diff --git a/apps/assets/api/node.py b/apps/assets/api/node.py index 5eb91e575..273ac667f 100644 --- a/apps/assets/api/node.py +++ b/apps/assets/api/node.py @@ -173,7 +173,7 @@ class NodeChildrenAsTreeApi(SerializeToTreeNodeMixin, NodeChildrenApi): return [] assets = self.instance.get_assets().only( "id", "hostname", "ip", "os", - "org_id", "protocols", + "org_id", "protocols", "is_active" ) return self.serialize_assets(assets, self.instance.key) diff --git a/apps/perms/utils/asset/user_permission.py b/apps/perms/utils/asset/user_permission.py index 274a27d4d..40f5ba478 100644 --- a/apps/perms/utils/asset/user_permission.py +++ b/apps/perms/utils/asset/user_permission.py @@ -34,27 +34,6 @@ TMP_ASSET_GRANTED_FIELD = '_asset_granted' TMP_GRANTED_ASSETS_AMOUNT_FIELD = '_granted_assets_amount' -# 使用场景 -# Asset.objects.filter(get_user_resources_q_granted_by_permissions(user)) -def get_user_resources_q_granted_by_permissions(user: User): - """ - 获取用户关联的 asset permission 或者 用户组关联的 asset permission 获取规则, - 前提 AssetPermission 对象中的 related_name 为 granted_by_permissions - :param user: - :return: - """ - _now = now() - return reduce(and_, ( - Q(granted_by_permissions__date_start__lt=_now), - Q(granted_by_permissions__date_expired__gt=_now), - Q(granted_by_permissions__is_active=True), - ( - Q(granted_by_permissions__users=user) | - Q(granted_by_permissions__user_groups__users=user) - ) - )) - - # 使用场景 # `Node.objects.annotate(**node_annotate_mapping_node)` node_annotate_mapping_node = { @@ -384,7 +363,8 @@ def get_node_all_granted_assets(user: User, key): if only_asset_granted_nodes_qs: only_asset_granted_nodes_q = reduce(or_, only_asset_granted_nodes_qs) - only_asset_granted_nodes_q &= get_user_resources_q_granted_by_permissions(user) + asset_perms_id = get_user_all_assetpermissions_id(user) + only_asset_granted_nodes_q &= Q(granted_by_permissions__id__in=list(asset_perms_id)) q.append(only_asset_granted_nodes_q) if q: