jumpserver/apps/perms/api/mixin.py

# -*- coding: utf-8 -*-
#
import uuid
from hashlib import md5
from django.core.cache import cache
from django.db.models import Q
from django.conf import settings
from rest_framework.views import Response
from django.utils.decorators import method_decorator
from django.views.decorators.http import condition

from django.utils.translation import ugettext as _
from common.utils import get_logger
from assets.utils import LabelFilterMixin
from .. import const
from ..hands import Asset, Node, SystemUser
from .. import serializers

logger = get_logger(__name__)

__all__ = ['UserPermissionCacheMixin', 'GrantAssetsMixin', 'NodesWithUngroupMixin']


# def get_etag(request, *args, **kwargs):
#     cache_policy = request.GET.get("cache_policy")
#     if cache_policy != '1':
#         return None
#     if not UserPermissionCacheMixin.CACHE_ENABLE:
#         return None
#     view = request.parser_context.get("view")
#     if not view:
#         return None
#     etag = view.get_meta_cache_id()
#     return etag


class UserPermissionCacheMixin:
    pass
#     cache_policy = '0'
#     RESP_CACHE_KEY = '_PERMISSION_RESPONSE_CACHE_V2_{}'
#     CACHE_ENABLE = settings.ASSETS_PERM_CACHE_ENABLE
#     CACHE_TIME = settings.ASSETS_PERM_CACHE_TIME
#     _object = None
#
#     def get_object(self):
#         return None
#
#     # 内部使用可控制缓存
#     def _get_object(self):
#         if not self._object:
#             self._object = self.get_object()
#         return self._object
#
#     def get_object_id(self):
#         obj = self._get_object()
#         if obj:
#             return str(obj.id)
#         return None
#
#     def get_request_md5(self):
#         path = self.request.path
#         query = {k: v for k, v in self.request.GET.items()}
#         query.pop("_", None)
#         query = "&".join(["{}={}".format(k, v) for k, v in query.items()])
#         full_path = "{}?{}".format(path, query)
#         return md5(full_path.encode()).hexdigest()
#
#     def get_meta_cache_id(self):
#         obj = self._get_object()
#         util = AssetPermissionUtil(obj, cache_policy=self.cache_policy)
#         meta_cache_id = util.cache_meta.get('id')
#         return meta_cache_id
#
#     def get_response_cache_id(self):
#         obj_id = self.get_object_id()
#         request_md5 = self.get_request_md5()
#         meta_cache_id = self.get_meta_cache_id()
#         resp_cache_id = '{}_{}_{}'.format(obj_id, request_md5, meta_cache_id)
#         return resp_cache_id
#
#     def get_response_from_cache(self):
#         # 没有数据缓冲
#         meta_cache_id = self.get_meta_cache_id()
#         if not meta_cache_id:
#             logger.debug("Not get meta id: {}".format(meta_cache_id))
#             return None
#         # 从响应缓冲里获取响应
#         key = self.get_response_key()
#         data = cache.get(key)
#         if not data:
#             logger.debug("Not get response from cache: {}".format(key))
#             return None
#         logger.debug("Get user permission from cache: {}".format(self.get_object()))
#         response = Response(data)
#         return response
#
#     def expire_response_cache(self):
#         obj_id = self.get_object_id()
#         expire_cache_id = '{}_{}'.format(obj_id, '*')
#         key = self.RESP_CACHE_KEY.format(expire_cache_id)
#         cache.delete_pattern(key)
#
#     def get_response_key(self):
#         resp_cache_id = self.get_response_cache_id()
#         key = self.RESP_CACHE_KEY.format(resp_cache_id)
#         return key
#
#     def set_response_to_cache(self, response):
#         key = self.get_response_key()
#         cache.set(key, response.data, self.CACHE_TIME)
#         logger.debug("Set response to cache: {}".format(key))
#
#     @method_decorator(condition(etag_func=get_etag))
#     def get(self, request, *args, **kwargs):
#         if not self.CACHE_ENABLE:
#             self.cache_policy = '0'
#         else:
#             self.cache_policy = request.GET.get('cache_policy', '0')
#
#         obj = self._get_object()
#         if obj is None:
#             logger.debug("Not get response from cache: obj is none")
#             return super().get(request, *args, **kwargs)
#
#         if AssetPermissionUtil.is_not_using_cache(self.cache_policy):
#             logger.debug("Not get resp from cache: {}".format(self.cache_policy))
#             return super().get(request, *args, **kwargs)
#         elif AssetPermissionUtil.is_refresh_cache(self.cache_policy):
#             logger.debug("Not get resp from cache: {}".format(self.cache_policy))
#             self.expire_response_cache()
#
#         logger.debug("Try get response from cache")
#         resp = self.get_response_from_cache()
#         if not resp:
#             resp = super().get(request, *args, **kwargs)
#             self.set_response_to_cache(resp)
#         return resp


class NodesWithUngroupMixin:
    util = None

    @staticmethod
    def get_ungrouped_node(ungroup_key):
        return Node(key=ungroup_key, id=const.UNGROUPED_NODE_ID,
                    value=_("ungrouped"))

    @staticmethod
    def get_empty_node():
        return Node(key=const.EMPTY_NODE_KEY, id=const.EMPTY_NODE_ID,
                    value=_("empty"))

    def add_ungrouped_nodes(self, node_map, node_keys):
        ungroup_key = '1:-1'
        for key in node_keys:
            if key.endswith('-1'):
                ungroup_key = key
                break
        ungroup_node = self.get_ungrouped_node(ungroup_key)
        empty_node = self.get_empty_node()
        node_map[ungroup_key] = ungroup_node
        node_map[const.EMPTY_NODE_KEY] = empty_node


class GrantAssetsMixin(LabelFilterMixin):
    serializer_class = serializers.AssetGrantedSerializer

    def get_serializer_queryset(self, queryset):
        assets_ids = []
        system_users_ids = set()
        for asset in queryset:
            assets_ids.append(asset["id"])
            system_users_ids.update(set(asset["system_users"]))
        assets = Asset.objects.filter(id__in=assets_ids).only(
            *self.serializer_class.Meta.only_fields
        )
        assets_map = {asset.id: asset for asset in assets}
        system_users = SystemUser.objects.filter(id__in=system_users_ids).only(
            *self.serializer_class.system_users_only_fields
        )
        system_users_map = {s.id: s for s in system_users}
        data = []
        for item in queryset:
            i = item["id"]
            asset = assets_map.get(i)
            if not asset:
                continue

            _system_users = item["system_users"]
            system_users_granted = []
            for sid, action in _system_users.items():
                system_user = system_users_map.get(sid)
                if not system_user:
                    continue
                if not asset.has_protocol(system_user.protocol):
                    continue
                system_user.actions = action
                system_users_granted.append(system_user)
            asset.system_users_granted = system_users_granted
            data.append(asset)
        return data

    def get_serializer(self, assets_items=None, many=True):
        if assets_items is None:
            assets_items = []
        assets_items = self.get_serializer_queryset(assets_items)
        return super().get_serializer(assets_items, many=many)

    def filter_queryset_by_id(self, assets_items):
        i = self.request.query_params.get("id")
        if not i:
            return assets_items
        try:
            pk = uuid.UUID(i)
        except ValueError:
            return assets_items
        assets_map = {asset['id']: asset for asset in assets_items}
        if pk in assets_map:
            return [assets_map.get(pk)]
        else:
            return []

    def search_queryset(self, assets_items):
        search = self.request.query_params.get("search")
        if not search:
            return assets_items
        assets_map = {asset['id']: asset for asset in assets_items}
        assets_ids = set(assets_map.keys())
        assets_ids_search = Asset.objects.filter(id__in=assets_ids).filter(
            Q(hostname__icontains=search) | Q(ip__icontains=search)
        ).values_list('id', flat=True)
        return [assets_map.get(asset_id) for asset_id in assets_ids_search]

    def filter_queryset_by_label(self, assets_items):
        labels_id = self.get_filter_labels_ids()
        if not labels_id:
            return assets_items

        assets_map = {asset['id']: asset for asset in assets_items}
        assets_matched = Asset.objects.filter(id__in=assets_map.keys())
        for label_id in labels_id:
            assets_matched = assets_matched.filter(labels=label_id)
        assets_ids_matched = assets_matched.values_list('id', flat=True)
        return [assets_map.get(asset_id) for asset_id in assets_ids_matched]

    def sort_queryset(self, assets_items):
        order_by = self.request.query_params.get('order', 'hostname')

        if order_by not in ['hostname', '-hostname', 'ip', '-ip']:
            order_by = 'hostname'
        assets_map = {asset['id']: asset for asset in assets_items}
        assets_ids_search = Asset.objects.filter(id__in=assets_map.keys())\
            .order_by(order_by)\
            .values_list('id', flat=True)
        return [assets_map.get(asset_id) for asset_id in assets_ids_search]

    def filter_queryset(self, assets_items):
        assets_items = self.filter_queryset_by_id(assets_items)
        assets_items = self.search_queryset(assets_items)
        assets_items = self.filter_queryset_by_label(assets_items)
        assets_items = self.sort_queryset(assets_items)
        return assets_items
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`# -- coding: utf-8 --`
			`#`
Bugfix (#2980) * [Update] 修改排序，去掉标签 * [Update] 修改批量更新后刷新页面 * [Update] 修改面包屑 * [Update] 修改用户排序 * [Update] 处理未登录主机显示为负数 * [Update] 支持单个资产的搜索 5 years ago			`import uuid`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`from hashlib import md5`
			`from django.core.cache import cache`
			`from django.db.models import Q`
			`from django.conf import settings`
			`from rest_framework.views import Response`
[Update] 支持etag 5 years ago			`from django.utils.decorators import method_decorator`
			`from django.views.decorators.http import condition`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago
			`from django.utils.translation import ugettext as _`
			`from common.utils import get_logger`
			`from assets.utils import LabelFilterMixin`
			`from .. import const`
[Update] 支持etag 5 years ago			`from ..hands import Asset, Node, SystemUser`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`from .. import serializers`

			`logger = get_logger(__name__)`

			`__all__ = ['UserPermissionCacheMixin', 'GrantAssetsMixin', 'NodesWithUngroupMixin']`


Dev beta (#3048) * [Update] 统一url地址 * [Update] 修改api * [Update] 使用规范的签名 * [Update] 修改url * [Update] 修改swagger * [Update] 添加serializer class避免报错 * [Update] 修改token * [Update] 支持api key * [Update] 支持生成api key * [Update] 修改api重定向 * [Update] 修改翻译 * [Update] 添加说明文档 * [Update] 修复浏览器关闭后session不失效的问题 * [Update] 修改一些内容 * [Update] 修改 jms脚本 * [Update] 修改重定向 * [Update] 修改搜索trim * [Update] 修改搜索trim * [Update] 添加sys log * [Bugfix] 修改登陆错误 * [Update] 优化User操作private_token的接口 (#3091) * [Update] 优化User操作private_token的接口 * [Update] 优化User操作private_token的接口 2 * [Bugfix] 解决授权了一个节点，当移动节点后，被移动的节点下的资产会放到未分组节点下的问题 * [Update] 升级jquery * [Update] 默认使用page * [Update] 修改使用Orgmodel view set * [Update] 支持 nv的硬盘 https://github.com/jumpserver/jumpserver/issues/1804 * [UPdate] 解决命令执行宽度问题 * [Update] 优化节点 * [Update] 修改nodes过多时创建比较麻烦 * [Update] 修改导入 * [Update] 节点获取更新 * [Update] 修改nodes * [Update] nodes显示full value * [Update] 统一使用nodes select2 函数 * [Update] 修改磁盘大小小数 * [Update] 修改 Node service * [Update] 优化授权节点 * [Update] 修改 node permission * [Update] 修改asset permission * [Stash] * [Update] 修改node assets api * [Update] 修改tree service，支持资产数量 * [Update] 修改暂时完成 * [Update] 修改一些bug 5 years ago			`# def get_etag(request, args, *kwargs):`
			`# cache_policy = request.GET.get("cache_policy")`
			`# if cache_policy != '1':`
			`# return None`
			`# if not UserPermissionCacheMixin.CACHE_ENABLE:`
			`# return None`
			`# view = request.parser_context.get("view")`
			`# if not view:`
			`# return None`
			`# etag = view.get_meta_cache_id()`
			`# return etag`
[Update] 支持etag 5 years ago

Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`class UserPermissionCacheMixin:`
Dev beta (#3048) * [Update] 统一url地址 * [Update] 修改api * [Update] 使用规范的签名 * [Update] 修改url * [Update] 修改swagger * [Update] 添加serializer class避免报错 * [Update] 修改token * [Update] 支持api key * [Update] 支持生成api key * [Update] 修改api重定向 * [Update] 修改翻译 * [Update] 添加说明文档 * [Update] 修复浏览器关闭后session不失效的问题 * [Update] 修改一些内容 * [Update] 修改 jms脚本 * [Update] 修改重定向 * [Update] 修改搜索trim * [Update] 修改搜索trim * [Update] 添加sys log * [Bugfix] 修改登陆错误 * [Update] 优化User操作private_token的接口 (#3091) * [Update] 优化User操作private_token的接口 * [Update] 优化User操作private_token的接口 2 * [Bugfix] 解决授权了一个节点，当移动节点后，被移动的节点下的资产会放到未分组节点下的问题 * [Update] 升级jquery * [Update] 默认使用page * [Update] 修改使用Orgmodel view set * [Update] 支持 nv的硬盘 https://github.com/jumpserver/jumpserver/issues/1804 * [UPdate] 解决命令执行宽度问题 * [Update] 优化节点 * [Update] 修改nodes过多时创建比较麻烦 * [Update] 修改导入 * [Update] 节点获取更新 * [Update] 修改nodes * [Update] nodes显示full value * [Update] 统一使用nodes select2 函数 * [Update] 修改磁盘大小小数 * [Update] 修改 Node service * [Update] 优化授权节点 * [Update] 修改 node permission * [Update] 修改asset permission * [Stash] * [Update] 修改node assets api * [Update] 修改tree service，支持资产数量 * [Update] 修改暂时完成 * [Update] 修改一些bug 5 years ago			`pass`
			`# cache_policy = '0'`
			`# RESP_CACHE_KEY = '_PERMISSION_RESPONSE_CACHE_V2_{}'`
			`# CACHE_ENABLE = settings.ASSETS_PERM_CACHE_ENABLE`
			`# CACHE_TIME = settings.ASSETS_PERM_CACHE_TIME`
			`# _object = None`
			`#`
			`# def get_object(self):`
			`# return None`
			`#`
			`# # 内部使用可控制缓存`
			`# def _get_object(self):`
			`# if not self._object:`
			`# self._object = self.get_object()`
			`# return self._object`
			`#`
			`# def get_object_id(self):`
			`# obj = self._get_object()`
			`# if obj:`
			`# return str(obj.id)`
			`# return None`
			`#`
			`# def get_request_md5(self):`
			`# path = self.request.path`
			`# query = {k: v for k, v in self.request.GET.items()}`
			`# query.pop("_", None)`
			`# query = "&".join(["{}={}".format(k, v) for k, v in query.items()])`
			`# full_path = "{}?{}".format(path, query)`
			`# return md5(full_path.encode()).hexdigest()`
			`#`
			`# def get_meta_cache_id(self):`
			`# obj = self._get_object()`
			`# util = AssetPermissionUtil(obj, cache_policy=self.cache_policy)`
			`# meta_cache_id = util.cache_meta.get('id')`
			`# return meta_cache_id`
			`#`
			`# def get_response_cache_id(self):`
			`# obj_id = self.get_object_id()`
			`# request_md5 = self.get_request_md5()`
			`# meta_cache_id = self.get_meta_cache_id()`
			`# resp_cache_id = '{}_{}_{}'.format(obj_id, request_md5, meta_cache_id)`
			`# return resp_cache_id`
			`#`
			`# def get_response_from_cache(self):`
			`# # 没有数据缓冲`
			`# meta_cache_id = self.get_meta_cache_id()`
			`# if not meta_cache_id:`
			`# logger.debug("Not get meta id: {}".format(meta_cache_id))`
			`# return None`
			`# # 从响应缓冲里获取响应`
			`# key = self.get_response_key()`
			`# data = cache.get(key)`
			`# if not data:`
			`# logger.debug("Not get response from cache: {}".format(key))`
			`# return None`
			`# logger.debug("Get user permission from cache: {}".format(self.get_object()))`
			`# response = Response(data)`
			`# return response`
			`#`
			`# def expire_response_cache(self):`
			`# obj_id = self.get_object_id()`
			`# expire_cache_id = '{}_{}'.format(obj_id, '*')`
			`# key = self.RESP_CACHE_KEY.format(expire_cache_id)`
			`# cache.delete_pattern(key)`
			`#`
			`# def get_response_key(self):`
			`# resp_cache_id = self.get_response_cache_id()`
			`# key = self.RESP_CACHE_KEY.format(resp_cache_id)`
			`# return key`
			`#`
			`# def set_response_to_cache(self, response):`
			`# key = self.get_response_key()`
			`# cache.set(key, response.data, self.CACHE_TIME)`
			`# logger.debug("Set response to cache: {}".format(key))`
			`#`
			`# @method_decorator(condition(etag_func=get_etag))`
			`# def get(self, request, args, *kwargs):`
			`# if not self.CACHE_ENABLE:`
			`# self.cache_policy = '0'`
			`# else:`
			`# self.cache_policy = request.GET.get('cache_policy', '0')`
			`#`
			`# obj = self._get_object()`
			`# if obj is None:`
			`# logger.debug("Not get response from cache: obj is none")`
			`# return super().get(request, args, *kwargs)`
			`#`
			`# if AssetPermissionUtil.is_not_using_cache(self.cache_policy):`
			`# logger.debug("Not get resp from cache: {}".format(self.cache_policy))`
			`# return super().get(request, args, *kwargs)`
			`# elif AssetPermissionUtil.is_refresh_cache(self.cache_policy):`
			`# logger.debug("Not get resp from cache: {}".format(self.cache_policy))`
			`# self.expire_response_cache()`
			`#`
			`# logger.debug("Try get response from cache")`
			`# resp = self.get_response_from_cache()`
			`# if not resp:`
			`# resp = super().get(request, args, *kwargs)`
			`# self.set_response_to_cache(resp)`
			`# return resp`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago

			`class NodesWithUngroupMixin:`
			`util = None`

			`@staticmethod`
			`def get_ungrouped_node(ungroup_key):`
			`return Node(key=ungroup_key, id=const.UNGROUPED_NODE_ID,`
			`value=_("ungrouped"))`

			`@staticmethod`
			`def get_empty_node():`
			`return Node(key=const.EMPTY_NODE_KEY, id=const.EMPTY_NODE_ID,`
			`value=_("empty"))`

			`def add_ungrouped_nodes(self, node_map, node_keys):`
			`ungroup_key = '1:-1'`
			`for key in node_keys:`
			`if key.endswith('-1'):`
			`ungroup_key = key`
			`break`
			`ungroup_node = self.get_ungrouped_node(ungroup_key)`
			`empty_node = self.get_empty_node()`
			`node_map[ungroup_key] = ungroup_node`
			`node_map[const.EMPTY_NODE_KEY] = empty_node`


			`class GrantAssetsMixin(LabelFilterMixin):`
			`serializer_class = serializers.AssetGrantedSerializer`

			`def get_serializer_queryset(self, queryset):`
			`assets_ids = []`
			`system_users_ids = set()`
			`for asset in queryset:`
			`assets_ids.append(asset["id"])`
			`system_users_ids.update(set(asset["system_users"]))`
			`assets = Asset.objects.filter(id__in=assets_ids).only(`
			`*self.serializer_class.Meta.only_fields`
			`)`
			`assets_map = {asset.id: asset for asset in assets}`
			`system_users = SystemUser.objects.filter(id__in=system_users_ids).only(`
			`*self.serializer_class.system_users_only_fields`
			`)`
			`system_users_map = {s.id: s for s in system_users}`
			`data = []`
			`for item in queryset:`
			`i = item["id"]`
			`asset = assets_map.get(i)`
			`if not asset:`
			`continue`

			`_system_users = item["system_users"]`
			`system_users_granted = []`
			`for sid, action in _system_users.items():`
			`system_user = system_users_map.get(sid)`
			`if not system_user:`
			`continue`
[Update] 获取用户授权资产时只返回资产协议支持的系统用户 5 years ago			`if not asset.has_protocol(system_user.protocol):`
			`continue`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`system_user.actions = action`
			`system_users_granted.append(system_user)`
			`asset.system_users_granted = system_users_granted`
			`data.append(asset)`
			`return data`

Dev beta (#3048) * [Update] 统一url地址 * [Update] 修改api * [Update] 使用规范的签名 * [Update] 修改url * [Update] 修改swagger * [Update] 添加serializer class避免报错 * [Update] 修改token * [Update] 支持api key * [Update] 支持生成api key * [Update] 修改api重定向 * [Update] 修改翻译 * [Update] 添加说明文档 * [Update] 修复浏览器关闭后session不失效的问题 * [Update] 修改一些内容 * [Update] 修改 jms脚本 * [Update] 修改重定向 * [Update] 修改搜索trim * [Update] 修改搜索trim * [Update] 添加sys log * [Bugfix] 修改登陆错误 * [Update] 优化User操作private_token的接口 (#3091) * [Update] 优化User操作private_token的接口 * [Update] 优化User操作private_token的接口 2 * [Bugfix] 解决授权了一个节点，当移动节点后，被移动的节点下的资产会放到未分组节点下的问题 * [Update] 升级jquery * [Update] 默认使用page * [Update] 修改使用Orgmodel view set * [Update] 支持 nv的硬盘 https://github.com/jumpserver/jumpserver/issues/1804 * [UPdate] 解决命令执行宽度问题 * [Update] 优化节点 * [Update] 修改nodes过多时创建比较麻烦 * [Update] 修改导入 * [Update] 节点获取更新 * [Update] 修改nodes * [Update] nodes显示full value * [Update] 统一使用nodes select2 函数 * [Update] 修改磁盘大小小数 * [Update] 修改 Node service * [Update] 优化授权节点 * [Update] 修改 node permission * [Update] 修改asset permission * [Stash] * [Update] 修改node assets api * [Update] 修改tree service，支持资产数量 * [Update] 修改暂时完成 * [Update] 修改一些bug 5 years ago			`def get_serializer(self, assets_items=None, many=True):`
			`if assets_items is None:`
			`assets_items = []`
			`assets_items = self.get_serializer_queryset(assets_items)`
			`return super().get_serializer(assets_items, many=many)`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago
Bugfix (#2980) * [Update] 修改排序，去掉标签 * [Update] 修改批量更新后刷新页面 * [Update] 修改面包屑 * [Update] 修改用户排序 * [Update] 处理未登录主机显示为负数 * [Update] 支持单个资产的搜索 5 years ago			`def filter_queryset_by_id(self, assets_items):`
			`i = self.request.query_params.get("id")`
			`if not i:`
			`return assets_items`
			`try:`
			`pk = uuid.UUID(i)`
			`except ValueError:`
			`return assets_items`
			`assets_map = {asset['id']: asset for asset in assets_items}`
			`if pk in assets_map:`
			`return [assets_map.get(pk)]`
			`else:`
			`return []`

Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`def search_queryset(self, assets_items):`
			`search = self.request.query_params.get("search")`
			`if not search:`
			`return assets_items`
			`assets_map = {asset['id']: asset for asset in assets_items}`
			`assets_ids = set(assets_map.keys())`
			`assets_ids_search = Asset.objects.filter(id__in=assets_ids).filter(`
			`Q(hostname__icontains=search) \| Q(ip__icontains=search)`
			`).values_list('id', flat=True)`
			`return [assets_map.get(asset_id) for asset_id in assets_ids_search]`

			`def filter_queryset_by_label(self, assets_items):`
			`labels_id = self.get_filter_labels_ids()`
			`if not labels_id:`
			`return assets_items`

			`assets_map = {asset['id']: asset for asset in assets_items}`
			`assets_matched = Asset.objects.filter(id__in=assets_map.keys())`
			`for label_id in labels_id:`
			`assets_matched = assets_matched.filter(labels=label_id)`
			`assets_ids_matched = assets_matched.values_list('id', flat=True)`
			`return [assets_map.get(asset_id) for asset_id in assets_ids_matched]`

			`def sort_queryset(self, assets_items):`
			`order_by = self.request.query_params.get('order', 'hostname')`

			`if order_by not in ['hostname', '-hostname', 'ip', '-ip']:`
			`order_by = 'hostname'`
			`assets_map = {asset['id']: asset for asset in assets_items}`
			`assets_ids_search = Asset.objects.filter(id__in=assets_map.keys())\`
			`.order_by(order_by)\`
			`.values_list('id', flat=True)`
			`return [assets_map.get(asset_id) for asset_id in assets_ids_search]`

			`def filter_queryset(self, assets_items):`
Bugfix (#2980) * [Update] 修改排序，去掉标签 * [Update] 修改批量更新后刷新页面 * [Update] 修改面包屑 * [Update] 修改用户排序 * [Update] 处理未登录主机显示为负数 * [Update] 支持单个资产的搜索 5 years ago			`assets_items = self.filter_queryset_by_id(assets_items)`
Bugfix (#2938) * [Update] 修改assets * [Update] 修复用户组页面权限 * [Update] 统一授权资产页面，修改apiUpdateAttr函数名称 5 years ago			`assets_items = self.search_queryset(assets_items)`
			`assets_items = self.filter_queryset_by_label(assets_items)`
			`assets_items = self.sort_queryset(assets_items)`
Bugfix (#2980) * [Update] 修改排序，去掉标签 * [Update] 修改批量更新后刷新页面 * [Update] 修改面包屑 * [Update] 修改用户排序 * [Update] 处理未登录主机显示为负数 * [Update] 支持单个资产的搜索 5 years ago			`return assets_items`