id))
raise JMSException(code='acl_reject', detail=msg)
if acl.is_action(acl.ActionChoices.review):
if not self.request.query_params.get('create_ticket'):
msg = _('ACL action is review')
raise JMSException(code='acl_review', detail=msg)
self._record_operate_log(acl, asset)
self._record_operate_log(acl, asset, input_username)
ticket = LoginAssetACL.create_login_asset_review_ticket(
user=user, asset=asset, account_username=account.username,
user=user, asset=asset, account_username=input_username,
assignees=acl.reviewers.all(), org_id=asset.org_id
)
return ticket
@@ -421,10 +425,12 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
reviewers = acl.reviewers.all()
if not reviewers:
return
account_username = account.username
self._record_operate_log(acl, asset)
self._record_operate_log(acl, asset, input_username)
for reviewer in reviewers:
AssetLoginReminderMsg(reviewer, asset, user, account_username).publish_async()
AssetLoginReminderMsg(
reviewer, asset, user, input_username
).publish_async()
class SuperConnectionTokenViewSet(ConnectionTokenViewSet):