diff --git a/apps/assets/models/asset.py b/apps/assets/models/asset.py index 5b3009305..4a2942291 100644 --- a/apps/assets/models/asset.py +++ b/apps/assets/models/asset.py @@ -4,7 +4,6 @@ import uuid import logging -import random from django.db import models from django.utils.translation import ugettext_lazy as _ @@ -35,6 +34,19 @@ def default_node(): return None +class AssetQuerySet(models.QuerySet): + def active(self): + return self.filter(is_active=True) + + def valid(self): + return self.active() + + +class AssetManager(models.Manager): + def get_queryset(self): + return AssetQuerySet(self.model, using=self._db) + + class Asset(models.Model): # Important PLATFORM_CHOICES = ( @@ -83,6 +95,8 @@ class Asset(models.Model): date_created = models.DateTimeField(auto_now_add=True, null=True, blank=True, verbose_name=_('Date created')) comment = models.TextField(max_length=128, default='', blank=True, verbose_name=_('Comment')) + objects = AssetManager() + def __str__(self): return '{0.hostname}({0.ip})'.format(self) diff --git a/apps/assets/models/base.py b/apps/assets/models/base.py index 2997b1b61..eda00a79a 100644 --- a/apps/assets/models/base.py +++ b/apps/assets/models/base.py @@ -10,6 +10,7 @@ from django.utils.translation import ugettext_lazy as _ from django.conf import settings from common.utils import get_signer, ssh_key_string_to_obj, ssh_key_gen +from common.validators import alphanumeric from .utils import private_key_validator signer = get_signer() @@ -18,7 +19,7 @@ signer = get_signer() class AssetUser(models.Model): id = models.UUIDField(default=uuid.uuid4, primary_key=True) name = models.CharField(max_length=128, unique=True, verbose_name=_('Name')) - username = models.CharField(max_length=128, verbose_name=_('Username')) + username = models.CharField(max_length=32, verbose_name=_('Username'), validators=[alphanumeric]) _password = models.CharField(max_length=256, blank=True, null=True, verbose_name=_('Password')) _private_key = models.TextField(max_length=4096, blank=True, null=True, verbose_name=_('SSH private key'), validators=[private_key_validator, ]) _public_key = models.TextField(max_length=4096, blank=True, verbose_name=_('SSH public key')) diff --git a/apps/assets/models/node.py b/apps/assets/models/node.py index 1b765aefb..7939ad1e9 100644 --- a/apps/assets/models/node.py +++ b/apps/assets/models/node.py @@ -63,8 +63,8 @@ class Node(models.Model): assets = Asset.objects.filter(nodes__id=self.id) return assets - def get_active_assets(self): - return self.get_assets().filter(is_active=True) + def get_valid_assets(self): + return self.get_assets().valid() def get_all_assets(self): from .asset import Asset @@ -78,8 +78,8 @@ class Node(models.Model): def has_assets(self): return self.get_all_assets() - def get_all_active_assets(self): - return self.get_all_assets().filter(is_active=True) + def get_all_valid_assets(self): + return self.get_all_assets().valid() def is_root(self): return self.key == '0' diff --git a/apps/common/validators.py b/apps/common/validators.py new file mode 100644 index 000000000..9a4c1e501 --- /dev/null +++ b/apps/common/validators.py @@ -0,0 +1,7 @@ +# -*- coding: utf-8 -*- +# +from django.core.validators import RegexValidator +from django.utils.translation import ugettext_lazy as _ + + +alphanumeric = RegexValidator(r'^[0-9a-zA-Z_-]*$', _('Special char not allowed')) \ No newline at end of file diff --git a/apps/i18n/zh/LC_MESSAGES/django.mo b/apps/i18n/zh/LC_MESSAGES/django.mo index 4da36e76e..038e65f43 100644 Binary files a/apps/i18n/zh/LC_MESSAGES/django.mo and b/apps/i18n/zh/LC_MESSAGES/django.mo differ diff --git a/apps/i18n/zh/LC_MESSAGES/django.po b/apps/i18n/zh/LC_MESSAGES/django.po index d586f00af..2dc77a3fd 100644 --- a/apps/i18n/zh/LC_MESSAGES/django.po +++ b/apps/i18n/zh/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: Jumpserver 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2018-04-26 19:15+0800\n" +"POT-Creation-Date: 2018-04-27 11:39+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: ibuler \n" "Language-Team: Jumpserver team\n" @@ -21,23 +21,23 @@ msgstr "" msgid "New node {}" msgstr "新节点 {}" -#: assets/api/node.py:216 +#: assets/api/node.py:217 msgid "更新节点资产硬件信息: {}" msgstr "" -#: assets/api/node.py:229 +#: assets/api/node.py:230 msgid "测试节点下资产是否可连接: {}" msgstr "" -#: assets/forms/asset.py:24 assets/models/asset.py:54 assets/models/user.py:103 +#: assets/forms/asset.py:24 assets/models/asset.py:66 assets/models/user.py:103 #: assets/templates/assets/asset_detail.html:183 #: assets/templates/assets/asset_detail.html:191 -#: assets/templates/assets/system_user_detail.html:166 perms/models.py:23 +#: assets/templates/assets/system_user_detail.html:166 perms/models.py:33 msgid "Nodes" msgstr "节点管理" #: assets/forms/asset.py:27 assets/forms/asset.py:66 assets/forms/asset.py:109 -#: assets/forms/asset.py:113 assets/models/asset.py:58 +#: assets/forms/asset.py:113 assets/models/asset.py:70 #: assets/models/cluster.py:19 assets/models/user.py:72 #: assets/templates/assets/asset_detail.html:73 templates/_nav.html:25 msgid "Admin user" @@ -53,7 +53,7 @@ msgstr "管理用户" msgid "Label" msgstr "标签" -#: assets/forms/asset.py:34 assets/forms/asset.py:73 assets/models/asset.py:53 +#: assets/forms/asset.py:34 assets/forms/asset.py:73 assets/models/asset.py:65 #: assets/models/domain.py:46 msgid "Domain" msgstr "网域" @@ -61,7 +61,7 @@ msgstr "网域" #: assets/forms/asset.py:38 assets/forms/asset.py:63 assets/forms/asset.py:77 #: assets/forms/asset.py:128 assets/templates/assets/asset_create.html:29 #: assets/templates/assets/asset_update.html:34 perms/forms.py:40 -#: perms/forms.py:47 perms/models.py:67 +#: perms/forms.py:47 perms/models.py:76 #: perms/templates/perms/asset_permission_list.html:57 #: perms/templates/perms/asset_permission_list.html:142 msgid "Node" @@ -90,7 +90,7 @@ msgstr "如果有多个的互相隔离的网络,设置资产属于的网域, msgid "Select assets" msgstr "选择资产" -#: assets/forms/asset.py:105 assets/models/asset.py:51 +#: assets/forms/asset.py:105 assets/models/asset.py:63 #: assets/models/domain.py:44 assets/templates/assets/admin_user_assets.html:53 #: assets/templates/assets/asset_detail.html:69 #: assets/templates/assets/domain_gateway_list.html:58 @@ -99,18 +99,18 @@ msgid "Port" msgstr "端口" #: assets/forms/domain.py:14 assets/forms/label.py:13 -#: assets/models/asset.py:169 assets/templates/assets/admin_user_list.html:25 +#: assets/models/asset.py:183 assets/templates/assets/admin_user_list.html:25 #: assets/templates/assets/domain_detail.html:60 #: assets/templates/assets/domain_list.html:15 #: assets/templates/assets/label_list.html:16 #: assets/templates/assets/system_user_list.html:29 audits/models.py:11 #: audits/templates/audits/ftp_log_list.html:41 #: audits/templates/audits/ftp_log_list.html:72 perms/forms.py:37 -#: perms/models.py:22 +#: perms/models.py:32 #: perms/templates/perms/asset_permission_create_update.html:40 #: perms/templates/perms/asset_permission_list.html:56 #: perms/templates/perms/asset_permission_list.html:139 -#: terminal/backends/command/models.py:11 terminal/models.py:123 +#: terminal/backends/command/models.py:11 terminal/models.py:127 #: terminal/templates/terminal/command_list.html:40 #: terminal/templates/terminal/command_list.html:73 #: terminal/templates/terminal/session_list.html:41 @@ -119,7 +119,7 @@ msgid "Asset" msgstr "资产" #: assets/forms/domain.py:54 assets/forms/user.py:79 assets/forms/user.py:120 -#: assets/models/base.py:20 assets/models/cluster.py:18 +#: assets/models/base.py:21 assets/models/cluster.py:18 #: assets/models/domain.py:17 assets/models/group.py:20 #: assets/models/label.py:17 assets/templates/assets/admin_user_detail.html:56 #: assets/templates/assets/admin_user_list.html:23 @@ -128,14 +128,14 @@ msgstr "资产" #: assets/templates/assets/domain_list.html:14 #: assets/templates/assets/label_list.html:14 #: assets/templates/assets/system_user_detail.html:58 -#: assets/templates/assets/system_user_list.html:26 common/forms.py:179 -#: common/models.py:26 common/templates/common/terminal_setting.html:70 -#: common/templates/common/terminal_setting.html:88 ops/models/adhoc.py:36 +#: assets/templates/assets/system_user_list.html:26 common/models.py:26 +#: common/templates/common/terminal_setting.html:67 +#: common/templates/common/terminal_setting.html:85 ops/models/adhoc.py:36 #: ops/templates/ops/task_detail.html:59 ops/templates/ops/task_list.html:35 -#: perms/models.py:19 perms/templates/perms/asset_permission_detail.html:62 +#: perms/models.py:29 perms/templates/perms/asset_permission_detail.html:62 #: perms/templates/perms/asset_permission_list.html:53 #: perms/templates/perms/asset_permission_user.html:54 terminal/models.py:16 -#: terminal/models.py:149 terminal/templates/terminal/terminal_detail.html:43 +#: terminal/models.py:154 terminal/templates/terminal/terminal_detail.html:43 #: terminal/templates/terminal/terminal_list.html:29 users/models/group.py:14 #: users/models/user.py:42 users/templates/users/_select_user_modal.html:13 #: users/templates/users/user_detail.html:63 @@ -148,7 +148,7 @@ msgid "Name" msgstr "名称" #: assets/forms/domain.py:55 assets/forms/user.py:80 assets/forms/user.py:121 -#: assets/models/base.py:21 assets/templates/assets/admin_user_detail.html:60 +#: assets/models/base.py:22 assets/templates/assets/admin_user_detail.html:60 #: assets/templates/assets/admin_user_list.html:24 #: assets/templates/assets/domain_gateway_list.html:60 #: assets/templates/assets/system_user_detail.html:62 @@ -168,7 +168,7 @@ msgstr "用户名" msgid "Password or private key passphrase" msgstr "密码或密钥密码" -#: assets/forms/user.py:25 assets/models/base.py:22 common/forms.py:114 +#: assets/forms/user.py:25 assets/models/base.py:23 common/forms.py:113 #: users/forms.py:15 users/forms.py:23 users/forms.py:32 users/forms.py:44 #: users/templates/users/login.html:59 #: users/templates/users/reset_password.html:52 @@ -202,14 +202,14 @@ msgid "" "than 2 system user" msgstr "高优先级的系统用户将会作为默认登录用户" -#: assets/models/asset.py:49 assets/models/domain.py:43 +#: assets/models/asset.py:61 assets/models/domain.py:43 #: assets/templates/assets/_asset_list_modal.html:46 #: assets/templates/assets/admin_user_assets.html:52 #: assets/templates/assets/asset_detail.html:61 #: assets/templates/assets/asset_list.html:87 #: assets/templates/assets/domain_gateway_list.html:57 #: assets/templates/assets/system_user_asset.html:50 -#: assets/templates/assets/user_asset_list.html:46 common/forms.py:145 +#: assets/templates/assets/user_asset_list.html:46 common/forms.py:144 #: perms/templates/perms/asset_permission_asset.html:55 #: users/templates/users/login_log_list.html:52 #: users/templates/users/user_granted_asset.html:45 @@ -217,119 +217,119 @@ msgstr "高优先级的系统用户将会作为默认登录用户" msgid "IP" msgstr "IP" -#: assets/models/asset.py:50 assets/templates/assets/_asset_list_modal.html:45 +#: assets/models/asset.py:62 assets/templates/assets/_asset_list_modal.html:45 #: assets/templates/assets/admin_user_assets.html:51 #: assets/templates/assets/asset_detail.html:57 #: assets/templates/assets/asset_list.html:86 #: assets/templates/assets/system_user_asset.html:49 -#: assets/templates/assets/user_asset_list.html:45 common/forms.py:144 +#: assets/templates/assets/user_asset_list.html:45 common/forms.py:143 #: perms/templates/perms/asset_permission_asset.html:54 #: users/templates/users/user_granted_asset.html:44 #: users/templates/users/user_group_granted_asset.html:44 msgid "Hostname" msgstr "主机名" -#: assets/models/asset.py:52 assets/templates/assets/asset_detail.html:97 +#: assets/models/asset.py:64 assets/templates/assets/asset_detail.html:97 msgid "Platform" msgstr "系统平台" -#: assets/models/asset.py:55 assets/models/domain.py:48 +#: assets/models/asset.py:67 assets/models/domain.py:48 #: assets/models/label.py:20 assets/templates/assets/asset_detail.html:105 msgid "Is active" msgstr "激活" -#: assets/models/asset.py:61 assets/templates/assets/asset_detail.html:65 +#: assets/models/asset.py:73 assets/templates/assets/asset_detail.html:65 msgid "Public IP" msgstr "公网IP" -#: assets/models/asset.py:62 assets/templates/assets/asset_detail.html:113 +#: assets/models/asset.py:74 assets/templates/assets/asset_detail.html:113 msgid "Asset number" msgstr "资产编号" -#: assets/models/asset.py:65 assets/templates/assets/asset_detail.html:77 +#: assets/models/asset.py:77 assets/templates/assets/asset_detail.html:77 msgid "Vendor" msgstr "制造商" -#: assets/models/asset.py:66 assets/templates/assets/asset_detail.html:81 +#: assets/models/asset.py:78 assets/templates/assets/asset_detail.html:81 msgid "Model" msgstr "型号" -#: assets/models/asset.py:67 assets/templates/assets/asset_detail.html:109 +#: assets/models/asset.py:79 assets/templates/assets/asset_detail.html:109 msgid "Serial number" msgstr "序列号" -#: assets/models/asset.py:69 +#: assets/models/asset.py:81 msgid "CPU model" msgstr "CPU型号" -#: assets/models/asset.py:70 +#: assets/models/asset.py:82 msgid "CPU count" msgstr "CPU数量" -#: assets/models/asset.py:71 +#: assets/models/asset.py:83 msgid "CPU cores" msgstr "CPU核数" -#: assets/models/asset.py:72 assets/templates/assets/asset_detail.html:89 +#: assets/models/asset.py:84 assets/templates/assets/asset_detail.html:89 msgid "Memory" msgstr "内存" -#: assets/models/asset.py:73 +#: assets/models/asset.py:85 msgid "Disk total" msgstr "硬盘大小" -#: assets/models/asset.py:74 +#: assets/models/asset.py:86 msgid "Disk info" msgstr "硬盘信息" -#: assets/models/asset.py:76 assets/templates/assets/asset_detail.html:101 +#: assets/models/asset.py:88 assets/templates/assets/asset_detail.html:101 msgid "OS" msgstr "操作系统" -#: assets/models/asset.py:77 +#: assets/models/asset.py:89 msgid "OS version" msgstr "系统版本" -#: assets/models/asset.py:78 +#: assets/models/asset.py:90 msgid "OS arch" msgstr "系统架构" -#: assets/models/asset.py:79 +#: assets/models/asset.py:91 msgid "Hostname raw" msgstr "主机名原始" -#: assets/models/asset.py:81 assets/templates/assets/asset_create.html:33 +#: assets/models/asset.py:93 assets/templates/assets/asset_create.html:33 #: assets/templates/assets/asset_detail.html:220 #: assets/templates/assets/asset_update.html:38 templates/_nav.html:27 msgid "Labels" msgstr "标签管理" -#: assets/models/asset.py:82 assets/models/base.py:28 +#: assets/models/asset.py:94 assets/models/base.py:29 #: assets/models/cluster.py:28 assets/models/group.py:21 #: assets/templates/assets/admin_user_detail.html:68 #: assets/templates/assets/asset_detail.html:117 #: assets/templates/assets/domain_detail.html:72 #: assets/templates/assets/system_user_detail.html:96 -#: ops/templates/ops/adhoc_detail.html:86 perms/models.py:28 perms/models.py:72 +#: ops/templates/ops/adhoc_detail.html:86 perms/models.py:38 perms/models.py:81 #: perms/templates/perms/asset_permission_detail.html:98 #: users/models/user.py:83 users/templates/users/user_detail.html:107 msgid "Created by" msgstr "创建者" -#: assets/models/asset.py:83 assets/models/cluster.py:26 +#: assets/models/asset.py:95 assets/models/cluster.py:26 #: assets/models/domain.py:20 assets/models/group.py:22 #: assets/models/label.py:23 assets/templates/assets/admin_user_detail.html:64 #: assets/templates/assets/domain_detail.html:68 #: assets/templates/assets/system_user_detail.html:92 #: ops/templates/ops/adhoc_detail.html:90 ops/templates/ops/task_detail.html:63 -#: perms/models.py:29 perms/models.py:73 +#: perms/models.py:39 perms/models.py:82 #: perms/templates/perms/asset_permission_detail.html:94 #: terminal/templates/terminal/terminal_detail.html:59 users/models/group.py:17 #: users/templates/users/user_group_detail.html:63 msgid "Date created" msgstr "创建日期" -#: assets/models/asset.py:84 assets/models/base.py:25 +#: assets/models/asset.py:96 assets/models/base.py:26 #: assets/models/cluster.py:29 assets/models/domain.py:18 #: assets/models/domain.py:47 assets/models/group.py:23 #: assets/models/label.py:21 assets/templates/assets/admin_user_detail.html:72 @@ -340,7 +340,7 @@ msgstr "创建日期" #: assets/templates/assets/domain_list.html:17 #: assets/templates/assets/system_user_detail.html:100 #: assets/templates/assets/system_user_list.html:33 common/models.py:30 -#: ops/models/adhoc.py:42 perms/models.py:30 perms/models.py:74 +#: ops/models/adhoc.py:42 perms/models.py:40 perms/models.py:83 #: perms/templates/perms/asset_permission_detail.html:102 terminal/models.py:26 #: terminal/templates/terminal/terminal_detail.html:63 users/models/group.py:15 #: users/models/user.py:75 users/templates/users/user_detail.html:119 @@ -350,11 +350,11 @@ msgstr "创建日期" msgid "Comment" msgstr "备注" -#: assets/models/base.py:23 +#: assets/models/base.py:24 msgid "SSH private key" msgstr "ssh密钥" -#: assets/models/base.py:24 +#: assets/models/base.py:25 msgid "SSH public key" msgstr "ssh公钥" @@ -408,6 +408,7 @@ msgstr "集群" #: assets/templates/assets/domain_gateway_list.html:59 #: assets/templates/assets/system_user_detail.html:66 #: assets/templates/assets/system_user_list.html:28 +#: terminal/templates/terminal/session_list.html:75 msgid "Protocol" msgstr "协议" @@ -422,11 +423,11 @@ msgstr "默认资产组" #: assets/models/label.py:14 audits/models.py:9 #: audits/templates/audits/ftp_log_list.html:33 #: audits/templates/audits/ftp_log_list.html:71 perms/forms.py:14 -#: perms/forms.py:31 perms/models.py:20 +#: perms/forms.py:31 perms/models.py:30 #: perms/templates/perms/asset_permission_create_update.html:36 #: perms/templates/perms/asset_permission_list.html:54 #: perms/templates/perms/asset_permission_list.html:133 -#: terminal/backends/command/models.py:10 terminal/models.py:122 +#: terminal/backends/command/models.py:10 terminal/models.py:126 #: terminal/templates/terminal/command_list.html:32 #: terminal/templates/terminal/command_list.html:72 #: terminal/templates/terminal/session_list.html:33 @@ -489,11 +490,11 @@ msgstr "Shell" #: assets/models/user.py:149 audits/models.py:12 #: audits/templates/audits/ftp_log_list.html:49 #: audits/templates/audits/ftp_log_list.html:73 perms/forms.py:43 -#: perms/models.py:24 perms/models.py:69 +#: perms/models.py:34 perms/models.py:78 #: perms/templates/perms/asset_permission_detail.html:140 #: perms/templates/perms/asset_permission_list.html:58 #: perms/templates/perms/asset_permission_list.html:145 templates/_nav.html:26 -#: terminal/backends/command/models.py:12 terminal/models.py:124 +#: terminal/backends/command/models.py:12 terminal/models.py:128 #: terminal/templates/terminal/command_list.html:48 #: terminal/templates/terminal/command_list.html:74 #: terminal/templates/terminal/session_list.html:49 @@ -561,7 +562,6 @@ msgid "Select System Users" msgstr "选择系统用户" #: assets/templates/assets/_asset_group_bulk_update_modal.html:34 -#, fuzzy msgid "Enable-MFA" msgstr "启用MFA" @@ -630,11 +630,10 @@ msgstr "其它" #: assets/templates/assets/domain_create_update.html:16 #: assets/templates/assets/gateway_create_update.html:58 #: assets/templates/assets/label_create_update.html:18 -#: common/templates/common/basic_setting.html:61 -#: common/templates/common/cloud_setting.html:74 -#: common/templates/common/email_setting.html:62 -#: common/templates/common/ldap_setting.html:62 -#: common/templates/common/terminal_setting.html:104 +#: common/templates/common/basic_setting.html:58 +#: common/templates/common/email_setting.html:59 +#: common/templates/common/ldap_setting.html:59 +#: common/templates/common/terminal_setting.html:101 #: perms/templates/perms/asset_permission_create_update.html:69 #: terminal/templates/terminal/terminal_update.html:47 #: users/templates/users/_user.html:46 @@ -656,11 +655,10 @@ msgstr "重置" #: assets/templates/assets/domain_create_update.html:17 #: assets/templates/assets/gateway_create_update.html:59 #: assets/templates/assets/label_create_update.html:19 -#: common/templates/common/basic_setting.html:62 -#: common/templates/common/cloud_setting.html:76 -#: common/templates/common/email_setting.html:63 -#: common/templates/common/ldap_setting.html:63 -#: common/templates/common/terminal_setting.html:106 +#: common/templates/common/basic_setting.html:59 +#: common/templates/common/email_setting.html:60 +#: common/templates/common/ldap_setting.html:60 +#: common/templates/common/terminal_setting.html:103 #: perms/templates/perms/asset_permission_create_update.html:70 #: terminal/templates/terminal/session_list.html:120 #: terminal/templates/terminal/terminal_update.html:48 @@ -859,8 +857,8 @@ msgstr "快速修改" #: assets/templates/assets/asset_detail.html:143 #: assets/templates/assets/asset_list.html:89 -#: assets/templates/assets/user_asset_list.html:47 perms/models.py:25 -#: perms/models.py:70 +#: assets/templates/assets/user_asset_list.html:47 perms/models.py:35 +#: perms/models.py:79 #: perms/templates/perms/asset_permission_create_update.html:47 #: perms/templates/perms/asset_permission_detail.html:120 #: perms/templates/perms/asset_permission_list.html:59 @@ -1027,8 +1025,8 @@ msgid "Create gateway" msgstr "创建网关" #: assets/templates/assets/domain_gateway_list.html:87 -#: common/templates/common/email_setting.html:61 -#: common/templates/common/ldap_setting.html:61 +#: common/templates/common/email_setting.html:58 +#: common/templates/common/ldap_setting.html:58 msgid "Test connection" msgstr "测试连接" @@ -1178,7 +1176,7 @@ msgid "System user asset" msgstr "系统用户集群资产" #: audits/models.py:10 audits/templates/audits/ftp_log_list.html:74 -#: terminal/models.py:126 terminal/templates/terminal/session_list.html:74 +#: terminal/models.py:130 terminal/templates/terminal/session_list.html:74 #: terminal/templates/terminal/terminal_detail.html:47 msgid "Remote addr" msgstr "远端地址" @@ -1200,8 +1198,8 @@ msgstr "成功" #: audits/templates/audits/ftp_log_list.html:78 #: ops/templates/ops/adhoc_history.html:52 #: ops/templates/ops/adhoc_history_detail.html:61 -#: ops/templates/ops/task_history.html:58 perms/models.py:26 -#: perms/templates/perms/asset_permission_detail.html:86 terminal/models.py:132 +#: ops/templates/ops/task_history.html:58 perms/models.py:36 +#: perms/templates/perms/asset_permission_detail.html:86 terminal/models.py:137 #: terminal/templates/terminal/session_list.html:77 msgid "Date start" msgstr "开始日期" @@ -1248,84 +1246,84 @@ msgstr "不是字符类型" msgid "Encrypt field using Secret Key" msgstr "" -#: common/forms.py:71 +#: common/forms.py:70 msgid "Current SITE URL" msgstr "当前站点URL" -#: common/forms.py:75 +#: common/forms.py:74 msgid "User Guide URL" msgstr "用户向导URL" -#: common/forms.py:76 +#: common/forms.py:75 msgid "User first login update profile done redirect to it" msgstr "用户第一次登录,修改profile后重定向到地址" -#: common/forms.py:79 +#: common/forms.py:78 msgid "Email Subject Prefix" msgstr "Email主题前缀" -#: common/forms.py:86 +#: common/forms.py:85 msgid "SMTP host" msgstr "SMTP主机" -#: common/forms.py:88 +#: common/forms.py:87 msgid "SMTP port" msgstr "SMTP端口" -#: common/forms.py:90 +#: common/forms.py:89 msgid "SMTP user" msgstr "SMTP账号" -#: common/forms.py:93 +#: common/forms.py:92 msgid "SMTP password" msgstr "SMTP密码" -#: common/forms.py:94 +#: common/forms.py:93 msgid "Some provider use token except password" msgstr "一些邮件提供商需要输入的是Token" -#: common/forms.py:97 common/forms.py:137 +#: common/forms.py:96 common/forms.py:136 msgid "Use SSL" msgstr "使用SSL" -#: common/forms.py:98 +#: common/forms.py:97 msgid "If SMTP port is 465, may be select" msgstr "如果SMTP端口是465,通常需要启用SSL" -#: common/forms.py:101 +#: common/forms.py:100 msgid "Use TLS" msgstr "使用TLS" -#: common/forms.py:102 +#: common/forms.py:101 msgid "If SMTP port is 587, may be select" msgstr "如果SMTP端口是587,通常需要启用TLS" -#: common/forms.py:108 +#: common/forms.py:107 msgid "LDAP server" msgstr "LDAP地址" -#: common/forms.py:111 +#: common/forms.py:110 msgid "Bind DN" msgstr "绑定DN" -#: common/forms.py:118 +#: common/forms.py:117 msgid "User OU" msgstr "用户OU" -#: common/forms.py:121 +#: common/forms.py:120 msgid "User search filter" msgstr "用户过滤器" -#: common/forms.py:122 +#: common/forms.py:121 #, python-format msgid "Choice may be (cn|uid|sAMAccountName)=%(user)s)" msgstr "可能的选项是(cn或uid或sAMAccountName=%(user)s)" -#: common/forms.py:125 +#: common/forms.py:124 msgid "User attr map" msgstr "LDAP属性映射" -#: common/forms.py:132 +#: common/forms.py:131 msgid "" "User attr map present how to map LDAP user attr to jumpserver, username,name," "email is jumpserver attr" @@ -1333,80 +1331,52 @@ msgstr "" "用户属性映射代表怎样将LDAP中用户属性映射到jumpserver用户上,username, name," "email 是jumpserver的属性" -#: common/forms.py:139 +#: common/forms.py:138 msgid "Enable LDAP auth" msgstr "启用LDAP认证" -#: common/forms.py:148 +#: common/forms.py:147 msgid "List sort by" msgstr "资产列表排序" -#: common/forms.py:151 +#: common/forms.py:150 msgid "Heartbeat interval" msgstr "心跳间隔" -#: common/forms.py:151 ops/models/adhoc.py:37 +#: common/forms.py:150 ops/models/adhoc.py:37 msgid "Units: seconds" msgstr "单位: 秒" -#: common/forms.py:154 +#: common/forms.py:153 msgid "Password auth" msgstr "密码认证" -#: common/forms.py:157 +#: common/forms.py:156 msgid "Public key auth" msgstr "密钥认证" -#: common/forms.py:160 common/templates/common/terminal_setting.html:66 +#: common/forms.py:159 common/templates/common/terminal_setting.html:63 #: terminal/forms.py:30 terminal/models.py:20 msgid "Command storage" msgstr "命令存储" -#: common/forms.py:161 +#: common/forms.py:160 msgid "" "Set terminal storage setting, `default` is the using as default,You can set " "other storage and some terminal using" msgstr "设置终端命令存储,default是默认用的存储方式" -#: common/forms.py:166 common/templates/common/terminal_setting.html:84 +#: common/forms.py:165 common/templates/common/terminal_setting.html:81 #: terminal/forms.py:35 terminal/models.py:21 msgid "Replay storage" msgstr "录像存储" -#: common/forms.py:167 +#: common/forms.py:166 msgid "" "Set replay storage setting, `default` is the using as default,You can set " "other storage and some terminal using" msgstr "设置终端录像存储,default是默认用的存储方式" -#: common/forms.py:175 -msgid "Aliyun" -msgstr "" - -#: common/forms.py:176 -msgid "AWS" -msgstr "" - -#: common/forms.py:183 -msgid "Cloud provider" -msgstr "" - -#: common/forms.py:186 -msgid "Access key id" -msgstr "" - -#: common/forms.py:187 -msgid "Enter the access key id for the cloud service" -msgstr "" - -#: common/forms.py:190 -msgid "Access key secret" -msgstr "" - -#: common/forms.py:191 -msgid "Enter the access key secret for the cloud service" -msgstr "" - #: common/mixins.py:29 msgid "is discard" msgstr "" @@ -1420,62 +1390,50 @@ msgid "Enabled" msgstr "启用" #: common/templates/common/basic_setting.html:15 -#: common/templates/common/cloud_setting.html:16 -#: common/templates/common/cloud_setting.html:49 #: common/templates/common/email_setting.html:15 #: common/templates/common/ldap_setting.html:15 #: common/templates/common/terminal_setting.html:16 -#: common/templates/common/terminal_setting.html:45 common/views.py:34 +#: common/templates/common/terminal_setting.html:42 common/views.py:22 msgid "Basic setting" msgstr "基本设置" #: common/templates/common/basic_setting.html:18 -#: common/templates/common/cloud_setting.html:20 #: common/templates/common/email_setting.html:18 #: common/templates/common/ldap_setting.html:18 -#: common/templates/common/terminal_setting.html:20 common/views.py:60 +#: common/templates/common/terminal_setting.html:20 common/views.py:48 msgid "Email setting" msgstr "邮件设置" #: common/templates/common/basic_setting.html:21 -#: common/templates/common/cloud_setting.html:24 #: common/templates/common/email_setting.html:21 #: common/templates/common/ldap_setting.html:21 -#: common/templates/common/terminal_setting.html:24 common/views.py:86 +#: common/templates/common/terminal_setting.html:24 common/views.py:74 msgid "LDAP setting" msgstr "LDAP设置" #: common/templates/common/basic_setting.html:24 -#: common/templates/common/cloud_setting.html:28 #: common/templates/common/email_setting.html:24 #: common/templates/common/ldap_setting.html:24 -#: common/templates/common/terminal_setting.html:28 common/views.py:116 +#: common/templates/common/terminal_setting.html:28 common/views.py:104 msgid "Terminal setting" msgstr "终端设置" -#: common/templates/common/basic_setting.html:27 -#: common/templates/common/cloud_setting.html:32 -#: common/templates/common/email_setting.html:27 -#: common/templates/common/ldap_setting.html:27 -#: common/templates/common/terminal_setting.html:31 common/views.py:144 -#, fuzzy -#| msgid "Email setting" -msgid "Cloud setting" -msgstr "邮件设置" - -#: common/templates/common/terminal_setting.html:71 -#: common/templates/common/terminal_setting.html:89 +#: common/templates/common/terminal_setting.html:68 +#: common/templates/common/terminal_setting.html:86 #: users/templates/users/login_log_list.html:50 msgid "Type" msgstr "类型" -#: common/views.py:33 common/views.py:59 common/views.py:85 common/views.py:115 -#: common/views.py:143 templates/_nav.html:81 +#: common/validators.py:7 +msgid "Special char not allowed" +msgstr "不能包含特殊字符" + +#: common/views.py:21 common/views.py:47 common/views.py:73 common/views.py:103 +#: templates/_nav.html:81 msgid "Settings" msgstr "系统设置" -#: common/views.py:44 common/views.py:70 common/views.py:98 common/views.py:128 -#: common/views.py:155 +#: common/views.py:32 common/views.py:58 common/views.py:86 common/views.py:116 msgid "Update setting successfully, please restart program" msgstr "更新设置成功, 请手动重启程序" @@ -1754,7 +1712,7 @@ msgstr "执行历史" msgid "Select users" msgstr "选择用户" -#: perms/forms.py:34 perms/models.py:21 perms/models.py:68 +#: perms/forms.py:34 perms/models.py:31 perms/models.py:77 #: perms/templates/perms/asset_permission_list.html:55 #: perms/templates/perms/asset_permission_list.html:136 templates/_nav.html:14 #: users/models/group.py:25 users/models/user.py:48 @@ -1772,14 +1730,14 @@ msgstr "" msgid "Asset or group at least one required" msgstr "" -#: perms/models.py:27 perms/models.py:71 +#: perms/models.py:37 perms/models.py:80 #: perms/templates/perms/asset_permission_detail.html:90 #: users/models/user.py:80 users/templates/users/user_detail.html:103 #: users/templates/users/user_profile.html:105 msgid "Date expired" msgstr "失效日期" -#: perms/models.py:81 templates/_nav.html:34 +#: perms/models.py:90 templates/_nav.html:34 msgid "Asset permission" msgstr "资产授权" @@ -1816,6 +1774,10 @@ msgstr "添加节点" msgid "Join" msgstr "加入" +#: perms/templates/perms/asset_permission_create_update.html:53 +msgid "Validity period" +msgstr "有效期" + #: perms/templates/perms/asset_permission_detail.html:66 msgid "User count" msgstr "用户数量" @@ -1962,7 +1924,7 @@ msgstr "关闭" #: templates/_nav.html:10 users/views/group.py:28 users/views/group.py:44 #: users/views/group.py:62 users/views/group.py:79 users/views/group.py:95 -#: users/views/login.py:264 users/views/login.py:325 users/views/user.py:64 +#: users/views/login.py:263 users/views/login.py:321 users/views/user.py:64 #: users/views/user.py:79 users/views/user.py:99 users/views/user.py:155 #: users/views/user.py:310 users/views/user.py:357 users/views/user.py:379 msgid "Users" @@ -1996,11 +1958,10 @@ msgstr "命令记录" msgid "Web terminal" msgstr "Web终端" -#: templates/_nav.html:51 terminal/templates/terminal/session_list.html:75 -#: terminal/views/command.py:47 terminal/views/session.py:75 -#: terminal/views/session.py:93 terminal/views/session.py:115 -#: terminal/views/terminal.py:31 terminal/views/terminal.py:46 -#: terminal/views/terminal.py:58 +#: templates/_nav.html:51 terminal/views/command.py:47 +#: terminal/views/session.py:75 terminal/views/session.py:93 +#: terminal/views/session.py:115 terminal/views/terminal.py:31 +#: terminal/views/terminal.py:46 terminal/views/terminal.py:58 msgid "Terminal" msgstr "终端管理" @@ -2079,26 +2040,26 @@ msgstr "线程数" msgid "Boot Time" msgstr "运行时间" -#: terminal/models.py:128 terminal/templates/terminal/session_list.html:102 +#: terminal/models.py:132 terminal/templates/terminal/session_list.html:102 msgid "Replay" msgstr "回放" -#: terminal/models.py:129 terminal/templates/terminal/command_list.html:55 +#: terminal/models.py:133 terminal/templates/terminal/command_list.html:55 #: terminal/templates/terminal/command_list.html:71 #: terminal/templates/terminal/session_detail.html:48 #: terminal/templates/terminal/session_list.html:76 msgid "Command" msgstr "命令" -#: terminal/models.py:131 +#: terminal/models.py:136 msgid "Date last active" msgstr "最后活跃日期" -#: terminal/models.py:133 +#: terminal/models.py:138 msgid "Date end" msgstr "结束日期" -#: terminal/models.py:150 +#: terminal/models.py:155 msgid "Args" msgstr "参数" @@ -2898,56 +2859,56 @@ msgstr "更新用户组" msgid "User group granted asset" msgstr "用户组授权资产" -#: users/views/login.py:60 +#: users/views/login.py:59 msgid "Please enable cookies and try again." msgstr "设置你的浏览器支持cookie" -#: users/views/login.py:126 users/views/user.py:464 users/views/user.py:489 +#: users/views/login.py:125 users/views/user.py:464 users/views/user.py:489 msgid "MFA code invalid" msgstr "MFA码认证失败" -#: users/views/login.py:152 +#: users/views/login.py:151 msgid "Logout success" msgstr "退出登录成功" -#: users/views/login.py:153 +#: users/views/login.py:152 msgid "Logout success, return login page" msgstr "退出登录成功,返回到登录页面" -#: users/views/login.py:169 +#: users/views/login.py:168 msgid "Email address invalid, please input again" msgstr "邮箱地址错误,重新输入" -#: users/views/login.py:182 +#: users/views/login.py:181 msgid "Send reset password message" msgstr "发送重置密码邮件" -#: users/views/login.py:183 +#: users/views/login.py:182 msgid "Send reset password mail success, login your mail box and follow it " msgstr "" "发送重置邮件成功, 请登录邮箱查看, 按照提示操作 (如果没收到,请等待3-5分钟)" -#: users/views/login.py:196 +#: users/views/login.py:195 msgid "Reset password success" msgstr "重置密码成功" -#: users/views/login.py:197 +#: users/views/login.py:196 msgid "Reset password success, return to login page" msgstr "重置密码成功,返回到登录页面" -#: users/views/login.py:214 users/views/login.py:227 +#: users/views/login.py:213 users/views/login.py:226 msgid "Token invalid or expired" msgstr "Token错误或失效" -#: users/views/login.py:223 +#: users/views/login.py:222 msgid "Password not same" msgstr "密码不一致" -#: users/views/login.py:264 +#: users/views/login.py:263 msgid "First login" msgstr "首次登陆" -#: users/views/login.py:326 +#: users/views/login.py:322 msgid "Login log list" msgstr "登录日志" @@ -2994,9 +2955,3 @@ msgstr "MFA 解绑成功" #: users/views/user.py:519 msgid "MFA disable success, return login page" msgstr "MFA 解绑成功,返回登录页面" - -#~ msgid "Step" -#~ msgstr "Step" - -#~ msgid "Add asset" -#~ msgstr "添加资产到节点" diff --git a/apps/perms/models.py b/apps/perms/models.py index 954cbe5f6..f7792ee6d 100644 --- a/apps/perms/models.py +++ b/apps/perms/models.py @@ -7,13 +7,23 @@ from django.utils import timezone from common.utils import date_expired_default, set_or_append_attr_bulk -class ValidManager(models.Manager): - def get_queryset(self): - return super().get_queryset().filter(is_active=True) \ - .filter(date_start__lt=timezone.now())\ +class AssetPermissionQuerySet(models.QuerySet): + def active(self): + return self.filter(is_active=True) + + def valid(self): + return self.active().filter(date_start__lt=timezone.now())\ .filter(date_expired__gt=timezone.now()) +class AssetPermissionManager(models.Manager): + def get_queryset(self): + return AssetPermissionQuerySet(self.model, using=self._db) + + def valid(self): + return self.get_queryset().valid() + + class AssetPermission(models.Model): id = models.UUIDField(default=uuid.uuid4, primary_key=True) name = models.CharField(max_length=128, unique=True, verbose_name=_('Name')) @@ -29,8 +39,7 @@ class AssetPermission(models.Model): date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created')) comment = models.TextField(verbose_name=_('Comment'), blank=True) - objects = models.Manager() - valid = ValidManager() + objects = AssetPermissionManager() def __str__(self): return self.name diff --git a/apps/perms/templates/perms/asset_permission_create_update.html b/apps/perms/templates/perms/asset_permission_create_update.html index 551aab142..2f9ebeeaf 100644 --- a/apps/perms/templates/perms/asset_permission_create_update.html +++ b/apps/perms/templates/perms/asset_permission_create_update.html @@ -50,7 +50,7 @@
- +
diff --git a/apps/perms/utils.py b/apps/perms/utils.py index 81ac4bf05..b23b1cb7c 100644 --- a/apps/perms/utils.py +++ b/apps/perms/utils.py @@ -16,23 +16,23 @@ class AssetPermissionUtil: @staticmethod def get_user_permissions(user): - return AssetPermission.valid.all().filter(users=user) + return AssetPermission.objects.all().valid().filter(users=user) @staticmethod def get_user_group_permissions(user_group): - return AssetPermission.valid.all().filter(user_groups=user_group) + return AssetPermission.objects.all().valid().filter(user_groups=user_group) @staticmethod def get_asset_permissions(asset): - return AssetPermission.valid.all().filter(assets=asset) + return AssetPermission.objects.all().valid().filter(assets=asset) @staticmethod def get_node_permissions(node): - return AssetPermission.valid.all().filter(nodes=node) + return AssetPermission.objects.all().valid().filter(nodes=node) @staticmethod def get_system_user_permissions(system_user): - return AssetPermission.objects.all().filter(system_users=system_user) + return AssetPermission.objects.valid().all().filter(system_users=system_user) @classmethod def get_user_group_nodes(cls, group): @@ -51,7 +51,7 @@ class AssetPermissionUtil: assets = defaultdict(set) permissions = cls.get_user_group_permissions(group) for perm in permissions: - _assets = perm.assets.all() + _assets = perm.assets.all().valid() _system_users = perm.system_users.all() set_or_append_attr_bulk(_assets, 'permission', perm.id) for asset in _assets: @@ -63,7 +63,7 @@ class AssetPermissionUtil: assets = defaultdict(set) nodes = cls.get_user_group_nodes(group) for node, _system_users in nodes.items(): - _assets = node.get_all_assets() + _assets = node.get_all_valid_assets() set_or_append_attr_bulk(_assets, 'inherit_node', node.id) set_or_append_attr_bulk(_assets, 'permission', getattr(node, 'permission', None)) for asset in _assets: @@ -103,7 +103,7 @@ class AssetPermissionUtil: assets = defaultdict(set) permissions = list(cls.get_user_permissions(user)) for perm in permissions: - _assets = perm.assets.all() + _assets = perm.assets.all().valid() _system_users = perm.system_users.all() set_or_append_attr_bulk(_assets, 'permission', perm.id) for asset in _assets: @@ -127,7 +127,7 @@ class AssetPermissionUtil: assets = defaultdict(set) nodes = cls.get_user_nodes_direct(user) for node, _system_users in nodes.items(): - _assets = node.get_all_assets() + _assets = node.get_all_valid_assets() set_or_append_attr_bulk(_assets, 'inherit_node', node.id) set_or_append_attr_bulk(_assets, 'permission', getattr(node, 'permission', None)) for asset in _assets: @@ -180,10 +180,10 @@ class AssetPermissionUtil: assets = set() permissions = cls.get_system_user_permissions(system_user) for perm in permissions: - assets.update(set(perm.assets.all())) + assets.update(set(perm.assets.all().valid())) nodes = perm.nodes.all() for node in nodes: - assets.update(set(node.get_all_assets())) + assets.update(set(node.get_all_valid_assets())) return assets @classmethod @@ -243,7 +243,7 @@ class NodePermissionUtil: nodes_with_assets = dict() for node, system_users in nodes.items(): nodes_with_assets[node] = { - 'assets': node.get_active_assets(), + 'assets': node.get_valid_assets(), 'system_users': system_users } return nodes_with_assets @@ -274,7 +274,7 @@ class NodePermissionUtil: nodes_with_assets = dict() for node, system_users in nodes.items(): nodes_with_assets[node] = { - 'assets': node.get_active_assets(), + 'assets': node.get_valid_assets(), 'system_users': system_users } return nodes_with_assets diff --git a/utils/upgrade.sh b/utils/upgrade.sh index 878bf770a..e1cdabb76 100644 --- a/utils/upgrade.sh +++ b/utils/upgrade.sh @@ -1,24 +1,14 @@ #!/bin/bash -if [ ! -d "/opt/py3" ]; then -echo -e "\033[31m python3虚拟环境不是默认路径 \033[0m" -ps -ef | grep jumpserver/tmp/beat.pid | grep -v grep -if [ $? -ne 0 ] -then -echo -e "\033[31m jumpserver未运行,请到jumpserver目录使用 ./jms start all -d 启动 \033[0m" -exit 0 -else -echo -e "\033[31m 正在计算python3虚拟环境路径 \033[0m" -fi -py3pid=`ps -ef | grep jumpserver/tmp/beat.pid | grep -v grep | awk '{print $2}'` -py3file=`cat /proc/$py3pid/cmdline` -py3even=`echo ${py3file%/bin/python3*}` -echo -e "\033[31m python3虚拟环境路径为$py3even \033[0m" -source $py3even/bin/activate +if grep -q 'source ~/.autoenv/activate.sh' ~/.bashrc; then + echo -e "\033[31m 正在自动载入 python 环境 \033[0m" else -source /opt/py3/bin/activate + echo -e "\033[31m 不支持自动升级,请参考 http://docs.jumpserver.org/zh/docs/upgrade.html 手动升级 \033[0m" + exit 0 fi +source ~/.bashrc + cd `dirname $0`/ && cd .. && ./jms stop jumpserver_backup=/tmp/jumpserver_backup$(date -d "today" +"%Y%m%d_%H%M%S") @@ -29,21 +19,20 @@ echo -e "\033[31m 是否需要备份Jumpserver数据库 \033[0m" stty erase ^H read -p "确认备份请按Y,否则按其他键跳过备份 " a if [ "$a" == y -o "$a" == Y ];then -echo -e "\033[31m 正在备份数据库 \033[0m" -echo -e "\033[31m 请手动输入数据库信息 \033[0m" -read -p '请输入Jumpserver数据库ip:' DB_HOST -read -p '请输入Jumpserver数据库端口:' DB_PORT -read -p '请输入Jumpserver数据库名称:' DB_NAME -read -p '请输入有权限导出数据库的用户:' DB_USER -read -p '请输入该用户的密码:' DB_PASSWORD -mysqldump -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /$jumpserver_backup/$DB_NAME$(date -d "today" +"%Y%m%d_%H%M%S").sql || { -echo -e "\033[31m 备份数据库失败,请检查输入是否有误 \033[0m" -exit 1 -} -echo -e "\033[31m 备份数据库完成 \033[0m" - + echo -e "\033[31m 正在备份数据库 \033[0m" + echo -e "\033[31m 请手动输入数据库信息 \033[0m" + read -p '请输入Jumpserver数据库ip:' DB_HOST + read -p '请输入Jumpserver数据库端口:' DB_PORT + read -p '请输入Jumpserver数据库名称:' DB_NAME + read -p '请输入有权限导出数据库的用户:' DB_USER + read -p '请输入该用户的密码:' DB_PASSWORD + mysqldump -h$DB_HOST -P$DB_PORT -u$DB_USER -p$DB_PASSWORD $DB_NAME > /$jumpserver_backup/$DB_NAME$(date -d "today" +"%Y%m%d_%H%M%S").sql || { + echo -e "\033[31m 备份数据库失败,请检查输入是否有误 \033[0m" + exit 1 + } + echo -e "\033[31m 备份数据库完成 \033[0m" else -echo -e "\033[31m 已取消备份数据库操作 \033[0m" + echo -e "\033[31m 已取消备份数据库操作 \033[0m" fi git pull && pip install -r requirements/requirements.txt && cd utils && sh make_migrations.sh