Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
gjl2004yn
jumpserver
提交
fdef282c
J
jumpserver
项目概览
gjl2004yn
/
jumpserver
与 Fork 源项目一致
从无法访问的项目Fork
通知
2
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jumpserver
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
fdef282c
编写于
8月 12, 2019
作者:
baltery
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
[Bugfix] 修复批量更新用户的bug, 导出字段添加 *
上级
a188968e
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
33 addition
and
40 deletion
+33
-40
apps/common/mixins/serializers.py
apps/common/mixins/serializers.py
+11
-5
apps/common/parsers/csv.py
apps/common/parsers/csv.py
+2
-2
apps/common/renders/csv.py
apps/common/renders/csv.py
+10
-19
apps/users/api/user.py
apps/users/api/user.py
+10
-14
未找到文件。
apps/common/mixins/serializers.py
浏览文件 @
fdef282c
# -*- coding: utf-8 -*-
#
from
django.core.exceptions
import
ObjectDoesNotExist
from
rest_framework.utils
import
html
from
rest_framework.settings
import
api_settings
from
rest_framework.exceptions
import
ValidationError
...
...
@@ -74,16 +75,21 @@ class BulkListSerializerMixin(object):
for
item
in
data
:
try
:
# prepare child serializer to only handle one instance
if
'id'
in
item
.
keys
():
self
.
child
.
instance
=
self
.
instance
.
get
(
id
=
item
[
'id'
])
if
self
.
instance
else
None
if
'pk'
in
item
.
keys
():
self
.
child
.
instance
=
self
.
instance
.
get
(
id
=
item
[
'pk'
])
if
self
.
instance
else
None
if
'id'
in
item
:
pk
=
item
[
"id"
]
elif
'pk'
in
item
:
pk
=
item
[
"pk"
]
else
:
raise
ValidationError
(
"id or pk not in data"
)
child
=
self
.
instance
.
get
(
id
=
pk
)
self
.
child
.
instance
=
child
self
.
child
.
initial_data
=
item
# raw
validated
=
self
.
child
.
run_validation
(
item
)
except
ValidationError
as
exc
:
errors
.
append
(
exc
.
detail
)
except
ObjectDoesNotExist
as
e
:
errors
.
append
(
e
)
else
:
ret
.
append
(
validated
)
errors
.
append
({})
...
...
apps/common/parsers/csv.py
浏览文件 @
fdef282c
...
...
@@ -40,7 +40,7 @@ class JMSCSVParser(BaseParser):
@
staticmethod
def
_get_fields_map
(
serializer
):
fields_map
=
{}
fields
=
serializer
.
get_fields
()
fields
=
serializer
.
fields
fields_map
.
update
({
v
.
label
:
k
for
k
,
v
in
fields
.
items
()})
fields_map
.
update
({
k
:
k
for
k
,
_
in
fields
.
items
()})
return
fields_map
...
...
@@ -91,7 +91,7 @@ class JMSCSVParser(BaseParser):
header
=
next
(
rows
)
fields_map
=
self
.
_get_fields_map
(
serializer
)
header
=
[
fields_map
.
get
(
name
,
''
)
for
name
in
header
]
header
=
[
fields_map
.
get
(
name
.
strip
(
'*'
)
,
''
)
for
name
in
header
]
data
=
[]
for
row
in
rows
:
...
...
apps/common/renders/csv.py
浏览文件 @
fdef282c
...
...
@@ -20,26 +20,18 @@ class JMSCSVRender(BaseRenderer):
format
=
'csv'
@
staticmethod
def
_get_header
(
fields
,
template
):
if
template
==
'import'
:
header
=
[
k
for
k
,
v
in
fields
.
items
()
if
not
v
.
read_only
and
k
!=
'org_id'
]
elif
template
==
'update'
:
header
=
[
k
for
k
,
v
in
fields
.
items
()
if
not
v
.
read_only
]
def
_get_show_fields
(
fields
,
template
):
if
template
in
(
'import'
,
'update'
):
return
[
v
for
k
,
v
in
fields
.
items
()
if
not
v
.
read_only
and
k
!=
"org_id"
]
else
:
# template in ['export']
header
=
[
k
for
k
,
v
in
fields
.
items
()
if
not
v
.
write_only
]
return
header
return
[
v
for
k
,
v
in
fields
.
items
()
if
not
v
.
write_only
and
k
!=
"org_id"
]
@
staticmethod
def
_gen_table
(
data
,
header
,
labels
=
None
):
labels
=
labels
or
{}
yield
[
labels
.
get
(
k
,
k
)
for
k
in
header
]
def
_gen_table
(
data
,
fields
):
yield
[
'*{}'
.
format
(
f
.
label
)
if
f
.
required
else
f
.
label
for
f
in
fields
]
for
item
in
data
:
row
=
[
item
.
get
(
key
)
for
key
in
header
]
row
=
[
item
.
get
(
f
.
field_name
)
for
f
in
fields
]
yield
row
def
set_response_disposition
(
self
,
serializer
,
context
):
...
...
@@ -73,10 +65,9 @@ class JMSCSVRender(BaseRenderer):
logger
.
debug
(
e
,
exc_info
=
True
)
value
=
'The resource not support export!'
.
encode
(
'utf-8'
)
else
:
fields
=
serializer
.
get_fields
()
header
=
self
.
_get_header
(
fields
,
template
)
labels
=
{
k
:
v
.
label
for
k
,
v
in
fields
.
items
()
if
v
.
label
}
table
=
self
.
_gen_table
(
data
,
header
,
labels
)
fields
=
serializer
.
fields
show_fields
=
self
.
_get_show_fields
(
fields
,
template
)
table
=
self
.
_gen_table
(
data
,
show_fields
)
csv_buffer
=
BytesIO
()
csv_buffer
.
write
(
codecs
.
BOM_UTF8
)
...
...
apps/users/api/user.py
浏览文件 @
fdef282c
...
...
@@ -5,10 +5,10 @@ from django.core.cache import cache
from
django.contrib.auth
import
logout
from
django.utils.translation
import
ugettext
as
_
from
rest_framework
import
status
from
rest_framework
import
generics
from
rest_framework.response
import
Response
from
rest_framework.permissions
import
IsAuthenticated
from
rest_framework.serializers
import
ValidationError
from
rest_framework_bulk
import
BulkModelViewSet
from
rest_framework.pagination
import
LimitOffsetPagination
...
...
@@ -69,9 +69,7 @@ class UserViewSet(IDInCacheFilterMixin, BulkModelViewSet):
check current user has permission to handle instance
(update, destroy, bulk_update, bulk destroy)
"""
if
not
self
.
request
.
user
.
is_superuser
and
instance
.
is_superuser
:
return
True
if
self
.
request
.
user
==
instance
:
if
instance
.
is_superuser
and
not
self
.
request
.
user
.
is_superuser
:
return
True
return
False
...
...
@@ -87,16 +85,14 @@ class UserViewSet(IDInCacheFilterMixin, BulkModelViewSet):
return
False
return
qs
.
count
()
!=
filtered
.
count
()
def
bulk_update
(
self
,
request
,
*
args
,
**
kwargs
):
"""
rewrite because limit org_admin update superuser
"""
# restrict the update to the filtered queryset
queryset
=
self
.
filter_queryset
(
self
.
get_queryset
())
if
self
.
_bulk_deny_permission
(
queryset
):
data
=
{
'msg'
:
_
(
"You do not have permission."
)}
return
Response
(
data
=
data
,
status
=
status
.
HTTP_403_FORBIDDEN
)
return
super
().
bulk_update
(
request
,
*
args
,
**
kwargs
)
def
perform_bulk_update
(
self
,
serializer
):
users_ids
=
[
d
.
get
(
"id"
)
or
d
.
get
(
"pk"
)
for
d
in
serializer
.
validated_data
]
users
=
User
.
objects
.
filter
(
id__in
=
users_ids
)
deny_instances
=
[
str
(
i
.
id
)
for
i
in
users
if
self
.
_deny_permission
(
i
)]
if
deny_instances
:
msg
=
"{} can't be update"
.
format
(
deny_instances
)
raise
ValidationError
({
"id"
:
msg
})
return
super
().
perform_bulk_update
(
serializer
)
class
UserChangePasswordApi
(
generics
.
RetrieveUpdateAPIView
):
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录