Bugfix (#2506)

* [Update] 增加清理celery日志

* [Update] 修复两周前会话命令数量系那是问题

* [Update] 修复两周前会话命令数量系那是问题

* [Update] 修改结构

* [Update] 添加datatable失败的日志

* [Update] 转换配置文件格式

* [Update] 添加traceback

apps/assets/forms/user.py

@@ -35,8 +35,12 @@ class PasswordAndKeyAuthForm(forms.ModelForm):
         if private_key_file:
             key_string = private_key_file.read()
             private_key_file.seek(0)
+            key_string = key_string.decode()
+
             if not validate_ssh_private_key(key_string, password):
-                raise forms.ValidationError(_('Invalid private key'))
+                msg = _('Invalid private key, Only support '
+                        'RSA/DSA format key')
+                raise forms.ValidationError(msg)
         return private_key_file
 
     def validate_password_key(self):

apps/assets/migrations/0026_auto_20190308_1045.py

+# Generated by Django 2.1.7 on 2019-03-08 02:45
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0025_auto_20190221_1902'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='node',
+            options={'ordering': ['key'], 'verbose_name': 'Node'},
+        ),
+    ]

apps/assets/tasks.py

@@ -45,7 +45,7 @@ def clean_hosts(assets):
             continue
         clean_assets.append(asset)
     if not clean_assets:
-        logger.info(_("No assets matched, stop task"))
+        print(_("No assets matched, stop task"))
     return clean_assets
 
 

apps/jumpserver/conf.py

@@ -268,25 +268,36 @@ class Config(dict):
             rv[key] = v
         return rv
 
+    def convert_type(self, k, v):
+        default_value = self.defaults.get(k)
+        if default_value is None:
+            return v
+        tp = type(default_value)
+        try:
+            v = tp(v)
+        except Exception:
+            pass
+        return v
+
     def __repr__(self):
         return '<%s %s>' % (self.__class__.__name__, dict.__repr__(self))
 
     def __getitem__(self, item):
+        # 先从设置的来
         try:
             value = super().__getitem__(item)
         except KeyError:
             value = None
         if value is not None:
-            return value
+            return self.convert_type(item, value)
+        # 其次从环境变量来
         value = os.environ.get(item, None)
         if value is not None:
-            if value.isdigit():
-                value = int(value)
-            elif value.lower() == 'false':
+            if value.lower() == 'false':
                 value = False
             elif value.lower() == 'true':
                 value = True
-            return value
+            return self.convert_type(item, value)
         return self.defaults.get(item)
 
     def __getattr__(self, item):

apps/ops/models/adhoc.py

@@ -233,6 +233,7 @@ class AdHoc(models.Model):
             history.summary = summary
             return raw, summary
         except Exception as e:
+            logger.error(e, exc_info=True)
             return {}, {"dark": {"all": str(e)}, "contacted": []}
         finally:
             history.date_finished = timezone.now()

apps/ops/tasks.py

@@ -81,6 +81,8 @@ def clean_celery_tasks_period():
         settings.CELERY_LOG_DIR, expire_days
     )
     subprocess.call(command, shell=True)
+    command = "echo > {}".format(os.path.join(settings.LOG_DIR, 'celery.log'))
+    subprocess.call(command, shell=True)
 
 
 @shared_task

apps/perms/models.py

@@ -5,7 +5,6 @@ from django.utils.translation import ugettext_lazy as _
 from django.utils import timezone
 
 from common.utils import date_expired_default, set_or_append_attr_bulk
-
 from orgs.mixins import OrgModelMixin, OrgManager
 
 

apps/settings/signals_handler.py

@@ -3,7 +3,7 @@
 import json
 
 from django.dispatch import receiver
-from django.db.models.signals import post_save, pre_save, pre_migrate
+from django.db.models.signals import post_save, pre_save
 from django.conf import LazySettings, empty
 from django.db.utils import ProgrammingError, OperationalError
 from django.core.cache import cache

apps/static/js/jumpserver.js

@@ -555,6 +555,17 @@ jumpserver.initServerSideDataTable = function (options) {
         processing: true,
         ajax: {
             url: options.ajax_url ,
+            error: function(jqXHR, textStatus, errorThrown) {
+                var msg = gettext("Unknown error occur");
+                if (jqXHR.responseJSON) {
+                    if (jqXHR.responseJSON.error) {
+                        msg = jqXHR.responseJSON.error
+                    } else if (jqXHR.responseJSON.msg) {
+                        msg = jqXHR.responseJSON.msg
+                    }
+                }
+                alert(msg)
+            },
             data: function (data) {
                 delete data.columns;
                 if (data.length !== null){

apps/static/js/webterminal.js

-/**
- * Created by liuzheng on 3/3/16.
- */
-var rowHeight = 1;
-var colWidth = 1;
-function WSSHClient() {
-}
-WSSHClient.prototype._generateEndpoint = function (options) {
-    console.log(options);
-    if (window.location.protocol == 'https:') {
-        var protocol = 'wss://';
-    } else {
-        var protocol = 'ws://';
-    }
-
-    var endpoint = protocol + document.URL.match(RegExp('//(.*?)/'))[1] + '/ws/applications' + document.URL.match(/(\?.*)/);
-    return endpoint;
-};
-WSSHClient.prototype.connect = function (options) {
-    var endpoint = this._generateEndpoint(options);
-
-    if (window.WebSocket) {
-        this._connection = new WebSocket(endpoint);
-    }
-    else if (window.MozWebSocket) {
-        this._connection = MozWebSocket(endpoint);
-    }
-    else {
-        options.onError('WebSocket Not Supported');
-        return;
-    }
-
-    this._connection.onopen = function () {
-        options.onConnect();
-    };
-
-    this._connection.onmessage = function (evt) {
-        try {
-            options.onData(evt.data);
-        } catch (e) {
-            var data = JSON.parse(evt.data.toString());
-            options.onError(data.error);
-        }
-    };
-
-    this._connection.onclose = function (evt) {
-        options.onClose();
-    };
-};
-
-WSSHClient.prototype.send = function (data) {
-    this._connection.send(JSON.stringify({'data': data}));
-};
-
-function openTerminal(options) {
-    var client = new WSSHClient();
-    var rowHeight, colWidth;
-    try {
-        rowHeight = localStorage.getItem('term-row');
-        colWidth = localStorage.getItem('term-col');
-    } catch (err) {
-        rowHeight = 35;
-        colWidth = 100
-    }
-    if (rowHeight) {
-    } else {
-        rowHeight = 35
-    }
-    if (colWidth) {
-    } else {
-        colWidth = 100
-    }
-
-    var term = new Terminal({
-        rows: rowHeight,
-        cols: colWidth,
-        useStyle: true,
-        screenKeys: true
-    });
-    term.open();
-    term.on('data', function (data) {
-        client.send(data)
-    });
-    $('.applications').detach().appendTo('#term');
-    //term.resize(colWidth, rowHeight);
-    term.write('Connecting...');
-    client.connect($.extend(options, {
-        onError: function (error) {
-            term.write('Error: ' + error + '\r\n');
-        },
-        onConnect: function () {
-            // Erase our connecting message
-            client.send({'resize': {'rows': rowHeight, 'cols': colWidth}});
-            term.write('\r');
-        },
-        onClose: function () {
-            term.write('Connection Reset By Peer');
-        },
-        onData: function (data) {
-            term.write(data);
-        }
-    }));
-    //rowHeight = 0.0 + 1.00 * $('.applications').height() / 24;
-    //colWidth = 0.0 + 1.00 * $('.applications').width() / 80;
-    return {'term': term, 'client': client};
-}
-
-//function resize() {
-//    $('.applications').css('width', window.innerWidth - 25);
-//    console.log(window.innerWidth);
-//    console.log(window.innerWidth - 10);
-//    var rows = Math.floor(window.innerHeight / rowHeight) - 2;
-//    var cols = Math.floor(window.innerWidth / colWidth) - 1;
-//
-//    return {rows: rows, cols: cols};
-//}
-
-$(document).ready(function () {
-    var options = {};
-
-    $('#ssh').show();
-    var term_client = openTerminal(options);
-    console.log(rowHeight);
-    // by liuzheng712 because it will bring record bug
-    //window.onresize = function () {
-    //    var geom = resize();
-    //    console.log(geom);
-    //    term_client.term.resize(geom.cols, geom.rows);
-    //    term_client.client.send({'resize': {'rows': geom.rows, 'cols': geom.cols}});
-    //    $('#ssh').show();
-    //}
-    try {
-        $('#term-row')[0].value = localStorage.getItem('term-row');
-        $('#term-col')[0].value = localStorage.getItem('term-col');
-    } catch (err) {
-        $('#term-row')[0].value = 35;
-        $('#term-col')[0].value = 100;
-    }
-    $('#col-row').click(function () {
-        var col = $('#term-col').val();
-        var row = $('#term-row').val();
-        localStorage.setItem('term-col', col);
-        localStorage.setItem('term-row', row);
-        term_client.term.resize(col, row);
-        term_client.client.send({'resize': {'rows': row, 'cols': col}});
-        $('#ssh').show();
-    });
-    $(".applications").mouseleave(function () {
-        $(".termChangBar").slideDown();
-    });
-    $(".applications").mouseenter(function () {
-        $(".termChangBar").slideUp();
-    })
-});
\ No newline at end of file

apps/static/js/wssh.js

-/*
-WSSH Javascript Client
-
-Usage:
-
-var client = new WSSHClient();
-
-client.connect({
-    // Connection and authentication parameters
-    username: 'root',
-    hostname: 'localhost',
-    authentication_method: 'password', // can either be password or private_key
-    password: 'secretpassword', // do not provide when using private_key
-    key_passphrase: 'secretpassphrase', // *may* be provided if the private_key is encrypted
-
-    // Callbacks
-    onError: function(error) {
-        // Called upon an error
-        console.error(error);
-    },
-    onConnect: function() {
-        // Called after a successful connection to the server
-        console.debug('Connected!');
-
-        client.send('ls\n'); // You can send data back to the server by using WSSHClient.send()
-    },
-    onClose: function() {
-        // Called when the remote closes the connection
-        console.debug('Connection Reset By Peer');
-    },
-    onData: function(data) {
-        // Called when data is received from the server
-        console.debug('Received: ' + data);
-    }
-});
-
-*/
-
-function WSSHClient() {
-}
-
-WSSHClient.prototype._generateEndpoint = function(options) {
-    console.log(options);
-    if (window.location.protocol == 'https:') {
-        var protocol = 'wss://';
-    } else {
-        var protocol = 'ws://';
-    }
-
-    var endpoint = protocol + window.location.host + ':8080' + '/applications';
-    return endpoint;
-};
-
-WSSHClient.prototype.connect = function(options) {
-    var endpoint = this._generateEndpoint(options);
-
-    if (window.WebSocket) {
-        this._connection = new WebSocket(endpoint);
-    }
-    else if (window.MozWebSocket) {
-        this._connection = MozWebSocket(endpoint);
-    }
-    else {
-        options.onError('WebSocket Not Supported');
-        return ;
-    }
-
-    this._connection.onopen = function() {
-        options.onConnect();
-    };
-
-    this._connection.onmessage = function (evt) {
-        var data = JSON.parse(evt.data.toString());
-        if (data.error !== undefined) {
-            options.onError(data.error);
-        }
-        else {
-            options.onData(data.data);
-        }
-    };
-
-    this._connection.onclose = function(evt) {
-        options.onClose();
-    };
-};
-
-WSSHClient.prototype.send = function(data) {
-    this._connection.send(JSON.stringify({'data': data}));
-};

apps/terminal/api/__init__.py

 # -*- coding: utf-8 -*-
 #
+from .terminal import *
+from .session import *
+from .task import *

apps/terminal/api/v1/session.py → apps/terminal/api/session.py

@@ -9,17 +9,17 @@ from django.http import HttpResponseNotFound
 from django.conf import settings
 from rest_framework.pagination import LimitOffsetPagination
 from rest_framework import viewsets
-from rest_framework.views import Response
+from rest_framework.response import Response
 from rest_framework_bulk import BulkModelViewSet
 import jms_storage
 
 
 from common.utils import is_uuid
 from common.permissions import IsOrgAdminOrAppUser
-from ...hands import SystemUser
-from ...models import Terminal, Session
-from ...serializers import v1 as serializers
-from ...backends import get_command_storage, get_multi_command_storage, \
+from ..hands import SystemUser
+from ..models import Terminal, Session
+from .. import serializers
+from ..backends import get_command_storage, get_multi_command_storage, \
     SessionCommandSerializer
 
 __all__ = ['SessionViewSet', 'SessionReplayViewSet', 'CommandViewSet']

apps/terminal/api/v1/task.py → apps/terminal/api/task.py

@@ -6,8 +6,8 @@ from rest_framework_bulk import BulkModelViewSet
 
 from common.utils import get_object_or_none
 from common.permissions import IsOrgAdminOrAppUser
-from ...models import Session, Task
-from ...serializers import v1 as serializers
+from ..models import Session, Task
+from .. import serializers
 
 
 __all__ = ['TaskViewSet', 'KillSessionAPI']

apps/terminal/api/v1/terminal.py → apps/terminal/api/terminal.py

@@ -14,8 +14,8 @@ from rest_framework.permissions import AllowAny
 
 from common.utils import get_object_or_none
 from common.permissions import IsAppUser, IsOrgAdminOrAppUser, IsSuperUser
-from ...models import Terminal, Status, Session
-from ...serializers import v1 as serializers
+from ..models import Terminal, Status, Session
+from .. import serializers
 
 __all__ = [
     'TerminalViewSet', 'TerminalTokenApi', 'StatusViewSet', 'TerminalConfig',

apps/terminal/api/v2/terminal.py → apps/terminal/api_v2/terminal.py

@@ -7,8 +7,8 @@ from rest_framework.response import Response
 from common.permissions import IsSuperUser, WithBootstrapToken
 
 
-from ...models import Terminal
-from ...serializers import v2 as serializers
+from ..models import Terminal
+from .. import serializers_v2 as serializers
 
 __all__ = ['TerminalViewSet', 'TerminalRegistrationApi']
 

apps/terminal/backends/command/db.py

@@ -66,9 +66,13 @@ class CommandStore(CommandBase):
         date_from_default = timezone.now() - datetime.timedelta(days=7)
         date_to_default = timezone.now()
 
-        date_from = date_from if date_from else date_from_default
-        date_to = date_to if date_to else date_to_default
+        if not date_from and not session:
+            date_from = date_from_default
+        if not date_to and not session:
+            date_to = date_to_default
+        if date_from is not None:
             filter_kwargs['timestamp__gte'] = int(date_from.timestamp())
+        if date_to is not None:
             filter_kwargs['timestamp__lte'] = int(date_to.timestamp())
 
         if user:

apps/terminal/serializers/__init__.py

 # -*- coding: utf-8 -*-
 #
+from .v1 import *

apps/terminal/api/v1/__init__.py → apps/terminal/serializers_v2/__init__.py

 # -*- coding: utf-8 -*-
 #
+
 from .terminal import *
-from .session import *
-from .task import *

apps/terminal/serializers/v2.py → apps/terminal/serializers_v2/terminal.py

@@ -3,7 +3,7 @@
 from rest_framework import serializers
 
 from common.utils import get_request_ip
-from users.serializers.v2 import ServiceAccountSerializer
+from users.serializers_v2 import ServiceAccountSerializer
 from ..models import Terminal
 
 

apps/terminal/urls/api_urls.py

@@ -5,7 +5,7 @@
 from django.urls import path, include
 from rest_framework_bulk.routes import BulkRouter
 
-from ..api import v1 as api
+from .. import api
 
 app_name = 'terminal'
 

apps/terminal/urls/api_urls_v2.py

@@ -5,7 +5,7 @@
 from django.urls import path
 from rest_framework_bulk.routes import BulkRouter
 
-from ..api import v2 as api
+from .. import api_v2 as api
 
 app_name = 'terminal'
 

apps/users/api/v2/user.py → apps/users/api_v2/user.py

@@ -3,7 +3,7 @@
 from rest_framework import viewsets
 
 from common.permissions import WithBootstrapToken
-from ...serializers import v2 as serializers
+from .. import serializers_v2 as serializers
 
 
 class ServiceAccountRegistrationViewSet(viewsets.ModelViewSet):

apps/users/serializers_v2/__init__.py

+# -*- coding: utf-8 -*-
+#
+from .user import *

apps/users/serializers/v2.py → apps/users/serializers_v2/user.py

@@ -6,6 +6,8 @@ from ..models import User
 
 from authentication.serializers import AccessKeySerializer
 
+__all__ = ['ServiceAccountSerializer']
+
 
 class ServiceAccountSerializer(serializers.ModelSerializer):
     access_key = AccessKeySerializer(read_only=True)

apps/users/urls/api_urls_v2.py

@@ -5,7 +5,7 @@ from __future__ import absolute_import
 
 from django.urls import path, include
 from rest_framework_bulk.routes import BulkRouter
-from ..api import v2 as api
+from .. import api_v2 as api
 
 app_name = 'users'