Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gjl2004yn
jumpserver
提交
f63f8d08
J
jumpserver
项目概览
gjl2004yn
/
jumpserver
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jumpserver
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
f63f8d08
编写于
1月 21, 2021
作者:
X
xinwen
提交者:
Jiangjie.Bai
1月 21, 2021
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix: Web页面-> 命令执行 高危命令没有告警
上级
3ac20d80
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
108 addition
and
21 deletion
+108
-21
apps/locale/zh/LC_MESSAGES/django.mo
apps/locale/zh/LC_MESSAGES/django.mo
+0
-0
apps/locale/zh/LC_MESSAGES/django.po
apps/locale/zh/LC_MESSAGES/django.po
+69
-21
apps/ops/models/command.py
apps/ops/models/command.py
+8
-0
apps/terminal/utils.py
apps/terminal/utils.py
+31
-0
未找到文件。
apps/locale/zh/LC_MESSAGES/django.mo
浏览文件 @
f63f8d08
无法预览此类型文件
apps/locale/zh/LC_MESSAGES/django.po
浏览文件 @
f63f8d08
...
...
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: JumpServer 0.3.3\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2021-01-2
0 16:09
+0800\n"
"POT-Creation-Date: 2021-01-2
1 15:23
+0800\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: ibuler <ibuler@qq.com>\n"
"Language-Team: JumpServer team<ibuler@qq.com>\n"
...
...
@@ -292,7 +292,7 @@ msgstr "激活"
#: assets/models/asset.py:203 assets/models/cluster.py:19
#: assets/models/user.py:66 templates/_nav.html:44
#: xpack/plugins/cloud/models.py:143 xpack/plugins/cloud/serializers.py:1
37
#: xpack/plugins/cloud/models.py:143 xpack/plugins/cloud/serializers.py:1
13
msgid "Admin user"
msgstr "管理用户"
...
...
@@ -381,7 +381,7 @@ msgstr "创建者"
#: assets/models/cluster.py:26 assets/models/domain.py:24
#: assets/models/gathered_user.py:19 assets/models/group.py:22
#: assets/models/label.py:25 common/db/models.py:69 common/mixins/models.py:50
#: ops/models/adhoc.py:38 ops/models/command.py:2
7
orgs/models.py:25
#: ops/models/adhoc.py:38 ops/models/command.py:2
9
orgs/models.py:25
#: orgs/models.py:425 perms/models/base.py:55 users/models/group.py:18
#: users/templates/users/user_group_detail.html:58
#: xpack/plugins/cloud/models.py:61 xpack/plugins/cloud/models.py:159
...
...
@@ -472,7 +472,7 @@ msgstr "命令过滤器"
msgid "Regex"
msgstr "正则表达式"
#: assets/models/cmd_filter.py:41 ops/models/command.py:2
3
#: assets/models/cmd_filter.py:41 ops/models/command.py:2
5
#: terminal/backends/command/serializers.py:15 terminal/models/session.py:48
msgid "Command"
msgstr "命令"
...
...
@@ -602,7 +602,7 @@ msgstr "ssh私钥"
#: users/templates/users/user_asset_permission.html:41
#: users/templates/users/user_asset_permission.html:73
#: users/templates/users/user_asset_permission.html:158
#: xpack/plugins/cloud/models.py:139 xpack/plugins/cloud/serializers.py:1
38
#: xpack/plugins/cloud/models.py:139 xpack/plugins/cloud/serializers.py:1
14
msgid "Node"
msgstr "节点"
...
...
@@ -992,7 +992,7 @@ msgstr "文件名"
msgid "Success"
msgstr "成功"
#: audits/models.py:43 ops/models/command.py:
28
perms/models/base.py:52
#: audits/models.py:43 ops/models/command.py:
30
perms/models/base.py:52
#: terminal/models/session.py:51
#: tickets/serializers/ticket/meta/ticket_type/apply_application.py:43
#: tickets/serializers/ticket/meta/ticket_type/apply_application.py:74
...
...
@@ -1124,7 +1124,7 @@ msgstr "多因子认证状态(显示名称)"
msgid "Is success"
msgstr "是否成功"
#: audits/serializers.py:77 ops/models/command.py:2
4
#: audits/serializers.py:77 ops/models/command.py:2
6
#: xpack/plugins/cloud/models.py:222
msgid "Result"
msgstr "结果"
...
...
@@ -1734,7 +1734,7 @@ msgstr "完成时间"
msgid "Time"
msgstr "时间"
#: ops/models/adhoc.py:246 ops/models/command.py:2
6
#: ops/models/adhoc.py:246 ops/models/command.py:2
8
#: terminal/serializers/session.py:38
msgid "Is finished"
msgstr "是否完成"
...
...
@@ -1755,19 +1755,19 @@ msgstr "{} 任务开始: {}"
msgid "{} Task finish"
msgstr "{} 任务结束"
#: ops/models/command.py:
29
#: ops/models/command.py:
31
msgid "Date finished"
msgstr "结束日期"
#: ops/models/command.py:7
2
#: ops/models/command.py:7
4
msgid "Task start"
msgstr "任务开始"
#: ops/models/command.py:9
4
#: ops/models/command.py:9
6
msgid "Command `{}` is forbidden ........"
msgstr "命令 `{}` 不允许被执行 ......."
#: ops/models/command.py:10
1
#: ops/models/command.py:10
9
msgid "Task end"
msgstr "任务结束"
...
...
@@ -2815,6 +2815,54 @@ msgstr ""
" <br>\n"
" "
#: terminal/utils.py:114
#, python-format
msgid "Insecure Web Command Execution Alert: [%(name)s]"
msgstr "Web页面-> 命令执行 告警: [%(name)s]"
#: terminal/utils.py:122
#| msgid ""
#| "\n"
#| " Command: %(command)s\n"
#| " <br>\n"
#| " Asset: %(host_name)s (%(host_ip)s)\n"
#| " <br>\n"
#| " User: %(user)s\n"
#| " <br>\n"
#| " Level: %(risk_level)s\n"
#| " <br>\n"
#| " Session: <a href=\"%(session_detail_url)s\">session detail</a>\n"
#| " <br>\n"
#| " "
msgid ""
"\n"
" <br>\n"
" Assets: %(assets)s\n"
" <br>\n"
" User: %(user)s\n"
" <br>\n"
" Level: %(risk_level)s\n"
" <br>\n"
"\n"
" ----------------- Commands ---------------- <br>\n"
" %(command)s <br>\n"
" ----------------- Commands ---------------- <br>\n"
" "
msgstr ""
"\n"
" <br>\n"
" 资产: %(assets)s\n"
" <br>\n"
" 用户: %(user)s\n"
" <br>\n"
" 等级: %(risk_level)s\n"
" <br>\n"
"\n"
" ----------------- 命令 ---------------- <br>\n"
" %(command)s <br>\n"
" ----------------- 命令 ---------------- <br>\n"
" "
#: tickets/const.py:8
msgid "General"
msgstr "一般"
...
...
@@ -3368,7 +3416,7 @@ msgstr "安全令牌验证"
#: users/templates/users/_base_otp.html:14 users/templates/users/_user.html:13
#: users/templates/users/user_profile_update.html:55
#: xpack/plugins/cloud/models.py:125 xpack/plugins/cloud/serializers.py:1
36
#: xpack/plugins/cloud/models.py:125 xpack/plugins/cloud/serializers.py:1
12
msgid "Account"
msgstr "账户"
...
...
@@ -4332,7 +4380,7 @@ msgstr "实例名称"
msgid "Instance name and Partial IP"
msgstr "实例名称和部分IP"
#: xpack/plugins/cloud/models.py:128 xpack/plugins/cloud/serializers.py:
112
#: xpack/plugins/cloud/models.py:128 xpack/plugins/cloud/serializers.py:
88
msgid "Regions"
msgstr "地域"
...
...
@@ -4344,7 +4392,7 @@ msgstr "实例"
msgid "Hostname strategy"
msgstr "主机名策略"
#: xpack/plugins/cloud/models.py:147 xpack/plugins/cloud/serializers.py:1
40
#: xpack/plugins/cloud/models.py:147 xpack/plugins/cloud/serializers.py:1
16
msgid "Always update"
msgstr "总是更新"
...
...
@@ -4404,7 +4452,7 @@ msgstr "AWS (国际)"
msgid "AWS (China)"
msgstr "AWS (中国)"
#: xpack/plugins/cloud/providers/azure_.py:1
6
#: xpack/plugins/cloud/providers/azure_.py:1
8
msgid "Azure (China)"
msgstr "Azure (中国)"
...
...
@@ -4468,23 +4516,23 @@ msgstr "拉美-圣地亚哥"
msgid "Tencent Cloud"
msgstr "腾讯云"
#: xpack/plugins/cloud/serializers.py:2
2
#: xpack/plugins/cloud/serializers.py:2
5
msgid "Tenant ID"
msgstr "租户ID"
#: xpack/plugins/cloud/serializers.py:2
6
#: xpack/plugins/cloud/serializers.py:2
9
msgid "Subscription ID"
msgstr "订阅ID"
#: xpack/plugins/cloud/serializers.py:
110
#: xpack/plugins/cloud/serializers.py:
86
msgid "History count"
msgstr "执行次数"
#: xpack/plugins/cloud/serializers.py:
111
#: xpack/plugins/cloud/serializers.py:
87
msgid "Instance count"
msgstr "实例个数"
#: xpack/plugins/cloud/serializers.py:1
39
#: xpack/plugins/cloud/serializers.py:1
15
#: xpack/plugins/gathered_user/serializers.py:20
msgid "Periodic display"
msgstr "定时执行"
...
...
apps/ops/models/command.py
浏览文件 @
f63f8d08
...
...
@@ -9,6 +9,8 @@ from django.utils.translation import ugettext_lazy as _
from
django.utils.translation
import
ugettext
from
django.db
import
models
from
terminal.models
import
Command
from
terminal.utils
import
send_command_execution_alert_mail
from
common.utils
import
lazyproperty
from
orgs.models
import
Organization
from
orgs.mixins.models
import
OrgModelMixin
...
...
@@ -93,6 +95,12 @@ class CommandExecution(OrgModelMixin):
else
:
msg
=
_
(
"Command `{}` is forbidden ........"
).
format
(
self
.
command
)
print
(
'
\033
[31m'
+
msg
+
'
\033
[0m'
)
send_command_execution_alert_mail
({
'input'
:
self
.
command
,
'assets'
:
self
.
hosts
.
all
(),
'user'
:
str
(
self
.
user
),
'risk_level'
:
5
,
})
self
.
result
=
{
"error"
:
msg
}
self
.
org_id
=
self
.
run_as
.
org_id
self
.
is_finished
=
True
...
...
apps/terminal/utils.py
浏览文件 @
f63f8d08
...
...
@@ -110,6 +110,37 @@ def send_command_alert_mail(command):
send_mail_async
.
delay
(
subject
,
message
,
recipient_list
,
html_message
=
message
)
def
send_command_execution_alert_mail
(
command
):
subject
=
_
(
"Insecure Web Command Execution Alert: [%(name)s]"
)
%
{
'name'
:
command
[
'user'
],
}
input
=
command
[
'input'
]
input
=
input
.
replace
(
'
\n
'
,
'<br>'
)
recipient_list
=
settings
.
SECURITY_INSECURE_COMMAND_EMAIL_RECEIVER
.
split
(
','
)
assets
=
', '
.
join
([
str
(
asset
)
for
asset
in
command
[
'assets'
]])
message
=
_
(
"""
<br>
Assets: %(assets)s
<br>
User: %(user)s
<br>
Level: %(risk_level)s
<br>
----------------- Commands ---------------- <br>
%(command)s <br>
----------------- Commands ---------------- <br>
"""
)
%
{
'command'
:
input
,
'assets'
:
assets
,
'user'
:
command
[
'user'
],
'risk_level'
:
Command
.
get_risk_level_str
(
command
[
'risk_level'
]),
}
send_mail_async
.
delay
(
subject
,
message
,
recipient_list
,
html_message
=
message
)
class
ComponentsMetricsUtil
(
object
):
@
staticmethod
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录