github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-07-01 01:02:06 +00:00
Code Issues Projects Releases Wiki Activity

perf: 优化禁用用户

Browse Source
This commit is contained in:
ibuler 2023-10-10 17:39:41 +08:00 committed by 老广
parent 0d101bc5ad
commit affa562384
5 changed files with 42 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/assets/serializers/asset/common.py
View File

@ -159,7 +159,7 @@ class AssetSerializer(BulkOrgResourceModelSerializer, WritableNestedModelSeriali
return return
if isinstance(self.initial_data, list): if isinstance(self.initial_data, list):
return return
accounts = self.initial_data.pop('accounts', None) accounts = self.initial_data.get('accounts', None)
self._accounts = accounts self._accounts = accounts
def _get_protocols_required_default(self): def _get_protocols_required_default(self):

2
apps/audits/api.py
View File

@ -185,6 +185,8 @@ class ResourceActivityAPIView(generics.ListAPIView):
'r_user', 'r_action', 'r_type' 'r_user', 'r_action', 'r_type'
) )
org_q = Q(org_id=Organization.SYSTEM_ID) | Q(org_id=current_org.id) org_q = Q(org_id=Organization.SYSTEM_ID) | Q(org_id=current_org.id)
if resource_id:
org_q |= Q(org_id='') | Q(org_id=Organization.ROOT_ID)
with tmp_to_root_org(): with tmp_to_root_org():
qs1 = self.get_operate_log_qs(fields, limit, org_q, resource_id=resource_id) qs1 = self.get_operate_log_qs(fields, limit, org_q, resource_id=resource_id)
qs2 = self.get_activity_log_qs(fields, limit, org_q, resource_id=resource_id) qs2 = self.get_activity_log_qs(fields, limit, org_q, resource_id=resource_id)

6
apps/audits/models.py
View File

@ -10,7 +10,7 @@ from django.utils import timezone
from django.utils.translation import gettext, gettext_lazy as _ from django.utils.translation import gettext, gettext_lazy as _
from common.db.encoder import ModelJSONFieldEncoder from common.db.encoder import ModelJSONFieldEncoder
from common.utils import lazyproperty from common.utils import lazyproperty, i18n_trans
from ops.models import JobExecution from ops.models import JobExecution
from orgs.mixins.models import OrgModelMixin, Organization from orgs.mixins.models import OrgModelMixin, Organization
from orgs.utils import current_org from orgs.utils import current_org
@ -155,6 +155,10 @@ class ActivityLog(OrgModelMixin):
verbose_name = _("Activity log") verbose_name = _("Activity log")
ordering = ('-datetime',) ordering = ('-datetime',)
def __str__(self):
detail = i18n_trans(self.detail)
return "{} {}".format(detail, self.resource_id)
def save(self, *args, **kwargs): def save(self, *args, **kwargs):
if current_org.is_root() and not self.org_id: if current_org.is_root() and not self.org_id:
self.org_id = Organization.ROOT_ID self.org_id = Organization.ROOT_ID

4
apps/audits/signal_handlers/activity_log.py
View File

@ -69,7 +69,9 @@ class ActivityLogHandler:
def create_activities(resource_ids, detail, detail_id, action, org_id): def create_activities(resource_ids, detail, detail_id, action, org_id):
if not resource_ids: if not resource_ids:
return raise ValueError('resource_ids is empty')
if not org_id:
org_id = Organization.ROOT_ID
activities = [ activities = [
ActivityLog( ActivityLog(
resource_id=getattr(resource_id, 'pk', resource_id), resource_id=getattr(resource_id, 'pk', resource_id),

36
apps/users/tasks.py
View File

@ -1,15 +1,17 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# #
import uuid
from datetime import timedelta from datetime import timedelta
from celery import shared_task from celery import shared_task, current_task
from django.conf import settings from django.conf import settings
from django.db.models import Q
from django.utils import timezone from django.utils import timezone
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _, gettext_noop
from audits.const import ActivityChoices
from common.const.crontab import CRONTAB_AT_AM_TEN, CRONTAB_AT_PM_TWO from common.const.crontab import CRONTAB_AT_AM_TEN, CRONTAB_AT_PM_TWO
from common.utils import get_logger from common.utils import get_logger
from common.utils.timezone import utc_now
from ops.celery.decorator import after_app_ready_start, register_as_period_task from ops.celery.decorator import after_app_ready_start, register_as_period_task
from ops.celery.utils import create_or_update_celery_periodic_tasks from ops.celery.utils import create_or_update_celery_periodic_tasks
from orgs.utils import tmp_to_root_org from orgs.utils import tmp_to_root_org
@ -85,5 +87,29 @@ def check_user_expired_periodic():
def check_unused_users(): def check_unused_users():
uncommon_users_ttl = settings.SECURITY_UNCOMMON_USERS_TTL uncommon_users_ttl = settings.SECURITY_UNCOMMON_USERS_TTL
seconds_to_subtract = uncommon_users_ttl * 24 * 60 * 60 seconds_to_subtract = uncommon_users_ttl * 24 * 60 * 60
t = utc_now() - timedelta(seconds=seconds_to_subtract) t = timezone.now() - timedelta(seconds=seconds_to_subtract)
User.objects.filter(last_login__lte=t).update(is_active=False) last_login_q = Q(last_login__lte=t) | Q(last_login__isnull=True)
api_key_q = Q(date_api_key_last_used__lte=t) | Q(date_api_key_last_used__isnull=True)
users = User.objects \
.filter(date_joined__lt=t) \
.filter(is_active=True) \
.filter(last_login_q) \
.filter(api_key_q)
if not users:
return
print("Some users are not used for a long time, and they will be disabled.")
resource_ids = []
for user in users:
resource_ids.append(user.id)
print(' - {}'.format(user.name))
users.update(is_active=False)
from audits.signal_handlers import create_activities
if current_task:
task_id = current_task.request.id
else:
task_id = str(uuid.uuid4())
detail = gettext_noop('The user has not logged in recently and has been disabled.')
create_activities(resource_ids, detail, task_id, action=ActivityChoices.task, org_id='')