jumpserver/apps/perms/forms/asset_permission.py

# ~*~ coding: utf-8 ~*~

from __future__ import absolute_import, unicode_literals
from django import forms
from django.utils.translation import ugettext_lazy as _

from orgs.mixins import OrgModelForm
from orgs.utils import current_org
from assets.models import Asset, Node
from ..models import AssetPermission, Action

__all__ = [
    'AssetPermissionForm',
]


class ActionField(forms.MultipleChoiceField):
    def __init__(self, *args, **kwargs):
        kwargs['choices'] = Action.CHOICES
        kwargs['initial'] = Action.ALL
        kwargs['label'] = _("Action")
        kwargs['widget'] = forms.CheckboxSelectMultiple()
        super().__init__(*args, **kwargs)

    def to_python(self, value):
        value = super().to_python(value)
        return Action.choices_to_value(value)

    def prepare_value(self, value):
        if value is None:
            return value
        value = Action.value_to_choices(value)
        return value


class AssetPermissionForm(OrgModelForm):
    actions = ActionField()

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        users_field = self.fields.get('users')
        users_field.queryset = current_org.get_org_users()

        nodes_field = self.fields['nodes']
        nodes_field.choices = ((n.id, n.full_value) for n in Node.get_queryset())

        # 前端渲染优化, 防止过多资产
        if not self.data:
            instance = kwargs.get('instance')
            assets_field = self.fields['assets']
            if instance:
                assets_field.queryset = instance.assets.all()
            else:
                assets_field.queryset = Asset.objects.none()

    class Meta:
        model = AssetPermission
        exclude = (
            'id', 'date_created', 'created_by', 'org_id'
        )
        widgets = {
            'users': forms.SelectMultiple(
                attrs={'class': 'select2', 'data-placeholder': _("User")}
            ),
            'user_groups': forms.SelectMultiple(
                attrs={'class': 'select2', 'data-placeholder': _("User group")}
            ),
            'assets': forms.SelectMultiple(
                attrs={'class': 'select2', 'data-placeholder': _("Asset")}
            ),
            'nodes': forms.SelectMultiple(
                attrs={'class': 'select2', 'data-placeholder': _("Node")}
            ),
            'system_users': forms.SelectMultiple(
                attrs={'class': 'select2', 'data-placeholder': _('System user')}
            ),
        }
        labels = {
            'nodes': _("Node"),
        }
        help_texts = {
            'actions': _('Tips: The RDP protocol does not support separate '
                        'controls for uploading or downloading files')
        }

    def clean_user_groups(self):
        users = self.cleaned_data.get('users')
        user_groups = self.cleaned_data.get('user_groups')

        if not users and not user_groups:
            raise forms.ValidationError(
                _("User or group at least one required"))
        return self.cleaned_data["user_groups"]

    def clean_asset_groups(self):
        assets = self.cleaned_data.get('assets')
        asset_groups = self.cleaned_data.get('asset_groups')

        if not assets and not asset_groups:
            raise forms.ValidationError(
                _("Asset or group at least one required"))

        return self.cleaned_data["asset_groups"]
Add user perm 2016-09-10 13:08:10 +00:00			`# ~~ coding: utf-8 ~~`

			`from __future__ import absolute_import, unicode_literals`
			`from django import forms`
			`from django.utils.translation import ugettext_lazy as _`

[Update] stash it 2018-07-18 04:57:08 +00:00			`from orgs.mixins import OrgModelForm`
[Update] 修改get_current_org 为 proxy对象 current_org 2018-07-20 09:49:47 +00:00			`from orgs.utils import current_org`
[Update] 优化树结构 2019-06-27 13:43:10 +00:00			`from assets.models import Asset, Node`
[Update] 修正migrations 2019-07-02 08:45:26 +00:00			`from ..models import AssetPermission, Action`
Add user perm 2016-09-10 13:08:10 +00:00
[Feature] 添加功能 RemoteApp (#2706) * [Feature] RemoteApp添加Model * [Feature] RemoteApp添加ViewSet API * [Feature] RemoteApp添加获取connection-info API * [Feature] Perms模块修改目录结构 * [Feature] RemoteAppPermission添加Model * [Feature] RemoteAppPermission添加ViewSet API * [Feature] RemoteAppPermission添加用户/用户组获取被授权的RemoteApp API * [Feature] RemoteAppPermission添加校验用户对RemoteApp的权限 API * [Feature] RemoteAppPermission添加获取用户授权的RemoteApp树 API * [Feature] RemoteAppPermission添加<添加/移除>所授权的<用户/RemoteApp> API * [Feature] RemoteApp添加创建、更新、详情、删除、用户RemoteApp等页面 * [Feature] RemoteAppPermission添加创建、更新、详情、删除、授权用户、授权RemoteApp等页面 * [Feature] RemoteApp从assets模块迁移到新添加的applications模块 * [Feature] RemoteApp/RemoteAppPermission添加迁移文件 * [Feature] RemoteApp/RemoteAppPermission修改小细节 * [Feature] RemoteApp/RemoteAppPermission修改小细节2 * [Feature] RemoteApp/RemoteAppPermission修改小细节3 * [Feature] RemoteApp更新迁移文件 * [Feature] RemoteApp/RemoteAppPermission添加翻译信息 * [Feature] RemoteApp/RemoteAppPermission删除迁移文件 * [Feature] RemoteApp/RemoteAppPermission添加迁移文件 * [Feature] RemoteApp/RemoteAppPermission修改代码风格 2019-05-20 11:39:53 +00:00			`__all__ = [`
			`'AssetPermissionForm',`
			`]`

Add user perm 2016-09-10 13:08:10 +00:00
[Update] 修改Permission 2019-06-30 12:10:34 +00:00			`class ActionField(forms.MultipleChoiceField):`
			`def __init__(self, args, *kwargs):`
[Update] 修正migrations 2019-07-02 08:45:26 +00:00			`kwargs['choices'] = Action.CHOICES`
			`kwargs['initial'] = Action.ALL`
[Update] 修改Permission 2019-06-30 12:10:34 +00:00			`kwargs['label'] = _("Action")`
			`kwargs['widget'] = forms.CheckboxSelectMultiple()`
			`super().__init__(args, *kwargs)`

			`def to_python(self, value):`
			`value = super().to_python(value)`
[Update] 修正migrations 2019-07-02 08:45:26 +00:00			`return Action.choices_to_value(value)`
[Update] 修改Permission 2019-06-30 12:10:34 +00:00
			`def prepare_value(self, value):`
			`if value is None:`
			`return value`
[Update] 修正migrations 2019-07-02 08:45:26 +00:00			`value = Action.value_to_choices(value)`
[Update] 修改Permission 2019-06-30 12:10:34 +00:00			`return value`


[Update] stash it 2018-07-18 04:57:08 +00:00			`class AssetPermissionForm(OrgModelForm):`
[Update] 修复授权规则更新失败的bug 2019-07-05 08:34:37 +00:00			`actions = ActionField()`
[Update] 修改Permission 2019-06-30 12:10:34 +00:00
[Update] stash it 2018-07-18 04:57:08 +00:00			`def __init__(self, args, *kwargs):`
			`super().__init__(args, *kwargs)`
			`users_field = self.fields.get('users')`
[Update] 修改permission actions 2019-06-28 14:07:22 +00:00			`users_field.queryset = current_org.get_org_users()`
[Update] 优化资产选择 (#2267) * [Update] 优化资产选择 * [Update] 优化资产任务 2018-12-25 05:33:37 +00:00
Bugfix (#2944) * [Update] 修改assets * [Update] 修改nodes 2019-07-15 06:36:11 +00:00			`nodes_field = self.fields['nodes']`
			`nodes_field.choices = ((n.id, n.full_value) for n in Node.get_queryset())`

[Update] 优化资产选择 (#2267) * [Update] 优化资产选择 * [Update] 优化资产任务 2018-12-25 05:33:37 +00:00			`# 前端渲染优化, 防止过多资产`
			`if not self.data:`
			`instance = kwargs.get('instance')`
[Update] 修改permission actions 2019-06-28 14:07:22 +00:00			`assets_field = self.fields['assets']`
[Update] 优化资产选择 (#2267) * [Update] 优化资产选择 * [Update] 优化资产任务 2018-12-25 05:33:37 +00:00			`if instance:`
			`assets_field.queryset = instance.assets.all()`
			`else:`
			`assets_field.queryset = Asset.objects.none()`
[Update] 修改permission actions 2019-06-28 14:07:22 +00:00
Add user perm 2016-09-10 13:08:10 +00:00			`class Meta:`
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`model = AssetPermission`
			`exclude = (`
[Update] 添加授权规则org (#1580) * [Update] 修复创建授权规则，显示org_name不是有效UUID的bug * [Update] 更新org之间隔离授权规则，解决QuerySet与Manager问题；修复创建用户，显示org_name不是有效UUID之bug； 2018-07-25 03:28:20 +00:00			`'id', 'date_created', 'created_by', 'org_id'`
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`)`
user-pserm 2016-09-11 08:59:19 +00:00			`widgets = {`
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`'users': forms.SelectMultiple(`
			`attrs={'class': 'select2', 'data-placeholder': _("User")}`
[Abandon] ... 2018-02-01 09:14:15 +00:00			`),`
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`'user_groups': forms.SelectMultiple(`
[Abandon] ... 2018-02-01 09:14:15 +00:00			`attrs={'class': 'select2', 'data-placeholder': _("User group")}`
			`),`
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`'assets': forms.SelectMultiple(`
			`attrs={'class': 'select2', 'data-placeholder': _("Asset")}`
			`),`
			`'nodes': forms.SelectMultiple(`
			`attrs={'class': 'select2', 'data-placeholder': _("Node")}`
			`),`
			`'system_users': forms.SelectMultiple(`
[Abandon] ... 2018-02-01 09:14:15 +00:00			`attrs={'class': 'select2', 'data-placeholder': _('System user')}`
			`),`
Finish permission create and list 2016-09-11 14:45:24 +00:00			`}`
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`labels = {`
			`'nodes': _("Node"),`
			`}`
[Feature] 授权规则添加 actions 选项，控制用户对资产的操作行为 (#2610) * [Feature] 1. perms actions - 添加 Action Model * [Feature] 2. perms actions - 添加 Action API * [Feature] 3. perms actions - 授权规则: 添加actions字段 * [Feature] 4. perms actions - 授权规则创建页面: 设置 actions 默认 all * [Feature] 5. perms actions - 资产授权工具: 动态给system_user设置actions属性; 修改授权相关的API-serializer类: 添加actions字段值 * [Feature] 6. perms actions - 更新API(用户使用系统用户连接资产时权限校验): 添加actions校验 * [Feature] 7. perms actions - 迁移文件中为已经存在的perms添加默认的action * [Feature] 8. perms actions - 创建授权规则时设置默认action(如果actions字段值为空) * [Feature] 9. check actions - 修改校验用户资产权限API逻辑(添加actions校验) * [Feature] 10. check actions - 修改注释 * [Feature] 11. check actions - 添加API: 获取用户指定资产和系统用户被授权的actions * [Feature] 12. check actions - 添加翻译信息 2019-04-22 03:42:20 +00:00			`help_texts = {`
Stash 2019-07-01 10:22:40 +00:00			`'actions': _('Tips: The RDP protocol does not support separate '`
[Update] 修改permission actions 2019-06-28 14:07:22 +00:00			`'controls for uploading or downloading files')`
[Feature] 授权规则添加 actions 选项，控制用户对资产的操作行为 (#2610) * [Feature] 1. perms actions - 添加 Action Model * [Feature] 2. perms actions - 添加 Action API * [Feature] 3. perms actions - 授权规则: 添加actions字段 * [Feature] 4. perms actions - 授权规则创建页面: 设置 actions 默认 all * [Feature] 5. perms actions - 资产授权工具: 动态给system_user设置actions属性; 修改授权相关的API-serializer类: 添加actions字段值 * [Feature] 6. perms actions - 更新API(用户使用系统用户连接资产时权限校验): 添加actions校验 * [Feature] 7. perms actions - 迁移文件中为已经存在的perms添加默认的action * [Feature] 8. perms actions - 创建授权规则时设置默认action(如果actions字段值为空) * [Feature] 9. check actions - 修改校验用户资产权限API逻辑(添加actions校验) * [Feature] 10. check actions - 修改注释 * [Feature] 11. check actions - 添加API: 获取用户指定资产和系统用户被授权的actions * [Feature] 12. check actions - 添加翻译信息 2019-04-22 03:42:20 +00:00			`}`
[Update] 修改Permr认证 2018-04-10 12:29:06 +00:00
			`def clean_user_groups(self):`
			`users = self.cleaned_data.get('users')`
			`user_groups = self.cleaned_data.get('user_groups')`

			`if not users and not user_groups:`
			`raise forms.ValidationError(`
			`_("User or group at least one required"))`
			`return self.cleaned_data["user_groups"]`

			`def clean_asset_groups(self):`
			`assets = self.cleaned_data.get('assets')`
			`asset_groups = self.cleaned_data.get('asset_groups')`

			`if not assets and not asset_groups:`
			`raise forms.ValidationError(`
			`_("Asset or group at least one required"))`

			`return self.cleaned_data["asset_groups"]`