mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-12-15 08:32:48 +00:00
Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
3689bc62ab | ||
|
1f1c1a9157 | ||
|
6c9d271ae1 | ||
|
6ff852e225 | ||
|
baa75dc735 | ||
|
|
8a9f0436b8 | ||
|
|
a9620a3cbe | ||
|
|
769e7dc8a0 | ||
|
|
2a70449411 | ||
|
|
8df720f19e | ||
|
|
dabbb45f6e | ||
|
|
ce24c1c3fd | ||
|
|
3c54c82ce9 |
@@ -55,7 +55,7 @@ def clean_historical_accounts():
|
|||||||
history_model = Account.history.model
|
history_model = Account.history.model
|
||||||
history_id_mapper = defaultdict(list)
|
history_id_mapper = defaultdict(list)
|
||||||
|
|
||||||
ids = history_model.objects.values('id').annotate(count=Count('id')) \
|
ids = history_model.objects.values('id').annotate(count=Count('id', distinct=True)) \
|
||||||
.filter(count__gte=limit).values_list('id', flat=True)
|
.filter(count__gte=limit).values_list('id', flat=True)
|
||||||
|
|
||||||
if not ids:
|
if not ids:
|
||||||
|
|||||||
@@ -58,7 +58,7 @@ class DomainListSerializer(DomainSerializer):
|
|||||||
@classmethod
|
@classmethod
|
||||||
def setup_eager_loading(cls, queryset):
|
def setup_eager_loading(cls, queryset):
|
||||||
queryset = queryset.annotate(
|
queryset = queryset.annotate(
|
||||||
assets_amount=Count('assets'),
|
assets_amount=Count('assets', distinct=True),
|
||||||
)
|
)
|
||||||
return queryset
|
return queryset
|
||||||
|
|
||||||
|
|||||||
@@ -206,7 +206,7 @@ class LabelFilterBackend(filters.BaseFilterBackend):
|
|||||||
resources = resources.filter(q) \
|
resources = resources.filter(q) \
|
||||||
.values('res_id') \
|
.values('res_id') \
|
||||||
.order_by('res_id') \
|
.order_by('res_id') \
|
||||||
.annotate(count=Count('res_id')) \
|
.annotate(count=Count('res_id', distinct=True)) \
|
||||||
.values('res_id', 'count') \
|
.values('res_id', 'count') \
|
||||||
.filter(count=len(args))
|
.filter(count=len(args))
|
||||||
return resources
|
return resources
|
||||||
|
|||||||
@@ -182,14 +182,14 @@ class DatesLoginMetricMixin:
|
|||||||
|
|
||||||
def get_dates_login_times_assets(self):
|
def get_dates_login_times_assets(self):
|
||||||
assets = self.sessions_queryset.values("asset") \
|
assets = self.sessions_queryset.values("asset") \
|
||||||
.annotate(total=Count("asset")) \
|
.annotate(total=Count("asset", distinct=True)) \
|
||||||
.annotate(last=Cast(Max("date_start"), output_field=CharField())) \
|
.annotate(last=Cast(Max("date_start"), output_field=CharField())) \
|
||||||
.order_by("-total")
|
.order_by("-total")
|
||||||
return list(assets[:10])
|
return list(assets[:10])
|
||||||
|
|
||||||
def get_dates_login_times_users(self):
|
def get_dates_login_times_users(self):
|
||||||
users = self.sessions_queryset.values("user_id") \
|
users = self.sessions_queryset.values("user_id") \
|
||||||
.annotate(total=Count("user_id")) \
|
.annotate(total=Count("user_id", distinct=True)) \
|
||||||
.annotate(user=Max('user')) \
|
.annotate(user=Max('user')) \
|
||||||
.annotate(last=Cast(Max("date_start"), output_field=CharField())) \
|
.annotate(last=Cast(Max("date_start"), output_field=CharField())) \
|
||||||
.order_by("-total")
|
.order_by("-total")
|
||||||
|
|||||||
@@ -8,7 +8,7 @@ __all__ = ['BASE_DIR', 'PROJECT_DIR', 'VERSION', 'CONFIG']
|
|||||||
|
|
||||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||||
PROJECT_DIR = os.path.dirname(BASE_DIR)
|
PROJECT_DIR = os.path.dirname(BASE_DIR)
|
||||||
VERSION = '2.0.0'
|
VERSION = 'v3.10.3'
|
||||||
CONFIG = ConfigManager.load_user_config()
|
CONFIG = ConfigManager.load_user_config()
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -34,7 +34,7 @@ class LabelSerializer(BulkOrgResourceModelSerializer):
|
|||||||
@classmethod
|
@classmethod
|
||||||
def setup_eager_loading(cls, queryset):
|
def setup_eager_loading(cls, queryset):
|
||||||
""" Perform necessary eager loading of data. """
|
""" Perform necessary eager loading of data. """
|
||||||
queryset = queryset.annotate(res_count=Count('labeled_resources'))
|
queryset = queryset.annotate(res_count=Count('labeled_resources', distinct=True))
|
||||||
return queryset
|
return queryset
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -246,6 +246,6 @@ class UsernameHintsAPI(APIView):
|
|||||||
.filter(username__icontains=query) \
|
.filter(username__icontains=query) \
|
||||||
.filter(asset__in=assets) \
|
.filter(asset__in=assets) \
|
||||||
.values('username') \
|
.values('username') \
|
||||||
.annotate(total=Count('username')) \
|
.annotate(total=Count('username', distinct=True)) \
|
||||||
.order_by('total', '-username')[:10]
|
.order_by('total', '-username')[:10]
|
||||||
return Response(data=top_accounts)
|
return Response(data=top_accounts)
|
||||||
|
|||||||
@@ -198,9 +198,9 @@ class AssetPermissionListSerializer(AssetPermissionSerializer):
|
|||||||
"""Perform necessary eager loading of data."""
|
"""Perform necessary eager loading of data."""
|
||||||
queryset = queryset \
|
queryset = queryset \
|
||||||
.prefetch_related('labels', 'labels__label') \
|
.prefetch_related('labels', 'labels__label') \
|
||||||
.annotate(users_amount=Count("users"),
|
.annotate(users_amount=Count("users", distinct=True),
|
||||||
user_groups_amount=Count("user_groups"),
|
user_groups_amount=Count("user_groups", distinct=True),
|
||||||
assets_amount=Count("assets"),
|
assets_amount=Count("assets", distinct=True),
|
||||||
nodes_amount=Count("nodes"),
|
nodes_amount=Count("nodes", distinct=True),
|
||||||
)
|
)
|
||||||
return queryset
|
return queryset
|
||||||
|
|||||||
@@ -80,9 +80,11 @@ class RoleViewSet(JMSModelViewSet):
|
|||||||
queryset = Role.objects.filter(id__in=ids).order_by(*self.ordering)
|
queryset = Role.objects.filter(id__in=ids).order_by(*self.ordering)
|
||||||
org_id = current_org.id
|
org_id = current_org.id
|
||||||
q = Q(role__scope=Role.Scope.system) | Q(role__scope=Role.Scope.org, org_id=org_id)
|
q = Q(role__scope=Role.Scope.system) | Q(role__scope=Role.Scope.org, org_id=org_id)
|
||||||
role_bindings = RoleBinding.objects.filter(q).values_list('role_id').annotate(user_count=Count('user_id'))
|
role_bindings = RoleBinding.objects.filter(q).values_list('role_id').annotate(
|
||||||
|
user_count=Count('user_id', distinct=True)
|
||||||
|
)
|
||||||
role_user_amount_mapper = {role_id: user_count for role_id, user_count in role_bindings}
|
role_user_amount_mapper = {role_id: user_count for role_id, user_count in role_bindings}
|
||||||
queryset = queryset.annotate(permissions_amount=Count('permissions'))
|
queryset = queryset.annotate(permissions_amount=Count('permissions', distinct=True))
|
||||||
queryset = list(queryset)
|
queryset = list(queryset)
|
||||||
for role in queryset:
|
for role in queryset:
|
||||||
role.users_amount = role_user_amount_mapper.get(role.id, 0)
|
role.users_amount = role_user_amount_mapper.get(role.id, 0)
|
||||||
|
|||||||
@@ -729,7 +729,7 @@ class JSONFilterMixin:
|
|||||||
|
|
||||||
bindings = RoleBinding.objects.filter(**kwargs, role__in=value)
|
bindings = RoleBinding.objects.filter(**kwargs, role__in=value)
|
||||||
if match == 'm2m_all':
|
if match == 'm2m_all':
|
||||||
user_id = bindings.values('user_id').annotate(count=Count('user_id')) \
|
user_id = bindings.values('user_id').annotate(count=Count('user_id', distinct=True)) \
|
||||||
.filter(count=len(value)).values_list('user_id', flat=True)
|
.filter(count=len(value)).values_list('user_id', flat=True)
|
||||||
else:
|
else:
|
||||||
user_id = bindings.values_list('user_id', flat=True)
|
user_id = bindings.values_list('user_id', flat=True)
|
||||||
|
|||||||
@@ -46,7 +46,7 @@ class UserGroupSerializer(ResourceLabelsMixin, BulkOrgResourceModelSerializer):
|
|||||||
def setup_eager_loading(cls, queryset):
|
def setup_eager_loading(cls, queryset):
|
||||||
""" Perform necessary eager loading of data. """
|
""" Perform necessary eager loading of data. """
|
||||||
queryset = queryset.prefetch_related('labels', 'labels__label') \
|
queryset = queryset.prefetch_related('labels', 'labels__label') \
|
||||||
.annotate(users_amount=Count('users', filter=Q(users__is_service_account=False)))
|
.annotate(users_amount=Count('users', distinct=True, filter=Q(users__is_service_account=False)))
|
||||||
return queryset
|
return queryset
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -86,7 +86,7 @@ def check_user_expired_periodic():
|
|||||||
@tmp_to_root_org()
|
@tmp_to_root_org()
|
||||||
def check_unused_users():
|
def check_unused_users():
|
||||||
uncommon_users_ttl = settings.SECURITY_UNCOMMON_USERS_TTL
|
uncommon_users_ttl = settings.SECURITY_UNCOMMON_USERS_TTL
|
||||||
if not uncommon_users_ttl or not uncommon_users_ttl.isdigit():
|
if not uncommon_users_ttl:
|
||||||
return
|
return
|
||||||
|
|
||||||
uncommon_users_ttl = int(uncommon_users_ttl)
|
uncommon_users_ttl = int(uncommon_users_ttl)
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
[tool.poetry]
|
[tool.poetry]
|
||||||
name = "jumpserver"
|
name = "jumpserver"
|
||||||
version = "v3.9"
|
version = "v3.10.3"
|
||||||
description = "广受欢迎的开源堡垒机"
|
description = "广受欢迎的开源堡垒机"
|
||||||
authors = ["ibuler <ibuler@qq.com>"]
|
authors = ["ibuler <ibuler@qq.com>"]
|
||||||
license = "GPLv3"
|
license = "GPLv3"
|
||||||
|
|||||||
@@ -1,13 +1,12 @@
|
|||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
#
|
#
|
||||||
import os
|
import os
|
||||||
import sys
|
|
||||||
import signal
|
import signal
|
||||||
import subprocess
|
import subprocess
|
||||||
|
import sys
|
||||||
|
|
||||||
import redis_lock
|
import redis_lock
|
||||||
|
from redis import Redis, Sentinel, ConnectionPool
|
||||||
from redis import Redis, Sentinel
|
|
||||||
|
|
||||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||||
APPS_DIR = os.path.join(BASE_DIR, 'apps')
|
APPS_DIR = os.path.join(BASE_DIR, 'apps')
|
||||||
@@ -50,9 +49,15 @@ if REDIS_SENTINEL_SERVICE_NAME and REDIS_SENTINELS:
|
|||||||
)
|
)
|
||||||
redis_client = sentinel_client.master_for(REDIS_SENTINEL_SERVICE_NAME)
|
redis_client = sentinel_client.master_for(REDIS_SENTINEL_SERVICE_NAME)
|
||||||
else:
|
else:
|
||||||
connection_params['host'] = settings.REDIS_HOST
|
REDIS_PROTOCOL = 'rediss' if settings.REDIS_USE_SSL else 'redis'
|
||||||
connection_params['port'] = settings.REDIS_PORT
|
REDIS_LOCATION_NO_DB = '%(protocol)s://:%(password)s@%(host)s:%(port)s' % {
|
||||||
redis_client = Redis(**connection_params)
|
'protocol': REDIS_PROTOCOL,
|
||||||
|
'password': settings.REDIS_PASSWORD,
|
||||||
|
'host': settings.REDIS_HOST,
|
||||||
|
'port': settings.REDIS_PORT,
|
||||||
|
}
|
||||||
|
pool = ConnectionPool.from_url(REDIS_LOCATION_NO_DB, **connection_params)
|
||||||
|
redis_client = Redis(connection_pool=pool)
|
||||||
|
|
||||||
scheduler = "ops.celery.beat.schedulers:DatabaseScheduler"
|
scheduler = "ops.celery.beat.schedulers:DatabaseScheduler"
|
||||||
processes = []
|
processes = []
|
||||||
|
|||||||
Reference in New Issue
Block a user