jumpserver/apps/assets/api/asset.py

# -*- coding: utf-8 -*-
#

import random

from rest_framework import generics
from rest_framework.response import Response
from rest_framework_bulk import BulkModelViewSet
from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView
from rest_framework.pagination import LimitOffsetPagination
from django.shortcuts import get_object_or_404
from django.db.models import Q

from common.mixins import IDInFilterMixin
from common.utils import get_logger
from common.permissions import IsOrgAdmin, IsOrgAdminOrAppUser
from ..models import Asset, AdminUser, Node
from .. import serializers
from ..tasks import update_asset_hardware_info_manual, \
    test_asset_connectivity_manual
from ..utils import LabelFilter


logger = get_logger(__file__)
__all__ = [
    'AssetViewSet', 'AssetListUpdateApi',
    'AssetRefreshHardwareApi', 'AssetAdminUserTestApi',
    'AssetGatewayApi'
]


class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
    """
    API endpoint that allows Asset to be viewed or edited.
    """
    filter_fields = ("hostname", "ip")
    search_fields = filter_fields
    ordering_fields = ("hostname", "ip", "port", "cpu_cores")
    queryset = Asset.objects.all()
    serializer_class = serializers.AssetSerializer
    pagination_class = LimitOffsetPagination
    permission_classes = (IsOrgAdminOrAppUser,)

    def filter_node(self, queryset):
        node_id = self.request.query_params.get("node_id")
        if not node_id:
            return queryset

        node = get_object_or_404(Node, id=node_id)
        show_current_asset = self.request.query_params.get("show_current_asset") in ('1', 'true')

        if node.is_root() and show_current_asset:
            queryset = queryset.filter(
                Q(nodes=node_id) | Q(nodes__isnull=True)
            )
        elif node.is_root() and not show_current_asset:
            pass
        elif not node.is_root() and show_current_asset:
            queryset = queryset.filter(nodes=node)
        else:
            queryset = queryset.filter(
                nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key),
            )
        return queryset

    def filter_admin_user_id(self, queryset):
        admin_user_id = self.request.query_params.get('admin_user_id')
        if not admin_user_id:
            return queryset
        admin_user = get_object_or_404(AdminUser, id=admin_user_id)
        queryset = queryset.filter(admin_user=admin_user)
        return queryset

    def filter_queryset(self, queryset):
        queryset = super().filter_queryset(queryset)
        queryset = self.filter_node(queryset)
        queryset = self.filter_admin_user_id(queryset)
        return queryset

    def get_queryset(self):
        queryset = super().get_queryset().distinct()
        queryset = self.get_serializer_class().setup_eager_loading(queryset)
        return queryset


class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):
    """
    Asset bulk update api
    """
    queryset = Asset.objects.all()
    serializer_class = serializers.AssetSerializer
    permission_classes = (IsOrgAdmin,)


class AssetRefreshHardwareApi(generics.RetrieveAPIView):
    """
    Refresh asset hardware info
    """
    queryset = Asset.objects.all()
    serializer_class = serializers.AssetSerializer
    permission_classes = (IsOrgAdmin,)

    def retrieve(self, request, *args, **kwargs):
        asset_id = kwargs.get('pk')
        asset = get_object_or_404(Asset, pk=asset_id)
        task = update_asset_hardware_info_manual.delay(asset)
        return Response({"task": task.id})


class AssetAdminUserTestApi(generics.RetrieveAPIView):
    """
    Test asset admin user assets_connectivity
    """
    queryset = Asset.objects.all()
    permission_classes = (IsOrgAdmin,)

    def retrieve(self, request, *args, **kwargs):
        asset_id = kwargs.get('pk')
        asset = get_object_or_404(Asset, pk=asset_id)
        task = test_asset_connectivity_manual.delay(asset)
        return Response({"task": task.id})


class AssetGatewayApi(generics.RetrieveAPIView):
    queryset = Asset.objects.all()
    permission_classes = (IsOrgAdminOrAppUser,)

    def retrieve(self, request, *args, **kwargs):
        asset_id = kwargs.get('pk')
        asset = get_object_or_404(Asset, pk=asset_id)

        if asset.domain and \
                asset.domain.gateways.filter(protocol=asset.protocol).exists():
            gateway = random.choice(asset.domain.gateways.filter(protocol=asset.protocol))
            serializer = serializers.GatewayWithAuthSerializer(instance=gateway)
            return Response(serializer.data)
        else:
            return Response({"msg": "Not have gateway"}, status=404)
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`# -- coding: utf-8 --`
			`#`

[Update] 添加gateway api 2018-07-10 08:03:05 +00:00			`import random`

[Bugfix] 修复资产权限 2018-09-03 11:41:44 +00:00			`from rest_framework import generics`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`from rest_framework.response import Response`
			`from rest_framework_bulk import BulkModelViewSet`
			`from rest_framework_bulk import ListBulkCreateUpdateDestroyAPIView`
			`from rest_framework.pagination import LimitOffsetPagination`
			`from django.shortcuts import get_object_or_404`
			`from django.db.models import Q`

			`from common.mixins import IDInFilterMixin`
			`from common.utils import get_logger`
[Bugfix] 修复资产权限 2018-09-03 11:41:44 +00:00			`from common.permissions import IsOrgAdmin, IsOrgAdminOrAppUser`
			`from ..models import Asset, AdminUser, Node`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`from .. import serializers`
			`from ..tasks import update_asset_hardware_info_manual, \`
[Update] Stash it (#2197) * [Update] Stash it * [Bugfix] 修复错误 * [Update] 修改jms 2018-12-18 09:28:45 +00:00			`test_asset_connectivity_manual`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`from ..utils import LabelFilter`


			`logger = get_logger(__file__)`
			`__all__ = [`
[Update] 更新api和model方法 2018-05-31 11:47:57 +00:00			`'AssetViewSet', 'AssetListUpdateApi',`
[Update] 添加gateway api 2018-07-10 08:03:05 +00:00			`'AssetRefreshHardwareApi', 'AssetAdminUserTestApi',`
			`'AssetGatewayApi'`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`]`


			`class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):`
			`"""`
			`API endpoint that allows Asset to be viewed or edited.`
			`"""`
			`filter_fields = ("hostname", "ip")`
			`search_fields = filter_fields`
[Update] 修改系统用户推送，拆分assets的部分模块 2018-02-09 03:12:40 +00:00			`ordering_fields = ("hostname", "ip", "port", "cpu_cores")`
[Update] 修改用户view 2018-07-14 16:55:05 +00:00			`queryset = Asset.objects.all()`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`serializer_class = serializers.AssetSerializer`
			`pagination_class = LimitOffsetPagination`
[Bugfix] 修复资产权限 2018-09-03 11:41:44 +00:00			`permission_classes = (IsOrgAdminOrAppUser,)`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`def filter_node(self, queryset):`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`node_id = self.request.query_params.get("node_id")`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00			`if not node_id:`
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`return queryset`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00
			`node = get_object_or_404(Node, id=node_id)`
[Bugfix] 修复Hostname可能不唯一引起的任务执行失败 2018-08-16 04:44:39 +00:00			`show_current_asset = self.request.query_params.get("show_current_asset") in ('1', 'true')`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`if node.is_root() and show_current_asset:`
			`queryset = queryset.filter(`
			`Q(nodes=node_id) \| Q(nodes__isnull=True)`
			`)`
			`elif node.is_root() and not show_current_asset:`
			`pass`
			`elif not node.is_root() and show_current_asset:`
			`queryset = queryset.filter(nodes=node)`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00			`else:`
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`queryset = queryset.filter(`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00			`nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key),`
[Update] 修改获取资产distinct 2018-10-24 05:05:32 +00:00			`)`
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`return queryset`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`def filter_admin_user_id(self, queryset):`
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00			`admin_user_id = self.request.query_params.get('admin_user_id')`
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`if not admin_user_id:`
			`return queryset`
			`admin_user = get_object_or_404(AdminUser, id=admin_user_id)`
			`queryset = queryset.filter(admin_user=admin_user)`
			`return queryset`

			`def filter_queryset(self, queryset):`
			`queryset = super().filter_queryset(queryset)`
			`queryset = self.filter_node(queryset)`
			`queryset = self.filter_admin_user_id(queryset)`
			`return queryset`
[Update] 优化代码 2018-05-28 07:00:06 +00:00
Tmp org (#1583) * [Update] 修改一些内容 * [Update] 修改datatable 支持process * [Bugfix] 修复asset queryset 没有valid方法的bug 2018-07-25 07:05:28 +00:00			`def get_queryset(self):`
Node asset amount (#2191) * [Bugfix] 修复错误 * [Update] 修改树结构，统一api 2018-12-17 10:20:44 +00:00			`queryset = super().get_queryset().distinct()`
			`queryset = self.get_serializer_class().setup_eager_loading(queryset)`
			`return queryset`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00

			`class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):`
			`"""`
			`Asset bulk update api`
			`"""`
[Update] 修改用户view 2018-07-14 16:55:05 +00:00			`queryset = Asset.objects.all()`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`serializer_class = serializers.AssetSerializer`
[Update] 修改permission (#1574) 2018-07-23 04:55:13 +00:00			`permission_classes = (IsOrgAdmin,)`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00

			`class AssetRefreshHardwareApi(generics.RetrieveAPIView):`
			`"""`
			`Refresh asset hardware info`
			`"""`
[Update] 修改用户view 2018-07-14 16:55:05 +00:00			`queryset = Asset.objects.all()`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`serializer_class = serializers.AssetSerializer`
[Update] 修改permission (#1574) 2018-07-23 04:55:13 +00:00			`permission_classes = (IsOrgAdmin,)`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00
			`def retrieve(self, request, args, *kwargs):`
			`asset_id = kwargs.get('pk')`
			`asset = get_object_or_404(Asset, pk=asset_id)`
[Update] 资产，系统用户，管理用户等支持查看日志 2018-04-02 08:55:39 +00:00			`task = update_asset_hardware_info_manual.delay(asset)`
			`return Response({"task": task.id})`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00

			`class AssetAdminUserTestApi(generics.RetrieveAPIView):`
			`"""`
[Update] Stash it (#2197) * [Update] Stash it * [Bugfix] 修复错误 * [Update] 修改jms 2018-12-18 09:28:45 +00:00			`Test asset admin user assets_connectivity`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00			`"""`
[Update] 修改用户view 2018-07-14 16:55:05 +00:00			`queryset = Asset.objects.all()`
[Update] 修改permission (#1574) 2018-07-23 04:55:13 +00:00			`permission_classes = (IsOrgAdmin,)`
[Update] 拆分asset api module 2018-02-06 10:32:02 +00:00
			`def retrieve(self, request, args, *kwargs):`
			`asset_id = kwargs.get('pk')`
			`asset = get_object_or_404(Asset, pk=asset_id)`
[Update] Stash it (#2197) * [Update] Stash it * [Bugfix] 修复错误 * [Update] 修改jms 2018-12-18 09:28:45 +00:00			`task = test_asset_connectivity_manual.delay(asset)`
[Update] 资产，系统用户，管理用户等支持查看日志 2018-04-02 08:55:39 +00:00			`return Response({"task": task.id})`
[Update] 添加gateway api 2018-07-10 08:03:05 +00:00

			`class AssetGatewayApi(generics.RetrieveAPIView):`
[Update] 修改用户view 2018-07-14 16:55:05 +00:00			`queryset = Asset.objects.all()`
[Update] 修改permission (#1574) 2018-07-23 04:55:13 +00:00			`permission_classes = (IsOrgAdminOrAppUser,)`
[Update] 添加gateway api 2018-07-10 08:03:05 +00:00
			`def retrieve(self, request, args, *kwargs):`
			`asset_id = kwargs.get('pk')`
			`asset = get_object_or_404(Asset, pk=asset_id)`

			`if asset.domain and \`
			`asset.domain.gateways.filter(protocol=asset.protocol).exists():`
			`gateway = random.choice(asset.domain.gateways.filter(protocol=asset.protocol))`
			`serializer = serializers.GatewayWithAuthSerializer(instance=gateway)`
			`return Response(serializer.data)`
			`else:`
			`return Response({"msg": "Not have gateway"}, status=404)`