[Update] 抽象BasePermission (#2710)

* [Update] AssetPermission/RemoteAppPermission抽象BasePermission * [Update] Perms模块添加迁移文件 * [Update] Perms删除多余迁移文件 * [Update] Perms重新生成RemoteAppPermission迁移文件

[Update] 抽象BasePermission (#2710)
* [Update] AssetPermission/RemoteAppPermission抽象BasePermission * [Update] Perms模块添加迁移文件 * [Update] Perms删除多余迁移文件 * [Update] Perms重新生成RemoteAppPermission迁移文件
d906df5b · BaiJiangJie · baltery · 22f362aa · d906df5b · d906df5b
6 changed file
--- a/apps/perms/migrations/0005_auto_20190520_1904.py
+++ b/apps/perms/migrations/0005_auto_20190520_1904.py
-# Generated by Django 2.1.7 on 2019-05-20 11:04
+# Generated by Django 2.1.7 on 2019-05-21 08:19

 import common.utils.django
 from django.conf import settings
@@ -10,9 +10,9 @@ import uuid
 class Migration(migrations.Migration):

    dependencies = [
-        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
-        ('applications', '0001_initial'),
        ('users', '0019_auto_20190304_1459'),
+        ('applications', '0001_initial'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('perms', '0004_assetpermission_actions'),
    ]

@@ -29,15 +29,25 @@ class Migration(migrations.Migration):
                ('created_by', models.CharField(blank=True, max_length=128, verbose_name='Created by')),
                ('date_created', models.DateTimeField(auto_now_add=True, verbose_name='Date created')),
                ('comment', models.TextField(blank=True, verbose_name='Comment')),
-                ('remote_apps', models.ManyToManyField(blank=True, related_name='remote_app_permissions', to='applications.RemoteApp', verbose_name='RemoteApp')),
-                ('user_groups', models.ManyToManyField(blank=True, related_name='remote_app_permissions', to='users.UserGroup', verbose_name='User group')),
-                ('users', models.ManyToManyField(blank=True, related_name='remote_app_permissions', to=settings.AUTH_USER_MODEL, verbose_name='User')),
+                ('remote_apps', models.ManyToManyField(blank=True, related_name='granted_by_permissions', to='applications.RemoteApp', verbose_name='RemoteApp')),
+                ('user_groups', models.ManyToManyField(blank=True, to='users.UserGroup', verbose_name='User group')),
+                ('users', models.ManyToManyField(blank=True, to=settings.AUTH_USER_MODEL, verbose_name='User')),
            ],
            options={
                'verbose_name': 'RemoteApp permission',
                'ordering': ('name',),
            },
        ),
+        migrations.AlterField(
+            model_name='assetpermission',
+            name='user_groups',
+            field=models.ManyToManyField(blank=True, to='users.UserGroup', verbose_name='User group'),
+        ),
+        migrations.AlterField(
+            model_name='assetpermission',
+            name='users',
+            field=models.ManyToManyField(blank=True, to=settings.AUTH_USER_MODEL, verbose_name='User'),
+        ),
        migrations.AlterUniqueTogether(
            name='remoteapppermission',
            unique_together={('org_id', 'name')},

--- a/apps/perms/models/asset_permission.py
+++ b/apps/perms/models/asset_permission.py
@@ -2,12 +2,12 @@ import uuid

 from django.db import models
 from django.utils.translation import ugettext_lazy as _
-from django.utils import timezone

 from common.utils import date_expired_default, set_or_append_attr_bulk
-from orgs.mixins import OrgModelMixin, OrgManager
+from orgs.mixins import OrgModelMixin

-from perms.const import PERMS_ACTION_NAME_CHOICES, PERMS_ACTION_NAME_ALL
+from ..const import PERMS_ACTION_NAME_CHOICES, PERMS_ACTION_NAME_ALL
+from .base import BasePermission


 __all__ = [
@@ -33,69 +33,16 @@ class Action(models.Model):
        return cls.objects.get(name=PERMS_ACTION_NAME_ALL)


-class AssetPermissionQuerySet(models.QuerySet):
-    def active(self):
-        return self.filter(is_active=True)
-
-    def valid(self):
-        return self.active().filter(date_start__lt=timezone.now())\
-            .filter(date_expired__gt=timezone.now())
-
-
-class AssetPermissionManager(OrgManager):
-    def valid(self):
-        return self.get_queryset().valid()
-
-
-class AssetPermission(OrgModelMixin):
-    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
-    name = models.CharField(max_length=128, verbose_name=_('Name'))
-    users = models.ManyToManyField('users.User', related_name='asset_permissions', blank=True, verbose_name=_("User"))
-    user_groups = models.ManyToManyField('users.UserGroup', related_name='asset_permissions', blank=True, verbose_name=_("User group"))
+class AssetPermission(OrgModelMixin, BasePermission):
    assets = models.ManyToManyField('assets.Asset', related_name='granted_by_permissions', blank=True, verbose_name=_("Asset"))
    nodes = models.ManyToManyField('assets.Node', related_name='granted_by_permissions', blank=True, verbose_name=_("Nodes"))
    system_users = models.ManyToManyField('assets.SystemUser', related_name='granted_by_permissions', verbose_name=_("System user"))
    actions = models.ManyToManyField('Action', related_name='permissions', blank=True, verbose_name=_('Action'))
-    is_active = models.BooleanField(default=True, verbose_name=_('Active'))
-    date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start"))
-    date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired'))
-    created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))
-    date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created'))
-    comment = models.TextField(verbose_name=_('Comment'), blank=True)
-
-    objects = AssetPermissionManager.from_queryset(AssetPermissionQuerySet)()

    class Meta:
        unique_together = [('org_id', 'name')]
        verbose_name = _("Asset permission")

-    def __str__(self):
-        return self.name
-
-    @property
-    def id_str(self):
-        return str(self.id)
-
-    @property
-    def is_expired(self):
-        if self.date_expired > timezone.now() > self.date_start:
-            return False
-        return True
-
-    @property
-    def is_valid(self):
-        if not self.is_expired and self.is_active:
-            return True
-        return False
-
-    def get_all_users(self):
-        users = set(self.users.all())
-        for group in self.user_groups.all():
-            _users = group.users.all()
-            set_or_append_attr_bulk(_users, 'inherit', group.name)
-            users.update(set(_users))
-        return users
-
    def get_all_assets(self):
        assets = set(self.assets.all())
        for node in self.nodes.all():

--- a/apps/perms/models/base.py
+++ b/apps/perms/models/base.py
+#  coding: utf-8
+#
+
+import uuid
+from django.utils.translation import ugettext_lazy as _
+from django.db import models
+from django.utils import timezone
+
+from common.utils import date_expired_default, set_or_append_attr_bulk
+from orgs.mixins import OrgManager
+
+
+__all__ = [
+    'BasePermission',
+]
+
+
+class BasePermissionQuerySet(models.QuerySet):
+    def active(self):
+        return self.filter(is_active=True)
+
+    def valid(self):
+        return self.active().filter(date_start__lt=timezone.now()) \
+            .filter(date_expired__gt=timezone.now())
+
+
+class BasePermissionManager(OrgManager):
+    def valid(self):
+        return self.get_queryset().valid()
+
+
+class BasePermission(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    name = models.CharField(max_length=128, verbose_name=_('Name'))
+    users = models.ManyToManyField('users.User', blank=True, verbose_name=_("User"))
+    user_groups = models.ManyToManyField('users.UserGroup', blank=True, verbose_name=_("User group"))
+    is_active = models.BooleanField(default=True, verbose_name=_('Active'))
+    date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start"))
+    date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired'))
+    created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))
+    date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created'))
+    comment = models.TextField(verbose_name=_('Comment'), blank=True)
+
+    objects = BasePermissionManager.from_queryset(BasePermissionQuerySet)()
+
+    class Meta:
+        abstract = True
+
+    def __str__(self):
+        return self.name
+
+    @property
+    def id_str(self):
+        return str(self.id)
+
+    @property
+    def is_expired(self):
+        if self.date_expired > timezone.now() > self.date_start:
+            return False
+        return True
+
+    @property
+    def is_valid(self):
+        if not self.is_expired and self.is_active:
+            return True
+        return False
+
+    def get_all_users(self):
+        users = set(self.users.all())
+        for group in self.user_groups.all():
+            _users = group.users.all()
+            set_or_append_attr_bulk(_users, 'inherit', group.name)
+            users.update(set(_users))
+        return users
--- a/apps/perms/models/remote_app_permission.py
+++ b/apps/perms/models/remote_app_permission.py
 #  coding: utf-8
 #

-import uuid
 from django.db import models
-from django.utils import timezone
 from django.utils.translation import ugettext_lazy as _

-from orgs.mixins import OrgModelMixin, OrgManager
-from common.utils import date_expired_default, set_or_append_attr_bulk
+from orgs.mixins import OrgModelMixin
+
+from .base import BasePermission

 __all__ = [
    'RemoteAppPermission',
 ]


-class RemoteAppPermissionQuerySet(models.QuerySet):
-    def active(self):
-        return self.filter(is_active=True)
-
-    def valid(self):
-        return self.active().filter(date_start__lt=timezone.now())\
-            .filter(date_expired__gt=timezone.now())
-
-
-class RemoteAppPermissionManager(OrgManager):
-    def valid(self):
-        return self.get_queryset().valid()
-
-
-class RemoteAppPermission(OrgModelMixin):
-    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
-    name = models.CharField(max_length=128, verbose_name=_('Name'))
-    users = models.ManyToManyField('users.User', related_name='remote_app_permissions', blank=True, verbose_name=_("User"))
-    user_groups = models.ManyToManyField('users.UserGroup', related_name='remote_app_permissions', blank=True, verbose_name=_("User group"))
-    remote_apps = models.ManyToManyField('applications.RemoteApp', related_name='remote_app_permissions', blank=True, verbose_name=_("RemoteApp"))
-    is_active = models.BooleanField(default=True, verbose_name=_('Active'))
-    date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start"))
-    date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired'))
-    created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))
-    date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created'))
-    comment = models.TextField(verbose_name=_('Comment'), blank=True)
-
-    objects = RemoteAppPermissionManager.from_queryset(RemoteAppPermissionQuerySet)()
+class RemoteAppPermission(OrgModelMixin, BasePermission):
+    remote_apps = models.ManyToManyField('applications.RemoteApp', related_name='granted_by_permissions', blank=True, verbose_name=_("RemoteApp"))

    class Meta:
        unique_together = [('org_id', 'name')]
        verbose_name = _('RemoteApp permission')
        ordering = ('name',)

-    def __str__(self):
-        return self.name
-
-    @property
-    def is_expired(self):
-        if self.date_expired > timezone.now() > self.date_start:
-            return False
-        return True
-
-    @property
-    def is_valid(self):
-        if not self.is_expired and self.is_active:
-            return True
-        return False
-
-    def get_all_users(self):
-        users = set(self.users.all())
-        for group in self.user_groups.all():
-            _users = group.users.all()
-            set_or_append_attr_bulk(_users, 'inherit', group.name)
-            users.update(set(_users))
-        return users
-
    def get_all_remote_apps(self):
        return set(self.remote_apps.all())
--- a/apps/perms/views/asset_permission.py
+++ b/apps/perms/views/asset_permission.py
@@ -130,10 +130,10 @@ class AssetPermissionUserView(AdminUserRequiredMixin,
            'app': _('Perms'),
            'action': _('Asset permission user list'),
            'users_remain': current_org.get_org_users().exclude(
-                asset_permissions=self.object
+                assetpermission=self.object
            ),
            'user_groups_remain': UserGroup.objects.exclude(
-                asset_permissions=self.object
+                assetpermission=self.object
            )
        }
        kwargs.update(context)

--- a/apps/perms/views/remote_app_permission.py
+++ b/apps/perms/views/remote_app_permission.py
@@ -102,10 +102,10 @@ class RemoteAppPermissionUserView(AdminUserRequiredMixin,
            'app': _('Perms'),
            'action': _('RemoteApp permission user list'),
            'users_remain': current_org.get_org_users().exclude(
-                remote_app_permissions=self.object
+                remoteapppermissions=self.object
            ),
            'user_groups_remain': UserGroup.objects.exclude(
-                remote_app_permissions=self.object
+                remoteapppermissions=self.object
            )
        }
        kwargs.update(context)