feat: Update v3.5.1

Co-authored-by: feng <1304903146@qq.com>

GITSHA

@@ -0,0 +1 @@
+fcfd7bb469b89c09ec8ed90ef0257266bb63a557

apps/accounts/automations/change_secret/host/aix/main.yml

@@ -4,6 +4,26 @@
     - name: Test privileged account
       ansible.builtin.ping:
 
+    - name: Check user
+      ansible.builtin.user:
+        name: "{{ account.username }}"
+        shell: "{{ params.shell }}"
+        home: "{{ params.home | default('/home/' + account.username, true) }}"
+        groups: "{{ params.groups }}"
+        expires: -1
+        state: present
+
+    - name: "Add {{ account.username }} group"
+      ansible.builtin.group:
+        name: "{{ account.username }}"
+        state: present
+
+    - name: Add user groups
+      ansible.builtin.user:
+        name: "{{ account.username }}"
+        groups: "{{ params.groups }}"
+      when: params.groups
+
     - name: Change password
       ansible.builtin.user:
         name: "{{ account.username }}"
@@ -23,8 +43,8 @@
         regexp: "{{ ssh_params.regexp }}"
         state: absent
       when:
-      - account.secret_type == "ssh_key"
-      - ssh_params.strategy == "set_jms"
+        - account.secret_type == "ssh_key"
+        - ssh_params.strategy == "set_jms"
 
     - name: Change SSH key
       ansible.builtin.authorized_key:

apps/accounts/automations/change_secret/host/aix/manifest.yml

@@ -5,12 +5,6 @@ type:
   - AIX
 method: change_secret
 params:
-  - name: sudo
-    type: str
-    label: 'Sudo'
-    default: '/bin/whoami'
-    help_text: "{{ 'Params sudo help text' | trans }}"
-
   - name: shell
     type: str
     label: 'Shell'

apps/accounts/automations/change_secret/host/posix/main.yml

@@ -53,16 +53,6 @@
         exclusive: "{{ ssh_params.exclusive }}"
       when: account.secret_type == "ssh_key"
 
-    - name: Set sudo setting
-      ansible.builtin.lineinfile:
-        dest: /etc/sudoers
-        state: present
-        regexp: "^{{ account.username }} ALL="
-        line: "{{ account.username + ' ALL=(ALL) NOPASSWD: ' + params.sudo }}"
-        validate: visudo -cf %s
-      when:
-        - params.sudo
-
     - name: Refresh connection
       ansible.builtin.meta: reset_connection
 

apps/accounts/automations/change_secret/host/posix/manifest.yml

@@ -6,12 +6,6 @@ type:
   - linux
 method: change_secret
 params:
-  - name: sudo
-    type: str
-    label: 'Sudo'
-    default: '/bin/whoami'
-    help_text: "{{ 'Params sudo help text' | trans }}"
-
   - name: shell
     type: str
     label: 'Shell'

apps/assets/serializers/asset/common.py

@@ -157,6 +157,8 @@ class AssetSerializer(BulkOrgResourceModelSerializer, WritableNestedModelSeriali
     def _extract_accounts(self):
         if not getattr(self, 'initial_data', None):
             return
+        if isinstance(self.initial_data, list):
+            return
         accounts = self.initial_data.pop('accounts', None)
         self._accounts = accounts
 

apps/authentication/api/connection_token.py

@@ -306,9 +306,6 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
 
         if account.username != AliasAccount.INPUT:
             data['input_username'] = ''
-        elif account.username == AliasAccount.USER:
-            data['input_username'] = user.username
-
         ticket = self._validate_acl(user, asset, account)
         if ticket:
             data['from_ticket'] = ticket

apps/authentication/models/connection_token.py

@@ -225,9 +225,20 @@ class ConnectionToken(JMSOrgBaseModel):
             account.asset = self.asset
             account.org_id = self.asset.org_id
 
-            if self.account in [AliasAccount.INPUT, AliasAccount.USER]:
+            # 手动账号
+            if self.account == AliasAccount.INPUT:
                 account.username = self.input_username
                 account.secret = self.input_secret
+
+            # 同名账号
+            elif self.account == AliasAccount.USER:
+                account.username = self.user.username
+                account.secret = self.input_secret
+
+            # 匿名账号
+            elif self.account == AliasAccount.ANON:
+                account.username = ''
+                account.secret = ''
         else:
             account = self.asset.accounts.filter(name=self.account).first()
             if not account.secret and self.input_secret:

apps/locale/ja/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2023-07-20 18:40+0800\n"
+"POT-Creation-Date: 2023-07-26 19:26+0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -646,7 +646,7 @@ msgstr "アカウントはすでに存在しています"
 msgid "ID"
 msgstr "ID"
 
-#: accounts/serializers/account/account.py:427 acls/serializers/base.py:116
+#: accounts/serializers/account/account.py:430 acls/serializers/base.py:116
 #: assets/models/cmd_filter.py:24 assets/models/label.py:16 audits/models.py:49
 #: audits/models.py:85 audits/models.py:163
 #: authentication/models/connection_token.py:32
@@ -664,7 +664,7 @@ msgstr "ID"
 msgid "User"
 msgstr "ユーザー"
 
-#: accounts/serializers/account/account.py:428
+#: accounts/serializers/account/account.py:431
 #: authentication/templates/authentication/_access_key_modal.html:33
 #: terminal/notifications.py:158 terminal/notifications.py:207
 msgid "Date"

apps/locale/zh/LC_MESSAGES/django.mo

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1b88bc1c5216d7cfc2b0a72d889198bcab84ddd40dd3f5a13a5662dfcf8170ee
+oid sha256:5a68f334539c7511584c11770699829dc709c7e1b453365964a3b3852d5edf92
 size 121846

apps/locale/zh/LC_MESSAGES/django.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: JumpServer 0.3.3\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2023-07-20 18:40+0800\n"
+"POT-Creation-Date: 2023-07-26 19:26+0800\n"
 "PO-Revision-Date: 2021-05-20 10:54+0800\n"
 "Last-Translator: ibuler <ibuler@qq.com>\n"
 "Language-Team: JumpServer team<ibuler@qq.com>\n"
@@ -642,7 +642,7 @@ msgstr "账号已存在"
 msgid "ID"
 msgstr "ID"
 
-#: accounts/serializers/account/account.py:427 acls/serializers/base.py:116
+#: accounts/serializers/account/account.py:430 acls/serializers/base.py:116
 #: assets/models/cmd_filter.py:24 assets/models/label.py:16 audits/models.py:49
 #: audits/models.py:85 audits/models.py:163
 #: authentication/models/connection_token.py:32
@@ -660,7 +660,7 @@ msgstr "ID"
 msgid "User"
 msgstr "用户"
 
-#: accounts/serializers/account/account.py:428
+#: accounts/serializers/account/account.py:431
 #: authentication/templates/authentication/_access_key_modal.html:33
 #: terminal/notifications.py:158 terminal/notifications.py:207
 msgid "Date"
@@ -4798,7 +4798,7 @@ msgid ""
 "Session, record, command will be delete if more than duration, only in "
 "database, OSS will not be affected."
 msgstr ""
-"会话、录像，命令记录超过该时长将会被洲除（影响数据库存備，OSS 等不受影响）"
+"会话、录像，命令记录超过该时长将会被清除（影响数据库存储，OSS 等不受影响）"
 
 #: settings/serializers/cleaning.py:36
 msgid "Activity log keep days (day)"