Merge pull request #2231 from jumpserver/dev

Dev

Merge pull request #2231 from jumpserver/dev
Dev
e1f1bed9 · 老广 · GitHub · 0e9ebed1 · 08945f0a · e1f1bed9
Unverified Commit e1f1bed9 authored Dec 20, 2018 by 老广 Committed by GitHub Dec 20, 2018
25 changed files
--- a/apps/assets/forms/domain.py
+++ b/apps/assets/forms/domain.py
@@ -36,14 +36,12 @@ class DomainForm(forms.ModelForm):


 class GatewayForm(PasswordAndKeyAuthForm, OrgModelForm):
-    protocol = forms.ChoiceField(
-        choices=[Gateway.PROTOCOL_CHOICES[0]],
-    )
-
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        password_field = self.fields.get('password')
        password_field.help_text = _('Password should not contain special characters')
+        protocol_field = self.fields.get('protocol')
+        protocol_field.choices = [Gateway.PROTOCOL_CHOICES[0]]

    def save(self, commit=True):
        # Because we define custom field, so we need rewrite :method: `save`

--- a/apps/assets/forms/user.py
+++ b/apps/assets/forms/user.py
@@ -100,7 +100,9 @@ class SystemUserForm(OrgModelForm, PasswordAndKeyAuthForm):
        private_key, public_key = super().gen_keys()

        if login_mode == SystemUser.LOGIN_MANUAL or \
-                protocol in [SystemUser.PROTOCOL_RDP, SystemUser.PROTOCOL_TELNET]:
+                protocol in [SystemUser.PROTOCOL_RDP,
+                             SystemUser.PROTOCOL_TELNET,
+                             SystemUser.PROTOCOL_VNC]:
            system_user.auto_push = 0
            auto_generate_key = False
            system_user.save()
@@ -120,17 +122,18 @@ class SystemUserForm(OrgModelForm, PasswordAndKeyAuthForm):
        if not self.instance and not auto_generate:
            super().validate_password_key()

-    def is_valid(self):
-        validated = super().is_valid()
-        username = self.cleaned_data.get('username')
-        login_mode = self.cleaned_data.get('login_mode')
-        if login_mode == SystemUser.LOGIN_AUTO and not username:
-            self.add_error(
-                "username", _('* Automatic login mode,'
-                              ' must fill in the username.')
-            )
-            return False
-        return validated
+    def clean_username(self):
+        username = self.data.get('username')
+        login_mode = self.data.get('login_mode')
+        protocol = self.data.get('protocol')
+
+        if username:
+            return username
+        if login_mode == SystemUser.LOGIN_AUTO and \
+                protocol != SystemUser.PROTOCOL_VNC:
+            msg = _('* Automatic login mode must fill in the username.')
+            raise forms.ValidationError(msg)
+        return username

    class Meta:
        model = SystemUser
@@ -148,7 +151,6 @@ class SystemUserForm(OrgModelForm, PasswordAndKeyAuthForm):
        }
        help_texts = {
            'name': '* required',
-            'username': '* required',
            'auto_push': _('Auto push system user to asset'),
            'priority': _('1-100, High level will be using login asset as default, '
                          'if user was granted more than 2 system user'),

--- a/apps/assets/migrations/0024_auto_20181219_1614.py
+++ b/apps/assets/migrations/0024_auto_20181219_1614.py
+# Generated by Django 2.1.4 on 2018-12-19 08:14
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0023_auto_20181016_1650'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='asset',
+            name='protocol',
+            field=models.CharField(choices=[('ssh', 'ssh'), ('rdp', 'rdp'), ('telnet', 'telnet (beta)'), ('vnc', 'vnc')], default='ssh', max_length=128, verbose_name='Protocol'),
+        ),
+        migrations.AlterField(
+            model_name='systemuser',
+            name='protocol',
+            field=models.CharField(choices=[('ssh', 'ssh'), ('rdp', 'rdp'), ('telnet', 'telnet (beta)'), ('vnc', 'vnc')], default='ssh', max_length=16, verbose_name='Protocol'),
+        ),
+    ]
--- a/apps/assets/models/asset.py
+++ b/apps/assets/models/asset.py
@@ -59,19 +59,21 @@ class Asset(OrgModelMixin):
        ('Other', 'Other'),
    )

-    SSH_PROTOCOL = 'ssh'
-    RDP_PROTOCOL = 'rdp'
-    TELNET_PROTOCOL = 'telnet'
+    PROTOCOL_SSH = 'ssh'
+    PROTOCOL_RDP = 'rdp'
+    PROTOCOL_TELNET = 'telnet'
+    PROTOCOL_VNC = 'vnc'
    PROTOCOL_CHOICES = (
-        (SSH_PROTOCOL, 'ssh'),
-        (RDP_PROTOCOL, 'rdp'),
-        (TELNET_PROTOCOL, 'telnet (beta)'),
+        (PROTOCOL_SSH, 'ssh'),
+        (PROTOCOL_RDP, 'rdp'),
+        (PROTOCOL_TELNET, 'telnet (beta)'),
+        (PROTOCOL_VNC, 'vnc'),
    )

    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
    ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'), db_index=True)
    hostname = models.CharField(max_length=128, verbose_name=_('Hostname'))
-    protocol = models.CharField(max_length=128, default=SSH_PROTOCOL, choices=PROTOCOL_CHOICES, verbose_name=_('Protocol'))
+    protocol = models.CharField(max_length=128, default=PROTOCOL_SSH, choices=PROTOCOL_CHOICES, verbose_name=_('Protocol'))
    port = models.IntegerField(default=22, verbose_name=_('Port'))
    platform = models.CharField(max_length=128, choices=PLATFORM_CHOICES, default='Linux', verbose_name=_('Platform'))
    domain = models.ForeignKey("assets.Domain", null=True, blank=True, related_name='assets', verbose_name=_("Domain"), on_delete=models.SET_NULL)

--- a/apps/assets/models/domain.py
+++ b/apps/assets/models/domain.py
@@ -40,15 +40,15 @@ class Domain(OrgModelMixin):


 class Gateway(AssetUser):
-    SSH_PROTOCOL = 'ssh'
-    RDP_PROTOCOL = 'rdp'
+    PROTOCOL_SSH = 'ssh'
+    PROTOCOL_RDP = 'rdp'
    PROTOCOL_CHOICES = (
-        (SSH_PROTOCOL, 'ssh'),
-        (RDP_PROTOCOL, 'rdp'),
+        (PROTOCOL_SSH, 'ssh'),
+        (PROTOCOL_RDP, 'rdp'),
    )
    ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'), db_index=True)
    port = models.IntegerField(default=22, verbose_name=_('Port'))
-    protocol = models.CharField(choices=PROTOCOL_CHOICES, max_length=16, default=SSH_PROTOCOL, verbose_name=_("Protocol"))
+    protocol = models.CharField(choices=PROTOCOL_CHOICES, max_length=16, default=PROTOCOL_SSH, verbose_name=_("Protocol"))
    domain = models.ForeignKey(Domain, on_delete=models.CASCADE, verbose_name=_("Domain"))
    comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=_("Comment"))
    is_active = models.BooleanField(default=True, verbose_name=_("Is active"))

--- a/apps/assets/models/user.py
+++ b/apps/assets/models/user.py
@@ -115,10 +115,12 @@ class SystemUser(AssetUser):
    PROTOCOL_SSH = 'ssh'
    PROTOCOL_RDP = 'rdp'
    PROTOCOL_TELNET = 'telnet'
+    PROTOCOL_VNC = 'vnc'
    PROTOCOL_CHOICES = (
        (PROTOCOL_SSH, 'ssh'),
        (PROTOCOL_RDP, 'rdp'),
        (PROTOCOL_TELNET, 'telnet (beta)'),
+        (PROTOCOL_VNC, 'vnc'),
    )

    LOGIN_AUTO = 'auto'

--- a/apps/assets/tasks.py
+++ b/apps/assets/tasks.py
@@ -4,8 +4,6 @@ import re
 import os

 from celery import shared_task
-from ops.celery import app as celery_app
-from django.core.cache import cache
 from django.utils.translation import ugettext as _

 from common.utils import capacity_convert, \

--- a/apps/assets/templates/assets/_asset_list_modal.html
+++ b/apps/assets/templates/assets/_asset_list_modal.html
@@ -73,7 +73,7 @@ function initTable2() {
    return asset_table2
 }

-function onSelected2(event, treeNode) {
+function onNodeSelected2(event, treeNode) {
    var url = asset_table2.ajax.url();
    url = setUrlParam(url, "node_id", treeNode.meta.node.id);
    asset_table2.ajax.url(url);
@@ -100,7 +100,7 @@ function initTree2() {
            type: 'get'
 		},
        callback: {
-            onSelected: onSelected2
+            onSelected: onNodeSelected2
        }
    };
    zTree2 = $.fn.zTree.init($("#assetTree2"), setting);

--- a/apps/assets/templates/assets/_system_user.html
+++ b/apps/assets/templates/assets/_system_user.html
@@ -103,15 +103,17 @@ var need_change_field_login_mode = [
 ];

 function protocolChange() {
-    if ($(protocol_id + " option:selected").text() === 'rdp') {
+    var protocol = $(protocol_id + " option:selected").text();
+    if (protocol === 'rdp' || protocol === 'vnc') {
        $('.auth-fields').removeClass('hidden');
        $('#command-filter-block').addClass('hidden');
        $.each(need_change_field, function (index, value) {
            $(value).closest('.form-group').addClass('hidden')
        });
    }
-    else if ($(protocol_id + " option:selected").text() === 'telnet (beta)') {
+    else if (protocol === 'telnet (beta)') {
        $('.auth-fields').removeClass('hidden');
+        $('#command-filter-block').removeClass('hidden');
        $.each(need_change_field, function (index, value) {
            $(value).closest('.form-group').addClass('hidden')
        });
@@ -123,6 +125,7 @@ function protocolChange() {
            return
        }
        authFieldsDisplay();
+        $('#command-filter-block').removeClass('hidden');
        $.each(need_change_field, function (index, value) {
            $(value).closest('.form-group').removeClass('hidden')
        });

--- a/apps/assets/templates/assets/domain_create_update.html
+++ b/apps/assets/templates/assets/domain_create_update.html
@@ -29,6 +29,7 @@ $(document).ready(function () {
 }).on('click', '.select2-selection__rendered', function (e) {
    e.preventDefault();
    $("#asset_list_modal").modal();
+    initSelectedAssets2Table();
 })
 .on('click', '#btn_asset_modal_confirm', function () {
    var assets = asset_table2.selected;

--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
--- a/apps/locale/zh/LC_MESSAGES/django.po
+++ b/apps/locale/zh/LC_MESSAGES/django.po
--- a/apps/ops/migrations/0005_auto_20181219_1807.py
+++ b/apps/ops/migrations/0005_auto_20181219_1807.py
+# Generated by Django 2.1 on 2018-12-19 10:07
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('ops', '0004_adhoc_run_as'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='task',
+            name='date_created',
+            field=models.DateTimeField(auto_now_add=True, db_index=True),
+        ),
+        migrations.AlterField(
+            model_name='adhoc',
+            name='date_created',
+            field=models.DateTimeField(auto_now_add=True, db_index=True),
+        ),
+        migrations.AlterField(
+            model_name='celerytask',
+            name='status',
+            field=models.CharField(
+                choices=[('waiting', 'waiting'), ('running', 'running'),
+                         ('finished', 'finished')], db_index=True,
+                max_length=128),
+        ),
+    ]
--- a/apps/ops/models/adhoc.py
+++ b/apps/ops/models/adhoc.py
@@ -42,7 +42,7 @@ class Task(models.Model):
    is_deleted = models.BooleanField(default=False)
    comment = models.TextField(blank=True, verbose_name=_("Comment"))
    created_by = models.CharField(max_length=128, blank=True, default='')
-    date_created = models.DateTimeField(auto_now_add=True)
+    date_created = models.DateTimeField(auto_now_add=True, db_index=True)
    __latest_adhoc = None
    _ignore_auto_created_by = True

@@ -164,11 +164,14 @@ class AdHoc(models.Model):
    run_as = models.ForeignKey('assets.SystemUser', null=True, on_delete=models.CASCADE)
    _become = models.CharField(max_length=1024, default='', verbose_name=_("Become"))
    created_by = models.CharField(max_length=64, default='', null=True, verbose_name=_('Create by'))
-    date_created = models.DateTimeField(auto_now_add=True)
+    date_created = models.DateTimeField(auto_now_add=True, db_index=True)

    @property
    def tasks(self):
-        return json.loads(self._tasks)
+        try:
+            return json.loads(self._tasks)
+        except:
+            return []

    @tasks.setter
    def tasks(self, item):

--- a/apps/ops/models/celery.py
+++ b/apps/ops/models/celery.py
@@ -19,7 +19,7 @@ class CeleryTask(models.Model):
    )
    id = models.UUIDField(primary_key=True, default=uuid.uuid4)
    name = models.CharField(max_length=1024)
-    status = models.CharField(max_length=128, choices=STATUS_CHOICES)
+    status = models.CharField(max_length=128, choices=STATUS_CHOICES, db_index=True)
    log_path = models.CharField(max_length=256, blank=True, null=True)
    date_published = models.DateTimeField(auto_now_add=True)
    date_start = models.DateTimeField(null=True)

--- a/apps/ops/tasks.py
+++ b/apps/ops/tasks.py
@@ -2,6 +2,7 @@
 from celery import shared_task, subtask

 from common.utils import get_logger, get_object_or_none
+from .celery.utils import register_as_period_task, after_app_shutdown_clean
 from .models import Task, CommandExecution

 logger = get_logger(__file__)
@@ -34,6 +35,19 @@ def run_command_execution(cid, **kwargs):
    return execution.run()


+@shared_task
+@register_as_period_task(interval=3600*24)
+@after_app_shutdown_clean
+def clean_tasks_adhoc_period():
+    logger.debug("Start clean task adhoc and run history")
+    tasks = Task.objects.all()
+    for task in tasks:
+        adhoc = task.adhoc.all().order_by('-date_created')[5:]
+        for ad in adhoc:
+            ad.history.all().delete()
+            ad.delete()
+
+
 @shared_task
 def hello(name, callback=None):
    print("Hello {}".format(name))

--- a/apps/ops/templates/ops/adhoc_detail.html
+++ b/apps/ops/templates/ops/adhoc_detail.html
@@ -186,6 +186,19 @@
            </div>
        </div>
    </div>
-    {% include 'users/_user_update_pk_modal.html' %}
+{% endblock %}
+{% block custom_foot_js %}
+<script>
+$(document).ready(function () {
+}).on('click', '.celery-task-log', function () {
+    var history_pk = "{{ object.latest_history.pk  }}";
+    if (!history_pk) {
+        alert("没有运行历史");
+        return
+    }
+    var url = '{% url 'ops:celery-task-log' pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', history_pk);
+    window.open(url, '', 'width=800,height=600,left=400,top=400')
+})
+</script>
 {% endblock %}

--- a/apps/ops/templates/ops/adhoc_history_detail.html
+++ b/apps/ops/templates/ops/adhoc_history_detail.html
@@ -19,7 +19,7 @@
                                <a href="{% url 'ops:adhoc-history-detail' pk=object.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Run history detail' %} </a>
                            </li>
                            <li>
-                                <a class="text-center celery-task-log" onclick="window.open('{% url 'ops:celery-task-log' pk=object.pk %}','', 'width=800,height=600,left=400,top=400')"><i class="fa fa-laptop"></i> {% trans 'Output' %} </a>
+                                <a class="text-center celery-task-log" ><i class="fa fa-laptop"></i> {% trans 'Output' %} </a>
                            </li>
                        </ul>
                    </div>
@@ -141,4 +141,14 @@
    </div>
    {% include 'users/_user_update_pk_modal.html' %}
 {% endblock %}
+{% block custom_foot_js %}
+<script>
+$(document).ready(function () {
+}).on('click', '.celery-task-log', function () {
+    var url = '{% url 'ops:celery-task-log' pk=object.pk %}';
+    window.open(url, '', 'width=800,height=600,left=400,top=400')
+})
+
+</script>
+{% endblock %}

--- a/apps/ops/templates/ops/task_adhoc.html
+++ b/apps/ops/templates/ops/task_adhoc.html
@@ -25,7 +25,7 @@
                                <a href="{% url 'ops:task-history' pk=object.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Run history' %} </a>
                            </li>
                            <li>
-                                <a class="text-center celery-task-log" onclick="window.open('{% url 'ops:celery-task-log' pk=object.latest_history.pk %}','', 'width=800,height=600,left=400,top=400')"><i class="fa fa-laptop"></i> {% trans 'Last run output' %} </a>
+                                <a class="text-center celery-task-log" ><i class="fa fa-laptop"></i> {% trans 'Last run output' %} </a>
                            </li>
                        </ul>
                    </div>
@@ -78,52 +78,60 @@
 {% endblock %}

 {% block custom_foot_js %}
-    <script>
-        $(document).ready(function () {
-            var options = {
-                ele: $('#task-version-list-table'),
-                buttons: [],
-                order: [],
-                select: [],
-                columnDefs: [
-                    {targets: 1, createdCell: function (td, cellData, rowData) {
+<script>
+$(document).ready(function () {
+    var options = {
+        ele: $('#task-version-list-table'),
+        buttons: [],
+        order: [],
+        select: [],
+        columnDefs: [
+            {targets: 1, createdCell: function (td, cellData, rowData) {
 {#                        var detail_btn = '<a href="' + cellData + '</a>';#}
-                        $(td).html(cellData);
-                     }},
-                    {targets: 2, createdCell: function (td, cellData, rowData) {
-                        var dataLength = cellData.length;
-                        $(td).html(dataLength);
-                    }},
-                    {targets: 4, createdCell: function (td, cellData) {
-                        if (!cellData) {
-                            $(td).html("Admin")
-                        } else {
-                            $(td).html(cellData)
-                        }
-                    }},
-                    {targets: 5, createdCell: function (td, cellData, rowData) {
-                        if (!cellData) {
-                            $(td).html("")
-                        } else {
-                            $(td).html(cellData.user)
-                        }
-                    }},
-                    {targets: 6, createdCell: function (td, cellData) {
-                        var d = new Date(cellData);
-                        $(td).html(d.toLocaleString())
-                    }},
-                    {targets: 7, createdCell: function (td, cellData, rowData) {
-                       var detail_btn = '<a class="btn btn-xs btn-primary m-l-xs btn-run" href="{% url 'ops:adhoc-detail' pk=DEFAULT_PK %}">{% trans "Detail" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
-                       if (cellData) {
-                           $(td).html(detail_btn);
-                       }
-                    }}
-                ],
-                ajax_url: '{% url "api-ops:adhoc-list" %}?task={{ object.pk }}',
-                columns: [{data: function(){return ""}}, {data: "short_id" }, {data: "hosts"}, {data: "pattern"},
-                          {data: "run_as"}, {data: "become"}, {data: "date_created"}, {data: "id"}]
-            };
-            jumpserver.initDataTable(options);
-        })
-    </script>
+                $(td).html(cellData);
+             }},
+            {targets: 2, createdCell: function (td, cellData, rowData) {
+                var dataLength = cellData.length;
+                $(td).html(dataLength);
+            }},
+            {targets: 4, createdCell: function (td, cellData) {
+                if (!cellData) {
+                    $(td).html("Admin")
+                } else {
+                    $(td).html(cellData)
+                }
+            }},
+            {targets: 5, createdCell: function (td, cellData, rowData) {
+                if (!cellData) {
+                    $(td).html("")
+                } else {
+                    $(td).html(cellData.user)
+                }
+            }},
+            {targets: 6, createdCell: function (td, cellData) {
+                var d = new Date(cellData);
+                $(td).html(d.toLocaleString())
+            }},
+            {targets: 7, createdCell: function (td, cellData, rowData) {
+               var detail_btn = '<a class="btn btn-xs btn-primary m-l-xs btn-run" href="{% url 'ops:adhoc-detail' pk=DEFAULT_PK %}">{% trans "Detail" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
+               if (cellData) {
+                   $(td).html(detail_btn);
+               }
+            }}
+        ],
+        ajax_url: '{% url "api-ops:adhoc-list" %}?task={{ object.pk }}',
+        columns: [{data: function(){return ""}}, {data: "short_id" }, {data: "hosts"}, {data: "pattern"},
+                  {data: "run_as"}, {data: "become"}, {data: "date_created"}, {data: "id"}]
+    };
+    jumpserver.initDataTable(options);
+}).on('click', '.celery-task-log', function () {
+    var history_pk = "{{ object.latest_history.pk  }}";
+    if (!history_pk) {
+        alert("没有运行历史");
+        return
+    }
+    var url = '{% url 'ops:celery-task-log' pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', history_pk);
+    window.open(url, '', 'width=800,height=600,left=400,top=400')
+})
+</script>
 {% endblock %}
--- a/apps/ops/templates/ops/task_detail.html
+++ b/apps/ops/templates/ops/task_detail.html
@@ -26,7 +26,7 @@
                                <a href="{% url 'ops:task-history' pk=object.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Run history' %} </a>
                            </li>
                            <li>
-                                <a class="text-center celery-task-log" onclick="window.open("{% url 'ops:celery-task-log' pk=object.latest_history.pk %}",'', 'width=800,height=600,left=400,top=400')"><i class="fa fa-laptop"></i> {% trans 'Last run output' %} </a>
+                                <a class="text-center celery-task-log"><i class="fa fa-laptop"></i> {% trans 'Last run output' %} </a>
                            </li>
                        </ul>
                    </div>
@@ -165,4 +165,19 @@
        </div>
    </div>
 {% endblock %}
+{% block custom_foot_js %}
+<script>
+$(document).ready(function () {
+}).on('click', '.celery-task-log', function () {
+    var history_pk = "{{ object.latest_history.pk  }}";
+    if (!history_pk) {
+        alert("没有运行历史");
+        return
+    }
+    var url = '{% url 'ops:celery-task-log' pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', history_pk);
+    window.open(url, '', 'width=800,height=600,left=400,top=400')
+})
+
+</script>
+{% endblock %}

--- a/apps/ops/templates/ops/task_history.html
+++ b/apps/ops/templates/ops/task_history.html
@@ -25,7 +25,7 @@
                                <a href="{% url 'ops:task-history' pk=object.pk %}" class="text-center"><i class="fa fa-laptop"></i> {% trans 'Run history' %} </a>
                            </li>
                            <li>
-                                <a class="text-center celery-task-log" onclick="window.open('{% url 'ops:celery-task-log' pk=object.latest_history.pk %}','', 'width=800,height=600,left=400,top=400')"><i class="fa fa-laptop"></i> {% trans 'Last run output' %} </a>
+                                <a class="text-center celery-task-log"><i class="fa fa-laptop"></i> {% trans 'Last run output' %} </a>
                            </li>
                        </ul>
                    </div>
@@ -148,6 +148,14 @@ function initTable() {

 $(document).ready(function () {
    initTable();
+}).on('click', '.celery-task-log', function () {
+    var history_pk = "{{ object.latest_history.pk  }}";
+    if (!history_pk) {
+        alert("没有运行历史");
+        return
+    }
+    var url = '{% url 'ops:celery-task-log' pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', history_pk);
+    window.open(url, '', 'width=800,height=600,left=400,top=400')
 })

 </script>

--- a/apps/perms/forms.py
+++ b/apps/perms/forms.py
@@ -12,8 +12,6 @@ from .models import AssetPermission
 class AssetPermissionForm(OrgModelForm):
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
-        if 'initial' not in kwargs:
-            return
        users_field = self.fields.get('users')
        if hasattr(users_field, 'queryset'):
            users_field.queryset = current_org.get_org_users()

--- a/apps/perms/utils.py
+++ b/apps/perms/utils.py
@@ -136,7 +136,9 @@ class AssetPermissionUtil:
        permissions = self.permissions.prefetch_related('assets', 'system_users')
        for perm in permissions:
            for asset in perm.assets.all().valid().prefetch_related('nodes'):
-                assets[asset].update(perm.system_users.all())
+                assets[asset].update(
+                    perm.system_users.filter(protocol=asset.protocol)
+                )
        return assets

    def get_assets(self):
@@ -147,7 +149,9 @@ class AssetPermissionUtil:
        for node, system_users in nodes.items():
            _assets = node.get_all_assets().valid().prefetch_related('nodes')
            for asset in _assets:
-                assets[asset].update(system_users)
+                assets[asset].update(
+                    [s for s in system_users if s.protocol == asset.protocol]
+                )
        self._assets = assets
        return self._assets


--- a/apps/terminal/api/v1/session.py
+++ b/apps/terminal/api/v1/session.py
@@ -118,10 +118,11 @@ class SessionReplayViewSet(viewsets.ViewSet):
        session_id = kwargs.get('pk')
        session = get_object_or_404(Session, id=session_id)

-        data = {
-            'type': 'guacamole' if session.protocol == 'rdp' else 'json',
-            'src': '',
-        }
+        tp = 'json'
+        if session.protocol in ('rdp', 'vnc'):
+            tp = 'guacamole'
+
+        data = {'type': tp, 'src': ''}

        # 新版本和老版本的文件后缀不同
        session_path = session.get_rel_replay_path()  # 存在外部存储上的路径

--- a/config_example.py
+++ b/config_example.py
@@ -78,7 +78,7 @@ class Config:
    REDIS_HOST = '127.0.0.1'
    REDIS_PORT = 6379
    # REDIS_PASSWORD = ''
-    # REDIS_DB_CELERY_BROKER = 3
+    # REDIS_DB_CELERY = 3
    # REDIS_DB_CACHE = 4

    # Use OpenID authorization