refactor(perms): 在动态用户所绑定的授权规则中，如授权给用户组，当用户组增加成员后，动态系统用户下没有相应增加用户，因此也不会自动推送 (#5084)

50bb04de · xinwen · GitHub · a7209863 · 50bb04de · 50bb04de
隐藏空白更改
内联并排

Showing with 36 addition and 34 deletion

apps/perms/signals_handler.py apps/perms/signals_handler.py +36 -23

apps/users/signals_handler.py apps/users/signals_handler.py +0 -11

未找到文件。
--- a/apps/perms/signals_handler.py
+++ b/apps/perms/signals_handler.py
@@ -16,6 +16,42 @@ from .models import AssetPermission, RemoteAppPermission
 logger = get_logger(__file__)


+def handle_rebuild_user_tree(instance, action, reverse, pk_set, **kwargs):
+    if action.startswith('post'):
+        if reverse:
+            create_rebuild_user_tree_task(pk_set)
+        else:
+            create_rebuild_user_tree_task([instance.id])
+
+
+def handle_bind_groups_systemuser(instance, action, reverse, pk_set, **kwargs):
+    """
+    UserGroup 增加 User 时，增加的 User 需要与 UserGroup 关联的动态系统用户相关联
+    """
+    user: User
+
+    if action != POST_ADD:
+        return
+
+    if not reverse:
+        # 一个用户添加了多个用户组
+        users_id = [instance.id]
+        system_users = SystemUser.objects.filter(groups__id__in=pk_set).distinct()
+    else:
+        # 一个用户组添加了多个用户
+        users_id = pk_set
+        system_users = SystemUser.objects.filter(groups__id=instance.pk).distinct()
+
+    for system_user in system_users:
+        system_user.users.add(*users_id)
+
+
+@receiver(m2m_changed, sender=User.groups.through)
+def on_user_groups_change(**kwargs):
+    handle_rebuild_user_tree(**kwargs)
+    handle_bind_groups_systemuser(**kwargs)
+
+
 @receiver([pre_save], sender=AssetPermission)
 def on_asset_perm_deactive(instance: AssetPermission, **kwargs):
    try:
@@ -208,26 +244,3 @@ def on_node_asset_change(action, instance, reverse, pk_set, **kwargs):
        node_pk_set = pk_set

    create_rebuild_user_tree_task_by_related_nodes_or_assets.delay(node_pk_set, asset_pk_set)
-
-
-@receiver(m2m_changed, sender=User.groups.through)
-def on_user_groups_change(instance, action, reverse, pk_set, model, **kwargs):
-    """
-    UserGroup 增加 User 时，增加的 User 需要与 UserGroup 关联的动态系统用户相关联
-    """
-    user: User
-
-    if action != POST_ADD:
-        return
-
-    if not reverse:
-        # 一个用户添加了多个用户组
-        users_id = [instance.id]
-        system_users = SystemUser.objects.filter(groups__id__in=pk_set).distinct()
-    else:
-        # 一个用户组添加了多个用户
-        users_id = pk_set
-        system_users = SystemUser.objects.filter(groups__id=instance.pk).distinct()
-
-    for system_user in system_users:
-        system_user.users.add(*users_id)
--- a/apps/users/signals_handler.py
+++ b/apps/users/signals_handler.py
@@ -2,14 +2,12 @@
 #

 from django.dispatch import receiver
-from django.db.models.signals import m2m_changed
 from django_auth_ldap.backend import populate_user
 from django.conf import settings
 from django_cas_ng.signals import cas_user_authenticated

 from jms_oidc_rp.signals import openid_create_or_update_user

-from perms.tasks import create_rebuild_user_tree_task
 from common.utils import get_logger
 from .signals import post_user_create
 from .models import User
@@ -27,15 +25,6 @@ def on_user_create(sender, user=None, **kwargs):
        send_user_created_mail(user)


-@receiver(m2m_changed, sender=User.groups.through)
-def on_user_groups_change(instance, action, reverse, pk_set, **kwargs):
-    if action.startswith('post'):
-        if reverse:
-            create_rebuild_user_tree_task(pk_set)
-        else:
-            create_rebuild_user_tree_task([instance.id])
-
-
 @receiver(cas_user_authenticated)
 def on_cas_user_authenticated(sender, user, created, **kwargs):
    if created: