[Update] Merge dev

apps/assets/forms/asset.py

@@ -48,7 +48,7 @@ class AssetCreateForm(OrgModelForm):
                 'root or other NOPASSWD sudo privilege user existed in asset,'
                 'If asset is windows or other set any one, more see admin user left menu'
             ),
-            'platform': _("* required Must set exact system platform, Windows, Linux ..."),
+            # 'platform': _("* required Must set exact system platform, Windows, Linux ..."),
             'domain': _("If your have some network not connect with each other, you can set domain")
         }
 
@@ -88,7 +88,7 @@ class AssetUpdateForm(OrgModelForm):
                 'root or other NOPASSWD sudo privilege user existed in asset,'
                 'If asset is windows or other set any one, more see admin user left menu'
             ),
-            'platform': _("* required Must set exact system platform, Windows, Linux ..."),
+            # 'platform': _("* required Must set exact system platform, Windows, Linux ..."),
             'domain': _("If your have some network not connect with each other, you can set domain")
         }
 

apps/assets/models/user.py

@@ -119,6 +119,8 @@ class SystemUser(AssetUser):
     shell = models.CharField(max_length=64,  default='/bin/bash', verbose_name=_('Shell'))
     login_mode = models.CharField(choices=LOGIN_MODE_CHOICES, default=AUTO_LOGIN, max_length=10, verbose_name=_('Login mode'))
 
+    cache_key = "__SYSTEM_USER_CACHED_{}"
+
     def __str__(self):
         return '{0.name}({0.username})'.format(self)
 
@@ -155,6 +157,24 @@ class SystemUser(AssetUser):
         else:
             return False
 
+    def set_cache(self):
+        cache.set(self.cache_key.format(self.id), self, 3600)
+
+    def expire_cache(self):
+        cache.delete(self.cache_key.format(self.id))
+
+    @classmethod
+    def get_system_user_by_id_or_cached(cls, sid):
+        cached = cache.get(cls.cache_key.format(sid))
+        if cached:
+            return cached
+        try:
+            system_user = cls.objects.get(id=sid)
+            system_user.set_cache()
+            return system_user
+        except cls.DoesNotExist:
+            return None
+
     class Meta:
         ordering = ['name']
         unique_together = [('name', 'org_id')]

apps/assets/templates/assets/asset_create.html

@@ -15,10 +15,10 @@
     {% csrf_token %}
     <h3>{% trans 'Basic' %}</h3>
     {% bootstrap_field form.hostname layout="horizontal" %}
-    {% bootstrap_field form.platform layout="horizontal" %}
     {% bootstrap_field form.ip layout="horizontal" %}
     {% bootstrap_field form.protocol layout="horizontal" %}
     {% bootstrap_field form.port layout="horizontal" %}
+    {% bootstrap_field form.platform layout="horizontal" %}
     {% bootstrap_field form.public_ip layout="horizontal" %}
     {% bootstrap_field form.domain layout="horizontal" %}
 

apps/common/forms.py

@@ -181,7 +181,7 @@ class SecuritySettingForm(BaseForm):
     )
     # limit login count
     SECURITY_LOGIN_LIMIT_COUNT = forms.IntegerField(
-        initial=3, min_value=3,
+        initial=7, min_value=3,
         label=_("Limit the number of login failures")
     )
     # limit login time

apps/jumpserver/settings.py

@@ -411,7 +411,7 @@ TERMINAL_REPLAY_STORAGE = {
 
 
 DEFAULT_PASSWORD_MIN_LENGTH = 6
-DEFAULT_LOGIN_LIMIT_COUNT = 3
+DEFAULT_LOGIN_LIMIT_COUNT = 7
 DEFAULT_LOGIN_LIMIT_TIME = 30
 
 # Django bootstrap3 setting, more see http://django-bootstrap3.readthedocs.io/en/latest/settings.html

apps/terminal/api.py

@@ -4,7 +4,6 @@ from collections import OrderedDict
 import logging
 import os
 import uuid
-import copy
 
 from django.core.cache import cache
 from django.shortcuts import get_object_or_404, redirect
@@ -16,12 +15,13 @@ from django.conf import settings
 
 import jms_storage
 
-from rest_framework import viewsets, serializers
+from rest_framework import viewsets
 from rest_framework.views import APIView, Response
 from rest_framework.permissions import AllowAny
 from rest_framework_bulk import BulkModelViewSet
 
-from common.utils import get_object_or_none
+from common.utils import get_object_or_none, is_uuid
+from .hands import SystemUser
 from .models import Terminal, Status, Session, Task
 from .serializers import TerminalSerializer, StatusSerializer, \
     SessionSerializer, TaskSerializer, ReplaySerializer
@@ -186,8 +186,13 @@ class SessionViewSet(viewsets.ModelViewSet):
         return self.queryset
 
     def perform_create(self, serializer):
-        if self.request.user.terminal:
+        if hasattr(self.request.user, 'terminal'):
             serializer.validated_data["terminal"] = self.request.user.terminal
+        sid = serializer.validated_data["system_user"]
+        if is_uuid(sid):
+            _system_user = SystemUser.get_system_user_by_id_or_cached(sid)
+            if _system_user:
+                serializer.validated_data["system_user"] = _system_user.name
         return super().perform_create(serializer)
 
 

apps/terminal/templates/terminal/session_list.html

@@ -58,7 +58,7 @@
         <div class="input-group">
             <div class="input-group-btn">
                 <button id='search_btn' type="submit" class="btn btn-sm btn-primary">
-                    搜索
+                    {% trans 'Search' %}
                 </button>
             </div>
         </div>

apps/terminal/templatetags/terminal_tags.py

 # ~*~ coding: utf-8 ~*~
 
 from django import template
+
 from ..backends import get_multi_command_storage
 
 register = template.Library()
@@ -10,3 +11,4 @@ command_store = get_multi_command_storage()
 @register.filter
 def get_session_command_amount(session_id):
     return command_store.count(session=session_id)
+

utils/2018_07_15_set_win_protocol_to_ssh.sh

+#!/bin/bash
+#
+
+python ../apps/manage.py shell << EOF
+from assets.models import Asset
+
+Asset.objects.filter(platform__startswith='Win').update(protocol='rdp')
+
+EOF

utils/unblock_all_user.sh

+#!/bin/bash
+#
+
+python ../apps/manage.py shell << EOF
+from django.core.cache import cache
+
+cache.delete_pattern('_LOGIN_BLOCK_*')
+cache.delete_pattern('_LOGIN_LIMIT_*')
+
+EOF