diff --git a/apps/assets/models/authbook.py b/apps/assets/models/authbook.py index 991729250..0243b43fb 100644 --- a/apps/assets/models/authbook.py +++ b/apps/assets/models/authbook.py @@ -60,10 +60,6 @@ class AuthBook(AssetUser): self.version = 1 self.save() - def set_version_and_latest(self): - self.set_version() - self.set_to_latest() - def get_related_assets(self): return [self.asset] diff --git a/apps/assets/serializers/asset_user.py b/apps/assets/serializers/asset_user.py index 18b5ea982..1e05b8f5b 100644 --- a/apps/assets/serializers/asset_user.py +++ b/apps/assets/serializers/asset_user.py @@ -53,7 +53,7 @@ class AssetUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer): if not validated_data.get("name") and validated_data.get("username"): validated_data["name"] = validated_data["username"] instance = AssetUserManager.create(**validated_data) - instance.set_version_and_latest() + instance.set_to_latest() return instance diff --git a/apps/assets/signals_handler.py b/apps/assets/signals_handler.py index ea5f8f4ad..594da38b7 100644 --- a/apps/assets/signals_handler.py +++ b/apps/assets/signals_handler.py @@ -9,7 +9,7 @@ from django.dispatch import receiver from common.utils import get_logger, timeit from common.decorator import on_transaction_commit -from .models import Asset, SystemUser, Node +from .models import Asset, SystemUser, Node, AuthBook from .tasks import ( update_assets_hardware_info_util, test_asset_connectivity_util, @@ -189,3 +189,9 @@ def on_asset_nodes_remove(sender, instance=None, action='', model=None, def on_node_update_or_created(sender, **kwargs): # 刷新节点 Node.refresh_nodes() + + +@receiver(post_save, sender=AuthBook) +def on_authbook_created(sender, instance=None, created=True, **kwargs): + if created and instance: + instance.set_version() diff --git a/apps/assets/templates/assets/_asset_list_modal.html b/apps/assets/templates/assets/_asset_list_modal.html index 8d8c3f0ba..4c6eb7199 100644 --- a/apps/assets/templates/assets/_asset_list_modal.html +++ b/apps/assets/templates/assets/_asset_list_modal.html @@ -25,7 +25,7 @@
-
+
diff --git a/apps/assets/templates/assets/_node_tree.html b/apps/assets/templates/assets/_node_tree.html index c76d3d685..803c29c13 100644 --- a/apps/assets/templates/assets/_node_tree.html +++ b/apps/assets/templates/assets/_node_tree.html @@ -32,8 +32,7 @@ } - -
+
@@ -306,6 +305,7 @@ function defaultCallback(action) { $(document).ready(function () { + $('.treebox').css('height', window.innerHeight - 180); }) .on('click', '.btn-show-current-asset', function(){ hideRMenu(); @@ -322,4 +322,4 @@ $(document).ready(function () { location.reload(); }) - \ No newline at end of file + diff --git a/apps/jumpserver/conf.py b/apps/jumpserver/conf.py index 936158bd8..9cacd465c 100644 --- a/apps/jumpserver/conf.py +++ b/apps/jumpserver/conf.py @@ -396,7 +396,8 @@ defaults = { 'DEFAULT_ORG_SHOW_ALL_USERS': True, 'PERIOD_TASK_ENABLE': True, 'FORCE_SCRIPT_NAME': '', - 'LOGIN_CONFIRM_ENABLE': False + 'LOGIN_CONFIRM_ENABLE': False, + 'WINDOWS_SKIP_ALL_MANUAL_PASSWORD': False, } diff --git a/apps/ops/models/adhoc.py b/apps/ops/models/adhoc.py index 6cc802488..b9c1c4a74 100644 --- a/apps/ops/models/adhoc.py +++ b/apps/ops/models/adhoc.py @@ -242,6 +242,7 @@ class AdHoc(models.Model): except AttributeError: hid = str(uuid.uuid4()) history = AdHocRunHistory(id=hid, adhoc=self, task=self.task) + history.save() time_start = time.time() date_start = timezone.now() is_success = False diff --git a/apps/settings/api.py b/apps/settings/api.py index 22a295b68..426cdf76d 100644 --- a/apps/settings/api.py +++ b/apps/settings/api.py @@ -12,11 +12,14 @@ from django.conf import settings from django.core.mail import send_mail from django.utils.translation import ugettext_lazy as _ -from .models import Setting -from .utils import LDAPUtil from common.permissions import IsOrgAdmin, IsSuperUser from common.utils import get_logger -from .serializers import MailTestSerializer, LDAPTestSerializer, LDAPUserSerializer +from .models import Setting +from .utils import LDAPUtil +from .serializers import ( + MailTestSerializer, LDAPTestSerializer, LDAPUserSerializer, + PublicSettingSerializer, +) logger = get_logger(__file__) @@ -245,3 +248,19 @@ class CommandStorageDeleteAPI(APIView): storage_name = str(request.data.get('name')) Setting.delete_storage('TERMINAL_COMMAND_STORAGE', storage_name) return Response({"msg": _('Delete succeed')}, status=200) + + +class PublicSettingApi(generics.RetrieveAPIView): + permission_classes = () + serializer_class = PublicSettingSerializer + + def get_object(self): + c = settings.CONFIG + instance = { + "data": { + "WINDOWS_SKIP_ALL_MANUAL_PASSWORD": c.WINDOWS_SKIP_ALL_MANUAL_PASSWORD + } + } + return instance + + diff --git a/apps/settings/serializers.py b/apps/settings/serializers.py index eb8a61679..f29b514d7 100644 --- a/apps/settings/serializers.py +++ b/apps/settings/serializers.py @@ -28,3 +28,6 @@ class LDAPUserSerializer(serializers.Serializer): email = serializers.CharField() existing = serializers.BooleanField(read_only=True) + +class PublicSettingSerializer(serializers.Serializer): + data = serializers.DictField(read_only=True) diff --git a/apps/settings/urls/api_urls.py b/apps/settings/urls/api_urls.py index bc2e4731f..026598206 100644 --- a/apps/settings/urls/api_urls.py +++ b/apps/settings/urls/api_urls.py @@ -15,4 +15,5 @@ urlpatterns = [ path('terminal/replay-storage/delete/', api.ReplayStorageDeleteAPI.as_view(), name='replay-storage-delete'), path('terminal/command-storage/create/', api.CommandStorageCreateAPI.as_view(), name='command-storage-create'), path('terminal/command-storage/delete/', api.CommandStorageDeleteAPI.as_view(), name='command-storage-delete'), + path('public/', api.PublicSettingApi.as_view(), name='public-setting'), ] diff --git a/apps/users/forms.py b/apps/users/forms.py index 98d7c9e09..649f66ab9 100644 --- a/apps/users/forms.py +++ b/apps/users/forms.py @@ -2,6 +2,7 @@ from django import forms from django.utils.translation import gettext_lazy as _ +from django.conf import settings from common.utils import validate_ssh_public_key from orgs.mixins.forms import OrgModelForm @@ -21,6 +22,20 @@ class UserCheckOtpCodeForm(forms.Form): otp_code = forms.CharField(label=_('MFA code'), max_length=6) +def get_source_choices(): + choices_all = dict(User.SOURCE_CHOICES) + choices = [ + (User.SOURCE_LOCAL, choices_all[User.SOURCE_LOCAL]), + ] + if settings.AUTH_LDAP: + choices.append((User.SOURCE_LDAP, choices_all[User.SOURCE_LDAP])) + if settings.AUTH_OPENID: + choices.append((User.SOURCE_OPENID, choices_all[User.SOURCE_OPENID])) + if settings.AUTH_RADIUS: + choices.append((User.SOURCE_RADIUS, choices_all[User.SOURCE_RADIUS])) + return choices + + class UserCreateUpdateFormMixin(OrgModelForm): role_choices = ((i, n) for i, n in User.ROLE_CHOICES if i != User.ROLE_APP) password = forms.CharField( @@ -31,6 +46,10 @@ class UserCreateUpdateFormMixin(OrgModelForm): choices=role_choices, required=True, initial=User.ROLE_USER, label=_("Role") ) + source = forms.ChoiceField( + choices=get_source_choices, required=True, + initial=User.SOURCE_LOCAL, label=_("Source") + ) public_key = forms.CharField( label=_('ssh public key'), max_length=5000, required=False, widget=forms.Textarea(attrs={'placeholder': _('ssh-rsa AAAA...')}), @@ -41,7 +60,8 @@ class UserCreateUpdateFormMixin(OrgModelForm): model = User fields = [ 'username', 'name', 'email', 'groups', 'wechat', - 'phone', 'role', 'date_expired', 'comment', 'otp_level' + 'source', 'phone', 'role', 'date_expired', + 'comment', 'otp_level' ] widgets = { 'otp_level': forms.RadioSelect(), diff --git a/apps/users/serializers/group.py b/apps/users/serializers/group.py index e48b23070..c817de289 100644 --- a/apps/users/serializers/group.py +++ b/apps/users/serializers/group.py @@ -66,3 +66,4 @@ class UserGroupUpdateMemberSerializer(serializers.ModelSerializer): def set_fields_queryset(self): users_field = self.fields['users'] users_field.child_relation.queryset = utils.get_current_org_members() + diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py index 16e2fc0b8..7e25112d6 100644 --- a/apps/users/serializers/user.py +++ b/apps/users/serializers/user.py @@ -43,7 +43,6 @@ class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer): 'is_valid': {'label': _('Is valid')}, 'is_expired': {'label': _('Is expired')}, 'avatar_url': {'label': _('Avatar url')}, - 'source': {'read_only': True}, 'created_by': {'read_only': True, 'allow_blank': True}, 'can_update': {'read_only': True}, 'can_delete': {'read_only': True}, diff --git a/apps/users/templates/users/_user.html b/apps/users/templates/users/_user.html index 018a165fa..427f8258b 100644 --- a/apps/users/templates/users/_user.html +++ b/apps/users/templates/users/_user.html @@ -21,6 +21,7 @@

{% trans 'Auth' %}

{% block password %}{% endblock %} {% bootstrap_field form.otp_level layout="horizontal" %} + {% bootstrap_field form.source layout="horizontal" %}

{% trans 'Security and Role' %}