2021-07-27 08:06:00 +00:00
|
|
|
# coding: utf-8
|
|
|
|
#
|
|
|
|
|
|
|
|
from django_filters import rest_framework as filters
|
2021-09-09 08:04:54 +00:00
|
|
|
from django.db.models import F, Q
|
2021-07-27 08:06:00 +00:00
|
|
|
|
|
|
|
from common.drf.filters import BaseFilterSet
|
2021-09-09 08:04:54 +00:00
|
|
|
from common.drf.api import JMSBulkModelViewSet
|
2022-02-17 12:13:31 +00:00
|
|
|
from rbac.permissions import RBACPermission
|
2022-03-14 08:47:32 +00:00
|
|
|
from assets.models import SystemUser
|
2021-09-09 08:04:54 +00:00
|
|
|
from ..models import Account
|
2022-02-17 12:13:31 +00:00
|
|
|
from ..hands import NeedMFAVerify
|
2021-07-27 08:06:00 +00:00
|
|
|
from .. import serializers
|
|
|
|
|
|
|
|
|
|
|
|
class AccountFilterSet(BaseFilterSet):
|
2021-09-13 07:07:33 +00:00
|
|
|
username = filters.CharFilter(method='do_nothing')
|
2021-09-09 08:04:54 +00:00
|
|
|
type = filters.CharFilter(field_name='type', lookup_expr='exact')
|
|
|
|
category = filters.CharFilter(field_name='category', lookup_expr='exact')
|
|
|
|
app_display = filters.CharFilter(field_name='app_display', lookup_expr='exact')
|
2021-07-27 08:06:00 +00:00
|
|
|
|
|
|
|
class Meta:
|
2021-09-09 08:04:54 +00:00
|
|
|
model = Account
|
|
|
|
fields = ['app', 'systemuser']
|
|
|
|
|
|
|
|
@property
|
|
|
|
def qs(self):
|
|
|
|
qs = super().qs
|
|
|
|
qs = self.filter_username(qs)
|
|
|
|
return qs
|
|
|
|
|
|
|
|
def filter_username(self, qs):
|
|
|
|
username = self.get_query_param('username')
|
|
|
|
if not username:
|
|
|
|
return qs
|
2022-02-17 12:13:31 +00:00
|
|
|
q = Q(username=username) | Q(systemuser__username=username)
|
|
|
|
qs = qs.filter(q).distinct()
|
2021-09-09 08:04:54 +00:00
|
|
|
return qs
|
|
|
|
|
|
|
|
|
|
|
|
class ApplicationAccountViewSet(JMSBulkModelViewSet):
|
|
|
|
model = Account
|
|
|
|
search_fields = ['username', 'app_display']
|
2021-07-27 08:06:00 +00:00
|
|
|
filterset_class = AccountFilterSet
|
2021-09-09 08:04:54 +00:00
|
|
|
filterset_fields = ['username', 'app_display', 'type', 'category', 'app']
|
|
|
|
serializer_class = serializers.AppAccountSerializer
|
2021-07-27 08:06:00 +00:00
|
|
|
|
|
|
|
def get_queryset(self):
|
2022-01-17 07:58:39 +00:00
|
|
|
queryset = Account.get_queryset()
|
2021-08-17 06:16:41 +00:00
|
|
|
return queryset
|
|
|
|
|
2021-07-27 08:06:00 +00:00
|
|
|
|
2022-03-14 08:47:32 +00:00
|
|
|
class SystemUserAppRelationViewSet(ApplicationAccountViewSet):
|
|
|
|
perm_model = SystemUser
|
|
|
|
|
|
|
|
|
2021-07-27 08:06:00 +00:00
|
|
|
class ApplicationAccountSecretViewSet(ApplicationAccountViewSet):
|
2021-09-09 08:04:54 +00:00
|
|
|
serializer_class = serializers.AppAccountSecretSerializer
|
2022-02-17 12:13:31 +00:00
|
|
|
permission_classes = [RBACPermission, NeedMFAVerify]
|
2021-07-27 08:06:00 +00:00
|
|
|
http_method_names = ['get', 'options']
|
2022-02-17 12:13:31 +00:00
|
|
|
rbac_perms = {
|
2022-02-21 08:24:03 +00:00
|
|
|
'retrieve': 'applications.view_applicationaccountsecret',
|
|
|
|
'list': 'applications.view_applicationaccountsecret',
|
2022-02-17 12:13:31 +00:00
|
|
|
}
|