2021-07-12 07:55:29 +00:00
|
|
|
|
from django_filters import rest_framework as filters
|
2022-02-28 11:28:58 +00:00
|
|
|
|
from rest_framework.decorators import action
|
2021-07-08 06:23:18 +00:00
|
|
|
|
from rest_framework.response import Response
|
2021-07-13 04:18:19 +00:00
|
|
|
|
from rest_framework.generics import CreateAPIView
|
2021-07-08 06:23:18 +00:00
|
|
|
|
|
|
|
|
|
|
from orgs.mixins.api import OrgBulkModelViewSet
|
2022-02-28 11:28:58 +00:00
|
|
|
|
from rbac.permissions import RBACPermission
|
2022-08-31 03:42:20 +00:00
|
|
|
|
from common.drf.filters import BaseFilterSet, UUIDInFilter
|
2022-05-05 06:42:09 +00:00
|
|
|
|
from common.mixins import RecordViewLogMixin
|
2022-07-04 03:29:39 +00:00
|
|
|
|
from common.permissions import UserConfirmation
|
|
|
|
|
|
from authentication.const import ConfirmType
|
2021-07-08 06:23:18 +00:00
|
|
|
|
from ..tasks.account_connectivity import test_accounts_connectivity_manual
|
2022-08-31 03:42:20 +00:00
|
|
|
|
from ..models import Account, Node
|
2021-07-08 06:23:18 +00:00
|
|
|
|
from .. import serializers
|
|
|
|
|
|
|
2022-07-04 10:54:47 +00:00
|
|
|
|
__all__ = ['AccountFilterSet', 'AccountViewSet', 'AccountSecretsViewSet', 'AccountTaskCreateAPI']
|
2021-07-08 06:23:18 +00:00
|
|
|
|
|
|
|
|
|
|
|
2021-07-12 07:55:29 +00:00
|
|
|
|
class AccountFilterSet(BaseFilterSet):
|
|
|
|
|
|
ip = filters.CharFilter(field_name='ip', lookup_expr='exact')
|
2022-08-11 07:45:03 +00:00
|
|
|
|
hostname = filters.CharFilter(field_name='name', lookup_expr='exact')
|
2022-08-31 03:42:20 +00:00
|
|
|
|
username = filters.CharFilter(field_name="username", lookup_expr='exact')
|
|
|
|
|
|
assets = UUIDInFilter(field_name='asset_id', lookup_expr='in')
|
|
|
|
|
|
nodes = UUIDInFilter(method='filter_nodes')
|
|
|
|
|
|
|
|
|
|
|
|
def filter_nodes(self, queryset, name, value):
|
|
|
|
|
|
nodes = Node.objects.filter(id__in=value)
|
|
|
|
|
|
if not nodes:
|
|
|
|
|
|
return queryset
|
|
|
|
|
|
|
|
|
|
|
|
node_qs = Node.objects.none()
|
|
|
|
|
|
for node in nodes:
|
|
|
|
|
|
node_qs |= node.get_all_children(with_self=True)
|
|
|
|
|
|
node_ids = list(node_qs.values_list('id', flat=True))
|
|
|
|
|
|
queryset = queryset.filter(asset__nodes__in=node_ids)
|
|
|
|
|
|
return queryset
|
2021-07-22 08:17:23 +00:00
|
|
|
|
|
2021-07-12 07:55:29 +00:00
|
|
|
|
class Meta:
|
2022-07-14 02:56:09 +00:00
|
|
|
|
model = Account
|
2021-07-12 07:55:29 +00:00
|
|
|
|
fields = [
|
2022-08-31 03:42:20 +00:00
|
|
|
|
'asset', 'id'
|
2021-07-12 07:55:29 +00:00
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-07-08 06:23:18 +00:00
|
|
|
|
class AccountViewSet(OrgBulkModelViewSet):
|
2022-07-14 02:56:09 +00:00
|
|
|
|
model = Account
|
2022-08-11 07:45:03 +00:00
|
|
|
|
filterset_fields = ("username", "asset", 'ip', 'name')
|
|
|
|
|
|
search_fields = ('username', 'ip', 'name')
|
2021-07-12 07:55:29 +00:00
|
|
|
|
filterset_class = AccountFilterSet
|
2021-07-08 06:23:18 +00:00
|
|
|
|
serializer_classes = {
|
|
|
|
|
|
'default': serializers.AccountSerializer,
|
|
|
|
|
|
'verify_account': serializers.AssetTaskSerializer
|
|
|
|
|
|
}
|
2022-02-22 07:37:56 +00:00
|
|
|
|
rbac_perms = {
|
2022-03-14 09:49:18 +00:00
|
|
|
|
'verify_account': 'assets.test_authbook',
|
2022-03-16 16:55:23 +00:00
|
|
|
|
'partial_update': 'assets.change_assetaccountsecret',
|
2022-02-22 07:37:56 +00:00
|
|
|
|
}
|
2021-07-08 06:23:18 +00:00
|
|
|
|
|
|
|
|
|
|
@action(methods=['post'], detail=True, url_path='verify')
|
|
|
|
|
|
def verify_account(self, request, *args, **kwargs):
|
|
|
|
|
|
account = super().get_object()
|
|
|
|
|
|
task = test_accounts_connectivity_manual.delay([account])
|
|
|
|
|
|
return Response(data={'task': task.id})
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-05-05 06:42:09 +00:00
|
|
|
|
class AccountSecretsViewSet(RecordViewLogMixin, AccountViewSet):
|
2021-07-08 06:23:18 +00:00
|
|
|
|
"""
|
|
|
|
|
|
因为可能要导出所有账号,所以单独建立了一个 viewset
|
|
|
|
|
|
"""
|
|
|
|
|
|
serializer_classes = {
|
|
|
|
|
|
'default': serializers.AccountSecretSerializer
|
|
|
|
|
|
}
|
|
|
|
|
|
http_method_names = ['get']
|
2022-07-04 03:29:39 +00:00
|
|
|
|
permission_classes = [RBACPermission, UserConfirmation.require(ConfirmType.MFA)]
|
2022-02-17 12:13:31 +00:00
|
|
|
|
rbac_perms = {
|
2022-03-07 09:55:35 +00:00
|
|
|
|
'list': 'assets.view_assetaccountsecret',
|
|
|
|
|
|
'retrieve': 'assets.view_assetaccountsecret',
|
2022-02-17 12:13:31 +00:00
|
|
|
|
}
|
2021-07-08 06:23:18 +00:00
|
|
|
|
|
2021-07-13 04:18:19 +00:00
|
|
|
|
|
|
|
|
|
|
class AccountTaskCreateAPI(CreateAPIView):
|
|
|
|
|
|
serializer_class = serializers.AccountTaskSerializer
|
|
|
|
|
|
filterset_fields = AccountViewSet.filterset_fields
|
|
|
|
|
|
search_fields = AccountViewSet.search_fields
|
|
|
|
|
|
filterset_class = AccountViewSet.filterset_class
|
|
|
|
|
|
|
2022-02-17 12:13:31 +00:00
|
|
|
|
def check_permissions(self, request):
|
|
|
|
|
|
return request.user.has_perm('assets.test_assetconnectivity')
|
|
|
|
|
|
|
2021-07-13 04:18:19 +00:00
|
|
|
|
def get_accounts(self):
|
2022-07-14 02:56:09 +00:00
|
|
|
|
queryset = Account.objects.all()
|
2021-07-13 04:18:19 +00:00
|
|
|
|
queryset = self.filter_queryset(queryset)
|
|
|
|
|
|
return queryset
|
|
|
|
|
|
|
|
|
|
|
|
def perform_create(self, serializer):
|
|
|
|
|
|
accounts = self.get_accounts()
|
|
|
|
|
|
task = test_accounts_connectivity_manual.delay(accounts)
|
|
|
|
|
|
data = getattr(serializer, '_data', {})
|
|
|
|
|
|
data["task"] = task.id
|
|
|
|
|
|
setattr(serializer, '_data', data)
|
|
|
|
|
|
return task
|
|
|
|
|
|
|
|
|
|
|
|
def get_exception_handler(self):
|
|
|
|
|
|
def handler(e, context):
|
|
|
|
|
|
return Response({"error": str(e)}, status=400)
|
|
|
|
|
|
return handler
|
