Pam

Dockerfile

@@ -1,5 +1,5 @@
 # Use base image to build the project avoid npm install every time
-FROM jumpserver/luna-base:20240717_134816 AS stage-build
+FROM jumpserver/luna-base:20241113_102222 AS stage-build
 
 ARG VERSION
 ENV VERSION=$VERSION

package.json

@@ -62,6 +62,7 @@
     "codemirror": "^5.42.0",
     "core-js": "^2.5.4",
     "crypto-js": "^4.2.0",
+    "file-input-accessor": "2.0",
     "font-awesome": "4.7.0",
     "guacamole-common-js": "1.1.0",
     "jquery": "^3.6.1",

src/app/app.module.ts

@@ -38,6 +38,7 @@ import {ElementCommandDialogComponent} from '@app/elements/content/command-dialo
 import {ElementSendCommandDialogComponent} from '@app/elements/content/send-command-dialog/send-command-dialog.component';
 import {version} from '../environments/environment';
 import {BehaviorSubject, forkJoin, Observable, of} from 'rxjs';
+import {FileInputAccessorModule} from 'file-input-accessor';
 import {catchError, mergeMap} from 'rxjs/operators';
 
 
@@ -95,6 +96,7 @@ export class CustomLoader implements TranslateLoader {
         deps: [HttpClient]
       }
     }),
+    FileInputAccessorModule,
     ...PluginModules,
   ],
   declarations: [

src/app/elements/connect/connect-dialog/connect-dialog.component.ts

@@ -64,15 +64,20 @@ export class ElementConnectDialogComponent implements OnInit {
   setDefaults() {
     if (this.preConnectData) {
       const preProtocol = this.preConnectData.protocol || this.protocols[0];
+
       this.protocol = this.protocols.find(p => p.name === preProtocol.name) || this.protocols[0];
+
       this.accountSelected =
         this.accounts.find(a => a.alias === this.preConnectData.account.alias) || new Account();
+
       const connectMethod = this._appSvc
         .getProtocolConnectMethods(this.protocol.name)
         .find(cm => cm.value === this.preConnectData.connectMethod.value);
+
       if (connectMethod) {
         this.connectMethod = connectMethod;
       }
+
       this.connectOption = this.preConnectData.connectOption || {};
     }
 

src/app/elements/connect/connect.component.ts

@@ -57,16 +57,22 @@ export class ElementConnectComponent implements OnInit, OnDestroy {
     if (this.hasLoginTo || !loginTo) {
       return;
     }
+
     this.hasLoginTo = true;
+
     this._http.filterMyGrantedAssetsById(loginTo).subscribe(nodes => {
       let node;
+
       if (nodes.length === 1) {
         node = nodes[0];
       } else {
         node = nodes[1];
       }
+
       const titles = document.title.split(' - ');
+
       document.title = node.name + ' - ' + titles[titles.length - 1];
+
       this._http.getAssetDetail(node.id).subscribe(asset => {
         this.connectAsset(asset).then();
       });
@@ -117,13 +123,17 @@ export class ElementConnectComponent implements OnInit, OnDestroy {
       await this._dialogAlert.alert(msg);
       return;
     }
+
     const accounts = asset.permed_accounts;
     const connectInfo = await this.getConnectData(accounts, asset);
+
     if (!connectInfo) {
       this._logger.info('Just close the dialog');
       return;
     }
+
     this._logger.debug('Connect info: ', connectInfo);
+
     const connectMethod = connectInfo.connectMethod;
     const connectOption = connectInfo.connectOption;
     const connToken = await this._connectTokenSvc.create(asset, connectInfo);
@@ -236,6 +246,7 @@ export class ElementConnectComponent implements OnInit, OnDestroy {
   getConnectData(accounts: Account[], asset: Asset): Promise<ConnectData> {
     const preConnectData = this._appSvc.getPreConnectData(asset);
     const isValid = this.checkPreConnectDataForAuto(asset, accounts, preConnectData);
+
     if (isValid) {
       return Promise.resolve(preConnectData);
     }
@@ -251,6 +262,7 @@ export class ElementConnectComponent implements OnInit, OnDestroy {
     return new Promise<ConnectData>(resolve => {
       dialogRef.afterClosed().subscribe(outputData => {
         this._appSvc.connectDialogShown = false;
+
         resolve(outputData);
       });
     });

src/app/elements/iframe/iframe.component.ts

@@ -5,6 +5,8 @@ import {MatDialog} from '@angular/material';
 import {Subject} from 'rxjs';
 import {debounceTime} from 'rxjs/operators';
 import {environment} from '@src/environments/environment';
+import {SafeResourceUrl} from '@angular/platform-browser';
+import {DomSanitizer} from '@angular/platform-browser';
 
 @Component({
   selector: 'elements-iframe',
@@ -15,6 +17,7 @@ export class ElementIframeComponent implements OnInit, AfterViewInit, OnDestroy
   @Input() src: any;
   @Input() id: string;
   @Input() view: View;
+  @Input() origin: string;
   @ViewChild('iFrame', {static: false}) iframeRef: ElementRef;
   @Output() onLoad: EventEmitter<Boolean> = new EventEmitter<Boolean>();
   eventHandler: EventListenerOrEventListenerObject;
@@ -24,6 +27,8 @@ export class ElementIframeComponent implements OnInit, AfterViewInit, OnDestroy
   showValue: boolean = !window['debugIframe'];
   ping: number;
   debug = false;
+  trustedUrl: SafeResourceUrl;
+  termComp: any = {};
 
   constructor(
     private _i18n: I18nService,
@@ -32,9 +37,9 @@ export class ElementIframeComponent implements OnInit, AfterViewInit, OnDestroy
     private _http: HttpService,
     private _dialog: MatDialog,
     public viewSrv: ViewService,
+    private sanitizer: DomSanitizer
   ) {
   }
-
   ngOnInit() {
     this._logger.info(`IFrame URL: ${this.src}`);
 
@@ -51,18 +56,22 @@ export class ElementIframeComponent implements OnInit, AfterViewInit, OnDestroy
       this._http.get(`/api/v1/health/`).subscribe();
     });
 
+
     this.id = 'window-' + Math.random().toString(36).substr(2);
+
     this.eventHandler = function (e: any) {
       const msg = e.data;
-      if (msg.id !== this.id) {
-        return;
-      }
+
+      if (msg.id !== this.id) { return; }
+
       switch (msg.name) {
         case 'PONG':
           setTimeout(() => {
             this.showIframe = this.showValue;
           });
-          this.view.termComp = this;
+          if (this.view) {
+            this.view.termComp = this;
+          }
           clearInterval(this.ping);
           break;
         case 'CLOSE':
@@ -86,18 +95,28 @@ export class ElementIframeComponent implements OnInit, AfterViewInit, OnDestroy
           break;
       }
     }.bind(this);
+
+    this.trustedUrl = this.sanitizer.bypassSecurityTrustResourceUrl(this.src);
+
+    window.addEventListener('message', this.messageHandler);
   }
 
   ngAfterViewInit() {
-    if (this.iframeRef) {
+    if (this.origin !== 'pam' && this.iframeRef) {
       this.iframeWindow = this.iframeRef.nativeElement.contentWindow;
       this.view.iframeElement = this.iframeWindow;
       this.handleIframeEvent();
+
+      return;
     }
+
+    this.iframeWindow = this.iframeRef.nativeElement.contentWindow;
+    this.handleIframeEvent();
   }
 
   ngOnDestroy() {
     window.removeEventListener('message', this.eventHandler);
+    window.removeEventListener('message', this.messageHandler);
   }
 
   setActive() {
@@ -124,6 +143,12 @@ export class ElementIframeComponent implements OnInit, AfterViewInit, OnDestroy
     this.iframeWindow.postMessage({name: 'CMD', data: data.data}, '*');
   }
 
+  messageHandler = (event: MessageEvent) => {
+    if (event.data && typeof event.data === 'object') {
+      this.termComp = event.data;
+    }
+  };
+
   async reconnect() {
     const oldConnectToken = this.view.connectToken;
     const newConnectToken = await this._connectTokenSvc.exchange(oldConnectToken);

src/app/model.ts

@@ -36,6 +36,7 @@ export class Account {
   has_secret: boolean;
   secret: string;
   actions: Array<Action>;
+  id?: string;
 }
 
 class TreeNodeMeta {
@@ -372,6 +373,13 @@ export class ConnectOption {
   options?: any[];
 }
 
+export class AdminConnectData {
+  asset: Asset;
+  account: Account;
+  protocol: string;
+  input_username: string;
+  method: string;
+}
 
 export class ConnectData {
   asset: Asset;
@@ -442,12 +450,16 @@ export class Endpoint {
 
   getPort(protocol?: string): string {
     let _protocol = protocol || window.location.protocol;
+
     _protocol = _protocol.replace(':', '');
+
     let port = this[_protocol + '_port'];
+
     // 处理 http(s) 协议的后台端口为0的时候, 使用当前地址中的端口
     if (['http', 'https'].indexOf(_protocol) !== -1 && port === 0) {
       port = window.location.port;
     }
+
     return port;
   }
 

src/app/pages/pages.component.ts

@@ -1,10 +1,11 @@
-import {PageMainComponent} from './main/main.component';
-import {PagesBlankComponent} from './blank/blank.component';
-import {PagesConnectComponent} from './connect/connect.component';
-import {PagesReplayComponent} from './replay/replay.component';
-import {PagesNotFoundComponent} from './not-found/not-found.component';
-import {PageSftpComponent} from './sftp/sftp.component';
-import {PagesMonitorComponent} from './monitor/monitor.component';
+import { PageSftpComponent } from "./sftp/sftp.component";
+import { PageMainComponent } from "./main/main.component";
+import { PagesBlankComponent } from "./blank/blank.component";
+import { PagesReplayComponent } from "./replay/replay.component";
+import { PagesConnectComponent } from "./connect/connect.component";
+import { PagesMonitorComponent } from "./monitor/monitor.component";
+import { PagesNotFoundComponent } from "./not-found/not-found.component";
+import { PagePamComponent } from "./pam/pam.component";
 
 export const PagesComponents = [
   PageMainComponent,
@@ -13,5 +14,6 @@ export const PagesComponents = [
   PagesReplayComponent,
   PagesNotFoundComponent,
   PageSftpComponent,
-  PagesMonitorComponent
+  PagesMonitorComponent,
+  PagePamComponent
 ];