Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
0798e3c4
Unverified
Commit
0798e3c4
authored
Dec 25, 2018
by
老广
Committed by
GitHub
Dec 25, 2018
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #2266 from jumpserver/dev
Dev
parents
67b21f04
a9900987
Hide whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
106 additions
and
33 deletions
+106
-33
domain.py
apps/assets/forms/domain.py
+9
-0
label.py
apps/assets/forms/label.py
+9
-0
tasks.py
apps/assets/tasks.py
+9
-3
domain_create_update.html
apps/assets/templates/assets/domain_create_update.html
+12
-1
label_create_update.html
apps/assets/templates/assets/label_create_update.html
+12
-0
forms.py
apps/common/forms.py
+18
-26
conf.py
apps/jumpserver/conf.py
+10
-0
forms.py
apps/perms/forms.py
+10
-0
asset_permission_create_update.html
...perms/templates/perms/asset_permission_create_update.html
+13
-1
jumpserver.js
apps/static/js/jumpserver.js
+2
-0
terminal.py
apps/terminal/api/v1/terminal.py
+1
-1
user.py
apps/users/api/user.py
+1
-1
No files found.
apps/assets/forms/domain.py
View file @
0798e3c4
...
...
@@ -28,6 +28,15 @@ class DomainForm(forms.ModelForm):
initial
[
'assets'
]
=
kwargs
[
'instance'
]
.
assets
.
all
()
super
()
.
__init__
(
*
args
,
**
kwargs
)
# 前端渲染优化, 防止过多资产
assets_field
=
self
.
fields
.
get
(
'assets'
)
if
not
self
.
data
:
instance
=
kwargs
.
get
(
'instance'
)
if
instance
:
assets_field
.
queryset
=
instance
.
assets
.
all
()
else
:
assets_field
.
queryset
=
Asset
.
objects
.
none
()
def
save
(
self
,
commit
=
True
):
instance
=
super
()
.
save
(
commit
=
commit
)
assets
=
self
.
cleaned_data
[
'assets'
]
...
...
apps/assets/forms/label.py
View file @
0798e3c4
...
...
@@ -26,6 +26,15 @@ class LabelForm(forms.ModelForm):
initial
[
'assets'
]
=
kwargs
[
'instance'
]
.
assets
.
all
()
super
()
.
__init__
(
*
args
,
**
kwargs
)
# 前端渲染优化, 防止过多资产
assets_field
=
self
.
fields
.
get
(
'assets'
)
if
not
self
.
data
:
instance
=
kwargs
.
get
(
'instance'
)
if
instance
:
assets_field
.
queryset
=
instance
.
assets
.
all
()
else
:
assets_field
.
queryset
=
Asset
.
objects
.
none
()
def
save
(
self
,
commit
=
True
):
label
=
super
()
.
save
(
commit
=
commit
)
assets
=
self
.
cleaned_data
[
'assets'
]
...
...
apps/assets/tasks.py
View file @
0798e3c4
# ~*~ coding: utf-8 ~*~
import
json
import
re
import
time
import
os
from
celery
import
shared_task
from
django.utils.translation
import
ugettext
as
_
from
django.core.cache
import
cache
from
common.utils
import
capacity_convert
,
\
sum_capacity
,
encrypt_password
,
get_logger
from
ops.celery.utils
import
register_as_period_task
,
after_app_shutdown_clean
,
\
after_app_ready_start
from
orgs.utils
import
set_to_root_org
from
ops.celery.utils
import
register_as_period_task
,
after_app_shutdown_clean
from
.models
import
SystemUser
,
AdminUser
,
Asset
from
.
import
const
...
...
@@ -211,6 +211,12 @@ def test_admin_user_connectivity_period():
"""
A period task that update the ansible task period
"""
key
=
'_JMS_TEST_ADMIN_USER_CONNECTIVITY_PERIOD'
prev_execute_time
=
cache
.
get
(
key
)
if
prev_execute_time
:
logger
.
debug
(
"Test admin user connectivity, less than 40 minutes, skip"
)
return
cache
.
set
(
key
,
1
,
60
*
40
)
admin_users
=
AdminUser
.
objects
.
all
()
for
admin_user
in
admin_users
:
task_name
=
_
(
"Test admin user connectivity period: {}"
)
.
format
(
admin_user
.
name
)
...
...
apps/assets/templates/assets/domain_create_update.html
View file @
0798e3c4
...
...
@@ -24,7 +24,6 @@
{% block custom_foot_js %}
<script
type=
"text/javascript"
>
$
(
document
).
ready
(
function
()
{
console
.
log
(
$
.
fn
.
select2
.
defaults
);
$
(
'.select2'
).
select2
().
off
(
"select2:open"
);
}).
on
(
'click'
,
'.select2-selection__rendered'
,
function
(
e
)
{
e
.
preventDefault
();
...
...
@@ -33,6 +32,18 @@ $(document).ready(function () {
})
.
on
(
'click'
,
'#btn_asset_modal_confirm'
,
function
()
{
var
assets
=
asset_table2
.
selected
;
var
options
=
[];
$
(
'#id_assets option'
).
each
(
function
(
i
,
v
)
{
options
.
push
(
v
.
value
)
});
asset_table2
.
selected_rows
.
forEach
(
function
(
i
)
{
var
name
=
i
.
hostname
+
'('
+
i
.
ip
+
')'
;
var
option
=
new
Option
(
name
,
i
.
id
,
false
,
true
);
if
(
options
.
indexOf
(
i
.
id
)
===
-
1
)
{
$
(
'#id_assets'
).
append
(
option
).
trigger
(
'change'
);
}
});
$
(
'.select2'
).
val
(
assets
).
trigger
(
'change'
);
$
(
"#asset_list_modal"
).
modal
(
'hide'
);
...
...
apps/assets/templates/assets/label_create_update.html
View file @
0798e3c4
...
...
@@ -36,6 +36,18 @@ $(document).ready(function () {
})
.
on
(
'click'
,
'#btn_asset_modal_confirm'
,
function
()
{
var
assets
=
asset_table2
.
selected
;
var
options
=
[];
$
(
'#id_assets option'
).
each
(
function
(
i
,
v
)
{
options
.
push
(
v
.
value
)
});
asset_table2
.
selected_rows
.
forEach
(
function
(
i
)
{
var
name
=
i
.
hostname
+
'('
+
i
.
ip
+
')'
;
var
option
=
new
Option
(
name
,
i
.
id
,
false
,
true
);
if
(
options
.
indexOf
(
i
.
id
)
===
-
1
)
{
$
(
'#id_assets'
).
append
(
option
).
trigger
(
'change'
);
}
});
$
(
'#id_assets'
).
val
(
assets
).
trigger
(
'change'
);
$
(
"#asset_list_modal"
).
modal
(
'hide'
);
})
...
...
apps/common/forms.py
View file @
0798e3c4
...
...
@@ -139,22 +139,23 @@ class TerminalSettingForm(BaseForm):
(
50
,
50
),
)
TERMINAL_PASSWORD_AUTH
=
forms
.
BooleanField
(
initial
=
True
,
required
=
False
,
label
=
_
(
"Password auth"
)
required
=
False
,
label
=
_
(
"Password auth"
)
)
TERMINAL_PUBLIC_KEY_AUTH
=
forms
.
BooleanField
(
initial
=
True
,
required
=
False
,
label
=
_
(
"Public key auth"
)
required
=
False
,
label
=
_
(
"Public key auth"
)
)
TERMINAL_HEARTBEAT_INTERVAL
=
forms
.
IntegerField
(
initial
=
5
,
label
=
_
(
"Heartbeat interval"
),
help_text
=
_
(
"Units: seconds"
)
min_value
=
5
,
label
=
_
(
"Heartbeat interval"
),
help_text
=
_
(
"Units: seconds"
)
)
TERMINAL_ASSET_LIST_SORT_BY
=
forms
.
ChoiceField
(
choices
=
SORT_BY_CHOICES
,
initial
=
'hostname'
,
label
=
_
(
"List sort by"
)
choices
=
SORT_BY_CHOICES
,
label
=
_
(
"List sort by"
)
)
TERMINAL_ASSET_LIST_PAGE_SIZE
=
forms
.
ChoiceField
(
choices
=
PAGE_SIZE_CHOICES
,
initial
=
'auto'
,
label
=
_
(
"List page size"
),
choices
=
PAGE_SIZE_CHOICES
,
label
=
_
(
"List page size"
),
)
TERMINAL_SESSION_KEEP_DURATION
=
forms
.
IntegerField
(
label
=
_
(
"Session keep duration"
),
min_value
=
1
,
label
=
_
(
"Session keep duration"
),
help_text
=
_
(
"Units: days, Session, record, command will be delete "
"if more than duration, only in database"
)
)
...
...
@@ -167,8 +168,7 @@ class TerminalCommandStorage(BaseForm):
class
SecuritySettingForm
(
BaseForm
):
# MFA global setting
SECURITY_MFA_AUTH
=
forms
.
BooleanField
(
initial
=
False
,
required
=
False
,
label
=
_
(
"MFA Secondary certification"
),
required
=
False
,
label
=
_
(
"MFA Secondary certification"
),
help_text
=
_
(
'After opening, the user login must use MFA secondary '
'authentication (valid for all users, including administrators)'
...
...
@@ -176,13 +176,11 @@ class SecuritySettingForm(BaseForm):
)
# limit login count
SECURITY_LOGIN_LIMIT_COUNT
=
forms
.
IntegerField
(
initial
=
7
,
min_value
=
3
,
label
=
_
(
"Limit the number of login failures"
)
min_value
=
3
,
label
=
_
(
"Limit the number of login failures"
)
)
# limit login time
SECURITY_LOGIN_LIMIT_TIME
=
forms
.
IntegerField
(
initial
=
30
,
min_value
=
5
,
label
=
_
(
"No logon interval"
),
min_value
=
5
,
label
=
_
(
"No logon interval"
),
help_text
=
_
(
"Tip: (unit/minute) if the user has failed to log in for a limited "
"number of times, no login is allowed during this time interval."
...
...
@@ -190,8 +188,7 @@ class SecuritySettingForm(BaseForm):
)
# ssh max idle time
SECURITY_MAX_IDLE_TIME
=
forms
.
IntegerField
(
initial
=
30
,
required
=
False
,
label
=
_
(
"Connection max idle time"
),
required
=
False
,
label
=
_
(
"Connection max idle time"
),
help_text
=
_
(
'If idle time more than it, disconnect connection(only ssh now) '
'Unit: minute'
...
...
@@ -199,8 +196,8 @@ class SecuritySettingForm(BaseForm):
)
# password expiration time
SECURITY_PASSWORD_EXPIRATION_TIME
=
forms
.
IntegerField
(
initial
=
9999
,
label
=
_
(
"Password expiration time"
),
min_value
=
1
,
label
=
_
(
"Password expiration time"
),
min_value
=
1
,
max_value
=
99999
,
help_text
=
_
(
"Tip: (unit: day) "
"If the user does not update the password during the time, "
...
...
@@ -211,35 +208,30 @@ class SecuritySettingForm(BaseForm):
)
# min length
SECURITY_PASSWORD_MIN_LENGTH
=
forms
.
IntegerField
(
initial
=
6
,
label
=
_
(
"Password minimum length"
),
min_value
=
6
min_value
=
6
,
label
=
_
(
"Password minimum length"
),
)
# upper case
SECURITY_PASSWORD_UPPER_CASE
=
forms
.
BooleanField
(
initial
=
False
,
required
=
False
,
label
=
_
(
"Must contain capital letters"
),
required
=
False
,
label
=
_
(
"Must contain capital letters"
),
help_text
=
_
(
'After opening, the user password changes '
'and resets must contain uppercase letters'
)
)
# lower case
SECURITY_PASSWORD_LOWER_CASE
=
forms
.
BooleanField
(
initial
=
False
,
required
=
False
,
label
=
_
(
"Must contain lowercase letters"
),
required
=
False
,
label
=
_
(
"Must contain lowercase letters"
),
help_text
=
_
(
'After opening, the user password changes '
'and resets must contain lowercase letters'
)
)
# number
SECURITY_PASSWORD_NUMBER
=
forms
.
BooleanField
(
initial
=
False
,
required
=
False
,
label
=
_
(
"Must contain numeric characters"
),
required
=
False
,
label
=
_
(
"Must contain numeric characters"
),
help_text
=
_
(
'After opening, the user password changes '
'and resets must contain numeric characters'
)
)
# special char
SECURITY_PASSWORD_SPECIAL_CHAR
=
forms
.
BooleanField
(
initial
=
False
,
required
=
False
,
label
=
_
(
"Must contain special characters"
),
required
=
False
,
label
=
_
(
"Must contain special characters"
),
help_text
=
_
(
'After opening, the user password changes '
'and resets must contain special characters'
)
)
...
...
apps/jumpserver/conf.py
View file @
0798e3c4
...
...
@@ -320,6 +320,16 @@ defaults = {
'TERMINAL_ASSET_LIST_SORT_BY'
:
'hostname'
,
'TERMINAL_ASSET_LIST_PAGE_SIZE'
:
'auto'
,
'TERMINAL_SESSION_KEEP_DURATION'
:
9999
,
'SECURITY_MFA_AUTH'
:
False
,
'SECURITY_LOGIN_LIMIT_COUNT'
:
7
,
'SECURITY_LOGIN_LIMIT_TIME'
:
30
,
'SECURITY_MAX_IDLE_TIME'
:
30
,
'SECURITY_PASSWORD_EXPIRATION_TIME'
:
9999
,
'SECURITY_PASSWORD_MIN_LENGTH'
:
6
,
'SECURITY_PASSWORD_UPPER_CASE'
:
False
,
'SECURITY_PASSWORD_LOWER_CASE'
:
False
,
'SECURITY_PASSWORD_NUMBER'
:
False
,
'SECURITY_PASSWORD_SPECIAL_CHAR'
:
False
,
}
...
...
apps/perms/forms.py
View file @
0798e3c4
...
...
@@ -7,6 +7,7 @@ from django.utils.translation import ugettext_lazy as _
from
orgs.mixins
import
OrgModelForm
from
orgs.utils
import
current_org
from
.models
import
AssetPermission
from
assets.models
import
Asset
class
AssetPermissionForm
(
OrgModelForm
):
...
...
@@ -15,6 +16,15 @@ class AssetPermissionForm(OrgModelForm):
users_field
=
self
.
fields
.
get
(
'users'
)
if
hasattr
(
users_field
,
'queryset'
):
users_field
.
queryset
=
current_org
.
get_org_users
()
assets_field
=
self
.
fields
.
get
(
'assets'
)
# 前端渲染优化, 防止过多资产
if
not
self
.
data
:
instance
=
kwargs
.
get
(
'instance'
)
if
instance
:
assets_field
.
queryset
=
instance
.
assets
.
all
()
else
:
assets_field
.
queryset
=
Asset
.
objects
.
none
()
class
Meta
:
model
=
AssetPermission
...
...
apps/perms/templates/perms/asset_permission_create_update.html
View file @
0798e3c4
...
...
@@ -120,8 +120,20 @@ $(document).ready(function () {
.
on
(
'click'
,
'#btn_asset_modal_confirm'
,
function
()
{
var
assets
=
asset_table2
.
selected
;
$
(
'#id_assets'
).
val
(
assets
).
trigger
(
'change'
);
var
options
=
[];
$
(
'#id_assets option'
).
each
(
function
(
i
,
v
)
{
options
.
push
(
v
.
value
)
});
asset_table2
.
selected_rows
.
forEach
(
function
(
i
)
{
var
name
=
i
.
hostname
+
'('
+
i
.
ip
+
')'
;
var
option
=
new
Option
(
name
,
i
.
id
,
false
,
true
);
if
(
options
.
indexOf
(
i
.
id
)
===
-
1
)
{
$
(
'#id_assets'
).
append
(
option
).
trigger
(
'change'
);
}
});
$
(
'#id_assets'
).
val
(
assets
).
trigger
(
'change'
);
$
(
"#asset_list_modal"
).
modal
(
'hide'
);
});
</script>
...
...
apps/static/js/jumpserver.js
View file @
0798e3c4
...
...
@@ -528,6 +528,7 @@ jumpserver.initServerSideDataTable = function (options) {
lengthMenu
:
[[
10
,
15
,
25
,
50
],
[
10
,
15
,
25
,
50
]]
});
table
.
selected
=
[];
table
.
selected_rows
=
[];
table
.
on
(
'select'
,
function
(
e
,
dt
,
type
,
indexes
)
{
var
$node
=
table
[
type
](
indexes
).
nodes
().
to$
();
$node
.
find
(
'input.ipt_check'
).
prop
(
'checked'
,
true
);
...
...
@@ -535,6 +536,7 @@ jumpserver.initServerSideDataTable = function (options) {
if
(
type
===
'row'
)
{
var
rows
=
table
.
rows
(
indexes
).
data
();
$
.
each
(
rows
,
function
(
id
,
row
)
{
table
.
selected_rows
.
push
(
row
);
if
(
row
.
id
&&
$
.
inArray
(
row
.
id
,
table
.
selected
)
===
-
1
){
table
.
selected
.
push
(
row
.
id
)
}
...
...
apps/terminal/api/v1/terminal.py
View file @
0798e3c4
...
...
@@ -86,7 +86,7 @@ class TerminalTokenApi(APIView):
if
not
terminal
.
user
or
not
terminal
.
user
.
access_key
:
return
Response
(
"No access key generate"
,
status
=
401
)
access_key
=
terminal
.
user
.
access_key
.
first
()
access_key
=
terminal
.
user
.
access_key
()
data
=
OrderedDict
()
data
[
'access_key'
]
=
{
'id'
:
access_key
.
id
,
'secret'
:
access_key
.
secret
}
return
Response
(
data
,
status
=
200
)
...
...
apps/users/api/user.py
View file @
0798e3c4
...
...
@@ -47,7 +47,7 @@ class UserViewSet(IDInFilterMixin, BulkModelViewSet):
return
super
()
.
get_permissions
()
def
allow_bulk_destroy
(
self
,
qs
,
filtered
):
return
qs
.
count
()
=
=
filtered
.
count
()
return
qs
.
count
()
!
=
filtered
.
count
()
class
UserChangePasswordApi
(
generics
.
RetrieveUpdateAPIView
):
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment