jumpserver/apps/perms/utils/asset/permission.py

from collections import defaultdict

from django.db.models import Q

from common.utils import get_logger
from perms.models import AssetPermission
from perms.hands import Asset, User, UserGroup
from perms.models.base import BasePermissionQuerySet

logger = get_logger(__file__)


def get_asset_system_users_id_with_actions(asset_perm_queryset: BasePermissionQuerySet, asset: Asset):
    nodes = asset.get_nodes()
    node_keys = set()
    for node in nodes:
        ancestor_keys = node.get_ancestor_keys(with_self=True)
        node_keys.update(ancestor_keys)

    queryset = asset_perm_queryset.filter(
        Q(assets=asset) |
        Q(nodes__key__in=node_keys)
    )
    asset_protocols = asset.protocols_as_dict.keys()
    values = queryset.filter(
        system_users__protocol__in=asset_protocols
    ).distinct().values_list('system_users', 'actions')
    system_users_actions = defaultdict(int)

    for system_user_id, actions in values:
        if None in (system_user_id, actions):
            continue
        system_users_actions[system_user_id] |= actions
    return system_users_actions


def get_asset_system_users_id_with_actions_by_user(user: User, asset: Asset):
    queryset = AssetPermission.objects.filter(
        Q(users=user) | Q(user_groups__users=user)
    ).valid()
    return get_asset_system_users_id_with_actions(queryset, asset)


def get_asset_system_users_id_with_actions_by_group(group: UserGroup, asset: Asset):
    queryset = AssetPermission.objects.filter(
        user_groups=group
    ).valid()
    return get_asset_system_users_id_with_actions(queryset, asset)
[Update] 修改授权 2018-04-07 16:16:37 +00:00			`from collections import defaultdict`
[Update] 更新缓存机制 2019-03-26 11:46:04 +00:00
[Update] 更新api和model方法 2018-05-31 11:47:57 +00:00			`from django.db.models import Q`
Pre delete action 2016-09-16 01:38:07 +00:00
perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`from common.utils import get_logger`
refactor(perms): 修改授权规则的目录结构（asset、application) 2020-10-22 10:13:14 +00:00			`from perms.models import AssetPermission`
			`from perms.hands import Asset, User, UserGroup`
perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`from perms.models.base import BasePermissionQuerySet`
[Fixture] 完成用户推送task 2017-03-09 06:55:33 +00:00
			`logger = get_logger(__file__)`
Pre delete action 2016-09-16 01:38:07 +00:00

perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`def get_asset_system_users_id_with_actions(asset_perm_queryset: BasePermissionQuerySet, asset: Asset):`
			`nodes = asset.get_nodes()`
			`node_keys = set()`
			`for node in nodes:`
			`ancestor_keys = node.get_ancestor_keys(with_self=True)`
			`node_keys.update(ancestor_keys)`
Perm cache (#3211) * [Update] 修改用户树的cache * [Update] 修改用户树缓存 * [Update] telnet (beta) => telnet 2019-09-11 10:52:42 +00:00
perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`queryset = asset_perm_queryset.filter(`
			`Q(assets=asset) \|`
			`Q(nodes__key__in=node_keys)`
[Update] 优化命令记录列表 2019-07-02 14:08:50 +00:00			`)`
perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`asset_protocols = asset.protocols_as_dict.keys()`
			`values = queryset.filter(`
			`system_users__protocol__in=asset_protocols`
			`).distinct().values_list('system_users', 'actions')`
			`system_users_actions = defaultdict(int)`

			`for system_user_id, actions in values:`
			`if None in (system_user_id, actions):`
			`continue`
			`system_users_actions[system_user_id] \|= actions`
			`return system_users_actions`


			`def get_asset_system_users_id_with_actions_by_user(user: User, asset: Asset):`
			`queryset = AssetPermission.objects.filter(`
			`Q(users=user) \| Q(user_groups__users=user)`
fix(perms): 修复失效资产授权action 还在的问题 2020-10-13 11:04:26 +00:00			`).valid()`
perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`return get_asset_system_users_id_with_actions(queryset, asset)`
Perf (#2929) * [Update] 优化性能 * [Update] 修改assets * [Update] 优化处理 * [Update] Youhua * [Update] 修改ungroup * [Update] 修改perms的api地址，去掉sysuser adminuser的可连接性 * [Update] 修改perms urls兼容 * [Update] 修改分类 * [Update] 修改信号 * [Update] 优化获取授权资产 * [Update] 添加注释 (#2928) * [update] 去掉nodes 的部分字段 * [Update] 删除不用的代码 * [Update] 拆分users * [Update] 修改用户的属性 2019-07-11 10:12:14 +00:00

perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`def get_asset_system_users_id_with_actions_by_group(group: UserGroup, asset: Asset):`
			`queryset = AssetPermission.objects.filter(`
			`user_groups=group`
fix(perms): 修复失效资产授权action 还在的问题 2020-10-13 11:04:26 +00:00			`).valid()`
perf(assets): 优化节点树修改树策略，做读优化，写的速度降低 2020-08-16 15:08:58 +00:00			`return get_asset_system_users_id_with_actions(queryset, asset)`