Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gjl2004yn
jumpserver
提交
3e78d627
J
jumpserver
项目概览
gjl2004yn
/
jumpserver
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jumpserver
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
3e78d627
编写于
11月 17, 2020
作者:
X
xinwen
提交者:
baltery
11月 17, 2020
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix(perms): 作业中心-批量命令-选择系统用户之后,左侧资产列表未筛选,还是全部资产
上级
31cd441a
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
140 addition
and
30 deletion
+140
-30
apps/assets/models/favorite_asset.py
apps/assets/models/favorite_asset.py
+6
-2
apps/perms/api/asset/user_permission/user_permission_nodes.py
.../perms/api/asset/user_permission/user_permission_nodes.py
+9
-2
apps/perms/api/asset/user_permission/user_permission_nodes_with_assets.py
...sset/user_permission/user_permission_nodes_with_assets.py
+100
-13
apps/perms/utils/asset/user_permission.py
apps/perms/utils/asset/user_permission.py
+25
-13
未找到文件。
apps/assets/models/favorite_asset.py
浏览文件 @
3e78d627
...
...
@@ -20,9 +20,13 @@ class FavoriteAsset(CommonModelMixin):
return
cls
.
objects
.
filter
(
user
=
user
).
values_list
(
'asset'
,
flat
=
True
)
@
classmethod
def
get_user_favorite_assets
(
cls
,
user
):
def
get_user_favorite_assets
(
cls
,
user
,
asset_perms_id
=
None
):
from
assets.models
import
Asset
from
perms.utils.asset.user_permission
import
get_user_granted_all_assets
asset_ids
=
get_user_granted_all_assets
(
user
).
values_list
(
'id'
,
flat
=
True
)
asset_ids
=
get_user_granted_all_assets
(
user
,
via_mapping_node
=
False
,
asset_perms_id
=
asset_perms_id
).
values_list
(
'id'
,
flat
=
True
)
query_name
=
cls
.
asset
.
field
.
related_query_name
()
return
Asset
.
org_objects
.
filter
(
**
{
f
'
{
query_name
}
__user_id'
:
user
.
id
},
id__in
=
asset_ids
).
distinct
()
apps/perms/api/asset/user_permission/user_permission_nodes.py
浏览文件 @
3e78d627
# -*- coding: utf-8 -*-
#
import
abc
from
django.conf
import
settings
from
rest_framework.generics
import
(
ListAPIView
)
...
...
@@ -16,7 +17,8 @@ from perms.utils.asset.user_permission import (
get_indirect_granted_node_children
,
get_user_granted_nodes_list_via_mapping_node
,
get_top_level_granted_nodes
,
rebuild_user_tree_if_need
,
rebuild_user_tree_if_need
,
get_favorite_node
,
get_ungrouped_node
)
...
...
@@ -113,7 +115,12 @@ class UserGrantedNodesMixin:
user
:
User
def
get_nodes
(
self
):
return
get_user_granted_nodes_list_via_mapping_node
(
self
.
user
)
nodes
=
[]
if
settings
.
PERM_SINGLE_ASSET_TO_UNGROUP_NODE
:
nodes
.
append
(
get_ungrouped_node
(
self
.
user
))
nodes
.
append
(
get_favorite_node
(
self
.
user
))
nodes
.
extend
(
get_user_granted_nodes_list_via_mapping_node
(
self
.
user
))
return
nodes
# ------------------------------------------
...
...
apps/perms/api/asset/user_permission/user_permission_nodes_with_assets.py
浏览文件 @
3e78d627
# -*- coding: utf-8 -*-
#
from
itertools
import
chain
from
rest_framework.generics
import
ListAPIView
from
rest_framework.request
import
Request
from
rest_framework.response
import
Response
from
django.db.models
import
F
from
django.db.models
import
F
,
Value
,
CharField
,
Q
from
django.conf
import
settings
from
orgs.utils
import
tmp_to_root_org
from
common.permissions
import
IsValidUser
...
...
@@ -14,9 +17,12 @@ from perms.utils.asset.user_permission import (
get_user_direct_granted_assets
,
get_top_level_granted_nodes
,
get_user_granted_nodes_list_via_mapping_node
,
get_user_granted_all_assets
,
rebuild_user_tree_if_need
,
get_user_all_assetpermissions_id
,
get_user_all_assetpermissions_id
,
get_favorite_node
,
get_ungrouped_node
,
compute_tmp_mapping_node_from_perm
,
TMP_GRANTED_FIELD
,
count_direct_granted_node_assets
,
count_node_all_granted_assets
)
from
perms.models
import
AssetPermission
from
assets.models
import
Asset
,
FavoriteAsset
from
assets.api
import
SerializeToTreeNodeMixin
from
perms.hands
import
Node
...
...
@@ -27,6 +33,78 @@ logger = get_logger(__name__)
class
MyGrantedNodesWithAssetsAsTreeApi
(
SerializeToTreeNodeMixin
,
ListAPIView
):
permission_classes
=
(
IsValidUser
,)
def
add_ungrouped_resource
(
self
,
data
:
list
,
user
,
asset_perms_id
):
if
not
settings
.
PERM_SINGLE_ASSET_TO_UNGROUP_NODE
:
return
ungrouped_node
=
get_ungrouped_node
(
user
,
asset_perms_id
=
asset_perms_id
)
direct_granted_assets
=
get_user_direct_granted_assets
(
user
,
asset_perms_id
=
asset_perms_id
).
annotate
(
parent_key
=
Value
(
ungrouped_node
.
key
,
output_field
=
CharField
())
).
prefetch_related
(
'platform'
)
data
.
extend
(
self
.
serialize_nodes
([
ungrouped_node
],
with_asset_amount
=
True
))
data
.
extend
(
self
.
serialize_assets
(
direct_granted_assets
))
def
add_favorite_resource
(
self
,
data
:
list
,
user
,
asset_perms_id
):
favorite_node
=
get_favorite_node
(
user
,
asset_perms_id
)
favorite_assets
=
FavoriteAsset
.
get_user_favorite_assets
(
user
,
asset_perms_id
=
asset_perms_id
).
annotate
(
parent_key
=
Value
(
favorite_node
.
key
,
output_field
=
CharField
())
).
prefetch_related
(
'platform'
)
data
.
extend
(
self
.
serialize_nodes
([
favorite_node
],
with_asset_amount
=
True
))
data
.
extend
(
self
.
serialize_assets
(
favorite_assets
))
def
add_node_filtered_by_system_user
(
self
,
data
:
list
,
user
,
asset_perms_id
):
tmp_nodes
=
compute_tmp_mapping_node_from_perm
(
user
,
asset_perms_id
=
asset_perms_id
)
granted_nodes_key
=
[]
for
_node
in
tmp_nodes
:
_granted
=
getattr
(
_node
,
TMP_GRANTED_FIELD
,
False
)
if
not
_granted
:
if
settings
.
PERM_SINGLE_ASSET_TO_UNGROUP_NODE
:
assets_amount
=
count_direct_granted_node_assets
(
user
,
_node
.
key
,
asset_perms_id
)
else
:
assets_amount
=
count_node_all_granted_assets
(
user
,
_node
.
key
,
asset_perms_id
)
_node
.
assets_amount
=
assets_amount
else
:
granted_nodes_key
.
append
(
_node
.
key
)
# 查询他们的子节点
q
=
Q
()
for
_key
in
granted_nodes_key
:
q
|=
Q
(
key__startswith
=
f
'
{
_key
}
:'
)
if
q
:
descendant_nodes
=
Node
.
objects
.
filter
(
q
).
distinct
()
else
:
descendant_nodes
=
Node
.
objects
.
none
()
data
.
extend
(
self
.
serialize_nodes
(
chain
(
tmp_nodes
,
descendant_nodes
),
with_asset_amount
=
True
))
def
add_assets
(
self
,
data
:
list
,
user
,
asset_perms_id
):
if
settings
.
PERM_SINGLE_ASSET_TO_UNGROUP_NODE
:
all_assets
=
get_user_granted_all_assets
(
user
,
via_mapping_node
=
False
,
include_direct_granted_assets
=
False
,
asset_perms_id
=
asset_perms_id
)
else
:
all_assets
=
get_user_granted_all_assets
(
user
,
via_mapping_node
=
False
,
include_direct_granted_assets
=
True
,
asset_perms_id
=
asset_perms_id
)
all_assets
=
all_assets
.
annotate
(
parent_key
=
F
(
'nodes__key'
)
).
prefetch_related
(
'platform'
)
data
.
extend
(
self
.
serialize_assets
(
all_assets
))
@
tmp_to_root_org
()
def
list
(
self
,
request
:
Request
,
*
args
,
**
kwargs
):
"""
...
...
@@ -38,16 +116,25 @@ class MyGrantedNodesWithAssetsAsTreeApi(SerializeToTreeNodeMixin, ListAPIView):
"""
user
=
request
.
user
rebuild_user_tree_if_need
(
request
,
user
)
all_nodes
=
get_user_granted_nodes_list_via_mapping_node
(
user
)
all_assets
=
get_user_granted_all_assets
(
user
)
all_assets
=
all_assets
.
annotate
(
parent_key
=
F
(
'nodes__key'
))
all_assets
=
all_assets
.
prefetch_related
(
'platform'
)
data
=
[
*
self
.
serialize_nodes
(
all_nodes
,
with_asset_amount
=
True
),
*
self
.
serialize_assets
(
all_assets
)
]
data
=
[]
asset_perms_id
=
get_user_all_assetpermissions_id
(
user
)
system_user_id
=
request
.
query_params
.
get
(
'system_user'
)
if
system_user_id
:
asset_perms_id
=
list
(
AssetPermission
.
objects
.
valid
().
filter
(
id__in
=
asset_perms_id
,
system_users__id
=
system_user_id
,
actions__gt
=
0
).
values_list
(
'id'
,
flat
=
True
).
distinct
())
self
.
add_ungrouped_resource
(
data
,
user
,
asset_perms_id
)
self
.
add_favorite_resource
(
data
,
user
,
asset_perms_id
)
if
system_user_id
:
self
.
add_node_filtered_by_system_user
(
data
,
user
,
asset_perms_id
)
else
:
all_nodes
=
get_user_granted_nodes_list_via_mapping_node
(
user
)
data
.
extend
(
self
.
serialize_nodes
(
all_nodes
,
with_asset_amount
=
True
))
self
.
add_assets
(
data
,
user
,
asset_perms_id
)
return
Response
(
data
=
data
)
...
...
apps/perms/utils/asset/user_permission.py
浏览文件 @
3e78d627
...
...
@@ -311,8 +311,12 @@ def get_user_granted_nodes_list_via_mapping_node(user):
return
all_nodes
def
get_user_granted_all_assets
(
user
,
via_mapping_node
=
True
):
asset_perms_id
=
get_user_all_assetpermissions_id
(
user
)
def
get_user_granted_all_assets
(
user
,
via_mapping_node
=
True
,
include_direct_granted_assets
=
True
,
asset_perms_id
=
None
):
if
asset_perms_id
is
None
:
asset_perms_id
=
get_user_all_assetpermissions_id
(
user
)
if
via_mapping_node
:
granted_node_keys
=
UserGrantedMappingNode
.
objects
.
filter
(
user
=
user
,
granted
=
True
,
...
...
@@ -328,10 +332,16 @@ def get_user_granted_all_assets(user, via_mapping_node=True):
granted_node_q
|=
Q
(
nodes__key__startswith
=
f
'
{
_key
}
:'
)
granted_node_q
|=
Q
(
nodes__key
=
_key
)
assets__id
=
get_user_direct_granted_assets
(
user
,
asset_perms_id
).
values_list
(
'id'
,
flat
=
True
)
if
include_direct_granted_assets
:
assets__id
=
get_user_direct_granted_assets
(
user
,
asset_perms_id
).
values_list
(
'id'
,
flat
=
True
)
q
=
granted_node_q
|
Q
(
id__in
=
list
(
assets__id
))
else
:
q
=
granted_node_q
q
=
granted_node_q
|
Q
(
id__in
=
list
(
assets__id
))
return
Asset
.
org_objects
.
filter
(
q
).
distinct
()
if
q
:
return
Asset
.
org_objects
.
filter
(
q
).
distinct
()
else
:
return
Asset
.
org_objects
.
none
()
def
get_node_all_granted_assets
(
user
:
User
,
key
):
...
...
@@ -484,13 +494,15 @@ def get_user_direct_granted_assets(user, asset_perms_id=None):
return
assets
def
count_user_direct_granted_assets
(
user
):
count
=
get_user_direct_granted_assets
(
user
).
values_list
(
'id'
).
count
()
def
count_user_direct_granted_assets
(
user
,
asset_perms_id
=
None
):
count
=
get_user_direct_granted_assets
(
user
,
asset_perms_id
=
asset_perms_id
).
values_list
(
'id'
).
count
()
return
count
def
get_ungrouped_node
(
user
):
assets_amount
=
count_user_direct_granted_assets
(
user
)
def
get_ungrouped_node
(
user
,
asset_perms_id
=
None
):
assets_amount
=
count_user_direct_granted_assets
(
user
,
asset_perms_id
)
return
Node
(
id
=
UNGROUPED_NODE_KEY
,
key
=
UNGROUPED_NODE_KEY
,
...
...
@@ -499,10 +511,10 @@ def get_ungrouped_node(user):
)
def
get_favorite_node
(
user
):
assets_amount
=
FavoriteAsset
.
get_user_favorite_assets
(
user
)
\
.
values_list
(
'id'
)
\
.
count
()
def
get_favorite_node
(
user
,
asset_perms_id
=
None
):
assets_amount
=
FavoriteAsset
.
get_user_favorite_assets
(
user
,
asset_perms_id
=
asset_perms_id
).
values_list
(
'id'
)
.
count
()
return
Node
(
id
=
FAVORITE_NODE_KEY
,
key
=
FAVORITE_NODE_KEY
,
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录