2018-07-25 03:21:12 +00:00
|
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
#
|
|
|
|
|
|
2020-07-15 06:35:48 +00:00
|
|
|
|
from django.utils.translation import ugettext as _
|
2022-04-20 08:32:33 +00:00
|
|
|
|
from django.conf import settings
|
2018-11-02 06:38:44 +00:00
|
|
|
|
from rest_framework_bulk import BulkModelViewSet
|
2021-03-02 06:57:48 +00:00
|
|
|
|
from rest_framework.generics import RetrieveAPIView
|
|
|
|
|
from rest_framework.exceptions import PermissionDenied
|
2018-07-25 03:21:12 +00:00
|
|
|
|
|
2022-02-17 12:13:31 +00:00
|
|
|
|
from common.permissions import IsValidUser
|
|
|
|
|
from .models import Organization
|
2020-08-03 08:17:46 +00:00
|
|
|
|
from .serializers import (
|
2022-02-17 12:13:31 +00:00
|
|
|
|
OrgSerializer, CurrentOrgSerializer
|
2020-08-03 08:17:46 +00:00
|
|
|
|
)
|
2018-11-02 06:38:44 +00:00
|
|
|
|
from users.models import User, UserGroup
|
2021-03-15 09:46:43 +00:00
|
|
|
|
from assets.models import (
|
2021-12-29 08:02:25 +00:00
|
|
|
|
Asset, Domain, SystemUser, Label, Node, Gateway,
|
2021-03-15 09:46:43 +00:00
|
|
|
|
CommandFilter, CommandFilterRule, GatheredUser
|
|
|
|
|
)
|
|
|
|
|
from applications.models import Application
|
|
|
|
|
from perms.models import AssetPermission, ApplicationPermission
|
|
|
|
|
from orgs.utils import current_org, tmp_to_root_org
|
2018-11-02 06:38:44 +00:00
|
|
|
|
from common.utils import get_logger
|
2020-09-28 10:49:18 +00:00
|
|
|
|
|
2018-07-25 03:21:12 +00:00
|
|
|
|
|
2018-11-02 06:38:44 +00:00
|
|
|
|
logger = get_logger(__file__)
|
2018-07-25 03:21:12 +00:00
|
|
|
|
|
2018-11-02 06:38:44 +00:00
|
|
|
|
|
2021-03-15 09:46:43 +00:00
|
|
|
|
# 部分 org 相关的 model,需要清空这些数据之后才能删除该组织
|
|
|
|
|
org_related_models = [
|
2021-12-29 08:02:25 +00:00
|
|
|
|
User, UserGroup, Asset, Label, Domain, Gateway, Node, SystemUser, Label,
|
2021-03-15 09:46:43 +00:00
|
|
|
|
CommandFilter, CommandFilterRule, GatheredUser,
|
|
|
|
|
AssetPermission, ApplicationPermission,
|
|
|
|
|
Application,
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
2018-11-02 06:38:44 +00:00
|
|
|
|
class OrgViewSet(BulkModelViewSet):
|
2021-01-07 02:53:10 +00:00
|
|
|
|
filterset_fields = ('name',)
|
2020-07-01 06:38:03 +00:00
|
|
|
|
search_fields = ('name', 'comment')
|
2018-07-25 03:21:12 +00:00
|
|
|
|
queryset = Organization.objects.all()
|
|
|
|
|
serializer_class = OrgSerializer
|
2021-10-22 06:27:54 +00:00
|
|
|
|
ordering_fields = ('name',)
|
|
|
|
|
ordering = ('name', )
|
2018-11-02 06:38:44 +00:00
|
|
|
|
|
|
|
|
|
def get_serializer_class(self):
|
2020-05-21 08:09:42 +00:00
|
|
|
|
mapper = {
|
2022-02-17 12:13:31 +00:00
|
|
|
|
'list': OrgSerializer,
|
|
|
|
|
'retrieve': OrgSerializer
|
2020-05-21 08:09:42 +00:00
|
|
|
|
}
|
|
|
|
|
return mapper.get(self.action, super().get_serializer_class())
|
2018-11-02 06:38:44 +00:00
|
|
|
|
|
2021-03-15 09:46:43 +00:00
|
|
|
|
@tmp_to_root_org()
|
2021-06-03 03:16:54 +00:00
|
|
|
|
def get_data_from_model(self, org, model):
|
2018-11-02 06:38:44 +00:00
|
|
|
|
if model == User:
|
2022-02-17 12:13:31 +00:00
|
|
|
|
data = model.get_org_users(org=org)
|
2021-03-15 09:46:43 +00:00
|
|
|
|
elif model == Node:
|
2021-06-03 03:16:54 +00:00
|
|
|
|
# 根节点不能手动删除,所以排除检查
|
|
|
|
|
data = model.objects.filter(org_id=org.id).exclude(parent_key='', key__regex=r'^[0-9]+$')
|
2018-11-02 06:38:44 +00:00
|
|
|
|
else:
|
2021-06-03 03:16:54 +00:00
|
|
|
|
data = model.objects.filter(org_id=org.id)
|
2018-11-02 06:38:44 +00:00
|
|
|
|
return data
|
|
|
|
|
|
2021-06-03 03:16:54 +00:00
|
|
|
|
def allow_bulk_destroy(self, qs, filtered):
|
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
def perform_destroy(self, instance):
|
|
|
|
|
if str(current_org) == str(instance):
|
2021-10-21 07:10:16 +00:00
|
|
|
|
msg = _('The current organization ({}) cannot be deleted').format(current_org)
|
2021-06-03 03:16:54 +00:00
|
|
|
|
raise PermissionDenied(detail=msg)
|
|
|
|
|
|
2022-04-20 08:38:42 +00:00
|
|
|
|
if str(instance.id) == settings.AUTH_LDAP_SYNC_ORG_ID:
|
|
|
|
|
msg = _(
|
|
|
|
|
'LDAP synchronization is set to the current organization. Please switch to another organization before deleting'
|
|
|
|
|
)
|
|
|
|
|
raise PermissionDenied(detail=msg)
|
|
|
|
|
|
2021-03-15 09:46:43 +00:00
|
|
|
|
for model in org_related_models:
|
2021-06-03 03:16:54 +00:00
|
|
|
|
data = self.get_data_from_model(instance, model)
|
|
|
|
|
if not data:
|
|
|
|
|
continue
|
|
|
|
|
msg = _(
|
|
|
|
|
'The organization have resource ({}) cannot be deleted'
|
|
|
|
|
).format(model._meta.verbose_name)
|
|
|
|
|
raise PermissionDenied(detail=msg)
|
|
|
|
|
|
|
|
|
|
super().perform_destroy(instance)
|
2018-11-02 06:38:44 +00:00
|
|
|
|
|
|
|
|
|
|
2021-03-02 06:57:48 +00:00
|
|
|
|
class CurrentOrgDetailApi(RetrieveAPIView):
|
|
|
|
|
serializer_class = CurrentOrgSerializer
|
2022-02-17 12:13:31 +00:00
|
|
|
|
permission_classes = (IsValidUser,)
|
2021-03-02 06:57:48 +00:00
|
|
|
|
|
|
|
|
|
def get_object(self):
|
|
|
|
|
return current_org
|