From 38e8e8734d79d1ed8609476db51b9f8b40afd9df Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 24 Jul 2023 17:49:32 +0800
Subject: [PATCH 1/4] =?UTF-8?q?perf:=20=E6=B7=BB=E5=8A=A0=20DEBUG=20?=
 =?UTF-8?q?=E6=97=A5=E5=BF=97?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/jumpserver/conf.py             |  3 +--
 apps/jumpserver/settings/base.py    | 37 +++++++++++++++++++++--------
 requirements/requirements_xpack.txt |  8 +++----
 3 files changed, 31 insertions(+), 17 deletions(-)

diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py
index 711edf657..1de30cd86 100644
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@@ -514,10 +514,9 @@ class Config(dict):
         'TIME_ZONE': 'Asia/Shanghai',
         'FORCE_SCRIPT_NAME': '',
         'SESSION_COOKIE_SECURE': False,
-        'ALLOWED_HOSTS': '',
+        'TRUST_SITES': '',
         'CSRF_COOKIE_SECURE': False,
         'REFERER_CHECK_ENABLED': False,
-        'CSRF_TRUSTED_ORIGINS': '',
         'SESSION_ENGINE': 'cache',
         'SESSION_SAVE_EVERY_REQUEST': True,
         'SESSION_EXPIRE_AT_BROWSER_CLOSE_FORCE': False,
diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py
index 551e4ae8a..fc3ba19ad 100644
--- a/apps/jumpserver/settings/base.py
+++ b/apps/jumpserver/settings/base.py
@@ -67,21 +67,38 @@ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 
 # LOG LEVEL
 LOG_LEVEL = CONFIG.LOG_LEVEL
+DOMAINS = CONFIG.DOMAINS or CONFIG.SITE_URL
+ALLOWED_DOMAINS = DOMAINS.split(',') if DOMAINS else ['localhost:8080']
+ALLOWED_DOMAINS = [host.strip() for host in ALLOWED_DOMAINS]
+ALLOWED_DOMAINS = [host.replace('http://', '').replace('https://', '') for host in ALLOWED_DOMAINS if host]
+ALLOWED_DOMAINS = [host.split('/')[0] for host in ALLOWED_DOMAINS if host]
 
-ALLOWED_HOSTS = CONFIG.ALLOWED_HOSTS.split(',') if CONFIG.ALLOWED_HOSTS else ['localhost', '127.0.0.1']
+DEBUG_HOSTS = ['127.0.0.1', 'localhost']
+DEBUG_PORT = ['8080', '80', '443', '4200', '9528']
+if DEBUG:
+    for host in DEBUG_HOSTS:
+        for port in DEBUG_PORT:
+            ALLOWED_DOMAINS.append('{}:{}'.format(host, port))
+
+ALLOWED_HOSTS = list(set(['.' + host.split(':')[0] for host in ALLOWED_DOMAINS]))
+
+print("ALLOWED_HOSTS: ", ALLOWED_HOSTS)
 
 # https://docs.djangoproject.com/en/4.1/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS
 CSRF_TRUSTED_ORIGINS = []
-for origin in ALLOWED_HOSTS:
-    # 避免错误 先判断一下吧
-    if origin.startswith('http'):
-        CSRF_TRUSTED_ORIGINS.append(origin)
-        continue
-    if origin.startswith('.'):
-        origin = '*.'
-    for schema in ['https', 'http']:
-        CSRF_TRUSTED_ORIGINS.append('{}://{}'.format(schema, origin))
 
+for host in ALLOWED_DOMAINS:
+    host = host.strip('.')
+    if host.startswith('http'):
+        CSRF_TRUSTED_ORIGINS.append(host)
+        continue
+    for schema in ['https', 'http']:
+        # CSRF_TRUSTED_ORIGINS.append('{}://{}'.format(schema, host))
+        CSRF_TRUSTED_ORIGINS.append('{}://*.{}'.format(schema, host))
+
+print("CSRF_TRUSTED_ORIGINS: ")
+for origin in CSRF_TRUSTED_ORIGINS:
+    print('  - ' + origin)
 # Max post update field num
 DATA_UPLOAD_MAX_NUMBER_FIELDS = 10000
 
diff --git a/requirements/requirements_xpack.txt b/requirements/requirements_xpack.txt
index 0c62395e7..f7644fb05 100644
--- a/requirements/requirements_xpack.txt
+++ b/requirements/requirements_xpack.txt
@@ -7,16 +7,14 @@ azure-mgmt-network==23.1.0
 google-cloud-compute==1.13.0
 grpcio==1.56.2
 alibabacloud_dysmsapi20170525==2.0.24
-python-novaclient==11.0.1
+python-novaclient==18.3.0
 python-keystoneclient==5.1.0
 bce-python-sdk==0.8.87
 tencentcloud-sdk-python==3.0.941
 aliyun-python-sdk-core-v3==2.13.33
 aliyun-python-sdk-ecs==4.24.64
-huaweicloud-sdk-python==1.0.28
-# python-keystoneclient need keystoneauth1>=3.4.0
-# huaweicloud-sdk-python need keystoneauth1<=3.4.0
-keystoneauth1==3.4.0
+#huaweicloud-sdk-python==1.0.28
+keystoneauth1==5.2.1
 # DB requirements
 oracledb==1.3.2
 psycopg2-binary==2.9.6

From 148bf3b89472eabb19fa7c57e56a19305e34e25b Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 24 Jul 2023 17:55:17 +0800
Subject: [PATCH 2/4] =?UTF-8?q?perf:=20=E4=BF=AE=E6=94=B9=E5=86=99?=
 =?UTF-8?q?=E6=B3=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/jumpserver/settings/base.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/apps/jumpserver/settings/base.py b/apps/jumpserver/settings/base.py
index fc3ba19ad..4a89e4234 100644
--- a/apps/jumpserver/settings/base.py
+++ b/apps/jumpserver/settings/base.py
@@ -76,12 +76,10 @@ ALLOWED_DOMAINS = [host.split('/')[0] for host in ALLOWED_DOMAINS if host]
 DEBUG_HOSTS = ['127.0.0.1', 'localhost']
 DEBUG_PORT = ['8080', '80', '443', '4200', '9528']
 if DEBUG:
-    for host in DEBUG_HOSTS:
-        for port in DEBUG_PORT:
-            ALLOWED_DOMAINS.append('{}:{}'.format(host, port))
+    DEBUG_HOST_PORTS = ['{}:{}'.format(host, port) for host in DEBUG_HOSTS for port in DEBUG_PORT]
+    ALLOWED_DOMAINS.extend(DEBUG_HOST_PORTS)
 
 ALLOWED_HOSTS = list(set(['.' + host.split(':')[0] for host in ALLOWED_DOMAINS]))
-
 print("ALLOWED_HOSTS: ", ALLOWED_HOSTS)
 
 # https://docs.djangoproject.com/en/4.1/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS

From 7af769f7d36ecd9a928c811a5b55012a69b67ec7 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 24 Jul 2023 18:05:28 +0800
Subject: [PATCH 3/4] =?UTF-8?q?perf:=20es=20=E4=BF=AE=E6=94=B9=E5=AF=BC?=
 =?UTF-8?q?=E5=85=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/common/plugins/es.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/apps/common/plugins/es.py b/apps/common/plugins/es.py
index a5e027c90..06b85cb00 100644
--- a/apps/common/plugins/es.py
+++ b/apps/common/plugins/es.py
@@ -2,8 +2,12 @@
 #
 import datetime
 import inspect
+import sys
 
-from collections.abc import Iterable
+if sys.version_info.major == 3 and sys.version_info.minor >= 10:
+    from collections.abc import Iterable
+else:
+    from collections import Iterable
 from functools import reduce, partial
 from itertools import groupby
 from uuid import UUID
@@ -19,7 +23,6 @@ from common.utils import get_logger
 from common.utils.timezone import local_now_date_display
 from common.exceptions import JMSException
 
-
 logger = get_logger(__file__)
 
 

From 98fd2094984a864505d76dd0e98c9e6e6794e978 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 24 Jul 2023 18:09:10 +0800
Subject: [PATCH 4/4] =?UTF-8?q?perf:=20=E4=BF=AE=E6=94=B9=E4=B8=BA=20Domai?=
 =?UTF-8?q?n?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/jumpserver/conf.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py
index 1de30cd86..067e3f7ee 100644
--- a/apps/jumpserver/conf.py
+++ b/apps/jumpserver/conf.py
@@ -514,7 +514,7 @@ class Config(dict):
         'TIME_ZONE': 'Asia/Shanghai',
         'FORCE_SCRIPT_NAME': '',
         'SESSION_COOKIE_SECURE': False,
-        'TRUST_SITES': '',
+        'DOMAINS': '',
         'CSRF_COOKIE_SECURE': False,
         'REFERER_CHECK_ENABLED': False,
         'SESSION_ENGINE': 'cache',