jumpserver/apps/perms/api/database_app_permission_rel...

# coding: utf-8
#

from rest_framework import generics
from django.db.models import F, Value
from django.db.models.functions import Concat
from django.shortcuts import get_object_or_404

from orgs.mixins.api import OrgBulkModelViewSet
from orgs.utils import current_org
from common.permissions import IsOrgAdmin
from .. import models, serializers

__all__ = [
    'DatabaseAppPermissionUserRelationViewSet',
    'DatabaseAppPermissionUserGroupRelationViewSet',
    'DatabaseAppPermissionAllUserListApi',
    'DatabaseAppPermissionDatabaseAppRelationViewSet',
    'DatabaseAppPermissionAllDatabaseAppListApi',
    'DatabaseAppPermissionSystemUserRelationViewSet',
]


class RelationMixin(OrgBulkModelViewSet):
    def get_queryset(self):
        queryset = self.model.objects.all()
        org_id = current_org.org_id()
        if org_id is not None:
            queryset = queryset.filter(databaseapppermission__org_id=org_id)
        queryset = queryset.annotate(databaseapppermission_display=F('databaseapppermission__name'))
        return queryset


class DatabaseAppPermissionUserRelationViewSet(RelationMixin):
    serializer_class = serializers.DatabaseAppPermissionUserRelationSerializer
    model = models.DatabaseAppPermission.users.through
    permission_classes = (IsOrgAdmin,)
    filterset_fields = [
        'id', 'user', 'databaseapppermission'
    ]
    search_fields = ('user__name', 'user__username', 'databaseapppermission__name')

    def get_queryset(self):
        queryset = super().get_queryset()
        queryset = queryset.annotate(user_display=F('user__name'))
        return queryset


class DatabaseAppPermissionUserGroupRelationViewSet(RelationMixin):
    serializer_class = serializers.DatabaseAppPermissionUserGroupRelationSerializer
    model = models.DatabaseAppPermission.user_groups.through
    permission_classes = (IsOrgAdmin,)
    filterset_fields = [
        'id', "usergroup", "databaseapppermission"
    ]
    search_fields = ["usergroup__name", "databaseapppermission__name"]

    def get_queryset(self):
        queryset = super().get_queryset()
        queryset = queryset \
            .annotate(usergroup_display=F('usergroup__name'))
        return queryset


class DatabaseAppPermissionAllUserListApi(generics.ListAPIView):
    permission_classes = (IsOrgAdmin,)
    serializer_class = serializers.DatabaseAppPermissionAllUserSerializer
    filter_fields = ("username", "name")
    search_fields = filter_fields

    def get_queryset(self):
        pk = self.kwargs.get("pk")
        perm = get_object_or_404(models.DatabaseAppPermission, pk=pk)
        users = perm.get_all_users().only(
            *self.serializer_class.Meta.only_fields
        )
        return users


class DatabaseAppPermissionDatabaseAppRelationViewSet(RelationMixin):
    serializer_class = serializers.DatabaseAppPermissionDatabaseAppRelationSerializer
    model = models.DatabaseAppPermission.database_apps.through
    permission_classes = (IsOrgAdmin,)
    filterset_fields = [
        'id', 'databaseapp', 'databaseapppermission',
    ]
    search_fields = [
        "id", "databaseapp__name", "databaseapppermission__name"
    ]

    def get_queryset(self):
        queryset = super().get_queryset()
        queryset = queryset \
            .annotate(databaseapp_display=F('databaseapp__name'))
        return queryset


class DatabaseAppPermissionAllDatabaseAppListApi(generics.ListAPIView):
    permission_classes = (IsOrgAdmin,)
    serializer_class = serializers.DatabaseAppPermissionAllDatabaseAppSerializer
    filter_fields = ("name",)
    search_fields = filter_fields

    def get_queryset(self):
        pk = self.kwargs.get("pk")
        perm = get_object_or_404(models.DatabaseAppPermission, pk=pk)
        database_apps = perm.get_all_database_apps().only(
            *self.serializer_class.Meta.only_fields
        )
        return database_apps


class DatabaseAppPermissionSystemUserRelationViewSet(RelationMixin):
    serializer_class = serializers.DatabaseAppPermissionSystemUserRelationSerializer
    model = models.DatabaseAppPermission.system_users.through
    permission_classes = (IsOrgAdmin,)
    filterset_fields = [
        'id', 'systemuser', 'databaseapppermission'
    ]
    search_fields = [
        'databaseapppermission__name', 'systemuser__name', 'systemuser__username'
    ]

    def get_queryset(self):
        queryset = super().get_queryset()
        queryset = queryset.annotate(
            systemuser_display=Concat(
                F('systemuser__name'), Value('('), F('systemuser__username'),
                Value(')')
            )
        )
        return queryset
[Feature] 添加功能：数据库应用 (#3551) * [Update] 添加数据库应用Model * [Update] 添加数据库应用ViewSet * [Update] 添加数据库应用HTML * [Update] 更新数据库应用迁移文件 * [Update] 添加数据库应用授权Model * [Update] 添加数据库应用授权ViewSet（待续） * [Update] 添加数据库应用授权ViewSet（完结） * [Update] 添加数据库应用授权View（待续） * [Update] 添加数据库应用授权View（待续2） * [Update] 修改远程应用授权View（小问题） * [Update] 添加数据库应用授权View（待续3） * [Update] 添加数据库应用授权View（完结） * [Update] 添加数据库应用授权相关API * [Update] 添加数据库应用View（用户页面） * [Update] 修改数据库应用授权Model/View/API（系统用户） * [Update] 修改系统用户Model/View（添加mysql协议） * [Update] 修改用户页面（我的应用） * [Update] 添加迁移文件 * [Update] 添加迁移文件2 * [Update] 续添加迁移文件2（Model更改） * [Update] 修改系统用户序列类（mysql协议自动生成密码问题） * [Update] 修改数据库应用/资产等授权序列类 * [Update] 修改命令列表/会话详情命令溢出 * [Update] 修改授权详情中添加系统用户的过滤 * [Update] 修改列表动作的宽度 5 years ago			`# coding: utf-8`
			`#`

			`from rest_framework import generics`
			`from django.db.models import F, Value`
			`from django.db.models.functions import Concat`
			`from django.shortcuts import get_object_or_404`

			`from orgs.mixins.api import OrgBulkModelViewSet`
			`from orgs.utils import current_org`
			`from common.permissions import IsOrgAdmin`
			`from .. import models, serializers`

			`__all__ = [`
			`'DatabaseAppPermissionUserRelationViewSet',`
			`'DatabaseAppPermissionUserGroupRelationViewSet',`
			`'DatabaseAppPermissionAllUserListApi',`
			`'DatabaseAppPermissionDatabaseAppRelationViewSet',`
			`'DatabaseAppPermissionAllDatabaseAppListApi',`
			`'DatabaseAppPermissionSystemUserRelationViewSet',`
			`]`


			`class RelationMixin(OrgBulkModelViewSet):`
			`def get_queryset(self):`
			`queryset = self.model.objects.all()`
			`org_id = current_org.org_id()`
			`if org_id is not None:`
			`queryset = queryset.filter(databaseapppermission__org_id=org_id)`
			`queryset = queryset.annotate(databaseapppermission_display=F('databaseapppermission__name'))`
			`return queryset`


			`class DatabaseAppPermissionUserRelationViewSet(RelationMixin):`
			`serializer_class = serializers.DatabaseAppPermissionUserRelationSerializer`
			`model = models.DatabaseAppPermission.users.through`
			`permission_classes = (IsOrgAdmin,)`
			`filterset_fields = [`
			`'id', 'user', 'databaseapppermission'`
			`]`
			`search_fields = ('user__name', 'user__username', 'databaseapppermission__name')`

			`def get_queryset(self):`
			`queryset = super().get_queryset()`
			`queryset = queryset.annotate(user_display=F('user__name'))`
			`return queryset`


			`class DatabaseAppPermissionUserGroupRelationViewSet(RelationMixin):`
			`serializer_class = serializers.DatabaseAppPermissionUserGroupRelationSerializer`
			`model = models.DatabaseAppPermission.user_groups.through`
			`permission_classes = (IsOrgAdmin,)`
			`filterset_fields = [`
			`'id', "usergroup", "databaseapppermission"`
			`]`
			`search_fields = ["usergroup__name", "databaseapppermission__name"]`

			`def get_queryset(self):`
			`queryset = super().get_queryset()`
			`queryset = queryset \`
			`.annotate(usergroup_display=F('usergroup__name'))`
			`return queryset`


			`class DatabaseAppPermissionAllUserListApi(generics.ListAPIView):`
			`permission_classes = (IsOrgAdmin,)`
			`serializer_class = serializers.DatabaseAppPermissionAllUserSerializer`
			`filter_fields = ("username", "name")`
			`search_fields = filter_fields`

			`def get_queryset(self):`
			`pk = self.kwargs.get("pk")`
			`perm = get_object_or_404(models.DatabaseAppPermission, pk=pk)`
			`users = perm.get_all_users().only(`
			`*self.serializer_class.Meta.only_fields`
			`)`
			`return users`


			`class DatabaseAppPermissionDatabaseAppRelationViewSet(RelationMixin):`
			`serializer_class = serializers.DatabaseAppPermissionDatabaseAppRelationSerializer`
			`model = models.DatabaseAppPermission.database_apps.through`
			`permission_classes = (IsOrgAdmin,)`
			`filterset_fields = [`
			`'id', 'databaseapp', 'databaseapppermission',`
			`]`
			`search_fields = [`
			`"id", "databaseapp__name", "databaseapppermission__name"`
			`]`

			`def get_queryset(self):`
			`queryset = super().get_queryset()`
			`queryset = queryset \`
			`.annotate(databaseapp_display=F('databaseapp__name'))`
			`return queryset`


			`class DatabaseAppPermissionAllDatabaseAppListApi(generics.ListAPIView):`
			`permission_classes = (IsOrgAdmin,)`
			`serializer_class = serializers.DatabaseAppPermissionAllDatabaseAppSerializer`
			`filter_fields = ("name",)`
			`search_fields = filter_fields`

			`def get_queryset(self):`
			`pk = self.kwargs.get("pk")`
			`perm = get_object_or_404(models.DatabaseAppPermission, pk=pk)`
			`database_apps = perm.get_all_database_apps().only(`
			`*self.serializer_class.Meta.only_fields`
			`)`
			`return database_apps`


			`class DatabaseAppPermissionSystemUserRelationViewSet(RelationMixin):`
			`serializer_class = serializers.DatabaseAppPermissionSystemUserRelationSerializer`
			`model = models.DatabaseAppPermission.system_users.through`
			`permission_classes = (IsOrgAdmin,)`
			`filterset_fields = [`
			`'id', 'systemuser', 'databaseapppermission'`
			`]`
			`search_fields = [`
			`'databaseapppermission__name', 'systemuser__name', 'systemuser__username'`
			`]`

			`def get_queryset(self):`
			`queryset = super().get_queryset()`
			`queryset = queryset.annotate(`
			`systemuser_display=Concat(`
			`F('systemuser__name'), Value('('), F('systemuser__username'),`
			`Value(')')`
			`)`
			`)`
			`return queryset`