jumpserver/apps/orgs/api.py

# -*- coding: utf-8 -*-
#

from rest_framework import status
from rest_framework.views import Response
from rest_framework_bulk import BulkModelViewSet

from common.permissions import IsSuperUserOrAppUser
from .models import Organization
from .serializers import OrgSerializer, OrgReadSerializer, \
    OrgMembershipUserSerializer, OrgMembershipAdminSerializer
from users.models import User, UserGroup
from assets.models import Asset, Domain, AdminUser, SystemUser, Label
from perms.models import AssetPermission
from orgs.utils import current_org
from common.utils import get_logger
from .mixins.api import OrgMembershipModelViewSetMixin

logger = get_logger(__file__)


class OrgViewSet(BulkModelViewSet):
    queryset = Organization.objects.all()
    serializer_class = OrgSerializer
    permission_classes = (IsSuperUserOrAppUser,)
    org = None

    def get_serializer_class(self):
        if self.action in ('list', 'retrieve'):
            return OrgReadSerializer
        else:
            return super().get_serializer_class()

    def get_data_from_model(self, model):
        if model == User:
            data = model.objects.filter(orgs__id=self.org.id)
        else:
            data = model.objects.filter(org_id=self.org.id)
        return data

    def destroy(self, request, *args, **kwargs):
        self.org = self.get_object()
        models = [
            User, UserGroup,
            Asset, Domain, AdminUser, SystemUser, Label,
            AssetPermission,
        ]
        for model in models:
            data = self.get_data_from_model(model)
            if data:
                return Response(status=status.HTTP_400_BAD_REQUEST)
        else:
            if str(current_org) == str(self.org):
                return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)
            self.org.delete()
            return Response({'msg': True}, status=status.HTTP_200_OK)


class OrgMembershipAdminsViewSet(OrgMembershipModelViewSetMixin, BulkModelViewSet):
    serializer_class = OrgMembershipAdminSerializer
    membership_class = Organization.admins.through
    permission_classes = (IsSuperUserOrAppUser, )


class OrgMembershipUsersViewSet(OrgMembershipModelViewSetMixin, BulkModelViewSet):
    serializer_class = OrgMembershipUserSerializer
    membership_class = Organization.users.through
    permission_classes = (IsSuperUserOrAppUser, )
Tmp org (#1579) * [Update] 添加org api, 升级到django 2.0 * [Update] fix some bug * [Update] 修改一些bug 6 years ago			`# -- coding: utf-8 --`
			`#`

[Update] 更新组织管理api (#1986) * [Update] 更新组织管理api * [Update] 重写-组织管理员/用户API，采用through类 * [Update] 修改OrgMembershipSerializerMixin目录 * [Update] 修改组织管理API，限制http method * [Update] 修改rpm依赖 6 years ago			`from rest_framework import status`
			`from rest_framework.views import Response`
			`from rest_framework_bulk import BulkModelViewSet`
Tmp org (#1579) * [Update] 添加org api, 升级到django 2.0 * [Update] fix some bug * [Update] 修改一些bug 6 years ago
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 6 years ago			`from common.permissions import IsSuperUserOrAppUser`
Tmp org (#1579) * [Update] 添加org api, 升级到django 2.0 * [Update] fix some bug * [Update] 修改一些bug 6 years ago			`from .models import Organization`
[Update] 更新组织管理api (#1986) * [Update] 更新组织管理api * [Update] 重写-组织管理员/用户API，采用through类 * [Update] 修改OrgMembershipSerializerMixin目录 * [Update] 修改组织管理API，限制http method * [Update] 修改rpm依赖 6 years ago			`from .serializers import OrgSerializer, OrgReadSerializer, \`
			`OrgMembershipUserSerializer, OrgMembershipAdminSerializer`
			`from users.models import User, UserGroup`
			`from assets.models import Asset, Domain, AdminUser, SystemUser, Label`
			`from perms.models import AssetPermission`
			`from orgs.utils import current_org`
			`from common.utils import get_logger`
Dev beta (#3048) * [Update] 统一url地址 * [Update] 修改api * [Update] 使用规范的签名 * [Update] 修改url * [Update] 修改swagger * [Update] 添加serializer class避免报错 * [Update] 修改token * [Update] 支持api key * [Update] 支持生成api key * [Update] 修改api重定向 * [Update] 修改翻译 * [Update] 添加说明文档 * [Update] 修复浏览器关闭后session不失效的问题 * [Update] 修改一些内容 * [Update] 修改 jms脚本 * [Update] 修改重定向 * [Update] 修改搜索trim * [Update] 修改搜索trim * [Update] 添加sys log * [Bugfix] 修改登陆错误 * [Update] 优化User操作private_token的接口 (#3091) * [Update] 优化User操作private_token的接口 * [Update] 优化User操作private_token的接口 2 * [Bugfix] 解决授权了一个节点，当移动节点后，被移动的节点下的资产会放到未分组节点下的问题 * [Update] 升级jquery * [Update] 默认使用page * [Update] 修改使用Orgmodel view set * [Update] 支持 nv的硬盘 https://github.com/jumpserver/jumpserver/issues/1804 * [UPdate] 解决命令执行宽度问题 * [Update] 优化节点 * [Update] 修改nodes过多时创建比较麻烦 * [Update] 修改导入 * [Update] 节点获取更新 * [Update] 修改nodes * [Update] nodes显示full value * [Update] 统一使用nodes select2 函数 * [Update] 修改磁盘大小小数 * [Update] 修改 Node service * [Update] 优化授权节点 * [Update] 修改 node permission * [Update] 修改asset permission * [Stash] * [Update] 修改node assets api * [Update] 修改tree service，支持资产数量 * [Update] 修改暂时完成 * [Update] 修改一些bug 5 years ago			`from .mixins.api import OrgMembershipModelViewSetMixin`
Tmp org (#1579) * [Update] 添加org api, 升级到django 2.0 * [Update] fix some bug * [Update] 修改一些bug 6 years ago
[Update] 更新组织管理api (#1986) * [Update] 更新组织管理api * [Update] 重写-组织管理员/用户API，采用through类 * [Update] 修改OrgMembershipSerializerMixin目录 * [Update] 修改组织管理API，限制http method * [Update] 修改rpm依赖 6 years ago			`logger = get_logger(__file__)`
Tmp org (#1579) * [Update] 添加org api, 升级到django 2.0 * [Update] fix some bug * [Update] 修改一些bug 6 years ago
[Update] 更新组织管理api (#1986) * [Update] 更新组织管理api * [Update] 重写-组织管理员/用户API，采用through类 * [Update] 修改OrgMembershipSerializerMixin目录 * [Update] 修改组织管理API，限制http method * [Update] 修改rpm依赖 6 years ago
			`class OrgViewSet(BulkModelViewSet):`
Tmp org (#1579) * [Update] 添加org api, 升级到django 2.0 * [Update] fix some bug * [Update] 修改一些bug 6 years ago			`queryset = Organization.objects.all()`
			`serializer_class = OrgSerializer`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 6 years ago			`permission_classes = (IsSuperUserOrAppUser,)`
[Update] 更新组织管理api (#1986) * [Update] 更新组织管理api * [Update] 重写-组织管理员/用户API，采用through类 * [Update] 修改OrgMembershipSerializerMixin目录 * [Update] 修改组织管理API，限制http method * [Update] 修改rpm依赖 6 years ago			`org = None`

			`def get_serializer_class(self):`
			`if self.action in ('list', 'retrieve'):`
			`return OrgReadSerializer`
			`else:`
			`return super().get_serializer_class()`

			`def get_data_from_model(self, model):`
			`if model == User:`
			`data = model.objects.filter(orgs__id=self.org.id)`
			`else:`
			`data = model.objects.filter(org_id=self.org.id)`
			`return data`

			`def destroy(self, request, args, *kwargs):`
			`self.org = self.get_object()`
			`models = [`
			`User, UserGroup,`
			`Asset, Domain, AdminUser, SystemUser, Label,`
			`AssetPermission,`
			`]`
			`for model in models:`
			`data = self.get_data_from_model(model)`
			`if data:`
			`return Response(status=status.HTTP_400_BAD_REQUEST)`
			`else:`
			`if str(current_org) == str(self.org):`
			`return Response(status=status.HTTP_405_METHOD_NOT_ALLOWED)`
			`self.org.delete()`
			`return Response({'msg': True}, status=status.HTTP_200_OK)`


			`class OrgMembershipAdminsViewSet(OrgMembershipModelViewSetMixin, BulkModelViewSet):`
			`serializer_class = OrgMembershipAdminSerializer`
			`membership_class = Organization.admins.through`
			`permission_classes = (IsSuperUserOrAppUser, )`


			`class OrgMembershipUsersViewSet(OrgMembershipModelViewSetMixin, BulkModelViewSet):`
			`serializer_class = OrgMembershipUserSerializer`
			`membership_class = Organization.users.through`
			`permission_classes = (IsSuperUserOrAppUser, )`
[Update] 权限页面增加过滤规则 (#2349) 6 years ago