jumpserver/apps/perms/serializers/application/permission.py

93 lines
3.6 KiB
Python
Raw Normal View History

# -*- coding: utf-8 -*-
#
from rest_framework import serializers
from django.utils.translation import ugettext_lazy as _
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
from perms.models import ApplicationPermission
from ..base import ActionsField
__all__ = [
'ApplicationPermissionSerializer'
]
class ApplicationPermissionSerializer(BulkOrgResourceModelSerializer):
actions = ActionsField(required=False, allow_null=True, label=_("Actions"))
2021-07-30 11:13:47 +00:00
category_display = serializers.ReadOnlyField(source='get_category_display', label=_('Category display'))
type_display = serializers.ReadOnlyField(source='get_type_display', label=_('Type display'))
is_valid = serializers.BooleanField(read_only=True, label=_('Is valid'))
is_expired = serializers.BooleanField(read_only=True, label=_("Is expired"))
class Meta:
model = ApplicationPermission
2021-04-29 11:10:45 +00:00
fields_mini = ['id', 'name']
fields_small = fields_mini + [
2021-07-30 11:13:47 +00:00
'category', 'category_display', 'type', 'type_display',
'actions',
2021-07-30 11:13:47 +00:00
'is_active', 'is_expired', 'is_valid',
2021-09-09 06:37:43 +00:00
'created_by', 'date_created', 'date_expired', 'date_start', 'comment', 'from_ticket'
]
2021-04-29 11:10:45 +00:00
fields_m2m = [
'users', 'user_groups', 'applications', 'system_users',
2021-07-30 11:13:47 +00:00
'users_amount', 'user_groups_amount', 'applications_amount',
'system_users_amount',
]
2021-04-29 11:10:45 +00:00
fields = fields_small + fields_m2m
2021-09-09 06:37:43 +00:00
read_only_fields = ['created_by', 'date_created', 'from_ticket']
2021-07-30 11:13:47 +00:00
extra_kwargs = {
'is_expired': {'label': _('Is expired')},
'is_valid': {'label': _('Is valid')},
'actions': {'label': _('Actions')},
'users_amount': {'label': _('Users amount')},
'user_groups_amount': {'label': _('User groups amount')},
'system_users_amount': {'label': _('System users amount')},
'applications_amount': {'label': _('Applications amount')},
}
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.set_actions_choices()
def set_actions_choices(self):
actions = self.fields.get('actions')
if not actions:
return
choices = actions._choices
if request := self.context.get('request'):
category = request.query_params.get('category')
else:
category = None
exclude_choices = ApplicationPermission.get_exclude_actions_choices(category=category)
for choice in exclude_choices:
choices.pop(choice, None)
actions._choices = choices
actions.default = list(choices.keys())
@classmethod
def setup_eager_loading(cls, queryset):
""" Perform necessary eager loading of data. """
2021-07-30 11:13:47 +00:00
queryset = queryset.prefetch_related(
'users', 'user_groups', 'applications', 'system_users'
)
return queryset
def validate_applications(self, applications):
if self.instance:
permission_type = self.instance.type
else:
permission_type = self.initial_data['type']
other_type_applications = [
application for application in applications
if application.type != permission_type
]
if len(other_type_applications) > 0:
error = _(
'The application list contains applications '
'that are different from the permission type. ({})'
).format(', '.join([application.name for application in other_type_applications]))
raise serializers.ValidationError(error)
return applications