From b610d71e115a0deb2b042801df18d60eb722f94e Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Wed, 13 Apr 2022 20:24:56 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=B7=BB=E5=8A=A0=20=E4=B8=B4=E6=97=B6?= =?UTF-8?q?=20password=20(#8035)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * perf: 添加 template password * perf: 修改id * perf: 修改 翻译 * perf: 修改 tmp token * perf: 修改 token Co-authored-by: ibuler --- apps/audits/signal_handlers.py | 1 + apps/authentication/api/__init__.py | 1 + apps/authentication/api/temp_token.py | 27 ++ apps/authentication/api/token.py | 1 - apps/authentication/backends/base.py | 3 +- apps/authentication/backends/ldap.py | 5 +- apps/authentication/backends/radius.py | 27 +- .../authentication/backends/saml2/backends.py | 2 +- apps/authentication/backends/token.py | 26 ++ .../migrations/0010_temptoken.py | 32 ++ apps/authentication/models.py | 24 +- apps/authentication/serializers/__init__.py | 3 + .../connect_token.py} | 97 +----- .../serializers/password_mfa.py | 33 ++ apps/authentication/serializers/token.py | 103 +++++++ apps/authentication/urls/api_urls.py | 1 + apps/common/utils/common.py | 2 + apps/common/utils/random.py | 24 -- apps/jumpserver/conf.py | 2 + apps/jumpserver/settings/auth.py | 10 +- apps/locale/ja/LC_MESSAGES/django.mo | 4 +- apps/locale/ja/LC_MESSAGES/django.po | 285 ++++++++++-------- apps/locale/zh/LC_MESSAGES/django.mo | 4 +- apps/locale/zh/LC_MESSAGES/django.po | 282 +++++++++-------- apps/rbac/builtin.py | 1 + apps/settings/api/public.py | 1 + 26 files changed, 611 insertions(+), 390 deletions(-) create mode 100644 apps/authentication/api/temp_token.py create mode 100644 apps/authentication/backends/token.py create mode 100644 apps/authentication/migrations/0010_temptoken.py create mode 100644 apps/authentication/serializers/__init__.py rename apps/authentication/{serializers.py => serializers/connect_token.py} (59%) create mode 100644 apps/authentication/serializers/password_mfa.py create mode 100644 apps/authentication/serializers/token.py diff --git a/apps/audits/signal_handlers.py b/apps/audits/signal_handlers.py index daa3fa4bf..031b1e25c 100644 --- a/apps/audits/signal_handlers.py +++ b/apps/audits/signal_handlers.py @@ -70,6 +70,7 @@ class AuthBackendLabelMapping(LazyObject): backend_label_mapping[settings.AUTH_BACKEND_AUTH_TOKEN] = _('Auth Token') backend_label_mapping[settings.AUTH_BACKEND_WECOM] = _('WeCom') backend_label_mapping[settings.AUTH_BACKEND_DINGTALK] = _('DingTalk') + backend_label_mapping[settings.AUTH_BACKEND_TEMP_TOKEN] = _('Temporary token') return backend_label_mapping def _setup(self): diff --git a/apps/authentication/api/__init__.py b/apps/authentication/api/__init__.py index c0064f9bd..01a4c52e9 100644 --- a/apps/authentication/api/__init__.py +++ b/apps/authentication/api/__init__.py @@ -11,3 +11,4 @@ from .wecom import * from .dingtalk import * from .feishu import * from .password import * +from .temp_token import * diff --git a/apps/authentication/api/temp_token.py b/apps/authentication/api/temp_token.py new file mode 100644 index 000000000..98c1d74d6 --- /dev/null +++ b/apps/authentication/api/temp_token.py @@ -0,0 +1,27 @@ +from django.utils import timezone +from rest_framework.response import Response +from rest_framework.decorators import action + +from common.drf.api import JMSModelViewSet +from common.permissions import IsValidUser +from ..models import TempToken +from ..serializers import TempTokenSerializer + + +class TempTokenViewSet(JMSModelViewSet): + serializer_class = TempTokenSerializer + permission_classes = [IsValidUser] + http_method_names = ['post', 'get', 'options', 'patch'] + + def get_queryset(self): + username = self.request.user.username + return TempToken.objects.filter(username=username) + + @action(methods=['PATCH'], detail=True, url_path='expire') + def expire(self, *args, **kwargs): + instance = self.get_object() + instance.date_expired = timezone.now() + instance.save() + serializer = self.get_serializer(instance) + return Response(serializer.data) + diff --git a/apps/authentication/api/token.py b/apps/authentication/api/token.py index df8c6eb3f..e5fe8bf2c 100644 --- a/apps/authentication/api/token.py +++ b/apps/authentication/api/token.py @@ -1,6 +1,5 @@ # -*- coding: utf-8 -*- # -from django.shortcuts import redirect from rest_framework.permissions import AllowAny from rest_framework.response import Response from rest_framework.generics import CreateAPIView diff --git a/apps/authentication/backends/base.py b/apps/authentication/backends/base.py index 64faf3334..84cdeab27 100644 --- a/apps/authentication/backends/base.py +++ b/apps/authentication/backends/base.py @@ -1,10 +1,11 @@ -from django.contrib.auth.backends import BaseBackend from django.contrib.auth.backends import ModelBackend +from django.contrib.auth import get_user_model from users.models import User from common.utils import get_logger +UserModel = get_user_model() logger = get_logger(__file__) diff --git a/apps/authentication/backends/ldap.py b/apps/authentication/backends/ldap.py index 1c8a80cb1..895226e58 100644 --- a/apps/authentication/backends/ldap.py +++ b/apps/authentication/backends/ldap.py @@ -53,7 +53,7 @@ class LDAPAuthorizationBackend(JMSBaseAuthBackend, LDAPBackend): else: built = False - return (user, built) + return user, built def pre_check(self, username, password): if not settings.AUTH_LDAP: @@ -75,6 +75,9 @@ class LDAPAuthorizationBackend(JMSBaseAuthBackend, LDAPBackend): def authenticate(self, request=None, username=None, password=None, **kwargs): logger.info('Authentication LDAP backend') + if username is None or password is None: + logger.info('No username or password') + return None match, msg = self.pre_check(username, password) if not match: logger.info('Authenticate failed: {}'.format(msg)) diff --git a/apps/authentication/backends/radius.py b/apps/authentication/backends/radius.py index 170534370..84f88165a 100644 --- a/apps/authentication/backends/radius.py +++ b/apps/authentication/backends/radius.py @@ -13,20 +13,23 @@ User = get_user_model() class CreateUserMixin: - def get_django_user(self, username, password=None, *args, **kwargs): + @staticmethod + def get_django_user(username, password=None, *args, **kwargs): if isinstance(username, bytes): username = username.decode() - try: - user = User.objects.get(username=username) - except User.DoesNotExist: - if '@' in username: - email = username - else: - email_suffix = settings.EMAIL_SUFFIX - email = '{}@{}'.format(username, email_suffix) - user = User(username=username, name=username, email=email) - user.source = user.Source.radius.value - user.save() + user = User.objects.filter(username=username).first() + if user: + return user + + if '@' in username: + email = username + else: + email_suffix = settings.EMAIL_SUFFIX + email = '{}@{}'.format(username, email_suffix) + + user = User(username=username, name=username, email=email) + user.source = user.Source.radius.value + user.save() return user def _perform_radius_auth(self, client, packet): diff --git a/apps/authentication/backends/saml2/backends.py b/apps/authentication/backends/saml2/backends.py index e1b1fb1eb..0ac0efe1c 100644 --- a/apps/authentication/backends/saml2/backends.py +++ b/apps/authentication/backends/saml2/backends.py @@ -14,7 +14,7 @@ from ..base import JMSModelBackend __all__ = ['SAML2Backend'] -logger = get_logger(__file__) +logger = get_logger(__name__) class SAML2Backend(JMSModelBackend): diff --git a/apps/authentication/backends/token.py b/apps/authentication/backends/token.py new file mode 100644 index 000000000..be9cb9032 --- /dev/null +++ b/apps/authentication/backends/token.py @@ -0,0 +1,26 @@ +from django.utils import timezone +from django.conf import settings +from django.core.exceptions import PermissionDenied + +from authentication.models import TempToken +from .base import JMSModelBackend + + +class TempTokenAuthBackend(JMSModelBackend): + model = TempToken + + def authenticate(self, request, username='', password='', *args, **kwargs): + token = self.model.objects.filter(username=username, secret=password).first() + if not token: + return None + if not token.is_valid: + raise PermissionDenied('Token is invalid, expired at {}'.format(token.date_expired)) + + token.verified = True + token.date_verified = timezone.now() + token.save() + return token.user + + @staticmethod + def is_enabled(): + return settings.AUTH_TEMP_TOKEN diff --git a/apps/authentication/migrations/0010_temptoken.py b/apps/authentication/migrations/0010_temptoken.py new file mode 100644 index 000000000..914188d3f --- /dev/null +++ b/apps/authentication/migrations/0010_temptoken.py @@ -0,0 +1,32 @@ +# Generated by Django 3.1.14 on 2022-04-08 07:04 + +from django.db import migrations, models +import uuid + + +class Migration(migrations.Migration): + + dependencies = [ + ('authentication', '0009_auto_20220310_0616'), + ] + + operations = [ + migrations.CreateModel( + name='TempToken', + fields=[ + ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)), + ('created_by', models.CharField(blank=True, max_length=32, null=True, verbose_name='Created by')), + ('updated_by', models.CharField(blank=True, max_length=32, null=True, verbose_name='Updated by')), + ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')), + ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')), + ('username', models.CharField(max_length=128, verbose_name='Username')), + ('secret', models.CharField(max_length=64, verbose_name='Secret')), + ('verified', models.BooleanField(default=False, verbose_name='Verified')), + ('date_verified', models.DateTimeField(null=True, verbose_name='Date verified')), + ('date_expired', models.DateTimeField(verbose_name='Date verified')), + ], + options={ + 'verbose_name': 'Temporary token', + }, + ), + ] diff --git a/apps/authentication/models.py b/apps/authentication/models.py index 1b353f737..54cab4fbd 100644 --- a/apps/authentication/models.py +++ b/apps/authentication/models.py @@ -1,8 +1,9 @@ import uuid +from django.utils import timezone from django.utils.translation import ugettext_lazy as _ -from rest_framework.authtoken.models import Token from django.conf import settings +from rest_framework.authtoken.models import Token from common.db import models @@ -64,6 +65,27 @@ class ConnectionToken(models.JMSBaseModel): ] +class TempToken(models.JMSModel): + username = models.CharField(max_length=128, verbose_name=_("Username")) + secret = models.CharField(max_length=64, verbose_name=_("Secret")) + verified = models.BooleanField(default=False, verbose_name=_("Verified")) + date_verified = models.DateTimeField(null=True, verbose_name=_("Date verified")) + date_expired = models.DateTimeField(verbose_name=_("Date expired")) + + class Meta: + verbose_name = _("Temporary token") + + @property + def user(self): + from users.models import User + return User.objects.filter(username=self.username).first() + + @property + def is_valid(self): + not_expired = self.date_expired and self.date_expired > timezone.now() + return not self.verified and not_expired + + class SuperConnectionToken(ConnectionToken): class Meta: proxy = True diff --git a/apps/authentication/serializers/__init__.py b/apps/authentication/serializers/__init__.py new file mode 100644 index 000000000..7697c46db --- /dev/null +++ b/apps/authentication/serializers/__init__.py @@ -0,0 +1,3 @@ +from .token import * +from .connect_token import * +from .password_mfa import * diff --git a/apps/authentication/serializers.py b/apps/authentication/serializers/connect_token.py similarity index 59% rename from apps/authentication/serializers.py rename to apps/authentication/serializers/connect_token.py index f6661ba38..c8f94909d 100644 --- a/apps/authentication/serializers.py +++ b/apps/authentication/serializers/connect_token.py @@ -1,109 +1,22 @@ # -*- coding: utf-8 -*- # -from django.utils import timezone from rest_framework import serializers -from common.utils import get_object_or_none from users.models import User from assets.models import Asset, SystemUser, Gateway, Domain, CommandFilterRule from applications.models import Application -from users.serializers import UserProfileSerializer from assets.serializers import ProtocolsField from perms.serializers.base import ActionsField -from .models import AccessKey __all__ = [ - 'AccessKeySerializer', 'OtpVerifySerializer', 'BearerTokenSerializer', - 'MFAChallengeSerializer', 'SSOTokenSerializer', - 'ConnectionTokenSerializer', 'ConnectionTokenSecretSerializer', - 'PasswordVerifySerializer', 'MFASelectTypeSerializer', + 'ConnectionTokenSerializer', 'ConnectionTokenApplicationSerializer', + 'ConnectionTokenUserSerializer', 'ConnectionTokenFilterRuleSerializer', + 'ConnectionTokenAssetSerializer', 'ConnectionTokenSystemUserSerializer', + 'ConnectionTokenDomainSerializer', 'ConnectionTokenRemoteAppSerializer', + 'ConnectionTokenGatewaySerializer', 'ConnectionTokenSecretSerializer' ] -class AccessKeySerializer(serializers.ModelSerializer): - class Meta: - model = AccessKey - fields = ['id', 'secret', 'is_active', 'date_created'] - read_only_fields = ['id', 'secret', 'date_created'] - - -class OtpVerifySerializer(serializers.Serializer): - code = serializers.CharField(max_length=6, min_length=6) - - -class PasswordVerifySerializer(serializers.Serializer): - password = serializers.CharField() - - -class BearerTokenSerializer(serializers.Serializer): - username = serializers.CharField(allow_null=True, required=False, write_only=True) - password = serializers.CharField(write_only=True, allow_null=True, - required=False, allow_blank=True) - public_key = serializers.CharField(write_only=True, allow_null=True, - allow_blank=True, required=False) - token = serializers.CharField(read_only=True) - keyword = serializers.SerializerMethodField() - date_expired = serializers.DateTimeField(read_only=True) - user = UserProfileSerializer(read_only=True) - - @staticmethod - def get_keyword(obj): - return 'Bearer' - - def update_last_login(self, user): - user.last_login = timezone.now() - user.save(update_fields=['last_login']) - - def get_request_user(self): - request = self.context.get('request') - if request.user and request.user.is_authenticated: - user = request.user - else: - user_id = request.session.get('user_id') - user = get_object_or_none(User, pk=user_id) - if not user: - raise serializers.ValidationError( - "user id {} not exist".format(user_id) - ) - return user - - def create(self, validated_data): - request = self.context.get('request') - user = self.get_request_user() - - token, date_expired = user.create_bearer_token(request) - self.update_last_login(user) - - instance = { - "token": token, - "date_expired": date_expired, - "user": user - } - return instance - - -class MFASelectTypeSerializer(serializers.Serializer): - type = serializers.CharField() - username = serializers.CharField(required=False, allow_blank=True, allow_null=True) - - -class MFAChallengeSerializer(serializers.Serializer): - type = serializers.CharField(write_only=True, required=False, allow_blank=True) - code = serializers.CharField(write_only=True) - - def create(self, validated_data): - pass - - def update(self, instance, validated_data): - pass - - -class SSOTokenSerializer(serializers.Serializer): - username = serializers.CharField(write_only=True) - login_url = serializers.CharField(read_only=True) - next = serializers.CharField(write_only=True, allow_blank=True, required=False, allow_null=True) - - class ConnectionTokenSerializer(serializers.Serializer): user = serializers.CharField(max_length=128, required=False, allow_blank=True) system_user = serializers.CharField(max_length=128, required=True) diff --git a/apps/authentication/serializers/password_mfa.py b/apps/authentication/serializers/password_mfa.py new file mode 100644 index 000000000..c4c0679c6 --- /dev/null +++ b/apps/authentication/serializers/password_mfa.py @@ -0,0 +1,33 @@ +# -*- coding: utf-8 -*- +# +from rest_framework import serializers + + +__all__ = [ + 'OtpVerifySerializer', 'MFAChallengeSerializer', 'MFASelectTypeSerializer', + 'PasswordVerifySerializer', +] + + +class PasswordVerifySerializer(serializers.Serializer): + password = serializers.CharField() + + +class MFASelectTypeSerializer(serializers.Serializer): + type = serializers.CharField() + username = serializers.CharField(required=False, allow_blank=True, allow_null=True) + + +class MFAChallengeSerializer(serializers.Serializer): + type = serializers.CharField(write_only=True, required=False, allow_blank=True) + code = serializers.CharField(write_only=True) + + def create(self, validated_data): + pass + + def update(self, instance, validated_data): + pass + + +class OtpVerifySerializer(serializers.Serializer): + code = serializers.CharField(max_length=6, min_length=6) diff --git a/apps/authentication/serializers/token.py b/apps/authentication/serializers/token.py new file mode 100644 index 000000000..d1e87c0c0 --- /dev/null +++ b/apps/authentication/serializers/token.py @@ -0,0 +1,103 @@ +# -*- coding: utf-8 -*- +# +from django.utils import timezone +from django.utils.translation import gettext_lazy as _ +from rest_framework import serializers + +from common.utils import get_object_or_none, random_string +from users.models import User +from users.serializers import UserProfileSerializer +from ..models import AccessKey, TempToken + +__all__ = [ + 'AccessKeySerializer', 'BearerTokenSerializer', + 'SSOTokenSerializer', 'TempTokenSerializer', +] + + +class AccessKeySerializer(serializers.ModelSerializer): + class Meta: + model = AccessKey + fields = ['id', 'secret', 'is_active', 'date_created'] + read_only_fields = ['id', 'secret', 'date_created'] + + +class BearerTokenSerializer(serializers.Serializer): + username = serializers.CharField(allow_null=True, required=False, write_only=True) + password = serializers.CharField(write_only=True, allow_null=True, + required=False, allow_blank=True) + public_key = serializers.CharField(write_only=True, allow_null=True, + allow_blank=True, required=False) + token = serializers.CharField(read_only=True) + keyword = serializers.SerializerMethodField() + date_expired = serializers.DateTimeField(read_only=True) + user = UserProfileSerializer(read_only=True) + + @staticmethod + def get_keyword(obj): + return 'Bearer' + + def update_last_login(self, user): + user.last_login = timezone.now() + user.save(update_fields=['last_login']) + + def get_request_user(self): + request = self.context.get('request') + if request.user and request.user.is_authenticated: + user = request.user + else: + user_id = request.session.get('user_id') + user = get_object_or_none(User, pk=user_id) + if not user: + raise serializers.ValidationError( + "user id {} not exist".format(user_id) + ) + return user + + def create(self, validated_data): + request = self.context.get('request') + user = self.get_request_user() + + token, date_expired = user.create_bearer_token(request) + self.update_last_login(user) + + instance = { + "token": token, + "date_expired": date_expired, + "user": user + } + return instance + + +class SSOTokenSerializer(serializers.Serializer): + username = serializers.CharField(write_only=True) + login_url = serializers.CharField(read_only=True) + next = serializers.CharField(write_only=True, allow_blank=True, required=False, allow_null=True) + + +class TempTokenSerializer(serializers.ModelSerializer): + is_valid = serializers.BooleanField(label=_("Is valid"), read_only=True) + + class Meta: + model = TempToken + fields = [ + 'id', 'username', 'secret', 'verified', 'is_valid', + 'date_created', 'date_updated', 'date_verified', + 'date_expired', + ] + read_only_fields = fields + + def create(self, validated_data): + request = self.context.get('request') + if not request or not request.user: + raise PermissionError() + + secret = random_string(36) + username = request.user.username + kwargs = { + 'username': username, 'secret': secret, + 'date_expired': timezone.now() + timezone.timedelta(seconds=5*60), + } + token = TempToken(**kwargs) + token.save() + return token diff --git a/apps/authentication/urls/api_urls.py b/apps/authentication/urls/api_urls.py index 1a6c43dd7..920988ee4 100644 --- a/apps/authentication/urls/api_urls.py +++ b/apps/authentication/urls/api_urls.py @@ -9,6 +9,7 @@ app_name = 'authentication' router = DefaultRouter() router.register('access-keys', api.AccessKeyViewSet, 'access-key') router.register('sso', api.SSOViewSet, 'sso') +router.register('temp-tokens', api.TempTokenViewSet, 'temp-token') router.register('connection-token', api.UserConnectionTokenViewSet, 'connection-token') diff --git a/apps/common/utils/common.py b/apps/common/utils/common.py index d579eacfb..3982b1349 100644 --- a/apps/common/utils/common.py +++ b/apps/common/utils/common.py @@ -31,6 +31,8 @@ def combine_seq(s1, s2, callback=None): def get_logger(name=''): + if '/' in name: + name = os.path.basename(name).replace('.py', '') return logging.getLogger('jumpserver.%s' % name) diff --git a/apps/common/utils/random.py b/apps/common/utils/random.py index 1a7449ef0..db3b39c05 100644 --- a/apps/common/utils/random.py +++ b/apps/common/utils/random.py @@ -40,27 +40,3 @@ def random_string(length, lower=True, upper=True, digit=True, special_char=False password = ''.join(password) return password - - -# def strTimeProp(start, end, prop, fmt): -# time_start = time.mktime(time.strptime(start, fmt)) -# time_end = time.mktime(time.strptime(end, fmt)) -# ptime = time_start + prop * (time_end - time_start) -# return int(ptime) -# -# -# def randomTimestamp(start, end, fmt='%Y-%m-%d %H:%M:%S'): -# return strTimeProp(start, end, random.random(), fmt) -# -# -# def randomDate(start, end, frmt='%Y-%m-%d %H:%M:%S'): -# return time.strftime(frmt, time.localtime(strTimeProp(start, end, random.random(), frmt))) -# -# -# def randomTimestampList(start, end, n, frmt='%Y-%m-%d %H:%M:%S'): -# return [randomTimestamp(start, end, frmt) for _ in range(n)] -# -# -# def randomDateList(start, end, n, frmt='%Y-%m-%d %H:%M:%S'): -# return [randomDate(start, end, frmt) for _ in range(n)] - diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index f72ed899f..3cc8a067d 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -256,6 +256,8 @@ class Config(dict): 'AUTH_SAML2_PROVIDER_AUTHORIZATION_ENDPOINT': '/', 'AUTH_SAML2_AUTHENTICATION_FAILURE_REDIRECT_URI': '/', + 'AUTH_TEMP_TOKEN': False, + # 企业微信 'AUTH_WECOM': False, 'WECOM_CORPID': '', diff --git a/apps/jumpserver/settings/auth.py b/apps/jumpserver/settings/auth.py index f71afec9b..e07883d55 100644 --- a/apps/jumpserver/settings/auth.py +++ b/apps/jumpserver/settings/auth.py @@ -109,11 +109,11 @@ CAS_APPLY_ATTRIBUTES_TO_USER = CONFIG.CAS_APPLY_ATTRIBUTES_TO_USER CAS_RENAME_ATTRIBUTES = CONFIG.CAS_RENAME_ATTRIBUTES CAS_CREATE_USER = CONFIG.CAS_CREATE_USER -# SSO Auth +# SSO auth AUTH_SSO = CONFIG.AUTH_SSO AUTH_SSO_AUTHKEY_TTL = CONFIG.AUTH_SSO_AUTHKEY_TTL -# WECOM Auth +# WECOM auth AUTH_WECOM = CONFIG.AUTH_WECOM WECOM_CORPID = CONFIG.WECOM_CORPID WECOM_AGENTID = CONFIG.WECOM_AGENTID @@ -141,6 +141,9 @@ SAML2_SP_ADVANCED_SETTINGS = CONFIG.SAML2_SP_ADVANCED_SETTINGS SAML2_LOGIN_URL_NAME = "authentication:saml2:saml2-login" SAML2_LOGOUT_URL_NAME = "authentication:saml2:saml2-logout" +# 临时 token +AUTH_TEMP_TOKEN = CONFIG.AUTH_TEMP_TOKEN + # Other setting TOKEN_EXPIRATION = CONFIG.TOKEN_EXPIRATION OTP_IN_RADIUS = CONFIG.OTP_IN_RADIUS @@ -160,6 +163,7 @@ AUTH_BACKEND_DINGTALK = 'authentication.backends.sso.DingTalkAuthentication' AUTH_BACKEND_FEISHU = 'authentication.backends.sso.FeiShuAuthentication' AUTH_BACKEND_AUTH_TOKEN = 'authentication.backends.sso.AuthorizationTokenAuthentication' AUTH_BACKEND_SAML2 = 'authentication.backends.saml2.SAML2Backend' +AUTH_BACKEND_TEMP_TOKEN = 'authentication.backends.token.TempTokenAuthBackend' AUTHENTICATION_BACKENDS = [ @@ -172,7 +176,7 @@ AUTHENTICATION_BACKENDS = [ # 扫码模式 AUTH_BACKEND_WECOM, AUTH_BACKEND_DINGTALK, AUTH_BACKEND_FEISHU, # Token模式 - AUTH_BACKEND_AUTH_TOKEN, AUTH_BACKEND_SSO, + AUTH_BACKEND_AUTH_TOKEN, AUTH_BACKEND_SSO, AUTH_BACKEND_TEMP_TOKEN ] ONLY_ALLOW_EXIST_USER_AUTH = CONFIG.ONLY_ALLOW_EXIST_USER_AUTH diff --git a/apps/locale/ja/LC_MESSAGES/django.mo b/apps/locale/ja/LC_MESSAGES/django.mo index 73226f058..7044727ed 100644 --- a/apps/locale/ja/LC_MESSAGES/django.mo +++ b/apps/locale/ja/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:70685e92cbf84f4178224a44fd84eb884a0acfb9749200541ea6655a9a397a72 -size 125019 +oid sha256:89878c511a62211520b347ccf37676cb11e9a0b3257ff968fb6d5dd81726a1e5 +size 125117 diff --git a/apps/locale/ja/LC_MESSAGES/django.po b/apps/locale/ja/LC_MESSAGES/django.po index c80ef4904..643d66c0c 100644 --- a/apps/locale/ja/LC_MESSAGES/django.po +++ b/apps/locale/ja/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: PACKAGE VERSION\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2022-04-12 17:03+0800\n" +"POT-Creation-Date: 2022-04-13 20:21+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -29,25 +29,25 @@ msgstr "Acls" #: assets/models/group.py:20 assets/models/label.py:18 ops/mixin.py:24 #: orgs/models.py:65 perms/models/base.py:83 rbac/models/role.py:29 #: settings/models.py:29 settings/serializers/sms.py:6 -#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:53 +#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:55 #: terminal/models/storage.py:23 terminal/models/task.py:16 #: terminal/models/terminal.py:100 users/forms/profile.py:32 #: users/models/group.py:15 users/models/user.py:661 -#: xpack/plugins/cloud/models.py:28 +#: xpack/plugins/cloud/models.py:27 msgid "Name" msgstr "名前" #: acls/models/base.py:27 assets/models/cmd_filter.py:84 -#: assets/models/user.py:247 terminal/models/endpoint.py:56 +#: assets/models/user.py:247 terminal/models/endpoint.py:58 msgid "Priority" msgstr "優先順位" #: acls/models/base.py:28 assets/models/cmd_filter.py:84 -#: assets/models/user.py:247 terminal/models/endpoint.py:57 +#: assets/models/user.py:247 terminal/models/endpoint.py:59 msgid "1-100, the lower the value will be match first" msgstr "1-100、低い値は最初に一致します" -#: acls/models/base.py:31 authentication/models.py:17 +#: acls/models/base.py:31 authentication/models.py:18 #: authentication/templates/authentication/_access_key_modal.html:32 #: perms/models/base.py:88 terminal/models/sharing.py:26 msgid "Active" @@ -61,12 +61,12 @@ msgstr "アクティブ" #: assets/models/domain.py:64 assets/models/group.py:23 #: assets/models/label.py:23 ops/models/adhoc.py:38 orgs/models.py:68 #: perms/models/base.py:93 rbac/models/role.py:37 settings/models.py:34 -#: terminal/models/endpoint.py:20 terminal/models/endpoint.py:63 +#: terminal/models/endpoint.py:20 terminal/models/endpoint.py:65 #: terminal/models/storage.py:26 terminal/models/terminal.py:114 #: tickets/models/comment.py:24 tickets/models/ticket.py:154 #: users/models/group.py:16 users/models/user.py:698 #: xpack/plugins/change_auth_plan/models/base.py:44 -#: xpack/plugins/cloud/models.py:35 xpack/plugins/cloud/models.py:116 +#: xpack/plugins/cloud/models.py:34 xpack/plugins/cloud/models.py:115 #: xpack/plugins/gathered_user/models.py:26 msgid "Comment" msgstr "コメント" @@ -87,9 +87,9 @@ msgstr "ログイン確認" #: acls/models/login_acl.py:24 acls/models/login_asset_acl.py:20 #: assets/models/cmd_filter.py:30 assets/models/label.py:15 audits/models.py:37 #: audits/models.py:60 audits/models.py:85 audits/serializers.py:100 -#: authentication/models.py:50 orgs/models.py:214 perms/models/base.py:84 -#: rbac/builtin.py:106 rbac/models/rolebinding.py:40 -#: terminal/backends/command/models.py:19 +#: authentication/models.py:51 orgs/models.py:214 perms/models/base.py:84 +#: rbac/builtin.py:107 rbac/models/rolebinding.py:40 +#: terminal/backends/command/models.py:20 #: terminal/backends/command/serializers.py:12 terminal/models/session.py:44 #: terminal/notifications.py:91 terminal/notifications.py:139 #: tickets/models/comment.py:17 users/const.py:14 users/models/user.py:886 @@ -129,12 +129,12 @@ msgstr "システムユーザー" #: assets/models/backup.py:31 assets/models/cmd_filter.py:38 #: assets/models/gathered_user.py:14 assets/serializers/label.py:30 #: assets/serializers/system_user.py:264 audits/models.py:39 -#: perms/models/asset_permission.py:23 terminal/backends/command/models.py:20 +#: perms/models/asset_permission.py:23 terminal/backends/command/models.py:21 #: terminal/backends/command/serializers.py:13 terminal/models/session.py:46 #: terminal/notifications.py:90 #: xpack/plugins/change_auth_plan/models/asset.py:199 #: xpack/plugins/change_auth_plan/serializers/asset.py:180 -#: xpack/plugins/cloud/models.py:223 +#: xpack/plugins/cloud/models.py:222 msgid "Asset" msgstr "資産" @@ -154,6 +154,7 @@ msgstr "コンマ区切り文字列の形式。* はすべて一致すること #: acls/serializers/login_asset_acl.py:51 assets/models/base.py:176 #: assets/models/gathered_user.py:15 audits/models.py:119 #: authentication/forms.py:15 authentication/forms.py:17 +#: authentication/models.py:69 #: authentication/templates/authentication/_msg_different_city.html:9 #: authentication/templates/authentication/_msg_oauth_bind.html:9 #: ops/models/adhoc.py:159 users/forms/profile.py:31 users/models/user.py:659 @@ -265,7 +266,7 @@ msgstr "アプリケーション" #: applications/models/account.py:15 assets/models/authbook.py:20 #: assets/models/cmd_filter.py:42 assets/models/user.py:338 audits/models.py:40 #: perms/models/application_permission.py:33 -#: perms/models/asset_permission.py:25 terminal/backends/command/models.py:21 +#: perms/models/asset_permission.py:25 terminal/backends/command/models.py:22 #: terminal/backends/command/serializers.py:35 terminal/models/session.py:48 #: xpack/plugins/change_auth_plan/models/app.py:36 #: xpack/plugins/change_auth_plan/models/app.py:147 @@ -317,7 +318,7 @@ msgstr "タイプ" msgid "Domain" msgstr "ドメイン" -#: applications/models/application.py:228 xpack/plugins/cloud/models.py:33 +#: applications/models/application.py:228 xpack/plugins/cloud/models.py:32 #: xpack/plugins/cloud/serializers/account.py:58 msgid "Attrs" msgstr "ツールバーの" @@ -356,7 +357,7 @@ msgstr "タイプ表示" #: common/mixins/models.py:50 ops/models/adhoc.py:39 ops/models/command.py:30 #: orgs/models.py:67 orgs/models.py:217 perms/models/base.py:92 #: users/models/group.py:18 users/models/user.py:918 -#: xpack/plugins/cloud/models.py:125 +#: xpack/plugins/cloud/models.py:124 msgid "Date created" msgstr "作成された日付" @@ -571,7 +572,7 @@ msgstr "ホスト名生" #: assets/models/asset.py:215 assets/serializers/account.py:16 #: assets/serializers/asset.py:65 perms/serializers/asset/user_permission.py:41 -#: xpack/plugins/cloud/models.py:107 xpack/plugins/cloud/serializers/task.py:42 +#: xpack/plugins/cloud/models.py:106 xpack/plugins/cloud/serializers/task.py:42 msgid "Protocols" msgstr "プロトコル" @@ -611,7 +612,7 @@ msgstr "ラベル" #: orgs/models.py:219 perms/models/base.py:91 users/models/user.py:706 #: users/serializers/group.py:33 #: xpack/plugins/change_auth_plan/models/base.py:48 -#: xpack/plugins/cloud/models.py:122 xpack/plugins/gathered_user/models.py:30 +#: xpack/plugins/cloud/models.py:121 xpack/plugins/gathered_user/models.py:30 msgid "Created by" msgstr "によって作成された" @@ -715,7 +716,7 @@ msgstr "トリガーモード" #: xpack/plugins/change_auth_plan/models/base.py:201 #: xpack/plugins/change_auth_plan/serializers/app.py:66 #: xpack/plugins/change_auth_plan/serializers/asset.py:179 -#: xpack/plugins/cloud/models.py:179 +#: xpack/plugins/cloud/models.py:178 msgid "Reason" msgstr "理由" @@ -751,7 +752,7 @@ msgstr "失敗しました" msgid "Connectivity" msgstr "接続性" -#: assets/models/base.py:40 +#: assets/models/base.py:40 authentication/models.py:72 msgid "Date verified" msgstr "確認済みの日付" @@ -953,7 +954,7 @@ msgid "Parent key" msgstr "親キー" #: assets/models/node.py:559 assets/serializers/system_user.py:263 -#: xpack/plugins/cloud/models.py:96 xpack/plugins/cloud/serializers/task.py:69 +#: xpack/plugins/cloud/models.py:95 xpack/plugins/cloud/serializers/task.py:69 msgid "Node" msgstr "ノード" @@ -1011,7 +1012,7 @@ msgstr "ログインモード" msgid "SFTP Root" msgstr "SFTPルート" -#: assets/models/user.py:254 authentication/models.py:48 +#: assets/models/user.py:254 authentication/models.py:49 msgid "Token" msgstr "トークン" @@ -1426,6 +1427,7 @@ msgid "Resource" msgstr "リソース" #: audits/models.py:65 audits/models.py:88 +#: terminal/backends/command/serializers.py:39 msgid "Datetime" msgstr "時間" @@ -1480,8 +1482,8 @@ msgid "MFA" msgstr "MFA" #: audits/models.py:126 terminal/models/status.py:33 -#: tickets/models/ticket.py:140 xpack/plugins/cloud/models.py:175 -#: xpack/plugins/cloud/models.py:227 +#: tickets/models/ticket.py:140 xpack/plugins/cloud/models.py:174 +#: xpack/plugins/cloud/models.py:226 msgid "Status" msgstr "ステータス" @@ -1518,7 +1520,7 @@ msgid "Hosts display" msgstr "ホスト表示" #: audits/serializers.py:96 ops/models/command.py:27 -#: xpack/plugins/cloud/models.py:173 +#: xpack/plugins/cloud/models.py:172 msgid "Result" msgstr "結果" @@ -1562,170 +1564,174 @@ msgstr "企業微信" msgid "DingTalk" msgstr "DingTalk" -#: audits/signal_handlers.py:106 +#: audits/signal_handlers.py:73 authentication/models.py:76 +msgid "Temporary token" +msgstr "一時的なトークン" + +#: audits/signal_handlers.py:107 msgid "User and Group" msgstr "ユーザーとグループ" -#: audits/signal_handlers.py:107 +#: audits/signal_handlers.py:108 #, python-brace-format msgid "{User} JOINED {UserGroup}" msgstr "{User} に参加 {UserGroup}" -#: audits/signal_handlers.py:108 +#: audits/signal_handlers.py:109 #, python-brace-format msgid "{User} LEFT {UserGroup}" msgstr "{User} のそばを通る {UserGroup}" -#: audits/signal_handlers.py:111 +#: audits/signal_handlers.py:112 msgid "Asset and SystemUser" msgstr "資産およびシステム・ユーザー" -#: audits/signal_handlers.py:112 +#: audits/signal_handlers.py:113 #, python-brace-format msgid "{Asset} ADD {SystemUser}" msgstr "{Asset} 追加 {SystemUser}" -#: audits/signal_handlers.py:113 +#: audits/signal_handlers.py:114 #, python-brace-format msgid "{Asset} REMOVE {SystemUser}" msgstr "{Asset} 削除 {SystemUser}" -#: audits/signal_handlers.py:116 +#: audits/signal_handlers.py:117 msgid "Node and Asset" msgstr "ノードと資産" -#: audits/signal_handlers.py:117 +#: audits/signal_handlers.py:118 #, python-brace-format msgid "{Node} ADD {Asset}" msgstr "{Node} 追加 {Asset}" -#: audits/signal_handlers.py:118 +#: audits/signal_handlers.py:119 #, python-brace-format msgid "{Node} REMOVE {Asset}" msgstr "{Node} 削除 {Asset}" -#: audits/signal_handlers.py:121 +#: audits/signal_handlers.py:122 msgid "User asset permissions" msgstr "ユーザー資産の権限" -#: audits/signal_handlers.py:122 +#: audits/signal_handlers.py:123 #, python-brace-format msgid "{AssetPermission} ADD {User}" msgstr "{AssetPermission} 追加 {User}" -#: audits/signal_handlers.py:123 +#: audits/signal_handlers.py:124 #, python-brace-format msgid "{AssetPermission} REMOVE {User}" msgstr "{AssetPermission} 削除 {User}" -#: audits/signal_handlers.py:126 +#: audits/signal_handlers.py:127 msgid "User group asset permissions" msgstr "ユーザーグループの資産権限" -#: audits/signal_handlers.py:127 +#: audits/signal_handlers.py:128 #, python-brace-format msgid "{AssetPermission} ADD {UserGroup}" msgstr "{AssetPermission} 追加 {UserGroup}" -#: audits/signal_handlers.py:128 +#: audits/signal_handlers.py:129 #, python-brace-format msgid "{AssetPermission} REMOVE {UserGroup}" msgstr "{AssetPermission} 削除 {UserGroup}" -#: audits/signal_handlers.py:131 perms/models/asset_permission.py:29 +#: audits/signal_handlers.py:132 perms/models/asset_permission.py:29 msgid "Asset permission" msgstr "資産権限" -#: audits/signal_handlers.py:132 +#: audits/signal_handlers.py:133 #, python-brace-format msgid "{AssetPermission} ADD {Asset}" msgstr "{AssetPermission} 追加 {Asset}" -#: audits/signal_handlers.py:133 +#: audits/signal_handlers.py:134 #, python-brace-format msgid "{AssetPermission} REMOVE {Asset}" msgstr "{AssetPermission} 削除 {Asset}" -#: audits/signal_handlers.py:136 +#: audits/signal_handlers.py:137 msgid "Node permission" msgstr "ノード権限" -#: audits/signal_handlers.py:137 +#: audits/signal_handlers.py:138 #, python-brace-format msgid "{AssetPermission} ADD {Node}" msgstr "{AssetPermission} 追加 {Node}" -#: audits/signal_handlers.py:138 +#: audits/signal_handlers.py:139 #, python-brace-format msgid "{AssetPermission} REMOVE {Node}" msgstr "{AssetPermission} 削除 {Node}" -#: audits/signal_handlers.py:141 +#: audits/signal_handlers.py:142 msgid "Asset permission and SystemUser" msgstr "資産権限とSystemUser" -#: audits/signal_handlers.py:142 +#: audits/signal_handlers.py:143 #, python-brace-format msgid "{AssetPermission} ADD {SystemUser}" msgstr "{AssetPermission} 追加 {SystemUser}" -#: audits/signal_handlers.py:143 +#: audits/signal_handlers.py:144 #, python-brace-format msgid "{AssetPermission} REMOVE {SystemUser}" msgstr "{AssetPermission} 削除 {SystemUser}" -#: audits/signal_handlers.py:146 +#: audits/signal_handlers.py:147 msgid "User application permissions" msgstr "ユーザーアプリケーションの権限" -#: audits/signal_handlers.py:147 +#: audits/signal_handlers.py:148 #, python-brace-format msgid "{ApplicationPermission} ADD {User}" msgstr "{ApplicationPermission} 追加 {User}" -#: audits/signal_handlers.py:148 +#: audits/signal_handlers.py:149 #, python-brace-format msgid "{ApplicationPermission} REMOVE {User}" msgstr "{ApplicationPermission} 削除 {User}" -#: audits/signal_handlers.py:151 +#: audits/signal_handlers.py:152 msgid "User group application permissions" msgstr "ユーザーグループアプリケーションの権限" -#: audits/signal_handlers.py:152 +#: audits/signal_handlers.py:153 #, python-brace-format msgid "{ApplicationPermission} ADD {UserGroup}" msgstr "{ApplicationPermission} 追加 {UserGroup}" -#: audits/signal_handlers.py:153 +#: audits/signal_handlers.py:154 #, python-brace-format msgid "{ApplicationPermission} REMOVE {UserGroup}" msgstr "{ApplicationPermission} 削除 {UserGroup}" -#: audits/signal_handlers.py:156 perms/models/application_permission.py:38 +#: audits/signal_handlers.py:157 perms/models/application_permission.py:38 msgid "Application permission" msgstr "申請許可" -#: audits/signal_handlers.py:157 +#: audits/signal_handlers.py:158 #, python-brace-format msgid "{ApplicationPermission} ADD {Application}" msgstr "{ApplicationPermission} 追加 {Application}" -#: audits/signal_handlers.py:158 +#: audits/signal_handlers.py:159 #, python-brace-format msgid "{ApplicationPermission} REMOVE {Application}" msgstr "{ApplicationPermission} 削除 {Application}" -#: audits/signal_handlers.py:161 +#: audits/signal_handlers.py:162 msgid "Application permission and SystemUser" msgstr "アプリケーション権限とSystemUser" -#: audits/signal_handlers.py:162 +#: audits/signal_handlers.py:163 #, python-brace-format msgid "{ApplicationPermission} ADD {SystemUser}" msgstr "{ApplicationPermission} 追加 {SystemUser}" -#: audits/signal_handlers.py:163 +#: audits/signal_handlers.py:164 #, python-brace-format msgid "{ApplicationPermission} REMOVE {SystemUser}" msgstr "{ApplicationPermission} 削除 {SystemUser}" @@ -2028,31 +2034,48 @@ msgstr "MFAタイプ ({}) が有効になっていない" msgid "Please change your password" msgstr "パスワードを変更してください" -#: authentication/models.py:33 terminal/serializers/storage.py:28 +#: authentication/models.py:34 terminal/serializers/storage.py:28 msgid "Access key" msgstr "アクセスキー" -#: authentication/models.py:40 +#: authentication/models.py:41 msgid "Private Token" msgstr "プライベートトークン" -#: authentication/models.py:49 +#: authentication/models.py:50 msgid "Expired" msgstr "期限切れ" -#: authentication/models.py:53 +#: authentication/models.py:54 msgid "SSO token" msgstr "SSO token" -#: authentication/models.py:61 +#: authentication/models.py:62 msgid "Connection token" msgstr "接続トークン" -#: authentication/models.py:63 +#: authentication/models.py:64 msgid "Can view connection token secret" msgstr "接続トークンの秘密を表示できます" #: authentication/models.py:70 +#: authentication/templates/authentication/_access_key_modal.html:31 +#: settings/serializers/auth/radius.py:17 +msgid "Secret" +msgstr "ひみつ" + +#: authentication/models.py:71 +msgid "Verified" +msgstr "確認済み" + +#: authentication/models.py:73 perms/models/base.py:90 +#: tickets/serializers/ticket/meta/ticket_type/apply_application.py:58 +#: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:60 +#: users/models/user.py:703 +msgid "Date expired" +msgstr "期限切れの日付" + +#: authentication/models.py:92 msgid "Super connection token" msgstr "スーパー接続トークン" @@ -2064,6 +2087,14 @@ msgstr "異なる都市ログインのリマインダー" msgid "binding reminder" msgstr "バインディングリマインダー" +#: authentication/serializers/token.py:79 +#: perms/serializers/application/permission.py:20 +#: perms/serializers/application/permission.py:41 +#: perms/serializers/asset/permission.py:19 +#: perms/serializers/asset/permission.py:45 users/serializers/user.py:141 +msgid "Is valid" +msgstr "有効です" + #: authentication/templates/authentication/_access_key_modal.html:6 msgid "API key list" msgstr "APIキーリスト" @@ -2081,11 +2112,6 @@ msgstr "ドキュメント" msgid "ID" msgstr "ID" -#: authentication/templates/authentication/_access_key_modal.html:31 -#: settings/serializers/auth/radius.py:17 -msgid "Secret" -msgstr "秘密" - #: authentication/templates/authentication/_access_key_modal.html:33 #: terminal/notifications.py:93 terminal/notifications.py:141 msgid "Date" @@ -2151,7 +2177,7 @@ msgstr "コードエラー" #: authentication/templates/authentication/_msg_reset_password.html:3 #: authentication/templates/authentication/_msg_rest_password_success.html:2 #: authentication/templates/authentication/_msg_rest_public_key_success.html:2 -#: jumpserver/conf.py:296 ops/tasks.py:145 ops/tasks.py:148 +#: jumpserver/conf.py:298 ops/tasks.py:145 ops/tasks.py:148 #: perms/templates/perms/_msg_item_permissions_expire.html:3 #: perms/templates/perms/_msg_permed_items_expire.html:3 #: users/templates/users/_msg_account_expire_reminder.html:4 @@ -2612,11 +2638,11 @@ msgstr "特殊文字を含むべきではない" msgid "The mobile phone number format is incorrect" msgstr "携帯電話番号の形式が正しくありません" -#: jumpserver/conf.py:295 +#: jumpserver/conf.py:297 msgid "Create account successfully" msgstr "アカウントを正常に作成" -#: jumpserver/conf.py:297 +#: jumpserver/conf.py:299 msgid "Your account has been created successfully" msgstr "アカウントが正常に作成されました" @@ -2972,13 +2998,6 @@ msgstr "クリップボードペースト" msgid "Clipboard copy paste" msgstr "クリップボードコピーペースト" -#: perms/models/base.py:90 -#: tickets/serializers/ticket/meta/ticket_type/apply_application.py:58 -#: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:60 -#: users/models/user.py:703 -msgid "Date expired" -msgstr "期限切れの日付" - #: perms/models/base.py:94 msgid "From ticket" msgstr "チケットから" @@ -3015,13 +3034,6 @@ msgstr "アプリケーション権限の有効期限が近づいています" msgid "application permissions of organization {}" msgstr "Organization {} のアプリケーション権限" -#: perms/serializers/application/permission.py:20 -#: perms/serializers/application/permission.py:41 -#: perms/serializers/asset/permission.py:19 -#: perms/serializers/asset/permission.py:45 users/serializers/user.py:141 -msgid "Is valid" -msgstr "有効です" - #: perms/serializers/application/permission.py:21 #: perms/serializers/application/permission.py:40 #: perms/serializers/asset/permission.py:20 @@ -3114,27 +3126,27 @@ msgstr "{} 少なくとも1つのシステムロール" msgid "RBAC" msgstr "RBAC" -#: rbac/builtin.py:97 +#: rbac/builtin.py:98 msgid "SystemAdmin" msgstr "システム管理者" -#: rbac/builtin.py:100 +#: rbac/builtin.py:101 msgid "SystemAuditor" msgstr "システム監査人" -#: rbac/builtin.py:103 +#: rbac/builtin.py:104 msgid "SystemComponent" msgstr "システムコンポーネント" -#: rbac/builtin.py:109 +#: rbac/builtin.py:110 msgid "OrgAdmin" msgstr "組織管理者" -#: rbac/builtin.py:112 +#: rbac/builtin.py:113 msgid "OrgAuditor" msgstr "監査員を組織する" -#: rbac/builtin.py:115 +#: rbac/builtin.py:116 msgid "OrgUser" msgstr "組織ユーザー" @@ -4599,30 +4611,30 @@ msgstr "ターミナル管理" msgid "Invalid elasticsearch config" msgstr "無効なElasticsearch構成" -#: terminal/backends/command/models.py:15 +#: terminal/backends/command/models.py:16 msgid "Ordinary" msgstr "普通" -#: terminal/backends/command/models.py:16 +#: terminal/backends/command/models.py:17 msgid "Dangerous" msgstr "危険" -#: terminal/backends/command/models.py:22 +#: terminal/backends/command/models.py:23 msgid "Input" msgstr "入力" -#: terminal/backends/command/models.py:23 +#: terminal/backends/command/models.py:24 #: terminal/backends/command/serializers.py:36 msgid "Output" msgstr "出力" -#: terminal/backends/command/models.py:24 terminal/models/replay.py:9 +#: terminal/backends/command/models.py:25 terminal/models/replay.py:9 #: terminal/models/sharing.py:17 terminal/models/sharing.py:64 #: terminal/templates/terminal/_msg_command_alert.html:10 msgid "Session" msgstr "セッション" -#: terminal/backends/command/models.py:25 +#: terminal/backends/command/models.py:26 #: terminal/backends/command/serializers.py:17 msgid "Risk level" msgstr "リスクレベル" @@ -4639,7 +4651,7 @@ msgstr "リスクレベル表示" msgid "Timestamp" msgstr "タイムスタンプ" -#: terminal/backends/command/serializers.py:39 terminal/models/terminal.py:105 +#: terminal/backends/command/serializers.py:40 terminal/models/terminal.py:105 msgid "Remote Address" msgstr "リモートアドレス" @@ -4699,18 +4711,18 @@ msgstr "MariaDB ポート" msgid "PostgreSQL Port" msgstr "PostgreSQL ポート" -#: terminal/models/endpoint.py:25 terminal/models/endpoint.py:61 +#: terminal/models/endpoint.py:25 terminal/models/endpoint.py:63 #: terminal/serializers/endpoint.py:40 terminal/serializers/storage.py:37 #: terminal/serializers/storage.py:49 terminal/serializers/storage.py:79 #: terminal/serializers/storage.py:89 terminal/serializers/storage.py:97 msgid "Endpoint" msgstr "エンドポイント" -#: terminal/models/endpoint.py:54 +#: terminal/models/endpoint.py:56 msgid "IP group" msgstr "IP グループ" -#: terminal/models/endpoint.py:66 +#: terminal/models/endpoint.py:68 msgid "Endpoint rule" msgstr "エンドポイントルール" @@ -4931,7 +4943,7 @@ msgstr "バケット" msgid "Secret key" msgstr "秘密キー" -#: terminal/serializers/storage.py:64 xpack/plugins/cloud/models.py:220 +#: terminal/serializers/storage.py:64 xpack/plugins/cloud/models.py:219 msgid "Region" msgstr "リージョン" @@ -6262,79 +6274,79 @@ msgstr "リリース済み" msgid "Cloud center" msgstr "クラウドセンター" -#: xpack/plugins/cloud/models.py:30 +#: xpack/plugins/cloud/models.py:29 msgid "Provider" msgstr "プロバイダー" -#: xpack/plugins/cloud/models.py:34 +#: xpack/plugins/cloud/models.py:33 msgid "Validity" msgstr "有効性" -#: xpack/plugins/cloud/models.py:39 +#: xpack/plugins/cloud/models.py:38 msgid "Cloud account" msgstr "クラウドアカウント" -#: xpack/plugins/cloud/models.py:41 +#: xpack/plugins/cloud/models.py:40 msgid "Test cloud account" msgstr "クラウドアカウントのテスト" -#: xpack/plugins/cloud/models.py:85 xpack/plugins/cloud/serializers/task.py:66 +#: xpack/plugins/cloud/models.py:84 xpack/plugins/cloud/serializers/task.py:66 msgid "Account" msgstr "アカウント" -#: xpack/plugins/cloud/models.py:88 xpack/plugins/cloud/serializers/task.py:37 +#: xpack/plugins/cloud/models.py:87 xpack/plugins/cloud/serializers/task.py:37 msgid "Regions" msgstr "リージョン" -#: xpack/plugins/cloud/models.py:91 +#: xpack/plugins/cloud/models.py:90 msgid "Hostname strategy" msgstr "ホスト名戦略" -#: xpack/plugins/cloud/models.py:100 xpack/plugins/cloud/serializers/task.py:67 +#: xpack/plugins/cloud/models.py:99 xpack/plugins/cloud/serializers/task.py:67 msgid "Unix admin user" msgstr "Unix adminユーザー" -#: xpack/plugins/cloud/models.py:104 xpack/plugins/cloud/serializers/task.py:68 +#: xpack/plugins/cloud/models.py:103 xpack/plugins/cloud/serializers/task.py:68 msgid "Windows admin user" msgstr "Windows管理者" -#: xpack/plugins/cloud/models.py:110 xpack/plugins/cloud/serializers/task.py:45 +#: xpack/plugins/cloud/models.py:109 xpack/plugins/cloud/serializers/task.py:45 msgid "IP network segment group" msgstr "IPネットワークセグメントグループ" -#: xpack/plugins/cloud/models.py:113 xpack/plugins/cloud/serializers/task.py:71 +#: xpack/plugins/cloud/models.py:112 xpack/plugins/cloud/serializers/task.py:71 msgid "Always update" msgstr "常に更新" -#: xpack/plugins/cloud/models.py:119 +#: xpack/plugins/cloud/models.py:118 msgid "Date last sync" msgstr "最終同期日" -#: xpack/plugins/cloud/models.py:130 xpack/plugins/cloud/models.py:171 +#: xpack/plugins/cloud/models.py:129 xpack/plugins/cloud/models.py:170 msgid "Sync instance task" msgstr "インスタンスの同期タスク" -#: xpack/plugins/cloud/models.py:182 xpack/plugins/cloud/models.py:230 +#: xpack/plugins/cloud/models.py:181 xpack/plugins/cloud/models.py:229 msgid "Date sync" msgstr "日付の同期" -#: xpack/plugins/cloud/models.py:186 +#: xpack/plugins/cloud/models.py:185 msgid "Sync instance task execution" msgstr "インスタンスタスクの同期実行" -#: xpack/plugins/cloud/models.py:210 +#: xpack/plugins/cloud/models.py:209 msgid "Sync task" msgstr "同期タスク" -#: xpack/plugins/cloud/models.py:214 +#: xpack/plugins/cloud/models.py:213 msgid "Sync instance task history" msgstr "インスタンスタスク履歴の同期" -#: xpack/plugins/cloud/models.py:217 +#: xpack/plugins/cloud/models.py:216 msgid "Instance" msgstr "インスタンス" -#: xpack/plugins/cloud/models.py:234 +#: xpack/plugins/cloud/models.py:233 msgid "Sync instance detail" msgstr "同期インスタンスの詳細" @@ -6688,3 +6700,26 @@ msgstr "究極のエディション" #: xpack/plugins/license/models.py:77 msgid "Community edition" msgstr "コミュニティ版" + +#~ msgid "Inherit" +#~ msgstr "継承" + +#~ msgid "Include" +#~ msgstr "含める" + +#~ msgid "Exclude" +#~ msgstr "除外" + +#~ msgid "DatabaseApp" +#~ msgstr "データベースの適用" + +#, fuzzy +#~| msgid "Connection token" +#~ msgid "One time token" +#~ msgstr "接続トークン" + +#~ msgid "JD Cloud" +#~ msgstr "京東雲" + +#~ msgid "CN East-Suqian" +#~ msgstr "華東-宿遷" diff --git a/apps/locale/zh/LC_MESSAGES/django.mo b/apps/locale/zh/LC_MESSAGES/django.mo index 5b9f31b64..ad6a09539 100644 --- a/apps/locale/zh/LC_MESSAGES/django.mo +++ b/apps/locale/zh/LC_MESSAGES/django.mo @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:9c13775875a335e3c8dbc7f666af622c5aa12050100b15e616c210e8e3043e38 -size 103490 +oid sha256:c5e41035cf1525f01fb773511041f0f8a3a25cdfb1fa4f1e681c6d7eec85f6b9 +size 103570 diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index b15b2c545..365f797eb 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2022-04-12 17:03+0800\n" +"POT-Creation-Date: 2022-04-13 20:21+0800\n" "PO-Revision-Date: 2021-05-20 10:54+0800\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -28,25 +28,25 @@ msgstr "访问控制" #: assets/models/group.py:20 assets/models/label.py:18 ops/mixin.py:24 #: orgs/models.py:65 perms/models/base.py:83 rbac/models/role.py:29 #: settings/models.py:29 settings/serializers/sms.py:6 -#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:53 +#: terminal/models/endpoint.py:10 terminal/models/endpoint.py:55 #: terminal/models/storage.py:23 terminal/models/task.py:16 #: terminal/models/terminal.py:100 users/forms/profile.py:32 #: users/models/group.py:15 users/models/user.py:661 -#: xpack/plugins/cloud/models.py:28 +#: xpack/plugins/cloud/models.py:27 msgid "Name" msgstr "名称" #: acls/models/base.py:27 assets/models/cmd_filter.py:84 -#: assets/models/user.py:247 terminal/models/endpoint.py:56 +#: assets/models/user.py:247 terminal/models/endpoint.py:58 msgid "Priority" msgstr "优先级" #: acls/models/base.py:28 assets/models/cmd_filter.py:84 -#: assets/models/user.py:247 terminal/models/endpoint.py:57 +#: assets/models/user.py:247 terminal/models/endpoint.py:59 msgid "1-100, the lower the value will be match first" msgstr "优先级可选范围为 1-100 (数值越小越优先)" -#: acls/models/base.py:31 authentication/models.py:17 +#: acls/models/base.py:31 authentication/models.py:18 #: authentication/templates/authentication/_access_key_modal.html:32 #: perms/models/base.py:88 terminal/models/sharing.py:26 msgid "Active" @@ -60,12 +60,12 @@ msgstr "激活中" #: assets/models/domain.py:64 assets/models/group.py:23 #: assets/models/label.py:23 ops/models/adhoc.py:38 orgs/models.py:68 #: perms/models/base.py:93 rbac/models/role.py:37 settings/models.py:34 -#: terminal/models/endpoint.py:20 terminal/models/endpoint.py:63 +#: terminal/models/endpoint.py:20 terminal/models/endpoint.py:65 #: terminal/models/storage.py:26 terminal/models/terminal.py:114 #: tickets/models/comment.py:24 tickets/models/ticket.py:154 #: users/models/group.py:16 users/models/user.py:698 #: xpack/plugins/change_auth_plan/models/base.py:44 -#: xpack/plugins/cloud/models.py:35 xpack/plugins/cloud/models.py:116 +#: xpack/plugins/cloud/models.py:34 xpack/plugins/cloud/models.py:115 #: xpack/plugins/gathered_user/models.py:26 msgid "Comment" msgstr "备注" @@ -86,9 +86,9 @@ msgstr "登录复核" #: acls/models/login_acl.py:24 acls/models/login_asset_acl.py:20 #: assets/models/cmd_filter.py:30 assets/models/label.py:15 audits/models.py:37 #: audits/models.py:60 audits/models.py:85 audits/serializers.py:100 -#: authentication/models.py:50 orgs/models.py:214 perms/models/base.py:84 -#: rbac/builtin.py:106 rbac/models/rolebinding.py:40 -#: terminal/backends/command/models.py:19 +#: authentication/models.py:51 orgs/models.py:214 perms/models/base.py:84 +#: rbac/builtin.py:107 rbac/models/rolebinding.py:40 +#: terminal/backends/command/models.py:20 #: terminal/backends/command/serializers.py:12 terminal/models/session.py:44 #: terminal/notifications.py:91 terminal/notifications.py:139 #: tickets/models/comment.py:17 users/const.py:14 users/models/user.py:886 @@ -128,12 +128,12 @@ msgstr "系统用户" #: assets/models/backup.py:31 assets/models/cmd_filter.py:38 #: assets/models/gathered_user.py:14 assets/serializers/label.py:30 #: assets/serializers/system_user.py:264 audits/models.py:39 -#: perms/models/asset_permission.py:23 terminal/backends/command/models.py:20 +#: perms/models/asset_permission.py:23 terminal/backends/command/models.py:21 #: terminal/backends/command/serializers.py:13 terminal/models/session.py:46 #: terminal/notifications.py:90 #: xpack/plugins/change_auth_plan/models/asset.py:199 #: xpack/plugins/change_auth_plan/serializers/asset.py:180 -#: xpack/plugins/cloud/models.py:223 +#: xpack/plugins/cloud/models.py:222 msgid "Asset" msgstr "资产" @@ -153,6 +153,7 @@ msgstr "格式为逗号分隔的字符串, * 表示匹配所有. " #: acls/serializers/login_asset_acl.py:51 assets/models/base.py:176 #: assets/models/gathered_user.py:15 audits/models.py:119 #: authentication/forms.py:15 authentication/forms.py:17 +#: authentication/models.py:69 #: authentication/templates/authentication/_msg_different_city.html:9 #: authentication/templates/authentication/_msg_oauth_bind.html:9 #: ops/models/adhoc.py:159 users/forms/profile.py:31 users/models/user.py:659 @@ -260,7 +261,7 @@ msgstr "应用程序" #: applications/models/account.py:15 assets/models/authbook.py:20 #: assets/models/cmd_filter.py:42 assets/models/user.py:338 audits/models.py:40 #: perms/models/application_permission.py:33 -#: perms/models/asset_permission.py:25 terminal/backends/command/models.py:21 +#: perms/models/asset_permission.py:25 terminal/backends/command/models.py:22 #: terminal/backends/command/serializers.py:35 terminal/models/session.py:48 #: xpack/plugins/change_auth_plan/models/app.py:36 #: xpack/plugins/change_auth_plan/models/app.py:147 @@ -312,7 +313,7 @@ msgstr "类型" msgid "Domain" msgstr "网域" -#: applications/models/application.py:228 xpack/plugins/cloud/models.py:33 +#: applications/models/application.py:228 xpack/plugins/cloud/models.py:32 #: xpack/plugins/cloud/serializers/account.py:58 msgid "Attrs" msgstr "属性" @@ -351,7 +352,7 @@ msgstr "类型名称" #: common/mixins/models.py:50 ops/models/adhoc.py:39 ops/models/command.py:30 #: orgs/models.py:67 orgs/models.py:217 perms/models/base.py:92 #: users/models/group.py:18 users/models/user.py:918 -#: xpack/plugins/cloud/models.py:125 +#: xpack/plugins/cloud/models.py:124 msgid "Date created" msgstr "创建日期" @@ -566,7 +567,7 @@ msgstr "主机名原始" #: assets/models/asset.py:215 assets/serializers/account.py:16 #: assets/serializers/asset.py:65 perms/serializers/asset/user_permission.py:41 -#: xpack/plugins/cloud/models.py:107 xpack/plugins/cloud/serializers/task.py:42 +#: xpack/plugins/cloud/models.py:106 xpack/plugins/cloud/serializers/task.py:42 msgid "Protocols" msgstr "协议组" @@ -606,7 +607,7 @@ msgstr "标签管理" #: orgs/models.py:219 perms/models/base.py:91 users/models/user.py:706 #: users/serializers/group.py:33 #: xpack/plugins/change_auth_plan/models/base.py:48 -#: xpack/plugins/cloud/models.py:122 xpack/plugins/gathered_user/models.py:30 +#: xpack/plugins/cloud/models.py:121 xpack/plugins/gathered_user/models.py:30 msgid "Created by" msgstr "创建者" @@ -710,7 +711,7 @@ msgstr "触发模式" #: xpack/plugins/change_auth_plan/models/base.py:201 #: xpack/plugins/change_auth_plan/serializers/app.py:66 #: xpack/plugins/change_auth_plan/serializers/asset.py:179 -#: xpack/plugins/cloud/models.py:179 +#: xpack/plugins/cloud/models.py:178 msgid "Reason" msgstr "原因" @@ -746,7 +747,7 @@ msgstr "失败" msgid "Connectivity" msgstr "可连接性" -#: assets/models/base.py:40 +#: assets/models/base.py:40 authentication/models.py:72 msgid "Date verified" msgstr "校验日期" @@ -948,7 +949,7 @@ msgid "Parent key" msgstr "ssh私钥" #: assets/models/node.py:559 assets/serializers/system_user.py:263 -#: xpack/plugins/cloud/models.py:96 xpack/plugins/cloud/serializers/task.py:69 +#: xpack/plugins/cloud/models.py:95 xpack/plugins/cloud/serializers/task.py:69 msgid "Node" msgstr "节点" @@ -1006,7 +1007,7 @@ msgstr "认证方式" msgid "SFTP Root" msgstr "SFTP根路径" -#: assets/models/user.py:254 authentication/models.py:48 +#: assets/models/user.py:254 authentication/models.py:49 msgid "Token" msgstr "Token" @@ -1414,6 +1415,7 @@ msgid "Resource" msgstr "资源" #: audits/models.py:65 audits/models.py:88 +#: terminal/backends/command/serializers.py:39 msgid "Datetime" msgstr "日期" @@ -1468,8 +1470,8 @@ msgid "MFA" msgstr "MFA" #: audits/models.py:126 terminal/models/status.py:33 -#: tickets/models/ticket.py:140 xpack/plugins/cloud/models.py:175 -#: xpack/plugins/cloud/models.py:227 +#: tickets/models/ticket.py:140 xpack/plugins/cloud/models.py:174 +#: xpack/plugins/cloud/models.py:226 msgid "Status" msgstr "状态" @@ -1506,7 +1508,7 @@ msgid "Hosts display" msgstr "主机名称" #: audits/serializers.py:96 ops/models/command.py:27 -#: xpack/plugins/cloud/models.py:173 +#: xpack/plugins/cloud/models.py:172 msgid "Result" msgstr "结果" @@ -1550,170 +1552,174 @@ msgstr "企业微信" msgid "DingTalk" msgstr "钉钉" -#: audits/signal_handlers.py:106 +#: audits/signal_handlers.py:73 authentication/models.py:76 +msgid "Temporary token" +msgstr "临时 Token" + +#: audits/signal_handlers.py:107 msgid "User and Group" msgstr "用户与用户组" -#: audits/signal_handlers.py:107 +#: audits/signal_handlers.py:108 #, python-brace-format msgid "{User} JOINED {UserGroup}" msgstr "{User} 加入 {UserGroup}" -#: audits/signal_handlers.py:108 +#: audits/signal_handlers.py:109 #, python-brace-format msgid "{User} LEFT {UserGroup}" msgstr "{User} 离开 {UserGroup}" -#: audits/signal_handlers.py:111 +#: audits/signal_handlers.py:112 msgid "Asset and SystemUser" msgstr "资产与系统用户" -#: audits/signal_handlers.py:112 +#: audits/signal_handlers.py:113 #, python-brace-format msgid "{Asset} ADD {SystemUser}" msgstr "{Asset} 添加 {SystemUser}" -#: audits/signal_handlers.py:113 +#: audits/signal_handlers.py:114 #, python-brace-format msgid "{Asset} REMOVE {SystemUser}" msgstr "{Asset} 移除 {SystemUser}" -#: audits/signal_handlers.py:116 +#: audits/signal_handlers.py:117 msgid "Node and Asset" msgstr "节点与资产" -#: audits/signal_handlers.py:117 +#: audits/signal_handlers.py:118 #, python-brace-format msgid "{Node} ADD {Asset}" msgstr "{Node} 添加 {Asset}" -#: audits/signal_handlers.py:118 +#: audits/signal_handlers.py:119 #, python-brace-format msgid "{Node} REMOVE {Asset}" msgstr "{Node} 移除 {Asset}" -#: audits/signal_handlers.py:121 +#: audits/signal_handlers.py:122 msgid "User asset permissions" msgstr "用户资产授权" -#: audits/signal_handlers.py:122 +#: audits/signal_handlers.py:123 #, python-brace-format msgid "{AssetPermission} ADD {User}" msgstr "{AssetPermission} 添加 {User}" -#: audits/signal_handlers.py:123 +#: audits/signal_handlers.py:124 #, python-brace-format msgid "{AssetPermission} REMOVE {User}" msgstr "{AssetPermission} 移除 {User}" -#: audits/signal_handlers.py:126 +#: audits/signal_handlers.py:127 msgid "User group asset permissions" msgstr "用户组资产授权" -#: audits/signal_handlers.py:127 +#: audits/signal_handlers.py:128 #, python-brace-format msgid "{AssetPermission} ADD {UserGroup}" msgstr "{AssetPermission} 添加 {UserGroup}" -#: audits/signal_handlers.py:128 +#: audits/signal_handlers.py:129 #, python-brace-format msgid "{AssetPermission} REMOVE {UserGroup}" msgstr "{AssetPermission} 移除 {UserGroup}" -#: audits/signal_handlers.py:131 perms/models/asset_permission.py:29 +#: audits/signal_handlers.py:132 perms/models/asset_permission.py:29 msgid "Asset permission" msgstr "资产授权" -#: audits/signal_handlers.py:132 +#: audits/signal_handlers.py:133 #, python-brace-format msgid "{AssetPermission} ADD {Asset}" msgstr "{AssetPermission} 添加 {Asset}" -#: audits/signal_handlers.py:133 +#: audits/signal_handlers.py:134 #, python-brace-format msgid "{AssetPermission} REMOVE {Asset}" msgstr "{AssetPermission} 移除 {Asset}" -#: audits/signal_handlers.py:136 +#: audits/signal_handlers.py:137 msgid "Node permission" msgstr "节点授权" -#: audits/signal_handlers.py:137 +#: audits/signal_handlers.py:138 #, python-brace-format msgid "{AssetPermission} ADD {Node}" msgstr "{AssetPermission} 添加 {Node}" -#: audits/signal_handlers.py:138 +#: audits/signal_handlers.py:139 #, python-brace-format msgid "{AssetPermission} REMOVE {Node}" msgstr "{AssetPermission} 移除 {Node}" -#: audits/signal_handlers.py:141 +#: audits/signal_handlers.py:142 msgid "Asset permission and SystemUser" msgstr "资产授权与系统用户" -#: audits/signal_handlers.py:142 +#: audits/signal_handlers.py:143 #, python-brace-format msgid "{AssetPermission} ADD {SystemUser}" msgstr "{AssetPermission} 添加 {SystemUser}" -#: audits/signal_handlers.py:143 +#: audits/signal_handlers.py:144 #, python-brace-format msgid "{AssetPermission} REMOVE {SystemUser}" msgstr "{AssetPermission} 移除 {SystemUser}" -#: audits/signal_handlers.py:146 +#: audits/signal_handlers.py:147 msgid "User application permissions" msgstr "用户应用授权" -#: audits/signal_handlers.py:147 +#: audits/signal_handlers.py:148 #, python-brace-format msgid "{ApplicationPermission} ADD {User}" msgstr "{ApplicationPermission} 添加 {User}" -#: audits/signal_handlers.py:148 +#: audits/signal_handlers.py:149 #, python-brace-format msgid "{ApplicationPermission} REMOVE {User}" msgstr "{ApplicationPermission} 移除 {User}" -#: audits/signal_handlers.py:151 +#: audits/signal_handlers.py:152 msgid "User group application permissions" msgstr "用户组应用授权" -#: audits/signal_handlers.py:152 +#: audits/signal_handlers.py:153 #, python-brace-format msgid "{ApplicationPermission} ADD {UserGroup}" msgstr "{ApplicationPermission} 添加 {UserGroup}" -#: audits/signal_handlers.py:153 +#: audits/signal_handlers.py:154 #, python-brace-format msgid "{ApplicationPermission} REMOVE {UserGroup}" msgstr "{ApplicationPermission} 移除 {UserGroup}" -#: audits/signal_handlers.py:156 perms/models/application_permission.py:38 +#: audits/signal_handlers.py:157 perms/models/application_permission.py:38 msgid "Application permission" msgstr "应用授权" -#: audits/signal_handlers.py:157 +#: audits/signal_handlers.py:158 #, python-brace-format msgid "{ApplicationPermission} ADD {Application}" msgstr "{ApplicationPermission} 添加 {Application}" -#: audits/signal_handlers.py:158 +#: audits/signal_handlers.py:159 #, python-brace-format msgid "{ApplicationPermission} REMOVE {Application}" msgstr "{ApplicationPermission} 移除 {Application}" -#: audits/signal_handlers.py:161 +#: audits/signal_handlers.py:162 msgid "Application permission and SystemUser" msgstr "应用授权与系统用户" -#: audits/signal_handlers.py:162 +#: audits/signal_handlers.py:163 #, python-brace-format msgid "{ApplicationPermission} ADD {SystemUser}" msgstr "{ApplicationPermission} 添加 {SystemUser}" -#: audits/signal_handlers.py:163 +#: audits/signal_handlers.py:164 #, python-brace-format msgid "{ApplicationPermission} REMOVE {SystemUser}" msgstr "{ApplicationPermission} 移除 {SystemUser}" @@ -2007,31 +2013,48 @@ msgstr "该 MFA ({}) 方式没有启用" msgid "Please change your password" msgstr "请修改密码" -#: authentication/models.py:33 terminal/serializers/storage.py:28 +#: authentication/models.py:34 terminal/serializers/storage.py:28 msgid "Access key" msgstr "API key" -#: authentication/models.py:40 +#: authentication/models.py:41 msgid "Private Token" msgstr "SSH密钥" -#: authentication/models.py:49 +#: authentication/models.py:50 msgid "Expired" msgstr "过期时间" -#: authentication/models.py:53 +#: authentication/models.py:54 msgid "SSO token" msgstr "SSO token" -#: authentication/models.py:61 +#: authentication/models.py:62 msgid "Connection token" msgstr "连接令牌" -#: authentication/models.py:63 +#: authentication/models.py:64 msgid "Can view connection token secret" msgstr "可以查看连接令牌密文" #: authentication/models.py:70 +#: authentication/templates/authentication/_access_key_modal.html:31 +#: settings/serializers/auth/radius.py:17 +msgid "Secret" +msgstr "密钥" + +#: authentication/models.py:71 +msgid "Verified" +msgstr "已校验" + +#: authentication/models.py:73 perms/models/base.py:90 +#: tickets/serializers/ticket/meta/ticket_type/apply_application.py:58 +#: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:60 +#: users/models/user.py:703 +msgid "Date expired" +msgstr "失效日期" + +#: authentication/models.py:92 msgid "Super connection token" msgstr "超级连接令牌" @@ -2043,6 +2066,14 @@ msgstr "异地登录提醒" msgid "binding reminder" msgstr "绑定提醒" +#: authentication/serializers/token.py:79 +#: perms/serializers/application/permission.py:20 +#: perms/serializers/application/permission.py:41 +#: perms/serializers/asset/permission.py:19 +#: perms/serializers/asset/permission.py:45 users/serializers/user.py:141 +msgid "Is valid" +msgstr "账号是否有效" + #: authentication/templates/authentication/_access_key_modal.html:6 msgid "API key list" msgstr "API Key列表" @@ -2060,11 +2091,6 @@ msgstr "文档" msgid "ID" msgstr "ID" -#: authentication/templates/authentication/_access_key_modal.html:31 -#: settings/serializers/auth/radius.py:17 -msgid "Secret" -msgstr "密钥" - #: authentication/templates/authentication/_access_key_modal.html:33 #: terminal/notifications.py:93 terminal/notifications.py:141 msgid "Date" @@ -2130,7 +2156,7 @@ msgstr "代码错误" #: authentication/templates/authentication/_msg_reset_password.html:3 #: authentication/templates/authentication/_msg_rest_password_success.html:2 #: authentication/templates/authentication/_msg_rest_public_key_success.html:2 -#: jumpserver/conf.py:296 ops/tasks.py:145 ops/tasks.py:148 +#: jumpserver/conf.py:298 ops/tasks.py:145 ops/tasks.py:148 #: perms/templates/perms/_msg_item_permissions_expire.html:3 #: perms/templates/perms/_msg_permed_items_expire.html:3 #: users/templates/users/_msg_account_expire_reminder.html:4 @@ -2582,11 +2608,11 @@ msgstr "不能包含特殊字符" msgid "The mobile phone number format is incorrect" msgstr "手机号格式不正确" -#: jumpserver/conf.py:295 +#: jumpserver/conf.py:297 msgid "Create account successfully" msgstr "创建账号成功" -#: jumpserver/conf.py:297 +#: jumpserver/conf.py:299 msgid "Your account has been created successfully" msgstr "你的账号已创建成功" @@ -2937,13 +2963,6 @@ msgstr "剪贴板粘贴" msgid "Clipboard copy paste" msgstr "剪贴板复制粘贴" -#: perms/models/base.py:90 -#: tickets/serializers/ticket/meta/ticket_type/apply_application.py:58 -#: tickets/serializers/ticket/meta/ticket_type/apply_asset.py:60 -#: users/models/user.py:703 -msgid "Date expired" -msgstr "失效日期" - #: perms/models/base.py:94 msgid "From ticket" msgstr "来自工单" @@ -2980,13 +2999,6 @@ msgstr "应用授权规则即将过期" msgid "application permissions of organization {}" msgstr "组织 ({}) 的应用授权" -#: perms/serializers/application/permission.py:20 -#: perms/serializers/application/permission.py:41 -#: perms/serializers/asset/permission.py:19 -#: perms/serializers/asset/permission.py:45 users/serializers/user.py:141 -msgid "Is valid" -msgstr "账号是否有效" - #: perms/serializers/application/permission.py:21 #: perms/serializers/application/permission.py:40 #: perms/serializers/asset/permission.py:20 @@ -3077,27 +3089,27 @@ msgstr "{} 至少有一个系统角色" msgid "RBAC" msgstr "RBAC" -#: rbac/builtin.py:97 +#: rbac/builtin.py:98 msgid "SystemAdmin" msgstr "系统管理员" -#: rbac/builtin.py:100 +#: rbac/builtin.py:101 msgid "SystemAuditor" msgstr "系统审计员" -#: rbac/builtin.py:103 +#: rbac/builtin.py:104 msgid "SystemComponent" msgstr "系统组件" -#: rbac/builtin.py:109 +#: rbac/builtin.py:110 msgid "OrgAdmin" msgstr "组织管理员" -#: rbac/builtin.py:112 +#: rbac/builtin.py:113 msgid "OrgAuditor" msgstr "组织审计员" -#: rbac/builtin.py:115 +#: rbac/builtin.py:116 msgid "OrgUser" msgstr "组织用户" @@ -4528,30 +4540,30 @@ msgstr "终端管理" msgid "Invalid elasticsearch config" msgstr "无效的 Elasticsearch 配置" -#: terminal/backends/command/models.py:15 +#: terminal/backends/command/models.py:16 msgid "Ordinary" msgstr "普通" -#: terminal/backends/command/models.py:16 +#: terminal/backends/command/models.py:17 msgid "Dangerous" msgstr "危险" -#: terminal/backends/command/models.py:22 +#: terminal/backends/command/models.py:23 msgid "Input" msgstr "输入" -#: terminal/backends/command/models.py:23 +#: terminal/backends/command/models.py:24 #: terminal/backends/command/serializers.py:36 msgid "Output" msgstr "输出" -#: terminal/backends/command/models.py:24 terminal/models/replay.py:9 +#: terminal/backends/command/models.py:25 terminal/models/replay.py:9 #: terminal/models/sharing.py:17 terminal/models/sharing.py:64 #: terminal/templates/terminal/_msg_command_alert.html:10 msgid "Session" msgstr "会话" -#: terminal/backends/command/models.py:25 +#: terminal/backends/command/models.py:26 #: terminal/backends/command/serializers.py:17 msgid "Risk level" msgstr "风险等级" @@ -4568,7 +4580,7 @@ msgstr "风险等级名称" msgid "Timestamp" msgstr "时间戳" -#: terminal/backends/command/serializers.py:39 terminal/models/terminal.py:105 +#: terminal/backends/command/serializers.py:40 terminal/models/terminal.py:105 msgid "Remote Address" msgstr "远端地址" @@ -4628,18 +4640,18 @@ msgstr "MariaDB 端口" msgid "PostgreSQL Port" msgstr "PostgreSQL 端口" -#: terminal/models/endpoint.py:25 terminal/models/endpoint.py:61 +#: terminal/models/endpoint.py:25 terminal/models/endpoint.py:63 #: terminal/serializers/endpoint.py:40 terminal/serializers/storage.py:37 #: terminal/serializers/storage.py:49 terminal/serializers/storage.py:79 #: terminal/serializers/storage.py:89 terminal/serializers/storage.py:97 msgid "Endpoint" msgstr "端点" -#: terminal/models/endpoint.py:54 +#: terminal/models/endpoint.py:56 msgid "IP group" msgstr "IP 组" -#: terminal/models/endpoint.py:66 +#: terminal/models/endpoint.py:68 msgid "Endpoint rule" msgstr "端点规则" @@ -4860,7 +4872,7 @@ msgstr "桶名称" msgid "Secret key" msgstr "密钥" -#: terminal/serializers/storage.py:64 xpack/plugins/cloud/models.py:220 +#: terminal/serializers/storage.py:64 xpack/plugins/cloud/models.py:219 msgid "Region" msgstr "地域" @@ -6174,79 +6186,79 @@ msgstr "已释放" msgid "Cloud center" msgstr "云管中心" -#: xpack/plugins/cloud/models.py:30 +#: xpack/plugins/cloud/models.py:29 msgid "Provider" msgstr "云服务商" -#: xpack/plugins/cloud/models.py:34 +#: xpack/plugins/cloud/models.py:33 msgid "Validity" msgstr "有效" -#: xpack/plugins/cloud/models.py:39 +#: xpack/plugins/cloud/models.py:38 msgid "Cloud account" msgstr "云账号" -#: xpack/plugins/cloud/models.py:41 +#: xpack/plugins/cloud/models.py:40 msgid "Test cloud account" msgstr "测试云账号" -#: xpack/plugins/cloud/models.py:85 xpack/plugins/cloud/serializers/task.py:66 +#: xpack/plugins/cloud/models.py:84 xpack/plugins/cloud/serializers/task.py:66 msgid "Account" msgstr "账号" -#: xpack/plugins/cloud/models.py:88 xpack/plugins/cloud/serializers/task.py:37 +#: xpack/plugins/cloud/models.py:87 xpack/plugins/cloud/serializers/task.py:37 msgid "Regions" msgstr "地域" -#: xpack/plugins/cloud/models.py:91 +#: xpack/plugins/cloud/models.py:90 msgid "Hostname strategy" msgstr "主机名策略" -#: xpack/plugins/cloud/models.py:100 xpack/plugins/cloud/serializers/task.py:67 +#: xpack/plugins/cloud/models.py:99 xpack/plugins/cloud/serializers/task.py:67 msgid "Unix admin user" msgstr "Unix 管理员" -#: xpack/plugins/cloud/models.py:104 xpack/plugins/cloud/serializers/task.py:68 +#: xpack/plugins/cloud/models.py:103 xpack/plugins/cloud/serializers/task.py:68 msgid "Windows admin user" msgstr "Windows 管理员" -#: xpack/plugins/cloud/models.py:110 xpack/plugins/cloud/serializers/task.py:45 +#: xpack/plugins/cloud/models.py:109 xpack/plugins/cloud/serializers/task.py:45 msgid "IP network segment group" msgstr "IP网段组" -#: xpack/plugins/cloud/models.py:113 xpack/plugins/cloud/serializers/task.py:71 +#: xpack/plugins/cloud/models.py:112 xpack/plugins/cloud/serializers/task.py:71 msgid "Always update" msgstr "总是更新" -#: xpack/plugins/cloud/models.py:119 +#: xpack/plugins/cloud/models.py:118 msgid "Date last sync" msgstr "最后同步日期" -#: xpack/plugins/cloud/models.py:130 xpack/plugins/cloud/models.py:171 +#: xpack/plugins/cloud/models.py:129 xpack/plugins/cloud/models.py:170 msgid "Sync instance task" msgstr "同步实例任务" -#: xpack/plugins/cloud/models.py:182 xpack/plugins/cloud/models.py:230 +#: xpack/plugins/cloud/models.py:181 xpack/plugins/cloud/models.py:229 msgid "Date sync" msgstr "同步日期" -#: xpack/plugins/cloud/models.py:186 +#: xpack/plugins/cloud/models.py:185 msgid "Sync instance task execution" msgstr "同步实例任务执行" -#: xpack/plugins/cloud/models.py:210 +#: xpack/plugins/cloud/models.py:209 msgid "Sync task" msgstr "同步任务" -#: xpack/plugins/cloud/models.py:214 +#: xpack/plugins/cloud/models.py:213 msgid "Sync instance task history" msgstr "同步实例任务历史" -#: xpack/plugins/cloud/models.py:217 +#: xpack/plugins/cloud/models.py:216 msgid "Instance" msgstr "实例" -#: xpack/plugins/cloud/models.py:234 +#: xpack/plugins/cloud/models.py:233 msgid "Sync instance detail" msgstr "同步实例详情" @@ -6599,3 +6611,23 @@ msgstr "旗舰版" #: xpack/plugins/license/models.py:77 msgid "Community edition" msgstr "社区版" + +#~ msgid "Inherit" +#~ msgstr "继承" + +#~ msgid "Include" +#~ msgstr "包含" + +#~ msgid "Exclude" +#~ msgstr "不包含" + +#~ msgid "DatabaseApp" +#~ msgstr "数据库应用" + +#~ msgid "Database proxy MySQL protocol listen port" +#~ msgstr "MySQL 协议监听的端口" + +#, fuzzy +#~| msgid "Database proxy PostgreSQL port" +#~ msgid "Database proxy PostgreSQL listen port" +#~ msgstr "数据库组件 PostgreSQL 协议监听的端口" diff --git a/apps/rbac/builtin.py b/apps/rbac/builtin.py index 513ec210a..d8e84a554 100644 --- a/apps/rbac/builtin.py +++ b/apps/rbac/builtin.py @@ -16,6 +16,7 @@ user_perms = ( ('applications', 'application', 'match', 'application'), ('ops', 'commandexecution', 'add', 'commandexecution'), ('authentication', 'connectiontoken', 'add', 'connectiontoken'), + ('authentication', 'temptoken', 'add', 'temptoken'), ('tickets', 'ticket', 'view', 'ticket'), ('orgs', 'organization', 'view', 'rootorg'), ) diff --git a/apps/settings/api/public.py b/apps/settings/api/public.py index a6dc3b43c..ca221f2de 100644 --- a/apps/settings/api/public.py +++ b/apps/settings/api/public.py @@ -67,6 +67,7 @@ class PublicSettingApi(generics.RetrieveAPIView): # Announcement "ANNOUNCEMENT_ENABLED": settings.ANNOUNCEMENT_ENABLED, "ANNOUNCEMENT": settings.ANNOUNCEMENT, + "AUTH_TEMP_TOKEN": settings.AUTH_TEMP_TOKEN, } } return instance