Release 0.8.3

bump version
add docs for api keys
2021-09-06 09:30:51 +00:00 · 2021-09-06 09:10:00 +00:00 · 2021-09-06 08:50:18 +00:00 · 2021-09-05 23:52:33 -04:00 · 2021-09-05 23:49:10 -04:00 · 2021-09-05 12:32:37 -04:00
815 changed files with 65543 additions and 69818 deletions
--- a/.devcontainer/.env.example
+++ b/.devcontainer/.env.example
@@ -0,0 +1,32 @@
 COMPOSE_PROJECT_NAME=trmm
 IMAGE_REPO=tacticalrmm/
 VERSION=latest
 # tactical credentials (Used to login to dashboard)
 TRMM_USER=tactical
 TRMM_PASS=tactical
 # dns settings
 APP_HOST=rmm.example.com
 API_HOST=api.example.com
 MESH_HOST=mesh.example.com
 # mesh settings
 MESH_USER=tactical
 MESH_PASS=tactical
 MONGODB_USER=mongouser
 MONGODB_PASSWORD=mongopass
 # database settings
 POSTGRES_USER=postgres
 POSTGRES_PASS=postgrespass
 # DEV SETTINGS
 APP_PORT=80
 API_PORT=80
 API_PROTOCOL=https://
 HTTP_PROTOCOL=https
 DOCKER_NETWORK=172.21.0.0/24
 DOCKER_NGINX_IP=172.21.0.20
 NATS_PORTS=4222:4222
--- a/.devcontainer/api.dockerfile
+++ b/.devcontainer/api.dockerfile
@@ -0,0 +1,29 @@
 FROM python:3.9.6-slim
 ENV TACTICAL_DIR /opt/tactical
 ENV TACTICAL_READY_FILE ${TACTICAL_DIR}/tmp/tactical.ready
 ENV WORKSPACE_DIR /workspace
 ENV TACTICAL_USER tactical
 ENV VIRTUAL_ENV ${WORKSPACE_DIR}/api/tacticalrmm/env
 ENV PYTHONDONTWRITEBYTECODE=1
 ENV PYTHONUNBUFFERED=1
 EXPOSE 8000 8383 8005
 RUN groupadd -g 1000 tactical && \
    useradd -u 1000 -g 1000 tactical
 # Copy nats-api file
 COPY natsapi/bin/nats-api /usr/local/bin/
 RUN chmod +x /usr/local/bin/nats-api
 # Copy dev python reqs
 COPY .devcontainer/requirements.txt  /
 # Copy docker entrypoint.sh
 COPY .devcontainer/entrypoint.sh /
 RUN chmod +x /entrypoint.sh
 ENTRYPOINT ["/entrypoint.sh"]
 WORKDIR ${WORKSPACE_DIR}/api/tacticalrmm
--- a/.devcontainer/docker-compose.debug.yml
+++ b/.devcontainer/docker-compose.debug.yml
@@ -0,0 +1,19 @@
 version: '3.4'
 services:
  api-dev:
    image: api-dev
    build:
      context: .
      dockerfile: ./api.dockerfile
    command: ["sh", "-c", "pip install debugpy -t /tmp && python /tmp/debugpy --wait-for-client --listen 0.0.0.0:5678 manage.py runserver 0.0.0.0:8000 --nothreading --noreload"]
    ports:
      - 8000:8000
      - 5678:5678
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
    networks:
      dev:
        aliases: 
          - tactical-backend
--- a/.devcontainer/docker-compose.yml
+++ b/.devcontainer/docker-compose.yml
@@ -0,0 +1,247 @@
 version: '3.4'
 services:
  api-dev:
    container_name: trmm-api-dev
    image: api-dev
    restart: always
    build:
      context: ..
      dockerfile: .devcontainer/api.dockerfile
    command: ["tactical-api"]
    environment:
      API_PORT: ${API_PORT}
    ports:
      - "8000:${API_PORT}"
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
    networks:
      dev:
        aliases: 
          - tactical-backend
  app-dev:
    container_name: trmm-app-dev
    image: node:14-alpine
    restart: always
    command: /bin/sh -c "npm install npm@latest -g && npm install && npm run serve -- --host 0.0.0.0 --port ${APP_PORT}"
    working_dir: /workspace/web
    volumes:
      - ..:/workspace:cached
    ports:
      - "8080:${APP_PORT}"
    networks:
      dev:
        aliases: 
          - tactical-frontend
  # nats
  nats-dev:
    container_name: trmm-nats-dev
    image: ${IMAGE_REPO}tactical-nats:${VERSION}
    restart: always
    environment:
      API_HOST: ${API_HOST}
      API_PORT: ${API_PORT}
      DEV: 1
    ports:
      - "${NATS_PORTS}"
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
    networks:
      dev:
        aliases:
          - ${API_HOST}
          - tactical-nats
  # meshcentral container
  meshcentral-dev:
    container_name: trmm-meshcentral-dev
    image: ${IMAGE_REPO}tactical-meshcentral:${VERSION}
    restart: always
    environment: 
      MESH_HOST: ${MESH_HOST}
      MESH_USER: ${MESH_USER}
      MESH_PASS: ${MESH_PASS}
      MONGODB_USER: ${MONGODB_USER}
      MONGODB_PASSWORD: ${MONGODB_PASSWORD}
      NGINX_HOST_IP: ${DOCKER_NGINX_IP}
    networks:
      dev:
        aliases:
          - tactical-meshcentral
          - ${MESH_HOST}
    volumes:
      - tactical-data-dev:/opt/tactical
      - mesh-data-dev:/home/node/app/meshcentral-data
    depends_on:
      - mongodb-dev
  # mongodb container for meshcentral
  mongodb-dev:
    container_name: trmm-mongodb-dev
    image: mongo:4.4
    restart: always
    environment:
      MONGO_INITDB_ROOT_USERNAME: ${MONGODB_USER}
      MONGO_INITDB_ROOT_PASSWORD: ${MONGODB_PASSWORD}
      MONGO_INITDB_DATABASE: meshcentral
    networks:
      dev:
        aliases:
          - tactical-mongodb
    volumes:
      - mongo-dev-data:/data/db
  # postgres database for api service
  postgres-dev:
    container_name: trmm-postgres-dev
    image: postgres:13-alpine
    restart: always
    environment:
      POSTGRES_DB: tacticalrmm
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASSWORD: ${POSTGRES_PASS}
    volumes:
      - postgres-data-dev:/var/lib/postgresql/data
    networks:
      dev:
        aliases:
          - tactical-postgres
  # redis container for celery tasks
  redis-dev:
    container_name: trmm-redis-dev
    restart: always
    command: redis-server --appendonly yes
    image: redis:6.0-alpine
    volumes: 
      - redis-data-dev:/data
    networks:
      dev:
        aliases:
          - tactical-redis
  init-dev:
    container_name: trmm-init-dev
    image: api-dev
    restart: on-failure
    command: ["tactical-init-dev"]
    environment:
      POSTGRES_USER: ${POSTGRES_USER}
      POSTGRES_PASS: ${POSTGRES_PASS}
      APP_HOST: ${APP_HOST}
      API_HOST: ${API_HOST}
      MESH_HOST: ${MESH_HOST}
      MESH_USER: ${MESH_USER}
      TRMM_USER: ${TRMM_USER}
      TRMM_PASS: ${TRMM_PASS}
      HTTP_PROTOCOL: ${HTTP_PROTOCOL}
      APP_PORT: ${APP_PORT}
    depends_on:
      - postgres-dev
      - meshcentral-dev
    networks:
      - dev
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
  # container for celery worker service
  celery-dev:
    container_name: trmm-celery-dev
    image: api-dev
    command: ["tactical-celery-dev"]
    restart: always
    networks:
      - dev
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
    depends_on:
      - postgres-dev
      - redis-dev
  # container for celery beat service
  celerybeat-dev:
    container_name: trmm-celerybeat-dev
    image: api-dev
    command: ["tactical-celerybeat-dev"]
    restart: always
    networks:
      - dev
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
    depends_on:
      - postgres-dev
      - redis-dev
  # container for websockets communication
  websockets-dev:
    container_name: trmm-websockets-dev
    image: api-dev
    command: ["tactical-websockets-dev"]
    restart: always
    networks:
      dev:
        aliases:
          - tactical-websockets
    volumes:
      - tactical-data-dev:/opt/tactical
      - ..:/workspace:cached
    depends_on:
      - postgres-dev
      - redis-dev
  # container for tactical reverse proxy
  nginx-dev:
    container_name: trmm-nginx-dev
    image: ${IMAGE_REPO}tactical-nginx:${VERSION}
    restart: always
    environment:
      APP_HOST: ${APP_HOST}
      API_HOST: ${API_HOST}
      MESH_HOST: ${MESH_HOST}
      CERT_PUB_KEY: ${CERT_PUB_KEY}
      CERT_PRIV_KEY: ${CERT_PRIV_KEY}
      APP_PORT: ${APP_PORT}
      API_PORT: ${API_PORT}
      API_PROTOCOL: ${API_PROTOCOL}
    networks:
      dev:
        ipv4_address: ${DOCKER_NGINX_IP}
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - tactical-data-dev:/opt/tactical
  mkdocs-dev:
    container_name: trmm-mkdocs-dev
    image: api-dev
    restart: always
    command: ["tactical-mkdocs-dev"]
    ports:
      - "8005:8005"
    volumes:
      - ..:/workspace:cached
    networks:
      - dev
 volumes:
  tactical-data-dev:
  postgres-data-dev:
  mongo-dev-data:
  mesh-data-dev:
  redis-data-dev:
 networks:
  dev:
    driver: bridge
    ipam:
      driver: default
      config:
        - subnet: ${DOCKER_NETWORK}
--- a/.devcontainer/entrypoint.sh
+++ b/.devcontainer/entrypoint.sh
@@ -0,0 +1,160 @@
 #!/usr/bin/env bash
 set -e
 : "${TRMM_USER:=tactical}"
 : "${TRMM_PASS:=tactical}"
 : "${POSTGRES_HOST:=tactical-postgres}"
 : "${POSTGRES_PORT:=5432}"
 : "${POSTGRES_USER:=tactical}"
 : "${POSTGRES_PASS:=tactical}"
 : "${POSTGRES_DB:=tacticalrmm}"
 : "${MESH_CONTAINER:=tactical-meshcentral}"
 : "${MESH_USER:=meshcentral}"
 : "${MESH_PASS:=meshcentralpass}"
 : "${MESH_HOST:=tactical-meshcentral}"
 : "${API_HOST:=tactical-backend}"
 : "${APP_HOST:=tactical-frontend}"
 : "${REDIS_HOST:=tactical-redis}"
 : "${HTTP_PROTOCOL:=http}"
 : "${APP_PORT:=8080}"
 : "${API_PORT:=8000}"
 # Add python venv to path
 export PATH="${VIRTUAL_ENV}/bin:$PATH"
 function check_tactical_ready {
  sleep 15
  until [ -f "${TACTICAL_READY_FILE}" ]; do
    echo "waiting for init container to finish install or update..."
    sleep 10
  done
 }
 function django_setup {
  until (echo > /dev/tcp/"${POSTGRES_HOST}"/"${POSTGRES_PORT}") &> /dev/null; do
    echo "waiting for postgresql container to be ready..."
    sleep 5
  done
  until (echo > /dev/tcp/"${MESH_CONTAINER}"/443) &> /dev/null; do
    echo "waiting for meshcentral container to be ready..."
    sleep 5
  done
  echo "setting up django environment"
  # configure django settings
  MESH_TOKEN="$(cat ${TACTICAL_DIR}/tmp/mesh_token)"
  DJANGO_SEKRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 80 | head -n 1)
  localvars="$(cat << EOF
 SECRET_KEY = '${DJANGO_SEKRET}'
 DEBUG = True
 DOCKER_BUILD = True
 CERT_FILE = '/opt/tactical/certs/fullchain.pem'
 KEY_FILE = '/opt/tactical/certs/privkey.pem'
 SCRIPTS_DIR = '${WORKSPACE_DIR}/scripts'
 ALLOWED_HOSTS = ['${API_HOST}', '*']
 ADMIN_URL = 'admin/'
 CORS_ORIGIN_ALLOW_ALL = True
 DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': '${POSTGRES_DB}',
        'USER': '${POSTGRES_USER}',
        'PASSWORD': '${POSTGRES_PASS}',
        'HOST': '${POSTGRES_HOST}',
        'PORT': '${POSTGRES_PORT}',
    }
 }
 MESH_USERNAME = '${MESH_USER}'
 MESH_SITE = 'https://${MESH_HOST}'
 MESH_TOKEN_KEY = '${MESH_TOKEN}'
 REDIS_HOST    = '${REDIS_HOST}'
 ADMIN_ENABLED = True
 EOF
 )"
  echo "${localvars}" > ${WORKSPACE_DIR}/api/tacticalrmm/tacticalrmm/local_settings.py
  # run migrations and init scripts
  "${VIRTUAL_ENV}"/bin/python manage.py migrate --no-input
  "${VIRTUAL_ENV}"/bin/python manage.py collectstatic --no-input
  "${VIRTUAL_ENV}"/bin/python manage.py initial_db_setup
  "${VIRTUAL_ENV}"/bin/python manage.py initial_mesh_setup
  "${VIRTUAL_ENV}"/bin/python manage.py load_chocos
  "${VIRTUAL_ENV}"/bin/python manage.py load_community_scripts
  "${VIRTUAL_ENV}"/bin/python manage.py reload_nats
  "${VIRTUAL_ENV}"/bin/python manage.py create_installer_user
  # create super user 
  echo "from accounts.models import User; User.objects.create_superuser('${TRMM_USER}', 'admin@example.com', '${TRMM_PASS}') if not User.objects.filter(username='${TRMM_USER}').exists() else 0;" | python manage.py shell
 }
 if [ "$1" = 'tactical-init-dev' ]; then
  # make directories if they don't exist
  mkdir -p "${TACTICAL_DIR}/tmp"
  test -f "${TACTICAL_READY_FILE}" && rm "${TACTICAL_READY_FILE}"
  # setup Python virtual env and install dependencies
  ! test -e "${VIRTUAL_ENV}" && python -m venv ${VIRTUAL_ENV}
  "${VIRTUAL_ENV}"/bin/pip install --no-cache-dir -r /requirements.txt
  django_setup
  # create .env file for frontend
  webenv="$(cat << EOF
 PROD_URL = "${HTTP_PROTOCOL}://${API_HOST}"
 DEV_URL = "${HTTP_PROTOCOL}://${API_HOST}"
 APP_URL = "https://${APP_HOST}"
 DOCKER_BUILD = 1
 EOF
 )"
  echo "${webenv}" | tee "${WORKSPACE_DIR}"/web/.env > /dev/null
  # chown everything to tactical user
  chown -R "${TACTICAL_USER}":"${TACTICAL_USER}" "${WORKSPACE_DIR}"
  chown -R "${TACTICAL_USER}":"${TACTICAL_USER}" "${TACTICAL_DIR}"
  # create install ready file
  su -c "echo 'tactical-init' > ${TACTICAL_READY_FILE}" "${TACTICAL_USER}"
 fi
 if [ "$1" = 'tactical-api' ]; then
  check_tactical_ready
  "${VIRTUAL_ENV}"/bin/python manage.py runserver 0.0.0.0:"${API_PORT}"
 fi
 if [ "$1" = 'tactical-celery-dev' ]; then
  check_tactical_ready
  "${VIRTUAL_ENV}"/bin/celery -A tacticalrmm worker -l debug
 fi
 if [ "$1" = 'tactical-celerybeat-dev' ]; then
  check_tactical_ready
  test -f "${WORKSPACE_DIR}/api/tacticalrmm/celerybeat.pid" && rm "${WORKSPACE_DIR}/api/tacticalrmm/celerybeat.pid"
  "${VIRTUAL_ENV}"/bin/celery -A tacticalrmm beat -l debug
 fi
 if [ "$1" = 'tactical-websockets-dev' ]; then
  check_tactical_ready
  "${VIRTUAL_ENV}"/bin/daphne tacticalrmm.asgi:application --port 8383 -b 0.0.0.0
 fi
 if [ "$1" = 'tactical-mkdocs-dev' ]; then
  cd "${WORKSPACE_DIR}/docs"
  "${VIRTUAL_ENV}"/bin/mkdocs serve
 fi
--- a/.devcontainer/requirements.txt
+++ b/.devcontainer/requirements.txt
@@ -0,0 +1,37 @@
 # To ensure app dependencies are ported from your virtual environment/host machine into your container, run 'pip freeze > requirements.txt' in the terminal to overwrite this file
 asyncio-nats-client
 celery
 channels
 channels_redis
 django-ipware
 Django
 django-cors-headers
 django-rest-knox
 djangorestframework
 loguru
 msgpack
 psycopg2-binary
 pycparser
 pycryptodome
 pyotp
 pyparsing
 pytz
 qrcode
 redis
 twilio
 packaging
 validators
 websockets
 black
 Werkzeug
 django-extensions
 coverage
 coveralls
 model_bakery
 mkdocs
 mkdocs-material
 pymdown-extensions
 Pygments
 mypy
 pysnooper
 isort
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,5 +1,25 @@
-.git
+**/__pycache__
-.cache
+**/.classpath
-**/*.env
+**/.dockerignore
-**/env
+**/.env
 **/.git
 **/.gitignore
 **/.project
 **/.settings
 **/.toolstarget
 **/.vs
 **/.vscode
 **/*.*proj.user
 **/*.dbmdl
 **/*.jfm
 **/azds.yaml
 **/charts
 **/docker-compose*
 **/Dockerfile*
 **/node_modules
 **/npm-debug.log
 **/obj
 **/secrets.dev.yaml
 **/values.dev.yaml
 **/env
 README.md
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -0,0 +1,12 @@
 # These are supported funding model platforms
 github: wh1te909
 patreon: # Replace with a single Patreon username
 open_collective: # Replace with a single Open Collective username
 ko_fi: tacticalrmm
 tidelift: # Replace with a single Tidelift platform-name/package-name e.g., npm/babel
 community_bridge: # Replace with a single Community Bridge project-name e.g., cloud-foundry
 liberapay: # Replace with a single Liberapay username
 issuehunt: # Replace with a single IssueHunt username
 otechie: # Replace with a single Otechie username
 custom: # Replace with up to 4 custom sponsorship URLs e.g., ['link1', 'link2']
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,40 @@
 ---
 name: Bug report
 about: Create a bug report
 title: ''
 labels: ''
 assignees: ''
 ---
 **Server Info (please complete the following information):**
 - OS: [e.g. Ubuntu 20.04, Debian 10]
 - Browser: [e.g. chrome, safari]
 - RMM Version (as shown in top left of web UI):
 **Installation Method:**
  - [ ] Standard
  - [ ] Docker
 **Agent Info (please complete the following information):**
 - Agent version (as shown in the 'Summary' tab of the agent from web UI):
 - Agent OS: [e.g. Win 10 v2004, Server 2012 R2]
 **Describe the bug**
 A clear and concise description of what the bug is.
 **To Reproduce**
 Steps to reproduce the behavior:
 1. Go to '...'
 2. Click on '....'
 3. Scroll down to '....'
 4. See error
 **Expected behavior**
 A clear and concise description of what you expected to happen.
 **Screenshots**
 If applicable, add screenshots to help explain your problem.
 **Additional context**
 Add any other context about the problem here.
--- a/.github/ISSUE_TEMPLATE/feature_request.md
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,20 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
 title: ''
 labels: ''
 assignees: ''
 ---
 **Is your feature request related to a problem? Please describe.**
 A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
 **Describe the solution you'd like**
 A clear and concise description of what you want to happen.
 **Describe alternatives you've considered**
 A clear and concise description of any alternative solutions or features you've considered.
 **Additional context**
 Add any other context or screenshots about the feature request here.
--- a/.github/workflows/deploy-docs.yml
+++ b/.github/workflows/deploy-docs.yml
@@ -0,0 +1,22 @@
 name: Deploy Docs
 on:
  push:
    branches:
      - master
 defaults:
  run:
    working-directory: docs
 jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-python@v2
        with:
          python-version: 3.x
      - run: pip install --upgrade pip
      - run: pip install --upgrade setuptools wheel
      - run: pip install mkdocs mkdocs-material pymdown-extensions
      - run: mkdocs gh-deploy --force
--- a/.github/workflows/docker-build-push.yml
+++ b/.github/workflows/docker-build-push.yml
@@ -35,7 +35,7 @@ jobs:
          pull: true
          file: ./docker/containers/tactical/dockerfile
          platforms: linux/amd64
-          tags: tacticalrmm/tactical:${{ steps.prep.outputs.version }},sadnub/tactical:latest
+          tags: tacticalrmm/tactical:${{ steps.prep.outputs.version }},tacticalrmm/tactical:latest
      - name: Build and Push Tactical MeshCentral Image
        uses: docker/build-push-action@v2
@@ -45,7 +45,7 @@ jobs:
          pull: true
          file: ./docker/containers/tactical-meshcentral/dockerfile
          platforms: linux/amd64
-          tags: tacticalrmm/tactical-meshcentral:${{ steps.prep.outputs.version }},sadnub/tactical-meshcentral:latest
+          tags: tacticalrmm/tactical-meshcentral:${{ steps.prep.outputs.version }},tacticalrmm/tactical-meshcentral:latest
      - name: Build and Push Tactical NATS Image
        uses: docker/build-push-action@v2
@@ -55,17 +55,7 @@ jobs:
          pull: true
          file: ./docker/containers/tactical-nats/dockerfile
          platforms: linux/amd64
-          tags: tacticalrmm/tactical-nats:${{ steps.prep.outputs.version }},sadnub/tactical-nats:latest
+          tags: tacticalrmm/tactical-nats:${{ steps.prep.outputs.version }},tacticalrmm/tactical-nats:latest
      - name: Build and Push Tactical Salt Image
        uses: docker/build-push-action@v2
        with:
          context: .
          push: true
          pull: true
          file: ./docker/containers/tactical-salt/dockerfile
          platforms: linux/amd64
          tags: tacticalrmm/tactical-salt:${{ steps.prep.outputs.version }},sadnub/tactical-salt:latest
      - name: Build and Push Tactical Frontend Image
        uses: docker/build-push-action@v2
@@ -75,7 +65,7 @@ jobs:
          pull: true
          file: ./docker/containers/tactical-frontend/dockerfile
          platforms: linux/amd64
-          tags: tacticalrmm/tactical-frontend:${{ steps.prep.outputs.version }},sadnub/tactical-frontend:latest
+          tags: tacticalrmm/tactical-frontend:${{ steps.prep.outputs.version }},tacticalrmm/tactical-frontend:latest
      - name: Build and Push Tactical Nginx Image
        uses: docker/build-push-action@v2
@@ -85,4 +75,4 @@ jobs:
          pull: true
          file: ./docker/containers/tactical-nginx/dockerfile
          platforms: linux/amd64
-          tags: tacticalrmm/tactical-nginx:${{ steps.prep.outputs.version }},sadnub/tactical-nginx:latest
+          tags: tacticalrmm/tactical-nginx:${{ steps.prep.outputs.version }},tacticalrmm/tactical-nginx:latest
--- a/.gitignore
+++ b/.gitignore
@@ -45,3 +45,6 @@ htmlcov/
 docker-compose.dev.yml
 docs/.vuepress/dist
 nats-rmm.conf
 .mypy_cache
 docs/site/
 reset_db.sh
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -14,6 +14,20 @@
                "0.0.0.0:8000"
            ],
            "django": true
        },
        {
            "name": "Django: Docker Remote Attach",
            "type": "python",
            "request": "attach",
            "port": 5678,
            "host": "localhost",
            "preLaunchTask": "docker debug",
            "pathMappings": [
                {
                    "localRoot": "${workspaceFolder}/api/tacticalrmm",
                    "remoteRoot": "/workspace/api/tacticalrmm"
                }
            ]
        }
    ]
 }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -3,7 +3,14 @@
    "python.languageServer": "Pylance",
    "python.analysis.extraPaths": [
        "api/tacticalrmm",
        "api/env",
    ],
    "python.analysis.diagnosticSeverityOverrides": {
        "reportUnusedImport": "error",
        "reportDuplicateImport": "error",
    },
    "python.analysis.memory.keepLibraryAst": true,
    "python.linting.mypyEnabled": true,
    "python.analysis.typeCheckingMode": "basic",
    "python.formatting.provider": "black",
    "editor.formatOnSave": true,
@@ -41,4 +48,23 @@
            "**/*.zip": true
        },
    },
    "go.useLanguageServer": true,
    "[go]": {
        "editor.formatOnSave": true,
        "editor.codeActionsOnSave": {
            "source.organizeImports": false,
        },
        "editor.snippetSuggestions": "none",
    },
    "[go.mod]": {
        "editor.formatOnSave": true,
        "editor.codeActionsOnSave": {
            "source.organizeImports": true,
        },
    },
    "gopls": {
        "usePlaceholders": true,
        "completeUnimported": true,
        "staticcheck": true,
    }
 }
--- a/.vscode/tasks.json
+++ b/.vscode/tasks.json
@@ -0,0 +1,23 @@
 {
    // See https://go.microsoft.com/fwlink/?LinkId=733558
    // for the documentation about the tasks.json format
    "version": "2.0.0",
    "tasks": [
        {
            "label": "docker debug",
            "type": "shell",
            "command": "docker-compose",
            "args": [
                "-p",
                "trmm",
                "-f",
                ".devcontainer/docker-compose.yml",
                "-f",
                ".devcontainer/docker-compose.debug.yml",
                "up",
                "-d",
                "--build"
            ]
        }
    ]
 }
--- a/README.md
+++ b/README.md
@@ -6,15 +6,15 @@
 [![Code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/python/black)
 Tactical RMM is a remote monitoring & management tool for Windows computers, built with Django and Vue.\
-It uses an [agent](https://github.com/wh1te909/rmmagent) written in golang, as well as the [SaltStack](https://github.com/saltstack/salt) api and [MeshCentral](https://github.com/Ylianst/MeshCentral)
+It uses an [agent](https://github.com/wh1te909/rmmagent) written in golang and integrates with [MeshCentral](https://github.com/Ylianst/MeshCentral)
-# [LIVE DEMO](https://rmm.xlawgaming.com/)
+# [LIVE DEMO](https://rmm.tacticalrmm.io/)
-Demo database resets every hour. Alot of features are disabled for obvious reasons due to the nature of this app.
+Demo database resets every hour. A lot of features are disabled for obvious reasons due to the nature of this app.
 *Tactical RMM is currently in alpha and subject to breaking changes. Use in production at your own risk.*
 ### [Discord Chat](https://discord.gg/upGTkWp)
 ### [Documentation](https://wh1te909.github.io/tacticalrmm/)
 ## Features
 - Teamviewer-like remote desktop control
@@ -33,99 +33,6 @@ Demo database resets every hour. Alot of features are disabled for obvious reaso
 - Windows 7, 8.1, 10, Server 2008R2, 2012R2, 2016, 2019
-## Installation
+## Installation / Backup / Restore / Usage
-### Requirements
+### Refer to the [documentation](https://wh1te909.github.io/tacticalrmm/)
 - VPS with 4GB ram (an install script is provided for Ubuntu Server 20.04)
 - A domain you own with at least 3 subdomains
 - Google Authenticator app (2 factor is NOT optional)
 ### Docker
 Refer to the [docker setup](docker/readme.md)
 ### Installation example (Ubuntu server 20.04 LTS)
 Fresh VPS with latest updates\
 login as root and create a user and add to sudoers group (we will be creating a user called tactical)
 ```
 apt update && apt -y upgrade
 adduser tactical
 usermod -a -G sudo tactical
 ```
 switch to the tactical user and setup the firewall
 ```
 su - tactical
 sudo ufw default deny incoming
 sudo ufw default allow outgoing
 sudo ufw allow ssh
 sudo ufw allow http
 sudo ufw allow https
 sudo ufw allow proto tcp from any to any port 4505,4506
 sudo ufw allow proto tcp from any to any port 4222
 sudo ufw enable && sudo ufw reload
 ```
 Our domain for this example is tacticalrmm.com
 In the DNS manager of wherever our domain is hosted, we will create three A records, all pointing to the public IP address of our VPS
 Create A record ```api.tacticalrmm.com``` for the django rest backend\
 Create A record ```rmm.tacticalrmm.com``` for the vue frontend\
 Create A record ```mesh.tacticalrmm.com``` for meshcentral
 Download the install script and run it
 ```
 wget https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/install.sh
 chmod +x install.sh
 ./install.sh
 ```
 Links will be provided at the end of the install script.\
 Download the executable from the first link, then open ```rmm.tacticalrmm.com``` and login.\
 Upload the executable when prompted during the initial setup page.
 ### Install an agent
 From the app's dashboard, choose Agents > Install Agent to generate an installer.
 ## Updating
 Download and run [update.sh](https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/update.sh)
 ```
 wget https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/update.sh
 chmod +x update.sh
 ./update.sh
 ```
 ## Backup
 Download [backup.sh](https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/backup.sh)
 ```
 wget https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/backup.sh
 ```
 Change the postgres username and password at the top of the file (you can find them in `/rmm/api/tacticalrmm/tacticalrmm/local_settings.py` under the DATABASES section)
 Run it
 ```
 chmod +x backup.sh
 ./backup.sh
 ```
 ## Restore
 Change your 3 A records to point to new server's public IP
 Create same linux user account as old server and add to sudoers group and setup firewall (see install instructions above)
 Copy backup file to new server
 Download the restore script, and edit the postgres username/password at the top of the file. Same instructions as above in the backup steps.
 ```
 wget https://raw.githubusercontent.com/wh1te909/tacticalrmm/master/restore.sh
 ```
 Run the restore script, passing it the backup tar file as the first argument
 ```
 chmod +x restore.sh
 ./restore.sh rmm-backup-xxxxxxx.tar
 ```
--- a/_modules/win_agent.py
+++ b/_modules/win_agent.py
@@ -1,457 +0,0 @@
 from __future__ import absolute_import
 import psutil
 import os
 import datetime
 import zlib
 import json
 import base64
 import wmi
 import win32evtlog
 import win32con
 import win32evtlogutil
 import winerror
 from time import sleep
 import requests
 import subprocess
 import random
 import platform
 ARCH = "64" if platform.machine().endswith("64") else "32"
 PROGRAM_DIR = os.path.join(os.environ["ProgramFiles"], "TacticalAgent")
 TAC_RMM = os.path.join(PROGRAM_DIR, "tacticalrmm.exe")
 NSSM = os.path.join(PROGRAM_DIR, "nssm.exe" if ARCH == "64" else "nssm-x86.exe")
 TEMP_DIR = os.path.join(os.environ["WINDIR"], "Temp")
 SYS_DRIVE = os.environ["SystemDrive"]
 PY_BIN = os.path.join(SYS_DRIVE, "\\salt", "bin", "python.exe")
 SALT_CALL = os.path.join(SYS_DRIVE, "\\salt", "salt-call.bat")
 def get_services():
    # see https://github.com/wh1te909/tacticalrmm/issues/38
    # for why I am manually implementing the svc.as_dict() method of psutil
    ret = []
    for svc in psutil.win_service_iter():
        i = {}
        try:
            i["display_name"] = svc.display_name()
            i["binpath"] = svc.binpath()
            i["username"] = svc.username()
            i["start_type"] = svc.start_type()
            i["status"] = svc.status()
            i["pid"] = svc.pid()
            i["name"] = svc.name()
            i["description"] = svc.description()
        except Exception:
            continue
        else:
            ret.append(i)
    return ret
 def run_python_script(filename, timeout, script_type="userdefined"):
    # no longer used in agent version 0.11.0
    file_path = os.path.join(TEMP_DIR, filename)
    if os.path.exists(file_path):
        try:
            os.remove(file_path)
        except:
            pass
    if script_type == "userdefined":
        __salt__["cp.get_file"](f"salt://scripts/userdefined/{filename}", file_path)
    else:
        __salt__["cp.get_file"](f"salt://scripts/{filename}", file_path)
    return __salt__["cmd.run_all"](f"{PY_BIN} {file_path}", timeout=timeout)
 def run_script(filepath, filename, shell, timeout, args=[], bg=False):
    if shell == "powershell" or shell == "cmd":
        if args:
            return __salt__["cmd.script"](
                source=filepath,
                args=" ".join(map(lambda x: f'"{x}"', args)),
                shell=shell,
                timeout=timeout,
                bg=bg,
            )
        else:
            return __salt__["cmd.script"](
                source=filepath, shell=shell, timeout=timeout, bg=bg
            )
    elif shell == "python":
        file_path = os.path.join(TEMP_DIR, filename)
        if os.path.exists(file_path):
            try:
                os.remove(file_path)
            except:
                pass
        __salt__["cp.get_file"](filepath, file_path)
        salt_cmd = "cmd.run_bg" if bg else "cmd.run_all"
        if args:
            a = " ".join(map(lambda x: f'"{x}"', args))
            cmd = f"{PY_BIN} {file_path} {a}"
            return __salt__[salt_cmd](cmd, timeout=timeout)
        else:
            return __salt__[salt_cmd](f"{PY_BIN} {file_path}", timeout=timeout)
 def uninstall_agent():
    remove_exe = os.path.join(PROGRAM_DIR, "unins000.exe")
    __salt__["cmd.run_bg"]([remove_exe, "/VERYSILENT", "/SUPPRESSMSGBOXES"])
    return "ok"
 def update_salt():
    for p in psutil.process_iter():
        with p.oneshot():
            if p.name() == "tacticalrmm.exe" and "updatesalt" in p.cmdline():
                return "running"
    from subprocess import Popen, PIPE
    CREATE_NEW_PROCESS_GROUP = 0x00000200
    DETACHED_PROCESS = 0x00000008
    cmd = [TAC_RMM, "-m", "updatesalt"]
    p = Popen(
        cmd,
        stdin=PIPE,
        stdout=PIPE,
        stderr=PIPE,
        close_fds=True,
        creationflags=DETACHED_PROCESS | CREATE_NEW_PROCESS_GROUP,
    )
    return p.pid
 def run_manual_checks():
    __salt__["cmd.run_bg"]([TAC_RMM, "-m", "runchecks"])
    return "ok"
 def install_updates():
    for p in psutil.process_iter():
        with p.oneshot():
            if p.name() == "tacticalrmm.exe" and "winupdater" in p.cmdline():
                return "running"
    return __salt__["cmd.run_bg"]([TAC_RMM, "-m", "winupdater"])
 def _wait_for_service(svc, status, retries=10):
    attempts = 0
    while 1:
        try:
            service = psutil.win_service_get(svc)
        except psutil.NoSuchProcess:
            stat = "fail"
            attempts += 1
            sleep(5)
        else:
            stat = service.status()
            if stat != status:
                attempts += 1
                sleep(5)
            else:
                attempts = 0
        if attempts == 0 or attempts > retries:
            break
    return stat
 def agent_update_v2(inno, url):
    # make sure another instance of the update is not running
    # this function spawns 2 instances of itself (because we call it twice with salt run_bg)
    # so if more than 2 running, don't continue as an update is already running
    count = 0
    for p in psutil.process_iter():
        try:
            with p.oneshot():
                if "win_agent.agent_update_v2" in p.cmdline():
                    count += 1
        except Exception:
            continue
    if count > 2:
        return "already running"
    sleep(random.randint(1, 20))  # don't flood the rmm
    exe = os.path.join(TEMP_DIR, inno)
    if os.path.exists(exe):
        try:
            os.remove(exe)
        except:
            pass
    try:
        r = requests.get(url, stream=True, timeout=600)
    except Exception:
        return "failed"
    if r.status_code != 200:
        return "failed"
    with open(exe, "wb") as f:
        for chunk in r.iter_content(chunk_size=1024):
            if chunk:
                f.write(chunk)
    del r
    ret = subprocess.run([exe, "/VERYSILENT", "/SUPPRESSMSGBOXES"], timeout=120)
    tac = _wait_for_service(svc="tacticalagent", status="running")
    if tac != "running":
        subprocess.run([NSSM, "start", "tacticalagent"], timeout=30)
    chk = _wait_for_service(svc="checkrunner", status="running")
    if chk != "running":
        subprocess.run([NSSM, "start", "checkrunner"], timeout=30)
    return "ok"
 def do_agent_update_v2(inno, url):
    return __salt__["cmd.run_bg"](
        [
            SALT_CALL,
            "win_agent.agent_update_v2",
            f"inno={inno}",
            f"url={url}",
            "--local",
        ]
    )
 def agent_update(version, url):
    # make sure another instance of the update is not running
    # this function spawns 2 instances of itself so if more than 2 running,
    # don't continue as an update is already running
    count = 0
    for p in psutil.process_iter():
        try:
            with p.oneshot():
                if "win_agent.agent_update" in p.cmdline():
                    count += 1
        except Exception:
            continue
    if count > 2:
        return "already running"
    sleep(random.randint(1, 60))  # don't flood the rmm
    try:
        r = requests.get(url, stream=True, timeout=600)
    except Exception:
        return "failed"
    if r.status_code != 200:
        return "failed"
    exe = os.path.join(TEMP_DIR, f"winagent-v{version}.exe")
    with open(exe, "wb") as f:
        for chunk in r.iter_content(chunk_size=1024):
            if chunk:
                f.write(chunk)
    del r
    services = ("tacticalagent", "checkrunner")
    for svc in services:
        subprocess.run([NSSM, "stop", svc], timeout=120)
    sleep(10)
    r = subprocess.run([exe, "/VERYSILENT", "/SUPPRESSMSGBOXES"], timeout=300)
    sleep(30)
    for svc in services:
        subprocess.run([NSSM, "start", svc], timeout=120)
    return "ok"
 def do_agent_update(version, url):
    return __salt__["cmd.run_bg"](
        [
            SALT_CALL,
            "win_agent.agent_update",
            f"version={version}",
            f"url={url}",
            "--local",
        ]
    )
 class SystemDetail:
    def __init__(self):
        self.c = wmi.WMI()
        self.comp_sys_prod = self.c.Win32_ComputerSystemProduct()
        self.comp_sys = self.c.Win32_ComputerSystem()
        self.memory = self.c.Win32_PhysicalMemory()
        self.os = self.c.Win32_OperatingSystem()
        self.base_board = self.c.Win32_BaseBoard()
        self.bios = self.c.Win32_BIOS()
        self.disk = self.c.Win32_DiskDrive()
        self.network_adapter = self.c.Win32_NetworkAdapter()
        self.network_config = self.c.Win32_NetworkAdapterConfiguration()
        self.desktop_monitor = self.c.Win32_DesktopMonitor()
        self.cpu = self.c.Win32_Processor()
        self.usb = self.c.Win32_USBController()
    def get_all(self, obj):
        ret = []
        for i in obj:
            tmp = [
                {j: getattr(i, j)}
                for j in list(i.properties)
                if getattr(i, j) is not None
            ]
            ret.append(tmp)
        return ret
 def system_info():
    info = SystemDetail()
    return {
        "comp_sys_prod": info.get_all(info.comp_sys_prod),
        "comp_sys": info.get_all(info.comp_sys),
        "mem": info.get_all(info.memory),
        "os": info.get_all(info.os),
        "base_board": info.get_all(info.base_board),
        "bios": info.get_all(info.bios),
        "disk": info.get_all(info.disk),
        "network_adapter": info.get_all(info.network_adapter),
        "network_config": info.get_all(info.network_config),
        "desktop_monitor": info.get_all(info.desktop_monitor),
        "cpu": info.get_all(info.cpu),
        "usb": info.get_all(info.usb),
    }
 def local_sys_info():
    return __salt__["cmd.run_bg"]([TAC_RMM, "-m", "sysinfo"])
 def get_procs():
    ret = []
    # setup
    for proc in psutil.process_iter():
        with proc.oneshot():
            proc.cpu_percent(interval=None)
    # need time for psutil to record cpu percent
    sleep(1)
    for c, proc in enumerate(psutil.process_iter(), 1):
        x = {}
        with proc.oneshot():
            if proc.pid == 0 or not proc.name():
                continue
            x["name"] = proc.name()
            x["cpu_percent"] = proc.cpu_percent(interval=None) / psutil.cpu_count()
            x["memory_percent"] = proc.memory_percent()
            x["pid"] = proc.pid
            x["ppid"] = proc.ppid()
            x["status"] = proc.status()
            x["username"] = proc.username()
            x["id"] = c
        ret.append(x)
    return ret
 def _compress_json(j):
    return {
        "wineventlog": base64.b64encode(
            zlib.compress(json.dumps(j).encode("utf-8", errors="ignore"))
        ).decode("ascii", errors="ignore")
    }
 def get_eventlog(logtype, last_n_days):
    start_time = datetime.datetime.now() - datetime.timedelta(days=last_n_days)
    flags = win32evtlog.EVENTLOG_BACKWARDS_READ | win32evtlog.EVENTLOG_SEQUENTIAL_READ
    status_dict = {
        win32con.EVENTLOG_AUDIT_FAILURE: "AUDIT_FAILURE",
        win32con.EVENTLOG_AUDIT_SUCCESS: "AUDIT_SUCCESS",
        win32con.EVENTLOG_INFORMATION_TYPE: "INFO",
        win32con.EVENTLOG_WARNING_TYPE: "WARNING",
        win32con.EVENTLOG_ERROR_TYPE: "ERROR",
        0: "INFO",
    }
    computer = "localhost"
    hand = win32evtlog.OpenEventLog(computer, logtype)
    total = win32evtlog.GetNumberOfEventLogRecords(hand)
    log = []
    uid = 0
    done = False
    try:
        while 1:
            events = win32evtlog.ReadEventLog(hand, flags, 0)
            for ev_obj in events:
                uid += 1
                # return once total number of events reach or we'll be stuck in an infinite loop
                if uid >= total:
                    done = True
                    break
                the_time = ev_obj.TimeGenerated.Format()
                time_obj = datetime.datetime.strptime(the_time, "%c")
                if time_obj < start_time:
                    done = True
                    break
                computer = str(ev_obj.ComputerName)
                src = str(ev_obj.SourceName)
                evt_type = str(status_dict[ev_obj.EventType])
                evt_id = str(winerror.HRESULT_CODE(ev_obj.EventID))
                evt_category = str(ev_obj.EventCategory)
                record = str(ev_obj.RecordNumber)
                msg = (
                    str(win32evtlogutil.SafeFormatMessage(ev_obj, logtype))
                    .replace("<", "")
                    .replace(">", "")
                )
                event_dict = {
                    "computer": computer,
                    "source": src,
                    "eventType": evt_type,
                    "eventID": evt_id,
                    "eventCategory": evt_category,
                    "message": msg,
                    "time": the_time,
                    "record": record,
                    "uid": uid,
                }
                log.append(event_dict)
            if done:
                break
    except Exception:
        pass
    win32evtlog.CloseEventLog(hand)
    return _compress_json(log)
--- a/api/tacticalrmm/.coveragerc
+++ b/api/tacticalrmm/.coveragerc
@@ -20,6 +20,5 @@ omit =
    */urls.py
    */tests.py
    */test.py
    api/*.py
    checks/utils.py
--- a/api/tacticalrmm/accounts/admin.py
+++ b/api/tacticalrmm/accounts/admin.py
@@ -1,8 +1,8 @@
 from django.contrib import admin
 from rest_framework.authtoken.admin import TokenAdmin
-from .models import User
+from .models import User, Role
 admin.site.register(User)
 TokenAdmin.raw_id_fields = ("user",)
 admin.site.register(Role)
--- a/api/tacticalrmm/accounts/management/commands/create_installer_user.py
+++ b/api/tacticalrmm/accounts/management/commands/create_installer_user.py
@@ -0,0 +1,18 @@
 import uuid
 from django.core.management.base import BaseCommand
 from accounts.models import User
 class Command(BaseCommand):
    help = "Creates the installer user"
    def handle(self, *args, **kwargs):
        if User.objects.filter(is_installer_user=True).exists():
            return
        User.objects.create_user(  # type: ignore
            username=uuid.uuid4().hex,
            is_installer_user=True,
            password=User.objects.make_random_password(60),  # type: ignore
        )
--- a/api/tacticalrmm/accounts/management/commands/delete_tokens.py
+++ b/api/tacticalrmm/accounts/management/commands/delete_tokens.py
@@ -1,6 +1,5 @@
 from django.utils import timezone as djangotime
 from django.core.management.base import BaseCommand
 from django.utils import timezone as djangotime
 from knox.models import AuthToken
--- a/api/tacticalrmm/accounts/management/commands/generate_barcode.py
+++ b/api/tacticalrmm/accounts/management/commands/generate_barcode.py
@@ -1,11 +1,13 @@
 import pyotp
 import subprocess
 import pyotp
 from django.core.management.base import BaseCommand
 from accounts.models import User
 class Command(BaseCommand):
-    help = "Generates barcode for Google Authenticator and creates totp for user"
+    help = "Generates barcode for Authenticator and creates totp for user"
    def add_arguments(self, parser):
        parser.add_argument("code", type=str)
@@ -24,12 +26,10 @@ class Command(BaseCommand):
        url = pyotp.totp.TOTP(code).provisioning_uri(username, issuer_name=domain)
        subprocess.run(f'qr "{url}"', shell=True)
        self.stdout.write(
-            self.style.SUCCESS(
+            self.style.SUCCESS("Scan the barcode above with your authenticator app")
                "Scan the barcode above with your google authenticator app"
            )
        )
        self.stdout.write(
            self.style.SUCCESS(
-                f"If that doesn't work you may manually enter the key: {code}"
+                f"If that doesn't work you may manually enter the setup key: {code}"
            )
        )
--- a/api/tacticalrmm/accounts/management/commands/reset_2fa.py
+++ b/api/tacticalrmm/accounts/management/commands/reset_2fa.py
@@ -0,0 +1,57 @@
 import os
 import subprocess
 import pyotp
 from django.core.management.base import BaseCommand
 from accounts.models import User
 class Command(BaseCommand):
    help = "Reset 2fa"
    def add_arguments(self, parser):
        parser.add_argument("username", type=str)
    def handle(self, *args, **kwargs):
        username = kwargs["username"]
        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            self.stdout.write(self.style.ERROR(f"User {username} doesn't exist"))
            return
        domain = "Tactical RMM"
        nginx = "/etc/nginx/sites-available/frontend.conf"
        found = None
        if os.path.exists(nginx):
            try:
                with open(nginx, "r") as f:
                    for line in f:
                        if "server_name" in line:
                            found = line
                            break
                if found:
                    rep = found.replace("server_name", "").replace(";", "")
                    domain = "".join(rep.split())
            except:
                pass
        code = pyotp.random_base32()
        user.totp_key = code
        user.save(update_fields=["totp_key"])
        url = pyotp.totp.TOTP(code).provisioning_uri(username, issuer_name=domain)
        subprocess.run(f'qr "{url}"', shell=True)
        self.stdout.write(
            self.style.WARNING("Scan the barcode above with your authenticator app")
        )
        self.stdout.write(
            self.style.WARNING(
                f"If that doesn't work you may manually enter the setup key: {code}"
            )
        )
        self.stdout.write(
            self.style.SUCCESS(f"2fa was successfully reset for user {username}")
        )
--- a/api/tacticalrmm/accounts/management/commands/reset_password.py
+++ b/api/tacticalrmm/accounts/management/commands/reset_password.py
@@ -0,0 +1,22 @@
 from django.core.management.base import BaseCommand
 from accounts.models import User
 class Command(BaseCommand):
    help = "Reset password for user"
    def add_arguments(self, parser):
        parser.add_argument("username", type=str)
    def handle(self, *args, **kwargs):
        username = kwargs["username"]
        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            self.stdout.write(self.style.ERROR(f"User {username} doesn't exist"))
            return
        passwd = input("Enter new password: ")
        user.set_password(passwd)
        user.save()
        self.stdout.write(self.style.SUCCESS(f"Password for {username} was reset!"))
--- a/api/tacticalrmm/accounts/migrations/0001_initial.py
+++ b/api/tacticalrmm/accounts/migrations/0001_initial.py
@@ -2,8 +2,8 @@
 import django.contrib.auth.models
 import django.contrib.auth.validators
 from django.db import migrations, models
 import django.utils.timezone
 from django.db import migrations, models
 class Migration(migrations.Migration):
--- a/api/tacticalrmm/accounts/migrations/0003_auto_20200922_1344.py
+++ b/api/tacticalrmm/accounts/migrations/0003_auto_20200922_1344.py
@@ -6,28 +6,28 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('accounts', '0002_auto_20200810_0544'),
+        ("accounts", "0002_auto_20200810_0544"),
    ]
    operations = [
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='created_by',
+            name="created_by",
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='created_time',
+            name="created_time",
            field=models.DateTimeField(auto_now_add=True, null=True),
        ),
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='modified_by',
+            name="modified_by",
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='modified_time',
+            name="modified_time",
            field=models.DateTimeField(auto_now=True, null=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0004_auto_20201002_1257.py
+++ b/api/tacticalrmm/accounts/migrations/0004_auto_20201002_1257.py
@@ -6,24 +6,24 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
-        ('accounts', '0003_auto_20200922_1344'),
+        ("accounts", "0003_auto_20200922_1344"),
    ]
    operations = [
        migrations.RemoveField(
-            model_name='user',
+            model_name="user",
-            name='created_by',
+            name="created_by",
        ),
        migrations.RemoveField(
-            model_name='user',
+            model_name="user",
-            name='created_time',
+            name="created_time",
        ),
        migrations.RemoveField(
-            model_name='user',
+            model_name="user",
-            name='modified_by',
+            name="modified_by",
        ),
        migrations.RemoveField(
-            model_name='user',
+            model_name="user",
-            name='modified_time',
+            name="modified_time",
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0005_auto_20201002_1303.py
+++ b/api/tacticalrmm/accounts/migrations/0005_auto_20201002_1303.py
@@ -6,28 +6,28 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('accounts', '0004_auto_20201002_1257'),
+        ("accounts", "0004_auto_20201002_1257"),
    ]
    operations = [
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='created_by',
+            name="created_by",
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='created_time',
+            name="created_time",
            field=models.DateTimeField(auto_now_add=True, null=True),
        ),
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='modified_by',
+            name="modified_by",
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='modified_time',
+            name="modified_time",
            field=models.DateTimeField(auto_now=True, null=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0006_user_agent.py
+++ b/api/tacticalrmm/accounts/migrations/0006_user_agent.py
@@ -1,7 +1,7 @@
 # Generated by Django 3.1.2 on 2020-11-10 20:24
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
--- a/api/tacticalrmm/accounts/migrations/0008_user_dark_mode.py
+++ b/api/tacticalrmm/accounts/migrations/0008_user_dark_mode.py
@@ -6,13 +6,13 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('accounts', '0007_update_agent_primary_key'),
+        ("accounts", "0007_update_agent_primary_key"),
    ]
    operations = [
        migrations.AddField(
-            model_name='user',
+            model_name="user",
-            name='dark_mode',
+            name="dark_mode",
            field=models.BooleanField(default=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0009_user_show_community_scripts.py
+++ b/api/tacticalrmm/accounts/migrations/0009_user_show_community_scripts.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.4 on 2020-12-10 17:00
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("accounts", "0008_user_dark_mode"),
    ]
    operations = [
        migrations.AddField(
            model_name="user",
            name="show_community_scripts",
            field=models.BooleanField(default=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0010_user_agent_dblclick_action.py
+++ b/api/tacticalrmm/accounts/migrations/0010_user_agent_dblclick_action.py
@@ -0,0 +1,26 @@
 # Generated by Django 3.1.4 on 2021-01-14 01:23
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("accounts", "0009_user_show_community_scripts"),
    ]
    operations = [
        migrations.AddField(
            model_name="user",
            name="agent_dblclick_action",
            field=models.CharField(
                choices=[
                    ("editagent", "Edit Agent"),
                    ("takecontrol", "Take Control"),
                    ("remotebg", "Remote Background"),
                ],
                default="editagent",
                max_length=50,
            ),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0011_user_default_agent_tbl_tab.py
+++ b/api/tacticalrmm/accounts/migrations/0011_user_default_agent_tbl_tab.py
@@ -0,0 +1,26 @@
 # Generated by Django 3.1.5 on 2021-01-18 09:40
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ("accounts", "0010_user_agent_dblclick_action"),
    ]
    operations = [
        migrations.AddField(
            model_name="user",
            name="default_agent_tbl_tab",
            field=models.CharField(
                choices=[
                    ("server", "Servers"),
                    ("workstation", "Workstations"),
                    ("mixed", "Mixed"),
                ],
                default="server",
                max_length=50,
            ),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0012_user_agents_per_page.py
+++ b/api/tacticalrmm/accounts/migrations/0012_user_agents_per_page.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.7 on 2021-02-28 06:38
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0011_user_default_agent_tbl_tab'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='agents_per_page',
            field=models.PositiveIntegerField(default=50),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0013_user_client_tree_sort.py
+++ b/api/tacticalrmm/accounts/migrations/0013_user_client_tree_sort.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.7 on 2021-03-09 02:33
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0012_user_agents_per_page'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='client_tree_sort',
            field=models.CharField(choices=[('alphafail', 'Move failing clients to the top'), ('alpha', 'Sort alphabetically')], default='alphafail', max_length=50),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0014_user_client_tree_splitter.py
+++ b/api/tacticalrmm/accounts/migrations/0014_user_client_tree_splitter.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2 on 2021-04-11 01:43
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0013_user_client_tree_sort'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='client_tree_splitter',
            field=models.PositiveIntegerField(default=11),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0015_user_loading_bar_color.py
+++ b/api/tacticalrmm/accounts/migrations/0015_user_loading_bar_color.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2 on 2021-04-11 03:03
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0014_user_client_tree_splitter'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='loading_bar_color',
            field=models.CharField(default='red', max_length=255),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0016_auto_20210507_1526.py
+++ b/api/tacticalrmm/accounts/migrations/0016_auto_20210507_1526.py
@@ -0,0 +1,25 @@
 # Generated by Django 3.2.1 on 2021-05-07 15:26
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('core', '0022_urlaction'),
        ('accounts', '0015_user_loading_bar_color'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='url_action',
            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='user', to='core.urlaction'),
        ),
        migrations.AlterField(
            model_name='user',
            name='agent_dblclick_action',
            field=models.CharField(choices=[('editagent', 'Edit Agent'), ('takecontrol', 'Take Control'), ('remotebg', 'Remote Background'), ('urlaction', 'URL Action')], default='editagent', max_length=50),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0017_auto_20210508_1716.py
+++ b/api/tacticalrmm/accounts/migrations/0017_auto_20210508_1716.py
@@ -0,0 +1,173 @@
 # Generated by Django 3.2.1 on 2021-05-08 17:16
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0016_auto_20210507_1526'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='can_code_sign',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_do_server_maint',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_edit_agent',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_edit_core_settings',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_install_agents',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_accounts',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_alerts',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_automation_policies',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_autotasks',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_checks',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_clients',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_deployments',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_notes',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_pendingactions',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_procs',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_scripts',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_sites',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_software',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_winsvcs',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_manage_winupdates',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_reboot_agents',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_run_autotasks',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_run_bulk',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_run_checks',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_run_scripts',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_send_cmd',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_uninstall_agents',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_update_agents',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_use_mesh',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_view_auditlogs',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_view_debuglogs',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='user',
            name='can_view_eventlogs',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0018_auto_20210511_0233.py
+++ b/api/tacticalrmm/accounts/migrations/0018_auto_20210511_0233.py
@@ -0,0 +1,181 @@
 # Generated by Django 3.2.1 on 2021-05-11 02:33
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0017_auto_20210508_1716'),
    ]
    operations = [
        migrations.CreateModel(
            name='Role',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('name', models.CharField(max_length=255, unique=True)),
                ('is_superuser', models.BooleanField(default=False)),
                ('can_use_mesh', models.BooleanField(default=False)),
                ('can_uninstall_agents', models.BooleanField(default=False)),
                ('can_update_agents', models.BooleanField(default=False)),
                ('can_edit_agent', models.BooleanField(default=False)),
                ('can_manage_procs', models.BooleanField(default=False)),
                ('can_view_eventlogs', models.BooleanField(default=False)),
                ('can_send_cmd', models.BooleanField(default=False)),
                ('can_reboot_agents', models.BooleanField(default=False)),
                ('can_install_agents', models.BooleanField(default=False)),
                ('can_run_scripts', models.BooleanField(default=False)),
                ('can_run_bulk', models.BooleanField(default=False)),
                ('can_manage_notes', models.BooleanField(default=False)),
                ('can_edit_core_settings', models.BooleanField(default=False)),
                ('can_do_server_maint', models.BooleanField(default=False)),
                ('can_code_sign', models.BooleanField(default=False)),
                ('can_manage_checks', models.BooleanField(default=False)),
                ('can_run_checks', models.BooleanField(default=False)),
                ('can_manage_clients', models.BooleanField(default=False)),
                ('can_manage_sites', models.BooleanField(default=False)),
                ('can_manage_deployments', models.BooleanField(default=False)),
                ('can_manage_automation_policies', models.BooleanField(default=False)),
                ('can_manage_autotasks', models.BooleanField(default=False)),
                ('can_run_autotasks', models.BooleanField(default=False)),
                ('can_view_auditlogs', models.BooleanField(default=False)),
                ('can_manage_pendingactions', models.BooleanField(default=False)),
                ('can_view_debuglogs', models.BooleanField(default=False)),
                ('can_manage_scripts', models.BooleanField(default=False)),
                ('can_manage_alerts', models.BooleanField(default=False)),
                ('can_manage_winsvcs', models.BooleanField(default=False)),
                ('can_manage_software', models.BooleanField(default=False)),
                ('can_manage_winupdates', models.BooleanField(default=False)),
                ('can_manage_accounts', models.BooleanField(default=False)),
            ],
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_code_sign',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_do_server_maint',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_edit_agent',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_edit_core_settings',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_install_agents',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_accounts',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_alerts',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_automation_policies',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_autotasks',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_checks',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_clients',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_deployments',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_notes',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_pendingactions',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_procs',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_scripts',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_sites',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_software',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_winsvcs',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_manage_winupdates',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_reboot_agents',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_run_autotasks',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_run_bulk',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_run_checks',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_run_scripts',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_send_cmd',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_uninstall_agents',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_update_agents',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_use_mesh',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_view_auditlogs',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_view_debuglogs',
        ),
        migrations.RemoveField(
            model_name='user',
            name='can_view_eventlogs',
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0019_user_role.py
+++ b/api/tacticalrmm/accounts/migrations/0019_user_role.py
@@ -0,0 +1,25 @@
 # Generated by Django 3.2.1 on 2021-05-11 02:33
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
    dependencies = [
        ("accounts", "0018_auto_20210511_0233"),
    ]
    operations = [
        migrations.AddField(
            model_name="user",
            name="role",
            field=models.ForeignKey(
                blank=True,
                null=True,
                on_delete=django.db.models.deletion.SET_NULL,
                related_name="roles",
                to="accounts.role",
            ),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0020_role_can_manage_roles.py
+++ b/api/tacticalrmm/accounts/migrations/0020_role_can_manage_roles.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.1 on 2021-05-11 17:37
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0019_user_role'),
    ]
    operations = [
        migrations.AddField(
            model_name='role',
            name='can_manage_roles',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0021_role_can_view_core_settings.py
+++ b/api/tacticalrmm/accounts/migrations/0021_role_can_view_core_settings.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.4 on 2021-06-17 04:29
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0020_role_can_manage_roles'),
    ]
    operations = [
        migrations.AddField(
            model_name='role',
            name='can_view_core_settings',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0022_user_clear_search_when_switching.py
+++ b/api/tacticalrmm/accounts/migrations/0022_user_clear_search_when_switching.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.4 on 2021-06-28 05:01
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0021_role_can_view_core_settings'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='clear_search_when_switching',
            field=models.BooleanField(default=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0023_user_is_installer_user.py
+++ b/api/tacticalrmm/accounts/migrations/0023_user_is_installer_user.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.4 on 2021-06-30 03:22
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0022_user_clear_search_when_switching'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='is_installer_user',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0024_user_last_login_ip.py
+++ b/api/tacticalrmm/accounts/migrations/0024_user_last_login_ip.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.2.1 on 2021-07-20 20:26
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0023_user_is_installer_user'),
    ]
    operations = [
        migrations.AddField(
            model_name='user',
            name='last_login_ip',
            field=models.GenericIPAddressField(blank=True, default=None, null=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0025_auto_20210721_0424.py
+++ b/api/tacticalrmm/accounts/migrations/0025_auto_20210721_0424.py
@@ -0,0 +1,33 @@
 # Generated by Django 3.2.1 on 2021-07-21 04:24
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0024_user_last_login_ip'),
    ]
    operations = [
        migrations.AddField(
            model_name='role',
            name='created_by',
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
            model_name='role',
            name='created_time',
            field=models.DateTimeField(auto_now_add=True, null=True),
        ),
        migrations.AddField(
            model_name='role',
            name='modified_by',
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
            model_name='role',
            name='modified_time',
            field=models.DateTimeField(auto_now=True, null=True),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0026_auto_20210901_1247.py
+++ b/api/tacticalrmm/accounts/migrations/0026_auto_20210901_1247.py
@@ -0,0 +1,34 @@
 # Generated by Django 3.2.6 on 2021-09-01 12:47
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0025_auto_20210721_0424'),
    ]
    operations = [
        migrations.CreateModel(
            name='APIKey',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('created_by', models.CharField(blank=True, max_length=100, null=True)),
                ('created_time', models.DateTimeField(auto_now_add=True, null=True)),
                ('modified_by', models.CharField(blank=True, max_length=100, null=True)),
                ('modified_time', models.DateTimeField(auto_now=True, null=True)),
                ('name', models.CharField(max_length=25, unique=True)),
                ('key', models.CharField(blank=True, max_length=48, unique=True)),
                ('expiration', models.DateTimeField(blank=True, default=None, null=True)),
            ],
            options={
                'abstract': False,
            },
        ),
        migrations.AddField(
            model_name='role',
            name='can_manage_api_keys',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/accounts/migrations/0027_auto_20210903_0054.py
+++ b/api/tacticalrmm/accounts/migrations/0027_auto_20210903_0054.py
@@ -0,0 +1,25 @@
 # Generated by Django 3.2.6 on 2021-09-03 00:54
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
    dependencies = [
        ('accounts', '0026_auto_20210901_1247'),
    ]
    operations = [
        migrations.AddField(
            model_name='apikey',
            name='user',
            field=models.ForeignKey(default=1, on_delete=django.db.models.deletion.CASCADE, related_name='api_key', to='accounts.user'),
            preserve_default=False,
        ),
        migrations.AddField(
            model_name='user',
            name='block_dashboard_login',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/accounts/models.py
+++ b/api/tacticalrmm/accounts/models.py
@@ -1,13 +1,56 @@
 from django.db import models
 from django.contrib.auth.models import AbstractUser
 from django.db import models
 from django.db.models.fields import CharField, DateTimeField
 from logs.models import BaseAuditModel
 AGENT_DBLCLICK_CHOICES = [
    ("editagent", "Edit Agent"),
    ("takecontrol", "Take Control"),
    ("remotebg", "Remote Background"),
    ("urlaction", "URL Action"),
 ]
 AGENT_TBL_TAB_CHOICES = [
    ("server", "Servers"),
    ("workstation", "Workstations"),
    ("mixed", "Mixed"),
 ]
 CLIENT_TREE_SORT_CHOICES = [
    ("alphafail", "Move failing clients to the top"),
    ("alpha", "Sort alphabetically"),
 ]
 class User(AbstractUser, BaseAuditModel):
    is_active = models.BooleanField(default=True)
    block_dashboard_login = models.BooleanField(default=False)
    totp_key = models.CharField(max_length=50, null=True, blank=True)
    dark_mode = models.BooleanField(default=True)
    show_community_scripts = models.BooleanField(default=True)
    agent_dblclick_action = models.CharField(
        max_length=50, choices=AGENT_DBLCLICK_CHOICES, default="editagent"
    )
    url_action = models.ForeignKey(
        "core.URLAction",
        related_name="user",
        null=True,
        blank=True,
        on_delete=models.SET_NULL,
    )
    default_agent_tbl_tab = models.CharField(
        max_length=50, choices=AGENT_TBL_TAB_CHOICES, default="server"
    )
    agents_per_page = models.PositiveIntegerField(default=50)  # not currently used
    client_tree_sort = models.CharField(
        max_length=50, choices=CLIENT_TREE_SORT_CHOICES, default="alphafail"
    )
    client_tree_splitter = models.PositiveIntegerField(default=11)
    loading_bar_color = models.CharField(max_length=255, default="red")
    clear_search_when_switching = models.BooleanField(default=True)
    is_installer_user = models.BooleanField(default=False)
    last_login_ip = models.GenericIPAddressField(default=None, blank=True, null=True)
    agent = models.OneToOneField(
        "agents.Agent",
@@ -17,9 +60,153 @@ class User(AbstractUser, BaseAuditModel):
        on_delete=models.CASCADE,
    )
    role = models.ForeignKey(
        "accounts.Role",
        null=True,
        blank=True,
        related_name="roles",
        on_delete=models.SET_NULL,
    )
    @staticmethod
    def serialize(user):
        # serializes the task and returns json
        from .serializers import UserSerializer
        return UserSerializer(user).data
 class Role(BaseAuditModel):
    name = models.CharField(max_length=255, unique=True)
    is_superuser = models.BooleanField(default=False)
    # agents
    can_use_mesh = models.BooleanField(default=False)
    can_uninstall_agents = models.BooleanField(default=False)
    can_update_agents = models.BooleanField(default=False)
    can_edit_agent = models.BooleanField(default=False)
    can_manage_procs = models.BooleanField(default=False)
    can_view_eventlogs = models.BooleanField(default=False)
    can_send_cmd = models.BooleanField(default=False)
    can_reboot_agents = models.BooleanField(default=False)
    can_install_agents = models.BooleanField(default=False)
    can_run_scripts = models.BooleanField(default=False)
    can_run_bulk = models.BooleanField(default=False)
    # core
    can_manage_notes = models.BooleanField(default=False)
    can_view_core_settings = models.BooleanField(default=False)
    can_edit_core_settings = models.BooleanField(default=False)
    can_do_server_maint = models.BooleanField(default=False)
    can_code_sign = models.BooleanField(default=False)
    # checks
    can_manage_checks = models.BooleanField(default=False)
    can_run_checks = models.BooleanField(default=False)
    # clients
    can_manage_clients = models.BooleanField(default=False)
    can_manage_sites = models.BooleanField(default=False)
    can_manage_deployments = models.BooleanField(default=False)
    # automation
    can_manage_automation_policies = models.BooleanField(default=False)
    # automated tasks
    can_manage_autotasks = models.BooleanField(default=False)
    can_run_autotasks = models.BooleanField(default=False)
    # logs
    can_view_auditlogs = models.BooleanField(default=False)
    can_manage_pendingactions = models.BooleanField(default=False)
    can_view_debuglogs = models.BooleanField(default=False)
    # scripts
    can_manage_scripts = models.BooleanField(default=False)
    # alerts
    can_manage_alerts = models.BooleanField(default=False)
    # win services
    can_manage_winsvcs = models.BooleanField(default=False)
    # software
    can_manage_software = models.BooleanField(default=False)
    # windows updates
    can_manage_winupdates = models.BooleanField(default=False)
    # accounts
    can_manage_accounts = models.BooleanField(default=False)
    can_manage_roles = models.BooleanField(default=False)
    # authentication
    can_manage_api_keys = models.BooleanField(default=False)
    def __str__(self):
        return self.name
    @staticmethod
    def serialize(role):
        # serializes the agent and returns json
        from .serializers import RoleAuditSerializer
        return RoleAuditSerializer(role).data
    @staticmethod
    def perms():
        return [
            "is_superuser",
            "can_use_mesh",
            "can_uninstall_agents",
            "can_update_agents",
            "can_edit_agent",
            "can_manage_procs",
            "can_view_eventlogs",
            "can_send_cmd",
            "can_reboot_agents",
            "can_install_agents",
            "can_run_scripts",
            "can_run_bulk",
            "can_manage_notes",
            "can_view_core_settings",
            "can_edit_core_settings",
            "can_do_server_maint",
            "can_code_sign",
            "can_manage_checks",
            "can_run_checks",
            "can_manage_clients",
            "can_manage_sites",
            "can_manage_deployments",
            "can_manage_automation_policies",
            "can_manage_autotasks",
            "can_run_autotasks",
            "can_view_auditlogs",
            "can_manage_pendingactions",
            "can_view_debuglogs",
            "can_manage_scripts",
            "can_manage_alerts",
            "can_manage_winsvcs",
            "can_manage_software",
            "can_manage_winupdates",
            "can_manage_accounts",
            "can_manage_roles",
            "can_manage_api_keys",
        ]
 class APIKey(BaseAuditModel):
    name = CharField(unique=True, max_length=25)
    key = CharField(unique=True, blank=True, max_length=48)
    expiration = DateTimeField(blank=True, null=True, default=None)
    user = models.ForeignKey(
        "accounts.User",
        related_name="api_key",
        on_delete=models.CASCADE,
    )
    @staticmethod
    def serialize(apikey):
        from .serializers import APIKeyAuditSerializer
        return APIKeyAuditSerializer(apikey).data
--- a/api/tacticalrmm/accounts/permissions.py
+++ b/api/tacticalrmm/accounts/permissions.py
@@ -0,0 +1,40 @@
 from rest_framework import permissions
 from tacticalrmm.permissions import _has_perm
 class AccountsPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        if r.method == "GET":
            return True
        # allow users to reset their own password/2fa see issue #686
        base_path = "/accounts/users/"
        paths = ["reset/", "reset_totp/"]
        if r.path in [base_path + i for i in paths]:
            from accounts.models import User
            try:
                user = User.objects.get(pk=r.data["id"])
            except User.DoesNotExist:
                pass
            else:
                if user == r.user:
                    return True
        return _has_perm(r, "can_manage_accounts")
 class RolesPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        if r.method == "GET":
            return True
        return _has_perm(r, "can_manage_roles")
 class APIKeyPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_manage_api_keys")
--- a/api/tacticalrmm/accounts/serializers.py
+++ b/api/tacticalrmm/accounts/serializers.py
@@ -1,17 +1,34 @@
 import pyotp
 from rest_framework.serializers import (
    ModelSerializer,
    SerializerMethodField,
    ReadOnlyField,
 )
-from .models import User
+from .models import APIKey, User, Role
 class UserUISerializer(ModelSerializer):
    class Meta:
        model = User
        fields = [
            "dark_mode",
            "show_community_scripts",
            "agent_dblclick_action",
            "url_action",
            "default_agent_tbl_tab",
            "client_tree_sort",
            "client_tree_splitter",
            "loading_bar_color",
            "clear_search_when_switching",
            "block_dashboard_login",
        ]
 class UserSerializer(ModelSerializer):
    class Meta:
        model = User
-        fields = (
+        fields = [
            "id",
            "username",
            "first_name",
@@ -19,7 +36,10 @@ class UserSerializer(ModelSerializer):
            "email",
            "is_active",
            "last_login",
-        )
+            "last_login_ip",
            "role",
            "block_dashboard_login",
        ]
 class TOTPSetupSerializer(ModelSerializer):
@@ -38,3 +58,36 @@ class TOTPSetupSerializer(ModelSerializer):
        return pyotp.totp.TOTP(obj.totp_key).provisioning_uri(
            obj.username, issuer_name="Tactical RMM"
        )
 class RoleSerializer(ModelSerializer):
    class Meta:
        model = Role
        fields = "__all__"
 class RoleAuditSerializer(ModelSerializer):
    class Meta:
        model = Role
        fields = "__all__"
 class APIKeySerializer(ModelSerializer):
    username = ReadOnlyField(source="user.username")
    class Meta:
        model = APIKey
        fields = "__all__"
 class APIKeyAuditSerializer(ModelSerializer):
    username = ReadOnlyField(source="user.username")
    class Meta:
        model = APIKey
        fields = [
            "name",
            "username",
            "expiration",
        ]
--- a/api/tacticalrmm/accounts/tests.py
+++ b/api/tacticalrmm/accounts/tests.py
@@ -1,8 +1,11 @@
 from unittest.mock import patch
 from django.test import override_settings
 from django.test import override_settings
 from model_bakery import baker, seq
 from accounts.models import User, APIKey
 from tacticalrmm.test import TacticalTestCase
-from accounts.models import User
+
 from accounts.serializers import APIKeySerializer
 class TestAccounts(TacticalTestCase):
@@ -38,6 +41,12 @@ class TestAccounts(TacticalTestCase):
        self.assertEqual(r.status_code, 200)
        self.assertEqual(r.data, "ok")
        # test user set to block dashboard logins
        self.bob.block_dashboard_login = True
        self.bob.save()
        r = self.client.post(url, data, format="json")
        self.assertEqual(r.status_code, 400)
    @patch("pyotp.TOTP.verify")
    def test_login_view(self, mock_verify):
        url = "/login/"
@@ -155,6 +164,33 @@ class GetUpdateDeleteUser(TacticalTestCase):
        self.check_not_authenticated("put", url)
    @override_settings(ROOT_USER="john")
    def test_put_root_user(self):
        url = f"/accounts/{self.john.pk}/users/"
        data = {
            "id": self.john.pk,
            "username": "john",
            "email": "johndoe@xlawgaming.com",
            "first_name": "John",
            "last_name": "Doe",
        }
        r = self.client.put(url, data, format="json")
        self.assertEqual(r.status_code, 200)
    @override_settings(ROOT_USER="john")
    def test_put_not_root_user(self):
        url = f"/accounts/{self.john.pk}/users/"
        data = {
            "id": self.john.pk,
            "username": "john",
            "email": "johndoe@xlawgaming.com",
            "first_name": "John",
            "last_name": "Doe",
        }
        self.client.force_authenticate(user=self.alice)
        r = self.client.put(url, data, format="json")
        self.assertEqual(r.status_code, 400)
    def test_delete(self):
        url = f"/accounts/{self.john.pk}/users/"
        r = self.client.delete(url)
@@ -166,6 +202,19 @@ class GetUpdateDeleteUser(TacticalTestCase):
        self.check_not_authenticated("delete", url)
    @override_settings(ROOT_USER="john")
    def test_delete_root_user(self):
        url = f"/accounts/{self.john.pk}/users/"
        r = self.client.delete(url)
        self.assertEqual(r.status_code, 200)
    @override_settings(ROOT_USER="john")
    def test_delete_non_root_user(self):
        url = f"/accounts/{self.john.pk}/users/"
        self.client.force_authenticate(user=self.alice)
        r = self.client.delete(url)
        self.assertEqual(r.status_code, 400)
 class TestUserAction(TacticalTestCase):
    def setUp(self):
@@ -184,6 +233,21 @@ class TestUserAction(TacticalTestCase):
        self.check_not_authenticated("post", url)
    @override_settings(ROOT_USER="john")
    def test_post_root_user(self):
        url = "/accounts/users/reset/"
        data = {"id": self.john.pk, "password": "3ASDjh2345kJA!@#)#@__123"}
        r = self.client.post(url, data, format="json")
        self.assertEqual(r.status_code, 200)
    @override_settings(ROOT_USER="john")
    def test_post_non_root_user(self):
        url = "/accounts/users/reset/"
        data = {"id": self.john.pk, "password": "3ASDjh2345kJA!@#)#@__123"}
        self.client.force_authenticate(user=self.alice)
        r = self.client.post(url, data, format="json")
        self.assertEqual(r.status_code, 400)
    def test_put(self):
        url = "/accounts/users/reset/"
        data = {"id": self.john.pk}
@@ -195,15 +259,105 @@ class TestUserAction(TacticalTestCase):
        self.check_not_authenticated("put", url)
-    def test_darkmode(self):
+    @override_settings(ROOT_USER="john")
    def test_put_root_user(self):
        url = "/accounts/users/reset/"
        data = {"id": self.john.pk}
        r = self.client.put(url, data, format="json")
        self.assertEqual(r.status_code, 200)
        user = User.objects.get(pk=self.john.pk)
        self.assertEqual(user.totp_key, "")
    @override_settings(ROOT_USER="john")
    def test_put_non_root_user(self):
        url = "/accounts/users/reset/"
        data = {"id": self.john.pk}
        self.client.force_authenticate(user=self.alice)
        r = self.client.put(url, data, format="json")
        self.assertEqual(r.status_code, 400)
    def test_user_ui(self):
        url = "/accounts/users/ui/"
-        data = {"dark_mode": False}
+
        data = {
            "dark_mode": True,
            "show_community_scripts": True,
            "agent_dblclick_action": "editagent",
            "default_agent_tbl_tab": "mixed",
            "client_tree_sort": "alpha",
            "client_tree_splitter": 14,
            "loading_bar_color": "green",
            "clear_search_when_switching": False,
        }
        r = self.client.patch(url, data, format="json")
        self.assertEqual(r.status_code, 200)
        self.check_not_authenticated("patch", url)
 class TestAPIKeyViews(TacticalTestCase):
    def setUp(self):
        self.setup_coresettings()
        self.authenticate()
    def test_get_api_keys(self):
        url = "/accounts/apikeys/"
        apikeys = baker.make("accounts.APIKey", key=seq("APIKEY"), _quantity=3)
        serializer = APIKeySerializer(apikeys, many=True)
        resp = self.client.get(url, format="json")
        self.assertEqual(resp.status_code, 200)
        self.assertEqual(serializer.data, resp.data)  # type: ignore
        self.check_not_authenticated("get", url)
    def test_add_api_keys(self):
        url = "/accounts/apikeys/"
        user = baker.make("accounts.User")
        data = {"name": "Name", "user": user.id, "expiration": None}
        resp = self.client.post(url, data, format="json")
        self.assertEqual(resp.status_code, 200)
        self.assertTrue(APIKey.objects.filter(name="Name").exists())
        self.assertTrue(APIKey.objects.get(name="Name").key)
        self.check_not_authenticated("post", url)
    def test_modify_api_key(self):
        # test a call where api key doesn't exist
        resp = self.client.put("/accounts/apikeys/500/", format="json")
        self.assertEqual(resp.status_code, 404)
        apikey = baker.make("accounts.APIKey", name="Test")
        url = f"/accounts/apikeys/{apikey.pk}/"  # type: ignore
        data = {"name": "New Name"}  # type: ignore
        resp = self.client.put(url, data, format="json")
        self.assertEqual(resp.status_code, 200)
        apikey = APIKey.objects.get(pk=apikey.pk)  # type: ignore
        self.assertEquals(apikey.name, "New Name")
        self.check_not_authenticated("put", url)
    def test_delete_api_key(self):
        # test a call where api key doesn't exist
        resp = self.client.delete("/accounts/apikeys/500/", format="json")
        self.assertEqual(resp.status_code, 404)
        # test delete api key
        apikey = baker.make("accounts.APIKey")
        url = f"/accounts/apikeys/{apikey.pk}/"  # type: ignore
        resp = self.client.delete(url, format="json")
        self.assertEqual(resp.status_code, 200)
        self.assertFalse(APIKey.objects.filter(pk=apikey.pk).exists())  # type: ignore
        self.check_not_authenticated("delete", url)
 class TestTOTPSetup(TacticalTestCase):
    def setUp(self):
        self.authenticate()
@@ -229,3 +383,29 @@ class TestTOTPSetup(TacticalTestCase):
        r = self.client.post(url)
        self.assertEqual(r.status_code, 200)
        self.assertEqual(r.data, "totp token already set")
 class TestAPIAuthentication(TacticalTestCase):
    def setUp(self):
        # create User and associate to API Key
        self.user = User.objects.create(username="api_user", is_superuser=True)
        self.api_key = APIKey.objects.create(
            name="Test Token", key="123456", user=self.user
        )
        self.client_setup()
    def test_api_auth(self):
        url = "/clients/clients/"
        # auth should fail if no header set
        self.check_not_authenticated("get", url)
        # invalid api key in header should return code 400
        self.client.credentials(HTTP_X_API_KEY="000000")
        r = self.client.get(url, format="json")
        self.assertEqual(r.status_code, 401)
        # valid api key in header should return code 200
        self.client.credentials(HTTP_X_API_KEY="123456")
        r = self.client.get(url, format="json")
        self.assertEqual(r.status_code, 200)
--- a/api/tacticalrmm/accounts/urls.py
+++ b/api/tacticalrmm/accounts/urls.py
@@ -1,4 +1,5 @@
 from django.urls import path
 from . import views
 urlpatterns = [
@@ -8,4 +9,9 @@ urlpatterns = [
    path("users/reset_totp/", views.UserActions.as_view()),
    path("users/setup_totp/", views.TOTPSetup.as_view()),
    path("users/ui/", views.UserUI.as_view()),
    path("permslist/", views.PermsList.as_view()),
    path("roles/", views.GetAddRoles.as_view()),
    path("<int:pk>/role/", views.GetUpdateDeleteRole.as_view()),
    path("apikeys/", views.GetAddAPIKeys.as_view()),
    path("apikeys/<int:pk>/", views.GetUpdateDeleteAPIKey.as_view()),
 ]
--- a/api/tacticalrmm/accounts/views.py
+++ b/api/tacticalrmm/accounts/views.py
@@ -1,23 +1,35 @@
 import pyotp
 from django.contrib.auth import login
 from django.conf import settings
-from django.shortcuts import get_object_or_404
+from django.contrib.auth import login
 from django.db import IntegrityError
-
+from django.shortcuts import get_object_or_404
-from rest_framework.views import APIView
+from ipware import get_client_ip
 from rest_framework.authtoken.serializers import AuthTokenSerializer
 from knox.views import LoginView as KnoxLoginView
 from rest_framework.permissions import AllowAny
 from rest_framework.response import Response
 from rest_framework import status
 from .models import User
 from agents.models import Agent
 from logs.models import AuditLog
 from rest_framework import status
 from rest_framework.authtoken.serializers import AuthTokenSerializer
 from rest_framework.permissions import AllowAny, IsAuthenticated
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from tacticalrmm.utils import notify_error
-from .serializers import UserSerializer, TOTPSetupSerializer
+from .models import APIKey, Role, User
 from .permissions import APIKeyPerms, AccountsPerms, RolesPerms
 from .serializers import (
    APIKeySerializer,
    RoleSerializer,
    TOTPSetupSerializer,
    UserSerializer,
    UserUISerializer,
 )
 def _is_root_user(request, user) -> bool:
    return (
        hasattr(settings, "ROOT_USER")
        and request.user != user
        and user.username == settings.ROOT_USER
    )
 class CheckCreds(KnoxLoginView):
@@ -29,11 +41,16 @@ class CheckCreds(KnoxLoginView):
        # check credentials
        serializer = AuthTokenSerializer(data=request.data)
        if not serializer.is_valid():
-            AuditLog.audit_user_failed_login(request.data["username"])
+            AuditLog.audit_user_failed_login(
                request.data["username"], debug_info={"ip": request._client_ip}
            )
            return Response("bad credentials", status=status.HTTP_400_BAD_REQUEST)
        user = serializer.validated_data["user"]
        if user.block_dashboard_login:
            return Response("bad credentials", status=status.HTTP_400_BAD_REQUEST)
        # if totp token not set modify response to notify frontend
        if not user.totp_key:
            login(request, user)
@@ -60,28 +77,47 @@ class LoginView(KnoxLoginView):
        if settings.DEBUG and token == "sekret":
            valid = True
-        elif totp.verify(token, valid_window=1):
+        elif totp.verify(token, valid_window=10):
            valid = True
        if valid:
            login(request, user)
-            AuditLog.audit_user_login_successful(request.data["username"])
+
            # save ip information
            client_ip, is_routable = get_client_ip(request)
            user.last_login_ip = client_ip
            user.save()
            AuditLog.audit_user_login_successful(
                request.data["username"], debug_info={"ip": request._client_ip}
            )
            return super(LoginView, self).post(request, format=None)
        else:
-            AuditLog.audit_user_failed_twofactor(request.data["username"])
+            AuditLog.audit_user_failed_twofactor(
                request.data["username"], debug_info={"ip": request._client_ip}
            )
            return Response("bad credentials", status=status.HTTP_400_BAD_REQUEST)
 class GetAddUsers(APIView):
    permission_classes = [IsAuthenticated, AccountsPerms]
    def get(self, request):
-        users = User.objects.filter(agent=None)
+        search = request.GET.get("search", None)
        if search:
            users = User.objects.filter(agent=None, is_installer_user=False).filter(
                username__icontains=search
            )
        else:
            users = User.objects.filter(agent=None, is_installer_user=False)
        return Response(UserSerializer(users, many=True).data)
    def post(self, request):
        # add new user
        try:
-            user = User.objects.create_user(
+            user = User.objects.create_user(  # type: ignore
                request.data["username"],
                request.data["email"],
                request.data["password"],
@@ -91,15 +127,21 @@ class GetAddUsers(APIView):
                f"ERROR: User {request.data['username']} already exists!"
            )
-        user.first_name = request.data["first_name"]
+        if "first_name" in request.data.keys():
-        user.last_name = request.data["last_name"]
+            user.first_name = request.data["first_name"]
-        # Can be changed once permissions and groups are introduced
+        if "last_name" in request.data.keys():
-        user.is_superuser = True
+            user.last_name = request.data["last_name"]
        if "role" in request.data.keys() and isinstance(request.data["role"], int):
            role = get_object_or_404(Role, pk=request.data["role"])
            user.role = role
        user.save()
        return Response(user.username)
 class GetUpdateDeleteUser(APIView):
    permission_classes = [IsAuthenticated, AccountsPerms]
    def get(self, request, pk):
        user = get_object_or_404(User, pk=pk)
@@ -108,6 +150,9 @@ class GetUpdateDeleteUser(APIView):
    def put(self, request, pk):
        user = get_object_or_404(User, pk=pk)
        if _is_root_user(request, user):
            return notify_error("The root user cannot be modified from the UI")
        serializer = UserSerializer(instance=user, data=request.data, partial=True)
        serializer.is_valid(raise_exception=True)
        serializer.save()
@@ -115,17 +160,23 @@ class GetUpdateDeleteUser(APIView):
        return Response("ok")
    def delete(self, request, pk):
-        get_object_or_404(User, pk=pk).delete()
+        user = get_object_or_404(User, pk=pk)
        if _is_root_user(request, user):
            return notify_error("The root user cannot be deleted from the UI")
        user.delete()
        return Response("ok")
 class UserActions(APIView):
-
+    permission_classes = [IsAuthenticated, AccountsPerms]
    # reset password
    def post(self, request):
        user = get_object_or_404(User, pk=request.data["id"])
        if _is_root_user(request, user):
            return notify_error("The root user cannot be modified from the UI")
        user.set_password(request.data["password"])
        user.save()
@@ -133,8 +184,10 @@ class UserActions(APIView):
    # reset two factor token
    def put(self, request):
        user = get_object_or_404(User, pk=request.data["id"])
        if _is_root_user(request, user):
            return notify_error("The root user cannot be modified from the UI")
        user.totp_key = ""
        user.save()
@@ -160,7 +213,93 @@ class TOTPSetup(APIView):
 class UserUI(APIView):
    def patch(self, request):
-        user = request.user
+        serializer = UserUISerializer(
-        user.dark_mode = request.data["dark_mode"]
+            instance=request.user, data=request.data, partial=True
-        user.save(update_fields=["dark_mode"])
+        )
-        return Response("ok")
+        serializer.is_valid(raise_exception=True)
        serializer.save()
        return Response("ok")
 class PermsList(APIView):
    def get(self, request):
        return Response(Role.perms())
 class GetAddRoles(APIView):
    permission_classes = [IsAuthenticated, RolesPerms]
    def get(self, request):
        roles = Role.objects.all()
        return Response(RoleSerializer(roles, many=True).data)
    def post(self, request):
        serializer = RoleSerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        return Response("ok")
 class GetUpdateDeleteRole(APIView):
    permission_classes = [IsAuthenticated, RolesPerms]
    def get(self, request, pk):
        role = get_object_or_404(Role, pk=pk)
        return Response(RoleSerializer(role).data)
    def put(self, request, pk):
        role = get_object_or_404(Role, pk=pk)
        serializer = RoleSerializer(instance=role, data=request.data)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        return Response("ok")
    def delete(self, request, pk):
        role = get_object_or_404(Role, pk=pk)
        role.delete()
        return Response("ok")
 class GetAddAPIKeys(APIView):
    permission_classes = [IsAuthenticated, APIKeyPerms]
    def get(self, request):
        apikeys = APIKey.objects.all()
        return Response(APIKeySerializer(apikeys, many=True).data)
    def post(self, request):
        # generate a random API Key
        # https://stackoverflow.com/questions/2257441/random-string-generation-with-upper-case-letters-and-digits/23728630#23728630
        import random
        import string
        request.data["key"] = "".join(
            random.SystemRandom().choice(string.ascii_uppercase + string.digits)
            for _ in range(32)
        )
        serializer = APIKeySerializer(data=request.data)
        serializer.is_valid(raise_exception=True)
        obj = serializer.save()
        return Response("The API Key was added")
 class GetUpdateDeleteAPIKey(APIView):
    permission_classes = [IsAuthenticated, APIKeyPerms]
    def put(self, request, pk):
        apikey = get_object_or_404(APIKey, pk=pk)
        # remove API key is present in request data
        if "key" in request.data.keys():
            request.data.pop("key")
        serializer = APIKeySerializer(instance=apikey, data=request.data, partial=True)
        serializer.is_valid(raise_exception=True)
        serializer.save()
        return Response("The API Key was edited")
    def delete(self, request, pk):
        apikey = get_object_or_404(APIKey, pk=pk)
        apikey.delete()
        return Response("The API Key was deleted")
--- a/api/tacticalrmm/agents/admin.py
+++ b/api/tacticalrmm/agents/admin.py
@@ -1,8 +1,9 @@
 from django.contrib import admin
-from .models import Agent, AgentOutage, RecoveryAction, Note
+from .models import Agent, AgentCustomField, Note, RecoveryAction, AgentHistory
 admin.site.register(Agent)
 admin.site.register(AgentOutage)
 admin.site.register(RecoveryAction)
 admin.site.register(Note)
 admin.site.register(AgentCustomField)
 admin.site.register(AgentHistory)
--- a/api/tacticalrmm/agents/baker_recipes.py
+++ b/api/tacticalrmm/agents/baker_recipes.py
@@ -1,14 +1,12 @@
 import json
 import os
 import random
 import string
 import os
 import json
 from model_bakery.recipe import Recipe, seq
 from itertools import cycle
 from django.utils import timezone as djangotime
 from django.conf import settings
-from .models import Agent
+from django.conf import settings
 from django.utils import timezone as djangotime
 from model_bakery.recipe import Recipe, foreign_key, seq
 def generate_agent_id(hostname):
@@ -16,6 +14,9 @@ def generate_agent_id(hostname):
    return f"{rand}-{hostname}"
 site = Recipe("clients.Site")
 def get_wmi_data():
    with open(
        os.path.join(settings.BASE_DIR, "tacticalrmm/test_data/wmi_python_agent.json")
@@ -24,12 +25,12 @@ def get_wmi_data():
 agent = Recipe(
-    Agent,
+    "agents.Agent",
    site=foreign_key(site),
    hostname="DESKTOP-TEST123",
-    version="1.1.1",
+    version="1.3.0",
    monitoring_type=cycle(["workstation", "server"]),
-    salt_id=generate_agent_id("DESKTOP-TEST123"),
+    agent_id=seq("asdkj3h4234-1234hg3h4g34-234jjh34|DESKTOP-TEST123"),
    agent_id="71AHC-AA813-HH1BC-AAHH5-00013|DESKTOP-TEST123",
 )
 server_agent = agent.extend(
@@ -42,8 +43,12 @@ workstation_agent = agent.extend(
 online_agent = agent.extend(last_seen=djangotime.now())
 offline_agent = agent.extend(
    last_seen=djangotime.now() - djangotime.timedelta(minutes=7)
 )
 overdue_agent = agent.extend(
-    last_seen=djangotime.now() - djangotime.timedelta(minutes=6)
+    last_seen=djangotime.now() - djangotime.timedelta(minutes=35)
 )
 agent_with_services = agent.extend(
--- a/api/tacticalrmm/agents/management/commands/bulk_change_checkin.py
+++ b/api/tacticalrmm/agents/management/commands/bulk_change_checkin.py
@@ -0,0 +1,93 @@
 from django.core.management.base import BaseCommand
 from agents.models import Agent
 from clients.models import Client, Site
 class Command(BaseCommand):
    help = "Bulk update agent offline/overdue time"
    def add_arguments(self, parser):
        parser.add_argument("time", type=int, help="Time in minutes")
        parser.add_argument(
            "--client",
            type=str,
            help="Client Name",
        )
        parser.add_argument(
            "--site",
            type=str,
            help="Site Name",
        )
        parser.add_argument(
            "--offline",
            action="store_true",
            help="Offline",
        )
        parser.add_argument(
            "--overdue",
            action="store_true",
            help="Overdue",
        )
        parser.add_argument(
            "--all",
            action="store_true",
            help="All agents",
        )
    def handle(self, *args, **kwargs):
        time = kwargs["time"]
        client_name = kwargs["client"]
        site_name = kwargs["site"]
        all_agents = kwargs["all"]
        offline = kwargs["offline"]
        overdue = kwargs["overdue"]
        agents = None
        if offline and time < 2:
            self.stdout.write(self.style.ERROR("Minimum offline time is 2 minutes"))
            return
        if overdue and time < 3:
            self.stdout.write(self.style.ERROR("Minimum overdue time is 3 minutes"))
            return
        if client_name:
            try:
                client = Client.objects.get(name=client_name)
            except Client.DoesNotExist:
                self.stdout.write(
                    self.style.ERROR(f"Client {client_name} doesn't exist")
                )
                return
            agents = Agent.objects.filter(site__client=client)
        elif site_name:
            try:
                site = Site.objects.get(name=site_name)
            except Site.DoesNotExist:
                self.stdout.write(self.style.ERROR(f"Site {site_name} doesn't exist"))
                return
            agents = Agent.objects.filter(site=site)
        elif all_agents:
            agents = Agent.objects.all()
        if agents:
            if offline:
                agents.update(offline_time=time)
                self.stdout.write(
                    self.style.SUCCESS(
                        f"Changed offline time on {len(agents)} agents to {time} minutes"
                    )
                )
            if overdue:
                agents.update(overdue_time=time)
                self.stdout.write(
                    self.style.SUCCESS(
                        f"Changed overdue time on {len(agents)} agents to {time} minutes"
                    )
                )
--- a/api/tacticalrmm/agents/management/commands/show_outdated_agents.py
+++ b/api/tacticalrmm/agents/management/commands/show_outdated_agents.py
@@ -0,0 +1,18 @@
 from django.conf import settings
 from django.core.management.base import BaseCommand
 from agents.models import Agent
 class Command(BaseCommand):
    help = "Shows online agents that are not on the latest version"
    def handle(self, *args, **kwargs):
        q = Agent.objects.exclude(version=settings.LATEST_AGENT_VER).only(
            "pk", "version", "last_seen", "overdue_time", "offline_time"
        )
        agents = [i for i in q if i.status == "online"]
        for agent in agents:
            self.stdout.write(
                self.style.SUCCESS(f"{agent.hostname} - v{agent.version}")
            )
--- a/api/tacticalrmm/agents/migrations/0001_initial.py
+++ b/api/tacticalrmm/agents/migrations/0001_initial.py
@@ -1,8 +1,8 @@
 # Generated by Django 3.0.6 on 2020-05-31 01:23
 import django.contrib.postgres.fields.jsonb
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
--- a/api/tacticalrmm/agents/migrations/0005_agent_policy.py
+++ b/api/tacticalrmm/agents/migrations/0005_agent_policy.py
@@ -1,7 +1,7 @@
 # Generated by Django 3.0.7 on 2020-06-09 16:07
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
--- a/api/tacticalrmm/agents/migrations/0011_recoveryaction.py
+++ b/api/tacticalrmm/agents/migrations/0011_recoveryaction.py
@@ -1,7 +1,7 @@
 # Generated by Django 3.0.8 on 2020-08-09 05:31
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
--- a/api/tacticalrmm/agents/migrations/0015_note.py
+++ b/api/tacticalrmm/agents/migrations/0015_note.py
@@ -1,8 +1,8 @@
 # Generated by Django 3.1.1 on 2020-09-22 20:57
 import django.db.models.deletion
 from django.conf import settings
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
--- a/api/tacticalrmm/agents/migrations/0021_agent_site_link.py
+++ b/api/tacticalrmm/agents/migrations/0021_agent_site_link.py
@@ -1,20 +1,26 @@
 # Generated by Django 3.1.2 on 2020-11-01 22:53
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('clients', '0006_deployment'),
+        ("clients", "0006_deployment"),
-        ('agents', '0020_auto_20201025_2129'),
+        ("agents", "0020_auto_20201025_2129"),
    ]
    operations = [
        migrations.AddField(
-            model_name='agent',
+            model_name="agent",
-            name='site_link',
+            name="site_link",
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='agents', to='clients.site'),
+            field=models.ForeignKey(
                blank=True,
                null=True,
                on_delete=django.db.models.deletion.SET_NULL,
                related_name="agents",
                to="clients.site",
            ),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0023_auto_20201101_2312.py
+++ b/api/tacticalrmm/agents/migrations/0023_auto_20201101_2312.py
@@ -6,16 +6,16 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
-        ('agents', '0022_update_site_primary_key'),
+        ("agents", "0022_update_site_primary_key"),
    ]
    operations = [
        migrations.RemoveField(
-            model_name='agent',
+            model_name="agent",
-            name='client',
+            name="client",
        ),
        migrations.RemoveField(
-            model_name='agent',
+            model_name="agent",
-            name='site',
+            name="site",
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0024_auto_20201101_2319.py
+++ b/api/tacticalrmm/agents/migrations/0024_auto_20201101_2319.py
@@ -6,13 +6,13 @@ from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
-        ('agents', '0023_auto_20201101_2312'),
+        ("agents", "0023_auto_20201101_2312"),
    ]
    operations = [
        migrations.RenameField(
-            model_name='agent',
+            model_name="agent",
-            old_name='site_link',
+            old_name="site_link",
-            new_name='site',
+            new_name="site",
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0025_auto_20201122_0407.py
+++ b/api/tacticalrmm/agents/migrations/0025_auto_20201122_0407.py
@@ -6,13 +6,22 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('agents', '0024_auto_20201101_2319'),
+        ("agents", "0024_auto_20201101_2319"),
    ]
    operations = [
        migrations.AlterField(
-            model_name='recoveryaction',
+            model_name="recoveryaction",
-            name='mode',
+            name="mode",
-            field=models.CharField(choices=[('salt', 'Salt'), ('mesh', 'Mesh'), ('command', 'Command'), ('rpc', 'Nats RPC')], default='mesh', max_length=50),
+            field=models.CharField(
                choices=[
                    ("salt", "Salt"),
                    ("mesh", "Mesh"),
                    ("command", "Command"),
                    ("rpc", "Nats RPC"),
                ],
                default="mesh",
                max_length=50,
            ),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0026_auto_20201125_2334.py
+++ b/api/tacticalrmm/agents/migrations/0026_auto_20201125_2334.py
@@ -6,13 +6,23 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('agents', '0025_auto_20201122_0407'),
+        ("agents", "0025_auto_20201122_0407"),
    ]
    operations = [
        migrations.AlterField(
-            model_name='recoveryaction',
+            model_name="recoveryaction",
-            name='mode',
+            name="mode",
-            field=models.CharField(choices=[('salt', 'Salt'), ('mesh', 'Mesh'), ('command', 'Command'), ('rpc', 'Nats RPC'), ('checkrunner', 'Checkrunner')], default='mesh', max_length=50),
+            field=models.CharField(
                choices=[
                    ("salt", "Salt"),
                    ("mesh", "Mesh"),
                    ("command", "Command"),
                    ("rpc", "Nats RPC"),
                    ("checkrunner", "Checkrunner"),
                ],
                default="mesh",
                max_length=50,
            ),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0027_agent_overdue_dashboard_alert.py
+++ b/api/tacticalrmm/agents/migrations/0027_agent_overdue_dashboard_alert.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.4 on 2021-01-29 21:11
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0026_auto_20201125_2334'),
    ]
    operations = [
        migrations.AddField(
            model_name='agent',
            name='overdue_dashboard_alert',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0028_auto_20210206_1534.py
+++ b/api/tacticalrmm/agents/migrations/0028_auto_20210206_1534.py
@@ -0,0 +1,23 @@
 # Generated by Django 3.1.4 on 2021-02-06 15:34
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0027_agent_overdue_dashboard_alert'),
    ]
    operations = [
        migrations.AddField(
            model_name='agentoutage',
            name='outage_email_sent_time',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='agentoutage',
            name='outage_sms_sent_time',
            field=models.DateTimeField(blank=True, null=True),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0029_delete_agentoutage.py
+++ b/api/tacticalrmm/agents/migrations/0029_delete_agentoutage.py
@@ -0,0 +1,16 @@
 # Generated by Django 3.1.4 on 2021-02-10 21:56
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0028_auto_20210206_1534'),
    ]
    operations = [
        migrations.DeleteModel(
            name='AgentOutage',
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0030_agent_offline_time.py
+++ b/api/tacticalrmm/agents/migrations/0030_agent_offline_time.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.6 on 2021-02-16 08:50
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0029_delete_agentoutage'),
    ]
    operations = [
        migrations.AddField(
            model_name='agent',
            name='offline_time',
            field=models.PositiveIntegerField(default=4),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0031_agent_alert_template.py
+++ b/api/tacticalrmm/agents/migrations/0031_agent_alert_template.py
@@ -0,0 +1,20 @@
 # Generated by Django 3.1.7 on 2021-03-04 03:57
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('alerts', '0006_auto_20210217_1736'),
        ('agents', '0030_agent_offline_time'),
    ]
    operations = [
        migrations.AddField(
            model_name='agent',
            name='alert_template',
            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='agents', to='alerts.alerttemplate'),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0032_agentcustomfield.py
+++ b/api/tacticalrmm/agents/migrations/0032_agentcustomfield.py
@@ -0,0 +1,24 @@
 # Generated by Django 3.1.7 on 2021-03-17 14:45
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('core', '0014_customfield'),
        ('agents', '0031_agent_alert_template'),
    ]
    operations = [
        migrations.CreateModel(
            name='AgentCustomField',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('value', models.TextField(blank=True, null=True)),
                ('agent', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='custom_fields', to='agents.agent')),
                ('field', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='agent_fields', to='core.customfield')),
            ],
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0033_agentcustomfield_multiple_value.py
+++ b/api/tacticalrmm/agents/migrations/0033_agentcustomfield_multiple_value.py
@@ -0,0 +1,19 @@
 # Generated by Django 3.1.7 on 2021-03-29 02:51
 import django.contrib.postgres.fields
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0032_agentcustomfield'),
    ]
    operations = [
        migrations.AddField(
            model_name='agentcustomfield',
            name='multiple_value',
            field=django.contrib.postgres.fields.ArrayField(base_field=models.TextField(blank=True, null=True), blank=True, default=list, null=True, size=None),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0034_agentcustomfield_checkbox_value.py
+++ b/api/tacticalrmm/agents/migrations/0034_agentcustomfield_checkbox_value.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.7 on 2021-03-29 03:01
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0033_agentcustomfield_multiple_value'),
    ]
    operations = [
        migrations.AddField(
            model_name='agentcustomfield',
            name='checkbox_value',
            field=models.BooleanField(blank=True, default=False),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0035_auto_20210329_1709.py
+++ b/api/tacticalrmm/agents/migrations/0035_auto_20210329_1709.py
@@ -0,0 +1,23 @@
 # Generated by Django 3.1.7 on 2021-03-29 17:09
 from django.db import migrations
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0034_agentcustomfield_checkbox_value'),
    ]
    operations = [
        migrations.RenameField(
            model_name='agentcustomfield',
            old_name='checkbox_value',
            new_name='bool_value',
        ),
        migrations.RenameField(
            model_name='agentcustomfield',
            old_name='value',
            new_name='string_value',
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0036_agent_block_policy_inheritance.py
+++ b/api/tacticalrmm/agents/migrations/0036_agent_block_policy_inheritance.py
@@ -0,0 +1,18 @@
 # Generated by Django 3.1.7 on 2021-04-17 01:28
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0035_auto_20210329_1709'),
    ]
    operations = [
        migrations.AddField(
            model_name='agent',
            name='block_policy_inheritance',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0037_auto_20210627_0014.py
+++ b/api/tacticalrmm/agents/migrations/0037_auto_20210627_0014.py
@@ -0,0 +1,23 @@
 # Generated by Django 3.2.4 on 2021-06-27 00:14
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0036_agent_block_policy_inheritance'),
    ]
    operations = [
        migrations.AddField(
            model_name='agent',
            name='has_patches_pending',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='agent',
            name='pending_actions_count',
            field=models.PositiveIntegerField(default=0),
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0038_agenthistory.py
+++ b/api/tacticalrmm/agents/migrations/0038_agenthistory.py
@@ -0,0 +1,27 @@
 # Generated by Django 3.2.1 on 2021-07-06 02:01
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0037_auto_20210627_0014'),
    ]
    operations = [
        migrations.CreateModel(
            name='AgentHistory',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('time', models.DateTimeField(auto_now_add=True)),
                ('type', models.CharField(choices=[('task_run', 'Task Run'), ('script_run', 'Script Run'), ('cmd_run', 'CMD Run')], default='cmd_run', max_length=50)),
                ('command', models.TextField(blank=True, null=True)),
                ('status', models.CharField(choices=[('success', 'Success'), ('failure', 'Failure')], default='success', max_length=50)),
                ('username', models.CharField(default='system', max_length=50)),
                ('results', models.TextField(blank=True, null=True)),
                ('agent', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='history', to='agents.agent')),
            ],
        ),
    ]
--- a/api/tacticalrmm/agents/migrations/0039_auto_20210714_0738.py
+++ b/api/tacticalrmm/agents/migrations/0039_auto_20210714_0738.py
@@ -0,0 +1,25 @@
 # Generated by Django 3.2.5 on 2021-07-14 07:38
 from django.db import migrations, models
 import django.db.models.deletion
 class Migration(migrations.Migration):
    dependencies = [
        ('scripts', '0008_script_guid'),
        ('agents', '0038_agenthistory'),
    ]
    operations = [
        migrations.AddField(
            model_name='agenthistory',
            name='script',
            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='history', to='scripts.script'),
        ),
        migrations.AddField(
            model_name='agenthistory',
            name='script_results',
            field=models.JSONField(blank=True, null=True),
        ),
    ]
--- a/api/tacticalrmm/agents/models.py
+++ b/api/tacticalrmm/agents/models.py
--- a/api/tacticalrmm/agents/permissions.py
+++ b/api/tacticalrmm/agents/permissions.py
@@ -0,0 +1,63 @@
 from rest_framework import permissions
 from tacticalrmm.permissions import _has_perm
 class MeshPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_use_mesh")
 class UninstallPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_uninstall_agents")
 class UpdateAgentPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_update_agents")
 class EditAgentPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_edit_agent")
 class ManageProcPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_manage_procs")
 class EvtLogPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_view_eventlogs")
 class SendCMDPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_send_cmd")
 class RebootAgentPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_reboot_agents")
 class InstallAgentPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_install_agents")
 class RunScriptPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_run_scripts")
 class ManageNotesPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_manage_notes")
 class RunBulkPerms(permissions.BasePermission):
    def has_permission(self, r, view):
        return _has_perm(r, "can_run_bulk")
--- a/api/tacticalrmm/agents/serializers.py
+++ b/api/tacticalrmm/agents/serializers.py
@@ -1,23 +1,21 @@
 import pytz
 from rest_framework import serializers
 from rest_framework.fields import ReadOnlyField
 from .models import Agent, Note
 from winupdate.serializers import WinUpdatePolicySerializer
 from clients.serializers import ClientSerializer
 from rest_framework import serializers
 from tacticalrmm.utils import get_default_timezone
 from winupdate.serializers import WinUpdatePolicySerializer
 from .models import Agent, AgentCustomField, Note, AgentHistory
 class AgentSerializer(serializers.ModelSerializer):
    # for vue
    patches_pending = serializers.ReadOnlyField(source="has_patches_pending")
    winupdatepolicy = WinUpdatePolicySerializer(many=True, read_only=True)
    status = serializers.ReadOnlyField()
    cpu_model = serializers.ReadOnlyField()
    local_ips = serializers.ReadOnlyField()
    make_model = serializers.ReadOnlyField()
    physical_disks = serializers.ReadOnlyField()
    graphics = serializers.ReadOnlyField()
    checks = serializers.ReadOnlyField()
    timezone = serializers.ReadOnlyField()
    all_timezones = serializers.SerializerMethodField()
@@ -34,30 +32,64 @@ class AgentSerializer(serializers.ModelSerializer):
        ]
 class AgentOverdueActionSerializer(serializers.ModelSerializer):
    class Meta:
        model = Agent
        fields = [
            "pk",
            "overdue_email_alert",
            "overdue_text_alert",
            "overdue_dashboard_alert",
        ]
 class AgentTableSerializer(serializers.ModelSerializer):
    patches_pending = serializers.ReadOnlyField(source="has_patches_pending")
    pending_actions = serializers.SerializerMethodField()
    status = serializers.ReadOnlyField()
    checks = serializers.ReadOnlyField()
    last_seen = serializers.SerializerMethodField()
    client_name = serializers.ReadOnlyField(source="client.name")
    site_name = serializers.ReadOnlyField(source="site.name")
    logged_username = serializers.SerializerMethodField()
    italic = serializers.SerializerMethodField()
    policy = serializers.ReadOnlyField(source="policy.id")
    alert_template = serializers.SerializerMethodField()
-    def get_pending_actions(self, obj):
+    def get_alert_template(self, obj):
        return obj.pendingactions.filter(status="pending").count()
-    def get_last_seen(self, obj):
+        if not obj.alert_template:
            return None
        else:
            return {
                "name": obj.alert_template.name,
                "always_email": obj.alert_template.agent_always_email,
                "always_text": obj.alert_template.agent_always_text,
                "always_alert": obj.alert_template.agent_always_alert,
            }
    def get_last_seen(self, obj) -> str:
        if obj.time_zone is not None:
            agent_tz = pytz.timezone(obj.time_zone)
        else:
            agent_tz = self.context["default_tz"]
-        return obj.last_seen.astimezone(agent_tz).strftime("%m %d %Y %H:%M:%S")
+        return obj.last_seen.astimezone(agent_tz).strftime("%m %d %Y %H:%M")
    def get_logged_username(self, obj) -> str:
        if obj.logged_in_username == "None" and obj.status == "online":
            return obj.last_logged_in_user
        elif obj.logged_in_username != "None":
            return obj.logged_in_username
        else:
            return "-"
    def get_italic(self, obj) -> bool:
        return obj.logged_in_username == "None" and obj.status == "online"
    class Meta:
        model = Agent
        fields = [
            "id",
            "alert_template",
            "hostname",
            "agent_id",
            "site_name",
@@ -65,25 +97,48 @@ class AgentTableSerializer(serializers.ModelSerializer):
            "monitoring_type",
            "description",
            "needs_reboot",
-            "patches_pending",
+            "has_patches_pending",
-            "pending_actions",
+            "pending_actions_count",
            "status",
            "overdue_text_alert",
            "overdue_email_alert",
            "overdue_dashboard_alert",
            "last_seen",
            "boot_time",
            "checks",
            "logged_in_username",
            "last_logged_in_user",
            "maintenance_mode",
            "logged_username",
            "italic",
            "policy",
            "block_policy_inheritance",
        ]
        depth = 2
 class AgentCustomFieldSerializer(serializers.ModelSerializer):
    class Meta:
        model = AgentCustomField
        fields = (
            "id",
            "field",
            "agent",
            "value",
            "string_value",
            "bool_value",
            "multiple_value",
        )
        extra_kwargs = {
            "string_value": {"write_only": True},
            "bool_value": {"write_only": True},
            "multiple_value": {"write_only": True},
        }
 class AgentEditSerializer(serializers.ModelSerializer):
    winupdatepolicy = WinUpdatePolicySerializer(many=True, read_only=True)
    all_timezones = serializers.SerializerMethodField()
    client = ClientSerializer(read_only=True)
    custom_fields = AgentCustomFieldSerializer(many=True, read_only=True)
    def get_all_timezones(self, obj):
        return pytz.all_timezones
@@ -101,19 +156,18 @@ class AgentEditSerializer(serializers.ModelSerializer):
            "timezone",
            "check_interval",
            "overdue_time",
            "offline_time",
            "overdue_text_alert",
            "overdue_email_alert",
            "overdue_dashboard_alert",
            "all_timezones",
            "winupdatepolicy",
            "policy",
            "custom_fields",
        ]
 class WinAgentSerializer(serializers.ModelSerializer):
    # for the windows agent
    patches_pending = serializers.ReadOnlyField(source="has_patches_pending")
    winupdatepolicy = WinUpdatePolicySerializer(many=True, read_only=True)
    status = serializers.ReadOnlyField()
    class Meta:
        model = Agent
        fields = "__all__"
@@ -147,3 +201,22 @@ class NotesSerializer(serializers.ModelSerializer):
    class Meta:
        model = Agent
        fields = ["hostname", "pk", "notes"]
 class AgentHistorySerializer(serializers.ModelSerializer):
    time = serializers.SerializerMethodField(read_only=True)
    script_name = serializers.ReadOnlyField(source="script.name")
    class Meta:
        model = AgentHistory
        fields = "__all__"
    def get_time(self, history):
        timezone = get_default_timezone()
        return history.time.astimezone(timezone).strftime("%m %d %Y %H:%M:%S")
 class AgentAuditSerializer(serializers.ModelSerializer):
    class Meta:
        model = Agent
        exclude = ["disks", "services", "wmi_detail"]
--- a/api/tacticalrmm/agents/tasks.py
+++ b/api/tacticalrmm/agents/tasks.py
@@ -1,293 +1,393 @@
-from loguru import logger
+import asyncio
-from time import sleep
+import datetime as dt
 import random
-import requests
+import urllib.parse
-from packaging import version as pyver
+from time import sleep
 from typing import Union
 from alerts.models import Alert
 from core.models import CodeSignToken, CoreSettings
 from django.conf import settings
-
+from django.utils import timezone as djangotime
 from logs.models import DebugLog, PendingAction
 from packaging import version as pyver
 from scripts.models import Script
 from tacticalrmm.celery import app
-from agents.models import Agent, AgentOutage
+from tacticalrmm.utils import run_nats_api_cmd
 from core.models import CoreSettings
 from logs.models import PendingAction
-logger.configure(**settings.LOG_CONFIG)
+from agents.models import Agent
-OLD_64_PY_AGENT = "https://github.com/wh1te909/winagent/releases/download/v0.11.2/winagent-v0.11.2.exe"
+
-OLD_32_PY_AGENT = "https://github.com/wh1te909/winagent/releases/download/v0.11.2/winagent-v0.11.2-x86.exe"
+def agent_update(pk: int, codesigntoken: str = None, force: bool = False) -> str:
    from agents.utils import get_exegen_url
    agent = Agent.objects.get(pk=pk)
    if pyver.parse(agent.version) <= pyver.parse("1.3.0"):
        return "not supported"
    # skip if we can't determine the arch
    if agent.arch is None:
        DebugLog.warning(
            agent=agent,
            log_type="agent_issues",
            message=f"Unable to determine arch on {agent.hostname}({agent.pk}). Skipping agent update.",
        )
        return "noarch"
    version = settings.LATEST_AGENT_VER
    inno = agent.win_inno_exe
    if codesigntoken is not None and pyver.parse(version) >= pyver.parse("1.5.0"):
        base_url = get_exegen_url() + "/api/v1/winagents/?"
        params = {"version": version, "arch": agent.arch, "token": codesigntoken}
        url = base_url + urllib.parse.urlencode(params)
    else:
        url = agent.winagent_dl
    if not force:
        if agent.pendingactions.filter(
            action_type="agentupdate", status="pending"
        ).exists():
            agent.pendingactions.filter(
                action_type="agentupdate", status="pending"
            ).delete()
        PendingAction.objects.create(
            agent=agent,
            action_type="agentupdate",
            details={
                "url": url,
                "version": version,
                "inno": inno,
            },
        )
    nats_data = {
        "func": "agentupdate",
        "payload": {
            "url": url,
            "version": version,
            "inno": inno,
        },
    }
    asyncio.run(agent.nats_cmd(nats_data, wait=False))
    return "created"
@app.task
-def send_agent_update_task(pks, version):
+def force_code_sign(pks: list[int]) -> None:
-    assert isinstance(pks, list)
+    try:
-
+        token = CodeSignToken.objects.first().token  # type:ignore
-    q = Agent.objects.filter(pk__in=pks)
+    except:
    agents = [i.pk for i in q if pyver.parse(i.version) < pyver.parse(version)]
    chunks = (agents[i : i + 30] for i in range(0, len(agents), 30))
    for chunk in chunks:
        for pk in chunk:
            agent = Agent.objects.get(pk=pk)
            # skip if we can't determine the arch
            if agent.arch is None:
                logger.warning(
                    f"Unable to determine arch on {agent.salt_id}. Skipping."
                )
                continue
            # golang agent only backwards compatible with py agent 0.11.2
            # force an upgrade to the latest python agent if version < 0.11.2
            if pyver.parse(agent.version) < pyver.parse("0.11.2"):
                url = OLD_64_PY_AGENT if agent.arch == "64" else OLD_32_PY_AGENT
                inno = (
                    "winagent-v0.11.2.exe"
                    if agent.arch == "64"
                    else "winagent-v0.11.2-x86.exe"
                )
            else:
                url = agent.winagent_dl
                inno = agent.win_inno_exe
            if agent.has_nats:
                if agent.pendingactions.filter(
                    action_type="agentupdate", status="pending"
                ).exists():
                    continue
                PendingAction.objects.create(
                    agent=agent,
                    action_type="agentupdate",
                    details={
                        "url": agent.winagent_dl,
                        "version": settings.LATEST_AGENT_VER,
                        "inno": agent.win_inno_exe,
                    },
                )
            # TODO
            # Salt is deprecated, remove this once salt is gone
            else:
                r = agent.salt_api_async(
                    func="win_agent.do_agent_update_v2",
                    kwargs={
                        "inno": inno,
                        "url": url,
                    },
                )
        sleep(5)
@app.task
 def auto_self_agent_update_task():
    core = CoreSettings.objects.first()
    if not core.agent_auto_update:
        logger.info("Agent auto update is disabled. Skipping.")
        return
    chunks = (pks[i : i + 50] for i in range(0, len(pks), 50))
    for chunk in chunks:
        for pk in chunk:
            agent_update(pk=pk, codesigntoken=token, force=True)
            sleep(0.05)
        sleep(4)
@app.task
 def send_agent_update_task(pks: list[int]) -> None:
    try:
        codesigntoken = CodeSignToken.objects.first().token  # type:ignore
    except:
        codesigntoken = None
    chunks = (pks[i : i + 30] for i in range(0, len(pks), 30))
    for chunk in chunks:
        for pk in chunk:
            agent_update(pk, codesigntoken)
            sleep(0.05)
        sleep(4)
@app.task
 def auto_self_agent_update_task() -> None:
    core = CoreSettings.objects.first()
    if not core.agent_auto_update:  # type:ignore
        return
    try:
        codesigntoken = CodeSignToken.objects.first().token  # type:ignore
    except:
        codesigntoken = None
    q = Agent.objects.only("pk", "version")
-    agents = [
+    pks: list[int] = [
        i.pk
        for i in q
        if pyver.parse(i.version) < pyver.parse(settings.LATEST_AGENT_VER)
    ]
-    chunks = (agents[i : i + 30] for i in range(0, len(agents), 30))
+    chunks = (pks[i : i + 30] for i in range(0, len(pks), 30))
    for chunk in chunks:
        for pk in chunk:
-            agent = Agent.objects.get(pk=pk)
+            agent_update(pk, codesigntoken)
-
+            sleep(0.05)
-            # skip if we can't determine the arch
+        sleep(4)
            if agent.arch is None:
                logger.warning(
                    f"Unable to determine arch on {agent.salt_id}. Skipping."
                )
                continue
            # golang agent only backwards compatible with py agent 0.11.2
            # force an upgrade to the latest python agent if version < 0.11.2
            if pyver.parse(agent.version) < pyver.parse("0.11.2"):
                url = OLD_64_PY_AGENT if agent.arch == "64" else OLD_32_PY_AGENT
                inno = (
                    "winagent-v0.11.2.exe"
                    if agent.arch == "64"
                    else "winagent-v0.11.2-x86.exe"
                )
            else:
                url = agent.winagent_dl
                inno = agent.win_inno_exe
            if agent.has_nats:
                if agent.pendingactions.filter(
                    action_type="agentupdate", status="pending"
                ).exists():
                    continue
                PendingAction.objects.create(
                    agent=agent,
                    action_type="agentupdate",
                    details={
                        "url": agent.winagent_dl,
                        "version": settings.LATEST_AGENT_VER,
                        "inno": agent.win_inno_exe,
                    },
                )
            # TODO
            # Salt is deprecated, remove this once salt is gone
            else:
                r = agent.salt_api_async(
                    func="win_agent.do_agent_update_v2",
                    kwargs={
                        "inno": inno,
                        "url": url,
                    },
                )
        sleep(5)
@app.task
-def sync_salt_modules_task(pk):
+def agent_outage_email_task(pk: int, alert_interval: Union[float, None] = None) -> str:
-    agent = Agent.objects.get(pk=pk)
+    from alerts.models import Alert
    r = agent.salt_api_cmd(timeout=35, func="saltutil.sync_modules")
    # successful sync if new/charnged files: {'return': [{'MINION-15': ['modules.get_eventlog', 'modules.win_agent', 'etc...']}]}
    # successful sync with no new/changed files: {'return': [{'MINION-15': []}]}
    if r == "timeout" or r == "error":
        return f"Unable to sync modules {agent.salt_id}"
-    return f"Successfully synced salt modules on {agent.hostname}"
+    alert = Alert.objects.get(pk=pk)
-
+    if not alert.email_sent:
-@app.task
+        sleep(random.randint(1, 15))
-def batch_sync_modules_task():
+        alert.agent.send_outage_email()
-    # sync modules, split into chunks of 50 agents to not overload salt
+        alert.email_sent = djangotime.now()
-    agents = Agent.objects.all()
+        alert.save(update_fields=["email_sent"])
    online = [i.salt_id for i in agents]
    chunks = (online[i : i + 50] for i in range(0, len(online), 50))
    for chunk in chunks:
        Agent.salt_batch_async(minions=chunk, func="saltutil.sync_modules")
        sleep(10)
@app.task
 def uninstall_agent_task(salt_id, has_nats):
    attempts = 0
    error = False
    if not has_nats:
        while 1:
            try:
                r = requests.post(
                    f"http://{settings.SALT_HOST}:8123/run",
                    json=[
                        {
                            "client": "local",
                            "tgt": salt_id,
                            "fun": "win_agent.uninstall_agent",
                            "timeout": 8,
                            "username": settings.SALT_USERNAME,
                            "password": settings.SALT_PASSWORD,
                            "eauth": "pam",
                        }
                    ],
                    timeout=10,
                )
                ret = r.json()["return"][0][salt_id]
            except Exception:
                attempts += 1
            else:
                if ret != "ok":
                    attempts += 1
                else:
                    attempts = 0
            if attempts >= 10:
                error = True
                break
            elif attempts == 0:
                break
    if error:
        logger.error(f"{salt_id} uninstall failed")
    else:
-        logger.info(f"{salt_id} was successfully uninstalled")
+        if alert_interval:
-
+            # send an email only if the last email sent is older than alert interval
-    try:
+            delta = djangotime.now() - dt.timedelta(days=alert_interval)
-        r = requests.post(
+            if alert.email_sent < delta:
-            f"http://{settings.SALT_HOST}:8123/run",
+                sleep(random.randint(1, 10))
-            json=[
+                alert.agent.send_outage_email()
-                {
+                alert.email_sent = djangotime.now()
-                    "client": "wheel",
+                alert.save(update_fields=["email_sent"])
                    "fun": "key.delete",
                    "match": salt_id,
                    "username": settings.SALT_USERNAME,
                    "password": settings.SALT_PASSWORD,
                    "eauth": "pam",
                }
            ],
            timeout=30,
        )
    except Exception:
        logger.error(f"{salt_id} unable to remove salt-key")
    return "ok"
@app.task
-def agent_outage_email_task(pk):
+def agent_recovery_email_task(pk: int) -> str:
    from alerts.models import Alert
    sleep(random.randint(1, 15))
-    outage = AgentOutage.objects.get(pk=pk)
+    alert = Alert.objects.get(pk=pk)
-    outage.send_outage_email()
+    alert.agent.send_recovery_email()
-    outage.outage_email_sent = True
+    alert.resolved_email_sent = djangotime.now()
-    outage.save(update_fields=["outage_email_sent"])
+    alert.save(update_fields=["resolved_email_sent"])
    return "ok"
@app.task
-def agent_recovery_email_task(pk):
+def agent_outage_sms_task(pk: int, alert_interval: Union[float, None] = None) -> str:
-    sleep(random.randint(1, 15))
+    from alerts.models import Alert
-    outage = AgentOutage.objects.get(pk=pk)
+
-    outage.send_recovery_email()
+    alert = Alert.objects.get(pk=pk)
-    outage.recovery_email_sent = True
+
-    outage.save(update_fields=["recovery_email_sent"])
+    if not alert.sms_sent:
        sleep(random.randint(1, 15))
        alert.agent.send_outage_sms()
        alert.sms_sent = djangotime.now()
        alert.save(update_fields=["sms_sent"])
    else:
        if alert_interval:
            # send an sms only if the last sms sent is older than alert interval
            delta = djangotime.now() - dt.timedelta(days=alert_interval)
            if alert.sms_sent < delta:
                sleep(random.randint(1, 10))
                alert.agent.send_outage_sms()
                alert.sms_sent = djangotime.now()
                alert.save(update_fields=["sms_sent"])
    return "ok"
@app.task
-def agent_outage_sms_task(pk):
+def agent_recovery_sms_task(pk: int) -> str:
    from alerts.models import Alert
    sleep(random.randint(1, 3))
-    outage = AgentOutage.objects.get(pk=pk)
+    alert = Alert.objects.get(pk=pk)
-    outage.send_outage_sms()
+    alert.agent.send_recovery_sms()
-    outage.outage_sms_sent = True
+    alert.resolved_sms_sent = djangotime.now()
-    outage.save(update_fields=["outage_sms_sent"])
+    alert.save(update_fields=["resolved_sms_sent"])
    return "ok"
@app.task
-def agent_recovery_sms_task(pk):
+def agent_outages_task() -> None:
-    sleep(random.randint(1, 3))
+    from alerts.models import Alert
    outage = AgentOutage.objects.get(pk=pk)
    outage.send_recovery_sms()
    outage.recovery_sms_sent = True
    outage.save(update_fields=["recovery_sms_sent"])
@app.task
 def agent_outages_task():
    agents = Agent.objects.only(
-        "pk", "last_seen", "overdue_time", "overdue_email_alert", "overdue_text_alert"
+        "pk",
        "agent_id",
        "last_seen",
        "offline_time",
        "overdue_time",
        "overdue_email_alert",
        "overdue_text_alert",
        "overdue_dashboard_alert",
    )
    for agent in agents:
-        if agent.overdue_email_alert or agent.overdue_text_alert:
+        if agent.status == "overdue":
-            if agent.status == "overdue":
+            Alert.handle_alert_failure(agent)
                outages = AgentOutage.objects.filter(agent=agent)
                if outages and outages.last().is_active:
                    continue
                outage = AgentOutage(agent=agent)
                outage.save()
-                if agent.overdue_email_alert and not agent.maintenance_mode:
+@app.task
-                    agent_outage_email_task.delay(pk=outage.pk)
+def run_script_email_results_task(
    agentpk: int,
    scriptpk: int,
    nats_timeout: int,
    emails: list[str],
    args: list[str] = [],
    history_pk: int = 0,
 ):
    agent = Agent.objects.get(pk=agentpk)
    script = Script.objects.get(pk=scriptpk)
    r = agent.run_script(
        scriptpk=script.pk,
        args=args,
        full=True,
        timeout=nats_timeout,
        wait=True,
        history_pk=history_pk,
    )
    if r == "timeout":
        DebugLog.error(
            agent=agent,
            log_type="scripting",
            message=f"{agent.hostname}({agent.pk}) timed out running script.",
        )
        return
-                if agent.overdue_text_alert and not agent.maintenance_mode:
+    CORE = CoreSettings.objects.first()
-                    agent_outage_sms_task.delay(pk=outage.pk)
+    subject = f"{agent.hostname} {script.name} Results"
    exec_time = "{:.4f}".format(r["execution_time"])
    body = (
        subject
        + f"\nReturn code: {r['retcode']}\nExecution time: {exec_time} seconds\nStdout: {r['stdout']}\nStderr: {r['stderr']}"
    )
    import smtplib
    from email.message import EmailMessage
    msg = EmailMessage()
    msg["Subject"] = subject
    msg["From"] = CORE.smtp_from_email  # type:ignore
    if emails:
        msg["To"] = ", ".join(emails)
    else:
        msg["To"] = ", ".join(CORE.email_alert_recipients)  # type:ignore
    msg.set_content(body)
    try:
        with smtplib.SMTP(
            CORE.smtp_host, CORE.smtp_port, timeout=20  # type:ignore
        ) as server:  # type:ignore
            if CORE.smtp_requires_auth:  # type:ignore
                server.ehlo()
                server.starttls()
                server.login(
                    CORE.smtp_host_user, CORE.smtp_host_password  # type:ignore
                )  # type:ignore
                server.send_message(msg)
                server.quit()
            else:
                server.send_message(msg)
                server.quit()
    except Exception as e:
        DebugLog.error(message=e)
@app.task
 def clear_faults_task(older_than_days: int) -> None:
    # https://github.com/wh1te909/tacticalrmm/issues/484
    agents = Agent.objects.exclude(last_seen__isnull=True).filter(
        last_seen__lt=djangotime.now() - djangotime.timedelta(days=older_than_days)
    )
    for agent in agents:
        if agent.agentchecks.exists():
            for check in agent.agentchecks.all():
                # reset check status
                check.status = "passing"
                check.save(update_fields=["status"])
                if check.alert.filter(resolved=False).exists():
                    check.alert.get(resolved=False).resolve()
        # reset overdue alerts
        agent.overdue_email_alert = False
        agent.overdue_text_alert = False
        agent.overdue_dashboard_alert = False
        agent.save(
            update_fields=[
                "overdue_email_alert",
                "overdue_text_alert",
                "overdue_dashboard_alert",
            ]
        )
@app.task
 def get_wmi_task() -> None:
    agents = Agent.objects.only(
        "pk", "agent_id", "last_seen", "overdue_time", "offline_time"
    )
    ids = [i.agent_id for i in agents if i.status == "online"]
    run_nats_api_cmd("wmi", ids, timeout=45)
@app.task
 def agent_checkin_task() -> None:
    run_nats_api_cmd("checkin", timeout=30)
@app.task
 def agent_getinfo_task() -> None:
    run_nats_api_cmd("agentinfo", timeout=30)
@app.task
 def prune_agent_history(older_than_days: int) -> str:
    from .models import AgentHistory
    AgentHistory.objects.filter(
        time__lt=djangotime.now() - djangotime.timedelta(days=older_than_days)
    ).delete()
    return "ok"
@app.task
 def handle_agents_task() -> None:
    q = Agent.objects.prefetch_related("pendingactions", "autotasks").only(
        "pk", "agent_id", "version", "last_seen", "overdue_time", "offline_time"
    )
    agents = [
        i
        for i in q
        if pyver.parse(i.version) >= pyver.parse("1.6.0") and i.status == "online"
    ]
    for agent in agents:
        # change agent update pending status to completed if agent has just updated
        if (
            pyver.parse(agent.version) == pyver.parse(settings.LATEST_AGENT_VER)
            and agent.pendingactions.filter(
                action_type="agentupdate", status="pending"
            ).exists()
        ):
            agent.pendingactions.filter(
                action_type="agentupdate", status="pending"
            ).update(status="completed")
        # sync scheduled tasks
        if agent.autotasks.exclude(sync_status="synced").exists():  # type: ignore
            tasks = agent.autotasks.exclude(sync_status="synced")  # type: ignore
            for task in tasks:
                if task.sync_status == "pendingdeletion":
                    task.delete_task_on_agent()
                elif task.sync_status == "initial":
                    task.modify_task_on_agent()
                elif task.sync_status == "notsynced":
                    task.create_task_on_agent()
        # handles any alerting actions
        if Alert.objects.filter(agent=agent, resolved=False).exists():
            try:
                Alert.handle_alert_resolve(agent)
            except:
                continue
--- a/api/tacticalrmm/agents/tests.py
+++ b/api/tacticalrmm/agents/tests.py
--- a/api/tacticalrmm/agents/urls.py
+++ b/api/tacticalrmm/agents/urls.py
@@ -1,12 +1,11 @@
 from django.urls import path
 from . import views
 urlpatterns = [
    path("listagents/", views.AgentsTableList.as_view()),
    path("listagentsnodetail/", views.list_agents_no_detail),
    path("<int:pk>/agenteditdetails/", views.agent_edit_details),
    path("byclient/<int:clientpk>/", views.by_client),
    path("bysite/<int:sitepk>/", views.by_site),
    path("overdueaction/", views.overdue_action),
    path("sendrawcmd/", views.send_raw_cmd),
    path("<pk>/agentdetail/", views.agent_detail),
@@ -28,6 +27,7 @@ urlpatterns = [
    path("<int:pk>/notes/", views.GetAddNotes.as_view()),
    path("<int:pk>/note/", views.GetEditDeleteNote.as_view()),
    path("bulk/", views.bulk),
    path("agent_counts/", views.agent_counts),
    path("maintenance/", views.agent_maintenance),
    path("<int:pk>/wmi/", views.WMI.as_view()),
    path("history/<int:pk>/", views.AgentHistoryView.as_view()),
 ]
--- a/api/tacticalrmm/agents/utils.py
+++ b/api/tacticalrmm/agents/utils.py
@@ -0,0 +1,37 @@
 import random
 import urllib.parse
 import requests
 from django.conf import settings
 def get_exegen_url() -> str:
    urls: list[str] = settings.EXE_GEN_URLS
    for url in urls:
        try:
            r = requests.get(url, timeout=10)
        except:
            continue
        if r.status_code == 200:
            return url
    return random.choice(urls)
 def get_winagent_url(arch: str) -> str:
    from core.models import CodeSignToken
    try:
        codetoken = CodeSignToken.objects.first().token
        base_url = get_exegen_url() + "/api/v1/winagents/?"
        params = {
            "version": settings.LATEST_AGENT_VER,
            "arch": arch,
            "token": codetoken,
        }
        dl_url = base_url + urllib.parse.urlencode(params)
    except:
        dl_url = settings.DL_64 if arch == "64" else settings.DL_32
    return dl_url
--- a/api/tacticalrmm/agents/views.py
+++ b/api/tacticalrmm/agents/views.py
@@ -1,49 +1,60 @@
 import asyncio
-from loguru import logger
+import datetime as dt
 import os
 import subprocess
 import pytz
 import random
 import string
-import datetime as dt
+import time
 from packaging import version as pyver
 from django.conf import settings
 from django.shortcuts import get_object_or_404
 from django.http import HttpResponse
-
+from django.shortcuts import get_object_or_404
-from rest_framework.decorators import api_view
+from packaging import version as pyver
-from rest_framework.views import APIView
+from rest_framework import status
 from rest_framework.decorators import api_view, permission_classes
 from rest_framework.permissions import IsAuthenticated
 from rest_framework.response import Response
-from rest_framework import status, generics
+from rest_framework.views import APIView
 from .models import Agent, AgentOutage, RecoveryAction, Note
 from core.models import CoreSettings
 from logs.models import AuditLog, DebugLog, PendingAction
 from scripts.models import Script
-from logs.models import AuditLog, PendingAction
+from scripts.tasks import handle_bulk_command_task, handle_bulk_script_task
 from tacticalrmm.utils import get_default_timezone, notify_error, reload_nats
 from winupdate.serializers import WinUpdatePolicySerializer
 from winupdate.tasks import bulk_check_for_updates_task, bulk_install_updates_task
 from .models import Agent, AgentCustomField, Note, RecoveryAction, AgentHistory
 from .permissions import (
    EditAgentPerms,
    EvtLogPerms,
    InstallAgentPerms,
    ManageNotesPerms,
    ManageProcPerms,
    MeshPerms,
    RebootAgentPerms,
    RunBulkPerms,
    RunScriptPerms,
    SendCMDPerms,
    UninstallPerms,
    UpdateAgentPerms,
 )
 from .serializers import (
-    AgentSerializer,
+    AgentCustomFieldSerializer,
    AgentHostnameSerializer,
    AgentTableSerializer,
    AgentEditSerializer,
    AgentHistorySerializer,
    AgentHostnameSerializer,
    AgentOverdueActionSerializer,
    AgentSerializer,
    AgentTableSerializer,
    NoteSerializer,
    NotesSerializer,
 )
-from winupdate.serializers import WinUpdatePolicySerializer
+from .tasks import run_script_email_results_task, send_agent_update_task
 from .tasks import uninstall_agent_task, send_agent_update_task
 from winupdate.tasks import bulk_check_for_updates_task
 from scripts.tasks import handle_bulk_command_task, handle_bulk_script_task
 from tacticalrmm.utils import notify_error, reload_nats
 logger.configure(**settings.LOG_CONFIG)
@api_view()
 def get_agent_versions(request):
-    agents = Agent.objects.only("pk")
+    agents = Agent.objects.prefetch_related("site").only("pk", "hostname")
    return Response(
        {
            "versions": [settings.LATEST_AGENT_VER],
@@ -53,86 +64,115 @@ def get_agent_versions(request):
@api_view(["POST"])
@permission_classes([IsAuthenticated, UpdateAgentPerms])
 def update_agents(request):
-    pks = request.data["pks"]
+    q = Agent.objects.filter(pk__in=request.data["pks"]).only("pk", "version")
-    version = request.data["version"]
+    pks: list[int] = [
-    send_agent_update_task.delay(pks=pks, version=version)
+        i.pk
        for i in q
        if pyver.parse(i.version) < pyver.parse(settings.LATEST_AGENT_VER)
    ]
    send_agent_update_task.delay(pks=pks)
    return Response("ok")
@api_view()
@permission_classes([IsAuthenticated, UninstallPerms])
 def ping(request, pk):
    agent = get_object_or_404(Agent, pk=pk)
    status = "offline"
-    if agent.has_nats:
+    attempts = 0
-        r = asyncio.run(agent.nats_cmd({"func": "ping"}, timeout=5))
+    while 1:
        r = asyncio.run(agent.nats_cmd({"func": "ping"}, timeout=2))
        if r == "pong":
            status = "online"
-    else:
+            break
-        r = agent.salt_api_cmd(timeout=5, func="test.ping")
+        else:
-        if isinstance(r, bool) and r:
+            attempts += 1
-            status = "online"
+            time.sleep(1)
        if attempts >= 5:
            break
    return Response({"name": agent.hostname, "status": status})
@api_view(["DELETE"])
@permission_classes([IsAuthenticated, UninstallPerms])
 def uninstall(request):
    agent = get_object_or_404(Agent, pk=request.data["pk"])
-    if agent.has_nats:
+    asyncio.run(agent.nats_cmd({"func": "uninstall"}, wait=False))
        asyncio.run(agent.nats_cmd({"func": "uninstall"}, wait=False))
    salt_id = agent.salt_id
    name = agent.hostname
    has_nats = agent.has_nats
    agent.delete()
    reload_nats()
    uninstall_agent_task.delay(salt_id, has_nats)
    return Response(f"{name} will now be uninstalled.")
-@api_view(["PATCH"])
+@api_view(["PATCH", "PUT"])
@permission_classes([IsAuthenticated, EditAgentPerms])
 def edit_agent(request):
    agent = get_object_or_404(Agent, pk=request.data["id"])
-    old_site = agent.site.pk
+    a_serializer = AgentEditSerializer(instance=agent, data=request.data, partial=True)
    a_serializer = AgentSerializer(instance=agent, data=request.data, partial=True)
    a_serializer.is_valid(raise_exception=True)
    a_serializer.save()
-    policy = agent.winupdatepolicy.get()
+    if "winupdatepolicy" in request.data.keys():
-    p_serializer = WinUpdatePolicySerializer(
+        policy = agent.winupdatepolicy.get()  # type: ignore
-        instance=policy, data=request.data["winupdatepolicy"][0]
+        p_serializer = WinUpdatePolicySerializer(
-    )
+            instance=policy, data=request.data["winupdatepolicy"][0]
-    p_serializer.is_valid(raise_exception=True)
+        )
-    p_serializer.save()
+        p_serializer.is_valid(raise_exception=True)
        p_serializer.save()
-    # check if site changed and initiate generating correct policies
+    if "custom_fields" in request.data.keys():
-    if old_site != request.data["site"]:
+
-        agent.generate_checks_from_policies(clear=True)
+        for field in request.data["custom_fields"]:
-        agent.generate_tasks_from_policies(clear=True)
+
            custom_field = field
            custom_field["agent"] = agent.id  # type: ignore
            if AgentCustomField.objects.filter(
                field=field["field"], agent=agent.id  # type: ignore
            ):
                value = AgentCustomField.objects.get(
                    field=field["field"], agent=agent.id  # type: ignore
                )
                serializer = AgentCustomFieldSerializer(
                    instance=value, data=custom_field
                )
                serializer.is_valid(raise_exception=True)
                serializer.save()
            else:
                serializer = AgentCustomFieldSerializer(data=custom_field)
                serializer.is_valid(raise_exception=True)
                serializer.save()
    return Response("ok")
@api_view()
@permission_classes([IsAuthenticated, MeshPerms])
 def meshcentral(request, pk):
    agent = get_object_or_404(Agent, pk=pk)
    core = CoreSettings.objects.first()
    token = agent.get_login_token(
-        key=core.mesh_token, user=f"user//{core.mesh_username}"
+        key=core.mesh_token, user=f"user//{core.mesh_username}"  # type:ignore
    )
    if token == "err":
        return notify_error("Invalid mesh token")
-    control = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=11&hide=31"
+    control = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=11&hide=31"  # type:ignore
-    terminal = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=12&hide=31"
+    terminal = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=12&hide=31"  # type:ignore
-    file = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=13&hide=31"
+    file = f"{core.mesh_site}/?login={token}&gotonode={agent.mesh_node_id}&viewmode=13&hide=31"  # type:ignore
-    AuditLog.audit_mesh_session(username=request.user.username, hostname=agent.hostname)
+    AuditLog.audit_mesh_session(
        username=request.user.username,
        agent=agent,
        debug_info={"ip": request._client_ip},
    )
    ret = {
        "hostname": agent.hostname,
@@ -155,21 +195,16 @@ def agent_detail(request, pk):
@api_view()
 def get_processes(request, pk):
    agent = get_object_or_404(Agent, pk=pk)
    if not agent.has_nats:
        return notify_error("Requires agent version 1.1.0 or greater")
    r = asyncio.run(agent.nats_cmd(data={"func": "procs"}, timeout=5))
    if r == "timeout":
        return notify_error("Unable to contact the agent")
    return Response(r)
@api_view()
@permission_classes([IsAuthenticated, ManageProcPerms])
 def kill_proc(request, pk, pid):
    agent = get_object_or_404(Agent, pk=pk)
    if not agent.has_nats:
        return notify_error("Requires agent version 1.1.0 or greater")
    r = asyncio.run(
        agent.nats_cmd({"func": "killproc", "procpid": int(pid)}, timeout=15)
    )
@@ -183,19 +218,19 @@ def kill_proc(request, pk, pid):
@api_view()
@permission_classes([IsAuthenticated, EvtLogPerms])
 def get_event_log(request, pk, logtype, days):
    agent = get_object_or_404(Agent, pk=pk)
-    if not agent.has_nats:
+    timeout = 180 if logtype == "Security" else 30
        return notify_error("Requires agent version 1.1.0 or greater")
    data = {
        "func": "eventlog",
-        "timeout": 30,
+        "timeout": timeout,
        "payload": {
            "logname": logtype,
            "days": str(days),
        },
    }
-    r = asyncio.run(agent.nats_cmd(data, timeout=32))
+    r = asyncio.run(agent.nats_cmd(data, timeout=timeout + 2))
    if r == "timeout":
        return notify_error("Unable to contact the agent")
@@ -203,10 +238,9 @@ def get_event_log(request, pk, logtype, days):
@api_view(["POST"])
@permission_classes([IsAuthenticated, SendCMDPerms])
 def send_raw_cmd(request):
    agent = get_object_or_404(Agent, pk=request.data["pk"])
    if not agent.has_nats:
        return notify_error("Requires agent version 1.1.0 or greater")
    timeout = int(request.data["timeout"])
    data = {
        "func": "rawcmd",
@@ -216,6 +250,16 @@ def send_raw_cmd(request):
            "shell": request.data["shell"],
        },
    }
    if pyver.parse(agent.version) >= pyver.parse("1.6.0"):
        hist = AgentHistory.objects.create(
            agent=agent,
            type="cmd_run",
            command=request.data["cmd"],
            username=request.user.username[:50],
        )
        data["id"] = hist.pk
    r = asyncio.run(agent.nats_cmd(data, timeout=timeout + 2))
    if r == "timeout":
@@ -223,44 +267,58 @@ def send_raw_cmd(request):
    AuditLog.audit_raw_command(
        username=request.user.username,
-        hostname=agent.hostname,
+        agent=agent,
        cmd=request.data["cmd"],
        shell=request.data["shell"],
        debug_info={"ip": request._client_ip},
    )
    return Response(r)
-class AgentsTableList(generics.ListAPIView):
+class AgentsTableList(APIView):
-    queryset = (
+    def patch(self, request):
-        Agent.objects.select_related("site")
+        if "sitePK" in request.data.keys():
-        .prefetch_related("agentchecks")
+            queryset = (
-        .only(
+                Agent.objects.select_related("site", "policy", "alert_template")
                .prefetch_related("agentchecks")
                .filter(site_id=request.data["sitePK"])
            )
        elif "clientPK" in request.data.keys():
            queryset = (
                Agent.objects.select_related("site", "policy", "alert_template")
                .prefetch_related("agentchecks")
                .filter(site__client_id=request.data["clientPK"])
            )
        else:
            queryset = Agent.objects.select_related(
                "site", "policy", "alert_template"
            ).prefetch_related("agentchecks")
        queryset = queryset.only(
            "pk",
            "hostname",
            "agent_id",
            "site",
            "policy",
            "alert_template",
            "monitoring_type",
            "description",
            "needs_reboot",
            "overdue_text_alert",
            "overdue_email_alert",
            "overdue_time",
            "offline_time",
            "last_seen",
            "boot_time",
            "logged_in_username",
            "last_logged_in_user",
            "time_zone",
            "maintenance_mode",
            "pending_actions_count",
            "has_patches_pending",
        )
-    )
+        ctx = {"default_tz": get_default_timezone()}
    serializer_class = AgentTableSerializer
    def list(self, request):
        queryset = self.get_queryset()
        ctx = {
            "default_tz": pytz.timezone(CoreSettings.objects.first().default_time_zone)
        }
        serializer = AgentTableSerializer(queryset, many=True, context=ctx)
        return Response(serializer.data)
@@ -277,96 +335,22 @@ def agent_edit_details(request, pk):
    return Response(AgentEditSerializer(agent).data)
@api_view()
 def by_client(request, clientpk):
    agents = (
        Agent.objects.select_related("site")
        .filter(site__client_id=clientpk)
        .prefetch_related("agentchecks")
        .only(
            "pk",
            "hostname",
            "agent_id",
            "site",
            "monitoring_type",
            "description",
            "needs_reboot",
            "overdue_text_alert",
            "overdue_email_alert",
            "overdue_time",
            "last_seen",
            "boot_time",
            "logged_in_username",
            "last_logged_in_user",
            "time_zone",
            "maintenance_mode",
        )
    )
    ctx = {"default_tz": pytz.timezone(CoreSettings.objects.first().default_time_zone)}
    return Response(AgentTableSerializer(agents, many=True, context=ctx).data)
@api_view()
 def by_site(request, sitepk):
    agents = (
        Agent.objects.filter(site_id=sitepk)
        .select_related("site")
        .prefetch_related("agentchecks")
        .only(
            "pk",
            "hostname",
            "agent_id",
            "site",
            "monitoring_type",
            "description",
            "needs_reboot",
            "overdue_text_alert",
            "overdue_email_alert",
            "overdue_time",
            "last_seen",
            "boot_time",
            "logged_in_username",
            "last_logged_in_user",
            "time_zone",
            "maintenance_mode",
        )
    )
    ctx = {"default_tz": pytz.timezone(CoreSettings.objects.first().default_time_zone)}
    return Response(AgentTableSerializer(agents, many=True, context=ctx).data)
@api_view(["POST"])
 def overdue_action(request):
-    pk = request.data["pk"]
+    agent = get_object_or_404(Agent, pk=request.data["pk"])
-    alert_type = request.data["alertType"]
+    serializer = AgentOverdueActionSerializer(
-    action = request.data["action"]
+        instance=agent, data=request.data, partial=True
-    agent = get_object_or_404(Agent, pk=pk)
+    )
-    if alert_type == "email" and action == "enabled":
+    serializer.is_valid(raise_exception=True)
-        agent.overdue_email_alert = True
+    serializer.save()
        agent.save(update_fields=["overdue_email_alert"])
    elif alert_type == "email" and action == "disabled":
        agent.overdue_email_alert = False
        agent.save(update_fields=["overdue_email_alert"])
    elif alert_type == "text" and action == "enabled":
        agent.overdue_text_alert = True
        agent.save(update_fields=["overdue_text_alert"])
    elif alert_type == "text" and action == "disabled":
        agent.overdue_text_alert = False
        agent.save(update_fields=["overdue_text_alert"])
    else:
        return Response(
            {"error": "Something went wrong"}, status=status.HTTP_400_BAD_REQUEST
        )
    return Response(agent.hostname)
 class Reboot(APIView):
    permission_classes = [IsAuthenticated, RebootAgentPerms]
    # reboot now
    def post(self, request):
        agent = get_object_or_404(Agent, pk=request.data["pk"])
        if not agent.has_nats:
            return notify_error("Requires agent version 1.1.0 or greater")
        r = asyncio.run(agent.nats_cmd({"func": "rebootnow"}, timeout=10))
        if r != "ok":
            return notify_error("Unable to contact the agent")
@@ -376,8 +360,6 @@ class Reboot(APIView):
    # reboot later
    def patch(self, request):
        agent = get_object_or_404(Agent, pk=request.data["pk"])
        if not agent.has_gotasks:
            return notify_error("Requires agent version 1.1.1 or greater")
        try:
            obj = dt.datetime.strptime(request.data["datetime"], "%Y-%m-%d %H:%M")
@@ -392,6 +374,7 @@ class Reboot(APIView):
            "func": "schedtask",
            "schedtaskpayload": {
                "type": "schedreboot",
                "deleteafter": True,
                "trigger": "once",
                "name": task_name,
                "year": int(dt.datetime.strftime(obj, "%Y")),
@@ -417,8 +400,12 @@ class Reboot(APIView):
@api_view(["POST"])
@permission_classes([IsAuthenticated, InstallAgentPerms])
 def install_agent(request):
    from knox.models import AuthToken
    from accounts.models import User
    from agents.utils import get_winagent_url
    client_id = request.data["client"]
    site_id = request.data["site"]
@@ -440,131 +427,29 @@ def install_agent(request):
    inno = (
        f"winagent-v{version}.exe" if arch == "64" else f"winagent-v{version}-x86.exe"
    )
-    download_url = settings.DL_64 if arch == "64" else settings.DL_32
+    download_url = get_winagent_url(arch)
    installer_user = User.objects.filter(is_installer_user=True).first()
    _, token = AuthToken.objects.create(
-        user=request.user, expiry=dt.timedelta(hours=request.data["expires"])
+        user=installer_user, expiry=dt.timedelta(hours=request.data["expires"])
    )
    if request.data["installMethod"] == "exe":
-        go_bin = "/usr/local/rmmgo/go/bin/go"
+        from tacticalrmm.utils import generate_winagent_exe
-        if not os.path.exists(go_bin):
+        return generate_winagent_exe(
-            return Response("nogolang", status=status.HTTP_409_CONFLICT)
+            client=client_id,
-
+            site=site_id,
-        api = request.data["api"]
+            agent_type=request.data["agenttype"],
-        atype = request.data["agenttype"]
+            rdp=request.data["rdp"],
-        rdp = request.data["rdp"]
+            ping=request.data["ping"],
-        ping = request.data["ping"]
+            power=request.data["power"],
-        power = request.data["power"]
+            arch=arch,
-
+            token=token,
-        file_name = "rmm-installer.exe"
+            api=request.data["api"],
-        exe = os.path.join(settings.EXE_DIR, file_name)
+            file_name=request.data["fileName"],
-
+        )
        if os.path.exists(exe):
            try:
                os.remove(exe)
            except Exception as e:
                logger.error(str(e))
        goarch = "amd64" if arch == "64" else "386"
        cmd = [
            "env",
            "GOOS=windows",
            f"GOARCH={goarch}",
            go_bin,
            "build",
            f"-ldflags=\"-X 'main.Inno={inno}'",
            f"-X 'main.Api={api}'",
            f"-X 'main.Client={client_id}'",
            f"-X 'main.Site={site_id}'",
            f"-X 'main.Atype={atype}'",
            f"-X 'main.Rdp={rdp}'",
            f"-X 'main.Ping={ping}'",
            f"-X 'main.Power={power}'",
            f"-X 'main.DownloadUrl={download_url}'",
            f"-X 'main.Token={token}'\"",
            "-o",
            exe,
        ]
        build_error = False
        gen_error = False
        gen = [
            "env",
            "GOOS=windows",
            f"GOARCH={goarch}",
            go_bin,
            "generate",
        ]
        try:
            r1 = subprocess.run(
                " ".join(gen),
                capture_output=True,
                shell=True,
                cwd=os.path.join(settings.BASE_DIR, "core/goinstaller"),
            )
        except Exception as e:
            gen_error = True
            logger.error(str(e))
            return Response(
                "genfailed", status=status.HTTP_413_REQUEST_ENTITY_TOO_LARGE
            )
        if r1.returncode != 0:
            gen_error = True
            if r1.stdout:
                logger.error(r1.stdout.decode("utf-8", errors="ignore"))
            if r1.stderr:
                logger.error(r1.stderr.decode("utf-8", errors="ignore"))
            logger.error(f"Go build failed with return code {r1.returncode}")
        if gen_error:
            return Response(
                "genfailed", status=status.HTTP_413_REQUEST_ENTITY_TOO_LARGE
            )
        try:
            r = subprocess.run(
                " ".join(cmd),
                capture_output=True,
                shell=True,
                cwd=os.path.join(settings.BASE_DIR, "core/goinstaller"),
            )
        except Exception as e:
            build_error = True
            logger.error(str(e))
            return Response("buildfailed", status=status.HTTP_412_PRECONDITION_FAILED)
        if r.returncode != 0:
            build_error = True
            if r.stdout:
                logger.error(r.stdout.decode("utf-8", errors="ignore"))
            if r.stderr:
                logger.error(r.stderr.decode("utf-8", errors="ignore"))
            logger.error(f"Go build failed with return code {r.returncode}")
        if build_error:
            return Response("buildfailed", status=status.HTTP_412_PRECONDITION_FAILED)
        if settings.DEBUG:
            with open(exe, "rb") as f:
                response = HttpResponse(
                    f.read(),
                    content_type="application/vnd.microsoft.portable-executable",
                )
                response["Content-Disposition"] = f"inline; filename={file_name}"
                return response
        else:
            response = HttpResponse()
            response["Content-Disposition"] = f"attachment; filename={file_name}"
            response["X-Accel-Redirect"] = f"/private/exe/{file_name}"
            return response
    elif request.data["installMethod"] == "manual":
        cmd = [
@@ -572,12 +457,10 @@ def install_agent(request):
            "/VERYSILENT",
            "/SUPPRESSMSGBOXES",
            "&&",
-            "timeout",
+            "ping",
-            "/t",
+            "127.0.0.1",
-            "10",
+            "-n",
-            "/nobreak",
+            "5",
            ">",
            "NUL",
            "&&",
            r'"C:\Program Files\TacticalAgent\tacticalrmm.exe"',
            "-m",
@@ -604,8 +487,6 @@ def install_agent(request):
        resp = {
            "cmd": " ".join(str(i) for i in cmd),
            "url": download_url,
            "salt64": settings.SALT_64,
            "salt32": settings.SALT_32,
        }
        return Response(resp)
@@ -640,7 +521,7 @@ def install_agent(request):
            try:
                os.remove(ps1)
            except Exception as e:
-                logger.error(str(e))
+                DebugLog.error(message=str(e))
        with open(ps1, "w") as f:
            f.write(text)
@@ -662,27 +543,14 @@ def recover(request):
    agent = get_object_or_404(Agent, pk=request.data["pk"])
    mode = request.data["mode"]
-    if pyver.parse(agent.version) <= pyver.parse("0.9.5"):
+    # attempt a realtime recovery, otherwise fall back to old recovery method
-        return notify_error("Only available in agent version greater than 0.9.5")
+    if mode == "tacagent" or mode == "mesh":
        data = {"func": "recover", "payload": {"mode": mode}}
        r = asyncio.run(agent.nats_cmd(data, timeout=10))
        if r == "ok":
            return Response("Successfully completed recovery")
-    if not agent.has_nats:
+    if agent.recoveryactions.filter(last_run=None).exists():  # type: ignore
        if mode == "tacagent" or mode == "checkrunner" or mode == "rpc":
            return notify_error("Requires agent version 1.1.0 or greater")
    # attempt a realtime recovery if supported, otherwise fall back to old recovery method
    if agent.has_nats:
        if (
            mode == "tacagent"
            or mode == "checkrunner"
            or mode == "salt"
            or mode == "mesh"
        ):
            data = {"func": "recover", "payload": {"mode": mode}}
            r = asyncio.run(agent.nats_cmd(data, timeout=10))
            if r == "ok":
                return Response("Successfully completed recovery")
    if agent.recoveryactions.filter(last_run=None).exists():
        return notify_error(
            "A recovery action is currently pending. Please wait for the next agent check-in."
        )
@@ -708,46 +576,106 @@ def recover(request):
@api_view(["POST"])
@permission_classes([IsAuthenticated, RunScriptPerms])
 def run_script(request):
    agent = get_object_or_404(Agent, pk=request.data["pk"])
-    if not agent.has_nats:
+    script = get_object_or_404(Script, pk=request.data["script"])
        return notify_error("Requires agent version 1.1.0 or greater")
    script = get_object_or_404(Script, pk=request.data["scriptPK"])
    output = request.data["output"]
    args = request.data["args"]
    req_timeout = int(request.data["timeout"]) + 3
    AuditLog.audit_script_run(
        username=request.user.username,
-        hostname=agent.hostname,
+        agent=agent,
        script=script.name,
        debug_info={"ip": request._client_ip},
    )
-    data = {
+    history_pk = 0
-        "func": "runscript",
+    if pyver.parse(agent.version) >= pyver.parse("1.6.0"):
-        "timeout": request.data["timeout"],
+        hist = AgentHistory.objects.create(
-        "script_args": request.data["args"],
+            agent=agent,
-        "payload": {
+            type="script_run",
-            "code": script.code,
+            script=script,
-            "shell": script.shell,
+            username=request.user.username[:50],
-        },
+        )
-    }
+        history_pk = hist.pk
    if output == "wait":
-        r = asyncio.run(agent.nats_cmd(data, timeout=req_timeout))
+        r = agent.run_script(
            scriptpk=script.pk,
            args=args,
            timeout=req_timeout,
            wait=True,
            history_pk=history_pk,
        )
        return Response(r)
    elif output == "email":
        emails = (
            [] if request.data["emailMode"] == "default" else request.data["emails"]
        )
        run_script_email_results_task.delay(
            agentpk=agent.pk,
            scriptpk=script.pk,
            nats_timeout=req_timeout,
            emails=emails,
            args=args,
        )
    elif output == "collector":
        from core.models import CustomField
        r = agent.run_script(
            scriptpk=script.pk,
            args=args,
            timeout=req_timeout,
            wait=True,
            history_pk=history_pk,
        )
        custom_field = CustomField.objects.get(pk=request.data["custom_field"])
        if custom_field.model == "agent":
            field = custom_field.get_or_create_field_value(agent)
        elif custom_field.model == "client":
            field = custom_field.get_or_create_field_value(agent.client)
        elif custom_field.model == "site":
            field = custom_field.get_or_create_field_value(agent.site)
        else:
            return notify_error("Custom Field was invalid")
        value = (
            r.strip()
            if request.data["save_all_output"]
            else r.strip().split("\n")[-1].strip()
        )
        field.save_to_field(value)
        return Response(r)
    elif output == "note":
        r = agent.run_script(
            scriptpk=script.pk,
            args=args,
            timeout=req_timeout,
            wait=True,
            history_pk=history_pk,
        )
        Note.objects.create(agent=agent, user=request.user, note=r)
        return Response(r)
    else:
-        asyncio.run(agent.nats_cmd(data, wait=False))
+        agent.run_script(
-        return Response(f"{script.name} will now be run on {agent.hostname}")
+            scriptpk=script.pk, args=args, timeout=req_timeout, history_pk=history_pk
        )
    return Response(f"{script.name} will now be run on {agent.hostname}")
@api_view()
 def recover_mesh(request, pk):
    agent = get_object_or_404(Agent, pk=pk)
    if not agent.has_nats:
        return notify_error("Requires agent version 1.1.0 or greater")
    data = {"func": "recover", "payload": {"mode": "mesh"}}
-    r = asyncio.run(agent.nats_cmd(data, timeout=45))
+    r = asyncio.run(agent.nats_cmd(data, timeout=90))
    if r != "ok":
        return notify_error("Unable to contact the agent")
@@ -789,6 +717,8 @@ class GetAddNotes(APIView):
 class GetEditDeleteNote(APIView):
    permission_classes = [IsAuthenticated, ManageNotesPerms]
    def get(self, request, pk):
        note = get_object_or_404(Note, pk=pk)
        return Response(NoteSerializer(note).data)
@@ -807,8 +737,9 @@ class GetEditDeleteNote(APIView):
@api_view(["POST"])
@permission_classes([IsAuthenticated, RunBulkPerms])
 def bulk(request):
-    if request.data["target"] == "agents" and not request.data["agentPKs"]:
+    if request.data["target"] == "agents" and not request.data["agents"]:
        return notify_error("Must select at least 1 agent")
    if request.data["target"] == "client":
@@ -816,64 +747,65 @@ def bulk(request):
    elif request.data["target"] == "site":
        q = Agent.objects.filter(site_id=request.data["site"])
    elif request.data["target"] == "agents":
-        q = Agent.objects.filter(pk__in=request.data["agentPKs"])
+        q = Agent.objects.filter(pk__in=request.data["agents"])
    elif request.data["target"] == "all":
-        q = Agent.objects.all()
+        q = Agent.objects.only("pk", "monitoring_type")
    else:
        return notify_error("Something went wrong")
-    minions = [agent.salt_id for agent in q]
+    if request.data["monType"] == "servers":
-    agents = [agent.pk for agent in q]
+        q = q.filter(monitoring_type="server")
    elif request.data["monType"] == "workstations":
        q = q.filter(monitoring_type="workstation")
-    AuditLog.audit_bulk_action(request.user, request.data["mode"], request.data)
+    agents: list[int] = [agent.pk for agent in q]
    if not agents:
        return notify_error("No agents where found meeting the selected criteria")
    AuditLog.audit_bulk_action(
        request.user,
        request.data["mode"],
        request.data,
        debug_info={"ip": request._client_ip},
    )
    if request.data["mode"] == "command":
        handle_bulk_command_task.delay(
-            agents, request.data["cmd"], request.data["shell"], request.data["timeout"]
+            agents,
            request.data["cmd"],
            request.data["shell"],
            request.data["timeout"],
            request.user.username[:50],
            run_on_offline=request.data["offlineAgents"],
        )
        return Response(f"Command will now be run on {len(agents)} agents")
    elif request.data["mode"] == "script":
-        script = get_object_or_404(Script, pk=request.data["scriptPK"])
+        script = get_object_or_404(Script, pk=request.data["script"])
        handle_bulk_script_task.delay(
-            script.pk, agents, request.data["args"], request.data["timeout"]
+            script.pk,
            agents,
            request.data["args"],
            request.data["timeout"],
            request.user.username[:50],
        )
        return Response(f"{script.name} will now be run on {len(agents)} agents")
-    elif request.data["mode"] == "install":
+    elif request.data["mode"] == "patch":
-        r = Agent.salt_batch_async(minions=minions, func="win_agent.install_updates")
+
-        if r == "timeout":
+        if request.data["patchMode"] == "install":
-            return notify_error("Salt API not running")
+            bulk_install_updates_task.delay(agents)
-        return Response(
+            return Response(
-            f"Pending updates will now be installed on {len(agents)} agents"
+                f"Pending updates will now be installed on {len(agents)} agents"
-        )
+            )
-    elif request.data["mode"] == "scan":
+        elif request.data["patchMode"] == "scan":
-        bulk_check_for_updates_task.delay(minions=minions)
+            bulk_check_for_updates_task.delay(agents)
-        return Response(f"Patch status scan will now run on {len(agents)} agents")
+            return Response(f"Patch status scan will now run on {len(agents)} agents")
    return notify_error("Something went wrong")
@api_view(["POST"])
 def agent_counts(request):
    return Response(
        {
            "total_server_count": Agent.objects.filter(
                monitoring_type="server"
            ).count(),
            "total_server_offline_count": AgentOutage.objects.filter(
                recovery_time=None, agent__monitoring_type="server"
            ).count(),
            "total_workstation_count": Agent.objects.filter(
                monitoring_type="workstation"
            ).count(),
            "total_workstation_offline_count": AgentOutage.objects.filter(
                recovery_time=None, agent__monitoring_type="workstation"
            ).count(),
        }
    )
@api_view(["POST"])
 def agent_maintenance(request):
    if request.data["type"] == "Client":
@@ -895,3 +827,20 @@ def agent_maintenance(request):
        return notify_error("Invalid data")
    return Response("ok")
 class WMI(APIView):
    def get(self, request, pk):
        agent = get_object_or_404(Agent, pk=pk)
        r = asyncio.run(agent.nats_cmd({"func": "sysinfo"}, timeout=20))
        if r != "ok":
            return notify_error("Unable to contact the agent")
        return Response("ok")
 class AgentHistoryView(APIView):
    def get(self, request, pk):
        agent = get_object_or_404(Agent, pk=pk)
        history = AgentHistory.objects.filter(agent=agent)
        return Response(AgentHistorySerializer(history, many=True).data)
--- a/api/tacticalrmm/alerts/admin.py
+++ b/api/tacticalrmm/alerts/admin.py
@@ -1,6 +1,6 @@
 from django.contrib import admin
-from .models import Alert
+from .models import Alert, AlertTemplate
 admin.site.register(Alert)
 admin.site.register(AlertTemplate)
--- a/api/tacticalrmm/alerts/migrations/0001_initial.py
+++ b/api/tacticalrmm/alerts/migrations/0001_initial.py
@@ -1,7 +1,7 @@
 # Generated by Django 3.1 on 2020-08-15 15:31
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
@@ -42,4 +42,4 @@ class Migration(migrations.Migration):
                ),
            ],
        ),
-    ]
+    ]
--- a/api/tacticalrmm/alerts/migrations/0002_auto_20200815_1618.py
+++ b/api/tacticalrmm/alerts/migrations/0002_auto_20200815_1618.py
@@ -27,4 +27,4 @@ class Migration(migrations.Migration):
                max_length=100,
            ),
        ),
-    ]
+    ]
--- a/api/tacticalrmm/alerts/migrations/0003_auto_20201021_1815.py
+++ b/api/tacticalrmm/alerts/migrations/0003_auto_20201021_1815.py
@@ -1,25 +1,31 @@
 # Generated by Django 3.1.2 on 2020-10-21 18:15
 from django.db import migrations, models
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
-        ('checks', '0010_auto_20200922_1344'),
+        ("checks", "0010_auto_20200922_1344"),
-        ('alerts', '0002_auto_20200815_1618'),
+        ("alerts", "0002_auto_20200815_1618"),
    ]
    operations = [
        migrations.AddField(
-            model_name='alert',
+            model_name="alert",
-            name='assigned_check',
+            name="assigned_check",
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='alert', to='checks.check'),
+            field=models.ForeignKey(
                blank=True,
                null=True,
                on_delete=django.db.models.deletion.CASCADE,
                related_name="alert",
                to="checks.check",
            ),
        ),
        migrations.AlterField(
-            model_name='alert',
+            model_name="alert",
-            name='alert_time',
+            name="alert_time",
            field=models.DateTimeField(auto_now_add=True, null=True),
        ),
-    ]
+    ]
--- a/api/tacticalrmm/alerts/migrations/0004_auto_20210212_1408.py
+++ b/api/tacticalrmm/alerts/migrations/0004_auto_20210212_1408.py
@@ -0,0 +1,172 @@
 # Generated by Django 3.1.4 on 2021-02-12 14:08
 import django.contrib.postgres.fields
 import django.db.models.deletion
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('agents', '0029_delete_agentoutage'),
        ('clients', '0008_auto_20201103_1430'),
        ('autotasks', '0017_auto_20210210_1512'),
        ('scripts', '0005_auto_20201207_1606'),
        ('alerts', '0003_auto_20201021_1815'),
    ]
    operations = [
        migrations.AddField(
            model_name='alert',
            name='action_execution_time',
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='action_retcode',
            field=models.IntegerField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='action_run',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='action_stderr',
            field=models.TextField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='action_stdout',
            field=models.TextField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='action_timeout',
            field=models.PositiveIntegerField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='alert_type',
            field=models.CharField(choices=[('availability', 'Availability'), ('check', 'Check'), ('task', 'Task'), ('custom', 'Custom')], default='availability', max_length=20),
        ),
        migrations.AddField(
            model_name='alert',
            name='assigned_task',
            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='alert', to='autotasks.automatedtask'),
        ),
        migrations.AddField(
            model_name='alert',
            name='email_sent',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='hidden',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_action_execution_time',
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_action_retcode',
            field=models.IntegerField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_action_run',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_action_stderr',
            field=models.TextField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_action_stdout',
            field=models.TextField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_action_timeout',
            field=models.PositiveIntegerField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_email_sent',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_on',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='resolved_sms_sent',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='sms_sent',
            field=models.DateTimeField(blank=True, null=True),
        ),
        migrations.AddField(
            model_name='alert',
            name='snoozed',
            field=models.BooleanField(default=False),
        ),
        migrations.AlterField(
            model_name='alert',
            name='severity',
            field=models.CharField(choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], default='info', max_length=30),
        ),
        migrations.CreateModel(
            name='AlertTemplate',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('name', models.CharField(max_length=100)),
                ('is_active', models.BooleanField(default=True)),
                ('action_args', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, max_length=255, null=True), blank=True, default=list, null=True, size=None)),
                ('resolved_action_args', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, max_length=255, null=True), blank=True, default=list, null=True, size=None)),
                ('email_recipients', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, max_length=100), blank=True, default=list, null=True, size=None)),
                ('text_recipients', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, max_length=100), blank=True, default=list, null=True, size=None)),
                ('email_from', models.EmailField(blank=True, max_length=254, null=True)),
                ('agent_email_on_resolved', models.BooleanField(blank=True, default=False, null=True)),
                ('agent_text_on_resolved', models.BooleanField(blank=True, default=False, null=True)),
                ('agent_include_desktops', models.BooleanField(blank=True, default=False, null=True)),
                ('agent_always_email', models.BooleanField(blank=True, default=False, null=True)),
                ('agent_always_text', models.BooleanField(blank=True, default=False, null=True)),
                ('agent_always_alert', models.BooleanField(blank=True, default=False, null=True)),
                ('agent_periodic_alert_days', models.PositiveIntegerField(blank=True, default=0, null=True)),
                ('check_email_alert_severity', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], max_length=25), blank=True, default=list, size=None)),
                ('check_text_alert_severity', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], max_length=25), blank=True, default=list, size=None)),
                ('check_dashboard_alert_severity', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], max_length=25), blank=True, default=list, size=None)),
                ('check_email_on_resolved', models.BooleanField(blank=True, default=False, null=True)),
                ('check_text_on_resolved', models.BooleanField(blank=True, default=False, null=True)),
                ('check_always_email', models.BooleanField(blank=True, default=False, null=True)),
                ('check_always_text', models.BooleanField(blank=True, default=False, null=True)),
                ('check_always_alert', models.BooleanField(blank=True, default=False, null=True)),
                ('check_periodic_alert_days', models.PositiveIntegerField(blank=True, default=0, null=True)),
                ('task_email_alert_severity', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], max_length=25), blank=True, default=list, size=None)),
                ('task_text_alert_severity', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], max_length=25), blank=True, default=list, size=None)),
                ('task_dashboard_alert_severity', django.contrib.postgres.fields.ArrayField(base_field=models.CharField(blank=True, choices=[('info', 'Informational'), ('warning', 'Warning'), ('error', 'Error')], max_length=25), blank=True, default=list, size=None)),
                ('task_email_on_resolved', models.BooleanField(blank=True, default=False, null=True)),
                ('task_text_on_resolved', models.BooleanField(blank=True, default=False, null=True)),
                ('task_always_email', models.BooleanField(blank=True, default=False, null=True)),
                ('task_always_text', models.BooleanField(blank=True, default=False, null=True)),
                ('task_always_alert', models.BooleanField(blank=True, default=False, null=True)),
                ('task_periodic_alert_days', models.PositiveIntegerField(blank=True, default=0, null=True)),
                ('action', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='alert_template', to='scripts.script')),
                ('excluded_agents', models.ManyToManyField(blank=True, related_name='alert_exclusions', to='agents.Agent')),
                ('excluded_clients', models.ManyToManyField(blank=True, related_name='alert_exclusions', to='clients.Client')),
                ('excluded_sites', models.ManyToManyField(blank=True, related_name='alert_exclusions', to='clients.Site')),
                ('resolved_action', models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='resolved_alert_template', to='scripts.script')),
            ],
        ),
    ]
--- a/api/tacticalrmm/alerts/migrations/0005_auto_20210212_1745.py
+++ b/api/tacticalrmm/alerts/migrations/0005_auto_20210212_1745.py
@@ -0,0 +1,31 @@
 # Generated by Django 3.1.4 on 2021-02-12 17:45
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('alerts', '0004_auto_20210212_1408'),
    ]
    operations = [
        migrations.RemoveField(
            model_name='alert',
            name='action_timeout',
        ),
        migrations.RemoveField(
            model_name='alert',
            name='resolved_action_timeout',
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='action_timeout',
            field=models.PositiveIntegerField(default=15),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='resolved_action_timeout',
            field=models.PositiveIntegerField(default=15),
        ),
    ]
--- a/api/tacticalrmm/alerts/migrations/0006_auto_20210217_1736.py
+++ b/api/tacticalrmm/alerts/migrations/0006_auto_20210217_1736.py
@@ -0,0 +1,72 @@
 # Generated by Django 3.1.6 on 2021-02-17 17:36
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('alerts', '0005_auto_20210212_1745'),
    ]
    operations = [
        migrations.RemoveField(
            model_name='alerttemplate',
            name='agent_include_desktops',
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='exclude_servers',
            field=models.BooleanField(blank=True, default=False, null=True),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='exclude_workstations',
            field=models.BooleanField(blank=True, default=False, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='agent_always_alert',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='agent_always_email',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='agent_always_text',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='check_always_alert',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='check_always_email',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='check_always_text',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='task_always_alert',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='task_always_email',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='task_always_text',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
    ]
--- a/api/tacticalrmm/alerts/migrations/0007_auto_20210721_0423.py
+++ b/api/tacticalrmm/alerts/migrations/0007_auto_20210721_0423.py
@@ -0,0 +1,33 @@
 # Generated by Django 3.2.1 on 2021-07-21 04:23
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('alerts', '0006_auto_20210217_1736'),
    ]
    operations = [
        migrations.AddField(
            model_name='alerttemplate',
            name='created_by',
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='created_time',
            field=models.DateTimeField(auto_now_add=True, null=True),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='modified_by',
            field=models.CharField(blank=True, max_length=100, null=True),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='modified_time',
            field=models.DateTimeField(auto_now=True, null=True),
        ),
    ]
--- a/api/tacticalrmm/alerts/migrations/0008_auto_20210721_1757.py
+++ b/api/tacticalrmm/alerts/migrations/0008_auto_20210721_1757.py
@@ -0,0 +1,28 @@
 # Generated by Django 3.2.1 on 2021-07-21 17:57
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('alerts', '0007_auto_20210721_0423'),
    ]
    operations = [
        migrations.AddField(
            model_name='alerttemplate',
            name='agent_script_actions',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='check_script_actions',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
        migrations.AddField(
            model_name='alerttemplate',
            name='task_script_actions',
            field=models.BooleanField(blank=True, default=None, null=True),
        ),
    ]
--- a/api/tacticalrmm/alerts/migrations/0009_auto_20210721_1810.py
+++ b/api/tacticalrmm/alerts/migrations/0009_auto_20210721_1810.py
@@ -0,0 +1,28 @@
 # Generated by Django 3.2.1 on 2021-07-21 18:10
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('alerts', '0008_auto_20210721_1757'),
    ]
    operations = [
        migrations.AlterField(
            model_name='alerttemplate',
            name='agent_script_actions',
            field=models.BooleanField(blank=True, default=True, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='check_script_actions',
            field=models.BooleanField(blank=True, default=True, null=True),
        ),
        migrations.AlterField(
            model_name='alerttemplate',
            name='task_script_actions',
            field=models.BooleanField(blank=True, default=True, null=True),
        ),
    ]
--- a/Show More
+++ b/Show More