Release 0.13.4

typo fix

.devcontainer/.env.example

@@ -23,7 +23,7 @@ POSTGRES_USER=postgres
 POSTGRES_PASS=postgrespass
 
 # DEV SETTINGS
-APP_PORT=80
+APP_PORT=443
 API_PORT=80
 HTTP_PROTOCOL=https
 DOCKER_NETWORK=172.21.0.0/24

.devcontainer/api.dockerfile

@@ -1,4 +1,11 @@
-FROM python:3.9.9-slim
+# pulls community scripts from git repo
+FROM python:3.10-slim AS GET_SCRIPTS_STAGE
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends git && \
+    git clone https://github.com/amidaware/community-scripts.git /community-scripts
+
+FROM python:3.10-slim
 
 ENV TACTICAL_DIR /opt/tactical
 ENV TACTICAL_READY_FILE ${TACTICAL_DIR}/tmp/tactical.ready
@@ -10,9 +17,15 @@ ENV PYTHONUNBUFFERED=1
 
 EXPOSE 8000 8383 8005
 
+RUN apt-get update && \
+    apt-get install -y build-essential
+
 RUN groupadd -g 1000 tactical && \
     useradd -u 1000 -g 1000 tactical
 
+# copy community scripts
+COPY --from=GET_SCRIPTS_STAGE /community-scripts /community-scripts
+
 # Copy dev python reqs
 COPY .devcontainer/requirements.txt  /
 

.devcontainer/docker-compose.debug.yml

@@ -1,19 +0,0 @@
-version: '3.4'
-
-services:
-  api-dev:
-    image: api-dev
-    build:
-      context: .
-      dockerfile: ./api.dockerfile
-    command: ["sh", "-c", "pip install debugpy -t /tmp && python /tmp/debugpy --wait-for-client --listen 0.0.0.0:5678 manage.py runserver 0.0.0.0:8000 --nothreading --noreload"]
-    ports:
-      - 8000:8000
-      - 5678:5678
-    volumes:
-      - tactical-data-dev:/opt/tactical
-      - ..:/workspace:cached
-    networks:
-      dev:
-        aliases: 
-          - tactical-backend

.devcontainer/docker-compose.yml

@@ -5,10 +5,11 @@ services:
     container_name: trmm-api-dev
     image: api-dev
     restart: always
+    user: 1000:1000
     build:
       context: ..
       dockerfile: .devcontainer/api.dockerfile
-    command: ["tactical-api"]
+    command: [ "tactical-api" ]
     environment:
       API_PORT: ${API_PORT}
     ports:
@@ -18,12 +19,12 @@ services:
       - ..:/workspace:cached
     networks:
       dev:
-        aliases: 
+        aliases:
           - tactical-backend
 
   app-dev:
     container_name: trmm-app-dev
-    image: node:14-alpine
+    image: node:16-alpine
     restart: always
     command: /bin/sh -c "npm install npm@latest -g && npm install && npm run serve -- --host 0.0.0.0 --port ${APP_PORT}"
     working_dir: /workspace/web
@@ -33,7 +34,7 @@ services:
       - "8080:${APP_PORT}"
     networks:
       dev:
-        aliases: 
+        aliases:
           - tactical-frontend
 
   # nats
@@ -41,6 +42,7 @@ services:
     container_name: trmm-nats-dev
     image: ${IMAGE_REPO}tactical-nats:${VERSION}
     restart: always
+    user: 1000:1000
     environment:
       API_HOST: ${API_HOST}
       API_PORT: ${API_PORT}
@@ -61,7 +63,8 @@ services:
     container_name: trmm-meshcentral-dev
     image: ${IMAGE_REPO}tactical-meshcentral:${VERSION}
     restart: always
-    environment: 
+    user: 1000:1000
+    environment:
       MESH_HOST: ${MESH_HOST}
       MESH_USER: ${MESH_USER}
       MESH_PASS: ${MESH_PASS}
@@ -84,6 +87,7 @@ services:
     container_name: trmm-mongodb-dev
     image: mongo:4.4
     restart: always
+    user: 1000:1000
     environment:
       MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER}
       MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD}
@@ -101,7 +105,7 @@ services:
     image: postgres:13-alpine
     restart: always
     environment:
-      POSTGRES_DB: tacticalrmm
+      POSTGRES_DB: ${POSTGRES_DB}
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASSWORD: ${POSTGRES_PASS}
     volumes:
@@ -115,9 +119,10 @@ services:
   redis-dev:
     container_name: trmm-redis-dev
     restart: always
-    command: redis-server --appendonly yes
+    user: 1000:1000
+    command: redis-server
     image: redis:6.0-alpine
-    volumes: 
+    volumes:
       - redis-data-dev:/data
     networks:
       dev:
@@ -128,7 +133,7 @@ services:
     container_name: trmm-init-dev
     image: api-dev
     restart: on-failure
-    command: ["tactical-init-dev"]
+    command: [ "tactical-init-dev" ]
     environment:
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASS: ${POSTGRES_PASS}
@@ -140,6 +145,7 @@ services:
       TRMM_PASS: ${TRMM_PASS}
       HTTP_PROTOCOL: ${HTTP_PROTOCOL}
       APP_PORT: ${APP_PORT}
+      POSTGRES_DB: ${POSTGRES_DB}
     depends_on:
       - postgres-dev
       - meshcentral-dev
@@ -147,14 +153,18 @@ services:
       - dev
     volumes:
       - tactical-data-dev:/opt/tactical
+      - mesh-data-dev:/meshcentral-data
+      - redis-data-dev:/redis/data
+      - mongo-dev-data:/mongo/data/db
       - ..:/workspace:cached
 
   # container for celery worker service
   celery-dev:
     container_name: trmm-celery-dev
     image: api-dev
-    command: ["tactical-celery-dev"]
+    command: [ "tactical-celery-dev" ]
     restart: always
+    user: 1000:1000
     networks:
       - dev
     volumes:
@@ -168,8 +178,9 @@ services:
   celerybeat-dev:
     container_name: trmm-celerybeat-dev
     image: api-dev
-    command: ["tactical-celerybeat-dev"]
+    command: [ "tactical-celerybeat-dev" ]
     restart: always
+    user: 1000:1000
     networks:
       - dev
     volumes:
@@ -183,8 +194,9 @@ services:
   websockets-dev:
     container_name: trmm-websockets-dev
     image: api-dev
-    command: ["tactical-websockets-dev"]
+    command: [ "tactical-websockets-dev" ]
     restart: always
+    user: 1000:1000
     networks:
       dev:
         aliases:
@@ -201,6 +213,7 @@ services:
     container_name: trmm-nginx-dev
     image: ${IMAGE_REPO}tactical-nginx:${VERSION}
     restart: always
+    user: 1000:1000
     environment:
       APP_HOST: ${APP_HOST}
       API_HOST: ${API_HOST}
@@ -214,29 +227,17 @@ services:
       dev:
         ipv4_address: ${DOCKER_NGINX_IP}
     ports:
-      - "80:80"
-      - "443:443"
+      - "80:8080"
+      - "443:4443"
     volumes:
       - tactical-data-dev:/opt/tactical
 
-  mkdocs-dev:
-    container_name: trmm-mkdocs-dev
-    image: api-dev
-    restart: always
-    command: ["tactical-mkdocs-dev"]
-    ports:
-      - "8005:8005"
-    volumes:
-      - ..:/workspace:cached
-    networks:
-      - dev
-
 volumes:
-  tactical-data-dev:
-  postgres-data-dev:
-  mongo-dev-data:
-  mesh-data-dev:
-  redis-data-dev:
+  tactical-data-dev: null
+  postgres-data-dev: null
+  mongo-dev-data: null
+  mesh-data-dev: null
+  redis-data-dev: null
 
 networks:
   dev:

.devcontainer/entrypoint.sh

@@ -9,7 +9,8 @@ set -e
 : "${POSTGRES_USER:=tactical}"
 : "${POSTGRES_PASS:=tactical}"
 : "${POSTGRES_DB:=tacticalrmm}"
-: "${MESH_CONTAINER:=tactical-meshcentral}"
+: "${MESH_SERVICE:=tactical-meshcentral}"
+: "${MESH_WS_URL:=ws://${MESH_SERVICE}:4443}"
 : "${MESH_USER:=meshcentral}"
 : "${MESH_PASS:=meshcentralpass}"
 : "${MESH_HOST:=tactical-meshcentral}"
@@ -20,6 +21,9 @@ set -e
 : "${APP_PORT:=8080}"
 : "${API_PORT:=8000}"
 
+: "${CERT_PRIV_PATH:=${TACTICAL_DIR}/certs/privkey.pem}"
+: "${CERT_PUB_PATH:=${TACTICAL_DIR}/certs/fullchain.pem}"
+
 # Add python venv to path
 export PATH="${VIRTUAL_ENV}/bin:$PATH"
 
@@ -37,7 +41,7 @@ function django_setup {
     sleep 5
   done
 
-  until (echo > /dev/tcp/"${MESH_CONTAINER}"/443) &> /dev/null; do
+  until (echo > /dev/tcp/"${MESH_SERVICE}"/4443) &> /dev/null; do
     echo "waiting for meshcentral container to be ready..."
     sleep 5
   done
@@ -56,10 +60,12 @@ DEBUG = True
 
 DOCKER_BUILD = True
 
-CERT_FILE = '/opt/tactical/certs/fullchain.pem'
-KEY_FILE = '/opt/tactical/certs/privkey.pem'
+SWAGGER_ENABLED = True
 
-SCRIPTS_DIR = '${WORKSPACE_DIR}/scripts'
+CERT_FILE = '${CERT_PUB_PATH}'
+KEY_FILE = '${CERT_PRIV_PATH}'
+
+SCRIPTS_DIR = '/community-scripts'
 
 ALLOWED_HOSTS = ['${API_HOST}', '*']
 
@@ -82,6 +88,7 @@ MESH_USERNAME = '${MESH_USER}'
 MESH_SITE = 'https://${MESH_HOST}'
 MESH_TOKEN_KEY = '${MESH_TOKEN}'
 REDIS_HOST    = '${REDIS_HOST}'
+MESH_WS_URL = '${MESH_WS_URL}'
 ADMIN_ENABLED = True
 EOF
 )"
@@ -89,6 +96,7 @@ EOF
   echo "${localvars}" > ${WORKSPACE_DIR}/api/tacticalrmm/tacticalrmm/local_settings.py
 
   # run migrations and init scripts
+  "${VIRTUAL_ENV}"/bin/python manage.py pre_update_tasks
   "${VIRTUAL_ENV}"/bin/python manage.py migrate --no-input
   "${VIRTUAL_ENV}"/bin/python manage.py collectstatic --no-input
   "${VIRTUAL_ENV}"/bin/python manage.py initial_db_setup
@@ -98,6 +106,8 @@ EOF
   "${VIRTUAL_ENV}"/bin/python manage.py reload_nats
   "${VIRTUAL_ENV}"/bin/python manage.py create_natsapi_conf
   "${VIRTUAL_ENV}"/bin/python manage.py create_installer_user
+  "${VIRTUAL_ENV}"/bin/python manage.py post_update_tasks
+  
 
   # create super user 
   echo "from accounts.models import User; User.objects.create_superuser('${TRMM_USER}', 'admin@example.com', '${TRMM_PASS}') if not User.objects.filter(username='${TRMM_USER}').exists() else 0;" | python manage.py shell
@@ -110,8 +120,24 @@ if [ "$1" = 'tactical-init-dev' ]; then
 
   test -f "${TACTICAL_READY_FILE}" && rm "${TACTICAL_READY_FILE}"
 
+  mkdir -p /meshcentral-data
+  mkdir -p ${TACTICAL_DIR}/tmp
+  mkdir -p ${TACTICAL_DIR}/certs
+  mkdir -p /mongo/data/db
+  mkdir -p /redis/data
+  touch /meshcentral-data/.initialized && chown -R 1000:1000 /meshcentral-data
+  touch ${TACTICAL_DIR}/tmp/.initialized && chown -R 1000:1000 ${TACTICAL_DIR}
+  touch ${TACTICAL_DIR}/certs/.initialized && chown -R 1000:1000 ${TACTICAL_DIR}/certs
+  touch /mongo/data/db/.initialized && chown -R 1000:1000 /mongo/data/db
+  touch /redis/data/.initialized && chown -R 1000:1000 /redis/data
+  mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/exe
+  mkdir -p ${TACTICAL_DIR}/api/tacticalrmm/private/log
+  touch ${TACTICAL_DIR}/api/tacticalrmm/private/log/django_debug.log
+
   # setup Python virtual env and install dependencies
   ! test -e "${VIRTUAL_ENV}" && python -m venv ${VIRTUAL_ENV}
+  "${VIRTUAL_ENV}"/bin/python -m pip install --upgrade pip
+  "${VIRTUAL_ENV}"/bin/pip install --no-cache-dir setuptools wheel
   "${VIRTUAL_ENV}"/bin/pip install --no-cache-dir -r /requirements.txt
 
   django_setup
@@ -154,8 +180,3 @@ if [ "$1" = 'tactical-websockets-dev' ]; then
   check_tactical_ready
   "${VIRTUAL_ENV}"/bin/daphne tacticalrmm.asgi:application --port 8383 -b 0.0.0.0
 fi
-
-if [ "$1" = 'tactical-mkdocs-dev' ]; then
-  cd "${WORKSPACE_DIR}/docs"
-  "${VIRTUAL_ENV}"/bin/mkdocs serve
-fi

.devcontainer/requirements.txt

@@ -1,38 +1,41 @@
 # To ensure app dependencies are ported from your virtual environment/host machine into your container, run 'pip freeze > requirements.txt' in the terminal to overwrite this file
-asyncio-nats-client
-celery
-channels
-channels_redis
-django-ipware
-Django
-django-cors-headers
-django-rest-knox
-djangorestframework
-loguru
-msgpack
-psycopg2-binary
-pycparser
-pycryptodome
-pyotp
-pyparsing
-pytz
-qrcode
-redis
-twilio
-packaging
-validators
-websockets
-black
-Werkzeug
-django-extensions
-coverage
-coveralls
-model_bakery
-mkdocs
-mkdocs-material
-pymdown-extensions
-Pygments
-mypy
-pysnooper
-isort
-drf_spectacular
+asgiref==3.5.0
+celery==5.2.6
+channels==3.0.4
+channels_redis==3.4.0
+daphne==3.0.2
+Django==4.0.4
+django-cors-headers==3.11.0
+django-ipware==4.0.2
+django-rest-knox==4.2.0
+djangorestframework==3.13.1
+future==0.18.2
+msgpack==1.0.3
+nats-py==2.1.0
+packaging==21.3
+psycopg2-binary==2.9.3
+pycryptodome==3.14.1
+pyotp==2.6.0
+pytz==2022.1
+qrcode==7.3.1
+redis==4.2.2
+requests==2.27.1
+twilio==7.8.1
+urllib3==1.26.9
+validators==0.18.2
+websockets==10.2
+drf_spectacular==0.22.0
+meshctrl==0.1.15
+hiredis==2.0.0
+
+# dev
+black==22.3.0
+django-extensions==3.1.5
+isort==5.10.1
+mypy==0.942
+types-pytz==2021.3.6
+model-bakery==1.5.0
+coverage==6.3.2
+django-silk==4.3.0
+django-stubs==1.10.1
+djangorestframework-stubs==1.5.0

.github/workflows/ci-tests.yml

@@ -0,0 +1,73 @@
+name: Tests CI
+
+on:
+  push:
+    branches:
+      - "*"
+  pull_request:
+    branches:
+      - "*"
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    name: Tests
+    strategy:
+      matrix:
+        python-version: ['3.10.4']
+
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: harmon758/postgresql-action@v1
+        with:
+          postgresql version: '14'
+          postgresql db: 'pipeline'
+          postgresql user: 'pipeline'
+          postgresql password: 'pipeline123456'
+      
+      - name: Setup Python ${{ matrix.python-version }}
+        uses: actions/setup-python@v3
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install redis
+        run: |
+          sudo apt update
+          sudo apt install -y redis
+          redis-server --version
+
+      - name: Install requirements
+        working-directory: api/tacticalrmm
+        run: |
+          python --version
+          SETTINGS_FILE="tacticalrmm/settings.py"
+          SETUPTOOLS_VER=$(grep "^SETUPTOOLS_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
+          WHEEL_VER=$(grep "^WHEEL_VER" "$SETTINGS_FILE" | awk -F'[= "]' '{print $5}')
+          pip install --upgrade pip
+          pip install setuptools==${SETUPTOOLS_VER} wheel==${WHEEL_VER}
+          pip install -r requirements.txt -r requirements-test.txt
+
+      - name: Run django tests
+        env:
+          GHACTIONS: "yes"
+        working-directory: api/tacticalrmm
+        run: |
+          pytest
+          if [ $? -ne 0 ]; then
+              exit 1
+          fi
+
+      - name: Codestyle black
+        working-directory: api/tacticalrmm
+        run: |
+          black --exclude migrations/ --check tacticalrmm
+          if [ $? -ne 0 ]; then
+              exit 1
+          fi
+
+      - uses: codecov/codecov-action@v2
+        with:
+          directory: ./api/tacticalrmm
+          files: ./api/tacticalrmm/coverage.xml
+          verbose: true

.github/workflows/deploy-docs.yml

@@ -1,22 +0,0 @@
-name: Deploy Docs
-on:
-  push:
-    branches:
-      - master
-
-defaults:
-  run:
-    working-directory: docs
-
-jobs:
-  deploy:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-python@v2
-        with:
-          python-version: 3.x
-      - run: pip install --upgrade pip
-      - run: pip install --upgrade setuptools wheel
-      - run: pip install mkdocs mkdocs-material pymdown-extensions
-      - run: mkdocs gh-deploy --force

.github/workflows/frontend-linting.yml

@@ -0,0 +1,27 @@
+name: Frontend Linting and Formatting
+on:
+  push:
+    branches: [develop]
+  pull_request:
+    branches: [develop]
+
+defaults:
+  run:
+    working-directory: web
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - run: npm install
+
+      - name: Run Prettier formatting
+        run: npm run format
+
+      - name: Run ESLint
+        run: npm run lint -- --max-warnings=0

.gitignore

@@ -50,4 +50,8 @@ docs/site/
 reset_db.sh
 run_go_cmd.py
 nats-api.conf
-
+ignore/
+coverage.lcov
+daphne.sock.lock
+.pytest_cache
+coverage.xml

.vscode/extensions.json

@@ -0,0 +1,23 @@
+{
+  "recommendations": [
+    // frontend
+    "dbaeumer.vscode-eslint",
+    "esbenp.prettier-vscode",
+    "editorconfig.editorconfig",
+    "vue.volar",
+    "wayou.vscode-todo-highlight",
+
+    // python
+    "matangover.mypy",
+    "ms-python.python",
+
+    // golang
+    "golang.go"
+  ],
+  "unwantedRecommendations": [
+    "octref.vetur",
+    "hookyqr.beautify",
+    "dbaeumer.jshint",
+    "ms-vscode.vscode-typescript-tslint-plugin"
+  ]
+}

.vscode/settings.json

@@ -1,70 +1,75 @@
 {
-    "python.pythonPath": "api/tacticalrmm/env/bin/python",
-    "python.languageServer": "Pylance",
-    "python.analysis.extraPaths": [
-        "api/tacticalrmm",
-        "api/env",
-    ],
-    "python.analysis.diagnosticSeverityOverrides": {
-        "reportUnusedImport": "error",
-        "reportDuplicateImport": "error",
-    },
-    "python.analysis.memory.keepLibraryAst": true,
-    "python.linting.mypyEnabled": true,
-    "python.analysis.typeCheckingMode": "basic",
-    "python.formatting.provider": "black",
-    "editor.formatOnSave": true,
-    "vetur.format.defaultFormatter.js": "prettier",
-    "vetur.format.defaultFormatterOptions": {
-        "prettier": {
-            "semi": true,
-            "printWidth": 120,
-            "tabWidth": 2,
-            "useTabs": false,
-            "arrowParens": "avoid",
-        }
-    },
-    "vetur.format.options.tabSize": 2,
-    "vetur.format.options.useTabs": false,
+  "python.defaultInterpreterPath": "api/tacticalrmm/env/bin/python",
+  "python.languageServer": "Pylance",
+  "python.analysis.extraPaths": ["api/tacticalrmm", "api/env"],
+  "python.analysis.diagnosticSeverityOverrides": {
+    "reportUnusedImport": "error",
+    "reportDuplicateImport": "error",
+    "reportGeneralTypeIssues": "none"
+  },
+  "python.analysis.typeCheckingMode": "basic",
+  "python.linting.enabled": true,
+  "python.linting.mypyEnabled": true,
+  "python.linting.mypyArgs": [
+    "--ignore-missing-imports",
+    "--follow-imports=silent",
+    "--show-column-numbers",
+    "--strict"
+  ],
+  "python.linting.ignorePatterns": [
+    "**/site-packages/**/*.py",
+    ".vscode/*.py",
+    "**env/**"
+  ],
+  "python.formatting.provider": "black",
+  "mypy.targets": ["api/tacticalrmm"],
+  "mypy.runUsingActiveInterpreter": true,
+  "editor.bracketPairColorization.enabled": true,
+  "editor.guides.bracketPairs": true,
+  "editor.formatOnSave": true,
+  "[vue][javascript][typescript][javascriptreact]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode",
+    "editor.codeActionsOnSave": ["source.fixAll.eslint"],
+  },
+  "eslint.validate": ["javascript", "javascriptreact", "typescript", "vue"],
+  "typescript.tsdk": "node_modules/typescript/lib",
+  "files.watcherExclude": {
     "files.watcherExclude": {
-        "files.watcherExclude": {
-            "**/.git/objects/**": true,
-            "**/.git/subtree-cache/**": true,
-            "**/node_modules/": true,
-            "/node_modules/**": true,
-            "**/env/": true,
-            "/env/**": true,
-            "**/__pycache__": true,
-            "/__pycache__/**": true,
-            "**/.cache": true,
-            "**/.eggs": true,
-            "**/.ipynb_checkpoints": true,
-            "**/.mypy_cache": true,
-            "**/.pytest_cache": true,
-            "**/*.egg-info": true,
-            "**/*.feather": true,
-            "**/*.parquet*": true,
-            "**/*.pyc": true,
-            "**/*.zip": true
-        },
-    },
-    "go.useLanguageServer": true,
-    "[go]": {
-        "editor.formatOnSave": true,
-        "editor.codeActionsOnSave": {
-            "source.organizeImports": false,
-        },
-        "editor.snippetSuggestions": "none",
-    },
-    "[go.mod]": {
-        "editor.formatOnSave": true,
-        "editor.codeActionsOnSave": {
-            "source.organizeImports": true,
-        },
-    },
-    "gopls": {
-        "usePlaceholders": true,
-        "completeUnimported": true,
-        "staticcheck": true,
+      "**/.git/objects/**": true,
+      "**/.git/subtree-cache/**": true,
+      "**/node_modules/": true,
+      "/node_modules/**": true,
+      "**/env/": true,
+      "/env/**": true,
+      "**/__pycache__": true,
+      "/__pycache__/**": true,
+      "**/.cache": true,
+      "**/.eggs": true,
+      "**/.ipynb_checkpoints": true,
+      "**/.mypy_cache": true,
+      "**/.pytest_cache": true,
+      "**/*.egg-info": true,
+      "**/*.feather": true,
+      "**/*.parquet*": true,
+      "**/*.pyc": true,
+      "**/*.zip": true
     }
-}
+  },
+  "go.useLanguageServer": true,
+  "[go]": {
+    "editor.codeActionsOnSave": {
+      "source.organizeImports": false
+    },
+    "editor.snippetSuggestions": "none"
+  },
+  "[go.mod]": {
+    "editor.codeActionsOnSave": {
+      "source.organizeImports": true
+    }
+  },
+  "gopls": {
+    "usePlaceholders": true,
+    "completeUnimported": true,
+    "staticcheck": true
+  }
+}

.vscode/tasks.json

@@ -1,23 +0,0 @@
-{
-    // See https://go.microsoft.com/fwlink/?LinkId=733558
-    // for the documentation about the tasks.json format
-    "version": "2.0.0",
-    "tasks": [
-        {
-            "label": "docker debug",
-            "type": "shell",
-            "command": "docker-compose",
-            "args": [
-                "-p",
-                "trmm",
-                "-f",
-                ".devcontainer/docker-compose.yml",
-                "-f",
-                ".devcontainer/docker-compose.debug.yml",
-                "up",
-                "-d",
-                "--build"
-            ]
-        }
-    ]
-}

LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2019-present wh1te909
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.

LICENSE.md

@@ -0,0 +1,74 @@
+### Tactical RMM License Version 1.0
+
+Text of license:&emsp;&emsp;&emsp;Copyright © 2022 AmidaWare LLC.  All rights reserved.<br>
+&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&emsp;&nbsp;Amending the text of this license is not permitted.
+
+Trade Mark:&emsp;&emsp;&emsp;&emsp;"Tactical RMM" is a trade mark of AmidaWare LLC.
+
+Licensor:&emsp;&emsp;&emsp;&emsp;&emsp;&nbsp;&nbsp;AmidaWare LLC of 1968 S Coast Hwy PMB 3847 Laguna Beach, CA, USA.
+
+Licensed Software:&emsp;&nbsp;The software known as Tactical RMM Version v0.12.0 (and all subsequent releases and versions) and the Tactical RMM Agent v2.0.0 (and all subsequent releases and versions).
+
+### 1. Preamble
+The Licensed Software is designed to facilitate the remote monitoring and management (RMM) of networks, systems, servers, computers and other devices.  The Licensed Software is made available primarily for use by organisations and managed service providers for monitoring and management purposes.
+
+The Tactical RMM License is not an open-source software license.  This license contains certain restrictions on the use of the Licensed Software.  For example the functionality of the Licensed Software may not be made available as part of a SaaS (Software-as-a-Service) service or product to provide a commercial or for-profit service without the express prior permission of the Licensor.
+
+### 2. License Grant
+Permission is hereby granted, free of charge, on a non-exclusive basis, to copy, modify, create derivative works and use the Licensed Software in source and binary forms subject to the following terms and conditions.  No additional rights will be implied under this license.
+
+* The hosting and use of the Licensed Software to monitor and manage in-house networks/systems and/or customer networks/systems is permitted.
+
+This license does not allow the functionality of the Licensed Software (whether in whole or in part) or a modified version of the Licensed Software or a derivative work to be used or otherwise made available as part of any other commercial or for-profit service, including, without limitation, any of the following:
+* a service allowing third parties to interact remotely through a computer network;
+* as part of a SaaS service or product;
+* as part of the provision of a managed hosting service or product;
+* the offering of installation and/or configuration services;
+* the offer for sale, distribution or sale of any service or product (whether or not branded as Tactical RMM).
+
+The prior written approval of AmidaWare LLC must be obtained for all commercial use and/or for-profit service use of the (i) Licensed Software (whether in whole or in part), (ii) a modified version of the Licensed Software and/or (iii) a derivative work.
+
+The terms of this license apply to all copies of the Licensed Software (including modified versions) and derivative works.
+
+All use of the Licensed Software must immediately cease if use breaches the terms of this license.
+
+### 3. Derivative Works
+If a derivative work is created which is based on or otherwise incorporates all or any part of the Licensed Software, and the derivative work is made available to any other person, the complete corresponding machine readable source code (including all changes made to the Licensed Software) must accompany the derivative work and be made publicly available online.
+
+### 4. Copyright Notice
+The following copyright notice shall be included in all copies of the Licensed Software:
+
+&emsp;&emsp;&emsp;Copyright © 2022 AmidaWare LLC.
+
+&emsp;&emsp;&emsp;Licensed under the Tactical RMM License Version 1.0 (the “License”).<br>
+&emsp;&emsp;&emsp;You may only use the Licensed Software in accordance with the License.<br>
+&emsp;&emsp;&emsp;A copy of the License is available at: https://license.tacticalrmm.com
+
+### 5. Disclaimer of Warranty
+THE LICENSED SOFTWARE IS PROVIDED "AS IS".  TO THE FULLEST EXTENT PERMISSIBLE AT LAW ALL CONDITIONS, WARRANTIES OR OTHER TERMS OF ANY KIND WHICH MIGHT HAVE EFFECT OR BE IMPLIED OR INCORPORATED, WHETHER BY STATUTE, COMMON LAW OR OTHERWISE ARE HEREBY EXCLUDED, INCLUDING THE CONDITIONS, WARRANTIES OR OTHER TERMS AS TO SATISFACTORY QUALITY AND/OR MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, THE USE OF REASONABLE SKILL AND CARE AND NON-INFRINGEMENT.
+
+### 6. Limits of Liability
+THE FOLLOWING EXCLUSIONS SHALL APPLY TO THE FULLEST EXTENT PERMISSIBLE AT LAW.  NEITHER THE AUTHORS NOR THE COPYRIGHT HOLDERS SHALL IN ANY CIRCUMSTANCES HAVE ANY LIABILITY FOR ANY CLAIM, LOSSES, DAMAGES OR OTHER LIABILITY, WHETHER THE SAME ARE SUFFERED DIRECTLY OR INDIRECTLY OR ARE IMMEDIATE OR CONSEQUENTIAL, AND WHETHER THE SAME ARISE IN CONTRACT, TORT OR DELICT (INCLUDING NEGLIGENCE) OR OTHERWISE HOWSOEVER ARISING FROM, OUT OF OR IN CONNECTION WITH THE LICENSED SOFTWARE OR THE USE OR INABILITY TO USE THE LICENSED SOFTWARE OR OTHER DEALINGS IN THE LICENSED SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE.  THE FOREGOING EXCLUSIONS SHALL INCLUDE, WITHOUT LIMITATION, LIABILITY FOR ANY LOSSES OR DAMAGES WHICH FALL WITHIN ANY OF THE FOLLOWING CATEGORIES: SPECIAL, EXEMPLARY, OR INCIDENTAL LOSS OR DAMAGE, LOSS OF PROFITS, LOSS OF ANTICIPATED SAVINGS, LOSS OF BUSINESS OPPORTUNITY, LOSS OF GOODWILL, AND LOSS OR CORRUPTION OF DATA.
+
+### 7. Termination
+This license shall terminate with immediate effect if there is a material breach of any of its terms.
+
+### 8. No partnership, agency or joint venture
+Nothing in this license agreement is intended to, or shall be deemed to, establish any partnership or joint venture or any relationship of agency between AmidaWare LLC and any other person.
+
+### 9. No endorsement
+The names of the authors and/or the copyright holders must not be used to promote or endorse any products or services which are in any way derived from the Licensed Software without prior written consent.
+
+### 10. Trademarks
+No permission is granted to use the trademark “Tactical RMM” or any other trade name, trademark, service mark or product name of AmidaWare LLC except to the extent necessary to comply with the notice requirements in Section 4 (Copyright Notice).
+
+### 11. Entire agreement
+This license contains the whole agreement relating to its subject matter.
+
+
+
+### 12. Severance
+If any provision or part-provision of this license is or becomes invalid, illegal or unenforceable, it shall be deemed deleted, but that shall not affect the validity and enforceability of the rest of this license.
+
+### 13. Acceptance of these terms
+The terms and conditions of this license are accepted by copying, downloading, installing, redistributing, or otherwise using the Licensed Software.

README.md

@@ -1,19 +1,18 @@
 # Tactical RMM
 
-[![Build Status](https://dev.azure.com/dcparsi/Tactical%20RMM/_apis/build/status/wh1te909.tacticalrmm?branchName=develop)](https://dev.azure.com/dcparsi/Tactical%20RMM/_build/latest?definitionId=4&branchName=develop)
-[![Coverage Status](https://coveralls.io/repos/github/wh1te909/tacticalrmm/badge.png?branch=develop&kill_cache=1)](https://coveralls.io/github/wh1te909/tacticalrmm?branch=develop)
-[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
+![CI Tests](https://github.com/amidaware/tacticalrmm/actions/workflows/ci-tests.yml/badge.svg?branch=develop)
+[![codecov](https://codecov.io/gh/amidaware/tacticalrmm/branch/develop/graph/badge.svg?token=8ACUPVPTH6)](https://codecov.io/gh/amidaware/tacticalrmm)
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/python/black)
 
-Tactical RMM is a remote monitoring & management tool for Windows computers, built with Django and Vue.\
-It uses an [agent](https://github.com/wh1te909/rmmagent) written in golang and integrates with [MeshCentral](https://github.com/Ylianst/MeshCentral)
+Tactical RMM is a remote monitoring & management tool, built with Django and Vue.\
+It uses an [agent](https://github.com/amidaware/rmmagent) written in golang and integrates with [MeshCentral](https://github.com/Ylianst/MeshCentral)
 
-# [LIVE DEMO](https://rmm.tacticalrmm.io/)
+# [LIVE DEMO](https://demo.tacticalrmm.com/)
 Demo database resets every hour. A lot of features are disabled for obvious reasons due to the nature of this app.
 
 ### [Discord Chat](https://discord.gg/upGTkWp)
 
-### [Documentation](https://wh1te909.github.io/tacticalrmm/)
+### [Documentation](https://docs.tacticalrmm.com)
 
 ## Features
 
@@ -29,10 +28,13 @@ Demo database resets every hour. A lot of features are disabled for obvious reas
 - Remote software installation via chocolatey
 - Software and hardware inventory
 
-## Windows versions supported
+## Windows agent versions supported
 
-- Windows 7, 8.1, 10, Server 2008R2, 2012R2, 2016, 2019
+- Windows 7, 8.1, 10, 11, Server 2008R2, 2012R2, 2016, 2019, 2022
+
+## Linux agent versions supported
+- Any distro with systemd
 
 ## Installation / Backup / Restore / Usage
 
-### Refer to the [documentation](https://wh1te909.github.io/tacticalrmm/)
+### Refer to the [documentation](https://docs.tacticalrmm.com)

SECURITY.md

@@ -2,18 +2,11 @@
 
 ## Supported Versions
 
-Use this section to tell people about which versions of your project are
-currently being supported with security updates.
-
 | Version | Supported          |
 | ------- | ------------------ |
-| 0.10.4   | :white_check_mark: |
-| < 0.10.4| :x:                |
+| 0.12.2   | :white_check_mark: |
+| < 0.12.2 | :x:                |
 
 ## Reporting a Vulnerability
 
-Use this section to tell people how to report a vulnerability.
-
-Tell them where to go, how often they can expect to get an update on a
-reported vulnerability, what to expect if the vulnerability is accepted or
-declined, etc.
+https://docs.tacticalrmm.com/security

api/tacticalrmm/.coveragerc

@@ -20,5 +20,8 @@ omit =
     */urls.py
     */tests.py
     */test.py
+    */tests/*
     checks/utils.py
+    */asgi.py
+    */demo_views.py
     

api/tacticalrmm/accounts/admin.py

@@ -1,7 +1,7 @@
 from django.contrib import admin
 from rest_framework.authtoken.admin import TokenAdmin
 
-from .models import User, Role
+from .models import Role, User
 
 admin.site.register(User)
 TokenAdmin.raw_id_fields = ("user",)

api/tacticalrmm/accounts/management/commands/create_installer_user.py

@@ -1,19 +1,23 @@
 import uuid
 
 from django.core.management.base import BaseCommand
+
 from accounts.models import User
 
 
 class Command(BaseCommand):
     help = "Creates the installer user"
 
-    def handle(self, *args, **kwargs):
+    def handle(self, *args, **kwargs):  # type: ignore
+        self.stdout.write("Checking if installer user has been created...")
         if User.objects.filter(is_installer_user=True).exists():
+            self.stdout.write("Installer user already exists")
             return
 
-        User.objects.create_user(  # type: ignore
+        User.objects.create_user(
             username=uuid.uuid4().hex,
             is_installer_user=True,
-            password=User.objects.make_random_password(60),  # type: ignore
+            password=User.objects.make_random_password(60),
             block_dashboard_login=True,
         )
+        self.stdout.write("Installer user has been created")

api/tacticalrmm/accounts/management/commands/delete_tokens.py

@@ -6,7 +6,7 @@ from knox.models import AuthToken
 class Command(BaseCommand):
     help = "Deletes all knox web tokens"
 
-    def handle(self, *args, **kwargs):
+    def handle(self, *args, **kwargs):  # type: ignore
         # only delete web tokens, not any generated by the installer or deployments
         dont_delete = djangotime.now() + djangotime.timedelta(hours=23)
         tokens = AuthToken.objects.exclude(deploytokens__isnull=False).filter(

api/tacticalrmm/accounts/management/commands/reset_password.py

@@ -1,4 +1,5 @@
 from django.core.management.base import BaseCommand
+
 from accounts.models import User
 
 

api/tacticalrmm/accounts/migrations/0019_user_role.py

@@ -1,7 +1,7 @@
 # Generated by Django 3.2.1 on 2021-05-11 02:33
 
-from django.db import migrations, models
 import django.db.models.deletion
+from django.db import migrations, models
 
 
 class Migration(migrations.Migration):

api/tacticalrmm/accounts/migrations/0027_auto_20210903_0054.py

@@ -1,7 +1,7 @@
 # Generated by Django 3.2.6 on 2021-09-03 00:54
 
-from django.db import migrations, models
 import django.db.models.deletion
+from django.db import migrations, models
 
 
 class Migration(migrations.Migration):

api/tacticalrmm/accounts/migrations/0028_auto_20211010_0249.py

@@ -1,7 +1,7 @@
 # Generated by Django 3.2.6 on 2021-10-10 02:49
 
-from django.db import migrations, models
 import django.db.models.deletion
+from django.db import migrations, models
 
 
 class Migration(migrations.Migration):

api/tacticalrmm/accounts/migrations/0031_user_date_format.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.12 on 2022-04-02 15:57
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('accounts', '0030_auto_20211104_0221'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='user',
+            name='date_format',
+            field=models.CharField(blank=True, max_length=30, null=True),
+        ),
+    ]

api/tacticalrmm/accounts/models.py

@@ -1,26 +1,17 @@
+from typing import Optional
+
 from django.contrib.auth.models import AbstractUser
+from django.core.cache import cache
 from django.db import models
 from django.db.models.fields import CharField, DateTimeField
 
 from logs.models import BaseAuditModel
-
-AGENT_DBLCLICK_CHOICES = [
-    ("editagent", "Edit Agent"),
-    ("takecontrol", "Take Control"),
-    ("remotebg", "Remote Background"),
-    ("urlaction", "URL Action"),
-]
-
-AGENT_TBL_TAB_CHOICES = [
-    ("server", "Servers"),
-    ("workstation", "Workstations"),
-    ("mixed", "Mixed"),
-]
-
-CLIENT_TREE_SORT_CHOICES = [
-    ("alphafail", "Move failing clients to the top"),
-    ("alpha", "Sort alphabetically"),
-]
+from tacticalrmm.constants import (
+    ROLE_CACHE_PREFIX,
+    AgentDblClick,
+    AgentTableTabs,
+    ClientTreeSort,
+)
 
 
 class User(AbstractUser, BaseAuditModel):
@@ -30,7 +21,7 @@ class User(AbstractUser, BaseAuditModel):
     dark_mode = models.BooleanField(default=True)
     show_community_scripts = models.BooleanField(default=True)
     agent_dblclick_action = models.CharField(
-        max_length=50, choices=AGENT_DBLCLICK_CHOICES, default="editagent"
+        max_length=50, choices=AgentDblClick.choices, default=AgentDblClick.EDIT_AGENT
     )
     url_action = models.ForeignKey(
         "core.URLAction",
@@ -40,15 +31,16 @@ class User(AbstractUser, BaseAuditModel):
         on_delete=models.SET_NULL,
     )
     default_agent_tbl_tab = models.CharField(
-        max_length=50, choices=AGENT_TBL_TAB_CHOICES, default="server"
+        max_length=50, choices=AgentTableTabs.choices, default=AgentTableTabs.SERVER
     )
     agents_per_page = models.PositiveIntegerField(default=50)  # not currently used
     client_tree_sort = models.CharField(
-        max_length=50, choices=CLIENT_TREE_SORT_CHOICES, default="alphafail"
+        max_length=50, choices=ClientTreeSort.choices, default=ClientTreeSort.ALPHA_FAIL
     )
     client_tree_splitter = models.PositiveIntegerField(default=11)
     loading_bar_color = models.CharField(max_length=255, default="red")
     clear_search_when_switching = models.BooleanField(default=True)
+    date_format = models.CharField(max_length=30, blank=True, null=True)
     is_installer_user = models.BooleanField(default=False)
     last_login_ip = models.GenericIPAddressField(default=None, blank=True, null=True)
 
@@ -75,6 +67,23 @@ class User(AbstractUser, BaseAuditModel):
 
         return UserSerializer(user).data
 
+    def get_and_set_role_cache(self) -> "Optional[Role]":
+        role = cache.get(f"{ROLE_CACHE_PREFIX}{self.role}")
+
+        if role and isinstance(role, Role):
+            return role
+        elif not role and not self.role:
+            return None
+        else:
+            models.prefetch_related_objects(
+                [self.role],
+                "can_view_clients",
+                "can_view_sites",
+            )
+
+            cache.set(f"{ROLE_CACHE_PREFIX}{self.role}", self.role, 600)
+            return self.role
+
 
 class Role(BaseAuditModel):
     name = models.CharField(max_length=255, unique=True)
@@ -175,6 +184,12 @@ class Role(BaseAuditModel):
     def __str__(self):
         return self.name
 
+    def save(self, *args, **kwargs) -> None:
+
+        # delete cache on save
+        cache.delete(f"{ROLE_CACHE_PREFIX}{self.name}")
+        super(BaseAuditModel, self).save(*args, **kwargs)
+
     @staticmethod
     def serialize(role):
         # serializes the agent and returns json

api/tacticalrmm/accounts/permissions.py

@@ -4,7 +4,7 @@ from tacticalrmm.permissions import _has_perm
 
 
 class AccountsPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             return _has_perm(r, "can_list_accounts")
         else:
@@ -28,7 +28,7 @@ class AccountsPerms(permissions.BasePermission):
 
 
 class RolesPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             return _has_perm(r, "can_list_roles")
         else:
@@ -36,7 +36,7 @@ class RolesPerms(permissions.BasePermission):
 
 
 class APIKeyPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             return _has_perm(r, "can_list_api_keys")
 

api/tacticalrmm/accounts/serializers.py

@@ -1,11 +1,11 @@
 import pyotp
 from rest_framework.serializers import (
     ModelSerializer,
-    SerializerMethodField,
     ReadOnlyField,
+    SerializerMethodField,
 )
 
-from .models import APIKey, User, Role
+from .models import APIKey, Role, User
 
 
 class UserUISerializer(ModelSerializer):
@@ -22,6 +22,7 @@ class UserUISerializer(ModelSerializer):
             "loading_bar_color",
             "clear_search_when_switching",
             "block_dashboard_login",
+            "date_format",
         ]
 
 
@@ -39,6 +40,7 @@ class UserSerializer(ModelSerializer):
             "last_login_ip",
             "role",
             "block_dashboard_login",
+            "date_format",
         ]
 
 

api/tacticalrmm/accounts/tests.py

@@ -2,15 +2,16 @@ from unittest.mock import patch
 
 from django.test import override_settings
 from model_bakery import baker, seq
-from accounts.models import User, APIKey
-from tacticalrmm.test import TacticalTestCase
 
+from accounts.models import APIKey, User
 from accounts.serializers import APIKeySerializer
+from tacticalrmm.constants import AgentDblClick, AgentTableTabs, ClientTreeSort
+from tacticalrmm.test import TacticalTestCase
 
 
 class TestAccounts(TacticalTestCase):
     def setUp(self):
-        self.client_setup()
+        self.setup_client()
         self.bob = User(username="bob")
         self.bob.set_password("hunter2")
         self.bob.save()
@@ -69,17 +70,17 @@ class TestAccounts(TacticalTestCase):
         self.assertEqual(r.status_code, 400)
         self.assertIn("non_field_errors", r.data.keys())
 
-    @override_settings(DEBUG=True)
-    @patch("pyotp.TOTP.verify")
-    def test_debug_login_view(self, mock_verify):
-        url = "/login/"
-        mock_verify.return_value = True
+    # @override_settings(DEBUG=True)
+    # @patch("pyotp.TOTP.verify")
+    # def test_debug_login_view(self, mock_verify):
+    #     url = "/login/"
+    #     mock_verify.return_value = True
 
-        data = {"username": "bob", "password": "hunter2", "twofactor": "sekret"}
-        r = self.client.post(url, data, format="json")
-        self.assertEqual(r.status_code, 200)
-        self.assertIn("expiry", r.data.keys())
-        self.assertIn("token", r.data.keys())
+    #     data = {"username": "bob", "password": "hunter2", "twofactor": "sekret"}
+    #     r = self.client.post(url, data, format="json")
+    #     self.assertEqual(r.status_code, 200)
+    #     self.assertIn("expiry", r.data.keys())
+    #     self.assertIn("token", r.data.keys())
 
 
 class TestGetAddUsers(TacticalTestCase):
@@ -283,9 +284,9 @@ class TestUserAction(TacticalTestCase):
         data = {
             "dark_mode": True,
             "show_community_scripts": True,
-            "agent_dblclick_action": "editagent",
-            "default_agent_tbl_tab": "mixed",
-            "client_tree_sort": "alpha",
+            "agent_dblclick_action": AgentDblClick.EDIT_AGENT,
+            "default_agent_tbl_tab": AgentTableTabs.MIXED,
+            "client_tree_sort": ClientTreeSort.ALPHA,
             "client_tree_splitter": 14,
             "loading_bar_color": "green",
             "clear_search_when_switching": False,
@@ -308,7 +309,7 @@ class TestAPIKeyViews(TacticalTestCase):
         serializer = APIKeySerializer(apikeys, many=True)
         resp = self.client.get(url, format="json")
         self.assertEqual(resp.status_code, 200)
-        self.assertEqual(serializer.data, resp.data)  # type: ignore
+        self.assertEqual(serializer.data, resp.data)
 
         self.check_not_authenticated("get", url)
 
@@ -331,14 +332,14 @@ class TestAPIKeyViews(TacticalTestCase):
         self.assertEqual(resp.status_code, 404)
 
         apikey = baker.make("accounts.APIKey", name="Test")
-        url = f"/accounts/apikeys/{apikey.pk}/"  # type: ignore
+        url = f"/accounts/apikeys/{apikey.pk}/"
 
-        data = {"name": "New Name"}  # type: ignore
+        data = {"name": "New Name"}
 
         resp = self.client.put(url, data, format="json")
         self.assertEqual(resp.status_code, 200)
-        apikey = APIKey.objects.get(pk=apikey.pk)  # type: ignore
-        self.assertEquals(apikey.name, "New Name")
+        apikey = APIKey.objects.get(pk=apikey.pk)
+        self.assertEqual(apikey.name, "New Name")
 
         self.check_not_authenticated("put", url)
 
@@ -349,11 +350,11 @@ class TestAPIKeyViews(TacticalTestCase):
 
         # test delete api key
         apikey = baker.make("accounts.APIKey")
-        url = f"/accounts/apikeys/{apikey.pk}/"  # type: ignore
+        url = f"/accounts/apikeys/{apikey.pk}/"
         resp = self.client.delete(url, format="json")
         self.assertEqual(resp.status_code, 200)
 
-        self.assertFalse(APIKey.objects.filter(pk=apikey.pk).exists())  # type: ignore
+        self.assertFalse(APIKey.objects.filter(pk=apikey.pk).exists())
 
         self.check_not_authenticated("delete", url)
 
@@ -393,7 +394,7 @@ class TestAPIAuthentication(TacticalTestCase):
             name="Test Token", key="123456", user=self.user
         )
 
-        self.client_setup()
+        self.setup_client()
 
     def test_api_auth(self):
         url = "/clients/"

api/tacticalrmm/accounts/views.py

@@ -5,16 +5,16 @@ from django.db import IntegrityError
 from django.shortcuts import get_object_or_404
 from ipware import get_client_ip
 from knox.views import LoginView as KnoxLoginView
-from logs.models import AuditLog
-from rest_framework import status
 from rest_framework.authtoken.serializers import AuthTokenSerializer
 from rest_framework.permissions import AllowAny, IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from tacticalrmm.utils import notify_error
+
+from logs.models import AuditLog
+from tacticalrmm.helpers import notify_error
 
 from .models import APIKey, Role, User
-from .permissions import APIKeyPerms, AccountsPerms, RolesPerms
+from .permissions import AccountsPerms, APIKeyPerms, RolesPerms
 from .serializers import (
     APIKeySerializer,
     RoleSerializer,
@@ -25,11 +25,15 @@ from .serializers import (
 
 
 def _is_root_user(request, user) -> bool:
-    return (
+    root = (
         hasattr(settings, "ROOT_USER")
         and request.user != user
         and user.username == settings.ROOT_USER
     )
+    demo = (
+        getattr(settings, "DEMO", False) and request.user.username == settings.ROOT_USER
+    )
+    return root or demo
 
 
 class CheckCreds(KnoxLoginView):
@@ -80,6 +84,8 @@ class LoginView(KnoxLoginView):
 
         if settings.DEBUG and token == "sekret":
             valid = True
+        elif getattr(settings, "DEMO", False):
+            valid = True
         elif totp.verify(token, valid_window=10):
             valid = True
 

api/tacticalrmm/agents/admin.py

@@ -1,9 +1,8 @@
 from django.contrib import admin
 
-from .models import Agent, AgentCustomField, Note, RecoveryAction, AgentHistory
+from .models import Agent, AgentCustomField, AgentHistory, Note
 
 admin.site.register(Agent)
-admin.site.register(RecoveryAction)
 admin.site.register(Note)
 admin.site.register(AgentCustomField)
 admin.site.register(AgentHistory)

api/tacticalrmm/agents/baker_recipes.py

@@ -32,6 +32,7 @@ agent = Recipe(
     monitoring_type=cycle(["workstation", "server"]),
     agent_id=seq(generate_agent_id("DESKTOP-TEST123")),
     last_seen=djangotime.now() - djangotime.timedelta(days=5),
+    plat="windows",
 )
 
 server_agent = agent.extend(

api/tacticalrmm/agents/management/commands/bulk_delete_agents.py

@@ -5,7 +5,8 @@ from django.utils import timezone as djangotime
 from packaging import version as pyver
 
 from agents.models import Agent
-from tacticalrmm.utils import AGENT_DEFER, reload_nats
+from tacticalrmm.constants import AGENT_DEFER
+from tacticalrmm.utils import reload_nats
 
 
 class Command(BaseCommand):

api/tacticalrmm/agents/management/commands/demo_cron.py

@@ -0,0 +1,33 @@
+# import datetime as dt
+import random
+
+from django.core.management.base import BaseCommand
+from django.utils import timezone as djangotime
+
+from agents.models import Agent
+from core.tasks import cache_db_fields_task, handle_resolved_stuff
+
+
+class Command(BaseCommand):
+    help = "stuff for demo site in cron"
+
+    def handle(self, *args, **kwargs):
+
+        random_dates = []
+        now = djangotime.now()
+
+        for _ in range(20):
+            rand = now - djangotime.timedelta(minutes=random.randint(1, 2))
+            random_dates.append(rand)
+
+        for _ in range(5):
+            rand = now - djangotime.timedelta(minutes=random.randint(10, 20))
+            random_dates.append(rand)
+
+        agents = Agent.objects.only("last_seen")
+        for agent in agents:
+            agent.last_seen = random.choice(random_dates)
+            agent.save(update_fields=["last_seen"])
+
+        cache_db_fields_task()
+        handle_resolved_stuff()

api/tacticalrmm/agents/management/commands/fake_agents.py

@@ -0,0 +1,812 @@
+import datetime as dt
+import json
+import random
+import string
+
+from django.conf import settings
+from django.core.management import call_command
+from django.core.management.base import BaseCommand
+from django.utils import timezone as djangotime
+
+from accounts.models import User
+from agents.models import Agent, AgentHistory
+from automation.models import Policy
+from autotasks.models import AutomatedTask, TaskResult
+from checks.models import Check, CheckHistory, CheckResult
+from clients.models import Client, Site
+from logs.models import AuditLog, PendingAction
+from scripts.models import Script
+from software.models import InstalledSoftware
+from tacticalrmm.constants import (
+    CheckStatus,
+    CheckType,
+    EvtLogFailWhen,
+    EvtLogNames,
+    EvtLogTypes,
+    PAAction,
+    ScriptShell,
+)
+from tacticalrmm.demo_data import (
+    check_network_loc_aware_ps1,
+    check_storage_pool_health_ps1,
+    clear_print_spool_bat,
+    disks,
+    disks_linux_deb,
+    disks_linux_pi,
+    ping_fail_output,
+    ping_success_output,
+    restart_nla_ps1,
+    show_temp_dir_py,
+    spooler_stdout,
+    temp_dir_stdout,
+    wmi_deb,
+    wmi_pi,
+)
+from winupdate.models import WinUpdate, WinUpdatePolicy
+
+AGENTS_TO_GENERATE = 20
+
+SVCS = settings.BASE_DIR.joinpath("tacticalrmm/test_data/winsvcs.json")
+WMI_1 = settings.BASE_DIR.joinpath("tacticalrmm/test_data/wmi1.json")
+WMI_2 = settings.BASE_DIR.joinpath("tacticalrmm/test_data/wmi2.json")
+WMI_3 = settings.BASE_DIR.joinpath("tacticalrmm/test_data/wmi3.json")
+SW_1 = settings.BASE_DIR.joinpath("tacticalrmm/test_data/software1.json")
+SW_2 = settings.BASE_DIR.joinpath("tacticalrmm/test_data/software2.json")
+WIN_UPDATES = settings.BASE_DIR.joinpath("tacticalrmm/test_data/winupdates.json")
+EVT_LOG_FAIL = settings.BASE_DIR.joinpath(
+    "tacticalrmm/test_data/eventlog_check_fail.json"
+)
+
+
+class Command(BaseCommand):
+    help = "populate database with fake agents"
+
+    def rand_string(self, length: int) -> str:
+        chars = string.ascii_letters
+        return "".join(random.choice(chars) for _ in range(length))
+
+    def handle(self, *args, **kwargs) -> None:
+
+        user = User.objects.first()
+        if user:
+            user.totp_key = "ABSA234234"
+            user.save(update_fields=["totp_key"])
+
+        Agent.objects.all().delete()
+        Client.objects.all().delete()
+        Check.objects.all().delete()
+        Script.objects.all().delete()
+        AutomatedTask.objects.all().delete()
+        CheckHistory.objects.all().delete()
+        Policy.objects.all().delete()
+        AuditLog.objects.all().delete()
+        PendingAction.objects.all().delete()
+
+        call_command("load_community_scripts")
+        call_command("initial_db_setup")
+        call_command("load_chocos")
+        call_command("create_installer_user")
+
+        # policies
+        check_policy = Policy()
+        check_policy.name = "Demo Checks Policy"
+        check_policy.desc = "Demo Checks Policy"
+        check_policy.active = True
+        check_policy.enforced = True
+        check_policy.save()
+
+        patch_policy = Policy()
+        patch_policy.name = "Demo Patch Policy"
+        patch_policy.desc = "Demo Patch Policy"
+        patch_policy.active = True
+        patch_policy.enforced = True
+        patch_policy.save()
+
+        update_policy = WinUpdatePolicy()
+        update_policy.policy = patch_policy
+        update_policy.critical = "approve"
+        update_policy.important = "approve"
+        update_policy.moderate = "approve"
+        update_policy.low = "ignore"
+        update_policy.other = "ignore"
+        update_policy.run_time_days = [6, 0, 2]
+        update_policy.run_time_day = 1
+        update_policy.reboot_after_install = "required"
+        update_policy.reprocess_failed = True
+        update_policy.email_if_fail = True
+        update_policy.save()
+
+        clients = (
+            "Company 1",
+            "Company 2",
+            "Company 3",
+            "Company 4",
+            "Company 5",
+            "Company 6",
+        )
+        sites1 = ("HQ1", "LA Office 1", "NY Office 1")
+        sites2 = ("HQ2", "LA Office 2", "NY Office 2")
+        sites3 = ("HQ3", "LA Office 3", "NY Office 3")
+        sites4 = ("HQ4", "LA Office 4", "NY Office 4")
+        sites5 = ("HQ5", "LA Office 5", "NY Office 5")
+        sites6 = ("HQ6", "LA Office 6", "NY Office 6")
+
+        client1 = Client(name=clients[0])
+        client2 = Client(name=clients[1])
+        client3 = Client(name=clients[2])
+        client4 = Client(name=clients[3])
+        client5 = Client(name=clients[4])
+        client6 = Client(name=clients[5])
+
+        client1.save()
+        client2.save()
+        client3.save()
+        client4.save()
+        client5.save()
+        client6.save()
+
+        for site in sites1:
+            Site(client=client1, name=site).save()
+
+        for site in sites2:
+            Site(client=client2, name=site).save()
+
+        for site in sites3:
+            Site(client=client3, name=site).save()
+
+        for site in sites4:
+            Site(client=client4, name=site).save()
+
+        for site in sites5:
+            Site(client=client5, name=site).save()
+
+        for site in sites6:
+            Site(client=client6, name=site).save()
+
+        hostnames = (
+            "DC-1",
+            "DC-2",
+            "FSV-1",
+            "FSV-2",
+            "WSUS",
+            "DESKTOP-12345",
+            "LAPTOP-55443",
+        )
+        descriptions = ("Bob's computer", "Primary DC", "File Server", "Karen's Laptop")
+        modes = ("server", "workstation")
+        op_systems_servers = (
+            "Microsoft Windows Server 2016 Standard, 64bit (build 14393)",
+            "Microsoft Windows Server 2012 R2 Standard, 64bit (build 9600)",
+            "Microsoft Windows Server 2019 Standard, 64bit (build 17763)",
+        )
+
+        op_systems_workstations = (
+            "Microsoft Windows 8.1 Pro, 64bit (build 9600)",
+            "Microsoft Windows 10 Pro for Workstations, 64bit (build 18363)",
+            "Microsoft Windows 10 Pro, 64bit (build 18363)",
+        )
+
+        linux_deb_os = "Debian 11.2 x86_64 5.10.0-11-amd64"
+        linux_pi_os = "Raspbian 11.2 armv7l 5.10.92-v7+"
+
+        public_ips = ("65.234.22.4", "74.123.43.5", "44.21.134.45")
+
+        total_rams = (4, 8, 16, 32, 64, 128)
+
+        now = dt.datetime.now()
+        django_now = djangotime.now()
+
+        boot_times = []
+
+        for _ in range(15):
+            rand_hour = now - dt.timedelta(hours=random.randint(1, 22))
+            boot_times.append(str(rand_hour.timestamp()))
+
+        for _ in range(5):
+            rand_days = now - dt.timedelta(days=random.randint(2, 50))
+            boot_times.append(str(rand_days.timestamp()))
+
+        user_names = ("None", "Karen", "Steve", "jsmith", "jdoe")
+
+        with open(SVCS) as f:
+            services = json.load(f)
+
+        # WMI
+        with open(WMI_1) as f:
+            wmi1 = json.load(f)
+
+        with open(WMI_2) as f:
+            wmi2 = json.load(f)
+
+        with open(WMI_3) as f:
+            wmi3 = json.load(f)
+
+        wmi_details = [i for i in (wmi1, wmi2, wmi3)]
+
+        # software
+        with open(SW_1) as f:
+            software1 = json.load(f)
+
+        with open(SW_2) as f:
+            software2 = json.load(f)
+
+        softwares = [i for i in (software1, software2)]
+
+        # windows updates
+        with open(WIN_UPDATES) as f:
+            windows_updates = json.load(f)["samplecomputer"]
+
+        # event log check fail data
+        with open(EVT_LOG_FAIL) as f:
+            eventlog_check_fail_data = json.load(f)
+
+        # create scripts
+
+        clear_spool = Script()
+        clear_spool.name = "Clear Print Spooler"
+        clear_spool.description = "clears the print spooler. Fuck printers"
+        clear_spool.filename = "clear_print_spool.bat"
+        clear_spool.shell = ScriptShell.CMD
+        clear_spool.script_body = clear_print_spool_bat
+        clear_spool.save()
+
+        check_net_aware = Script()
+        check_net_aware.name = "Check Network Location Awareness"
+        check_net_aware.description = "Check's network location awareness on domain computers, should always be domain profile and not public or private. Sometimes happens when computer restarts before domain available. This script will return 0 if check passes or 1 if it fails."
+        check_net_aware.filename = "check_network_loc_aware.ps1"
+        check_net_aware.shell = ScriptShell.POWERSHELL
+        check_net_aware.script_body = check_network_loc_aware_ps1
+        check_net_aware.save()
+
+        check_pool_health = Script()
+        check_pool_health.name = "Check storage spool health"
+        check_pool_health.description = "loops through all storage pools and will fail if any of them are not healthy"
+        check_pool_health.filename = "check_storage_pool_health.ps1"
+        check_pool_health.shell = ScriptShell.POWERSHELL
+        check_pool_health.script_body = check_storage_pool_health_ps1
+        check_pool_health.save()
+
+        restart_nla = Script()
+        restart_nla.name = "Restart NLA Service"
+        restart_nla.description = "restarts the Network Location Awareness windows service to fix the nic profile. Run this after the check network service fails"
+        restart_nla.filename = "restart_nla.ps1"
+        restart_nla.shell = ScriptShell.POWERSHELL
+        restart_nla.script_body = restart_nla_ps1
+        restart_nla.save()
+
+        show_tmp_dir_script = Script()
+        show_tmp_dir_script.name = "Check temp dir"
+        show_tmp_dir_script.description = "shows files in temp dir using python"
+        show_tmp_dir_script.filename = "show_temp_dir.py"
+        show_tmp_dir_script.shell = ScriptShell.PYTHON
+        show_tmp_dir_script.script_body = show_temp_dir_py
+        show_tmp_dir_script.save()
+
+        for count_agents in range(AGENTS_TO_GENERATE):
+
+            client = random.choice(clients)
+
+            if client == clients[0]:
+                site = random.choice(sites1)
+            elif client == clients[1]:
+                site = random.choice(sites2)
+            elif client == clients[2]:
+                site = random.choice(sites3)
+            elif client == clients[3]:
+                site = random.choice(sites4)
+            elif client == clients[4]:
+                site = random.choice(sites5)
+            elif client == clients[5]:
+                site = random.choice(sites6)
+
+            agent = Agent()
+
+            plat_pick = random.randint(1, 15)
+            if plat_pick in (7, 11):
+                agent.plat = "linux"
+                mode = "server"
+                # pi arm
+                if plat_pick == 7:
+                    agent.goarch = "arm"
+                    agent.wmi_detail = wmi_pi
+                    agent.disks = disks_linux_pi
+                    agent.operating_system = linux_pi_os
+                else:
+                    agent.goarch = "amd64"
+                    agent.wmi_detail = wmi_deb
+                    agent.disks = disks_linux_deb
+                    agent.operating_system = linux_deb_os
+            else:
+                agent.plat = "windows"
+                agent.goarch = "amd64"
+                mode = random.choice(modes)
+                agent.wmi_detail = random.choice(wmi_details)
+                agent.services = services
+                agent.disks = random.choice(disks)
+                if mode == "server":
+                    agent.operating_system = random.choice(op_systems_servers)
+                else:
+                    agent.operating_system = random.choice(op_systems_workstations)
+
+            agent.hostname = random.choice(hostnames)
+            agent.version = settings.LATEST_AGENT_VER
+            agent.site = Site.objects.get(name=site)
+            agent.agent_id = self.rand_string(40)
+            agent.description = random.choice(descriptions)
+            agent.monitoring_type = mode
+            agent.public_ip = random.choice(public_ips)
+            agent.last_seen = django_now
+
+            agent.total_ram = random.choice(total_rams)
+            agent.boot_time = random.choice(boot_times)
+            agent.logged_in_username = random.choice(user_names)
+            agent.mesh_node_id = (
+                "3UiLhe420@kaVQ0rswzBeonW$WY0xrFFUDBQlcYdXoriLXzvPmBpMrV99vRHXFlb"
+            )
+            agent.overdue_email_alert = random.choice([True, False])
+            agent.overdue_text_alert = random.choice([True, False])
+            agent.needs_reboot = random.choice([True, False])
+
+            agent.save()
+
+            if agent.plat == "windows":
+                InstalledSoftware(agent=agent, software=random.choice(softwares)).save()
+
+            if mode == "workstation":
+                WinUpdatePolicy(agent=agent, run_time_days=[5, 6]).save()
+            else:
+                WinUpdatePolicy(agent=agent).save()
+
+            if agent.plat == "windows":
+                # windows updates load
+                guids = [i for i in windows_updates.keys()]
+                for i in guids:
+                    WinUpdate(
+                        agent=agent,
+                        guid=i,
+                        kb=windows_updates[i]["KBs"][0],
+                        title=windows_updates[i]["Title"],
+                        installed=windows_updates[i]["Installed"],
+                        downloaded=windows_updates[i]["Downloaded"],
+                        description=windows_updates[i]["Description"],
+                        severity=windows_updates[i]["Severity"],
+                    ).save()
+
+            # agent histories
+            hist = AgentHistory()
+            hist.agent = agent
+            hist.type = "cmd_run"
+            hist.command = "ping google.com"
+            hist.username = "demo"
+            hist.results = ping_success_output
+            hist.save()
+
+            hist1 = AgentHistory()
+            hist1.agent = agent
+            hist1.type = "script_run"
+            hist1.script = clear_spool
+            hist1.script_results = {
+                "id": 1,
+                "stderr": "",
+                "stdout": spooler_stdout,
+                "execution_time": 3.5554593,
+                "retcode": 0,
+            }
+            hist1.save()
+
+            if agent.plat == "windows":
+                # disk space check
+                check1 = Check()
+                check1.agent = agent
+                check1.check_type = CheckType.DISK_SPACE
+                check1.warning_threshold = 25
+                check1.error_threshold = 10
+                check1.disk = "C:"
+                check1.email_alert = random.choice([True, False])
+                check1.text_alert = random.choice([True, False])
+                check1.save()
+
+                check_result1 = CheckResult()
+                check_result1.agent = agent
+                check_result1.assigned_check = check1
+                check_result1.status = CheckStatus.PASSING
+                check_result1.last_run = django_now
+                check_result1.more_info = "Total: 498.7GB, Free: 287.4GB"
+                check_result1.save()
+
+                for i in range(30):
+                    check1_history = CheckHistory()
+                    check1_history.check_id = check1.pk
+                    check1_history.agent_id = agent.agent_id
+                    check1_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                    check1_history.y = random.randint(13, 40)
+                    check1_history.save()
+
+            # ping check
+            check2 = Check()
+            check_result2 = CheckResult()
+
+            check2.agent = agent
+            check2.check_type = CheckType.PING
+
+            check2.email_alert = random.choice([True, False])
+            check2.text_alert = random.choice([True, False])
+
+            check_result2.agent = agent
+            check_result2.assigned_check = check2
+            check_result2.last_run = django_now
+
+            if site in sites5:
+                check2.name = "Synology NAS"
+                check2.alert_severity = "error"
+                check_result2.status = CheckStatus.FAILING
+                check2.ip = "172.17.14.26"
+                check_result2.more_info = ping_fail_output
+            else:
+                check2.name = "Google"
+                check_result2.status = CheckStatus.PASSING
+                check2.ip = "8.8.8.8"
+                check_result2.more_info = ping_success_output
+
+            check2.save()
+            check_result2.save()
+
+            for i in range(30):
+                check2_history = CheckHistory()
+                check2_history.check_id = check2.pk
+                check2_history.agent_id = agent.agent_id
+                check2_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                if site in sites5:
+                    check2_history.y = 1
+                    check2_history.results = ping_fail_output
+                else:
+                    check2_history.y = 0
+                    check2_history.results = ping_success_output
+                check2_history.save()
+
+            # cpu load check
+            check3 = Check()
+            check3.agent = agent
+            check3.check_type = CheckType.CPU_LOAD
+            check3.warning_threshold = 70
+            check3.error_threshold = 90
+            check3.email_alert = random.choice([True, False])
+            check3.text_alert = random.choice([True, False])
+            check3.save()
+
+            check_result3 = CheckResult()
+            check_result3.agent = agent
+            check_result3.assigned_check = check3
+            check_result3.status = CheckStatus.PASSING
+            check_result3.last_run = django_now
+            check_result3.history = [
+                15,
+                23,
+                16,
+                22,
+                22,
+                27,
+                15,
+                23,
+                23,
+                20,
+                10,
+                10,
+                13,
+                34,
+            ]
+            check_result3.save()
+
+            for i in range(30):
+                check3_history = CheckHistory()
+                check3_history.check_id = check3.pk
+                check3_history.agent_id = agent.agent_id
+                check3_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                check3_history.y = random.randint(2, 79)
+                check3_history.save()
+
+            # memory check
+            check4 = Check()
+            check4.agent = agent
+            check4.check_type = CheckType.MEMORY
+            check4.warning_threshold = 70
+            check4.error_threshold = 85
+            check4.email_alert = random.choice([True, False])
+            check4.text_alert = random.choice([True, False])
+            check4.save()
+
+            check_result4 = CheckResult()
+            check_result4.agent = agent
+            check_result4.assigned_check = check4
+            check_result4.status = CheckStatus.PASSING
+            check_result4.last_run = django_now
+            check_result4.history = [34, 34, 35, 36, 34, 34, 34, 34, 34, 34]
+            check_result4.save()
+
+            for i in range(30):
+                check4_history = CheckHistory()
+                check4_history.check_id = check4.pk
+                check4_history.agent_id = agent.agent_id
+                check4_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                check4_history.y = random.randint(2, 79)
+                check4_history.save()
+
+            # script check storage pool
+            check5 = Check()
+
+            check5.agent = agent
+            check5.check_type = CheckType.SCRIPT
+
+            check5.email_alert = random.choice([True, False])
+            check5.text_alert = random.choice([True, False])
+            check5.timeout = 120
+
+            check5.script = check_pool_health
+            check5.save()
+
+            check_result5 = CheckResult()
+            check_result5.agent = agent
+            check_result5.assigned_check = check5
+            check_result5.status = CheckStatus.PASSING
+            check_result5.last_run = django_now
+            check_result5.retcode = 0
+            check_result5.execution_time = "4.0000"
+            check_result5.save()
+
+            for i in range(30):
+                check5_history = CheckHistory()
+                check5_history.check_id = check5.pk
+                check5_history.agent_id = agent.agent_id
+                check5_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                if i == 10 or i == 18:
+                    check5_history.y = 1
+                else:
+                    check5_history.y = 0
+                check5_history.save()
+
+            check6 = Check()
+
+            check6.agent = agent
+            check6.check_type = CheckType.SCRIPT
+            check6.email_alert = random.choice([True, False])
+            check6.text_alert = random.choice([True, False])
+            check6.timeout = 120
+            check6.script = check_net_aware
+            check6.save()
+
+            check_result6 = CheckResult()
+            check_result6.agent = agent
+            check_result6.assigned_check = check6
+            check_result6.status = CheckStatus.PASSING
+            check_result6.last_run = django_now
+            check_result6.retcode = 0
+            check_result6.execution_time = "4.0000"
+            check_result6.save()
+
+            for i in range(30):
+                check6_history = CheckHistory()
+                check6_history.check_id = check6.pk
+                check6_history.agent_id = agent.agent_id
+                check6_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                check6_history.y = 0
+                check6_history.save()
+
+            nla_task = AutomatedTask()
+
+            nla_task.agent = agent
+            actions = [
+                {
+                    "name": restart_nla.name,
+                    "type": "script",
+                    "script": restart_nla.pk,
+                    "timeout": 90,
+                    "script_args": [],
+                }
+            ]
+            nla_task.actions = actions
+            nla_task.assigned_check = check6
+            nla_task.name = "Restart NLA"
+            nla_task.task_type = "checkfailure"
+            nla_task.save()
+
+            nla_task_result = TaskResult()
+            nla_task_result.task = nla_task
+            nla_task_result.agent = agent
+            nla_task_result.execution_time = "1.8443"
+            nla_task_result.last_run = django_now
+            nla_task_result.stdout = "no stdout"
+            nla_task_result.retcode = 0
+            nla_task_result.sync_status = "synced"
+            nla_task_result.save()
+
+            spool_task = AutomatedTask()
+
+            spool_task.agent = agent
+            actions = [
+                {
+                    "name": clear_spool.name,
+                    "type": "script",
+                    "script": clear_spool.pk,
+                    "timeout": 90,
+                    "script_args": [],
+                }
+            ]
+            spool_task.actions = actions
+            spool_task.name = "Clear the print spooler"
+            spool_task.task_type = "daily"
+            spool_task.run_time_date = django_now + djangotime.timedelta(minutes=10)
+            spool_task.expire_date = django_now + djangotime.timedelta(days=753)
+            spool_task.daily_interval = 1
+            spool_task.weekly_interval = 1
+            spool_task.task_repetition_duration = "2h"
+            spool_task.task_repetition_interval = "25m"
+            spool_task.random_task_delay = "3m"
+            spool_task.save()
+
+            spool_task_result = TaskResult()
+            spool_task_result.task = spool_task
+            spool_task_result.agent = agent
+            spool_task_result.last_run = django_now
+            spool_task_result.retcode = 0
+            spool_task_result.stdout = spooler_stdout
+            spool_task_result.sync_status = "synced"
+            spool_task_result.save()
+
+            tmp_dir_task = AutomatedTask()
+            tmp_dir_task.agent = agent
+            tmp_dir_task.name = "show temp dir files"
+            actions = [
+                {
+                    "name": show_tmp_dir_script.name,
+                    "type": "script",
+                    "script": show_tmp_dir_script.pk,
+                    "timeout": 90,
+                    "script_args": [],
+                }
+            ]
+            tmp_dir_task.actions = actions
+            tmp_dir_task.task_type = "manual"
+            tmp_dir_task.save()
+
+            tmp_dir_task_result = TaskResult()
+            tmp_dir_task_result.task = tmp_dir_task
+            tmp_dir_task_result.agent = agent
+            tmp_dir_task_result.last_run = django_now
+            tmp_dir_task_result.stdout = temp_dir_stdout
+            tmp_dir_task_result.retcode = 0
+            tmp_dir_task_result.sync_status = "synced"
+            tmp_dir_task_result.save()
+
+            check7 = Check()
+
+            check7.agent = agent
+            check7.check_type = CheckType.SCRIPT
+
+            check7.email_alert = random.choice([True, False])
+            check7.text_alert = random.choice([True, False])
+            check7.timeout = 120
+
+            check7.script = clear_spool
+
+            check7.save()
+
+            check_result7 = CheckResult()
+            check_result7.assigned_check = check7
+            check_result7.agent = agent
+            check_result7.status = CheckStatus.PASSING
+            check_result7.last_run = django_now
+            check_result7.retcode = 0
+            check_result7.execution_time = "3.1337"
+            check_result7.stdout = spooler_stdout
+            check_result7.save()
+
+            for i in range(30):
+                check7_history = CheckHistory()
+                check7_history.check_id = check7.pk
+                check7_history.agent_id = agent.agent_id
+                check7_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                check7_history.y = 0
+                check7_history.save()
+
+            if agent.plat == "windows":
+                check8 = Check()
+                check8.agent = agent
+                check8.check_type = CheckType.WINSVC
+                check8.email_alert = random.choice([True, False])
+                check8.text_alert = random.choice([True, False])
+                check8.fails_b4_alert = 4
+                check8.svc_name = "Spooler"
+                check8.svc_display_name = "Print Spooler"
+                check8.pass_if_start_pending = False
+                check8.restart_if_stopped = True
+                check8.save()
+
+                check_result8 = CheckResult()
+                check_result8.assigned_check = check8
+                check_result8.agent = agent
+                check_result8.status = CheckStatus.PASSING
+                check_result8.last_run = django_now
+                check_result8.more_info = "Status RUNNING"
+                check_result8.save()
+
+                for i in range(30):
+                    check8_history = CheckHistory()
+                    check8_history.check_id = check8.pk
+                    check8_history.agent_id = agent.agent_id
+                    check8_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                    if i == 10 or i == 18:
+                        check8_history.y = 1
+                        check8_history.results = "Status STOPPED"
+                    else:
+                        check8_history.y = 0
+                        check8_history.results = "Status RUNNING"
+                    check8_history.save()
+
+                check9 = Check()
+                check9.agent = agent
+                check9.check_type = CheckType.EVENT_LOG
+                check9.name = "unexpected shutdown"
+                check9.email_alert = random.choice([True, False])
+                check9.text_alert = random.choice([True, False])
+                check9.fails_b4_alert = 2
+                check9.log_name = EvtLogNames.APPLICATION
+                check9.event_id = 1001
+                check9.event_type = EvtLogTypes.INFO
+                check9.fail_when = EvtLogFailWhen.CONTAINS
+                check9.search_last_days = 30
+
+                check_result9 = CheckResult()
+                check_result9.agent = agent
+                check_result9.assigned_check = check9
+
+                check_result9.last_run = django_now
+                if site in sites5:
+                    check_result9.extra_details = eventlog_check_fail_data
+                    check_result9.status = CheckStatus.FAILING
+                else:
+                    check_result9.extra_details = {"log": []}
+                    check_result9.status = CheckStatus.PASSING
+
+                check9.save()
+                check_result9.save()
+
+                for i in range(30):
+                    check9_history = CheckHistory()
+                    check9_history.check_id = check9.pk
+                    check9_history.agent_id = agent.agent_id
+                    check9_history.x = django_now - djangotime.timedelta(minutes=i * 2)
+                    if i == 10 or i == 18:
+                        check9_history.y = 1
+                        check9_history.results = "Events Found: 16"
+                    else:
+                        check9_history.y = 0
+                        check9_history.results = "Events Found: 0"
+                    check9_history.save()
+
+                pick = random.randint(1, 10)
+
+                if pick == 5 or pick == 3:
+
+                    reboot_time = django_now + djangotime.timedelta(
+                        minutes=random.randint(1000, 500000)
+                    )
+                    date_obj = dt.datetime.strftime(reboot_time, "%Y-%m-%d %H:%M")
+
+                    obj = dt.datetime.strptime(date_obj, "%Y-%m-%d %H:%M")
+
+                    task_name = "TacticalRMM_SchedReboot_" + "".join(
+                        random.choice(string.ascii_letters) for _ in range(10)
+                    )
+
+                    sched_reboot = PendingAction()
+                    sched_reboot.agent = agent
+                    sched_reboot.action_type = PAAction.SCHED_REBOOT
+                    sched_reboot.details = {
+                        "time": str(obj),
+                        "taskname": task_name,
+                    }
+                    sched_reboot.save()
+
+            self.stdout.write(self.style.SUCCESS(f"Added agent # {count_agents + 1}"))
+
+        self.stdout.write("done")

api/tacticalrmm/agents/management/commands/fix_salt_key.py

@@ -1,16 +0,0 @@
-from django.core.management.base import BaseCommand
-
-from agents.models import Agent
-
-
-class Command(BaseCommand):
-    help = "Changes existing agents salt_id from a property to a model field"
-
-    def handle(self, *args, **kwargs):
-        agents = Agent.objects.filter(salt_id=None)
-        for agent in agents:
-            self.stdout.write(
-                self.style.SUCCESS(f"Setting salt_id on {agent.hostname}")
-            )
-            agent.salt_id = f"{agent.hostname}-{agent.pk}"
-            agent.save(update_fields=["salt_id"])

api/tacticalrmm/agents/management/commands/update_agents.py

@@ -3,17 +3,17 @@ from django.core.management.base import BaseCommand
 from packaging import version as pyver
 
 from agents.models import Agent
-from core.models import CoreSettings
 from agents.tasks import send_agent_update_task
-from tacticalrmm.utils import AGENT_DEFER
+from core.utils import get_core_settings
+from tacticalrmm.constants import AGENT_DEFER
 
 
 class Command(BaseCommand):
     help = "Triggers an agent update task to run"
 
     def handle(self, *args, **kwargs):
-        core = CoreSettings.objects.first()
-        if not core.agent_auto_update:  # type: ignore
+        core = get_core_settings()
+        if not core.agent_auto_update:
             return
 
         q = Agent.objects.defer(*AGENT_DEFER).exclude(version=settings.LATEST_AGENT_VER)

api/tacticalrmm/agents/migrations/0038_agenthistory.py

@@ -1,7 +1,7 @@
 # Generated by Django 3.2.1 on 2021-07-06 02:01
 
-from django.db import migrations, models
 import django.db.models.deletion
+from django.db import migrations, models
 
 
 class Migration(migrations.Migration):

api/tacticalrmm/agents/migrations/0039_auto_20210714_0738.py

@@ -1,7 +1,7 @@
 # Generated by Django 3.2.5 on 2021-07-14 07:38
 
-from django.db import migrations, models
 import django.db.models.deletion
+from django.db import migrations, models
 
 
 class Migration(migrations.Migration):

api/tacticalrmm/agents/migrations/0043_auto_20220227_0554.py

@@ -0,0 +1,25 @@
+# Generated by Django 3.2.12 on 2022-02-27 05:54
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0042_alter_agent_time_zone'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='agent',
+            name='antivirus',
+        ),
+        migrations.RemoveField(
+            model_name='agent',
+            name='local_ip',
+        ),
+        migrations.RemoveField(
+            model_name='agent',
+            name='used_ram',
+        ),
+    ]

api/tacticalrmm/agents/migrations/0044_auto_20220227_0717.py

@@ -0,0 +1,22 @@
+# Generated by Django 3.2.12 on 2022-02-27 07:17
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0043_auto_20220227_0554'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='agent',
+            old_name='salt_id',
+            new_name='goarch',
+        ),
+        migrations.RemoveField(
+            model_name='agent',
+            name='salt_ver',
+        ),
+    ]

api/tacticalrmm/agents/migrations/0045_delete_recoveryaction.py

@@ -0,0 +1,16 @@
+# Generated by Django 3.2.12 on 2022-03-12 02:30
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0044_auto_20220227_0717'),
+    ]
+
+    operations = [
+        migrations.DeleteModel(
+            name='RecoveryAction',
+        ),
+    ]

api/tacticalrmm/agents/migrations/0046_alter_agenthistory_command.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.12 on 2022-03-17 17:15
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0045_delete_recoveryaction'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='agenthistory',
+            name='command',
+            field=models.TextField(blank=True, default='', null=True),
+        ),
+    ]

api/tacticalrmm/agents/migrations/0047_alter_agent_plat_alter_agent_site.py

@@ -0,0 +1,26 @@
+# Generated by Django 4.0.3 on 2022-04-07 17:28
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('clients', '0020_auto_20211226_0547'),
+        ('agents', '0046_alter_agenthistory_command'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='agent',
+            name='plat',
+            field=models.CharField(default='windows', max_length=255),
+        ),
+        migrations.AlterField(
+            model_name='agent',
+            name='site',
+            field=models.ForeignKey(default=1, on_delete=django.db.models.deletion.RESTRICT, related_name='agents', to='clients.site'),
+            preserve_default=False,
+        ),
+    ]

api/tacticalrmm/agents/migrations/0048_remove_agent_has_patches_pending_and_more.py

@@ -0,0 +1,21 @@
+# Generated by Django 4.0.3 on 2022-04-16 17:39
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0047_alter_agent_plat_alter_agent_site'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='agent',
+            name='has_patches_pending',
+        ),
+        migrations.RemoveField(
+            model_name='agent',
+            name='pending_actions_count',
+        ),
+    ]

api/tacticalrmm/agents/migrations/0049_agent_agents_agen_monitor_df8816_idx.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.0.3 on 2022-04-18 14:29
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0048_remove_agent_has_patches_pending_and_more'),
+    ]
+
+    operations = [
+        migrations.AddIndex(
+            model_name='agent',
+            index=models.Index(fields=['monitoring_type'], name='agents_agen_monitor_df8816_idx'),
+        ),
+    ]

api/tacticalrmm/agents/migrations/0050_remove_agent_plat_release.py

@@ -0,0 +1,17 @@
+# Generated by Django 4.0.4 on 2022-04-25 06:51
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('agents', '0049_agent_agents_agen_monitor_df8816_idx'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='agent',
+            name='plat_release',
+        ),
+    ]

api/tacticalrmm/agents/permissions.py

@@ -4,7 +4,7 @@ from tacticalrmm.permissions import _has_perm, _has_perm_on_agent
 
 
 class AgentPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             if "agent_id" in view.kwargs.keys():
                 return _has_perm(r, "can_list_agents") and _has_perm_on_agent(
@@ -26,73 +26,73 @@ class AgentPerms(permissions.BasePermission):
 
 
 class RecoverAgentPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_recover_agents") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class MeshPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_use_mesh") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class UpdateAgentPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_update_agents")
 
 
 class PingAgentPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_ping_agents") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class ManageProcPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_manage_procs") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class EvtLogPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_view_eventlogs") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class SendCMDPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_send_cmd") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class RebootAgentPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_reboot_agents") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class InstallAgentPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_install_agents")
 
 
 class RunScriptPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_run_scripts") and _has_perm_on_agent(
             r.user, view.kwargs["agent_id"]
         )
 
 
 class AgentNotesPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
 
         # permissions for GET /agents/notes/ endpoint
         if r.method == "GET":
@@ -109,12 +109,12 @@ class AgentNotesPerms(permissions.BasePermission):
 
 
 class RunBulkPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_run_bulk")
 
 
 class AgentHistoryPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if "agent_id" in view.kwargs.keys():
             return _has_perm(r, "can_list_agent_history") and _has_perm_on_agent(
                 r.user, view.kwargs["agent_id"]

api/tacticalrmm/agents/serializers.py

@@ -1,8 +1,9 @@
 import pytz
 from rest_framework import serializers
+
 from winupdate.serializers import WinUpdatePolicySerializer
 
-from .models import Agent, AgentCustomField, Note, AgentHistory
+from .models import Agent, AgentCustomField, AgentHistory, Note
 
 
 class AgentCustomFieldSerializer(serializers.ModelSerializer):
@@ -40,6 +41,33 @@ class AgentSerializer(serializers.ModelSerializer):
     custom_fields = AgentCustomFieldSerializer(many=True, read_only=True)
     patches_last_installed = serializers.ReadOnlyField()
     last_seen = serializers.ReadOnlyField()
+    applied_policies = serializers.SerializerMethodField()
+    effective_patch_policy = serializers.SerializerMethodField()
+    alert_template = serializers.SerializerMethodField()
+
+    def get_alert_template(self, obj):
+        from alerts.serializers import AlertTemplateSerializer
+
+        return (
+            AlertTemplateSerializer(obj.alert_template).data
+            if obj.alert_template
+            else None
+        )
+
+    def get_effective_patch_policy(self, obj):
+        return WinUpdatePolicySerializer(obj.get_patch_policy()).data
+
+    def get_applied_policies(self, obj):
+        from automation.serializers import PolicySerializer
+
+        policies = obj.get_agent_policies()
+
+        # need to serialize model objects manually
+        for key, policy in policies.items():
+            if policy:
+                policies[key] = PolicySerializer(policy).data
+
+        return policies
 
     def get_all_timezones(self, obj):
         return pytz.all_timezones
@@ -52,13 +80,15 @@ class AgentSerializer(serializers.ModelSerializer):
 class AgentTableSerializer(serializers.ModelSerializer):
     status = serializers.ReadOnlyField()
     checks = serializers.ReadOnlyField()
-    last_seen = serializers.SerializerMethodField()
     client_name = serializers.ReadOnlyField(source="client.name")
     site_name = serializers.ReadOnlyField(source="site.name")
     logged_username = serializers.SerializerMethodField()
     italic = serializers.SerializerMethodField()
     policy = serializers.ReadOnlyField(source="policy.id")
     alert_template = serializers.SerializerMethodField()
+    last_seen = serializers.ReadOnlyField()
+    pending_actions_count = serializers.ReadOnlyField()
+    has_patches_pending = serializers.ReadOnlyField()
 
     def get_alert_template(self, obj):
 
@@ -72,14 +102,6 @@ class AgentTableSerializer(serializers.ModelSerializer):
                 "always_alert": obj.alert_template.agent_always_alert,
             }
 
-    def get_last_seen(self, obj) -> str:
-        if obj.time_zone is not None:
-            agent_tz = pytz.timezone(obj.time_zone)
-        else:
-            agent_tz = self.context["default_tz"]
-
-        return obj.last_seen.astimezone(agent_tz).strftime("%m %d %Y %H:%M")
-
     def get_logged_username(self, obj) -> str:
         if obj.logged_in_username == "None" and obj.status == "online":
             return obj.last_logged_in_user
@@ -102,7 +124,6 @@ class AgentTableSerializer(serializers.ModelSerializer):
             "monitoring_type",
             "description",
             "needs_reboot",
-            "has_patches_pending",
             "pending_actions_count",
             "status",
             "overdue_text_alert",
@@ -116,6 +137,9 @@ class AgentTableSerializer(serializers.ModelSerializer):
             "italic",
             "policy",
             "block_policy_inheritance",
+            "plat",
+            "goarch",
+            "has_patches_pending",
         ]
         depth = 2
 
@@ -152,17 +176,12 @@ class AgentNoteSerializer(serializers.ModelSerializer):
 
 
 class AgentHistorySerializer(serializers.ModelSerializer):
-    time = serializers.SerializerMethodField(read_only=True)
     script_name = serializers.ReadOnlyField(source="script.name")
 
     class Meta:
         model = AgentHistory
         fields = "__all__"
 
-    def get_time(self, history):
-        tz = self.context["default_tz"]
-        return history.time.astimezone(tz).strftime("%m %d %Y %H:%M:%S")
-
 
 class AgentAuditSerializer(serializers.ModelSerializer):
     class Meta:

api/tacticalrmm/agents/tasks.py

@@ -2,20 +2,19 @@ import asyncio
 import datetime as dt
 import random
 from time import sleep
-from typing import Union
+from typing import Optional
 
-from alerts.models import Alert
-from core.models import CoreSettings
 from django.conf import settings
 from django.utils import timezone as djangotime
-from logs.models import DebugLog, PendingAction
 from packaging import version as pyver
-from scripts.models import Script
-from tacticalrmm.celery import app
 
 from agents.models import Agent
-from agents.utils import get_winagent_url
-from tacticalrmm.utils import AGENT_DEFER
+from agents.utils import get_agent_url
+from core.utils import get_core_settings
+from logs.models import DebugLog, PendingAction
+from scripts.models import Script
+from tacticalrmm.celery import app
+from tacticalrmm.constants import CheckStatus, DebugLogType, PAAction, PAStatus
 
 
 def agent_update(agent_id: str, force: bool = False) -> str:
@@ -29,26 +28,26 @@ def agent_update(agent_id: str, force: bool = False) -> str:
     if agent.arch is None:
         DebugLog.warning(
             agent=agent,
-            log_type="agent_issues",
+            log_type=DebugLogType.AGENT_ISSUES,
             message=f"Unable to determine arch on {agent.hostname}({agent.agent_id}). Skipping agent update.",
         )
         return "noarch"
 
     version = settings.LATEST_AGENT_VER
     inno = agent.win_inno_exe
-    url = get_winagent_url(agent.arch)
+    url = get_agent_url(agent.arch, agent.plat)
 
     if not force:
         if agent.pendingactions.filter(
-            action_type="agentupdate", status="pending"
+            action_type=PAAction.AGENT_UPDATE, status=PAStatus.PENDING
         ).exists():
             agent.pendingactions.filter(
-                action_type="agentupdate", status="pending"
+                action_type=PAAction.AGENT_UPDATE, status=PAStatus.PENDING
             ).delete()
 
         PendingAction.objects.create(
             agent=agent,
-            action_type="agentupdate",
+            action_type=PAAction.AGENT_UPDATE,
             details={
                 "url": url,
                 "version": version,
@@ -70,28 +69,26 @@ def agent_update(agent_id: str, force: bool = False) -> str:
 
 @app.task
 def force_code_sign(agent_ids: list[str]) -> None:
-    chunks = (agent_ids[i : i + 50] for i in range(0, len(agent_ids), 50))
+    chunks = (agent_ids[i : i + 70] for i in range(0, len(agent_ids), 70))
     for chunk in chunks:
         for agent_id in chunk:
             agent_update(agent_id=agent_id, force=True)
-            sleep(0.05)
-        sleep(4)
+        sleep(2)
 
 
 @app.task
 def send_agent_update_task(agent_ids: list[str]) -> None:
-    chunks = (agent_ids[i : i + 50] for i in range(0, len(agent_ids), 50))
+    chunks = (agent_ids[i : i + 70] for i in range(0, len(agent_ids), 70))
     for chunk in chunks:
         for agent_id in chunk:
             agent_update(agent_id)
-            sleep(0.05)
-        sleep(4)
+        sleep(2)
 
 
 @app.task
 def auto_self_agent_update_task() -> None:
-    core = CoreSettings.objects.first()
-    if not core.agent_auto_update:  # type:ignore
+    core = get_core_settings()
+    if not core.agent_auto_update:
         return
 
     q = Agent.objects.only("agent_id", "version")
@@ -101,22 +98,24 @@ def auto_self_agent_update_task() -> None:
         if pyver.parse(i.version) < pyver.parse(settings.LATEST_AGENT_VER)
     ]
 
-    chunks = (agent_ids[i : i + 30] for i in range(0, len(agent_ids), 30))
+    chunks = (agent_ids[i : i + 70] for i in range(0, len(agent_ids), 70))
     for chunk in chunks:
         for agent_id in chunk:
             agent_update(agent_id)
-            sleep(0.05)
-        sleep(4)
+        sleep(2)
 
 
 @app.task
-def agent_outage_email_task(pk: int, alert_interval: Union[float, None] = None) -> str:
+def agent_outage_email_task(pk: int, alert_interval: Optional[float] = None) -> str:
     from alerts.models import Alert
 
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
 
     if not alert.email_sent:
-        sleep(random.randint(1, 15))
+        sleep(random.randint(1, 5))
         alert.agent.send_outage_email()
         alert.email_sent = djangotime.now()
         alert.save(update_fields=["email_sent"])
@@ -125,7 +124,7 @@ def agent_outage_email_task(pk: int, alert_interval: Union[float, None] = None)
             # send an email only if the last email sent is older than alert interval
             delta = djangotime.now() - dt.timedelta(days=alert_interval)
             if alert.email_sent < delta:
-                sleep(random.randint(1, 10))
+                sleep(random.randint(1, 5))
                 alert.agent.send_outage_email()
                 alert.email_sent = djangotime.now()
                 alert.save(update_fields=["email_sent"])
@@ -137,8 +136,13 @@ def agent_outage_email_task(pk: int, alert_interval: Union[float, None] = None)
 def agent_recovery_email_task(pk: int) -> str:
     from alerts.models import Alert
 
-    sleep(random.randint(1, 15))
-    alert = Alert.objects.get(pk=pk)
+    sleep(random.randint(1, 5))
+
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
+
     alert.agent.send_recovery_email()
     alert.resolved_email_sent = djangotime.now()
     alert.save(update_fields=["resolved_email_sent"])
@@ -147,13 +151,16 @@ def agent_recovery_email_task(pk: int) -> str:
 
 
 @app.task
-def agent_outage_sms_task(pk: int, alert_interval: Union[float, None] = None) -> str:
+def agent_outage_sms_task(pk: int, alert_interval: Optional[float] = None) -> str:
     from alerts.models import Alert
 
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
 
     if not alert.sms_sent:
-        sleep(random.randint(1, 15))
+        sleep(random.randint(1, 3))
         alert.agent.send_outage_sms()
         alert.sms_sent = djangotime.now()
         alert.save(update_fields=["sms_sent"])
@@ -162,7 +169,7 @@ def agent_outage_sms_task(pk: int, alert_interval: Union[float, None] = None) ->
             # send an sms only if the last sms sent is older than alert interval
             delta = djangotime.now() - dt.timedelta(days=alert_interval)
             if alert.sms_sent < delta:
-                sleep(random.randint(1, 10))
+                sleep(random.randint(1, 3))
                 alert.agent.send_outage_sms()
                 alert.sms_sent = djangotime.now()
                 alert.save(update_fields=["sms_sent"])
@@ -175,7 +182,11 @@ def agent_recovery_sms_task(pk: int) -> str:
     from alerts.models import Alert
 
     sleep(random.randint(1, 3))
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
+
     alert.agent.send_recovery_sms()
     alert.resolved_sms_sent = djangotime.now()
     alert.save(update_fields=["resolved_sms_sent"])
@@ -225,12 +236,12 @@ def run_script_email_results_task(
     if r == "timeout":
         DebugLog.error(
             agent=agent,
-            log_type="scripting",
+            log_type=DebugLogType.SCRIPTING,
             message=f"{agent.hostname}({agent.pk}) timed out running script.",
         )
         return
 
-    CORE = CoreSettings.objects.first()
+    CORE = get_core_settings()
     subject = f"{agent.hostname} {script.name} Results"
     exec_time = "{:.4f}".format(r["execution_time"])
     body = (
@@ -243,25 +254,21 @@ def run_script_email_results_task(
 
     msg = EmailMessage()
     msg["Subject"] = subject
-    msg["From"] = CORE.smtp_from_email  # type:ignore
+    msg["From"] = CORE.smtp_from_email
 
     if emails:
         msg["To"] = ", ".join(emails)
     else:
-        msg["To"] = ", ".join(CORE.email_alert_recipients)  # type:ignore
+        msg["To"] = ", ".join(CORE.email_alert_recipients)
 
     msg.set_content(body)
 
     try:
-        with smtplib.SMTP(
-            CORE.smtp_host, CORE.smtp_port, timeout=20  # type:ignore
-        ) as server:  # type:ignore
-            if CORE.smtp_requires_auth:  # type:ignore
+        with smtplib.SMTP(CORE.smtp_host, CORE.smtp_port, timeout=20) as server:
+            if CORE.smtp_requires_auth:
                 server.ehlo()
                 server.starttls()
-                server.login(
-                    CORE.smtp_host_user, CORE.smtp_host_password  # type:ignore
-                )  # type:ignore
+                server.login(CORE.smtp_host_user, CORE.smtp_host_password)
                 server.send_message(msg)
                 server.quit()
             else:
@@ -273,18 +280,22 @@ def run_script_email_results_task(
 
 @app.task
 def clear_faults_task(older_than_days: int) -> None:
-    # https://github.com/wh1te909/tacticalrmm/issues/484
+    from alerts.models import Alert
+
+    # https://github.com/amidaware/tacticalrmm/issues/484
     agents = Agent.objects.exclude(last_seen__isnull=True).filter(
         last_seen__lt=djangotime.now() - djangotime.timedelta(days=older_than_days)
     )
     for agent in agents:
-        if agent.agentchecks.exists():
-            for check in agent.agentchecks.all():
-                # reset check status
-                check.status = "passing"
-                check.save(update_fields=["status"])
-                if check.alert.filter(resolved=False).exists():
-                    check.alert.get(resolved=False).resolve()
+        for check in agent.get_checks_with_policies():
+            # reset check status
+            if check.check_result:
+                check.check_result.status = CheckStatus.PASSING
+                check.check_result.save(update_fields=["status"])
+            if check.alert.filter(agent=agent, resolved=False).exists():
+                alert = Alert.create_or_return_check_alert(check, agent=agent)
+                if alert:
+                    alert.resolve()
 
         # reset overdue alerts
         agent.overdue_email_alert = False
@@ -308,43 +319,3 @@ def prune_agent_history(older_than_days: int) -> str:
     ).delete()
 
     return "ok"
-
-
-@app.task
-def handle_agents_task() -> None:
-    q = Agent.objects.defer(*AGENT_DEFER)
-    agents = [
-        i
-        for i in q
-        if pyver.parse(i.version) >= pyver.parse("1.6.0") and i.status == "online"
-    ]
-    for agent in agents:
-        # change agent update pending status to completed if agent has just updated
-        if (
-            pyver.parse(agent.version) == pyver.parse(settings.LATEST_AGENT_VER)
-            and agent.pendingactions.filter(
-                action_type="agentupdate", status="pending"
-            ).exists()
-        ):
-            agent.pendingactions.filter(
-                action_type="agentupdate", status="pending"
-            ).update(status="completed")
-
-        # sync scheduled tasks
-        if agent.autotasks.exclude(sync_status="synced").exists():  # type: ignore
-            tasks = agent.autotasks.exclude(sync_status="synced")  # type: ignore
-
-            for task in tasks:
-                if task.sync_status == "pendingdeletion":
-                    task.delete_task_on_agent()
-                elif task.sync_status == "initial":
-                    task.modify_task_on_agent()
-                elif task.sync_status == "notsynced":
-                    task.create_task_on_agent()
-
-        # handles any alerting actions
-        if Alert.objects.filter(agent=agent, resolved=False).exists():
-            try:
-                Alert.handle_alert_resolve(agent)
-            except:
-                continue

api/tacticalrmm/agents/tests/test_recovery.py

@@ -0,0 +1,62 @@
+from typing import TYPE_CHECKING
+from unittest.mock import patch
+
+from model_bakery import baker
+
+from tacticalrmm.test import TacticalTestCase
+
+if TYPE_CHECKING:
+    from clients.models import Client, Site
+
+
+class TestRecovery(TacticalTestCase):
+    def setUp(self) -> None:
+        self.authenticate()
+        self.setup_coresettings()
+        self.client1: "Client" = baker.make("clients.Client")
+        self.site1: "Site" = baker.make("clients.Site", client=self.client1)
+
+    @patch("agents.models.Agent.recover")
+    @patch("agents.views.get_mesh_ws_url")
+    def test_recover(self, get_mesh_ws_url, recover) -> None:
+        get_mesh_ws_url.return_value = "https://mesh.example.com"
+
+        agent = baker.make_recipe(
+            "agents.online_agent",
+            site=self.site1,
+            monitoring_type="server",
+            plat="windows",
+        )
+
+        url = f"/agents/{agent.agent_id}/recover/"
+
+        # test successfull tacticalagent recovery
+        data = {"mode": "tacagent"}
+        r = self.client.post(url, data, format="json")
+        self.assertEqual(r.status_code, 200)
+        recover.assert_called_with("tacagent", "https://mesh.example.com", wait=False)
+        get_mesh_ws_url.assert_called_once()
+
+        # reset mocks
+        recover.reset_mock()
+        get_mesh_ws_url.reset_mock()
+
+        # test successfull mesh agent recovery
+        data = {"mode": "mesh"}
+        recover.return_value = ("ok", False)
+        r = self.client.post(url, data, format="json")
+        self.assertEqual(r.status_code, 200)
+        get_mesh_ws_url.assert_not_called()
+        recover.assert_called_with("mesh", "")
+
+        # reset mocks
+        recover.reset_mock()
+        get_mesh_ws_url.reset_mock()
+
+        # test failed mesh agent recovery
+        data = {"mode": "mesh"}
+        recover.return_value = ("Unable to contact the agent", True)
+        r = self.client.post(url, data, format="json")
+        self.assertEqual(r.status_code, 400)
+
+        self.check_not_authenticated("post", url)

api/tacticalrmm/agents/urls.py

@@ -1,10 +1,11 @@
 from django.urls import path
 
-from . import views
-from checks.views import GetAddChecks
 from autotasks.views import GetAddAutoTasks
+from checks.views import GetAddChecks
 from logs.views import PendingActions
 
+from . import views
+
 urlpatterns = [
     # agent views
     path("", views.GetAgents.as_view()),
@@ -40,5 +41,4 @@ urlpatterns = [
     path("versions/", views.get_agent_versions),
     path("update/", views.update_agents),
     path("installer/", views.install_agent),
-    path("<str:arch>/getmeshexe/", views.get_mesh_exe),
 ]

api/tacticalrmm/agents/utils.py

@@ -1,40 +1,92 @@
-import random
+import asyncio
+import tempfile
 import urllib.parse
-import requests
 
 from django.conf import settings
+from django.http import FileResponse
+
 from core.models import CodeSignToken
+from core.utils import get_core_settings, get_mesh_device_id, get_mesh_ws_url
+from tacticalrmm.constants import MeshAgentIdent
 
 
-def get_exegen_url() -> str:
-    urls: list[str] = settings.EXE_GEN_URLS
-    for url in urls:
-        try:
-            r = requests.get(url, timeout=10)
-        except:
-            continue
+def get_agent_url(arch: str, plat: str) -> str:
 
-        if r.status_code == 200:
-            return url
+    if plat == "windows":
+        endpoint = "winagents"
+        dl_url = settings.DL_32 if arch == "32" else settings.DL_64
+    else:
+        endpoint = "linuxagents"
+        dl_url = ""
 
-    return random.choice(urls)
+    token = CodeSignToken.objects.first()
+    if not token:
+        return dl_url
 
-
-def get_winagent_url(arch: str) -> str:
-
-    dl_url = settings.DL_32 if arch == "32" else settings.DL_64
-
-    try:
-        t: CodeSignToken = CodeSignToken.objects.first()  # type: ignore
-        if t.is_valid:
-            base_url = get_exegen_url() + "/api/v1/winagents/?"
-            params = {
-                "version": settings.LATEST_AGENT_VER,
-                "arch": arch,
-                "token": t.token,
-            }
-            dl_url = base_url + urllib.parse.urlencode(params)
-    except:
-        pass
+    if token.is_valid:
+        base_url = settings.EXE_GEN_URL + f"/api/v1/{endpoint}/?"
+        params = {
+            "version": settings.LATEST_AGENT_VER,
+            "arch": arch,
+            "token": token.token,
+        }
+        dl_url = base_url + urllib.parse.urlencode(params)
 
     return dl_url
+
+
+def generate_linux_install(
+    client: str,
+    site: str,
+    agent_type: str,
+    arch: str,
+    token: str,
+    api: str,
+    download_url: str,
+) -> FileResponse:
+
+    match arch:
+        case "amd64":
+            arch_id = MeshAgentIdent.LINUX64
+        case "386":
+            arch_id = MeshAgentIdent.LINUX32
+        case "arm64":
+            arch_id = MeshAgentIdent.LINUX_ARM_64
+        case "arm":
+            arch_id = MeshAgentIdent.LINUX_ARM_HF
+        case _:
+            arch_id = "not_found"
+
+    core = get_core_settings()
+
+    uri = get_mesh_ws_url()
+    mesh_id = asyncio.run(get_mesh_device_id(uri, core.mesh_device_group))
+    mesh_dl = (
+        f"{core.mesh_site}/meshagents?id={mesh_id}&installflags=0&meshinstall={arch_id}"
+    )
+
+    sh = settings.LINUX_AGENT_SCRIPT
+    with open(sh, "r") as f:
+        text = f.read()
+
+    replace = {
+        "agentDLChange": download_url,
+        "meshDLChange": mesh_dl,
+        "clientIDChange": client,
+        "siteIDChange": site,
+        "agentTypeChange": agent_type,
+        "tokenChange": token,
+        "apiURLChange": api,
+    }
+
+    for i, j in replace.items():
+        text = text.replace(i, j)
+
+    with tempfile.NamedTemporaryFile() as fp:
+        with open(fp.name, "w") as f:
+            f.write(text)
+            f.write("\n")
+
+        return FileResponse(
+            open(fp.name, "rb"), as_attachment=True, filename="linux_agent_install.sh"
+        )

api/tacticalrmm/agents/views.py

@@ -6,58 +6,59 @@ import string
 import time
 
 from django.conf import settings
+from django.db.models import Count, Exists, OuterRef, Prefetch, Q
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404
-from django.db.models import Q
+from django.utils import timezone as djangotime
+from meshctrl.utils import get_login_token
 from packaging import version as pyver
 from rest_framework.decorators import api_view, permission_classes
+from rest_framework.exceptions import PermissionDenied
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework.exceptions import PermissionDenied
 
-from core.models import CoreSettings
+from core.models import CodeSignToken
+from core.utils import get_core_settings, get_mesh_ws_url, remove_mesh_agent
 from logs.models import AuditLog, DebugLog, PendingAction
 from scripts.models import Script
 from scripts.tasks import handle_bulk_command_task, handle_bulk_script_task
-from tacticalrmm.utils import (
-    get_default_timezone,
-    notify_error,
-    reload_nats,
-    AGENT_DEFER,
-)
-from winupdate.serializers import WinUpdatePolicySerializer
-from winupdate.tasks import bulk_check_for_updates_task, bulk_install_updates_task
+from tacticalrmm.constants import AGENT_DEFER, EvtLogNames, PAAction, PAStatus
+from tacticalrmm.helpers import notify_error
 from tacticalrmm.permissions import (
     _has_perm_on_agent,
     _has_perm_on_client,
     _has_perm_on_site,
 )
+from tacticalrmm.utils import get_default_timezone, reload_nats
+from winupdate.models import WinUpdate
+from winupdate.serializers import WinUpdatePolicySerializer
+from winupdate.tasks import bulk_check_for_updates_task, bulk_install_updates_task
 
-from .models import Agent, AgentCustomField, Note, RecoveryAction, AgentHistory
+from .models import Agent, AgentCustomField, AgentHistory, Note
 from .permissions import (
     AgentHistoryPerms,
+    AgentNotesPerms,
     AgentPerms,
     EvtLogPerms,
     InstallAgentPerms,
-    RecoverAgentPerms,
-    AgentNotesPerms,
     ManageProcPerms,
     MeshPerms,
+    PingAgentPerms,
     RebootAgentPerms,
+    RecoverAgentPerms,
     RunBulkPerms,
     RunScriptPerms,
     SendCMDPerms,
-    PingAgentPerms,
     UpdateAgentPerms,
 )
 from .serializers import (
     AgentCustomFieldSerializer,
     AgentHistorySerializer,
     AgentHostnameSerializer,
+    AgentNoteSerializer,
     AgentSerializer,
     AgentTableSerializer,
-    AgentNoteSerializer,
 )
 from .tasks import run_script_email_results_task, send_agent_update_task
 
@@ -66,12 +67,22 @@ class GetAgents(APIView):
     permission_classes = [IsAuthenticated, AgentPerms]
 
     def get(self, request):
+        from checks.models import Check, CheckResult
+
+        monitoring_type_filter = Q()
+        client_site_filter = Q()
+
+        monitoring_type = request.query_params.get("monitoring_type", None)
+        if monitoring_type:
+            if monitoring_type in ["server", "workstation"]:
+                monitoring_type_filter = Q(monitoring_type=monitoring_type)
+            else:
+                return notify_error("monitoring type does not exist")
+
         if "site" in request.query_params.keys():
-            filter = Q(site_id=request.query_params["site"])
+            client_site_filter = Q(site_id=request.query_params["site"])
         elif "client" in request.query_params.keys():
-            filter = Q(site__client_id=request.query_params["client"])
-        else:
-            filter = Q()
+            client_site_filter = Q(site__client_id=request.query_params["client"])
 
         # by default detail=true
         if (
@@ -79,24 +90,53 @@ class GetAgents(APIView):
             or "detail" in request.query_params.keys()
             and request.query_params["detail"] == "true"
         ):
-
             agents = (
                 Agent.objects.filter_by_role(request.user)  # type: ignore
-                .select_related("site", "policy", "alert_template")
-                .prefetch_related("agentchecks")
-                .filter(filter)
+                .filter(monitoring_type_filter)
+                .filter(client_site_filter)
                 .defer(*AGENT_DEFER)
+                .select_related(
+                    "site__server_policy",
+                    "site__workstation_policy",
+                    "site__client__server_policy",
+                    "site__client__workstation_policy",
+                    "policy",
+                    "alert_template",
+                )
+                .prefetch_related(
+                    Prefetch(
+                        "agentchecks",
+                        queryset=Check.objects.select_related("script"),
+                    ),
+                    Prefetch(
+                        "checkresults",
+                        queryset=CheckResult.objects.select_related("assigned_check"),
+                    ),
+                )
+                .annotate(
+                    pending_actions_count=Count(
+                        "pendingactions",
+                        filter=Q(pendingactions__status=PAStatus.PENDING),
+                    )
+                )
+                .annotate(
+                    has_patches_pending=Exists(
+                        WinUpdate.objects.filter(
+                            agent_id=OuterRef("pk"), action="approve", installed=False
+                        )
+                    )
+                )
             )
-            ctx = {"default_tz": get_default_timezone()}
-            serializer = AgentTableSerializer(agents, many=True, context=ctx)
+            serializer = AgentTableSerializer(agents, many=True)
 
         # if detail=false
         else:
             agents = (
                 Agent.objects.filter_by_role(request.user)  # type: ignore
-                .select_related("site")
-                .filter(filter)
-                .only("agent_id", "hostname", "site")
+                .defer(*AGENT_DEFER)
+                .select_related("site__client")
+                .filter(monitoring_type_filter)
+                .filter(client_site_filter)
             )
             serializer = AgentHostnameSerializer(agents, many=True)
 
@@ -132,13 +172,13 @@ class GetUpdateDeleteAgent(APIView):
             for field in request.data["custom_fields"]:
 
                 custom_field = field
-                custom_field["agent"] = agent.id  # type: ignore
+                custom_field["agent"] = agent.pk
 
                 if AgentCustomField.objects.filter(
-                    field=field["field"], agent=agent.id  # type: ignore
+                    field=field["field"], agent=agent.pk
                 ):
                     value = AgentCustomField.objects.get(
-                        field=field["field"], agent=agent.id  # type: ignore
+                        field=field["field"], agent=agent.pk
                     )
                     serializer = AgentCustomFieldSerializer(
                         instance=value, data=custom_field
@@ -155,10 +195,19 @@ class GetUpdateDeleteAgent(APIView):
     # uninstall agent
     def delete(self, request, agent_id):
         agent = get_object_or_404(Agent, agent_id=agent_id)
-        asyncio.run(agent.nats_cmd({"func": "uninstall"}, wait=False))
+
+        code = "foo"
+        if agent.plat == "linux":
+            with open(settings.LINUX_AGENT_SCRIPT, "r") as f:
+                code = f.read()
+
+        asyncio.run(agent.nats_cmd({"func": "uninstall", "code": code}, wait=False))
         name = agent.hostname
+        mesh_id = agent.mesh_node_id
         agent.delete()
         reload_nats()
+        uri = get_mesh_ws_url()
+        asyncio.run(remove_mesh_agent(uri, mesh_id))
         return Response(f"{name} will now be uninstalled.")
 
 
@@ -167,6 +216,11 @@ class AgentProcesses(APIView):
 
     # list agent processes
     def get(self, request, agent_id):
+        if getattr(settings, "DEMO", False):
+            from tacticalrmm.demo_views import demo_get_procs
+
+            return demo_get_procs()
+
         agent = get_object_or_404(Agent, agent_id=agent_id)
         r = asyncio.run(agent.nats_cmd(data={"func": "procs"}, timeout=5))
         if r == "timeout" or r == "natsdown":
@@ -194,19 +248,19 @@ class AgentMeshCentral(APIView):
     # get mesh urls
     def get(self, request, agent_id):
         agent = get_object_or_404(Agent, agent_id=agent_id)
-        core = CoreSettings.objects.first()
+        core = get_core_settings()
 
-        token = agent.get_login_token(
-            key=core.mesh_token,
-            user=f"user//{core.mesh_username.lower()}",  # type:ignore
-        )
+        if not core.mesh_disable_auto_login:
+            token = get_login_token(
+                key=core.mesh_token, user=f"user//{core.mesh_username}"
+            )
+            token_param = f"login={token}&"
+        else:
+            token_param = ""
 
-        if token == "err":
-            return notify_error("Invalid mesh token")
-
-        control = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=11&hide=31"  # type:ignore
-        terminal = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=12&hide=31"  # type:ignore
-        file = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=13&hide=31"  # type:ignore
+        control = f"{core.mesh_site}/?{token_param}gotonode={agent.mesh_node_id}&viewmode=11&hide=31"
+        terminal = f"{core.mesh_site}/?{token_param}gotonode={agent.mesh_node_id}&viewmode=12&hide=31"
+        file = f"{core.mesh_site}/?{token_param}gotonode={agent.mesh_node_id}&viewmode=13&hide=31"
 
         AuditLog.audit_mesh_session(
             username=request.user.username,
@@ -240,9 +294,9 @@ class AgentMeshCentral(APIView):
 @permission_classes([IsAuthenticated, AgentPerms])
 def get_agent_versions(request):
     agents = (
-        Agent.objects.filter_by_role(request.user)
-        .prefetch_related("site")
-        .only("pk", "hostname")
+        Agent.objects.defer(*AGENT_DEFER)
+        .filter_by_role(request.user)  # type: ignore
+        .select_related("site__client")
     )
     return Response(
         {
@@ -256,7 +310,7 @@ def get_agent_versions(request):
 @permission_classes([IsAuthenticated, UpdateAgentPerms])
 def update_agents(request):
     q = (
-        Agent.objects.filter_by_role(request.user)
+        Agent.objects.filter_by_role(request.user)  # type: ignore
         .filter(agent_id__in=request.data["agent_ids"])
         .only("agent_id", "version")
     )
@@ -282,9 +336,9 @@ def ping(request, agent_id):
             break
         else:
             attempts += 1
-            time.sleep(1)
+            time.sleep(0.5)
 
-        if attempts >= 5:
+        if attempts >= 3:
             break
 
     return Response({"name": agent.hostname, "status": status})
@@ -293,8 +347,13 @@ def ping(request, agent_id):
 @api_view(["GET"])
 @permission_classes([IsAuthenticated, EvtLogPerms])
 def get_event_log(request, agent_id, logtype, days):
+    if getattr(settings, "DEMO", False):
+        from tacticalrmm.demo_views import demo_get_eventlog
+
+        return demo_get_eventlog()
+
     agent = get_object_or_404(Agent, agent_id=agent_id)
-    timeout = 180 if logtype == "Security" else 30
+    timeout = 180 if logtype == EvtLogNames.SECURITY else 30
 
     data = {
         "func": "eventlog",
@@ -316,23 +375,27 @@ def get_event_log(request, agent_id, logtype, days):
 def send_raw_cmd(request, agent_id):
     agent = get_object_or_404(Agent, agent_id=agent_id)
     timeout = int(request.data["timeout"])
+    if request.data["shell"] == "custom" and request.data["custom_shell"]:
+        shell = request.data["custom_shell"]
+    else:
+        shell = request.data["shell"]
+
     data = {
         "func": "rawcmd",
         "timeout": timeout,
         "payload": {
             "command": request.data["cmd"],
-            "shell": request.data["shell"],
+            "shell": shell,
         },
     }
 
-    if pyver.parse(agent.version) >= pyver.parse("1.6.0"):
-        hist = AgentHistory.objects.create(
-            agent=agent,
-            type="cmd_run",
-            command=request.data["cmd"],
-            username=request.user.username[:50],
-        )
-        data["id"] = hist.pk
+    hist = AgentHistory.objects.create(
+        agent=agent,
+        type="cmd_run",
+        command=request.data["cmd"],
+        username=request.user.username[:50],
+    )
+    data["id"] = hist.pk
 
     r = asyncio.run(agent.nats_cmd(data, timeout=timeout + 2))
 
@@ -343,7 +406,7 @@ def send_raw_cmd(request, agent_id):
         username=request.user.username,
         agent=agent,
         cmd=request.data["cmd"],
-        shell=request.data["shell"],
+        shell=shell,
         debug_info={"ip": request._client_ip},
     )
 
@@ -364,9 +427,11 @@ class Reboot(APIView):
     # reboot later
     def patch(self, request, agent_id):
         agent = get_object_or_404(Agent, agent_id=agent_id)
+        if agent.is_posix:
+            return notify_error(f"Not currently implemented for {agent.plat}")
 
         try:
-            obj = dt.datetime.strptime(request.data["datetime"], "%Y-%m-%d %H:%M")
+            obj = dt.datetime.strptime(request.data["datetime"], "%Y-%m-%dT%H:%M:%S")
         except Exception:
             return notify_error("Invalid date")
 
@@ -374,18 +439,28 @@ class Reboot(APIView):
             random.choice(string.ascii_letters) for _ in range(10)
         )
 
+        expire_date = obj + djangotime.timedelta(minutes=5)
+
         nats_data = {
             "func": "schedtask",
             "schedtaskpayload": {
                 "type": "schedreboot",
-                "deleteafter": True,
-                "trigger": "once",
+                "enabled": True,
+                "delete_expired_task_after": True,
+                "start_when_available": False,
+                "multiple_instances": 2,
+                "trigger": "runonce",
                 "name": task_name,
-                "year": int(dt.datetime.strftime(obj, "%Y")),
-                "month": dt.datetime.strftime(obj, "%B"),
-                "day": int(dt.datetime.strftime(obj, "%d")),
-                "hour": int(dt.datetime.strftime(obj, "%H")),
-                "min": int(dt.datetime.strftime(obj, "%M")),
+                "start_year": int(dt.datetime.strftime(obj, "%Y")),
+                "start_month": int(dt.datetime.strftime(obj, "%-m")),
+                "start_day": int(dt.datetime.strftime(obj, "%-d")),
+                "start_hour": int(dt.datetime.strftime(obj, "%-H")),
+                "start_min": int(dt.datetime.strftime(obj, "%-M")),
+                "expire_year": int(expire_date.strftime("%Y")),
+                "expire_month": int(expire_date.strftime("%-m")),
+                "expire_day": int(expire_date.strftime("%-d")),
+                "expire_hour": int(expire_date.strftime("%-H")),
+                "expire_min": int(expire_date.strftime("%-M")),
             },
         }
 
@@ -395,7 +470,7 @@ class Reboot(APIView):
 
         details = {"taskname": task_name, "time": str(obj)}
         PendingAction.objects.create(
-            agent=agent, action_type="schedreboot", details=details
+            agent=agent, action_type=PAAction.SCHED_REBOOT, details=details
         )
         nice_time = dt.datetime.strftime(obj, "%B %d, %Y at %I:%M %p")
         return Response(
@@ -407,9 +482,9 @@ class Reboot(APIView):
 @permission_classes([IsAuthenticated, InstallAgentPerms])
 def install_agent(request):
     from knox.models import AuthToken
-    from accounts.models import User
 
-    from agents.utils import get_winagent_url
+    from accounts.models import User
+    from agents.utils import get_agent_url
 
     client_id = request.data["client"]
     site_id = request.data["site"]
@@ -419,26 +494,15 @@ def install_agent(request):
     if not _has_perm_on_site(request.user, site_id):
         raise PermissionDenied()
 
-    # response type is blob so we have to use
-    # status codes and render error message on the frontend
-    if arch == "64" and not os.path.exists(
-        os.path.join(settings.EXE_DIR, "meshagent.exe")
-    ):
-        return notify_error(
-            "Missing 64 bit meshagent.exe. Upload it from Settings > Global Settings > MeshCentral"
-        )
-
-    if arch == "32" and not os.path.exists(
-        os.path.join(settings.EXE_DIR, "meshagent-x86.exe")
-    ):
-        return notify_error(
-            "Missing 32 bit meshagent.exe. Upload it from Settings > Global Settings > MeshCentral"
-        )
-
     inno = (
         f"winagent-v{version}.exe" if arch == "64" else f"winagent-v{version}-x86.exe"
     )
-    download_url = get_winagent_url(arch)
+    if request.data["installMethod"] == "linux":
+        plat = "linux"
+    else:
+        plat = "windows"
+
+    download_url = get_agent_url(arch, plat)
 
     installer_user = User.objects.filter(is_installer_user=True).first()
 
@@ -462,6 +526,30 @@ def install_agent(request):
             file_name=request.data["fileName"],
         )
 
+    elif request.data["installMethod"] == "linux":
+        # TODO
+        # linux agents are in beta for now, only available for sponsors for testing
+        # remove this after it's out of beta
+
+        code_token = CodeSignToken.objects.first()
+        if not code_token:
+            return notify_error("Missing code signing token")
+
+        if not code_token.is_valid:
+            return notify_error("Code signing token is not valid")
+
+        from agents.utils import generate_linux_install
+
+        return generate_linux_install(
+            client=str(client_id),
+            site=str(site_id),
+            agent_type=request.data["agenttype"],
+            arch=arch,
+            token=token,
+            api=request.data["api"],
+            download_url=download_url,
+        )
+
     elif request.data["installMethod"] == "manual":
         cmd = [
             inno,
@@ -551,40 +639,23 @@ def install_agent(request):
 
 @api_view(["POST"])
 @permission_classes([IsAuthenticated, RecoverAgentPerms])
-def recover(request, agent_id):
-    agent = get_object_or_404(Agent, agent_id=agent_id)
+def recover(request, agent_id: str) -> Response:
+    agent: Agent = get_object_or_404(
+        Agent.objects.defer(*AGENT_DEFER), agent_id=agent_id
+    )
     mode = request.data["mode"]
 
-    # attempt a realtime recovery, otherwise fall back to old recovery method
-    if mode == "tacagent" or mode == "mesh":
-        data = {"func": "recover", "payload": {"mode": mode}}
-        r = asyncio.run(agent.nats_cmd(data, timeout=10))
-        if r == "ok":
-            return Response("Successfully completed recovery")
-
-    if agent.recoveryactions.filter(last_run=None).exists():  # type: ignore
-        return notify_error(
-            "A recovery action is currently pending. Please wait for the next agent check-in."
-        )
-
-    if mode == "command" and not request.data["cmd"]:
-        return notify_error("Command is required")
-
-    # if we've made it this far and realtime recovery didn't work,
-    # tacagent service is the fallback recovery so we obv can't use that to recover itself if it's down
     if mode == "tacagent":
-        return notify_error(
-            "Requires RPC service to be functional. Please recover that first"
-        )
+        uri = get_mesh_ws_url()
+        agent.recover(mode, uri, wait=False)
+        return Response("Recovery will be attempted shortly")
 
-    # we should only get here if all other methods fail
-    RecoveryAction(
-        agent=agent,
-        mode=mode,
-        command=request.data["cmd"] if mode == "command" else None,
-    ).save()
+    elif mode == "mesh":
+        r, err = agent.recover(mode, "")
+        if err:
+            return notify_error(f"Unable to complete recovery: {r}")
 
-    return Response("Recovery will be attempted on the agent's next check-in")
+    return Response("Successfully completed recovery")
 
 
 @api_view(["POST"])
@@ -603,15 +674,13 @@ def run_script(request, agent_id):
         debug_info={"ip": request._client_ip},
     )
 
-    history_pk = 0
-    if pyver.parse(agent.version) >= pyver.parse("1.6.0"):
-        hist = AgentHistory.objects.create(
-            agent=agent,
-            type="script_run",
-            script=script,
-            username=request.user.username[:50],
-        )
-        history_pk = hist.pk
+    hist = AgentHistory.objects.create(
+        agent=agent,
+        type="script_run",
+        script=script,
+        username=request.user.username[:50],
+    )
+    history_pk = hist.pk
 
     if output == "wait":
         r = agent.run_script(
@@ -683,27 +752,6 @@ def run_script(request, agent_id):
     return Response(f"{script.name} will now be run on {agent.hostname}")
 
 
-@api_view(["POST"])
-def get_mesh_exe(request, arch):
-    filename = "meshagent.exe" if arch == "64" else "meshagent-x86.exe"
-    mesh_exe = os.path.join(settings.EXE_DIR, filename)
-    if not os.path.exists(mesh_exe):
-        return notify_error(f"File {filename} has not been uploaded.")
-
-    if settings.DEBUG:
-        with open(mesh_exe, "rb") as f:
-            response = HttpResponse(
-                f.read(), content_type="application/vnd.microsoft.portable-executable"
-            )
-            response["Content-Disposition"] = f"inline; filename={filename}"
-            return response
-    else:
-        response = HttpResponse()
-        response["Content-Disposition"] = f"attachment; filename={filename}"
-        response["X-Accel-Redirect"] = f"/private/exe/{filename}"
-        return response
-
-
 class GetAddNotes(APIView):
     permission_classes = [IsAuthenticated, AgentNotesPerms]
 
@@ -712,7 +760,7 @@ class GetAddNotes(APIView):
             agent = get_object_or_404(Agent, agent_id=agent_id)
             notes = Note.objects.filter(agent=agent)
         else:
-            notes = Note.objects.filter_by_role(request.user)
+            notes = Note.objects.filter_by_role(request.user)  # type: ignore
 
         return Response(AgentNoteSerializer(notes, many=True).data)
 
@@ -721,6 +769,9 @@ class GetAddNotes(APIView):
         if not _has_perm_on_agent(request.user, agent.agent_id):
             raise PermissionDenied()
 
+        if "note" not in request.data.keys():
+            return notify_error("Cannot add an empty note")
+
         data = {
             "note": request.data["note"],
             "agent": agent.pk,
@@ -774,24 +825,24 @@ def bulk(request):
     if request.data["target"] == "client":
         if not _has_perm_on_client(request.user, request.data["client"]):
             raise PermissionDenied()
-        q = Agent.objects.filter_by_role(request.user).filter(
+        q = Agent.objects.filter_by_role(request.user).filter(  # type: ignore
             site__client_id=request.data["client"]
         )
 
     elif request.data["target"] == "site":
         if not _has_perm_on_site(request.user, request.data["site"]):
             raise PermissionDenied()
-        q = Agent.objects.filter_by_role(request.user).filter(
+        q = Agent.objects.filter_by_role(request.user).filter(  # type: ignore
             site_id=request.data["site"]
         )
 
     elif request.data["target"] == "agents":
-        q = Agent.objects.filter_by_role(request.user).filter(
+        q = Agent.objects.filter_by_role(request.user).filter(  # type: ignore
             agent_id__in=request.data["agents"]
         )
 
     elif request.data["target"] == "all":
-        q = Agent.objects.filter_by_role(request.user).only("pk", "monitoring_type")
+        q = Agent.objects.filter_by_role(request.user).only("pk", "monitoring_type")  # type: ignore
 
     else:
         return notify_error("Something went wrong")
@@ -801,6 +852,11 @@ def bulk(request):
     elif request.data["monType"] == "workstations":
         q = q.filter(monitoring_type="workstation")
 
+    if request.data["osType"] == "windows":
+        q = q.filter(plat="windows")
+    elif request.data["osType"] == "linux":
+        q = q.filter(plat="linux")
+
     agents: list[int] = [agent.pk for agent in q]
 
     if not agents:
@@ -814,10 +870,15 @@ def bulk(request):
     )
 
     if request.data["mode"] == "command":
+        if request.data["shell"] == "custom" and request.data["custom_shell"]:
+            shell = request.data["custom_shell"]
+        else:
+            shell = request.data["shell"]
+
         handle_bulk_command_task.delay(
             agents,
             request.data["cmd"],
-            request.data["shell"],
+            shell,
             request.data["timeout"],
             request.user.username[:50],
             run_on_offline=request.data["offlineAgents"],
@@ -858,7 +919,7 @@ def agent_maintenance(request):
             raise PermissionDenied()
 
         count = (
-            Agent.objects.filter_by_role(request.user)
+            Agent.objects.filter_by_role(request.user)  # type: ignore
             .filter(site__client_id=request.data["id"])
             .update(maintenance_mode=request.data["action"])
         )
@@ -868,7 +929,7 @@ def agent_maintenance(request):
             raise PermissionDenied()
 
         count = (
-            Agent.objects.filter_by_role(request.user)
+            Agent.objects.filter_by_role(request.user)  # type: ignore
             .filter(site_id=request.data["id"])
             .update(maintenance_mode=request.data["action"])
         )
@@ -904,6 +965,6 @@ class AgentHistoryView(APIView):
             agent = get_object_or_404(Agent, agent_id=agent_id)
             history = AgentHistory.objects.filter(agent=agent)
         else:
-            history = AgentHistory.objects.filter_by_role(request.user)
+            history = AgentHistory.objects.filter_by_role(request.user)  # type: ignore
         ctx = {"default_tz": get_default_timezone()}
         return Response(AgentHistorySerializer(history, many=True, context=ctx).data)

api/tacticalrmm/alerts/migrations/0011_alter_alert_agent.py

@@ -0,0 +1,24 @@
+# Generated by Django 4.0.3 on 2022-04-07 17:28
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+def delete_alerts_without_agent(apps, schema):
+    Alert = apps.get_model("alerts", "Alert")
+
+    Alert.objects.filter(agent=None).delete()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("agents", "0047_alter_agent_plat_alter_agent_site"),
+        ("alerts", "0010_auto_20210917_1954"),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            delete_alerts_without_agent, reverse_code=migrations.RunPython.noop
+        ),
+    ]

api/tacticalrmm/alerts/models.py

@@ -1,7 +1,7 @@
 from __future__ import annotations
 
 import re
-from typing import TYPE_CHECKING, Union
+from typing import TYPE_CHECKING, Any, Dict, List, Optional, Union, cast
 
 from django.contrib.postgres.fields import ArrayField
 from django.db import models
@@ -9,12 +9,14 @@ from django.db.models.fields import BooleanField, PositiveIntegerField
 from django.utils import timezone as djangotime
 
 from logs.models import BaseAuditModel, DebugLog
+from tacticalrmm.constants import CheckType, DebugLogType
 from tacticalrmm.models import PermissionQuerySet
 
 if TYPE_CHECKING:
     from agents.models import Agent
-    from autotasks.models import AutomatedTask
-    from checks.models import Check
+    from autotasks.models import AutomatedTask, TaskResult
+    from checks.models import Check, CheckResult
+    from clients.models import Client, Site
 
 
 SEVERITY_CHOICES = [
@@ -83,62 +85,198 @@ class Alert(models.Model):
         max_length=100, null=True, blank=True
     )
 
-    def __str__(self):
-        return self.message
+    def __str__(self) -> str:
+        return f"{self.alert_type} - {self.message}"
 
-    def resolve(self):
+    @property
+    def assigned_agent(self) -> "Optional[Agent]":
+        return self.agent
+
+    @property
+    def site(self) -> "Site":
+        return self.agent.site
+
+    @property
+    def client(self) -> "Client":
+        return self.agent.client
+
+    def resolve(self) -> None:
         self.resolved = True
         self.resolved_on = djangotime.now()
         self.snoozed = False
         self.snooze_until = None
-        self.save()
+        self.save(update_fields=["resolved", "resolved_on", "snoozed", "snooze_until"])
 
     @classmethod
-    def create_or_return_availability_alert(cls, agent):
-        if not cls.objects.filter(agent=agent, resolved=False).exists():
-            return cls.objects.create(
-                agent=agent,
-                alert_type="availability",
-                severity="error",
-                message=f"{agent.hostname} in {agent.client.name}\\{agent.site.name} is overdue.",
-                hidden=True,
+    def create_or_return_availability_alert(
+        cls, agent: Agent, skip_create: bool = False
+    ) -> Optional[Alert]:
+        if not cls.objects.filter(
+            agent=agent, alert_type="availability", resolved=False
+        ).exists():
+            if skip_create:
+                return None
+
+            return cast(
+                Alert,
+                cls.objects.create(
+                    agent=agent,
+                    alert_type="availability",
+                    severity="error",
+                    message=f"{agent.hostname} in {agent.client.name}\\{agent.site.name} is overdue.",
+                    hidden=True,
+                ),
             )
         else:
-            return cls.objects.get(agent=agent, resolved=False)
+            try:
+                return cast(
+                    Alert,
+                    cls.objects.get(
+                        agent=agent, alert_type="availability", resolved=False
+                    ),
+                )
+            except cls.MultipleObjectsReturned:
+                alerts = cls.objects.filter(
+                    agent=agent, alert_type="availability", resolved=False
+                )
+
+                last_alert = cast(Alert, alerts.last())
+
+                # cycle through other alerts and resolve
+                for alert in alerts:
+                    if alert.id != last_alert.pk:
+                        alert.resolve()
+
+                return last_alert
+            except cls.DoesNotExist:
+                return None
 
     @classmethod
-    def create_or_return_check_alert(cls, check):
+    def create_or_return_check_alert(
+        cls,
+        check: "Check",
+        agent: "Agent",
+        alert_severity: Optional[str] = None,
+        skip_create: bool = False,
+    ) -> "Optional[Alert]":
 
-        if not cls.objects.filter(assigned_check=check, resolved=False).exists():
-            return cls.objects.create(
-                assigned_check=check,
-                alert_type="check",
-                severity=check.alert_severity,
-                message=f"{check.agent.hostname} has a {check.check_type} check: {check.readable_desc} that failed.",
-                hidden=True,
+        # need to pass agent if the check is a policy
+        if not cls.objects.filter(
+            assigned_check=check,
+            agent=agent,
+            resolved=False,
+        ).exists():
+            if skip_create:
+                return None
+
+            return cast(
+                Alert,
+                cls.objects.create(
+                    assigned_check=check,
+                    agent=agent,
+                    alert_type="check",
+                    severity=check.alert_severity
+                    if check.check_type
+                    not in [
+                        CheckType.MEMORY,
+                        CheckType.CPU_LOAD,
+                        CheckType.DISK_SPACE,
+                        CheckType.SCRIPT,
+                    ]
+                    else alert_severity,
+                    message=f"{agent.hostname} has a {check.check_type} check: {check.readable_desc} that failed.",
+                    hidden=True,
+                ),
             )
         else:
-            return cls.objects.get(assigned_check=check, resolved=False)
+            try:
+                return cast(
+                    Alert,
+                    cls.objects.get(
+                        assigned_check=check,
+                        agent=agent,
+                        resolved=False,
+                    ),
+                )
+            except cls.MultipleObjectsReturned:
+                alerts = cls.objects.filter(
+                    assigned_check=check,
+                    agent=agent,
+                    resolved=False,
+                )
+                last_alert = cast(Alert, alerts.last())
+
+                # cycle through other alerts and resolve
+                for alert in alerts:
+                    if alert.id != last_alert.pk:
+                        alert.resolve()
+
+                return last_alert
+            except cls.DoesNotExist:
+                return None
 
     @classmethod
-    def create_or_return_task_alert(cls, task):
+    def create_or_return_task_alert(
+        cls,
+        task: "AutomatedTask",
+        agent: "Agent",
+        skip_create: bool = False,
+    ) -> "Optional[Alert]":
 
-        if not cls.objects.filter(assigned_task=task, resolved=False).exists():
-            return cls.objects.create(
-                assigned_task=task,
-                alert_type="task",
-                severity=task.alert_severity,
-                message=f"{task.agent.hostname} has task: {task.name} that failed.",
-                hidden=True,
+        if not cls.objects.filter(
+            assigned_task=task,
+            agent=agent,
+            resolved=False,
+        ).exists():
+            if skip_create:
+                return None
+
+            return cast(
+                Alert,
+                cls.objects.create(
+                    assigned_task=task,
+                    agent=agent,
+                    alert_type="task",
+                    severity=task.alert_severity,
+                    message=f"{agent.hostname} has task: {task.name} that failed.",
+                    hidden=True,
+                ),
             )
+
         else:
-            return cls.objects.get(assigned_task=task, resolved=False)
+            try:
+                return cast(
+                    Alert,
+                    cls.objects.get(
+                        assigned_task=task,
+                        agent=agent,
+                        resolved=False,
+                    ),
+                )
+            except cls.MultipleObjectsReturned:
+                alerts = cls.objects.filter(
+                    assigned_task=task,
+                    agent=agent,
+                    resolved=False,
+                )
+                last_alert = cast(Alert, alerts.last())
+
+                # cycle through other alerts and resolve
+                for alert in alerts:
+                    if alert.id != last_alert.pk:
+                        alert.resolve()
+
+                return last_alert
+            except cls.DoesNotExist:
+                return None
 
     @classmethod
-    def handle_alert_failure(cls, instance: Union[Agent, AutomatedTask, Check]) -> None:
+    def handle_alert_failure(
+        cls, instance: Union[Agent, TaskResult, CheckResult]
+    ) -> None:
         from agents.models import Agent
-        from autotasks.models import AutomatedTask
-        from checks.models import Check
+        from autotasks.models import TaskResult
+        from checks.models import CheckResult
 
         # set variables
         dashboard_severities = None
@@ -150,6 +288,7 @@ class Alert(models.Model):
         alert_interval = None
         email_task = None
         text_task = None
+        run_script_action = None
 
         # check what the instance passed is
         if isinstance(instance, Agent):
@@ -165,28 +304,19 @@ class Alert(models.Model):
             maintenance_mode = instance.maintenance_mode
             alert_severity = "error"
             agent = instance
+            dashboard_severities = ["error"]
+            email_severities = ["error"]
+            text_severities = ["error"]
 
             # set alert_template settings
             if alert_template:
-                dashboard_severities = ["error"]
-                email_severities = ["error"]
-                text_severities = ["error"]
                 always_dashboard = alert_template.agent_always_alert
                 always_email = alert_template.agent_always_email
                 always_text = alert_template.agent_always_text
                 alert_interval = alert_template.agent_periodic_alert_days
                 run_script_action = alert_template.agent_script_actions
 
-            if instance.should_create_alert(alert_template):
-                alert = cls.create_or_return_availability_alert(instance)
-            else:
-                # check if there is an alert that exists
-                if cls.objects.filter(agent=instance, resolved=False).exists():
-                    alert = cls.objects.get(agent=instance, resolved=False)
-                else:
-                    alert = None
-
-        elif isinstance(instance, Check):
+        elif isinstance(instance, CheckResult):
             from checks.tasks import (
                 handle_check_email_alert_task,
                 handle_check_sms_alert_task,
@@ -195,75 +325,94 @@ class Alert(models.Model):
             email_task = handle_check_email_alert_task
             text_task = handle_check_sms_alert_task
 
-            email_alert = instance.email_alert
-            text_alert = instance.text_alert
-            dashboard_alert = instance.dashboard_alert
+            email_alert = instance.assigned_check.email_alert
+            text_alert = instance.assigned_check.text_alert
+            dashboard_alert = instance.assigned_check.dashboard_alert
             alert_template = instance.agent.alert_template
             maintenance_mode = instance.agent.maintenance_mode
-            alert_severity = instance.alert_severity
+            alert_severity = (
+                instance.assigned_check.alert_severity
+                if instance.assigned_check.check_type
+                not in [
+                    CheckType.MEMORY,
+                    CheckType.CPU_LOAD,
+                    CheckType.DISK_SPACE,
+                    CheckType.SCRIPT,
+                ]
+                else instance.alert_severity
+            )
             agent = instance.agent
 
             # set alert_template settings
             if alert_template:
-                dashboard_severities = alert_template.check_dashboard_alert_severity
-                email_severities = alert_template.check_email_alert_severity
-                text_severities = alert_template.check_text_alert_severity
+                dashboard_severities = (
+                    alert_template.check_dashboard_alert_severity
+                    if alert_template.check_dashboard_alert_severity
+                    else ["error", "warning", "info"]
+                )
+                email_severities = (
+                    alert_template.check_email_alert_severity
+                    if alert_template.check_email_alert_severity
+                    else ["error", "warning"]
+                )
+                text_severities = (
+                    alert_template.check_text_alert_severity
+                    if alert_template.check_text_alert_severity
+                    else ["error", "warning"]
+                )
                 always_dashboard = alert_template.check_always_alert
                 always_email = alert_template.check_always_email
                 always_text = alert_template.check_always_text
                 alert_interval = alert_template.check_periodic_alert_days
                 run_script_action = alert_template.check_script_actions
 
-            if instance.should_create_alert(alert_template):
-                alert = cls.create_or_return_check_alert(instance)
-            else:
-                # check if there is an alert that exists
-                if cls.objects.filter(assigned_check=instance, resolved=False).exists():
-                    alert = cls.objects.get(assigned_check=instance, resolved=False)
-                else:
-                    alert = None
-
-        elif isinstance(instance, AutomatedTask):
+        elif isinstance(instance, TaskResult):
             from autotasks.tasks import handle_task_email_alert, handle_task_sms_alert
 
             email_task = handle_task_email_alert
             text_task = handle_task_sms_alert
 
-            email_alert = instance.email_alert
-            text_alert = instance.text_alert
-            dashboard_alert = instance.dashboard_alert
+            email_alert = instance.task.email_alert
+            text_alert = instance.task.text_alert
+            dashboard_alert = instance.task.dashboard_alert
             alert_template = instance.agent.alert_template
             maintenance_mode = instance.agent.maintenance_mode
-            alert_severity = instance.alert_severity
+            alert_severity = instance.task.alert_severity
             agent = instance.agent
 
             # set alert_template settings
             if alert_template:
-                dashboard_severities = alert_template.task_dashboard_alert_severity
-                email_severities = alert_template.task_email_alert_severity
-                text_severities = alert_template.task_text_alert_severity
+                dashboard_severities = (
+                    alert_template.task_dashboard_alert_severity
+                    if alert_template.task_dashboard_alert_severity
+                    else ["error", "warning"]
+                )
+                email_severities = (
+                    alert_template.task_email_alert_severity
+                    if alert_template.task_email_alert_severity
+                    else ["error", "warning"]
+                )
+                text_severities = (
+                    alert_template.task_text_alert_severity
+                    if alert_template.task_text_alert_severity
+                    else ["error", "warning"]
+                )
                 always_dashboard = alert_template.task_always_alert
                 always_email = alert_template.task_always_email
                 always_text = alert_template.task_always_text
                 alert_interval = alert_template.task_periodic_alert_days
                 run_script_action = alert_template.task_script_actions
 
-            if instance.should_create_alert(alert_template):
-                alert = cls.create_or_return_task_alert(instance)
-            else:
-                # check if there is an alert that exists
-                if cls.objects.filter(assigned_task=instance, resolved=False).exists():
-                    alert = cls.objects.get(assigned_task=instance, resolved=False)
-                else:
-                    alert = None
         else:
             return
 
+        alert = instance.get_or_create_alert_if_needed(alert_template)
+
         # return if agent is in maintenance mode
-        if maintenance_mode or not alert:
+        if not alert or maintenance_mode:
             return
 
-        # check if alert severity changed on check and update the alert
+        # check if alert severity changed and update the alert
         if alert_severity != alert.severity:
             alert.severity = alert_severity
             alert.save(update_fields=["severity"])
@@ -272,19 +421,25 @@ class Alert(models.Model):
         if dashboard_alert or always_dashboard:
 
             # check if alert template is set and specific severities are configured
-            if alert_template and alert.severity not in dashboard_severities:  # type: ignore
-                pass
-            else:
+            if (
+                not alert_template
+                or alert_template
+                and dashboard_severities
+                and alert.severity in dashboard_severities
+            ):
                 alert.hidden = False
-                alert.save()
+                alert.save(update_fields=["hidden"])
 
         # send email if enabled
         if email_alert or always_email:
 
             # check if alert template is set and specific severities are configured
-            if alert_template and alert.severity not in email_severities:  # type: ignore
-                pass
-            else:
+            if (
+                not alert_template
+                or alert_template
+                and email_severities
+                and alert.severity in email_severities
+            ):
                 email_task.delay(
                     pk=alert.pk,
                     alert_interval=alert_interval,
@@ -294,13 +449,21 @@ class Alert(models.Model):
         if text_alert or always_text:
 
             # check if alert template is set and specific severities are configured
-            if alert_template and alert.severity not in text_severities:  # type: ignore
-                pass
-            else:
+            if (
+                not alert_template
+                or alert_template
+                and text_severities
+                and alert.severity in text_severities
+            ):
                 text_task.delay(pk=alert.pk, alert_interval=alert_interval)
 
         # check if any scripts should be run
-        if alert_template and alert_template.action and run_script_action and not alert.action_run:  # type: ignore
+        if (
+            alert_template
+            and alert_template.action
+            and run_script_action
+            and not alert.action_run
+        ):
             r = agent.run_script(
                 scriptpk=alert_template.action.pk,
                 args=alert.parse_script_args(alert_template.action_args),
@@ -311,7 +474,7 @@ class Alert(models.Model):
             )
 
             # command was successful
-            if type(r) == dict:
+            if isinstance(r, dict):
                 alert.action_retcode = r["retcode"]
                 alert.action_stdout = r["stdout"]
                 alert.action_stderr = r["stderr"]
@@ -321,21 +484,24 @@ class Alert(models.Model):
             else:
                 DebugLog.error(
                     agent=agent,
-                    log_type="scripting",
+                    log_type=DebugLogType.SCRIPTING,
                     message=f"Failure action: {alert_template.action.name} failed to run on any agent for {agent.hostname}({agent.pk}) failure alert",
                 )
 
     @classmethod
-    def handle_alert_resolve(cls, instance: Union[Agent, AutomatedTask, Check]) -> None:
+    def handle_alert_resolve(
+        cls, instance: Union[Agent, TaskResult, CheckResult]
+    ) -> None:
         from agents.models import Agent
-        from autotasks.models import AutomatedTask
-        from checks.models import Check
+        from autotasks.models import TaskResult
+        from checks.models import CheckResult
 
         # set variables
         email_on_resolved = False
         text_on_resolved = False
         resolved_email_task = None
         resolved_text_task = None
+        run_script_action = None
 
         # check what the instance passed is
         if isinstance(instance, Agent):
@@ -345,7 +511,6 @@ class Alert(models.Model):
             resolved_text_task = agent_recovery_sms_task
 
             alert_template = instance.alert_template
-            alert = cls.objects.get(agent=instance, resolved=False)
             maintenance_mode = instance.maintenance_mode
             agent = instance
 
@@ -354,7 +519,12 @@ class Alert(models.Model):
                 text_on_resolved = alert_template.agent_text_on_resolved
                 run_script_action = alert_template.agent_script_actions
 
-        elif isinstance(instance, Check):
+            if agent.overdue_email_alert:
+                email_on_resolved = True
+            if agent.overdue_text_alert:
+                text_on_resolved = True
+
+        elif isinstance(instance, CheckResult):
             from checks.tasks import (
                 handle_resolved_check_email_alert_task,
                 handle_resolved_check_sms_alert_task,
@@ -364,7 +534,6 @@ class Alert(models.Model):
             resolved_text_task = handle_resolved_check_sms_alert_task
 
             alert_template = instance.agent.alert_template
-            alert = cls.objects.get(assigned_check=instance, resolved=False)
             maintenance_mode = instance.agent.maintenance_mode
             agent = instance.agent
 
@@ -373,7 +542,7 @@ class Alert(models.Model):
                 text_on_resolved = alert_template.check_text_on_resolved
                 run_script_action = alert_template.check_script_actions
 
-        elif isinstance(instance, AutomatedTask):
+        elif isinstance(instance, TaskResult):
             from autotasks.tasks import (
                 handle_resolved_task_email_alert,
                 handle_resolved_task_sms_alert,
@@ -383,7 +552,6 @@ class Alert(models.Model):
             resolved_text_task = handle_resolved_task_sms_alert
 
             alert_template = instance.agent.alert_template
-            alert = cls.objects.get(assigned_task=instance, resolved=False)
             maintenance_mode = instance.agent.maintenance_mode
             agent = instance.agent
 
@@ -395,8 +563,10 @@ class Alert(models.Model):
         else:
             return
 
+        alert = instance.get_or_create_alert_if_needed(alert_template)
+
         # return if agent is in maintenance mode
-        if maintenance_mode:
+        if not alert or maintenance_mode:
             return
 
         alert.resolve()
@@ -413,7 +583,7 @@ class Alert(models.Model):
         if (
             alert_template
             and alert_template.resolved_action
-            and run_script_action  # type: ignore
+            and run_script_action
             and not alert.resolved_action_run
         ):
             r = agent.run_script(
@@ -426,7 +596,7 @@ class Alert(models.Model):
             )
 
             # command was successful
-            if type(r) == dict:
+            if isinstance(r, dict):
                 alert.resolved_action_retcode = r["retcode"]
                 alert.resolved_action_stdout = r["stdout"]
                 alert.resolved_action_stderr = r["stderr"]
@@ -438,11 +608,11 @@ class Alert(models.Model):
             else:
                 DebugLog.error(
                     agent=agent,
-                    log_type="scripting",
+                    log_type=DebugLogType.SCRIPTING,
                     message=f"Resolved action: {alert_template.action.name} failed to run on any agent for {agent.hostname}({agent.pk}) resolved alert",
                 )
 
-    def parse_script_args(self, args: list[str]):
+    def parse_script_args(self, args: List[str]) -> List[str]:
 
         if not args:
             return []
@@ -463,9 +633,9 @@ class Alert(models.Model):
                     continue
 
                 try:
-                    temp_args.append(re.sub("\\{\\{.*\\}\\}", value, arg))  # type: ignore
+                    temp_args.append(re.sub("\\{\\{.*\\}\\}", value, arg))
                 except Exception as e:
-                    DebugLog.error(log_type="scripting", message=str(e))
+                    DebugLog.error(log_type=DebugLogType.SCRIPTING, message=str(e))
                     continue
 
             else:
@@ -595,11 +765,22 @@ class AlertTemplate(BaseAuditModel):
         "agents.Agent", related_name="alert_exclusions", blank=True
     )
 
-    def __str__(self):
+    def __str__(self) -> str:
         return self.name
 
+    def is_agent_excluded(self, agent: "Agent") -> bool:
+        return (
+            agent in self.excluded_agents.all()
+            or agent.site in self.excluded_sites.all()
+            or agent.client in self.excluded_clients.all()
+            or agent.monitoring_type == "workstation"
+            and self.exclude_workstations
+            or agent.monitoring_type == "server"
+            and self.exclude_servers
+        )
+
     @staticmethod
-    def serialize(alert_template):
+    def serialize(alert_template: AlertTemplate) -> Dict[str, Any]:
         # serializes the agent and returns json
         from .serializers import AlertTemplateAuditSerializer
 

api/tacticalrmm/alerts/permissions.py

@@ -1,10 +1,15 @@
+from typing import TYPE_CHECKING
+
 from django.shortcuts import get_object_or_404
 from rest_framework import permissions
 
 from tacticalrmm.permissions import _has_perm, _has_perm_on_agent
 
+if TYPE_CHECKING:
+    from accounts.models import User
 
-def _has_perm_on_alert(user, id: int):
+
+def _has_perm_on_alert(user: "User", id: int) -> bool:
     from alerts.models import Alert
 
     role = user.role
@@ -19,10 +24,6 @@ def _has_perm_on_alert(user, id: int):
 
     if alert.agent:
         agent_id = alert.agent.agent_id
-    elif alert.assigned_check:
-        agent_id = alert.assigned_check.agent.agent_id
-    elif alert.assigned_task:
-        agent_id = alert.assigned_task.agent.agent_id
     else:
         return True
 
@@ -30,7 +31,7 @@ def _has_perm_on_alert(user, id: int):
 
 
 class AlertPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET" or r.method == "PATCH":
             if "pk" in view.kwargs.keys():
                 return _has_perm(r, "can_list_alerts") and _has_perm_on_alert(
@@ -48,7 +49,7 @@ class AlertPerms(permissions.BasePermission):
 
 
 class AlertTemplatePerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             return _has_perm(r, "can_list_alerttemplates")
         else:

api/tacticalrmm/alerts/serializers.py

@@ -3,86 +3,17 @@ from rest_framework.serializers import ModelSerializer, ReadOnlyField
 
 from automation.serializers import PolicySerializer
 from clients.serializers import ClientMinimumSerializer, SiteMinimumSerializer
-from tacticalrmm.utils import get_default_timezone
 
 from .models import Alert, AlertTemplate
 
 
 class AlertSerializer(ModelSerializer):
 
-    hostname = SerializerMethodField(read_only=True)
-    client = SerializerMethodField(read_only=True)
-    site = SerializerMethodField(read_only=True)
-    alert_time = SerializerMethodField(read_only=True)
-    resolve_on = SerializerMethodField(read_only=True)
-    snoozed_until = SerializerMethodField(read_only=True)
-
-    def get_hostname(self, instance):
-        if instance.alert_type == "availability":
-            return instance.agent.hostname if instance.agent else ""
-        elif instance.alert_type == "check":
-            return (
-                instance.assigned_check.agent.hostname
-                if instance.assigned_check
-                else ""
-            )
-        elif instance.alert_type == "task":
-            return (
-                instance.assigned_task.agent.hostname if instance.assigned_task else ""
-            )
-        else:
-            return ""
-
-    def get_client(self, instance):
-        if instance.alert_type == "availability":
-            return instance.agent.client.name if instance.agent else ""
-        elif instance.alert_type == "check":
-            return (
-                instance.assigned_check.agent.client.name
-                if instance.assigned_check
-                else ""
-            )
-        elif instance.alert_type == "task":
-            return (
-                instance.assigned_task.agent.client.name
-                if instance.assigned_task
-                else ""
-            )
-        else:
-            return ""
-
-    def get_site(self, instance):
-        if instance.alert_type == "availability":
-            return instance.agent.site.name if instance.agent else ""
-        elif instance.alert_type == "check":
-            return (
-                instance.assigned_check.agent.site.name
-                if instance.assigned_check
-                else ""
-            )
-        elif instance.alert_type == "task":
-            return (
-                instance.assigned_task.agent.site.name if instance.assigned_task else ""
-            )
-        else:
-            return ""
-
-    def get_alert_time(self, instance):
-        if instance.alert_time:
-            return instance.alert_time.astimezone(get_default_timezone()).timestamp()
-        else:
-            return None
-
-    def get_resolve_on(self, instance):
-        if instance.resolved_on:
-            return instance.resolved_on.astimezone(get_default_timezone()).timestamp()
-        else:
-            return None
-
-    def get_snoozed_until(self, instance):
-        if instance.snooze_until:
-            return instance.snooze_until.astimezone(get_default_timezone()).timestamp()
-        return None
+    hostname = ReadOnlyField(source="assigned_agent.hostname")
+    agent_id = ReadOnlyField(source="assigned_agent.agent_id")
+    client = ReadOnlyField(source="client.name")
+    site = ReadOnlyField(source="site.name")
+    alert_time = ReadOnlyField()
 
     class Meta:
         model = Alert
@@ -104,11 +35,11 @@ class AlertTemplateSerializer(ModelSerializer):
         fields = "__all__"
 
     def get_applied_count(self, instance):
-        count = 0
-        count += instance.policies.count()
-        count += instance.clients.count()
-        count += instance.sites.count()
-        return count
+        return (
+            instance.policies.count()
+            + instance.clients.count()
+            + instance.sites.count()
+        )
 
 
 class AlertTemplateRelationSerializer(ModelSerializer):

api/tacticalrmm/alerts/tasks.py

@@ -1,11 +1,13 @@
 from django.utils import timezone as djangotime
+
+from agents.models import Agent
 from tacticalrmm.celery import app
 
+from .models import Alert
+
 
 @app.task
 def unsnooze_alerts() -> str:
-    from .models import Alert
-
     Alert.objects.filter(snoozed=True, snooze_until__lte=djangotime.now()).update(
         snoozed=False, snooze_until=None
     )
@@ -14,10 +16,10 @@ def unsnooze_alerts() -> str:
 
 
 @app.task
-def cache_agents_alert_template():
-    from agents.models import Agent
-
-    for agent in Agent.objects.only("pk"):
+def cache_agents_alert_template() -> str:
+    for agent in Agent.objects.only(
+        "pk", "site", "policy", "alert_template"
+    ).select_related("site", "policy", "alert_template"):
         agent.set_alert_template()
 
     return "ok"
@@ -25,8 +27,6 @@ def cache_agents_alert_template():
 
 @app.task
 def prune_resolved_alerts(older_than_days: int) -> str:
-    from .models import Alert
-
     Alert.objects.filter(resolved=True).filter(
         alert_time__lt=djangotime.now() - djangotime.timedelta(days=older_than_days)
     ).delete()

api/tacticalrmm/alerts/views.py

@@ -7,7 +7,7 @@ from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
 
-from tacticalrmm.utils import notify_error
+from tacticalrmm.helpers import notify_error
 
 from .models import Alert, AlertTemplate
 from .permissions import AlertPerms, AlertTemplatePerms
@@ -92,7 +92,7 @@ class GetAddAlerts(APIView):
                 )
 
             alerts = (
-                Alert.objects.filter_by_role(request.user)
+                Alert.objects.filter_by_role(request.user)  # type: ignore
                 .filter(clientFilter)
                 .filter(severityFilter)
                 .filter(resolvedFilter)
@@ -102,7 +102,7 @@ class GetAddAlerts(APIView):
             return Response(AlertSerializer(alerts, many=True).data)
 
         else:
-            alerts = Alert.objects.filter_by_role(request.user)
+            alerts = Alert.objects.filter_by_role(request.user)  # type: ignore
             return Response(AlertSerializer(alerts, many=True).data)
 
     def post(self, request):

api/tacticalrmm/apiv3/tests/tests.py

@@ -1,12 +1,7 @@
-import json
-import os
-from unittest.mock import patch
-
-from django.conf import settings
 from django.utils import timezone as djangotime
 from model_bakery import baker
 
-from autotasks.models import AutomatedTask
+from autotasks.models import TaskResult
 from tacticalrmm.test import TacticalTestCase
 
 
@@ -17,46 +12,53 @@ class TestAPIv3(TacticalTestCase):
         self.agent = baker.make_recipe("agents.agent")
 
     def test_get_checks(self):
-        url = f"/api/v3/{self.agent.agent_id}/checkrunner/"
+        agent = baker.make_recipe("agents.agent")
+        url = f"/api/v3/{agent.agent_id}/checkrunner/"
 
         # add a check
-        check1 = baker.make_recipe("checks.ping_check", agent=self.agent)
+        check1 = baker.make_recipe("checks.ping_check", agent=agent)
+        check_result1 = baker.make(
+            "checks.CheckResult", agent=agent, assigned_check=check1
+        )
         r = self.client.get(url)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.data["check_interval"], self.agent.check_interval)  # type: ignore
-        self.assertEqual(len(r.data["checks"]), 1)  # type: ignore
+        self.assertEqual(r.data["check_interval"], self.agent.check_interval)
+        self.assertEqual(len(r.data["checks"]), 1)
 
         # override check run interval
         check2 = baker.make_recipe(
-            "checks.ping_check", agent=self.agent, run_interval=20
+            "checks.diskspace_check", agent=agent, run_interval=20
+        )
+        check_result2 = baker.make(
+            "checks.CheckResult", agent=agent, assigned_check=check2
         )
 
         r = self.client.get(url)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.data["check_interval"], 20)  # type: ignore
-        self.assertEqual(len(r.data["checks"]), 2)  # type: ignore
+        self.assertEqual(len(r.data["checks"]), 2)
+        self.assertEqual(r.data["check_interval"], 20)
 
         # Set last_run on both checks and should return an empty list
-        check1.last_run = djangotime.now()
-        check1.save()
-        check2.last_run = djangotime.now()
-        check2.save()
+        check_result1.last_run = djangotime.now()
+        check_result1.save()
+        check_result2.last_run = djangotime.now()
+        check_result2.save()
 
         r = self.client.get(url)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.data["check_interval"], 20)  # type: ignore
-        self.assertFalse(r.data["checks"])  # type: ignore
+        self.assertEqual(r.data["check_interval"], 20)
+        self.assertFalse(r.data["checks"])
 
         # set last_run greater than interval
-        check1.last_run = djangotime.now() - djangotime.timedelta(seconds=200)
-        check1.save()
-        check2.last_run = djangotime.now() - djangotime.timedelta(seconds=200)
-        check2.save()
+        check_result1.last_run = djangotime.now() - djangotime.timedelta(seconds=200)
+        check_result1.save()
+        check_result2.last_run = djangotime.now() - djangotime.timedelta(seconds=200)
+        check_result2.save()
 
         r = self.client.get(url)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.data["check_interval"], 20)  # type: ignore
-        self.assertEquals(len(r.data["checks"]), 2)  # type: ignore
+        self.assertEqual(r.data["check_interval"], 20)
+        self.assertEqual(len(r.data["checks"]), 2)
 
         url = "/api/v3/Maj34ACb324j234asdj2n34kASDjh34-DESKTOPTEST123/checkrunner/"
         r = self.client.get(url)
@@ -64,24 +66,6 @@ class TestAPIv3(TacticalTestCase):
 
         self.check_not_authenticated("get", url)
 
-    def test_sysinfo(self):
-        # TODO replace this with golang wmi sample data
-
-        url = "/api/v3/sysinfo/"
-        with open(
-            os.path.join(
-                settings.BASE_DIR, "tacticalrmm/test_data/wmi_python_agent.json"
-            )
-        ) as f:
-            wmi_py = json.load(f)
-
-        payload = {"agent_id": self.agent.agent_id, "sysinfo": wmi_py}
-
-        r = self.client.patch(url, payload, format="json")
-        self.assertEqual(r.status_code, 200)
-
-        self.check_not_authenticated("patch", url)
-
     def test_checkrunner_interval(self):
         url = f"/api/v3/{self.agent.agent_id}/checkinterval/"
         r = self.client.get(url, format="json")
@@ -130,61 +114,31 @@ class TestAPIv3(TacticalTestCase):
         self.assertIsInstance(r.json()["check_interval"], int)
         self.assertEqual(len(r.json()["checks"]), 15)
 
-    @patch("apiv3.views.reload_nats")
-    def test_agent_recovery(self, reload_nats):
-        reload_nats.return_value = "ok"
-        r = self.client.get("/api/v3/34jahsdkjasncASDjhg2b3j4r/recover/")
-        self.assertEqual(r.status_code, 404)
-
-        agent = baker.make_recipe("agents.online_agent")
-        url = f"/api/v3/{agent.agent_id}/recovery/"
-
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.json(), {"mode": "pass", "shellcmd": ""})
-        reload_nats.assert_not_called()
-
-        baker.make("agents.RecoveryAction", agent=agent, mode="mesh")
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.json(), {"mode": "mesh", "shellcmd": ""})
-        reload_nats.assert_not_called()
-
-        baker.make(
-            "agents.RecoveryAction",
-            agent=agent,
-            mode="command",
-            command="shutdown /r /t 5 /f",
-        )
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 200)
-        self.assertEqual(
-            r.json(), {"mode": "command", "shellcmd": "shutdown /r /t 5 /f"}
-        )
-        reload_nats.assert_not_called()
-
-        baker.make("agents.RecoveryAction", agent=agent, mode="rpc")
-        r = self.client.get(url)
-        self.assertEqual(r.status_code, 200)
-        self.assertEqual(r.json(), {"mode": "rpc", "shellcmd": ""})
-        reload_nats.assert_called_once()
-
     def test_task_runner_get(self):
-        from autotasks.serializers import TaskGOGetSerializer
-
         r = self.client.get("/api/v3/500/asdf9df9dfdf/taskrunner/")
         self.assertEqual(r.status_code, 404)
 
-        # setup data
-        agent = baker.make_recipe("agents.agent")
-        script = baker.make_recipe("scripts.script")
-        task = baker.make("autotasks.AutomatedTask", agent=agent, script=script)
+        script = baker.make("scripts.script")
 
-        url = f"/api/v3/{task.pk}/{agent.agent_id}/taskrunner/"  # type: ignore
+        # setup data
+        task_actions = [
+            {"type": "cmd", "command": "whoami", "timeout": 10, "shell": "cmd"},
+            {
+                "type": "script",
+                "script": script.id,
+                "script_args": ["test"],
+                "timeout": 30,
+            },
+            {"type": "script", "script": 3, "script_args": [], "timeout": 30},
+        ]
+
+        agent = baker.make_recipe("agents.agent")
+        task = baker.make("autotasks.AutomatedTask", agent=agent, actions=task_actions)
+
+        url = f"/api/v3/{task.pk}/{agent.agent_id}/taskrunner/"
 
         r = self.client.get(url)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(TaskGOGetSerializer(task).data, r.data)  # type: ignore
 
     def test_task_runner_results(self):
         from agents.models import AgentCustomField
@@ -195,8 +149,9 @@ class TestAPIv3(TacticalTestCase):
         # setup data
         agent = baker.make_recipe("agents.agent")
         task = baker.make("autotasks.AutomatedTask", agent=agent)
+        task_result = baker.make("autotasks.TaskResult", agent=agent, task=task)
 
-        url = f"/api/v3/{task.pk}/{agent.agent_id}/taskrunner/"  # type: ignore
+        url = f"/api/v3/{task.pk}/{agent.agent_id}/taskrunner/"
 
         # test passing task
         data = {
@@ -208,7 +163,7 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertTrue(AutomatedTask.objects.get(pk=task.pk).status == "passing")  # type: ignore
+        self.assertTrue(TaskResult.objects.get(pk=task_result.pk).status == "passing")
 
         # test failing task
         data = {
@@ -220,7 +175,7 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertTrue(AutomatedTask.objects.get(pk=task.pk).status == "failing")  # type: ignore
+        self.assertTrue(TaskResult.objects.get(pk=task_result.pk).status == "failing")
 
         # test collector task
         text = baker.make("core.CustomField", model="agent", type="text", name="Test")
@@ -232,8 +187,8 @@ class TestAPIv3(TacticalTestCase):
         )
 
         # test text fields
-        task.custom_field = text  # type: ignore
-        task.save()  # type: ignore
+        task.custom_field = text
+        task.save()
 
         # test failing failing with stderr
         data = {
@@ -245,7 +200,7 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertTrue(AutomatedTask.objects.get(pk=task.pk).status == "failing")  # type: ignore
+        self.assertTrue(TaskResult.objects.get(pk=task_result.pk).status == "failing")
 
         # test saving to text field
         data = {
@@ -257,12 +212,15 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(AutomatedTask.objects.get(pk=task.pk).status, "passing")  # type: ignore
-        self.assertEqual(AgentCustomField.objects.get(field=text, agent=task.agent).value, "the last line")  # type: ignore
+        self.assertEqual(TaskResult.objects.get(pk=task_result.pk).status, "passing")
+        self.assertEqual(
+            AgentCustomField.objects.get(field=text, agent=task.agent).value,
+            "the last line",
+        )
 
         # test saving to checkbox field
-        task.custom_field = boolean  # type: ignore
-        task.save()  # type: ignore
+        task.custom_field = boolean
+        task.save()
 
         data = {
             "stdout": "1",
@@ -273,12 +231,14 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(AutomatedTask.objects.get(pk=task.pk).status, "passing")  # type: ignore
-        self.assertTrue(AgentCustomField.objects.get(field=boolean, agent=task.agent).value)  # type: ignore
+        self.assertEqual(TaskResult.objects.get(pk=task_result.pk).status, "passing")
+        self.assertTrue(
+            AgentCustomField.objects.get(field=boolean, agent=task.agent).value
+        )
 
         # test saving to multiple field with commas
-        task.custom_field = multiple  # type: ignore
-        task.save()  # type: ignore
+        task.custom_field = multiple
+        task.save()
 
         data = {
             "stdout": "this,is,an,array",
@@ -289,8 +249,11 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(AutomatedTask.objects.get(pk=task.pk).status, "passing")  # type: ignore
-        self.assertEqual(AgentCustomField.objects.get(field=multiple, agent=task.agent).value, ["this", "is", "an", "array"])  # type: ignore
+        self.assertEqual(TaskResult.objects.get(pk=task_result.pk).status, "passing")
+        self.assertEqual(
+            AgentCustomField.objects.get(field=multiple, agent=task.agent).value,
+            ["this", "is", "an", "array"],
+        )
 
         # test mutiple with a single value
         data = {
@@ -302,5 +265,8 @@ class TestAPIv3(TacticalTestCase):
 
         r = self.client.patch(url, data)
         self.assertEqual(r.status_code, 200)
-        self.assertEqual(AutomatedTask.objects.get(pk=task.pk).status, "passing")  # type: ignore
-        self.assertEqual(AgentCustomField.objects.get(field=multiple, agent=task.agent).value, ["this"])  # type: ignore
+        self.assertEqual(TaskResult.objects.get(pk=task_result.pk).status, "passing")
+        self.assertEqual(
+            AgentCustomField.objects.get(field=multiple, agent=task.agent).value,
+            ["this"],
+        )

api/tacticalrmm/apiv3/urls.py

@@ -9,7 +9,6 @@ urlpatterns = [
     path("<str:agentid>/checkinterval/", views.CheckRunnerInterval.as_view()),
     path("<int:pk>/<str:agentid>/taskrunner/", views.TaskRunner.as_view()),
     path("meshexe/", views.MeshExe.as_view()),
-    path("sysinfo/", views.SysInfo.as_view()),
     path("newagent/", views.NewAgent.as_view()),
     path("software/", views.Software.as_view()),
     path("installer/", views.Installer.as_view()),
@@ -19,6 +18,5 @@ urlpatterns = [
     path("winupdates/", views.WinUpdates.as_view()),
     path("superseded/", views.SupersededWinUpdate.as_view()),
     path("<int:pk>/chocoresult/", views.ChocoResult.as_view()),
-    path("<str:agentid>/recovery/", views.AgentRecovery.as_view()),
     path("<int:pk>/<str:agentid>/histresult/", views.AgentHistoryResult.as_view()),
 ]

api/tacticalrmm/apiv3/views.py

@@ -1,9 +1,7 @@
 import asyncio
-import os
-import time
 
 from django.conf import settings
-from django.http import HttpResponse
+from django.db.models import Prefetch
 from django.shortcuts import get_object_or_404
 from django.utils import timezone as djangotime
 from packaging import version as pyver
@@ -15,15 +13,31 @@ from rest_framework.views import APIView
 
 from accounts.models import User
 from agents.models import Agent, AgentHistory
-from agents.serializers import WinAgentSerializer, AgentHistorySerializer
-from autotasks.models import AutomatedTask
-from autotasks.serializers import TaskGOGetSerializer, TaskRunnerPatchSerializer
-from checks.models import Check
+from agents.serializers import AgentHistorySerializer
+from autotasks.models import AutomatedTask, TaskResult
+from autotasks.serializers import TaskGOGetSerializer, TaskResultSerializer
+from checks.constants import CHECK_DEFER, CHECK_RESULT_DEFER
+from checks.models import Check, CheckResult
 from checks.serializers import CheckRunnerGetSerializer
-from checks.utils import bytes2human
-from logs.models import PendingAction, DebugLog
+from core.utils import (
+    download_mesh_agent,
+    get_core_settings,
+    get_mesh_device_id,
+    get_mesh_ws_url,
+)
+from logs.models import DebugLog, PendingAction
 from software.models import InstalledSoftware
-from tacticalrmm.utils import notify_error, reload_nats
+from tacticalrmm.constants import (
+    AGENT_DEFER,
+    AuditActionType,
+    AuditObjType,
+    CheckStatus,
+    DebugLogType,
+    MeshAgentIdent,
+    PAStatus,
+)
+from tacticalrmm.helpers import notify_error
+from tacticalrmm.utils import reload_nats
 from winupdate.models import WinUpdate, WinUpdatePolicy
 
 
@@ -32,61 +46,14 @@ class CheckIn(APIView):
     authentication_classes = [TokenAuthentication]
     permission_classes = [IsAuthenticated]
 
-    def put(self, request):
-        """
-        !!! DEPRECATED AS OF AGENT 1.7.0 !!!
-        Endpoint be removed in a future release
-        """
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
-        serializer = WinAgentSerializer(instance=agent, data=request.data, partial=True)
-
-        if request.data["func"] == "disks":
-            disks = request.data["disks"]
-            new = []
-            for disk in disks:
-                tmp = {}
-                for _, _ in disk.items():
-                    tmp["device"] = disk["device"]
-                    tmp["fstype"] = disk["fstype"]
-                    tmp["total"] = bytes2human(disk["total"])
-                    tmp["used"] = bytes2human(disk["used"])
-                    tmp["free"] = bytes2human(disk["free"])
-                    tmp["percent"] = int(disk["percent"])
-                new.append(tmp)
-
-            serializer.is_valid(raise_exception=True)
-            serializer.save(disks=new)
-            return Response("ok")
-
-        if request.data["func"] == "loggedonuser":
-            if request.data["logged_in_username"] != "None":
-                serializer.is_valid(raise_exception=True)
-                serializer.save(last_logged_in_user=request.data["logged_in_username"])
-                return Response("ok")
-
-        if request.data["func"] == "software":
-            sw = request.data["software"]
-
-            if not InstalledSoftware.objects.filter(agent=agent).exists():
-                InstalledSoftware(agent=agent, software=sw).save()
-            else:
-                s = agent.installedsoftware_set.first()  # type: ignore
-                s.software = sw
-                s.save(update_fields=["software"])
-
-            return Response("ok")
-
-        serializer.is_valid(raise_exception=True)
-        serializer.save()
-        return Response("ok")
-
     # called once during tacticalagent windows service startup
     def post(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
         if not agent.choco_installed:
             asyncio.run(agent.nats_cmd({"func": "installchoco"}, wait=False))
 
-        time.sleep(0.5)
         asyncio.run(agent.nats_cmd({"func": "getwinupdates"}, wait=False))
         return Response("ok")
 
@@ -96,7 +63,9 @@ class SyncMeshNodeID(APIView):
     permission_classes = [IsAuthenticated]
 
     def post(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
         if agent.mesh_node_id != request.data["nodeid"]:
             agent.mesh_node_id = request.data["nodeid"]
             agent.save(update_fields=["mesh_node_id"])
@@ -109,7 +78,9 @@ class Choco(APIView):
     permission_classes = [IsAuthenticated]
 
     def post(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
         agent.choco_installed = request.data["installed"]
         agent.save(update_fields=["choco_installed"])
         return Response("ok")
@@ -120,7 +91,9 @@ class WinUpdates(APIView):
     permission_classes = [IsAuthenticated]
 
     def put(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
 
         needs_reboot: bool = request.data["needs_reboot"]
         agent.needs_reboot = needs_reboot
@@ -138,7 +111,7 @@ class WinUpdates(APIView):
             asyncio.run(agent.nats_cmd({"func": "rebootnow"}, wait=False))
             DebugLog.info(
                 agent=agent,
-                log_type="windows_updates",
+                log_type=DebugLogType.WIN_UPDATES,
                 message=f"{agent.hostname} is rebooting after updates were installed.",
             )
 
@@ -146,8 +119,13 @@ class WinUpdates(APIView):
         return Response("ok")
 
     def patch(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
         u = agent.winupdates.filter(guid=request.data["guid"]).last()  # type: ignore
+        if not u:
+            raise WinUpdate.DoesNotExist
+
         success: bool = request.data["success"]
         if success:
             u.result = "success"
@@ -170,8 +148,14 @@ class WinUpdates(APIView):
         return Response("ok")
 
     def post(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
         updates = request.data["wua_updates"]
+        if not updates:
+            return notify_error("Empty payload")
+
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
+
         for update in updates:
             if agent.winupdates.filter(guid=update["guid"]).exists():  # type: ignore
                 u = agent.winupdates.filter(guid=update["guid"]).last()  # type: ignore
@@ -202,14 +186,6 @@ class WinUpdates(APIView):
                 ).save()
 
         agent.delete_superseded_updates()
-
-        # more superseded updates cleanup
-        if pyver.parse(agent.version) <= pyver.parse("1.4.2"):
-            for u in agent.winupdates.filter(  # type: ignore
-                date_installed__isnull=True, result="failed"
-            ).exclude(installed=True):
-                u.delete()
-
         return Response("ok")
 
 
@@ -218,7 +194,9 @@ class SupersededWinUpdate(APIView):
     permission_classes = [IsAuthenticated]
 
     def post(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
         updates = agent.winupdates.filter(guid=request.data["guid"])  # type: ignore
         for u in updates:
             u.delete()
@@ -231,12 +209,19 @@ class RunChecks(APIView):
     permission_classes = [IsAuthenticated]
 
     def get(self, request, agentid):
-        agent = get_object_or_404(Agent, agent_id=agentid)
-        checks = Check.objects.filter(agent__pk=agent.pk, overriden_by_policy=False)
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER).prefetch_related(
+                Prefetch("agentchecks", queryset=Check.objects.select_related("script"))
+            ),
+            agent_id=agentid,
+        )
+        checks = agent.get_checks_with_policies(exclude_overridden=True)
         ret = {
             "agent": agent.pk,
             "check_interval": agent.check_interval,
-            "checks": CheckRunnerGetSerializer(checks, many=True).data,
+            "checks": CheckRunnerGetSerializer(
+                checks, context={"agent": agent}, many=True
+            ).data,
         }
         return Response(ret)
 
@@ -246,47 +231,72 @@ class CheckRunner(APIView):
     permission_classes = [IsAuthenticated]
 
     def get(self, request, agentid):
-        agent = get_object_or_404(Agent, agent_id=agentid)
-        checks = agent.agentchecks.filter(overriden_by_policy=False)  # type: ignore
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER).prefetch_related(
+                Prefetch("agentchecks", queryset=Check.objects.select_related("script"))
+            ),
+            agent_id=agentid,
+        )
+        checks = agent.get_checks_with_policies(exclude_overridden=True)
 
         run_list = [
             check
             for check in checks
             # always run if check hasn't run yet
-            if not check.last_run
-            # if a check interval is set, see if the correct amount of seconds have passed
+            if not isinstance(check.check_result, CheckResult)
+            or not check.check_result.last_run
+            # see if the correct amount of seconds have passed
             or (
-                check.run_interval
-                and (
-                    check.last_run
-                    < djangotime.now()
-                    - djangotime.timedelta(seconds=check.run_interval)
+                check.check_result.last_run
+                < djangotime.now()
+                - djangotime.timedelta(
+                    seconds=check.run_interval
+                    if check.run_interval
+                    else agent.check_interval
                 )
             )
-            # if check interval isn't set, make sure the agent's check interval has passed before running
-            or (
-                not check.run_interval
-                and check.last_run
-                < djangotime.now() - djangotime.timedelta(seconds=agent.check_interval)
-            )
         ]
+
         ret = {
             "agent": agent.pk,
             "check_interval": agent.check_run_interval(),
-            "checks": CheckRunnerGetSerializer(run_list, many=True).data,
+            "checks": CheckRunnerGetSerializer(
+                run_list, context={"agent": agent}, many=True
+            ).data,
         }
         return Response(ret)
 
     def patch(self, request):
-        check = get_object_or_404(Check, pk=request.data["id"])
-        if pyver.parse(check.agent.version) < pyver.parse("1.5.7"):
-            return notify_error("unsupported")
+        if "agent_id" not in request.data.keys():
+            return notify_error("Agent upgrade required")
 
-        check.last_run = djangotime.now()
-        check.save(update_fields=["last_run"])
-        status = check.handle_check(request.data)
-        if status == "failing" and check.assignedtask.exists():  # type: ignore
-            check.handle_assigned_task()
+        check = get_object_or_404(
+            Check.objects.defer(*CHECK_DEFER),
+            pk=request.data["id"],
+        )
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER), agent_id=request.data["agent_id"]
+        )
+
+        # get check result or create if doesn't exist
+        check_result, created = CheckResult.objects.defer(
+            *CHECK_RESULT_DEFER
+        ).get_or_create(
+            assigned_check=check,
+            agent=agent,
+        )
+
+        if created:
+            check_result.save()
+
+        status = check_result.handle_check(request.data, check, agent)
+        if status == CheckStatus.FAILING and check.assignedtasks.exists():
+            for task in check.assignedtasks.all():
+                if task.enabled:
+                    if task.policy:
+                        task.run_win_task(agent)
+                    else:
+                        task.run_win_task()
 
         return Response("ok")
 
@@ -296,7 +306,10 @@ class CheckRunnerInterval(APIView):
     permission_classes = [IsAuthenticated]
 
     def get(self, request, agentid):
-        agent = get_object_or_404(Agent, agent_id=agentid)
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER).prefetch_related("agentchecks"),
+            agent_id=agentid,
+        )
 
         return Response(
             {"agent": agent.pk, "check_interval": agent.check_run_interval()}
@@ -308,65 +321,71 @@ class TaskRunner(APIView):
     permission_classes = [IsAuthenticated]
 
     def get(self, request, pk, agentid):
-        _ = get_object_or_404(Agent, agent_id=agentid)
+        agent = get_object_or_404(Agent.objects.defer(*AGENT_DEFER), agent_id=agentid)
         task = get_object_or_404(AutomatedTask, pk=pk)
-        return Response(TaskGOGetSerializer(task).data)
+        return Response(TaskGOGetSerializer(task, context={"agent": agent}).data)
 
     def patch(self, request, pk, agentid):
         from alerts.models import Alert
 
-        agent = get_object_or_404(Agent, agent_id=agentid)
-        task = get_object_or_404(AutomatedTask, pk=pk)
-
-        serializer = TaskRunnerPatchSerializer(
-            instance=task, data=request.data, partial=True
+        agent = get_object_or_404(
+            Agent.objects.defer(*AGENT_DEFER),
+            agent_id=agentid,
         )
+        task = get_object_or_404(
+            AutomatedTask.objects.select_related("custom_field"), pk=pk
+        )
+
+        # get task result or create if doesn't exist
+        try:
+            task_result = (
+                TaskResult.objects.select_related("agent")
+                .defer("agent__services", "agent__wmi_detail")
+                .get(task=task, agent=agent)
+            )
+            serializer = TaskResultSerializer(
+                data=request.data, instance=task_result, partial=True
+            )
+        except TaskResult.DoesNotExist:
+            serializer = TaskResultSerializer(data=request.data, partial=True)
+
         serializer.is_valid(raise_exception=True)
-        new_task = serializer.save(last_run=djangotime.now())
+        task_result = serializer.save(last_run=djangotime.now())
 
         AgentHistory.objects.create(
             agent=agent,
-            type="task_run",
-            script=task.script,
+            type=AuditActionType.TASK_RUN,
+            command=task.name,
             script_results=request.data,
         )
 
         # check if task is a collector and update the custom field
         if task.custom_field:
-            if not task.stderr:
+            if not task_result.stderr:
 
-                task.save_collector_results()
+                task_result.save_collector_results()
 
-                status = "passing"
+                status = CheckStatus.PASSING
             else:
-                status = "failing"
+                status = CheckStatus.FAILING
         else:
-            status = "failing" if task.retcode != 0 else "passing"
+            status = (
+                CheckStatus.FAILING if task_result.retcode != 0 else CheckStatus.PASSING
+            )
 
-        new_task.status = status
-        new_task.save()
-
-        if status == "passing":
-            if Alert.objects.filter(assigned_task=new_task, resolved=False).exists():
-                Alert.handle_alert_resolve(new_task)
+        if task_result:
+            task_result.status = status
+            task_result.save(update_fields=["status"])
         else:
-            Alert.handle_alert_failure(new_task)
+            task_result.status = status
+            task.save(update_fields=["status"])
 
-        return Response("ok")
+        if status == CheckStatus.PASSING:
+            if Alert.create_or_return_task_alert(task, agent=agent, skip_create=True):
+                Alert.handle_alert_resolve(task_result)
+        else:
+            Alert.handle_alert_failure(task_result)
 
-
-class SysInfo(APIView):
-    authentication_classes = [TokenAuthentication]
-    permission_classes = [IsAuthenticated]
-
-    def patch(self, request):
-        agent = get_object_or_404(Agent, agent_id=request.data["agent_id"])
-
-        if not isinstance(request.data["sysinfo"], dict):
-            return notify_error("err")
-
-        agent.wmi_detail = request.data["sysinfo"]
-        agent.save(update_fields=["wmi_detail"])
         return Response("ok")
 
 
@@ -374,25 +393,33 @@ class MeshExe(APIView):
     """Sends the mesh exe to the installer"""
 
     def post(self, request):
-        exe = "meshagent.exe" if request.data["arch"] == "64" else "meshagent-x86.exe"
-        mesh_exe = os.path.join(settings.EXE_DIR, exe)
+        match request.data:
+            case {"arch": "64", "plat": "windows"}:
+                arch = MeshAgentIdent.WIN64
+            case {"arch": "32", "plat": "windows"}:
+                arch = MeshAgentIdent.WIN32
+            case _:
+                return notify_error("Arch not specified")
 
-        if not os.path.exists(mesh_exe):
-            return notify_error("Mesh Agent executable not found")
+        core = get_core_settings()
 
-        if settings.DEBUG:
-            with open(mesh_exe, "rb") as f:
-                response = HttpResponse(
-                    f.read(),
-                    content_type="application/vnd.microsoft.portable-executable",
-                )
-                response["Content-Disposition"] = f"inline; filename={exe}"
-                return response
+        try:
+            uri = get_mesh_ws_url()
+            mesh_id = asyncio.run(get_mesh_device_id(uri, core.mesh_device_group))
+        except:
+            return notify_error("Unable to connect to mesh to get group id information")
+
+        if settings.DOCKER_BUILD:
+            dl_url = f"{settings.MESH_WS_URL.replace('ws://', 'http://')}/meshagents?id={arch}&meshid={mesh_id}&installflags=0"
         else:
-            response = HttpResponse()
-            response["Content-Disposition"] = f"attachment; filename={exe}"
-            response["X-Accel-Redirect"] = f"/private/exe/{exe}"
-            return response
+            dl_url = (
+                f"{core.mesh_site}/meshagents?id={arch}&meshid={mesh_id}&installflags=0"
+            )
+
+        try:
+            return download_mesh_agent(dl_url)
+        except:
+            return notify_error("Unable to download mesh agent exe")
 
 
 class NewAgent(APIView):
@@ -413,11 +440,11 @@ class NewAgent(APIView):
             monitoring_type=request.data["monitoring_type"],
             description=request.data["description"],
             mesh_node_id=request.data["mesh_node_id"],
+            goarch=request.data["goarch"],
+            plat=request.data["plat"],
             last_seen=djangotime.now(),
         )
         agent.save()
-        agent.salt_id = f"{agent.hostname}-{agent.pk}"
-        agent.save(update_fields=["salt_id"])
 
         user = User.objects.create_user(  # type: ignore
             username=request.data["agent_id"],
@@ -438,20 +465,15 @@ class NewAgent(APIView):
         AuditLog.objects.create(
             username=request.user,
             agent=agent.hostname,
-            object_type="agent",
-            action="agent_install",
+            object_type=AuditObjType.AGENT,
+            action=AuditActionType.AGENT_INSTALL,
             message=f"{request.user} installed new agent {agent.hostname}",
             after_value=Agent.serialize(agent),
             debug_info={"ip": request._client_ip},
         )
 
-        return Response(
-            {
-                "pk": agent.pk,
-                "saltid": f"{agent.hostname}-{agent.pk}",
-                "token": token.key,
-            }
-        )
+        ret = {"pk": agent.pk, "token": token.key}
+        return Response(ret)
 
 
 class Software(APIView):
@@ -516,53 +538,19 @@ class ChocoResult(APIView):
 
         action.details["output"] = results
         action.details["installed"] = installed
-        action.status = "completed"
+        action.status = PAStatus.COMPLETED
         action.save(update_fields=["details", "status"])
         return Response("ok")
 
 
-class AgentRecovery(APIView):
-    authentication_classes = [TokenAuthentication]
-    permission_classes = [IsAuthenticated]
-
-    def get(self, request, agentid):
-        agent = get_object_or_404(
-            Agent.objects.prefetch_related("recoveryactions").only(
-                "pk", "agent_id", "last_seen"
-            ),
-            agent_id=agentid,
-        )
-
-        # TODO remove these 2 lines after agent v1.7.0 has been out for a while
-        # this is handled now by nats-api service
-        agent.last_seen = djangotime.now()
-        agent.save(update_fields=["last_seen"])
-
-        recovery = agent.recoveryactions.filter(last_run=None).last()  # type: ignore
-        ret = {"mode": "pass", "shellcmd": ""}
-        if recovery is None:
-            return Response(ret)
-
-        recovery.last_run = djangotime.now()
-        recovery.save(update_fields=["last_run"])
-
-        ret["mode"] = recovery.mode
-
-        if recovery.mode == "command":
-            ret["shellcmd"] = recovery.command
-        elif recovery.mode == "rpc":
-            reload_nats()
-
-        return Response(ret)
-
-
 class AgentHistoryResult(APIView):
     authentication_classes = [TokenAuthentication]
     permission_classes = [IsAuthenticated]
 
     def patch(self, request, agentid, pk):
-        _ = get_object_or_404(Agent, agent_id=agentid)
-        hist = get_object_or_404(AgentHistory, pk=pk)
+        hist = get_object_or_404(
+            AgentHistory.objects.filter(agent__agent_id=agentid), pk=pk
+        )
         s = AgentHistorySerializer(instance=hist, data=request.data, partial=True)
         s.is_valid(raise_exception=True)
         s.save()

api/tacticalrmm/automation/models.py

@@ -1,8 +1,16 @@
+from typing import TYPE_CHECKING, Any, Dict, List, Optional
+
+from django.core.cache import cache
 from django.db import models
 
 from agents.models import Agent
-from core.models import CoreSettings
+from clients.models import Client, Site
 from logs.models import BaseAuditModel
+from tacticalrmm.constants import CORESETTINGS_CACHE_KEY, CheckType
+
+if TYPE_CHECKING:
+    from autotasks.models import AutomatedTask
+    from checks.models import Check
 
 
 class Policy(BaseAuditModel):
@@ -27,366 +35,291 @@ class Policy(BaseAuditModel):
         "agents.Agent", related_name="policy_exclusions", blank=True
     )
 
-    def save(self, *args, **kwargs):
+    def save(self, *args: Any, **kwargs: Any) -> None:
         from alerts.tasks import cache_agents_alert_template
-        from automation.tasks import generate_agent_checks_task
 
         # get old policy if exists
-        old_policy = type(self).objects.get(pk=self.pk) if self.pk else None
+        old_policy: Optional[Policy] = (
+            type(self).objects.get(pk=self.pk) if self.pk else None
+        )
         super(Policy, self).save(old_model=old_policy, *args, **kwargs)
 
-        # generate agent checks only if active and enforced were changed
+        # check if alert template was changes and cache on agents
         if old_policy:
-            if old_policy.active != self.active or old_policy.enforced != self.enforced:
-                generate_agent_checks_task.delay(
-                    policy=self.pk,
-                    create_tasks=True,
-                )
-
             if old_policy.alert_template != self.alert_template:
                 cache_agents_alert_template.delay()
+            elif self.alert_template and old_policy.active != self.active:
+                cache_agents_alert_template.delay()
+
+            if old_policy.active != self.active or old_policy.enforced != self.enforced:
+                cache.delete(CORESETTINGS_CACHE_KEY)
+                cache.delete_many_pattern("site_workstation_*")
+                cache.delete_many_pattern("site_server_*")
+                cache.delete_many_pattern("agent_*")
 
     def delete(self, *args, **kwargs):
-        from automation.tasks import generate_agent_checks_task
+        cache.delete(CORESETTINGS_CACHE_KEY)
+        cache.delete_many_pattern("site_workstation_*")
+        cache.delete_many_pattern("site_server_*")
+        cache.delete_many_pattern("agent_*")
 
-        agents = list(self.related_agents().only("pk").values_list("pk", flat=True))
-        super(Policy, self).delete(*args, **kwargs)
+        super(Policy, self).delete(
+            *args,
+            **kwargs,
+        )
 
-        generate_agent_checks_task.delay(agents=agents, create_tasks=True)
-
-    def __str__(self):
+    def __str__(self) -> str:
         return self.name
 
     @property
-    def is_default_server_policy(self):
-        return self.default_server_policy.exists()  # type: ignore
+    def is_default_server_policy(self) -> bool:
+        return self.default_server_policy.exists()
 
     @property
-    def is_default_workstation_policy(self):
-        return self.default_workstation_policy.exists()  # type: ignore
+    def is_default_workstation_policy(self) -> bool:
+        return self.default_workstation_policy.exists()
 
-    def is_agent_excluded(self, agent):
+    def is_agent_excluded(self, agent: "Agent") -> bool:
         return (
             agent in self.excluded_agents.all()
             or agent.site in self.excluded_sites.all()
             or agent.client in self.excluded_clients.all()
         )
 
-    def related_agents(self):
-        return self.get_related("server") | self.get_related("workstation")
+    def related_agents(
+        self, mon_type: Optional[str] = None
+    ) -> "models.QuerySet[Agent]":
+        models.prefetch_related_objects(
+            [self],
+            "excluded_agents",
+            "excluded_sites",
+            "excluded_clients",
+            "workstation_clients",
+            "server_clients",
+            "workstation_sites",
+            "server_sites",
+            "agents",
+        )
 
-    def get_related(self, mon_type):
-        explicit_agents = (
-            self.agents.filter(monitoring_type=mon_type)  # type: ignore
-            .exclude(
-                pk__in=self.excluded_agents.only("pk").values_list("pk", flat=True)
+        agent_filter = {}
+        filtered_agents_ids = Agent.objects.none()
+
+        if mon_type:
+            agent_filter["monitoring_type"] = mon_type
+
+        excluded_clients_ids = self.excluded_clients.only("pk").values_list(
+            "id", flat=True
+        )
+        excluded_sites_ids = self.excluded_sites.only("pk").values_list("id", flat=True)
+        excluded_agents_ids = self.excluded_agents.only("pk").values_list(
+            "id", flat=True
+        )
+
+        if self.is_default_server_policy:
+            filtered_agents_ids |= (
+                Agent.objects.exclude(block_policy_inheritance=True)
+                .exclude(site__block_policy_inheritance=True)
+                .exclude(site__client__block_policy_inheritance=True)
+                .exclude(id__in=excluded_agents_ids)
+                .exclude(site_id__in=excluded_sites_ids)
+                .exclude(site__client_id__in=excluded_clients_ids)
+                .filter(monitoring_type="server")
+                .only("id")
+                .values_list("id", flat=True)
             )
-            .exclude(site__in=self.excluded_sites.all())
-            .exclude(site__client__in=self.excluded_clients.all())
+
+        if self.is_default_workstation_policy:
+            filtered_agents_ids |= (
+                Agent.objects.exclude(block_policy_inheritance=True)
+                .exclude(site__block_policy_inheritance=True)
+                .exclude(site__client__block_policy_inheritance=True)
+                .exclude(id__in=excluded_agents_ids)
+                .exclude(site_id__in=excluded_sites_ids)
+                .exclude(site__client_id__in=excluded_clients_ids)
+                .filter(monitoring_type="workstation")
+                .only("id")
+                .values_list("id", flat=True)
+            )
+
+        # if this is the default policy for servers and workstations and skip the other calculations
+        if self.is_default_server_policy and self.is_default_workstation_policy:
+            return Agent.objects.filter(models.Q(id__in=filtered_agents_ids))
+
+        explicit_agents = (
+            self.agents.filter(**agent_filter)  # type: ignore
+            .exclude(id__in=excluded_agents_ids)
+            .exclude(site_id__in=excluded_sites_ids)
+            .exclude(site__client_id__in=excluded_clients_ids)
         )
 
-        explicit_clients = getattr(self, f"{mon_type}_clients").exclude(
-            pk__in=self.excluded_clients.all()
-        )
-        explicit_sites = getattr(self, f"{mon_type}_sites").exclude(
-            pk__in=self.excluded_sites.all()
-        )
+        explicit_clients_qs = Client.objects.none()
+        explicit_sites_qs = Site.objects.none()
 
-        filtered_agents_pks = Policy.objects.none()
+        if not mon_type or mon_type == "workstation":
+            explicit_clients_qs |= self.workstation_clients.exclude(  # type: ignore
+                id__in=excluded_clients_ids
+            )
+            explicit_sites_qs |= self.workstation_sites.exclude(  # type: ignore
+                id__in=excluded_sites_ids
+            )
 
-        filtered_agents_pks |= (
+        if not mon_type or mon_type == "server":
+            explicit_clients_qs |= self.server_clients.exclude(  # type: ignore
+                id__in=excluded_clients_ids
+            )
+            explicit_sites_qs |= self.server_sites.exclude(  # type: ignore
+                id__in=excluded_sites_ids
+            )
+
+        filtered_agents_ids |= (
             Agent.objects.exclude(block_policy_inheritance=True)
             .filter(
-                site__in=[
-                    site
-                    for site in explicit_sites
-                    if site.client not in explicit_clients
-                    and site.client not in self.excluded_clients.all()
+                site_id__in=[
+                    site.id
+                    for site in explicit_sites_qs
+                    if site.client not in explicit_clients_qs
+                    and site.client.id not in excluded_clients_ids
                 ],
-                monitoring_type=mon_type,
+                **agent_filter,
             )
-            .values_list("pk", flat=True)
+            .only("id")
+            .values_list("id", flat=True)
         )
 
-        filtered_agents_pks |= (
+        filtered_agents_ids |= (
             Agent.objects.exclude(block_policy_inheritance=True)
             .exclude(site__block_policy_inheritance=True)
             .filter(
-                site__client__in=[client for client in explicit_clients],
-                monitoring_type=mon_type,
+                site__client__in=explicit_clients_qs,
+                **agent_filter,
             )
-            .values_list("pk", flat=True)
+            .only("id")
+            .values_list("id", flat=True)
         )
 
         return Agent.objects.filter(
-            models.Q(pk__in=filtered_agents_pks)
-            | models.Q(pk__in=explicit_agents.only("pk"))
+            models.Q(id__in=filtered_agents_ids)
+            | models.Q(id__in=explicit_agents.only("id"))
         )
 
     @staticmethod
-    def serialize(policy):
+    def serialize(policy: "Policy") -> Dict[str, Any]:
         # serializes the policy and returns json
         from .serializers import PolicyAuditSerializer
 
         return PolicyAuditSerializer(policy).data
 
     @staticmethod
-    def cascade_policy_tasks(agent):
+    def get_policy_tasks(agent: "Agent") -> "List[AutomatedTask]":
 
         # List of all tasks to be applied
         tasks = list()
-        added_task_pks = list()
-
-        agent_tasks_parent_pks = [
-            task.parent_task for task in agent.autotasks.filter(managed_by_policy=True)
-        ]
 
         # Get policies applied to agent and agent site and client
-        client = agent.client
-        site = agent.site
+        policies = agent.get_agent_policies()
 
-        default_policy = None
-        client_policy = None
-        site_policy = None
-        agent_policy = agent.policy
+        processed_policies = list()
 
-        # Get the Client/Site policy based on if the agent is server or workstation
-        if agent.monitoring_type == "server":
-            default_policy = CoreSettings.objects.first().server_policy
-            client_policy = client.server_policy
-            site_policy = site.server_policy
-        elif agent.monitoring_type == "workstation":
-            default_policy = CoreSettings.objects.first().workstation_policy
-            client_policy = client.workstation_policy
-            site_policy = site.workstation_policy
-
-        # check if client/site/agent is blocking inheritance and blank out policies
-        if agent.block_policy_inheritance:
-            site_policy = None
-            client_policy = None
-            default_policy = None
-        elif site.block_policy_inheritance:
-            client_policy = None
-            default_policy = None
-        elif client.block_policy_inheritance:
-            default_policy = None
-
-        if (
-            agent_policy
-            and agent_policy.active
-            and not agent_policy.is_agent_excluded(agent)
-        ):
-            for task in agent_policy.autotasks.all():
-                if task.pk not in added_task_pks:
+        for _, policy in policies.items():
+            if policy and policy.active and policy.pk not in processed_policies:
+                processed_policies.append(policy.pk)
+                for task in policy.autotasks.all():
                     tasks.append(task)
-                    added_task_pks.append(task.pk)
-        if (
-            site_policy
-            and site_policy.active
-            and not site_policy.is_agent_excluded(agent)
-        ):
-            for task in site_policy.autotasks.all():
-                if task.pk not in added_task_pks:
-                    tasks.append(task)
-                    added_task_pks.append(task.pk)
-        if (
-            client_policy
-            and client_policy.active
-            and not client_policy.is_agent_excluded(agent)
-        ):
-            for task in client_policy.autotasks.all():
-                if task.pk not in added_task_pks:
-                    tasks.append(task)
-                    added_task_pks.append(task.pk)
 
-        if (
-            default_policy
-            and default_policy.active
-            and not default_policy.is_agent_excluded(agent)
-        ):
-            for task in default_policy.autotasks.all():
-                if task.pk not in added_task_pks:
-                    tasks.append(task)
-                    added_task_pks.append(task.pk)
-
-        # remove policy tasks from agent not included in policy
-        for task in agent.autotasks.filter(
-            parent_task__in=[
-                taskpk
-                for taskpk in agent_tasks_parent_pks
-                if taskpk not in added_task_pks
-            ]
-        ):
-            if task.sync_status == "initial":
-                task.delete()
-            else:
-                task.sync_status = "pendingdeletion"
-                task.save()
-
-        # change tasks from pendingdeletion to notsynced if policy was added or changed
-        agent.autotasks.filter(sync_status="pendingdeletion").filter(
-            parent_task__in=[taskpk for taskpk in added_task_pks]
-        ).update(sync_status="notsynced")
-
-        return [task for task in tasks if task.pk not in agent_tasks_parent_pks]
+        return tasks
 
     @staticmethod
-    def cascade_policy_checks(agent):
-        # Get checks added to agent directly
-        agent_checks = list(agent.agentchecks.filter(managed_by_policy=False))
+    def get_policy_checks(agent: "Agent") -> "List[Check]":
 
-        agent_checks_parent_pks = [
-            check.parent_check
-            for check in agent.agentchecks.filter(managed_by_policy=True)
-        ]
+        # Get checks added to agent directly
+        agent_checks = list(agent.agentchecks.all())
 
         # Get policies applied to agent and agent site and client
-        client = agent.client
-        site = agent.site
-
-        default_policy = None
-        client_policy = None
-        site_policy = None
-        agent_policy = agent.policy
-
-        if agent.monitoring_type == "server":
-            default_policy = CoreSettings.objects.first().server_policy
-            client_policy = client.server_policy
-            site_policy = site.server_policy
-        elif agent.monitoring_type == "workstation":
-            default_policy = CoreSettings.objects.first().workstation_policy
-            client_policy = client.workstation_policy
-            site_policy = site.workstation_policy
-
-        # check if client/site/agent is blocking inheritance and blank out policies
-        if agent.block_policy_inheritance:
-            site_policy = None
-            client_policy = None
-            default_policy = None
-        elif site.block_policy_inheritance:
-            client_policy = None
-            default_policy = None
-        elif client.block_policy_inheritance:
-            default_policy = None
+        policies = agent.get_agent_policies()
 
         # Used to hold the policies that will be applied and the order in which they are applied
         # Enforced policies are applied first
         enforced_checks = list()
         policy_checks = list()
 
-        if (
-            agent_policy
-            and agent_policy.active
-            and not agent_policy.is_agent_excluded(agent)
-        ):
-            if agent_policy.enforced:
-                for check in agent_policy.policychecks.all():
-                    enforced_checks.append(check)
-            else:
-                for check in agent_policy.policychecks.all():
-                    policy_checks.append(check)
+        processed_policies = list()
 
-        if (
-            site_policy
-            and site_policy.active
-            and not site_policy.is_agent_excluded(agent)
-        ):
-            if site_policy.enforced:
-                for check in site_policy.policychecks.all():
-                    enforced_checks.append(check)
-            else:
-                for check in site_policy.policychecks.all():
-                    policy_checks.append(check)
+        for _, policy in policies.items():
+            if policy and policy.active and policy.pk not in processed_policies:
+                processed_policies.append(policy.pk)
+                if policy.enforced:
+                    for check in policy.policychecks.all():
+                        enforced_checks.append(check)
+                else:
+                    for check in policy.policychecks.all():
+                        policy_checks.append(check)
 
-        if (
-            client_policy
-            and client_policy.active
-            and not client_policy.is_agent_excluded(agent)
-        ):
-            if client_policy.enforced:
-                for check in client_policy.policychecks.all():
-                    enforced_checks.append(check)
-            else:
-                for check in client_policy.policychecks.all():
-                    policy_checks.append(check)
-
-        if (
-            default_policy
-            and default_policy.active
-            and not default_policy.is_agent_excluded(agent)
-        ):
-            if default_policy.enforced:
-                for check in default_policy.policychecks.all():
-                    enforced_checks.append(check)
-            else:
-                for check in default_policy.policychecks.all():
-                    policy_checks.append(check)
+        if not enforced_checks and not policy_checks:
+            return []
 
         # Sorted Checks already added
-        added_diskspace_checks = list()
-        added_ping_checks = list()
-        added_winsvc_checks = list()
-        added_script_checks = list()
-        added_eventlog_checks = list()
-        added_cpuload_checks = list()
-        added_memory_checks = list()
+        added_diskspace_checks: List[str] = list()
+        added_ping_checks: List[str] = list()
+        added_winsvc_checks: List[str] = list()
+        added_script_checks: List[int] = list()
+        added_eventlog_checks: List[List[str]] = list()
+        added_cpuload_checks: List[int] = list()
+        added_memory_checks: List[int] = list()
 
-        # Lists all agent and policy checks that will be created
-        diskspace_checks = list()
-        ping_checks = list()
-        winsvc_checks = list()
-        script_checks = list()
-        eventlog_checks = list()
-        cpuload_checks = list()
-        memory_checks = list()
+        # Lists all agent and policy checks that will be returned
+        diskspace_checks: "List[Check]" = list()
+        ping_checks: "List[Check]" = list()
+        winsvc_checks: "List[Check]" = list()
+        script_checks: "List[Check]" = list()
+        eventlog_checks: "List[Check]" = list()
+        cpuload_checks: "List[Check]" = list()
+        memory_checks: "List[Check]" = list()
+
+        overridden_checks: List[int] = list()
 
         # Loop over checks in with enforced policies first, then non-enforced policies
         for check in enforced_checks + agent_checks + policy_checks:
-            if check.check_type == "diskspace":
+            if check.check_type == CheckType.DISK_SPACE and agent.plat == "windows":
                 # Check if drive letter was already added
                 if check.disk not in added_diskspace_checks:
                     added_diskspace_checks.append(check.disk)
-                    # Dont create the check if it is an agent check
+                    # Dont add if check if it is an agent check
                     if not check.agent:
                         diskspace_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-            if check.check_type == "ping":
+            elif check.check_type == CheckType.PING:
                 # Check if IP/host was already added
                 if check.ip not in added_ping_checks:
                     added_ping_checks.append(check.ip)
-                    # Dont create the check if it is an agent check
+                    # Dont add if the check if it is an agent check
                     if not check.agent:
                         ping_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-            if check.check_type == "cpuload":
+            elif check.check_type == CheckType.CPU_LOAD and agent.plat == "windows":
                 # Check if cpuload list is empty
                 if not added_cpuload_checks:
-                    added_cpuload_checks.append(check)
+                    added_cpuload_checks.append(check.pk)
                     # Dont create the check if it is an agent check
                     if not check.agent:
                         cpuload_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-            if check.check_type == "memory":
+            elif check.check_type == CheckType.MEMORY and agent.plat == "windows":
                 # Check if memory check list is empty
                 if not added_memory_checks:
-                    added_memory_checks.append(check)
+                    added_memory_checks.append(check.pk)
                     # Dont create the check if it is an agent check
                     if not check.agent:
                         memory_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-            if check.check_type == "winsvc":
+            elif check.check_type == CheckType.WINSVC and agent.plat == "windows":
                 # Check if service name was already added
                 if check.svc_name not in added_winsvc_checks:
                     added_winsvc_checks.append(check.svc_name)
@@ -394,10 +327,11 @@ class Policy(BaseAuditModel):
                     if not check.agent:
                         winsvc_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-            if check.check_type == "script":
+            elif check.check_type == CheckType.SCRIPT and agent.is_supported_script(
+                check.script.supported_platforms
+            ):
                 # Check if script id was already added
                 if check.script.id not in added_script_checks:
                     added_script_checks.append(check.script.id)
@@ -405,20 +339,25 @@ class Policy(BaseAuditModel):
                     if not check.agent:
                         script_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-            if check.check_type == "eventlog":
+            elif check.check_type == CheckType.EVENT_LOG and agent.plat == "windows":
                 # Check if events were already added
                 if [check.log_name, check.event_id] not in added_eventlog_checks:
                     added_eventlog_checks.append([check.log_name, check.event_id])
                     if not check.agent:
                         eventlog_checks.append(check)
                 elif check.agent:
-                    check.overriden_by_policy = True
-                    check.save()
+                    overridden_checks.append(check.pk)
 
-        final_list = (
+            if overridden_checks:
+                from checks.models import Check
+
+                Check.objects.filter(pk__in=overridden_checks).update(
+                    overridden_by_policy=True
+                )
+
+        return (
             diskspace_checks
             + ping_checks
             + cpuload_checks
@@ -427,33 +366,3 @@ class Policy(BaseAuditModel):
             + script_checks
             + eventlog_checks
         )
-
-        # remove policy checks from agent that fell out of policy scope
-        agent.agentchecks.filter(
-            managed_by_policy=True,
-            parent_check__in=[
-                checkpk
-                for checkpk in agent_checks_parent_pks
-                if checkpk not in [check.pk for check in final_list]
-            ],
-        ).delete()
-
-        return [
-            check for check in final_list if check.pk not in agent_checks_parent_pks
-        ]
-
-    @staticmethod
-    def generate_policy_checks(agent):
-        checks = Policy.cascade_policy_checks(agent)
-
-        if checks:
-            for check in checks:
-                check.create_policy_check(agent)
-
-    @staticmethod
-    def generate_policy_tasks(agent):
-        tasks = Policy.cascade_policy_tasks(agent)
-
-        if tasks:
-            for task in tasks:
-                task.create_policy_task(agent)

api/tacticalrmm/automation/permissions.py

@@ -4,7 +4,7 @@ from tacticalrmm.permissions import _has_perm
 
 
 class AutomationPolicyPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             return _has_perm(r, "can_list_automation_policies")
         else:

api/tacticalrmm/automation/serializers.py

@@ -5,8 +5,8 @@ from rest_framework.serializers import (
 )
 
 from agents.serializers import AgentHostnameSerializer
-from autotasks.models import AutomatedTask
-from checks.models import Check
+from autotasks.models import TaskResult
+from checks.models import CheckResult
 from clients.models import Client
 from clients.serializers import ClientMinimumSerializer, SiteMinimumSerializer
 from winupdate.serializers import WinUpdatePolicySerializer
@@ -96,7 +96,7 @@ class PolicyCheckStatusSerializer(ModelSerializer):
     hostname = ReadOnlyField(source="agent.hostname")
 
     class Meta:
-        model = Check
+        model = CheckResult
         fields = "__all__"
 
 
@@ -104,7 +104,7 @@ class PolicyTaskStatusSerializer(ModelSerializer):
     hostname = ReadOnlyField(source="agent.hostname")
 
     class Meta:
-        model = AutomatedTask
+        model = TaskResult
         fields = "__all__"
 
 

api/tacticalrmm/automation/tasks.py

@@ -1,155 +1,20 @@
-from typing import Any, Dict, List, Union
-
 from tacticalrmm.celery import app
 
 
-@app.task(retry_backoff=5, retry_jitter=True, retry_kwargs={"max_retries": 5})
-def generate_agent_checks_task(
-    policy: int = None,
-    site: int = None,
-    client: int = None,
-    agents: List[int] = list(),
-    all: bool = False,
-    create_tasks: bool = False,
-) -> Union[str, None]:
-    from agents.models import Agent
-    from automation.models import Policy
-
-    p = Policy.objects.get(pk=policy) if policy else None
-
-    # generate checks on all agents if all is specified or if policy is default server/workstation policy
-    if (p and p.is_default_server_policy and p.is_default_workstation_policy) or all:
-        a = Agent.objects.prefetch_related("policy").only("pk", "monitoring_type")
-
-    # generate checks on all servers if policy is a default servers policy
-    elif p and p.is_default_server_policy:
-        a = Agent.objects.filter(monitoring_type="server").only("pk", "monitoring_type")
-
-    # generate checks on all workstations if policy is a default workstations policy
-    elif p and p.is_default_workstation_policy:
-        a = Agent.objects.filter(monitoring_type="workstation").only(
-            "pk", "monitoring_type"
-        )
-
-    # generate checks on a list of supplied agents
-    elif agents:
-        a = Agent.objects.filter(pk__in=agents)
-
-    # generate checks on agents affected by supplied policy
-    elif policy:
-        a = p.related_agents().only("pk")
-
-    # generate checks that has specified site
-    elif site:
-        a = Agent.objects.filter(site_id=site)
-
-    # generate checks that has specified client
-    elif client:
-        a = Agent.objects.filter(site__client_id=client)
-    else:
-        a = []
-
-    for agent in a:
-        agent.generate_checks_from_policies()
-        if create_tasks:
-            agent.generate_tasks_from_policies()
-
-        agent.set_alert_template()
-
-    return "ok"
-
-
-@app.task(
-    acks_late=True, retry_backoff=5, retry_jitter=True, retry_kwargs={"max_retries": 5}
-)
-# updates policy managed check fields on agents
-def update_policy_check_fields_task(check: int) -> str:
-    from checks.models import Check
-
-    c: Check = Check.objects.get(pk=check)
-    update_fields: Dict[Any, Any] = {}
-
-    for field in c.policy_fields_to_copy:
-        update_fields[field] = getattr(c, field)
-
-    Check.objects.filter(parent_check=check).update(**update_fields)
-
-    return "ok"
-
-
-@app.task(retry_backoff=5, retry_jitter=True, retry_kwargs={"max_retries": 5})
-# generates policy tasks on agents affected by a policy
-def generate_agent_autotasks_task(policy: int = None) -> str:
-    from agents.models import Agent
-    from automation.models import Policy
-
-    p: Policy = Policy.objects.get(pk=policy)
-
-    if p and p.is_default_server_policy and p.is_default_workstation_policy:
-        agents = Agent.objects.prefetch_related("policy").only("pk", "monitoring_type")
-    elif p and p.is_default_server_policy:
-        agents = Agent.objects.filter(monitoring_type="server").only(
-            "pk", "monitoring_type"
-        )
-    elif p and p.is_default_workstation_policy:
-        agents = Agent.objects.filter(monitoring_type="workstation").only(
-            "pk", "monitoring_type"
-        )
-    else:
-        agents = p.related_agents().only("pk")
-
-    for agent in agents:
-        agent.generate_tasks_from_policies()
-
-    return "ok"
-
-
-@app.task(
-    acks_late=True,
-    retry_backoff=5,
-    retry_jitter=True,
-    retry_kwargs={"max_retries": 5},
-)
-def delete_policy_autotasks_task(task: int) -> str:
-    from autotasks.models import AutomatedTask
-
-    for t in AutomatedTask.objects.filter(parent_task=task):
-        t.delete_task_on_agent()
-
-    return "ok"
-
-
 @app.task
 def run_win_policy_autotasks_task(task: int) -> str:
     from autotasks.models import AutomatedTask
 
-    for t in AutomatedTask.objects.filter(parent_task=task):
-        t.run_win_task()
-
-    return "ok"
-
-
-@app.task(
-    acks_late=True,
-    retry_backoff=5,
-    retry_jitter=True,
-    retry_kwargs={"max_retries": 5},
-)
-def update_policy_autotasks_fields_task(task: int, update_agent: bool = False) -> str:
-    from autotasks.models import AutomatedTask
-
-    t = AutomatedTask.objects.get(pk=task)
-    update_fields: Dict[str, Any] = {}
-
-    for field in t.policy_fields_to_copy:
-        update_fields[field] = getattr(t, field)
-
-    AutomatedTask.objects.filter(parent_task=task).update(**update_fields)
-
-    if update_agent:
-        for t in AutomatedTask.objects.filter(parent_task=task).exclude(
-            sync_status="initial"
-        ):
-            t.modify_task_on_agent()
+    try:
+        policy_task = AutomatedTask.objects.get(pk=task)
+    except AutomatedTask.DoesNotExist:
+        return "AutomatedTask not found"
+
+    if not policy_task.policy:
+        return "AutomatedTask must be a policy"
+
+    # get related agents from policy
+    for agent in policy_task.policy.related_agents():
+        policy_task.run_win_task(agent)
 
     return "ok"

api/tacticalrmm/automation/urls.py

@@ -1,15 +1,15 @@
 from django.urls import path
 
-from . import views
-from checks.views import GetAddChecks
 from autotasks.views import GetAddAutoTasks
+from checks.views import GetAddChecks
+
+from . import views
 
 urlpatterns = [
     path("policies/", views.GetAddPolicies.as_view()),
     path("policies/<int:pk>/related/", views.GetRelated.as_view()),
     path("policies/overview/", views.OverviewPolicy.as_view()),
     path("policies/<int:pk>/", views.GetUpdateDeletePolicy.as_view()),
-    path("sync/", views.PolicySync.as_view()),
     # alias to get policy checks
     path("policies/<int:policy>/checks/", GetAddChecks.as_view()),
     # alias to get policy tasks

api/tacticalrmm/automation/views.py

@@ -1,13 +1,13 @@
-from agents.models import Agent
-from autotasks.models import AutomatedTask
-from checks.models import Check
-from clients.models import Client
 from django.shortcuts import get_object_or_404
+from rest_framework.exceptions import PermissionDenied
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework.exceptions import PermissionDenied
-from tacticalrmm.utils import notify_error
+
+from agents.models import Agent
+from autotasks.models import TaskResult
+from checks.models import CheckResult
+from clients.models import Client
 from tacticalrmm.permissions import _has_perm_on_client, _has_perm_on_site
 from winupdate.models import WinUpdatePolicy
 from winupdate.serializers import WinUpdatePolicySerializer
@@ -16,8 +16,8 @@ from .models import Policy
 from .permissions import AutomationPolicyPerms
 from .serializers import (
     PolicyCheckStatusSerializer,
-    PolicyRelatedSerializer,
     PolicyOverviewSerializer,
+    PolicyRelatedSerializer,
     PolicySerializer,
     PolicyTableSerializer,
     PolicyTaskStatusSerializer,
@@ -28,7 +28,9 @@ class GetAddPolicies(APIView):
     permission_classes = [IsAuthenticated, AutomationPolicyPerms]
 
     def get(self, request):
-        policies = Policy.objects.all()
+        policies = Policy.objects.select_related("alert_template").prefetch_related(
+            "excluded_agents", "excluded_sites", "excluded_clients"
+        )
 
         return Response(
             PolicyTableSerializer(
@@ -50,9 +52,9 @@ class GetAddPolicies(APIView):
                 check.create_policy_check(policy=policy)
 
             tasks = copyPolicy.autotasks.all()
-
             for task in tasks:
-                task.create_policy_task(policy=policy)
+                if not task.assigned_check:
+                    task.create_policy_task(policy=policy)
 
         return Response("ok")
 
@@ -66,22 +68,12 @@ class GetUpdateDeletePolicy(APIView):
         return Response(PolicySerializer(policy).data)
 
     def put(self, request, pk):
-        from .tasks import generate_agent_checks_task
-
         policy = get_object_or_404(Policy, pk=pk)
 
         serializer = PolicySerializer(instance=policy, data=request.data, partial=True)
         serializer.is_valid(raise_exception=True)
         serializer.save()
 
-        # check for excluding objects and in the request and if present generate policies
-        if (
-            "excluded_sites" in request.data.keys()
-            or "excluded_clients" in request.data.keys()
-            or "excluded_agents" in request.data.keys()
-        ):
-            generate_agent_checks_task.delay(policy=pk, create_tasks=True)
-
         return Response("ok")
 
     def delete(self, request, pk):
@@ -90,25 +82,11 @@ class GetUpdateDeletePolicy(APIView):
         return Response("ok")
 
 
-class PolicySync(APIView):
-    def post(self, request):
-        if "policy" in request.data.keys():
-            from automation.tasks import generate_agent_checks_task
-
-            generate_agent_checks_task.delay(
-                policy=request.data["policy"], create_tasks=True
-            )
-            return Response("ok")
-
-        else:
-            return notify_error("The request was invalid")
-
-
 class PolicyAutoTask(APIView):
 
     # get status of all tasks
     def get(self, request, task):
-        tasks = AutomatedTask.objects.filter(parent_task=task)
+        tasks = TaskResult.objects.filter(task=task)
         return Response(PolicyTaskStatusSerializer(tasks, many=True).data)
 
     # bulk run win tasks associated with policy
@@ -123,7 +101,7 @@ class PolicyCheck(APIView):
     permission_classes = [IsAuthenticated, AutomationPolicyPerms]
 
     def get(self, request, check):
-        checks = Check.objects.filter(parent_check=check)
+        checks = CheckResult.objects.filter(assigned_check=check)
         return Response(PolicyCheckStatusSerializer(checks, many=True).data)
 
 
@@ -161,7 +139,7 @@ class UpdatePatchPolicy(APIView):
 
         serializer = WinUpdatePolicySerializer(data=request.data, partial=True)
         serializer.is_valid(raise_exception=True)
-        serializer.policy = policy  # type: ignore
+        serializer.policy = policy
         serializer.save()
 
         return Response("ok")
@@ -194,7 +172,7 @@ class ResetPatchPolicy(APIView):
                 raise PermissionDenied()
 
             agents = (
-                Agent.objects.filter_by_role(request.user)
+                Agent.objects.filter_by_role(request.user)  # type: ignore
                 .prefetch_related("winupdatepolicy")
                 .filter(site__client_id=request.data["client"])
             )
@@ -203,13 +181,13 @@ class ResetPatchPolicy(APIView):
                 raise PermissionDenied()
 
             agents = (
-                Agent.objects.filter_by_role(request.user)
+                Agent.objects.filter_by_role(request.user)  # type: ignore
                 .prefetch_related("winupdatepolicy")
                 .filter(site_id=request.data["site"])
             )
         else:
             agents = (
-                Agent.objects.filter_by_role(request.user)
+                Agent.objects.filter_by_role(request.user)  # type: ignore
                 .prefetch_related("winupdatepolicy")
                 .only("pk")
             )

api/tacticalrmm/autotasks/admin.py

@@ -1,5 +1,6 @@
 from django.contrib import admin
 
-from .models import AutomatedTask
+from .models import AutomatedTask, TaskResult
 
 admin.site.register(AutomatedTask)
+admin.site.register(TaskResult)

api/tacticalrmm/autotasks/baker_recipes.py

@@ -0,0 +1,5 @@
+from model_bakery.recipe import Recipe
+
+task = Recipe(
+    "autotasks.AutomatedTask",
+)

api/tacticalrmm/autotasks/management/commands/remove_orphaned_tasks.py

@@ -1,6 +1,5 @@
 from django.core.management.base import BaseCommand
 
-from agents.models import Agent
 from autotasks.tasks import remove_orphaned_win_tasks
 
 
@@ -8,10 +7,7 @@ class Command(BaseCommand):
     help = "Checks for orphaned tasks on all agents and removes them"
 
     def handle(self, *args, **kwargs):
-        agents = Agent.objects.only("pk", "last_seen", "overdue_time", "offline_time")
-        online = [i for i in agents if i.status == "online"]
-        for agent in online:
-            remove_orphaned_win_tasks.delay(agent.pk)
+        remove_orphaned_win_tasks.s()
 
         self.stdout.write(
             self.style.SUCCESS(

api/tacticalrmm/autotasks/migrations/0024_auto_20211214_0040.py

@@ -0,0 +1,87 @@
+# Generated by Django 3.2.9 on 2021-12-14 00:40
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0023_auto_20210917_1954'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='run_time_days',
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='actions',
+            field=models.JSONField(default=dict),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='daily_interval',
+            field=models.PositiveSmallIntegerField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='expire_date',
+            field=models.DateTimeField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='monthly_days_of_month',
+            field=models.PositiveIntegerField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='monthly_months_of_year',
+            field=models.PositiveIntegerField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='monthly_weeks_of_month',
+            field=models.PositiveSmallIntegerField(blank=True, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='random_task_delay',
+            field=models.CharField(blank=True, max_length=10, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='stop_task_at_duration_end',
+            field=models.BooleanField(blank=True, default=False),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='task_instance_policy',
+            field=models.PositiveSmallIntegerField(blank=True, default=1),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='task_repetition_duration',
+            field=models.CharField(blank=True, max_length=10, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='task_repetition_interval',
+            field=models.CharField(blank=True, max_length=10, null=True),
+        ),
+        migrations.AddField(
+            model_name='automatedtask',
+            name='weekly_interval',
+            field=models.PositiveSmallIntegerField(blank=True, null=True),
+        ),
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='task_type',
+            field=models.CharField(choices=[('daily', 'Daily'), ('weekly', 'Weekly'), ('monthly', 'Monthly'), ('monthlydow', 'Monthly Day of Week'), ('checkfailure', 'On Check Failure'), ('manual', 'Manual'), ('runonce', 'Run Once')], default='manual', max_length=100),
+        ),
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='timeout',
+            field=models.PositiveIntegerField(blank=True, default=120),
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0025_automatedtask_continue_on_error.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.10 on 2021-12-29 14:57
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0024_auto_20211214_0040'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='automatedtask',
+            name='continue_on_error',
+            field=models.BooleanField(default=True),
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0026_alter_automatedtask_monthly_days_of_month.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.10 on 2021-12-30 14:46
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0025_automatedtask_continue_on_error'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='monthly_days_of_month',
+            field=models.PositiveBigIntegerField(blank=True, null=True),
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0027_auto_20220107_0643.py

@@ -0,0 +1,24 @@
+# Generated by Django 3.2.11 on 2022-01-07 06:43
+
+import django.core.validators
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0026_alter_automatedtask_monthly_days_of_month'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='daily_interval',
+            field=models.PositiveSmallIntegerField(blank=True, null=True, validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(255)]),
+        ),
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='weekly_interval',
+            field=models.PositiveSmallIntegerField(blank=True, null=True, validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(52)]),
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0028_alter_automatedtask_actions.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.11 on 2022-01-09 21:27
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0027_auto_20220107_0643'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='actions',
+            field=models.JSONField(default=list),
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0029_alter_automatedtask_task_type.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.10 on 2022-01-10 01:48
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0028_alter_automatedtask_actions'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='task_type',
+            field=models.CharField(choices=[('daily', 'Daily'), ('weekly', 'Weekly'), ('monthly', 'Monthly'), ('monthlydow', 'Monthly Day of Week'), ('checkfailure', 'On Check Failure'), ('manual', 'Manual'), ('runonce', 'Run Once'), ('scheduled', 'Scheduled')], default='manual', max_length=100),
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0030_auto_20220401_2244.py

@@ -0,0 +1,99 @@
+# Generated by Django 3.2.12 on 2022-04-01 22:44
+
+import django.db.models.deletion
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("checks", "0025_auto_20210917_1954"),
+        ("agents", "0046_alter_agenthistory_command"),
+        ("autotasks", "0029_alter_automatedtask_task_type"),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name="automatedtask",
+            name="retvalue",
+        ),
+        migrations.AlterField(
+            model_name="automatedtask",
+            name="assigned_check",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.SET_NULL,
+                related_name="assignedtasks",
+                to="checks.check",
+            ),
+        ),
+        migrations.AlterField(
+            model_name="automatedtask",
+            name="win_task_name",
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+        migrations.CreateModel(
+            name="TaskResult",
+            fields=[
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("retcode", models.IntegerField(blank=True, null=True)),
+                ("stdout", models.TextField(blank=True, null=True)),
+                ("stderr", models.TextField(blank=True, null=True)),
+                ("execution_time", models.CharField(default="0.0000", max_length=100)),
+                ("last_run", models.DateTimeField(blank=True, null=True)),
+                (
+                    "status",
+                    models.CharField(
+                        choices=[
+                            ("passing", "Passing"),
+                            ("failing", "Failing"),
+                            ("pending", "Pending"),
+                        ],
+                        default="pending",
+                        max_length=30,
+                    ),
+                ),
+                (
+                    "sync_status",
+                    models.CharField(
+                        choices=[
+                            ("synced", "Synced With Agent"),
+                            ("notsynced", "Waiting On Agent Checkin"),
+                            ("pendingdeletion", "Pending Deletion on Agent"),
+                            ("initial", "Initial Task Sync"),
+                        ],
+                        default="initial",
+                        max_length=100,
+                    ),
+                ),
+                (
+                    "agent",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="taskresults",
+                        to="agents.agent",
+                    ),
+                ),
+                (
+                    "task",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="taskresults",
+                        to="autotasks.automatedtask",
+                    ),
+                ),
+            ],
+            options={
+                "unique_together": {("agent", "task")},
+            },
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0031_auto_20220401_2249.py

@@ -0,0 +1,50 @@
+# Generated by Django 3.2.12 on 2022-04-01 22:49
+
+from django.db import migrations, transaction
+from django.db.utils import IntegrityError
+
+
+def migrate_task_results(apps, schema_editor):
+    AutomatedTask = apps.get_model("autotasks", "AutomatedTask")
+    TaskResult = apps.get_model("autotasks", "TaskResult")
+    for task in AutomatedTask.objects.exclude(agent=None):
+
+        try:
+            with transaction.atomic():
+                if task.managed_by_policy:
+                    TaskResult.objects.create(
+                        task_id=task.parent_task,
+                        agent_id=task.agent_id,
+                        retcode=task.retcode,
+                        stdout=task.stdout,
+                        stderr=task.stderr,
+                        execution_time=task.execution_time,
+                        last_run=task.last_run,
+                        status=task.status,
+                        sync_status=task.sync_status,
+                    )
+                else:
+                    TaskResult.objects.create(
+                        task_id=task.id,
+                        agent_id=task.agent.id,
+                        retcode=task.retcode,
+                        stdout=task.stdout,
+                        stderr=task.stderr,
+                        execution_time=task.execution_time,
+                        last_run=task.last_run,
+                        status=task.status,
+                        sync_status=task.sync_status,
+                    )
+        except IntegrityError:
+            continue
+
+
+class Migration(migrations.Migration):
+    atomic = False
+    dependencies = [
+        ("autotasks", "0030_auto_20220401_2244"),
+    ]
+
+    operations = [
+        migrations.RunPython(migrate_task_results),
+    ]

api/tacticalrmm/autotasks/migrations/0032_auto_20220401_2301.py

@@ -0,0 +1,45 @@
+# Generated by Django 3.2.12 on 2022-04-01 23:01
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0031_auto_20220401_2249'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='execution_time',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='last_run',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='parent_task',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='retcode',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='status',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='stderr',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='stdout',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='sync_status',
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0033_auto_20220402_0041.py

@@ -0,0 +1,51 @@
+# Generated by Django 3.2.12 on 2022-04-02 00:41
+
+from django.db import migrations
+from django.utils.timezone import make_aware
+
+
+def migrate_script_data(apps, schema_editor):
+    AutomatedTask = apps.get_model("autotasks", "AutomatedTask")
+    # convert autotask to the new format
+    for task in AutomatedTask.objects.all():
+        try:
+            edited = False
+
+            # convert scheduled task_type
+            if task.task_type == "scheduled":
+                task.task_type = "daily"
+                task.run_time_date = make_aware(task.run_time_minute.strptime("%H:%M"))
+                task.daily_interval = 1
+                edited = True
+
+            # convert actions
+            if not task.actions:
+                if not task.script:
+                    task.delete()
+
+                task.actions = [
+                    {
+                        "type": "script",
+                        "script": task.script.pk,
+                        "script_args": task.script_args,
+                        "timeout": task.timeout,
+                        "name": task.script.name,
+                    }
+                ]
+                edited = True
+
+            if edited:
+                task.save()
+        except:
+            continue
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("autotasks", "0032_auto_20220401_2301"),
+    ]
+
+    operations = [
+        migrations.RunPython(migrate_script_data),
+    ]

api/tacticalrmm/autotasks/migrations/0034_auto_20220402_0046.py

@@ -0,0 +1,25 @@
+# Generated by Django 3.2.12 on 2022-04-02 00:46
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0033_auto_20220402_0041'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='script',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='script_args',
+        ),
+        migrations.RemoveField(
+            model_name='automatedtask',
+            name='timeout',
+        ),
+    ]

api/tacticalrmm/autotasks/migrations/0035_auto_20220415_1818.py

@@ -0,0 +1,36 @@
+# Generated by Django 4.0.3 on 2022-04-15 18:18
+
+from django.db import migrations
+from django.db.models import Count
+
+from autotasks.models import generate_task_name
+
+
+def check_for_win_task_name_duplicates(apps, schema_editor):
+    AutomatedTask = apps.get_model("autotasks", "AutomatedTask")
+    TaskResult = apps.get_model("autotasks", "TaskResult")
+
+    duplicate_tasks = (
+        AutomatedTask.objects.values("win_task_name")
+        .annotate(records=Count("win_task_name"))
+        .filter(records__gt=1)
+    )
+    for task in duplicate_tasks:
+        dups = list(AutomatedTask.objects.filter(win_task_name=task["win_task_name"]))
+        for x in range(task["records"] - 1):
+
+            dups[x].win_task_name = generate_task_name()
+            dups[x].save(update_fields=["win_task_name"])
+            # update task_result sync status
+            TaskResult.objects.filter(task=dups[x]).update(sync_status="notsynced")
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("autotasks", "0034_auto_20220402_0046"),
+    ]
+
+    operations = [
+        migrations.RunPython(check_for_win_task_name_duplicates),
+    ]

api/tacticalrmm/autotasks/migrations/0036_alter_automatedtask_win_task_name.py

@@ -0,0 +1,20 @@
+# Generated by Django 4.0.3 on 2022-04-15 20:52
+
+from django.db import migrations, models
+
+import autotasks.models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('autotasks', '0035_auto_20220415_1818'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='automatedtask',
+            name='win_task_name',
+            field=models.CharField(blank=True, default=autotasks.models.generate_task_name, max_length=255, unique=True),
+        ),
+    ]

api/tacticalrmm/autotasks/models.py

@@ -1,36 +1,50 @@
 import asyncio
-import datetime as dt
 import random
 import string
-from typing import List
+from typing import TYPE_CHECKING, Any, Dict, List, Optional, Union
 
 import pytz
-from alerts.models import SEVERITY_CHOICES
-from django.contrib.postgres.fields import ArrayField
+from django.core.cache import cache
+from django.core.validators import MaxValueValidator, MinValueValidator
 from django.db import models
 from django.db.models.fields import DateTimeField
+from django.db.models.fields.json import JSONField
 from django.db.utils import DatabaseError
 from django.utils import timezone as djangotime
-from logs.models import BaseAuditModel, DebugLog
-from tacticalrmm.models import PermissionQuerySet
-from packaging import version as pyver
-from tacticalrmm.utils import bitdays_to_string
 
-RUN_TIME_DAY_CHOICES = [
-    (0, "Monday"),
-    (1, "Tuesday"),
-    (2, "Wednesday"),
-    (3, "Thursday"),
-    (4, "Friday"),
-    (5, "Saturday"),
-    (6, "Sunday"),
-]
+from alerts.models import SEVERITY_CHOICES
+from core.utils import get_core_settings
+from logs.models import BaseAuditModel, DebugLog
+from tacticalrmm.constants import (
+    FIELDS_TRIGGER_TASK_UPDATE_AGENT,
+    POLICY_TASK_FIELDS_TO_COPY,
+    DebugLogType,
+)
+
+if TYPE_CHECKING:
+    from automation.models import Policy
+    from alerts.models import Alert, AlertTemplate
+    from agents.models import Agent
+    from checks.models import Check
+
+from tacticalrmm.models import PermissionQuerySet
+from tacticalrmm.utils import (
+    bitdays_to_string,
+    bitmonthdays_to_string,
+    bitmonths_to_string,
+    bitweeks_to_string,
+    convert_to_iso_duration,
+)
 
 TASK_TYPE_CHOICES = [
-    ("scheduled", "Scheduled"),
+    ("daily", "Daily"),
+    ("weekly", "Weekly"),
+    ("monthly", "Monthly"),
+    ("monthlydow", "Monthly Day of Week"),
     ("checkfailure", "On Check Failure"),
     ("manual", "Manual"),
     ("runonce", "Run Once"),
+    ("scheduled", "Scheduled"),  # deprecated
 ]
 
 SYNC_STATUS_CHOICES = [
@@ -47,6 +61,11 @@ TASK_STATUS_CHOICES = [
 ]
 
 
+def generate_task_name() -> str:
+    chars = string.ascii_letters
+    return "TacticalRMM_" + "".join(random.choice(chars) for i in range(35))
+
+
 class AutomatedTask(BaseAuditModel):
     objects = PermissionQuerySet.as_manager()
 
@@ -71,60 +90,20 @@ class AutomatedTask(BaseAuditModel):
         blank=True,
         on_delete=models.SET_NULL,
     )
-    script = models.ForeignKey(
-        "scripts.Script",
-        null=True,
-        blank=True,
-        related_name="autoscript",
-        on_delete=models.SET_NULL,
-    )
-    script_args = ArrayField(
-        models.CharField(max_length=255, null=True, blank=True),
-        null=True,
-        blank=True,
-        default=list,
-    )
+
+    # format -> [{"type": "script", "script": 1, "name": "Script Name", "timeout": 90, "script_args": []}, {"type": "cmd", "command": "whoami", "timeout": 90}]
+    actions = JSONField(default=list)
     assigned_check = models.ForeignKey(
         "checks.Check",
         null=True,
         blank=True,
-        related_name="assignedtask",
+        related_name="assignedtasks",
         on_delete=models.SET_NULL,
     )
     name = models.CharField(max_length=255)
-    run_time_bit_weekdays = models.IntegerField(null=True, blank=True)
-    # run_time_days is deprecated, use bit weekdays
-    run_time_days = ArrayField(
-        models.IntegerField(choices=RUN_TIME_DAY_CHOICES, null=True, blank=True),
-        null=True,
-        blank=True,
-        default=list,
-    )
-    run_time_minute = models.CharField(max_length=5, null=True, blank=True)
-    task_type = models.CharField(
-        max_length=100, choices=TASK_TYPE_CHOICES, default="manual"
-    )
     collector_all_output = models.BooleanField(default=False)
-    run_time_date = DateTimeField(null=True, blank=True)
-    remove_if_not_scheduled = models.BooleanField(default=False)
-    run_asap_after_missed = models.BooleanField(default=False)  # added in agent v1.4.7
-    managed_by_policy = models.BooleanField(default=False)
-    parent_task = models.PositiveIntegerField(null=True, blank=True)
-    win_task_name = models.CharField(max_length=255, null=True, blank=True)
-    timeout = models.PositiveIntegerField(default=120)
-    retvalue = models.TextField(null=True, blank=True)
-    retcode = models.IntegerField(null=True, blank=True)
-    stdout = models.TextField(null=True, blank=True)
-    stderr = models.TextField(null=True, blank=True)
-    execution_time = models.CharField(max_length=100, default="0.0000")
-    last_run = models.DateTimeField(null=True, blank=True)
     enabled = models.BooleanField(default=True)
-    status = models.CharField(
-        max_length=30, choices=TASK_STATUS_CHOICES, default="pending"
-    )
-    sync_status = models.CharField(
-        max_length=100, choices=SYNC_STATUS_CHOICES, default="initial"
-    )
+    continue_on_error = models.BooleanField(default=True)
     alert_severity = models.CharField(
         max_length=30, choices=SEVERITY_CHOICES, default="info"
     )
@@ -132,89 +111,128 @@ class AutomatedTask(BaseAuditModel):
     text_alert = models.BooleanField(default=False)
     dashboard_alert = models.BooleanField(default=False)
 
-    def __str__(self):
+    # options sent to agent for task creation
+    # general task settings
+    task_type = models.CharField(
+        max_length=100, choices=TASK_TYPE_CHOICES, default="manual"
+    )
+    win_task_name = models.CharField(
+        max_length=255, unique=True, blank=True, default=generate_task_name
+    )  # should be changed to unique=True
+    run_time_date = DateTimeField(null=True, blank=True)
+    expire_date = DateTimeField(null=True, blank=True)
+
+    # daily
+    daily_interval = models.PositiveSmallIntegerField(
+        blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(255)]
+    )
+
+    # weekly
+    run_time_bit_weekdays = models.IntegerField(null=True, blank=True)
+    weekly_interval = models.PositiveSmallIntegerField(
+        blank=True, null=True, validators=[MinValueValidator(1), MaxValueValidator(52)]
+    )
+    run_time_minute = models.CharField(
+        max_length=5, null=True, blank=True
+    )  # deprecated
+
+    # monthly
+    monthly_days_of_month = models.PositiveBigIntegerField(blank=True, null=True)
+    monthly_months_of_year = models.PositiveIntegerField(blank=True, null=True)
+
+    # monthly days of week
+    monthly_weeks_of_month = models.PositiveSmallIntegerField(blank=True, null=True)
+
+    # additional task settings
+    task_repetition_duration = models.CharField(max_length=10, null=True, blank=True)
+    task_repetition_interval = models.CharField(max_length=10, null=True, blank=True)
+    stop_task_at_duration_end = models.BooleanField(blank=True, default=False)
+    random_task_delay = models.CharField(max_length=10, null=True, blank=True)
+    remove_if_not_scheduled = models.BooleanField(default=False)
+    run_asap_after_missed = models.BooleanField(default=False)  # added in agent v1.4.7
+    task_instance_policy = models.PositiveSmallIntegerField(blank=True, default=1)
+
+    # deprecated
+    managed_by_policy = models.BooleanField(default=False)
+
+    # non-database property
+    task_result: "Union[TaskResult, Dict[None, None]]" = {}
+
+    def __str__(self) -> str:
         return self.name
 
-    def save(self, *args, **kwargs):
-        from autotasks.tasks import enable_or_disable_win_task
-        from automation.tasks import update_policy_autotasks_fields_task
+    def save(self, *args, **kwargs) -> None:
 
-        # get old agent if exists
+        # if task is a policy task clear cache on everything
+        if self.policy:
+            cache.delete_many_pattern("site_*_tasks")
+            cache.delete_many_pattern("agent_*_tasks")
+
+        # get old task if exists
         old_task = AutomatedTask.objects.get(pk=self.pk) if self.pk else None
         super(AutomatedTask, self).save(old_model=old_task, *args, **kwargs)
 
-        # check if automated task was enabled/disabled and send celery task
-        if old_task and old_task.enabled != self.enabled:
-            if self.agent:
-                enable_or_disable_win_task.delay(pk=self.pk)
-
-            # check if automated task was enabled/disabled and send celery task
-            elif old_task.policy:
-                update_policy_autotasks_fields_task.delay(
-                    task=self.pk, update_agent=True
-                )
-        # check if policy task was edited and then check if it was a field worth copying to rest of agent tasks
-        elif old_task and old_task.policy:
-            for field in self.policy_fields_to_copy:
+        # check if fields were updated that require a sync to the agent and set status to notsynced
+        if old_task:
+            for field in self.fields_that_trigger_task_update_on_agent:
                 if getattr(self, field) != getattr(old_task, field):
-                    update_policy_autotasks_fields_task.delay(task=self.pk)
-                    break
+                    if self.policy:
+                        TaskResult.objects.exclude(sync_status="initial").filter(
+                            task__policy_id=self.policy.id
+                        ).update(sync_status="notsynced")
+                    else:
+                        TaskResult.objects.filter(agent=self.agent, task=self).update(
+                            sync_status="notsynced"
+                        )
+
+    def delete(self, *args, **kwargs):
+
+        # if task is a policy task clear cache on everything
+        if self.policy:
+            cache.delete_many_pattern("site_*_tasks")
+            cache.delete_many_pattern("agent_*_tasks")
+
+        super(AutomatedTask, self).delete(
+            *args,
+            **kwargs,
+        )
 
     @property
-    def schedule(self):
+    def schedule(self) -> Optional[str]:
         if self.task_type == "manual":
             return "Manual"
         elif self.task_type == "checkfailure":
             return "Every time check fails"
         elif self.task_type == "runonce":
             return f'Run once on {self.run_time_date.strftime("%m/%d/%Y %I:%M%p")}'
-        elif self.task_type == "scheduled":
-            run_time_nice = dt.datetime.strptime(
-                self.run_time_minute, "%H:%M"
-            ).strftime("%I:%M %p")
-
+        elif self.task_type == "daily":
+            run_time_nice = self.run_time_date.strftime("%I:%M%p")
+            if self.daily_interval == 1:
+                return f"Daily at {run_time_nice}"
+            else:
+                return f"Every {self.daily_interval} days at {run_time_nice}"
+        elif self.task_type == "weekly":
+            run_time_nice = self.run_time_date.strftime("%I:%M%p")
             days = bitdays_to_string(self.run_time_bit_weekdays)
-            return f"{days} at {run_time_nice}"
+            if self.weekly_interval != 1:
+                return f"{days} at {run_time_nice}"
+            else:
+                return f"{days} at {run_time_nice} every {self.weekly_interval} weeks"
+        elif self.task_type == "monthly":
+            run_time_nice = self.run_time_date.strftime("%I:%M%p")
+            months = bitmonths_to_string(self.monthly_months_of_year)
+            days = bitmonthdays_to_string(self.monthly_days_of_month)
+            return f"Runs on {months} on days {days} at {run_time_nice}"
+        elif self.task_type == "monthlydow":
+            run_time_nice = self.run_time_date.strftime("%I:%M%p")
+            months = bitmonths_to_string(self.monthly_months_of_year)
+            weeks = bitweeks_to_string(self.monthly_weeks_of_month)
+            days = bitdays_to_string(self.run_time_bit_weekdays)
+            return f"Runs on {months} on {weeks} on {days} at {run_time_nice}"
 
     @property
-    def last_run_as_timezone(self):
-        if self.last_run is not None and self.agent is not None:
-            return self.last_run.astimezone(
-                pytz.timezone(self.agent.timezone)
-            ).strftime("%b-%d-%Y - %H:%M")
-
-        return self.last_run
-
-    # These fields will be duplicated on the agent tasks that are managed by a policy
-    @property
-    def policy_fields_to_copy(self) -> List[str]:
-        return [
-            "alert_severity",
-            "email_alert",
-            "text_alert",
-            "dashboard_alert",
-            "script",
-            "script_args",
-            "assigned_check",
-            "name",
-            "run_time_days",
-            "run_time_minute",
-            "run_time_bit_weekdays",
-            "run_time_date",
-            "task_type",
-            "win_task_name",
-            "timeout",
-            "enabled",
-            "remove_if_not_scheduled",
-            "run_asap_after_missed",
-            "custom_field",
-            "collector_all_output",
-        ]
-
-    @staticmethod
-    def generate_task_name():
-        chars = string.ascii_letters
-        return "TacticalRMM_" + "".join(random.choice(chars) for i in range(35))
+    def fields_that_trigger_task_update_on_agent(self) -> List[str]:
+        return FIELDS_TRIGGER_TASK_UPDATE_AGENT
 
     @staticmethod
     def serialize(task):
@@ -223,238 +241,248 @@ class AutomatedTask(BaseAuditModel):
 
         return TaskAuditSerializer(task).data
 
-    def create_policy_task(self, agent=None, policy=None, assigned_check=None):
-
-        # added to allow new policy tasks to be assigned to check only when the agent check exists already
-        if (
-            self.assigned_check
-            and agent
-            and agent.agentchecks.filter(parent_check=self.assigned_check.id).exists()
-        ):
-            assigned_check = agent.agentchecks.get(parent_check=self.assigned_check.id)
-
-        # if policy is present, then this task is being copied to another policy
-        # if agent is present, then this task is being created on an agent from a policy
-        # exit if neither are set or if both are set
-        # also exit if assigned_check is set because this task will be created when the check is
-        if (
-            (not agent and not policy)
-            or (agent and policy)
-            or (self.assigned_check and not assigned_check)
-        ):
-            return
+    def create_policy_task(
+        self, policy: "Policy", assigned_check: "Optional[Check]" = None
+    ) -> None:
+        ### Copies certain properties on this task (self) to a new task and sets it to the supplied Policy
+        fields_to_copy = POLICY_TASK_FIELDS_TO_COPY
 
         task = AutomatedTask.objects.create(
-            agent=agent,
             policy=policy,
-            managed_by_policy=bool(agent),
-            parent_task=(self.pk if agent else None),
             assigned_check=assigned_check,
         )
 
-        for field in self.policy_fields_to_copy:
-            if field != "assigned_check":
-                setattr(task, field, getattr(self, field))
+        for field in fields_to_copy:
+            setattr(task, field, getattr(self, field))
 
         task.save()
 
-        if agent:
-            task.create_task_on_agent()
+    # agent version >= 1.8.0
+    def generate_nats_task_payload(
+        self, agent: "Optional[Agent]" = None, editing: bool = False
+    ) -> Dict[str, Any]:
+        task = {
+            "pk": self.pk,
+            "type": "rmm",
+            "name": self.win_task_name,
+            "overwrite_task": editing,
+            "enabled": self.enabled,
+            "trigger": self.task_type if self.task_type != "checkfailure" else "manual",
+            "multiple_instances": self.task_instance_policy
+            if self.task_instance_policy
+            else 0,
+            "delete_expired_task_after": self.remove_if_not_scheduled
+            if self.expire_date
+            else False,
+            "start_when_available": self.run_asap_after_missed
+            if self.task_type != "runonce"
+            else True,
+        }
 
-    def create_task_on_agent(self):
-        from agents.models import Agent
-
-        agent = (
-            Agent.objects.filter(pk=self.agent.pk)
-            .only("pk", "version", "hostname", "agent_id")
-            .first()
-        )
-
-        if self.task_type == "scheduled":
-            nats_data = {
-                "func": "schedtask",
-                "schedtaskpayload": {
-                    "type": "rmm",
-                    "trigger": "weekly",
-                    "weekdays": self.run_time_bit_weekdays,
-                    "pk": self.pk,
-                    "name": self.win_task_name,
-                    "hour": dt.datetime.strptime(self.run_time_minute, "%H:%M").hour,
-                    "min": dt.datetime.strptime(self.run_time_minute, "%H:%M").minute,
-                },
-            }
-
-        elif self.task_type == "runonce":
-            # check if scheduled time is in the past
-            agent_tz = pytz.timezone(agent.timezone)  # type: ignore
-            task_time_utc = self.run_time_date.replace(tzinfo=agent_tz).astimezone(
-                pytz.utc
-            )
-            now = djangotime.now()
-            if task_time_utc < now:
-                self.run_time_date = now.astimezone(agent_tz).replace(
-                    tzinfo=pytz.utc
-                ) + djangotime.timedelta(minutes=5)
-                self.save(update_fields=["run_time_date"])
-
-            nats_data = {
-                "func": "schedtask",
-                "schedtaskpayload": {
-                    "type": "rmm",
-                    "trigger": "once",
-                    "pk": self.pk,
-                    "name": self.win_task_name,
-                    "year": int(dt.datetime.strftime(self.run_time_date, "%Y")),
-                    "month": dt.datetime.strftime(self.run_time_date, "%B"),
-                    "day": int(dt.datetime.strftime(self.run_time_date, "%d")),
-                    "hour": int(dt.datetime.strftime(self.run_time_date, "%H")),
-                    "min": int(dt.datetime.strftime(self.run_time_date, "%M")),
-                },
-            }
-
-            if self.run_asap_after_missed and pyver.parse(agent.version) >= pyver.parse(  # type: ignore
-                "1.4.7"
+        if self.task_type in ["runonce", "daily", "weekly", "monthly", "monthlydow"]:
+            # set runonce task in future if creating and run_asap_after_missed is set
+            if (
+                not editing
+                and self.task_type == "runonce"
+                and self.run_asap_after_missed
+                and agent
+                and self.run_time_date
+                < djangotime.now().astimezone(pytz.timezone(agent.timezone))
             ):
-                nats_data["schedtaskpayload"]["run_asap_after_missed"] = True
+                self.run_time_date = (
+                    djangotime.now() + djangotime.timedelta(minutes=5)
+                ).astimezone(pytz.timezone(agent.timezone))
 
-            if self.remove_if_not_scheduled:
-                nats_data["schedtaskpayload"]["deleteafter"] = True
+            task["start_year"] = int(self.run_time_date.strftime("%Y"))
+            task["start_month"] = int(self.run_time_date.strftime("%-m"))
+            task["start_day"] = int(self.run_time_date.strftime("%-d"))
+            task["start_hour"] = int(self.run_time_date.strftime("%-H"))
+            task["start_min"] = int(self.run_time_date.strftime("%-M"))
 
-        elif self.task_type == "checkfailure" or self.task_type == "manual":
-            nats_data = {
-                "func": "schedtask",
-                "schedtaskpayload": {
-                    "type": "rmm",
-                    "trigger": "manual",
-                    "pk": self.pk,
-                    "name": self.win_task_name,
-                },
-            }
+            if self.expire_date:
+                task["expire_year"] = int(self.expire_date.strftime("%Y"))
+                task["expire_month"] = int(self.expire_date.strftime("%-m"))
+                task["expire_day"] = int(self.expire_date.strftime("%-d"))
+                task["expire_hour"] = int(self.expire_date.strftime("%-H"))
+                task["expire_min"] = int(self.expire_date.strftime("%-M"))
+
+            if self.random_task_delay:
+                task["random_delay"] = convert_to_iso_duration(self.random_task_delay)
+
+            if self.task_repetition_interval:
+                task["repetition_interval"] = convert_to_iso_duration(
+                    self.task_repetition_interval
+                )
+                task["repetition_duration"] = convert_to_iso_duration(
+                    self.task_repetition_duration
+                )
+                task["stop_at_duration_end"] = self.stop_task_at_duration_end
+
+            if self.task_type == "daily":
+                task["day_interval"] = self.daily_interval
+
+            elif self.task_type == "weekly":
+                task["week_interval"] = self.weekly_interval
+                task["days_of_week"] = self.run_time_bit_weekdays
+
+            elif self.task_type == "monthly":
+
+                # check if "last day is configured"
+                if self.monthly_days_of_month >= 0x80000000:
+                    task["days_of_month"] = self.monthly_days_of_month - 0x80000000
+                    task["run_on_last_day_of_month"] = True
+                else:
+                    task["days_of_month"] = self.monthly_days_of_month
+                    task["run_on_last_day_of_month"] = False
+
+                task["months_of_year"] = self.monthly_months_of_year
+
+            elif self.task_type == "monthlydow":
+                task["days_of_week"] = self.run_time_bit_weekdays
+                task["months_of_year"] = self.monthly_months_of_year
+                task["weeks_of_month"] = self.monthly_weeks_of_month
+
+        return task
+
+    def create_task_on_agent(self, agent: "Optional[Agent]" = None) -> str:
+        if self.policy and not agent:
+            return "agent parameter needs to be passed with policy task"
         else:
-            return "error"
+            agent = agent if self.policy else self.agent
 
-        r = asyncio.run(agent.nats_cmd(nats_data, timeout=5))  # type: ignore
-
-        if r != "ok":
-            self.sync_status = "initial"
-            self.save(update_fields=["sync_status"])
-            DebugLog.warning(
-                agent=agent,
-                log_type="agent_issues",
-                message=f"Unable to create scheduled task {self.name} on {agent.hostname}. It will be created when the agent checks in.",  # type: ignore
-            )
-            return "timeout"
-        else:
-            self.sync_status = "synced"
-            self.save(update_fields=["sync_status"])
-            DebugLog.info(
-                agent=agent,
-                log_type="agent_issues",
-                message=f"{agent.hostname} task {self.name} was successfully created",  # type: ignore
-            )
-
-        return "ok"
-
-    def modify_task_on_agent(self):
-        from agents.models import Agent
-
-        agent = (
-            Agent.objects.filter(pk=self.agent.pk)
-            .only("pk", "version", "hostname", "agent_id")
-            .first()
-        )
+        try:
+            task_result = TaskResult.objects.get(agent=agent, task=self)
+        except TaskResult.DoesNotExist:
+            task_result = TaskResult(agent=agent, task=self)
+            task_result.save()
 
         nats_data = {
-            "func": "enableschedtask",
-            "schedtaskpayload": {
-                "name": self.win_task_name,
-                "enabled": self.enabled,
-            },
+            "func": "schedtask",
+            "schedtaskpayload": self.generate_nats_task_payload(agent),
         }
-        r = asyncio.run(agent.nats_cmd(nats_data, timeout=5))  # type: ignore
+
+        r = asyncio.run(task_result.agent.nats_cmd(nats_data, timeout=5))
 
         if r != "ok":
-            self.sync_status = "notsynced"
-            self.save(update_fields=["sync_status"])
+            task_result.sync_status = "initial"
+            task_result.save(update_fields=["sync_status"])
             DebugLog.warning(
                 agent=agent,
-                log_type="agent_issues",
-                message=f"Unable to modify scheduled task {self.name} on {agent.hostname}({agent.pk}). It will try again on next agent checkin",  # type: ignore
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"Unable to create scheduled task {self.name} on {task_result.agent.hostname}. It will be created when the agent checks in.",
             )
             return "timeout"
         else:
-            self.sync_status = "synced"
-            self.save(update_fields=["sync_status"])
+            task_result.sync_status = "synced"
+            task_result.save(update_fields=["sync_status"])
             DebugLog.info(
                 agent=agent,
-                log_type="agent_issues",
-                message=f"{agent.hostname} task {self.name} was successfully modified",  # type: ignore
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"{task_result.agent.hostname} task {self.name} was successfully created",
             )
 
         return "ok"
 
-    def delete_task_on_agent(self):
-        from agents.models import Agent
+    def modify_task_on_agent(self, agent: "Optional[Agent]" = None) -> str:
+        if self.policy and not agent:
+            return "agent parameter needs to be passed with policy task"
+        else:
+            agent = agent if self.policy else self.agent
 
-        agent = (
-            Agent.objects.filter(pk=self.agent.pk)
-            .only("pk", "version", "hostname", "agent_id")
-            .first()
-        )
+        try:
+            task_result = TaskResult.objects.get(agent=agent, task=self)
+        except TaskResult.DoesNotExist:
+            task_result = TaskResult(agent=agent, task=self)
+            task_result.save()
+
+        nats_data = {
+            "func": "schedtask",
+            "schedtaskpayload": self.generate_nats_task_payload(editing=True),
+        }
+
+        r = asyncio.run(task_result.agent.nats_cmd(nats_data, timeout=5))
+
+        if r != "ok":
+            task_result.sync_status = "notsynced"
+            task_result.save(update_fields=["sync_status"])
+            DebugLog.warning(
+                agent=agent,
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"Unable to modify scheduled task {self.name} on {task_result.agent.hostname}({task_result.agent.agent_id}). It will try again on next agent checkin",
+            )
+            return "timeout"
+        else:
+            task_result.sync_status = "synced"
+            task_result.save(update_fields=["sync_status"])
+            DebugLog.info(
+                agent=agent,
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"{task_result.agent.hostname} task {self.name} was successfully modified",
+            )
+
+        return "ok"
+
+    def delete_task_on_agent(self, agent: "Optional[Agent]" = None) -> str:
+        if self.policy and not agent:
+            return "agent parameter needs to be passed with policy task"
+        else:
+            agent = agent if self.policy else self.agent
+
+        try:
+            task_result = TaskResult.objects.get(agent=agent, task=self)
+        except TaskResult.DoesNotExist:
+            task_result = TaskResult(agent=agent, task=self)
+            task_result.save()
 
         nats_data = {
             "func": "delschedtask",
             "schedtaskpayload": {"name": self.win_task_name},
         }
-        r = asyncio.run(agent.nats_cmd(nats_data, timeout=10))  # type: ignore
+        r = asyncio.run(task_result.agent.nats_cmd(nats_data, timeout=10))
 
         if r != "ok" and "The system cannot find the file specified" not in r:
-            self.sync_status = "pendingdeletion"
+            task_result.sync_status = "pendingdeletion"
 
             try:
-                self.save(update_fields=["sync_status"])
+                task_result.save(update_fields=["sync_status"])
             except DatabaseError:
                 pass
 
             DebugLog.warning(
                 agent=agent,
-                log_type="agent_issues",
-                message=f"{agent.hostname} task {self.name} will be deleted on next checkin",  # type: ignore
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"{task_result.agent.hostname} task {self.name} will be deleted on next checkin",
             )
             return "timeout"
         else:
             self.delete()
             DebugLog.info(
                 agent=agent,
-                log_type="agent_issues",
-                message=f"{agent.hostname}({agent.pk}) task {self.name} was deleted",  # type: ignore
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"{task_result.agent.hostname}({task_result.agent.agent_id}) task {self.name} was deleted",
             )
 
         return "ok"
 
-    def run_win_task(self):
-        from agents.models import Agent
+    def run_win_task(self, agent: "Optional[Agent]" = None) -> str:
+        if self.policy and not agent:
+            return "agent parameter needs to be passed with policy task"
+        else:
+            agent = agent if self.policy else self.agent
 
-        agent = (
-            Agent.objects.filter(pk=self.agent.pk)
-            .only("pk", "version", "hostname", "agent_id")
-            .first()
+        try:
+            task_result = TaskResult.objects.get(agent=agent, task=self)
+        except TaskResult.DoesNotExist:
+            task_result = TaskResult(agent=agent, task=self)
+            task_result.save()
+
+        asyncio.run(
+            task_result.agent.nats_cmd(
+                {"func": "runtask", "taskpk": self.pk}, wait=False
+            )
         )
-
-        asyncio.run(agent.nats_cmd({"func": "runtask", "taskpk": self.pk}, wait=False))  # type: ignore
         return "ok"
 
-    def save_collector_results(self):
-
-        agent_field = self.custom_field.get_or_create_field_value(self.agent)
-
-        value = (
-            self.stdout.strip()
-            if self.collector_all_output
-            else self.stdout.strip().split("\n")[-1].strip()
-        )
-        agent_field.save_to_field(value)
-
     def should_create_alert(self, alert_template=None):
         return (
             self.dashboard_alert
@@ -470,10 +498,64 @@ class AutomatedTask(BaseAuditModel):
             )
         )
 
-    def send_email(self):
-        from core.models import CoreSettings
 
-        CORE = CoreSettings.objects.first()
+class TaskResult(models.Model):
+    class Meta:
+        unique_together = (("agent", "task"),)
+
+    objects = PermissionQuerySet.as_manager()
+
+    agent = models.ForeignKey(
+        "agents.Agent",
+        related_name="taskresults",
+        on_delete=models.CASCADE,
+    )
+    task = models.ForeignKey(
+        "autotasks.AutomatedTask",
+        related_name="taskresults",
+        on_delete=models.CASCADE,
+    )
+
+    retcode = models.IntegerField(null=True, blank=True)
+    stdout = models.TextField(null=True, blank=True)
+    stderr = models.TextField(null=True, blank=True)
+    execution_time = models.CharField(max_length=100, default="0.0000")
+    last_run = models.DateTimeField(null=True, blank=True)
+    status = models.CharField(
+        max_length=30, choices=TASK_STATUS_CHOICES, default="pending"
+    )
+    sync_status = models.CharField(
+        max_length=100, choices=SYNC_STATUS_CHOICES, default="initial"
+    )
+
+    def __str__(self):
+        return f"{self.agent.hostname} - {self.task}"
+
+    def get_or_create_alert_if_needed(
+        self, alert_template: "Optional[AlertTemplate]"
+    ) -> "Optional[Alert]":
+        from alerts.models import Alert
+
+        return Alert.create_or_return_task_alert(
+            self.task,
+            agent=self.agent,
+            skip_create=not self.task.should_create_alert(alert_template),
+        )
+
+    def save_collector_results(self) -> None:
+
+        agent_field = self.task.custom_field.get_or_create_field_value(self.agent)
+
+        value = (
+            self.stdout.strip()
+            if self.task.collector_all_output
+            else self.stdout.strip().split("\n")[-1].strip()
+        )
+        agent_field.save_to_field(value)
+
+    def send_email(self):
+        CORE = get_core_settings()
+
         # Format of Email sent when Task has email alert
         if self.agent:
             subject = f"{self.agent.client.name}, {self.agent.site.name}, {self.agent.hostname} - {self} Failed"
@@ -485,12 +567,11 @@ class AutomatedTask(BaseAuditModel):
             + f" - Return code: {self.retcode}\nStdout:{self.stdout}\nStderr: {self.stderr}"
         )
 
-        CORE.send_mail(subject, body, self.agent.alert_template)  # type: ignore
+        CORE.send_mail(subject, body, self.agent.alert_template)
 
     def send_sms(self):
-        from core.models import CoreSettings
+        CORE = get_core_settings()
 
-        CORE = CoreSettings.objects.first()
         # Format of SMS sent when Task has SMS alert
         if self.agent:
             subject = f"{self.agent.client.name}, {self.agent.site.name}, {self.agent.hostname} - {self} Failed"
@@ -502,27 +583,24 @@ class AutomatedTask(BaseAuditModel):
             + f" - Return code: {self.retcode}\nStdout:{self.stdout}\nStderr: {self.stderr}"
         )
 
-        CORE.send_sms(body, alert_template=self.agent.alert_template)  # type: ignore
+        CORE.send_sms(body, alert_template=self.agent.alert_template)
 
     def send_resolved_email(self):
-        from core.models import CoreSettings
+        CORE = get_core_settings()
 
-        CORE = CoreSettings.objects.first()
         subject = f"{self.agent.client.name}, {self.agent.site.name}, {self} Resolved"
         body = (
             subject
             + f" - Return code: {self.retcode}\nStdout:{self.stdout}\nStderr: {self.stderr}"
         )
 
-        CORE.send_mail(subject, body, alert_template=self.agent.alert_template)  # type: ignore
+        CORE.send_mail(subject, body, alert_template=self.agent.alert_template)
 
     def send_resolved_sms(self):
-        from core.models import CoreSettings
-
-        CORE = CoreSettings.objects.first()
+        CORE = get_core_settings()
         subject = f"{self.agent.client.name}, {self.agent.site.name}, {self} Resolved"
         body = (
             subject
             + f" - Return code: {self.retcode}\nStdout:{self.stdout}\nStderr: {self.stderr}"
         )
-        CORE.send_sms(body, alert_template=self.agent.alert_template)  # type: ignore
+        CORE.send_sms(body, alert_template=self.agent.alert_template)

api/tacticalrmm/autotasks/permissions.py

@@ -4,7 +4,7 @@ from tacticalrmm.permissions import _has_perm, _has_perm_on_agent
 
 
 class AutoTaskPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         if r.method == "GET":
             if "agent_id" in view.kwargs.keys():
                 return _has_perm(r, "can_list_autotasks") and _has_perm_on_agent(
@@ -17,5 +17,5 @@ class AutoTaskPerms(permissions.BasePermission):
 
 
 class RunAutoTaskPerms(permissions.BasePermission):
-    def has_permission(self, r, view):
+    def has_permission(self, r, view) -> bool:
         return _has_perm(r, "can_run_autotasks")

api/tacticalrmm/autotasks/serializers.py

@@ -1,19 +1,175 @@
 from rest_framework import serializers
 
-from agents.models import Agent
-from checks.serializers import CheckSerializer
 from scripts.models import Script
-from scripts.serializers import ScriptCheckSerializer
 
-from .models import AutomatedTask
+from .models import AutomatedTask, TaskResult
+
+
+class TaskResultSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = TaskResult
+        fields = "__all__"
+        read_only_fields = ("agent", "task")
 
 
 class TaskSerializer(serializers.ModelSerializer):
 
     check_name = serializers.ReadOnlyField(source="assigned_check.readable_desc")
     schedule = serializers.ReadOnlyField()
-    last_run = serializers.ReadOnlyField(source="last_run_as_timezone")
     alert_template = serializers.SerializerMethodField()
+    run_time_date = serializers.DateTimeField(required=False)
+    expire_date = serializers.DateTimeField(allow_null=True, required=False)
+    task_result = serializers.SerializerMethodField()
+
+    def get_task_result(self, obj):
+        return (
+            TaskResultSerializer(obj.task_result).data
+            if isinstance(obj.task_result, TaskResult)
+            else {}
+        )
+
+    def validate_actions(self, value):
+
+        if not value:
+            raise serializers.ValidationError(
+                f"There must be at least one action configured"
+            )
+
+        for action in value:
+            if "type" not in action:
+                raise serializers.ValidationError(
+                    f"Each action must have a type field of either 'script' or 'cmd'"
+                )
+
+            if action["type"] == "script":
+                if "script" not in action:
+                    raise serializers.ValidationError(
+                        f"A script action type must have a 'script' field with primary key of script"
+                    )
+
+                if "script_args" not in action:
+                    raise serializers.ValidationError(
+                        f"A script action type must have a 'script_args' field with an array of arguments"
+                    )
+
+                if "timeout" not in action:
+                    raise serializers.ValidationError(
+                        f"A script action type must have a 'timeout' field"
+                    )
+
+            if action["type"] == "cmd":
+                if "command" not in action:
+                    raise serializers.ValidationError(
+                        f"A command action type must have a 'command' field"
+                    )
+
+                if "timeout" not in action:
+                    raise serializers.ValidationError(
+                        f"A command action type must have a 'timeout' field"
+                    )
+
+        return value
+
+    def validate(self, data):
+
+        # allow editing with task_type not specified
+        if self.instance and "task_type" not in data:
+
+            # remove schedule related fields from data
+            if "run_time_date" in data:
+                del data["run_time_date"]
+            if "expire_date" in data:
+                del data["expire_date"]
+            if "daily_interval" in data:
+                del data["daily_interval"]
+            if "weekly_interval" in data:
+                del data["weekly_interval"]
+            if "run_time_bit_weekdays" in data:
+                del data["run_time_bit_weekdays"]
+            if "monthly_months_of_year" in data:
+                del data["monthly_months_of_year"]
+            if "monthly_days_of_month" in data:
+                del data["monthly_days_of_month"]
+            if "monthly_weeks_of_month" in data:
+                del data["monthly_weeks_of_month"]
+            if "assigned_check" in data:
+                del data["assigned_check"]
+            return data
+
+        # run_time_date required
+        if (
+            data["task_type"] in ["runonce", "daily", "weekly", "monthly", "monthlydow"]
+            and not data["run_time_date"]
+        ):
+            raise serializers.ValidationError(
+                f"run_time_date is required for task_type '{data['task_type']}'"
+            )
+
+        # daily task type validation
+        if data["task_type"] == "daily":
+            if "daily_interval" not in data or not data["daily_interval"]:
+                raise serializers.ValidationError(
+                    f"daily_interval is required for task_type '{data['task_type']}'"
+                )
+
+        # weekly task type validation
+        elif data["task_type"] == "weekly":
+            if "weekly_interval" not in data or not data["weekly_interval"]:
+                raise serializers.ValidationError(
+                    f"weekly_interval is required for task_type '{data['task_type']}'"
+                )
+
+            if "run_time_bit_weekdays" not in data or not data["run_time_bit_weekdays"]:
+                raise serializers.ValidationError(
+                    f"run_time_bit_weekdays is required for task_type '{data['task_type']}'"
+                )
+
+        # monthly task type validation
+        elif data["task_type"] == "monthly":
+            if (
+                "monthly_months_of_year" not in data
+                or not data["monthly_months_of_year"]
+            ):
+                raise serializers.ValidationError(
+                    f"monthly_months_of_year is required for task_type '{data['task_type']}'"
+                )
+
+            if "monthly_days_of_month" not in data or not data["monthly_days_of_month"]:
+                raise serializers.ValidationError(
+                    f"monthly_days_of_month is required for task_type '{data['task_type']}'"
+                )
+
+        # monthly day of week task type validation
+        elif data["task_type"] == "monthlydow":
+            if (
+                "monthly_months_of_year" not in data
+                or not data["monthly_months_of_year"]
+            ):
+                raise serializers.ValidationError(
+                    f"monthly_months_of_year is required for task_type '{data['task_type']}'"
+                )
+
+            if (
+                "monthly_weeks_of_month" not in data
+                or not data["monthly_weeks_of_month"]
+            ):
+                raise serializers.ValidationError(
+                    f"monthly_weeks_of_month is required for task_type '{data['task_type']}'"
+                )
+
+            if "run_time_bit_weekdays" not in data or not data["run_time_bit_weekdays"]:
+                raise serializers.ValidationError(
+                    f"run_time_bit_weekdays is required for task_type '{data['task_type']}'"
+                )
+
+        # check failure task type validation
+        elif data["task_type"] == "checkfailure":
+            if "assigned_check" not in data or not data["assigned_check"]:
+                raise serializers.ValidationError(
+                    f"assigned_check is required for task_type '{data['task_type']}'"
+                )
+
+        return data
 
     def get_alert_template(self, obj):
 
@@ -37,40 +193,65 @@ class TaskSerializer(serializers.ModelSerializer):
         fields = "__all__"
 
 
-# below is for the windows agent
-class TaskRunnerScriptField(serializers.ModelSerializer):
-    class Meta:
-        model = Script
-        fields = ["id", "filepath", "filename", "shell", "script_type"]
-
-
-class TaskRunnerGetSerializer(serializers.ModelSerializer):
-
-    script = TaskRunnerScriptField(read_only=True)
-
-    class Meta:
-        model = AutomatedTask
-        fields = ["id", "script", "timeout", "enabled", "script_args"]
-
-
 class TaskGOGetSerializer(serializers.ModelSerializer):
-    script = ScriptCheckSerializer(read_only=True)
-    script_args = serializers.SerializerMethodField()
+    task_actions = serializers.SerializerMethodField()
 
-    def get_script_args(self, obj):
-        return Script.parse_script_args(
-            agent=obj.agent, shell=obj.script.shell, args=obj.script_args
-        )
+    def get_task_actions(self, obj):
+        tmp = []
+        actions_to_remove = []
+        agent = self.context["agent"]
+        for action in obj.actions:
+            if action["type"] == "cmd":
+                tmp.append(
+                    {
+                        "type": "cmd",
+                        "command": Script.parse_script_args(
+                            agent=agent,
+                            shell=action["shell"],
+                            args=[action["command"]],
+                        )[0],
+                        "shell": action["shell"],
+                        "timeout": action["timeout"],
+                    }
+                )
+            elif action["type"] == "script":
+                try:
+                    script = Script.objects.get(pk=action["script"])
+                except Script.DoesNotExist:
+                    # script doesn't exist so remove it
+                    actions_to_remove.append(action["script"])
+                    continue
+                tmp.append(
+                    {
+                        "type": "script",
+                        "script_name": script.name,
+                        "code": script.code,
+                        "script_args": Script.parse_script_args(
+                            agent=agent,
+                            shell=script.shell,
+                            args=action["script_args"],
+                        ),
+                        "shell": script.shell,
+                        "timeout": action["timeout"],
+                    }
+                )
+        if actions_to_remove:
+            task = AutomatedTask.objects.get(pk=obj.pk)
+            task.actions = [
+                action
+                for action in task.actions
+                if action["type"] == "cmd"
+                or (
+                    "script" in action.keys()
+                    and action["script"] not in actions_to_remove
+                )
+            ]
+            task.save(update_fields=["actions"])
+        return tmp
 
     class Meta:
         model = AutomatedTask
-        fields = ["id", "script", "timeout", "enabled", "script_args"]
-
-
-class TaskRunnerPatchSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = AutomatedTask
-        fields = "__all__"
+        fields = ["id", "continue_on_error", "enabled", "task_actions"]
 
 
 class TaskAuditSerializer(serializers.ModelSerializer):

api/tacticalrmm/autotasks/tasks.py

@@ -1,123 +1,146 @@
 import asyncio
 import datetime as dt
-from logging import log
 import random
 from time import sleep
-from typing import Union
+from typing import Optional, Union
 
 from django.utils import timezone as djangotime
 
-from autotasks.models import AutomatedTask
+from agents.models import Agent
+from alerts.models import Alert
+from autotasks.models import AutomatedTask, TaskResult
 from logs.models import DebugLog
 from tacticalrmm.celery import app
+from tacticalrmm.constants import DebugLogType
 
 
 @app.task
-def create_win_task_schedule(pk):
-    task = AutomatedTask.objects.get(pk=pk)
+def create_win_task_schedule(pk: int, agent_id: Optional[str] = None) -> str:
+    try:
+        task = AutomatedTask.objects.get(pk=pk)
 
-    task.create_task_on_agent()
+        if agent_id:
+            task.create_task_on_agent(Agent.objects.get(agent_id=agent_id))
+        else:
+            task.create_task_on_agent()
+    except (AutomatedTask.DoesNotExist, Agent.DoesNotExist):
+        pass
 
     return "ok"
 
 
 @app.task
-def enable_or_disable_win_task(pk):
-    task = AutomatedTask.objects.get(pk=pk)
+def modify_win_task(pk: int, agent_id: Optional[str] = None) -> str:
+    try:
+        task = AutomatedTask.objects.get(pk=pk)
 
-    task.modify_task_on_agent()
+        if agent_id:
+            task.modify_task_on_agent(Agent.objects.get(agent_id=agent_id))
+        else:
+            task.modify_task_on_agent()
+    except (AutomatedTask.DoesNotExist, Agent.DoesNotExist):
+        pass
 
     return "ok"
 
 
 @app.task
-def delete_win_task_schedule(pk):
-    task = AutomatedTask.objects.get(pk=pk)
+def delete_win_task_schedule(pk: int, agent_id: Optional[str] = None) -> str:
+    try:
+        task = AutomatedTask.objects.get(pk=pk)
+
+        if agent_id:
+            task.delete_task_on_agent(Agent.objects.get(agent_id=agent_id))
+        else:
+            task.delete_task_on_agent()
+    except (AutomatedTask.DoesNotExist, Agent.DoesNotExist):
+        pass
 
-    task.delete_task_on_agent()
     return "ok"
 
 
 @app.task
-def run_win_task(pk):
-    task = AutomatedTask.objects.get(pk=pk)
-    task.run_win_task()
+def run_win_task(pk: int, agent_id: Optional[str] = None) -> str:
+    try:
+        task = AutomatedTask.objects.get(pk=pk)
+
+        if agent_id:
+            task.run_win_task(Agent.objects.get(agent_id=agent_id))
+        else:
+            task.run_win_task()
+    except (AutomatedTask.DoesNotExist, Agent.DoesNotExist):
+        pass
+
     return "ok"
 
 
 @app.task
-def remove_orphaned_win_tasks(agentpk):
+def remove_orphaned_win_tasks() -> None:
     from agents.models import Agent
 
-    agent = Agent.objects.get(pk=agentpk)
+    for agent in Agent.online_agents():
+        r = asyncio.run(agent.nats_cmd({"func": "listschedtasks"}, timeout=10))
 
-    DebugLog.info(
-        agent=agent,
-        log_type="agent_issues",
-        message=f"Orphaned task cleanup initiated on {agent.hostname}.",
-    )
+        if not isinstance(r, list):  # empty list
+            DebugLog.error(
+                agent=agent,
+                log_type=DebugLogType.AGENT_ISSUES,
+                message=f"Unable to pull list of scheduled tasks on {agent.hostname}: {r}",
+            )
+            return
 
-    r = asyncio.run(agent.nats_cmd({"func": "listschedtasks"}, timeout=10))
+        agent_task_names = [
+            task.win_task_name for task in agent.get_tasks_with_policies()
+        ]
 
-    if not isinstance(r, list) and not r:  # empty list
-        DebugLog.error(
-            agent=agent,
-            log_type="agent_issues",
-            message=f"Unable to clean up scheduled tasks on {agent.hostname}: {r}",
+        exclude_tasks = (
+            "TacticalRMM_fixmesh",
+            "TacticalRMM_SchedReboot",
+            "TacticalRMM_sync",
+            "TacticalRMM_agentupdate",
         )
-        return "notlist"
 
-    agent_task_names = list(agent.autotasks.values_list("win_task_name", flat=True))
+        for task in r:
+            if task.startswith(exclude_tasks):
+                # skip system tasks or any pending reboots
+                continue
 
-    exclude_tasks = (
-        "TacticalRMM_fixmesh",
-        "TacticalRMM_SchedReboot",
-        "TacticalRMM_sync",
-        "TacticalRMM_agentupdate",
-    )
-
-    for task in r:
-        if task.startswith(exclude_tasks):
-            # skip system tasks or any pending reboots
-            continue
-
-        if task.startswith("TacticalRMM_") and task not in agent_task_names:
-            # delete task since it doesn't exist in UI
-            nats_data = {
-                "func": "delschedtask",
-                "schedtaskpayload": {"name": task},
-            }
-            ret = asyncio.run(agent.nats_cmd(nats_data, timeout=10))
-            if ret != "ok":
-                DebugLog.error(
-                    agent=agent,
-                    log_type="agent_issues",
-                    message=f"Unable to clean up orphaned task {task} on {agent.hostname}: {ret}",
-                )
-            else:
-                DebugLog.info(
-                    agent=agent,
-                    log_type="agent_issues",
-                    message=f"Removed orphaned task {task} from {agent.hostname}",
-                )
-
-    DebugLog.info(
-        agent=agent,
-        log_type="agent_issues",
-        message=f"Orphaned task cleanup finished on {agent.hostname}",
-    )
+            if task.startswith("TacticalRMM_") and task not in agent_task_names:
+                # delete task since it doesn't exist in UI
+                nats_data = {
+                    "func": "delschedtask",
+                    "schedtaskpayload": {"name": task},
+                }
+                ret = asyncio.run(agent.nats_cmd(nats_data, timeout=10))
+                if ret != "ok":
+                    DebugLog.error(
+                        agent=agent,
+                        log_type=DebugLogType.AGENT_ISSUES,
+                        message=f"Unable to clean up orphaned task {task} on {agent.hostname}: {ret}",
+                    )
+                else:
+                    DebugLog.info(
+                        agent=agent,
+                        log_type=DebugLogType.AGENT_ISSUES,
+                        message=f"Removed orphaned task {task} from {agent.hostname}",
+                    )
 
 
 @app.task
 def handle_task_email_alert(pk: int, alert_interval: Union[float, None] = None) -> str:
-    from alerts.models import Alert
 
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
 
     # first time sending email
     if not alert.email_sent:
-        sleep(random.randint(1, 10))
-        alert.assigned_task.send_email()
+        task_result = TaskResult.objects.get(
+            task=alert.assigned_task, agent=alert.agent
+        )
+        sleep(random.randint(1, 5))
+        task_result.send_email()
         alert.email_sent = djangotime.now()
         alert.save(update_fields=["email_sent"])
     else:
@@ -125,8 +148,11 @@ def handle_task_email_alert(pk: int, alert_interval: Union[float, None] = None)
             # send an email only if the last email sent is older than alert interval
             delta = djangotime.now() - dt.timedelta(days=alert_interval)
             if alert.email_sent < delta:
-                sleep(random.randint(1, 10))
-                alert.assigned_task.send_email()
+                task_result = TaskResult.objects.get(
+                    task=alert.assigned_task, agent=alert.agent
+                )
+                sleep(random.randint(1, 5))
+                task_result.send_email()
                 alert.email_sent = djangotime.now()
                 alert.save(update_fields=["email_sent"])
 
@@ -135,14 +161,19 @@ def handle_task_email_alert(pk: int, alert_interval: Union[float, None] = None)
 
 @app.task
 def handle_task_sms_alert(pk: int, alert_interval: Union[float, None] = None) -> str:
-    from alerts.models import Alert
 
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
 
     # first time sending text
     if not alert.sms_sent:
+        task_result = TaskResult.objects.get(
+            task=alert.assigned_task, agent=alert.agent
+        )
         sleep(random.randint(1, 3))
-        alert.assigned_task.send_sms()
+        task_result.send_sms()
         alert.sms_sent = djangotime.now()
         alert.save(update_fields=["sms_sent"])
     else:
@@ -150,8 +181,11 @@ def handle_task_sms_alert(pk: int, alert_interval: Union[float, None] = None) ->
             # send a text only if the last text sent is older than alert interval
             delta = djangotime.now() - dt.timedelta(days=alert_interval)
             if alert.sms_sent < delta:
+                task_result = TaskResult.objects.get(
+                    task=alert.assigned_task, agent=alert.agent
+                )
                 sleep(random.randint(1, 3))
-                alert.assigned_task.send_sms()
+                task_result.send_sms()
                 alert.sms_sent = djangotime.now()
                 alert.save(update_fields=["sms_sent"])
 
@@ -160,14 +194,19 @@ def handle_task_sms_alert(pk: int, alert_interval: Union[float, None] = None) ->
 
 @app.task
 def handle_resolved_task_sms_alert(pk: int) -> str:
-    from alerts.models import Alert
 
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
 
     # first time sending text
     if not alert.resolved_sms_sent:
+        task_result = TaskResult.objects.get(
+            task=alert.assigned_task, agent=alert.agent
+        )
         sleep(random.randint(1, 3))
-        alert.assigned_task.send_resolved_sms()
+        task_result.send_resolved_sms()
         alert.resolved_sms_sent = djangotime.now()
         alert.save(update_fields=["resolved_sms_sent"])
 
@@ -176,14 +215,19 @@ def handle_resolved_task_sms_alert(pk: int) -> str:
 
 @app.task
 def handle_resolved_task_email_alert(pk: int) -> str:
-    from alerts.models import Alert
 
-    alert = Alert.objects.get(pk=pk)
+    try:
+        alert = Alert.objects.get(pk=pk)
+    except Alert.DoesNotExist:
+        return "alert not found"
 
     # first time sending email
     if not alert.resolved_email_sent:
-        sleep(random.randint(1, 10))
-        alert.assigned_task.send_resolved_email()
+        task_result = TaskResult.objects.get(
+            task=alert.assigned_task, agent=alert.agent
+        )
+        sleep(random.randint(1, 5))
+        task_result.send_resolved_email()
         alert.resolved_email_sent = djangotime.now()
         alert.save(update_fields=["resolved_email_sent"])
 

api/tacticalrmm/autotasks/tests.py

@@ -1,4 +1,3 @@
-import datetime as dt
 from unittest.mock import call, patch
 
 from django.utils import timezone as djangotime
@@ -6,7 +5,7 @@ from model_bakery import baker
 
 from tacticalrmm.test import TacticalTestCase
 
-from .models import AutomatedTask
+from .models import AutomatedTask, TaskResult
 from .serializers import TaskSerializer
 from .tasks import create_win_task_schedule, remove_orphaned_win_tasks, run_win_task
 
@@ -44,11 +43,8 @@ class TestAutotaskViews(TacticalTestCase):
         self.assertEqual(resp.status_code, 200)
         self.assertEqual(len(resp.data), 4)
 
-    @patch("automation.tasks.generate_agent_autotasks_task.delay")
     @patch("autotasks.tasks.create_win_task_schedule.delay")
-    def test_add_autotask(
-        self, create_win_task_schedule, generate_agent_autotasks_task
-    ):
+    def test_add_autotask(self, create_win_task_schedule):
         url = f"{base_url}/"
 
         # setup data
@@ -56,6 +52,12 @@ class TestAutotaskViews(TacticalTestCase):
         agent = baker.make_recipe("agents.agent")
         policy = baker.make("automation.Policy")
         check = baker.make_recipe("checks.diskspace_check", agent=agent)
+        custom_field = baker.make("core.CustomField")
+
+        actions = [
+            {"type": "cmd", "command": "command", "timeout": 30},
+            {"type": "script", "script": script.id, "script_args": [], "timeout": 90},
+        ]
 
         # test invalid agent
         data = {
@@ -65,17 +67,164 @@ class TestAutotaskViews(TacticalTestCase):
         resp = self.client.post(url, data, format="json")
         self.assertEqual(resp.status_code, 404)
 
-        # test add task to agent
+        # test add task without actions
         data = {
             "agent": agent.agent_id,
             "name": "Test Task Scheduled with Assigned Check",
-            "run_time_days": ["Sunday", "Monday", "Friday"],
-            "run_time_minute": "10:00",
-            "timeout": 120,
+            "run_time_days": 56,
             "enabled": True,
-            "script": script.id,
-            "script_args": None,
-            "task_type": "scheduled",
+            "actions": [],
+            "task_type": "manual",
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 400)
+
+        # test add checkfailure task_type to agent without check
+        data = {
+            "agent": agent.agent_id,
+            "name": "Check Failure",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "checkfailure",
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 400)
+
+        create_win_task_schedule.not_assert_called()
+
+        # test add manual task_type to agent
+        data = {
+            "agent": agent.agent_id,
+            "name": "Manual",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "manual",
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 200)
+
+        create_win_task_schedule.assert_called()
+        create_win_task_schedule.reset_mock()
+
+        # test add daily task_type to agent
+        data = {
+            "agent": agent.agent_id,
+            "name": "Daily",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "daily",
+            "daily_interval": 1,
+            "run_time_date": djangotime.now(),
+            "repetition_interval": "30M",
+            "repetition_duration": "1D",
+            "random_task_delay": "5M",
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 200)
+
+        # test add weekly task_type to agent
+        data = {
+            "agent": agent.agent_id,
+            "name": "Weekly",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "weekly",
+            "weekly_interval": 2,
+            "run_time_bit_weekdays": 26,
+            "run_time_date": djangotime.now(),
+            "expire_date": djangotime.now(),
+            "repetition_interval": "30S",
+            "repetition_duration": "1H",
+            "random_task_delay": "5M",
+            "task_instance_policy": 2,
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 200)
+
+        create_win_task_schedule.assert_called()
+        create_win_task_schedule.reset_mock()
+
+        # test add monthly task_type to agent
+        data = {
+            "agent": agent.agent_id,
+            "name": "Monthly",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "monthly",
+            "monthly_months_of_year": 56,
+            "monthly_days_of_month": 350,
+            "run_time_date": djangotime.now(),
+            "expire_date": djangotime.now(),
+            "repetition_interval": "30S",
+            "repetition_duration": "1H",
+            "random_task_delay": "5M",
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 200)
+
+        create_win_task_schedule.assert_called()
+        create_win_task_schedule.reset_mock()
+
+        # test add monthly day-of-week task_type to agent
+        data = {
+            "agent": agent.agent_id,
+            "name": "Monthly",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "monthlydow",
+            "monthly_months_of_year": 500,
+            "monthly_weeks_of_month": 4,
+            "run_time_bit_weekdays": 15,
+            "run_time_date": djangotime.now(),
+            "expire_date": djangotime.now(),
+            "repetition_interval": "30S",
+            "repetition_duration": "1H",
+            "random_task_delay": "5M",
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 200)
+
+        create_win_task_schedule.assert_called()
+        create_win_task_schedule.reset_mock()
+
+        # test add monthly day-of-week task_type to agent with custom field
+        data = {
+            "agent": agent.agent_id,
+            "name": "Monthly",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "monthlydow",
+            "monthly_months_of_year": 500,
+            "monthly_weeks_of_month": 4,
+            "run_time_bit_weekdays": 15,
+            "run_time_date": djangotime.now(),
+            "expire_date": djangotime.now(),
+            "repetition_interval": "30S",
+            "repetition_duration": "1H",
+            "random_task_delay": "5M",
+            "custom_field": custom_field.id,
+        }
+
+        resp = self.client.post(url, data, format="json")
+        self.assertEqual(resp.status_code, 200)
+
+        create_win_task_schedule.assert_called()
+        create_win_task_schedule.reset_mock()
+
+        # test add checkfailure task_type to agent
+        data = {
+            "agent": agent.agent_id,
+            "name": "Check Failure",
+            "enabled": True,
+            "actions": actions,
+            "task_type": "checkfailure",
             "assigned_check": check.id,
         }
 
@@ -83,24 +232,7 @@ class TestAutotaskViews(TacticalTestCase):
         self.assertEqual(resp.status_code, 200)
 
         create_win_task_schedule.assert_called()
-
-        # test add task to policy
-        data = {
-            "policy": policy.id,  # type: ignore
-            "name": "Test Task Manual",
-            "run_time_days": [],
-            "timeout": 120,
-            "enabled": True,
-            "script": script.id,
-            "script_args": None,
-            "task_type": "manual",
-            "assigned_check": None,
-        }
-
-        resp = self.client.post(url, data, format="json")
-        self.assertEqual(resp.status_code, 200)
-
-        generate_agent_autotasks_task.assert_called_with(policy=policy.id)  # type: ignore
+        create_win_task_schedule.reset_mock()
 
         self.check_not_authenticated("post", url)
 
@@ -116,67 +248,86 @@ class TestAutotaskViews(TacticalTestCase):
         serializer = TaskSerializer(task)
 
         self.assertEqual(resp.status_code, 200)
-        self.assertEqual(resp.data, serializer.data)  # type: ignore
+        self.assertEqual(resp.data, serializer.data)
 
         self.check_not_authenticated("get", url)
 
-    @patch("autotasks.tasks.enable_or_disable_win_task.delay")
-    @patch("automation.tasks.update_policy_autotasks_fields_task.delay")
-    def test_update_autotask(
-        self, update_policy_autotasks_fields_task, enable_or_disable_win_task
-    ):
+    def test_update_autotask(self):
         # setup data
         agent = baker.make_recipe("agents.agent")
         agent_task = baker.make("autotasks.AutomatedTask", agent=agent)
         policy = baker.make("automation.Policy")
         policy_task = baker.make("autotasks.AutomatedTask", enabled=True, policy=policy)
+        custom_field = baker.make("core.CustomField")
+        script = baker.make("scripts.Script")
+
+        actions = [
+            {"type": "cmd", "command": "command", "timeout": 30},
+            {"type": "script", "script": script.id, "script_args": [], "timeout": 90},
+        ]
 
         # test invalid url
         resp = self.client.put(f"{base_url}/500/", format="json")
         self.assertEqual(resp.status_code, 404)
 
-        url = f"{base_url}/{agent_task.id}/"  # type: ignore
+        url = f"{base_url}/{agent_task.id}/"
 
-        # test editing task with no task called
+        # test editing agent task with no task update
         data = {"name": "New Name"}
 
         resp = self.client.put(url, data, format="json")
         self.assertEqual(resp.status_code, 200)
-        enable_or_disable_win_task.not_called()  # type: ignore
 
-        # test editing task
+        # test editing agent task with agent task update
         data = {"enabled": False}
 
         resp = self.client.put(url, data, format="json")
         self.assertEqual(resp.status_code, 200)
-        enable_or_disable_win_task.assert_called_with(pk=agent_task.id)  # type: ignore
 
-        url = f"{base_url}/{policy_task.id}/"  # type: ignore
-
-        # test editing policy task
-        data = {"enabled": False}
+        # test editing agent task with task_type
+        data = {
+            "name": "Monthly",
+            "actions": actions,
+            "task_type": "monthlydow",
+            "monthly_months_of_year": 500,
+            "monthly_weeks_of_month": 4,
+            "run_time_bit_weekdays": 15,
+            "run_time_date": djangotime.now(),
+            "expire_date": djangotime.now(),
+            "repetition_interval": "30S",
+            "repetition_duration": "1H",
+            "random_task_delay": "5M",
+            "custom_field": custom_field.id,
+            "run_asap_after_missed": False,
+        }
 
         resp = self.client.put(url, data, format="json")
         self.assertEqual(resp.status_code, 200)
-        update_policy_autotasks_fields_task.assert_called_with(
-            task=policy_task.id, update_agent=True  # type: ignore
-        )
-        update_policy_autotasks_fields_task.reset_mock()
 
-        # test editing policy task with no agent update
-        data = {"name": "New Name"}
+        # test trying to edit with empty actions
+        data = {
+            "name": "Monthly",
+            "actions": [],
+            "task_type": "monthlydow",
+            "monthly_months_of_year": 500,
+            "monthly_weeks_of_month": 4,
+            "run_time_bit_weekdays": 15,
+            "run_time_date": djangotime.now(),
+            "expire_date": djangotime.now(),
+            "repetition_interval": "30S",
+            "repetition_duration": "1H",
+            "random_task_delay": "5M",
+            "run_asap_afteR_missed": False,
+        }
 
         resp = self.client.put(url, data, format="json")
-        self.assertEqual(resp.status_code, 200)
-        update_policy_autotasks_fields_task.assert_called_with(task=policy_task.id)
+        self.assertEqual(resp.status_code, 400)
 
         self.check_not_authenticated("put", url)
 
+    @patch("autotasks.tasks.remove_orphaned_win_tasks.delay")
     @patch("autotasks.tasks.delete_win_task_schedule.delay")
-    @patch("automation.tasks.delete_policy_autotasks_task.delay")
-    def test_delete_autotask(
-        self, delete_policy_autotasks_task, delete_win_task_schedule
-    ):
+    def test_delete_autotask(self, delete_win_task_schedule, remove_orphaned_win_tasks):
         # setup data
         agent = baker.make_recipe("agents.agent")
         agent_task = baker.make("autotasks.AutomatedTask", agent=agent)
@@ -188,17 +339,20 @@ class TestAutotaskViews(TacticalTestCase):
         self.assertEqual(resp.status_code, 404)
 
         # test delete agent task
-        url = f"{base_url}/{agent_task.id}/"  # type: ignore
+        url = f"{base_url}/{agent_task.id}/"
         resp = self.client.delete(url, format="json")
         self.assertEqual(resp.status_code, 200)
-        delete_win_task_schedule.assert_called_with(pk=agent_task.id)  # type: ignore
+        delete_win_task_schedule.assert_called_with(pk=agent_task.id)
+        remove_orphaned_win_tasks.assert_not_called()
 
+        delete_win_task_schedule.reset_mock()
+        remove_orphaned_win_tasks.reset_mock()
         # test delete policy task
-        url = f"{base_url}/{policy_task.id}/"  # type: ignore
+        url = f"{base_url}/{policy_task.id}/"
         resp = self.client.delete(url, format="json")
         self.assertEqual(resp.status_code, 200)
-        self.assertFalse(AutomatedTask.objects.filter(pk=policy_task.id))  # type: ignore
-        delete_policy_autotasks_task.assert_called_with(task=policy_task.id)  # type: ignore
+        remove_orphaned_win_tasks.assert_called_once()
+        delete_win_task_schedule.assert_not_called()
 
         self.check_not_authenticated("delete", url)
 
@@ -213,7 +367,7 @@ class TestAutotaskViews(TacticalTestCase):
         self.assertEqual(resp.status_code, 404)
 
         # test run agent task
-        url = f"{base_url}/{task.id}/run/"  # type: ignore
+        url = f"{base_url}/{task.id}/run/"
         resp = self.client.post(url, format="json")
         self.assertEqual(resp.status_code, 200)
         run_win_task.assert_called()
@@ -228,11 +382,11 @@ class TestAutoTaskCeleryTasks(TacticalTestCase):
 
     @patch("agents.models.Agent.nats_cmd")
     def test_remove_orphaned_win_task(self, nats_cmd):
-        self.agent = baker.make_recipe("agents.agent")
-        self.task1 = AutomatedTask.objects.create(
-            agent=self.agent,
+        agent = baker.make_recipe("agents.online_agent")
+        baker.make_recipe("agents.offline_agent")
+        task1 = AutomatedTask.objects.create(
+            agent=agent,
             name="test task 1",
-            win_task_name=AutomatedTask.generate_task_name(),
         )
 
         # test removing an orphaned task
@@ -242,13 +396,13 @@ class TestAutoTaskCeleryTasks(TacticalTestCase):
             "GoogleUpdateTaskMachineCore",
             "GoogleUpdateTaskMachineUA",
             "OneDrive Standalone Update Task-S-1-5-21-717461175-241712648-1206041384-1001",
-            self.task1.win_task_name,
+            task1.win_task_name,
             "TacticalRMM_fixmesh",
             "TacticalRMM_SchedReboot_jk324kajd",
             "TacticalRMM_iggrLcOaldIZnUzLuJWPLNwikiOoJJHHznb",  # orphaned task
         ]
 
-        self.calls = [
+        calls = [
             call({"func": "listschedtasks"}, timeout=10),
             call(
                 {
@@ -262,26 +416,23 @@ class TestAutoTaskCeleryTasks(TacticalTestCase):
         ]
 
         nats_cmd.side_effect = [win_tasks, "ok"]
-        ret = remove_orphaned_win_tasks.s(self.agent.pk).apply()
+        remove_orphaned_win_tasks()
         self.assertEqual(nats_cmd.call_count, 2)
-        nats_cmd.assert_has_calls(self.calls)
-        self.assertEqual(ret.status, "SUCCESS")
+        nats_cmd.assert_has_calls(calls)
 
         # test nats delete task fail
         nats_cmd.reset_mock()
         nats_cmd.side_effect = [win_tasks, "error deleting task"]
-        ret = remove_orphaned_win_tasks.s(self.agent.pk).apply()
-        nats_cmd.assert_has_calls(self.calls)
+        remove_orphaned_win_tasks()
+        nats_cmd.assert_has_calls(calls)
         self.assertEqual(nats_cmd.call_count, 2)
-        self.assertEqual(ret.status, "SUCCESS")
 
         # no orphaned tasks
         nats_cmd.reset_mock()
         win_tasks.remove("TacticalRMM_iggrLcOaldIZnUzLuJWPLNwikiOoJJHHznb")
         nats_cmd.side_effect = [win_tasks, "ok"]
-        ret = remove_orphaned_win_tasks.s(self.agent.pk).apply()
+        remove_orphaned_win_tasks()
         self.assertEqual(nats_cmd.call_count, 1)
-        self.assertEqual(ret.status, "SUCCESS")
 
     @patch("agents.models.Agent.nats_cmd")
     def test_run_win_task(self, nats_cmd):
@@ -289,7 +440,6 @@ class TestAutoTaskCeleryTasks(TacticalTestCase):
         self.task1 = AutomatedTask.objects.create(
             agent=self.agent,
             name="test task 1",
-            win_task_name=AutomatedTask.generate_task_name(),
         )
         nats_cmd.return_value = "ok"
         ret = run_win_task.s(self.task1.pk).apply()
@@ -297,151 +447,317 @@ class TestAutoTaskCeleryTasks(TacticalTestCase):
 
     @patch("agents.models.Agent.nats_cmd")
     def test_create_win_task_schedule(self, nats_cmd):
-        self.agent = baker.make_recipe("agents.agent")
+        agent = baker.make_recipe("agents.agent", time_zone="UTC")
 
-        task_name = AutomatedTask.generate_task_name()
-        # test scheduled task
-        self.task1 = AutomatedTask.objects.create(
-            agent=self.agent,
+        # test daily task
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
             name="test task 1",
-            win_task_name=task_name,
-            task_type="scheduled",
-            run_time_bit_weekdays=127,
-            run_time_minute="21:55",
+            task_type="daily",
+            daily_interval=1,
+            run_time_date=djangotime.now() + djangotime.timedelta(hours=3, minutes=30),
         )
-        self.assertEqual(self.task1.sync_status, "initial")
+        self.assertFalse(TaskResult.objects.filter(agent=agent, task=task1).exists())
+
         nats_cmd.return_value = "ok"
-        ret = create_win_task_schedule.s(pk=self.task1.pk).apply()
-        self.assertEqual(nats_cmd.call_count, 1)
+        create_win_task_schedule(pk=task1.pk)
         nats_cmd.assert_called_with(
             {
                 "func": "schedtask",
                 "schedtaskpayload": {
+                    "pk": task1.pk,
                     "type": "rmm",
-                    "trigger": "weekly",
-                    "weekdays": 127,
-                    "pk": self.task1.pk,
-                    "name": task_name,
-                    "hour": 21,
-                    "min": 55,
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
+                    "trigger": "daily",
+                    "multiple_instances": 1,
+                    "delete_expired_task_after": False,
+                    "start_when_available": False,
+                    "start_year": int(task1.run_time_date.strftime("%Y")),
+                    "start_month": int(task1.run_time_date.strftime("%-m")),
+                    "start_day": int(task1.run_time_date.strftime("%-d")),
+                    "start_hour": int(task1.run_time_date.strftime("%-H")),
+                    "start_min": int(task1.run_time_date.strftime("%-M")),
+                    "day_interval": 1,
                 },
             },
             timeout=5,
         )
-        self.task1 = AutomatedTask.objects.get(pk=self.task1.pk)
-        self.assertEqual(self.task1.sync_status, "synced")
+        nats_cmd.reset_mock()
+        self.assertEqual(
+            TaskResult.objects.get(task=task1, agent=agent).sync_status, "synced"
+        )
 
         nats_cmd.return_value = "timeout"
-        ret = create_win_task_schedule.s(pk=self.task1.pk).apply()
-        self.assertEqual(ret.status, "SUCCESS")
-        self.task1 = AutomatedTask.objects.get(pk=self.task1.pk)
-        self.assertEqual(self.task1.sync_status, "initial")
+        create_win_task_schedule(pk=task1.pk)
+        self.assertEqual(
+            TaskResult.objects.get(task=task1, agent=agent).sync_status, "initial"
+        )
+        nats_cmd.reset_mock()
+
+        # test weekly task
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
+            name="test task 1",
+            task_type="weekly",
+            weekly_interval=1,
+            run_asap_after_missed=True,
+            run_time_bit_weekdays=127,
+            run_time_date=djangotime.now() + djangotime.timedelta(hours=3, minutes=30),
+            expire_date=djangotime.now() + djangotime.timedelta(days=100),
+            task_instance_policy=2,
+        )
+
+        nats_cmd.return_value = "ok"
+        create_win_task_schedule(pk=task1.pk)
+        nats_cmd.assert_called_with(
+            {
+                "func": "schedtask",
+                "schedtaskpayload": {
+                    "pk": task1.pk,
+                    "type": "rmm",
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
+                    "trigger": "weekly",
+                    "multiple_instances": 2,
+                    "delete_expired_task_after": False,
+                    "start_when_available": True,
+                    "start_year": int(task1.run_time_date.strftime("%Y")),
+                    "start_month": int(task1.run_time_date.strftime("%-m")),
+                    "start_day": int(task1.run_time_date.strftime("%-d")),
+                    "start_hour": int(task1.run_time_date.strftime("%-H")),
+                    "start_min": int(task1.run_time_date.strftime("%-M")),
+                    "expire_year": int(task1.expire_date.strftime("%Y")),
+                    "expire_month": int(task1.expire_date.strftime("%-m")),
+                    "expire_day": int(task1.expire_date.strftime("%-d")),
+                    "expire_hour": int(task1.expire_date.strftime("%-H")),
+                    "expire_min": int(task1.expire_date.strftime("%-M")),
+                    "week_interval": 1,
+                    "days_of_week": 127,
+                },
+            },
+            timeout=5,
+        )
+        nats_cmd.reset_mock()
+
+        # test monthly task
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
+            name="test task 1",
+            task_type="monthly",
+            random_task_delay="3M",
+            task_repetition_interval="15M",
+            task_repetition_duration="1D",
+            stop_task_at_duration_end=True,
+            monthly_days_of_month=0x80000030,
+            monthly_months_of_year=0x400,
+            run_time_date=djangotime.now() + djangotime.timedelta(hours=3, minutes=30),
+        )
+
+        nats_cmd.return_value = "ok"
+        create_win_task_schedule(pk=task1.pk)
+        nats_cmd.assert_called_with(
+            {
+                "func": "schedtask",
+                "schedtaskpayload": {
+                    "pk": task1.pk,
+                    "type": "rmm",
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
+                    "trigger": "monthly",
+                    "multiple_instances": 1,
+                    "delete_expired_task_after": False,
+                    "start_when_available": False,
+                    "start_year": int(task1.run_time_date.strftime("%Y")),
+                    "start_month": int(task1.run_time_date.strftime("%-m")),
+                    "start_day": int(task1.run_time_date.strftime("%-d")),
+                    "start_hour": int(task1.run_time_date.strftime("%-H")),
+                    "start_min": int(task1.run_time_date.strftime("%-M")),
+                    "random_delay": "PT3M",
+                    "repetition_interval": "PT15M",
+                    "repetition_duration": "P1DT",
+                    "stop_at_duration_end": True,
+                    "days_of_month": 0x30,
+                    "run_on_last_day_of_month": True,
+                    "months_of_year": 1024,
+                },
+            },
+            timeout=5,
+        )
+        nats_cmd.reset_mock()
+
+        # test monthly dow
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
+            name="test task 1",
+            task_type="monthlydow",
+            run_time_bit_weekdays=56,
+            monthly_months_of_year=0x400,
+            monthly_weeks_of_month=3,
+            run_time_date=djangotime.now() + djangotime.timedelta(hours=3, minutes=30),
+        )
+        nats_cmd.return_value = "ok"
+        create_win_task_schedule(pk=task1.pk)
+        nats_cmd.assert_called_with(
+            {
+                "func": "schedtask",
+                "schedtaskpayload": {
+                    "pk": task1.pk,
+                    "type": "rmm",
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
+                    "trigger": "monthlydow",
+                    "multiple_instances": 1,
+                    "delete_expired_task_after": False,
+                    "start_when_available": False,
+                    "start_year": int(task1.run_time_date.strftime("%Y")),
+                    "start_month": int(task1.run_time_date.strftime("%-m")),
+                    "start_day": int(task1.run_time_date.strftime("%-d")),
+                    "start_hour": int(task1.run_time_date.strftime("%-H")),
+                    "start_min": int(task1.run_time_date.strftime("%-M")),
+                    "days_of_week": 56,
+                    "months_of_year": 0x400,
+                    "weeks_of_month": 3,
+                },
+            },
+            timeout=5,
+        )
+        nats_cmd.reset_mock()
 
         # test runonce with future date
-        nats_cmd.reset_mock()
-        task_name = AutomatedTask.generate_task_name()
-        run_time_date = djangotime.now() + djangotime.timedelta(hours=22)
-        self.task2 = AutomatedTask.objects.create(
-            agent=self.agent,
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
             name="test task 2",
-            win_task_name=task_name,
             task_type="runonce",
-            run_time_date=run_time_date,
+            run_time_date=djangotime.now() + djangotime.timedelta(hours=22),
+            run_asap_after_missed=True,
         )
         nats_cmd.return_value = "ok"
-        ret = create_win_task_schedule.s(pk=self.task2.pk).apply()
+        create_win_task_schedule(pk=task1.pk)
         nats_cmd.assert_called_with(
             {
                 "func": "schedtask",
                 "schedtaskpayload": {
+                    "pk": task1.pk,
                     "type": "rmm",
-                    "trigger": "once",
-                    "pk": self.task2.pk,
-                    "name": task_name,
-                    "year": int(dt.datetime.strftime(self.task2.run_time_date, "%Y")),
-                    "month": dt.datetime.strftime(self.task2.run_time_date, "%B"),
-                    "day": int(dt.datetime.strftime(self.task2.run_time_date, "%d")),
-                    "hour": int(dt.datetime.strftime(self.task2.run_time_date, "%H")),
-                    "min": int(dt.datetime.strftime(self.task2.run_time_date, "%M")),
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
+                    "trigger": "runonce",
+                    "multiple_instances": 1,
+                    "delete_expired_task_after": False,
+                    "start_when_available": True,
+                    "start_year": int(task1.run_time_date.strftime("%Y")),
+                    "start_month": int(task1.run_time_date.strftime("%-m")),
+                    "start_day": int(task1.run_time_date.strftime("%-d")),
+                    "start_hour": int(task1.run_time_date.strftime("%-H")),
+                    "start_min": int(task1.run_time_date.strftime("%-M")),
                 },
             },
             timeout=5,
         )
-        self.assertEqual(ret.status, "SUCCESS")
+        nats_cmd.reset_mock()
 
         # test runonce with date in the past
-        nats_cmd.reset_mock()
-        task_name = AutomatedTask.generate_task_name()
-        run_time_date = djangotime.now() - djangotime.timedelta(days=13)
-        self.task3 = AutomatedTask.objects.create(
-            agent=self.agent,
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
             name="test task 3",
-            win_task_name=task_name,
             task_type="runonce",
-            run_time_date=run_time_date,
+            run_asap_after_missed=True,
+            run_time_date=djangotime.datetime(2018, 6, 1, 23, 23, 23),
         )
         nats_cmd.return_value = "ok"
-        ret = create_win_task_schedule.s(pk=self.task3.pk).apply()
-        self.task3 = AutomatedTask.objects.get(pk=self.task3.pk)
-        self.assertEqual(ret.status, "SUCCESS")
+        create_win_task_schedule(pk=task1.pk)
+        nats_cmd.assert_called()
 
-        # test checkfailure
+        # check if task is scheduled for at most 5min in the future
+        _, args, _ = nats_cmd.mock_calls[0]
+
+        current_minute = int(djangotime.now().strftime("%-M"))
+
+        if current_minute >= 55 and current_minute < 60:
+            self.assertLess(
+                args[0]["schedtaskpayload"]["start_min"],
+                int(djangotime.now().strftime("%-M")),
+            )
+        else:
+            self.assertGreater(
+                args[0]["schedtaskpayload"]["start_min"],
+                int(djangotime.now().strftime("%-M")),
+            )
+
+        # test checkfailure task
         nats_cmd.reset_mock()
-        self.check = baker.make_recipe("checks.diskspace_check", agent=self.agent)
-        task_name = AutomatedTask.generate_task_name()
-        self.task4 = AutomatedTask.objects.create(
-            agent=self.agent,
+        check = baker.make_recipe("checks.diskspace_check", agent=agent)
+        task1 = baker.make(
+            "autotasks.AutomatedTask",
+            agent=agent,
             name="test task 4",
-            win_task_name=task_name,
             task_type="checkfailure",
-            assigned_check=self.check,
+            assigned_check=check,
         )
         nats_cmd.return_value = "ok"
-        ret = create_win_task_schedule.s(pk=self.task4.pk).apply()
+        create_win_task_schedule(pk=task1.pk)
         nats_cmd.assert_called_with(
             {
                 "func": "schedtask",
                 "schedtaskpayload": {
+                    "pk": task1.pk,
                     "type": "rmm",
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
                     "trigger": "manual",
-                    "pk": self.task4.pk,
-                    "name": task_name,
+                    "multiple_instances": 1,
+                    "delete_expired_task_after": False,
+                    "start_when_available": False,
                 },
             },
             timeout=5,
         )
-        self.assertEqual(ret.status, "SUCCESS")
+        nats_cmd.reset_mock()
 
         # test manual
-        nats_cmd.reset_mock()
-        task_name = AutomatedTask.generate_task_name()
-        self.task5 = AutomatedTask.objects.create(
-            agent=self.agent,
+        task1 = AutomatedTask.objects.create(
+            agent=agent,
             name="test task 5",
-            win_task_name=task_name,
             task_type="manual",
         )
         nats_cmd.return_value = "ok"
-        ret = create_win_task_schedule.s(pk=self.task5.pk).apply()
+        create_win_task_schedule(pk=task1.pk)
         nats_cmd.assert_called_with(
             {
                 "func": "schedtask",
                 "schedtaskpayload": {
+                    "pk": task1.pk,
                     "type": "rmm",
+                    "name": task1.win_task_name,
+                    "overwrite_task": False,
+                    "enabled": True,
                     "trigger": "manual",
-                    "pk": self.task5.pk,
-                    "name": task_name,
+                    "multiple_instances": 1,
+                    "delete_expired_task_after": False,
+                    "start_when_available": False,
                 },
             },
             timeout=5,
         )
-        self.assertEqual(ret.status, "SUCCESS")
 
 
 class TestTaskPermissions(TacticalTestCase):
     def setUp(self):
         self.setup_coresettings()
-        self.client_setup()
+        self.setup_client()
 
     def test_get_tasks_permissions(self):
         agent = baker.make_recipe("agents.agent")
@@ -508,7 +824,7 @@ class TestTaskPermissions(TacticalTestCase):
         script = baker.make("scripts.Script")
 
         policy_data = {
-            "policy": policy.id,  # type: ignore
+            "policy": policy.id,
             "name": "Test Task Manual",
             "run_time_days": [],
             "timeout": 120,
@@ -654,9 +970,3 @@ class TestTaskPermissions(TacticalTestCase):
 
         self.check_authorized("post", url)
         self.check_not_authorized("post", unauthorized_url)
-
-    def test_policy_fields_to_copy_exists(self):
-        fields = [i.name for i in AutomatedTask._meta.get_fields()]
-        task = baker.make("autotasks.AutomatedTask")
-        for i in task.policy_fields_to_copy:  # type: ignore
-            self.assertIn(i, fields)

api/tacticalrmm/autotasks/views.py

@@ -1,17 +1,17 @@
 from django.shortcuts import get_object_or_404
+from rest_framework.exceptions import PermissionDenied
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
-from rest_framework.exceptions import PermissionDenied
 
 from agents.models import Agent
 from automation.models import Policy
-from tacticalrmm.utils import get_bit_days
 from tacticalrmm.permissions import _has_perm_on_agent
 
 from .models import AutomatedTask
 from .permissions import AutoTaskPerms, RunAutoTaskPerms
 from .serializers import TaskSerializer
+from .tasks import remove_orphaned_win_tasks
 
 
 class GetAddAutoTasks(APIView):
@@ -21,16 +21,15 @@ class GetAddAutoTasks(APIView):
 
         if agent_id:
             agent = get_object_or_404(Agent, agent_id=agent_id)
-            tasks = AutomatedTask.objects.filter(agent=agent)
+            tasks = agent.get_tasks_with_policies()
         elif policy:
             policy = get_object_or_404(Policy, id=policy)
             tasks = AutomatedTask.objects.filter(policy=policy)
         else:
-            tasks = AutomatedTask.objects.filter_by_role(request.user)
+            tasks = AutomatedTask.objects.filter_by_role(request.user)  # type: ignore
         return Response(TaskSerializer(tasks, many=True).data)
 
     def post(self, request):
-        from automation.tasks import generate_agent_autotasks_task
         from autotasks.tasks import create_win_task_schedule
 
         data = request.data.copy()
@@ -44,25 +43,13 @@ class GetAddAutoTasks(APIView):
 
             data["agent"] = agent.pk
 
-        bit_weekdays = None
-        if "run_time_days" in data.keys():
-            if data["run_time_days"]:
-                bit_weekdays = get_bit_days(data["run_time_days"])
-            data.pop("run_time_days")
-
         serializer = TaskSerializer(data=data)
         serializer.is_valid(raise_exception=True)
-        task = serializer.save(
-            win_task_name=AutomatedTask.generate_task_name(),
-            run_time_bit_weekdays=bit_weekdays,
-        )
+        task = serializer.save()
 
         if task.agent:
             create_win_task_schedule.delay(pk=task.pk)
 
-        elif task.policy:
-            generate_agent_autotasks_task.delay(policy=task.policy.pk)
-
         return Response(
             "The task has been created. It will show up on the agent on next checkin"
         )
@@ -94,7 +81,6 @@ class GetEditDeleteAutoTask(APIView):
         return Response("The task was updated")
 
     def delete(self, request, pk):
-        from automation.tasks import delete_policy_autotasks_task
         from autotasks.tasks import delete_win_task_schedule
 
         task = get_object_or_404(AutomatedTask, pk=pk)
@@ -104,9 +90,9 @@ class GetEditDeleteAutoTask(APIView):
 
         if task.agent:
             delete_win_task_schedule.delay(pk=task.pk)
-        elif task.policy:
-            delete_policy_autotasks_task.delay(task=task.pk)
+        else:
             task.delete()
+            remove_orphaned_win_tasks.delay()
 
         return Response(f"{task.name} will be deleted shortly")
 
@@ -122,5 +108,14 @@ class RunAutoTask(APIView):
         if task.agent and not _has_perm_on_agent(request.user, task.agent.agent_id):
             raise PermissionDenied()
 
-        run_win_task.delay(pk=pk)
-        return Response(f"{task.name} will now be run on {task.agent.hostname}")
+        # run policy task on agent
+        if "agent_id" in request.data.keys():
+            if not _has_perm_on_agent(request.user, request.data["agent_id"]):
+                raise PermissionDenied()
+
+            run_win_task.delay(pk=pk, agent_id=request.data["agent_id"])
+
+        # run normal task on agent
+        else:
+            run_win_task.delay(pk=pk)
+        return Response(f"{task.name} will now be run.")

api/tacticalrmm/checks/admin.py

@@ -1,6 +1,7 @@
 from django.contrib import admin
 
-from .models import Check, CheckHistory
+from .models import Check, CheckHistory, CheckResult
 
 admin.site.register(Check)
 admin.site.register(CheckHistory)
+admin.site.register(CheckResult)

api/tacticalrmm/checks/baker_recipes.py

@@ -1,23 +1,25 @@
 from model_bakery.recipe import Recipe
 
+from tacticalrmm.constants import CheckType, EvtLogTypes
+
 check = Recipe("checks.Check")
 
 diskspace_check = check.extend(
-    check_type="diskspace", disk="C:", warning_threshold=30, error_threshold=10
+    check_type=CheckType.DISK_SPACE, disk="C:", warning_threshold=30, error_threshold=10
 )
 
 cpuload_check = check.extend(
-    check_type="cpuload", warning_threshold=30, error_threshold=75
+    check_type=CheckType.CPU_LOAD, warning_threshold=30, error_threshold=75
 )
 
 ping_check = check.extend(check_type="ping", ip="10.10.10.10")
 
 memory_check = check.extend(
-    check_type="memory", warning_threshold=60, error_threshold=75
+    check_type=CheckType.MEMORY, warning_threshold=60, error_threshold=75
 )
 
 winsvc_check = check.extend(
-    check_type="winsvc",
+    check_type=CheckType.WINSVC,
     svc_name="ServiceName",
     svc_display_name="ServiceName",
     svc_policy_mode="manual",
@@ -25,9 +27,9 @@ winsvc_check = check.extend(
 )
 
 eventlog_check = check.extend(
-    check_type="eventlog", event_id=5000, event_type="application"
+    check_type=CheckType.EVENT_LOG, event_id=5000, event_type=EvtLogTypes.INFO
 )
 
 script_check = check.extend(
-    name="Script Name", check_type="script", script__name="Script Name"
+    name="Script Name", check_type=CheckType.SCRIPT, script__name="Script Name"
 )