jumpserver/apps/perms/serializers/asset_permission.py

# -*- coding: utf-8 -*-
#

from rest_framework import serializers

from common.fields import StringManyToManyField
from orgs.mixins import BulkOrgResourceModelSerializer
from perms.models import AssetPermission, Action
from assets.models import Node
from assets.serializers import AssetGrantedSerializer

__all__ = [
    'AssetPermissionCreateUpdateSerializer', 'AssetPermissionListSerializer',
    'AssetPermissionUpdateUserSerializer', 'AssetPermissionUpdateAssetSerializer',
    'AssetPermissionNodeSerializer', 'GrantedNodeSerializer',
    'ActionSerializer', 'NodeGrantedSerializer',
]


class ActionSerializer(serializers.ModelSerializer):
    class Meta:
        model = Action
        fields = '__all__'


class AssetPermissionCreateUpdateSerializer(BulkOrgResourceModelSerializer):
    class Meta:
        model = AssetPermission
        exclude = ('created_by', 'date_created')


class AssetPermissionListSerializer(BulkOrgResourceModelSerializer):
    users = StringManyToManyField(many=True, read_only=True)
    user_groups = StringManyToManyField(many=True, read_only=True)
    assets = StringManyToManyField(many=True, read_only=True)
    nodes = StringManyToManyField(many=True, read_only=True)
    system_users = StringManyToManyField(many=True, read_only=True)
    actions = StringManyToManyField(many=True, read_only=True)
    is_valid = serializers.BooleanField()
    is_expired = serializers.BooleanField()

    class Meta:
        model = AssetPermission
        fields = '__all__'


class AssetPermissionUpdateUserSerializer(serializers.ModelSerializer):

    class Meta:
        model = AssetPermission
        fields = ['id', 'users']


class AssetPermissionUpdateAssetSerializer(serializers.ModelSerializer):

    class Meta:
        model = AssetPermission
        fields = ['id', 'assets']


class AssetPermissionNodeSerializer(serializers.ModelSerializer):
    asset = AssetGrantedSerializer(required=False)
    assets_amount = serializers.SerializerMethodField()

    tree_id = serializers.SerializerMethodField()
    tree_parent = serializers.SerializerMethodField()

    class Meta:
        model = Node
        fields = [
            'id', 'key', 'value', 'asset', 'is_node', 'org_id',
            'tree_id', 'tree_parent', 'assets_amount',
        ]

    @staticmethod
    def get_assets_amount(obj):
        return obj.assets_amount

    @staticmethod
    def get_tree_id(obj):
        return obj.key

    @staticmethod
    def get_tree_parent(obj):
        return obj.parent_key


class NodeGrantedSerializer(serializers.ModelSerializer):
    """
    授权资产组
    """
    assets_granted = AssetGrantedSerializer(many=True, read_only=True)
    assets_amount = serializers.SerializerMethodField()
    parent = serializers.SerializerMethodField()
    name = serializers.SerializerMethodField()

    class Meta:
        model = Node
        fields = [
            'id', 'key', 'name', 'value', 'parent',
            'assets_granted', 'assets_amount', 'org_id',
        ]

    @staticmethod
    def get_assets_amount(obj):
        return len(obj.assets_granted)

    @staticmethod
    def get_name(obj):
        return obj.name

    @staticmethod
    def get_parent(obj):
        return obj.parent.id


class GrantedNodeSerializer(serializers.ModelSerializer):
    class Meta:
        model = Node
        fields = [
            'id', 'name', 'key', 'value',
        ]


# class GrantedAssetSerializer(serializers.ModelSerializer):
#     protocols = ProtocolSerializer(many=True)
#
#     class Meta:
#         model = Asset
#         fields = [
#             'id', 'hostname', 'ip', 'protocols', 'port', 'protocol',
#             'platform', 'domain', 'is_active', 'comment'
#         ]


# class GrantedSystemUserSerializer(serializers.ModelSerializer):
#     class Meta:
#         model = SystemUser
#         fields = [
#             'id', 'name', 'username', 'protocol', 'priority',
#             'login_mode', 'comment'
#         ]
Update api 2016-10-19 11:30:55 +00:00			`# -- coding: utf-8 --`
			`#`

Finish user permission revoke 2016-11-10 08:59:50 +00:00			`from rest_framework import serializers`
[Update] Luna支持异步加载 2018-10-30 04:06:39 +00:00
[Update] 修改Permr认证 2018-04-10 12:29:06 +00:00			`from common.fields import StringManyToManyField`
[Update] serializer mixin继承 (#2810) * [Update] serializer mixin继承 * [Update] 修改system user更新serialzier * [Update] 修改success message 2019-06-19 08:45:14 +00:00			`from orgs.mixins import BulkOrgResourceModelSerializer`
[Feature] 添加功能 RemoteApp (#2706) * [Feature] RemoteApp添加Model * [Feature] RemoteApp添加ViewSet API * [Feature] RemoteApp添加获取connection-info API * [Feature] Perms模块修改目录结构 * [Feature] RemoteAppPermission添加Model * [Feature] RemoteAppPermission添加ViewSet API * [Feature] RemoteAppPermission添加用户/用户组获取被授权的RemoteApp API * [Feature] RemoteAppPermission添加校验用户对RemoteApp的权限 API * [Feature] RemoteAppPermission添加获取用户授权的RemoteApp树 API * [Feature] RemoteAppPermission添加<添加/移除>所授权的<用户/RemoteApp> API * [Feature] RemoteApp添加创建、更新、详情、删除、用户RemoteApp等页面 * [Feature] RemoteAppPermission添加创建、更新、详情、删除、授权用户、授权RemoteApp等页面 * [Feature] RemoteApp从assets模块迁移到新添加的applications模块 * [Feature] RemoteApp/RemoteAppPermission添加迁移文件 * [Feature] RemoteApp/RemoteAppPermission修改小细节 * [Feature] RemoteApp/RemoteAppPermission修改小细节2 * [Feature] RemoteApp/RemoteAppPermission修改小细节3 * [Feature] RemoteApp更新迁移文件 * [Feature] RemoteApp/RemoteAppPermission添加翻译信息 * [Feature] RemoteApp/RemoteAppPermission删除迁移文件 * [Feature] RemoteApp/RemoteAppPermission添加迁移文件 * [Feature] RemoteApp/RemoteAppPermission修改代码风格 2019-05-20 11:39:53 +00:00			`from perms.models import AssetPermission, Action`
[Bugfix] 和资产相关的Serializer添加protocols字段； (#2800) * [Bugfix] 和资产相关的Serializer添加protocols字段； * [Bugfix] RemoteApp Form 修改过滤RDP协议资产 * [Bugfix] 修改小问题 2019-06-17 08:46:01 +00:00			`from assets.models import Node`
[Update] Luna支持异步加载 2018-10-30 04:06:39 +00:00			`from assets.serializers import AssetGrantedSerializer`
stash it 2016-11-04 10:33:16 +00:00
Command (#2134) * [Update] 任务区分org * [Update] 修改翻译 * [Update] 使用id而不是hostname * [Update] 执行命令 * [Update] 修改一些东西 * [Update] 暂存 * [Update] 用户执行命令 * [Update] 添加资产授权模块-tree * [Update] 暂时这样 * [Update] 批量命令执行 * [Update] 修改表结构 * [Update] 更新翻译 * [Update] 删除cloud模块无效中文翻译 2018-12-10 02:11:54 +00:00			`__all__ = [`
			`'AssetPermissionCreateUpdateSerializer', 'AssetPermissionListSerializer',`
			`'AssetPermissionUpdateUserSerializer', 'AssetPermissionUpdateAssetSerializer',`
			`'AssetPermissionNodeSerializer', 'GrantedNodeSerializer',`
[Feature] 添加功能 RemoteApp (#2706) * [Feature] RemoteApp添加Model * [Feature] RemoteApp添加ViewSet API * [Feature] RemoteApp添加获取connection-info API * [Feature] Perms模块修改目录结构 * [Feature] RemoteAppPermission添加Model * [Feature] RemoteAppPermission添加ViewSet API * [Feature] RemoteAppPermission添加用户/用户组获取被授权的RemoteApp API * [Feature] RemoteAppPermission添加校验用户对RemoteApp的权限 API * [Feature] RemoteAppPermission添加获取用户授权的RemoteApp树 API * [Feature] RemoteAppPermission添加<添加/移除>所授权的<用户/RemoteApp> API * [Feature] RemoteApp添加创建、更新、详情、删除、用户RemoteApp等页面 * [Feature] RemoteAppPermission添加创建、更新、详情、删除、授权用户、授权RemoteApp等页面 * [Feature] RemoteApp从assets模块迁移到新添加的applications模块 * [Feature] RemoteApp/RemoteAppPermission添加迁移文件 * [Feature] RemoteApp/RemoteAppPermission修改小细节 * [Feature] RemoteApp/RemoteAppPermission修改小细节2 * [Feature] RemoteApp/RemoteAppPermission修改小细节3 * [Feature] RemoteApp更新迁移文件 * [Feature] RemoteApp/RemoteAppPermission添加翻译信息 * [Feature] RemoteApp/RemoteAppPermission删除迁移文件 * [Feature] RemoteApp/RemoteAppPermission添加迁移文件 * [Feature] RemoteApp/RemoteAppPermission修改代码风格 2019-05-20 11:39:53 +00:00			`'ActionSerializer', 'NodeGrantedSerializer',`
Command (#2134) * [Update] 任务区分org * [Update] 修改翻译 * [Update] 使用id而不是hostname * [Update] 执行命令 * [Update] 修改一些东西 * [Update] 暂存 * [Update] 用户执行命令 * [Update] 添加资产授权模块-tree * [Update] 暂时这样 * [Update] 批量命令执行 * [Update] 修改表结构 * [Update] 更新翻译 * [Update] 删除cloud模块无效中文翻译 2018-12-10 02:11:54 +00:00			`]`

stash it 2016-11-04 10:33:16 +00:00
[Feature] 授权规则添加 actions 选项，控制用户对资产的操作行为 (#2610) * [Feature] 1. perms actions - 添加 Action Model * [Feature] 2. perms actions - 添加 Action API * [Feature] 3. perms actions - 授权规则: 添加actions字段 * [Feature] 4. perms actions - 授权规则创建页面: 设置 actions 默认 all * [Feature] 5. perms actions - 资产授权工具: 动态给system_user设置actions属性; 修改授权相关的API-serializer类: 添加actions字段值 * [Feature] 6. perms actions - 更新API(用户使用系统用户连接资产时权限校验): 添加actions校验 * [Feature] 7. perms actions - 迁移文件中为已经存在的perms添加默认的action * [Feature] 8. perms actions - 创建授权规则时设置默认action(如果actions字段值为空) * [Feature] 9. check actions - 修改校验用户资产权限API逻辑(添加actions校验) * [Feature] 10. check actions - 修改注释 * [Feature] 11. check actions - 添加API: 获取用户指定资产和系统用户被授权的actions * [Feature] 12. check actions - 添加翻译信息 2019-04-22 03:42:20 +00:00			`class ActionSerializer(serializers.ModelSerializer):`
			`class Meta:`
			`model = Action`
			`fields = '__all__'`


[Update] serializer mixin继承 (#2810) * [Update] serializer mixin继承 * [Update] 修改system user更新serialzier * [Update] 修改success message 2019-06-19 08:45:14 +00:00			`class AssetPermissionCreateUpdateSerializer(BulkOrgResourceModelSerializer):`
stash it 2016-11-04 10:33:16 +00:00			`class Meta:`
[Update] 修改api和view 2018-04-08 12:02:40 +00:00			`model = AssetPermission`
[Update] 修改授权列表创建api，返回id 2018-05-04 06:54:58 +00:00			`exclude = ('created_by', 'date_created')`
[Bugfix] 修复授权和资产的一部分bug 2017-12-19 11:38:09 +00:00

[Update] serializer mixin继承 (#2810) * [Update] serializer mixin继承 * [Update] 修改system user更新serialzier * [Update] 修改success message 2019-06-19 08:45:14 +00:00			`class AssetPermissionListSerializer(BulkOrgResourceModelSerializer):`
[Update] 修改Permr认证 2018-04-10 12:29:06 +00:00			`users = StringManyToManyField(many=True, read_only=True)`
			`user_groups = StringManyToManyField(many=True, read_only=True)`
			`assets = StringManyToManyField(many=True, read_only=True)`
			`nodes = StringManyToManyField(many=True, read_only=True)`
			`system_users = StringManyToManyField(many=True, read_only=True)`
[Feature] 授权规则添加 actions 选项，控制用户对资产的操作行为 (#2610) * [Feature] 1. perms actions - 添加 Action Model * [Feature] 2. perms actions - 添加 Action API * [Feature] 3. perms actions - 授权规则: 添加actions字段 * [Feature] 4. perms actions - 授权规则创建页面: 设置 actions 默认 all * [Feature] 5. perms actions - 资产授权工具: 动态给system_user设置actions属性; 修改授权相关的API-serializer类: 添加actions字段值 * [Feature] 6. perms actions - 更新API(用户使用系统用户连接资产时权限校验): 添加actions校验 * [Feature] 7. perms actions - 迁移文件中为已经存在的perms添加默认的action * [Feature] 8. perms actions - 创建授权规则时设置默认action(如果actions字段值为空) * [Feature] 9. check actions - 修改校验用户资产权限API逻辑(添加actions校验) * [Feature] 10. check actions - 修改注释 * [Feature] 11. check actions - 添加API: 获取用户指定资产和系统用户被授权的actions * [Feature] 12. check actions - 添加翻译信息 2019-04-22 03:42:20 +00:00			`actions = StringManyToManyField(many=True, read_only=True)`
[Update] 权限页面增加过滤规则 (#2349) 2019-01-15 11:01:33 +00:00			`is_valid = serializers.BooleanField()`
			`is_expired = serializers.BooleanField()`
[Update] 修改Permr认证 2018-04-10 12:29:06 +00:00
[Abandon] ... 2018-02-01 09:14:15 +00:00			`class Meta:`
[Update] 修改api和view 2018-04-08 12:02:40 +00:00			`model = AssetPermission`
[Abandon] ... 2018-02-01 09:14:15 +00:00			`fields = '__all__'`
[Bugfix] 修复授权和资产的一部分bug 2017-12-19 11:38:09 +00:00

			`class AssetPermissionUpdateUserSerializer(serializers.ModelSerializer):`

			`class Meta:`
			`model = AssetPermission`
			`fields = ['id', 'users']`


			`class AssetPermissionUpdateAssetSerializer(serializers.ModelSerializer):`

			`class Meta:`
			`model = AssetPermission`
			`fields = ['id', 'assets']`

[Update] Luna支持异步加载 2018-10-30 04:06:39 +00:00
			`class AssetPermissionNodeSerializer(serializers.ModelSerializer):`
			`asset = AssetGrantedSerializer(required=False)`
			`assets_amount = serializers.SerializerMethodField()`

			`tree_id = serializers.SerializerMethodField()`
			`tree_parent = serializers.SerializerMethodField()`

			`class Meta:`
			`model = Node`
			`fields = [`
			`'id', 'key', 'value', 'asset', 'is_node', 'org_id',`
			`'tree_id', 'tree_parent', 'assets_amount',`
			`]`

			`@staticmethod`
			`def get_assets_amount(obj):`
			`return obj.assets_amount`

			`@staticmethod`
			`def get_tree_id(obj):`
			`return obj.key`

			`@staticmethod`
			`def get_tree_parent(obj):`
			`return obj.parent_key`
Command (#2134) * [Update] 任务区分org * [Update] 修改翻译 * [Update] 使用id而不是hostname * [Update] 执行命令 * [Update] 修改一些东西 * [Update] 暂存 * [Update] 用户执行命令 * [Update] 添加资产授权模块-tree * [Update] 暂时这样 * [Update] 批量命令执行 * [Update] 修改表结构 * [Update] 更新翻译 * [Update] 删除cloud模块无效中文翻译 2018-12-10 02:11:54 +00:00

Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`class NodeGrantedSerializer(serializers.ModelSerializer):`
			`"""`
			`授权资产组`
			`"""`
			`assets_granted = AssetGrantedSerializer(many=True, read_only=True)`
			`assets_amount = serializers.SerializerMethodField()`
			`parent = serializers.SerializerMethodField()`
			`name = serializers.SerializerMethodField()`

			`class Meta:`
			`model = Node`
			`fields = [`
			`'id', 'key', 'name', 'value', 'parent',`
			`'assets_granted', 'assets_amount', 'org_id',`
			`]`

			`@staticmethod`
			`def get_assets_amount(obj):`
			`return len(obj.assets_granted)`

			`@staticmethod`
			`def get_name(obj):`
			`return obj.name`

			`@staticmethod`
			`def get_parent(obj):`
			`return obj.parent.id`


Command (#2134) * [Update] 任务区分org * [Update] 修改翻译 * [Update] 使用id而不是hostname * [Update] 执行命令 * [Update] 修改一些东西 * [Update] 暂存 * [Update] 用户执行命令 * [Update] 添加资产授权模块-tree * [Update] 暂时这样 * [Update] 批量命令执行 * [Update] 修改表结构 * [Update] 更新翻译 * [Update] 删除cloud模块无效中文翻译 2018-12-10 02:11:54 +00:00			`class GrantedNodeSerializer(serializers.ModelSerializer):`
			`class Meta:`
			`model = Node`
			`fields = [`
			`'id', 'name', 'key', 'value',`
			`]`


[Bugfix] 和资产相关的Serializer添加protocols字段； (#2800) * [Bugfix] 和资产相关的Serializer添加protocols字段； * [Bugfix] RemoteApp Form 修改过滤RDP协议资产 * [Bugfix] 修改小问题 2019-06-17 08:46:01 +00:00			`# class GrantedAssetSerializer(serializers.ModelSerializer):`
			`# protocols = ProtocolSerializer(many=True)`
			`#`
			`# class Meta:`
			`# model = Asset`
			`# fields = [`
			`# 'id', 'hostname', 'ip', 'protocols', 'port', 'protocol',`
			`# 'platform', 'domain', 'is_active', 'comment'`
			`# ]`


			`# class GrantedSystemUserSerializer(serializers.ModelSerializer):`
			`# class Meta:`
			`# model = SystemUser`
			`# fields = [`
			`# 'id', 'name', 'username', 'protocol', 'priority',`
			`# 'login_mode', 'comment'`
			`# ]`