fix(common) 修复管理员未设置Email主题前缀导致发送邮件失败的问题

- 更新了 jms-storage版本依赖

.github/workflows/jms-generic-action-handler.yml

@@ -0,0 +1,12 @@
+on: [push, pull_request, release]
+
+name: JumpServer repos generic handler
+
+jobs:
+  generic_handler:
+    name: Run generic handler
+    runs-on: ubuntu-latest
+    steps:
+      - uses: jumpserver/action-generic-handler@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.PRIVATE_TOKEN }}

Dockerfile

@@ -9,18 +9,23 @@ RUN cd utils && bash -ixeu build.sh
 
 
 FROM registry.fit2cloud.com/public/python:v3
+ARG PIP_MIRROR=https://pypi.douban.com/simple
+ENV PIP_MIRROR=$PIP_MIRROR
+ARG MYSQL_MIRROR=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql57-community-el6/
+ENV MYSQL_MIRROR=$MYSQL_MIRROR
+
 WORKDIR /opt/jumpserver
-COPY --from=stage-build /opt/jumpserver/release/jumpserver /opt/jumpserver
 
+COPY ./requirements ./requirements
 RUN useradd jumpserver
-
 RUN yum -y install epel-release && \
-      echo -e "[mysql]\nname=mysql\nbaseurl=https://mirrors.tuna.tsinghua.edu.cn/mysql/yum/mysql57-community-el6/\ngpgcheck=0\nenabled=1" > /etc/yum.repos.d/mysql.repo
+      echo -e "[mysql]\nname=mysql\nbaseurl=${MYSQL_MIRROR}\ngpgcheck=0\nenabled=1" > /etc/yum.repos.d/mysql.repo
-
-COPY . .
 RUN yum -y install $(cat requirements/rpm_requirements.txt)
-RUN pip install --upgrade pip setuptools && pip install wheel && \
+RUN pip install --upgrade pip setuptools==49.6.0 wheel -i ${PIP_MIRROR} && \
-    pip install -i https://pypi.tuna.tsinghua.edu.cn/simple -r requirements/requirements.txt || pip install -r requirements/requirements.txt
+    pip config set global.index-url ${PIP_MIRROR}
+RUN pip install -r requirements/requirements.txt || pip install -r requirements/requirements.txt
+
+COPY --from=stage-build /opt/jumpserver/release/jumpserver /opt/jumpserver
 RUN mkdir -p /root/.ssh/ && echo -e "Host *\n\tStrictHostKeyChecking no\n\tUserKnownHostsFile /dev/null" > /root/.ssh/config
 
 RUN echo > config.yml

apps/authentication/backends/radius.py

@@ -1,11 +1,11 @@
 # -*- coding: utf-8 -*-
 #
+import traceback
 
 from django.contrib.auth import get_user_model
 from radiusauth.backends import RADIUSBackend, RADIUSRealmBackend
 from django.conf import settings
 
-from pyrad.packet import AccessRequest
 
 User = get_user_model()
 
@@ -27,11 +27,22 @@ class CreateUserMixin:
             user.save()
         return user
 
+    def _perform_radius_auth(self, client, packet):
+        # TODO: 等待官方库修复这个BUG
+        try:
+            return super()._perform_radius_auth(client, packet)
+        except UnicodeError as e:
+            import sys
+            tb = ''.join(traceback.format_exception(*sys.exc_info(), limit=2, chain=False))
+            if tb.find("cl.decode") != -1:
+                return [], False, False
+            return None
+
     def authenticate(self, *args, **kwargs):
         # 校验用户时，会传入public_key参数，父类authentication中不接受public_key参数，所以要pop掉
         # TODO:需要优化各backend的authenticate方法，django进行调用前会检测各authenticate的参数
         kwargs.pop('public_key', None)
-        return super().authenticate(*args, *kwargs)
+        return super().authenticate(*args, **kwargs)
 
 
 class RadiusBackend(CreateUserMixin, RADIUSBackend):

apps/common/drf/parsers/csv.py

@@ -47,9 +47,9 @@ class JMSCSVParser(BaseParser):
             yield row
 
     @staticmethod
-    def _get_fields_map(serializer):
+    def _get_fields_map(serializer_cls):
         fields_map = {}
-        fields = serializer.fields
+        fields = serializer_cls().fields
         fields_map.update({v.label: k for k, v in fields.items()})
         fields_map.update({k: k for k, _ in fields.items()})
         return fields_map
@@ -101,7 +101,7 @@ class JMSCSVParser(BaseParser):
         try:
             view = parser_context['view']
             meta = view.request.META
-            serializer = view.get_serializer()
+            serializer_cls = view.get_serializer_class()
         except Exception as e:
             logger.debug(e, exc_info=True)
             raise ParseError('The resource does not support imports!')
@@ -121,7 +121,7 @@ class JMSCSVParser(BaseParser):
             rows = self._gen_rows(binary, charset=encoding)
 
             header = next(rows)
-            fields_map = self._get_fields_map(serializer)
+            fields_map = self._get_fields_map(serializer_cls)
             header = [fields_map.get(name.strip('*'), '') for name in header]
 
             data = []

apps/common/tasks.py

@@ -24,7 +24,7 @@ def send_mail_async(*args, **kwargs):
     """
     if len(args) == 3:
         args = list(args)
-        args[0] = settings.EMAIL_SUBJECT_PREFIX + args[0]
+        args[0] = (settings.EMAIL_SUBJECT_PREFIX or '') + args[0]
         email_from = settings.EMAIL_FROM or settings.EMAIL_HOST_USER
         args.insert(2, email_from)
         args = tuple(args)

apps/jumpserver/conf.py

@@ -242,7 +242,7 @@ class Config(dict):
         'HTTP_BIND_HOST': '0.0.0.0',
         'HTTP_LISTEN_PORT': 8080,
         'WS_LISTEN_PORT': 8070,
-        'LOGIN_LOG_KEEP_DAYS': 90,
+        'LOGIN_LOG_KEEP_DAYS': 9999,
         'TASK_LOG_KEEP_DAYS': 10,
         'ASSETS_PERM_CACHE_TIME': 3600 * 24,
         'SECURITY_MFA_VERIFY_TTL': 3600,

apps/jumpserver/settings/auth.py

@@ -92,6 +92,7 @@ CAS_LOGGED_MSG = None
 CAS_LOGOUT_COMPLETELY = CONFIG.CAS_LOGOUT_COMPLETELY
 CAS_VERSION = CONFIG.CAS_VERSION
 CAS_ROOT_PROXIED_AS = CONFIG.CAS_ROOT_PROXIED_AS
+CAS_CHECK_NEXT = lambda: lambda _next_page: True
 
 
 # Other setting

apps/perms/api/mixin.py

@@ -21,7 +21,7 @@ class UserPermissionMixin:
     obj = None
 
     def initial(self, *args, **kwargs):
-        super().initial(*args, *kwargs)
+        super().initial(*args, **kwargs)
         self.obj = self.get_obj()
 
     def get_obj(self):

requirements/requirements.txt

@@ -61,7 +61,7 @@ pytz==2018.3
 PyYAML==5.1
 redis==3.2.0
 requests==2.22.0
-jms-storage==0.0.29
+jms-storage==0.0.31
 s3transfer==0.3.3
 simplejson==3.13.2
 six==1.11.0