perf: try to decrypt then origin value

fix: Ensure command arguments are safely quoted in safe_run_cmd
Update base.py
2025-12-15 00:25:16 +00:00 · 2025-08-29 11:00:19 +08:00 · 2025-08-28 14:14:36 +08:00 · 2025-08-21 22:05:51 +08:00
4 changed files with 10 additions and 11 deletions
--- a/apps/audits/tasks.py
+++ b/apps/audits/tasks.py
@@ -2,15 +2,14 @@
 #
 import datetime
 import os
-import subprocess

 from celery import shared_task
 from django.conf import settings
 from django.core.files.storage import default_storage
 from django.db import transaction
 from django.utils import timezone
-from django.utils.translation import gettext_lazy as _
 from django.utils._os import safe_join
+from django.utils.translation import gettext_lazy as _

 from common.const.crontab import CRONTAB_AT_AM_TWO
 from common.storage.ftp_file import FTPFileStorageHandler
@@ -79,7 +78,7 @@ def clean_celery_tasks_period():
    command = "find %s -mtime +%s -name '*.log' -type f -exec rm -f {} \\;"
    safe_run_cmd(command, (settings.CELERY_LOG_DIR, expire_days))
    celery_log_path = safe_join(settings.LOG_DIR, 'celery.log')
-    command = "echo > {}".format(celery_log_path)
+    command = "echo > %s"
    safe_run_cmd(command, (celery_log_path,))


--- a/apps/common/db/fields.py
+++ b/apps/common/db/fields.py
@@ -144,6 +144,10 @@ class EncryptMixin:
            return value

        plain_value = Encryptor(value).decrypt()
+
+        # 如果解密失败，则使用原来的值
+        if not plain_value:
+            plain_value = value
        # 可能和Json mix，所以要先解密，再json
        sp = super()
        if hasattr(sp, "from_db_value"):
@@ -166,9 +170,6 @@ class EncryptMixin:
 class EncryptTextField(EncryptMixin, models.TextField):
    description = _("Encrypt field using Secret Key")

-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-

 class EncryptCharField(EncryptMixin, models.CharField):
    @staticmethod
--- a/apps/common/utils/safe.py
+++ b/apps/common/utils/safe.py
@@ -1,9 +1,8 @@
-import re
-import subprocess
 import shlex
+import subprocess


 def safe_run_cmd(cmd_str, cmd_args=(), shell=True):
-    cmd_args = [shlex.quote(arg) for arg in cmd_args]
+    cmd_args = [shlex.quote(str(arg)) for arg in cmd_args]
    cmd = cmd_str % tuple(cmd_args)
-    return subprocess.run(cmd, shell=shell)
+    return subprocess.run(cmd, shell=shell)
--- a/apps/jumpserver/settings/base.py
+++ b/apps/jumpserver/settings/base.py
@@ -87,7 +87,7 @@ ALLOWED_DOMAINS.extend(DEBUG_HOST_PORTS)
 # for host in ALLOWED_DOMAINS:
 #     print('  - ' + host.lstrip('.'))

-ALLOWED_HOSTS = []
+ALLOWED_HOSTS = ['*']

 # https://docs.djangoproject.com/en/4.1/ref/settings/#std-setting-CSRF_TRUSTED_ORIGINS
 CSRF_TRUSTED_ORIGINS = []
Author	SHA1	Message	Date
ibuler	000bb100cd	perf: try to decrypt then origin value	2025-08-29 11:00:19 +08:00
wangruidong	36f3071eed	fix: Ensure command arguments are safely quoted in safe_run_cmd	2025-08-28 14:14:36 +08:00
老广	15259fc10c	Update base.py	2025-08-21 22:05:51 +08:00