Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gjl2004yn
jumpserver
提交
61d4311e
J
jumpserver
项目概览
gjl2004yn
/
jumpserver
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jumpserver
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
61d4311e
编写于
3月 19, 2021
作者:
baltery
提交者:
GitHub
3月 19, 2021
浏览文件
操作
浏览文件
下载
差异文件
Merge pull request #5808 from jumpserver/dev
Dev
上级
b32e352b
370e1628
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
63 addition
and
27 deletion
+63
-27
apps/authentication/backends/ldap.py
apps/authentication/backends/ldap.py
+34
-0
apps/locale/zh/LC_MESSAGES/django.mo
apps/locale/zh/LC_MESSAGES/django.mo
+0
-0
apps/locale/zh/LC_MESSAGES/django.po
apps/locale/zh/LC_MESSAGES/django.po
+26
-23
apps/perms/api/asset/user_permission/common.py
apps/perms/api/asset/user_permission/common.py
+2
-2
apps/perms/signals_handler/refresh_perms.py
apps/perms/signals_handler/refresh_perms.py
+1
-2
未找到文件。
apps/authentication/backends/ldap.py
浏览文件 @
61d4311e
...
...
@@ -27,6 +27,39 @@ class LDAPAuthorizationBackend(LDAPBackend):
is_valid
=
getattr
(
user
,
'is_valid'
,
None
)
return
is_valid
or
is_valid
is
None
def
get_or_build_user
(
self
,
username
,
ldap_user
):
"""
This must return a (User, built) 2-tuple for the given LDAP user.
username is the Django-friendly username of the user. ldap_user.dn is
the user's DN and ldap_user.attrs contains all of their LDAP
attributes.
The returned User object may be an unsaved model instance.
"""
model
=
self
.
get_user_model
()
if
self
.
settings
.
USER_QUERY_FIELD
:
query_field
=
self
.
settings
.
USER_QUERY_FIELD
query_value
=
ldap_user
.
attrs
[
self
.
settings
.
USER_ATTR_MAP
[
query_field
]][
0
]
query_value
=
query_value
.
strip
()
lookup
=
query_field
else
:
query_field
=
model
.
USERNAME_FIELD
query_value
=
username
.
lower
()
lookup
=
"{}__iexact"
.
format
(
query_field
)
try
:
user
=
model
.
objects
.
get
(
**
{
lookup
:
query_value
})
except
model
.
DoesNotExist
:
user
=
model
(
**
{
query_field
:
query_value
})
built
=
True
else
:
built
=
False
return
(
user
,
built
)
def
pre_check
(
self
,
username
,
password
):
if
not
settings
.
AUTH_LDAP
:
error
=
'Not enabled auth ldap'
...
...
@@ -128,6 +161,7 @@ class LDAPUser(_LDAPUser):
for
field
,
attr
in
self
.
settings
.
USER_ATTR_MAP
.
items
():
try
:
value
=
self
.
attrs
[
attr
][
0
]
value
=
value
.
strip
()
if
attr
.
lower
()
==
'useraccountcontrol'
\
and
field
==
'is_active'
and
value
:
value
=
int
(
value
)
&
LDAP_AD_ACCOUNT_DISABLE
\
...
...
apps/locale/zh/LC_MESSAGES/django.mo
浏览文件 @
61d4311e
无法预览此类型文件
apps/locale/zh/LC_MESSAGES/django.po
浏览文件 @
61d4311e
...
...
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: JumpServer 0.3.3\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-03-1
7 18:17
+0800\n"
"POT-Creation-Date: 2021-03-1
9 14:34
+0800\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: ibuler <ibuler@qq.com>\n"
"Language-Team: JumpServer team<ibuler@qq.com>\n"
...
...
@@ -428,7 +428,7 @@ msgstr "激活"
#: assets/models/asset.py:196 assets/models/cluster.py:19
#: assets/models/user.py:66 templates/_nav.html:44
#: xpack/plugins/cloud/models.py:92 xpack/plugins/cloud/serializers.py:13
7
#: xpack/plugins/cloud/models.py:92 xpack/plugins/cloud/serializers.py:13
8
msgid "Admin user"
msgstr "管理用户"
...
...
@@ -693,7 +693,7 @@ msgstr "ssh私钥"
#: users/templates/users/user_asset_permission.html:41
#: users/templates/users/user_asset_permission.html:73
#: users/templates/users/user_asset_permission.html:158
#: xpack/plugins/cloud/models.py:89 xpack/plugins/cloud/serializers.py:13
8
#: xpack/plugins/cloud/models.py:89 xpack/plugins/cloud/serializers.py:13
9
msgid "Node"
msgstr "节点"
...
...
@@ -1140,7 +1140,7 @@ msgstr "启用"
msgid "-"
msgstr ""
#: audits/models.py:96 xpack/plugins/cloud/const.py:2
3
#: audits/models.py:96 xpack/plugins/cloud/const.py:2
4
msgid "Failed"
msgstr "失败"
...
...
@@ -1879,10 +1879,6 @@ msgstr "`{model._meta.verbose_name}` 存在数据, 请先删除"
msgid "The current organization cannot be deleted"
msgstr "当前组织不能被删除"
#: orgs/mixins/api.py:46
msgid "Root organization only allow view and delete"
msgstr "全局组织仅支持 查看和删除"
#: orgs/mixins/models.py:45 orgs/mixins/serializers.py:25 orgs/models.py:36
#: orgs/models.py:416 orgs/serializers.py:101
#: tickets/serializers/ticket/ticket.py:81
...
...
@@ -3788,7 +3784,7 @@ msgstr "安全令牌验证"
#: users/templates/users/_base_otp.html:14 users/templates/users/_user.html:13
#: users/templates/users/user_profile_update.html:55
#: xpack/plugins/cloud/models.py:78 xpack/plugins/cloud/serializers.py:13
6
#: xpack/plugins/cloud/models.py:78 xpack/plugins/cloud/serializers.py:13
7
msgid "Account"
msgstr "账户"
...
...
@@ -4778,42 +4774,46 @@ msgid "Azure (China)"
msgstr "Azure (中国)"
#: xpack/plugins/cloud/const.py:12
msgid "Azure (International)"
msgstr "Azure (国际)"
#: xpack/plugins/cloud/const.py:13
msgid "Huawei Cloud"
msgstr "华为云"
#: xpack/plugins/cloud/const.py:1
3
#: xpack/plugins/cloud/const.py:1
4
msgid "Tencent Cloud"
msgstr "腾讯云"
#: xpack/plugins/cloud/const.py:1
4
#: xpack/plugins/cloud/const.py:1
5
msgid "VMware"
msgstr ""
#: xpack/plugins/cloud/const.py:1
8
#: xpack/plugins/cloud/const.py:1
9
msgid "Instance name"
msgstr "实例名称"
#: xpack/plugins/cloud/const.py:
19
#: xpack/plugins/cloud/const.py:
20
msgid "Instance name and Partial IP"
msgstr "实例名称和部分IP"
#: xpack/plugins/cloud/const.py:2
4
#: xpack/plugins/cloud/const.py:2
5
msgid "Succeed"
msgstr "成功"
#: xpack/plugins/cloud/const.py:2
8
#: xpack/plugins/cloud/const.py:2
9
msgid "Unsync"
msgstr "未同步"
#: xpack/plugins/cloud/const.py:
29
#: xpack/plugins/cloud/const.py:
30
msgid "New Sync"
msgstr "新同步"
#: xpack/plugins/cloud/const.py:3
0
#: xpack/plugins/cloud/const.py:3
1
msgid "Synced"
msgstr "已同步"
#: xpack/plugins/cloud/const.py:3
1
#: xpack/plugins/cloud/const.py:3
2
msgid "Released"
msgstr "已释放"
...
...
@@ -4829,7 +4829,7 @@ msgstr "云服务商"
msgid "Cloud account"
msgstr "云账号"
#: xpack/plugins/cloud/models.py:81 xpack/plugins/cloud/serializers.py:11
7
#: xpack/plugins/cloud/models.py:81 xpack/plugins/cloud/serializers.py:11
8
msgid "Regions"
msgstr "地域"
...
...
@@ -4837,7 +4837,7 @@ msgstr "地域"
msgid "Hostname strategy"
msgstr "主机名策略"
#: xpack/plugins/cloud/models.py:95 xpack/plugins/cloud/serializers.py:14
0
#: xpack/plugins/cloud/models.py:95 xpack/plugins/cloud/serializers.py:14
1
msgid "Always update"
msgstr "总是更新"
...
...
@@ -5029,15 +5029,15 @@ msgstr ""
msgid "Subscription ID"
msgstr ""
#: xpack/plugins/cloud/serializers.py:11
5
#: xpack/plugins/cloud/serializers.py:11
6
msgid "History count"
msgstr "执行次数"
#: xpack/plugins/cloud/serializers.py:11
6
#: xpack/plugins/cloud/serializers.py:11
7
msgid "Instance count"
msgstr "实例个数"
#: xpack/plugins/cloud/serializers.py:1
39
#: xpack/plugins/cloud/serializers.py:1
40
#: xpack/plugins/gathered_user/serializers.py:20
msgid "Periodic display"
msgstr "定时执行"
...
...
@@ -5130,6 +5130,9 @@ msgstr "旗舰版"
msgid "Community edition"
msgstr "社区版"
#~ msgid "Root organization only allow view and delete"
#~ msgstr "全局组织仅支持 查看和删除"
#~ msgid ""
#~ "Push system user task skip, auto push not enable or protocol is not ssh "
#~ "or rdp: {}"
...
...
apps/perms/api/asset/user_permission/common.py
浏览文件 @
61d4311e
...
...
@@ -81,7 +81,7 @@ class ValidateUserAssetPermissionApi(APIView):
except
ValueError
:
return
Response
({
'msg'
:
False
},
status
=
403
)
asset
=
get_object_or_404
(
Asset
,
id
=
asset_id
)
asset
=
get_object_or_404
(
Asset
,
id
=
asset_id
,
is_active
=
True
)
system_user
=
get_object_or_404
(
SystemUser
,
id
=
system_id
)
system_users_actions
=
get_asset_system_user_ids_with_actions_by_user
(
self
.
get_user
(),
asset
)
...
...
@@ -116,7 +116,7 @@ class UserGrantedAssetSystemUsersForAdminApi(ListAPIView):
def
get_queryset
(
self
):
asset_id
=
self
.
kwargs
.
get
(
'asset_id'
)
asset
=
get_object_or_404
(
Asset
,
id
=
asset_id
)
asset
=
get_object_or_404
(
Asset
,
id
=
asset_id
,
is_active
=
True
)
system_users_with_actions
=
self
.
get_asset_system_user_ids_with_actions
(
asset
)
system_user_ids
=
system_users_with_actions
.
keys
()
system_users
=
SystemUser
.
objects
.
filter
(
id__in
=
system_user_ids
)
\
...
...
apps/perms/signals_handler/refresh_perms.py
浏览文件 @
61d4311e
...
...
@@ -27,8 +27,7 @@ def on_user_groups_change(sender, instance, action, reverse, pk_set, **kwargs):
else
:
group_ids
=
pk_set
user_ids
=
[
instance
.
id
]
group
=
UserGroup
.
objects
.
get
(
id
=
group_ids
[
0
])
group
=
UserGroup
.
objects
.
get
(
id
=
list
(
group_ids
)[
0
])
org_id
=
group
.
org_id
exists
=
AssetPermission
.
user_groups
.
through
.
objects
.
filter
(
usergroup_id__in
=
group_ids
).
exists
()
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录