[Update] 修改用户有权限的资产

apps/assets/serializers/asset.py

@@ -8,12 +8,11 @@ from django.utils.translation import ugettext_lazy as _
 from orgs.mixins import BulkOrgResourceModelSerializer
 from common.serializers import AdaptedBulkListSerializer
 from ..models import Asset, Protocol
-from .system_user import AssetSystemUserSerializer
 from .base import ConnectivitySerializer
 
 __all__ = [
-    'AssetSerializer', 'AssetGrantedSerializer', 'AssetSimpleSerializer',
+    'AssetSerializer', 'AssetSimpleSerializer',
-    'ProtocolSerializer',
+    'ProtocolSerializer', 'ProtocolsRelatedField',
 ]
 
 
@@ -147,30 +146,6 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
 #         fields = ['id', 'hostname', 'ip', 'platform', 'protocols']
 
 
-class AssetGrantedSerializer(serializers.ModelSerializer):
-    """
-    被授权资产的数据结构
-    """
-    protocols = ProtocolsRelatedField(
-        many=True, queryset=Protocol.objects.all(), label=_("Protocols")
-    )
-    system_users_granted = AssetSystemUserSerializer(many=True, read_only=True)
-    system_users_join = serializers.SerializerMethodField()
-    # nodes = NodeTMPSerializer(many=True, read_only=True)
-
-    class Meta:
-        model = Asset
-        fields = (
-            "id", "hostname", "ip", "protocols",
-            "system_users_granted", "is_active", "system_users_join", "os",
-            'domain', "platform", "comment", "org_id", "org_name",
-        )
-
-    @staticmethod
-    def get_system_users_join(obj):
-        system_users = [s.username for s in obj.system_users_granted]
-        return ', '.join(system_users)
-
 
 # class MyAssetGrantedSerializer(AssetGrantedSerializer):
 #     """

apps/assets/serializers/system_user.py

@@ -46,17 +46,7 @@ class SystemUserAuthSerializer(AuthSerializer):
         ]
 
 
-class AssetSystemUserSerializer(serializers.ModelSerializer):
-    """
-    查看授权的资产系统用户的数据结构，这个和AssetSerializer不同，字段少
-    """
 
-    class Meta:
-        model = SystemUser
-        fields = (
-            'id', 'name', 'username', 'priority',
-            'protocol',  'comment', 'login_mode',
-        )
 
 
 class SystemUserSimpleSerializer(serializers.ModelSerializer):

apps/perms/api/user_group_permission.py

@@ -8,14 +8,12 @@ from rest_framework.generics import (
 
 from common.permissions import IsOrgAdmin, IsOrgAdminOrAppUser
 from common.tree import TreeNodeSerializer
-from orgs.utils import set_to_root_org
 from ..utils import (
     AssetPermissionUtil, parse_asset_to_tree_node, parse_node_to_tree_node,
     RemoteAppPermissionUtil,
 )
 from ..hands import (
-    AssetGrantedSerializer, UserGroup,  Node, NodeSerializer,
+    UserGroup,  Node, NodeSerializer, RemoteAppSerializer,
-    RemoteAppSerializer,
 )
 from .. import serializers, const
 
@@ -30,7 +28,7 @@ __all__ = [
 
 class UserGroupGrantedAssetsApi(ListAPIView):
     permission_classes = (IsOrgAdmin,)
-    serializer_class = AssetGrantedSerializer
+    serializer_class = serializers.AssetGrantedSerializer
 
     def get_queryset(self):
         user_group_id = self.kwargs.get('pk', '')
@@ -120,7 +118,7 @@ class UserGroupGrantedNodesWithAssetsAsTreeApi(ListAPIView):
 
 class UserGroupGrantedNodeAssetsApi(ListAPIView):
     permission_classes = (IsOrgAdminOrAppUser,)
-    serializer_class = AssetGrantedSerializer
+    serializer_class = serializers.AssetGrantedSerializer
 
     def get_queryset(self):
         user_group_id = self.kwargs.get('pk', '')

apps/perms/api/user_permission.py

@@ -20,7 +20,7 @@ from ..utils import (
     construct_remote_apps_tree_root, parse_remote_app_to_tree_node,
 )
 from ..hands import (
-    User, Asset, Node, SystemUser, RemoteApp, AssetGrantedSerializer,
+    User, Asset, Node, SystemUser, RemoteApp,
     NodeSerializer, RemoteAppSerializer,
 )
 from .. import serializers, const
@@ -129,7 +129,7 @@ class UserGrantedAssetsApi(UserPermissionCacheMixin, AssetsFilterMixin, ListAPIV
     用户授权的所有资产
     """
     permission_classes = (IsOrgAdminOrAppUser,)
-    serializer_class = AssetGrantedSerializer
+    serializer_class = serializers.AssetGrantedSerializer
     pagination_class = LimitOffsetPagination
 
     def get_object(self):
@@ -146,7 +146,10 @@ class UserGrantedAssetsApi(UserPermissionCacheMixin, AssetsFilterMixin, ListAPIV
         util = AssetPermissionUtil(user, cache_policy=self.cache_policy)
         assets = util.get_assets()
         for k, v in assets.items():
-            system_users_granted = [s for s in v if k.has_protocol(s.protocol)]
+            system_users_granted = []
+            for system_user, actions in v.items():
+                system_user.actions = actions
+                system_users_granted.append(system_user)
             k.system_users_granted = system_users_granted
             queryset.append(k)
         return queryset
@@ -281,7 +284,7 @@ class UserGrantedNodeAssetsApi(UserPermissionCacheMixin, AssetsFilterMixin, List
     查询用户授权的节点下的资产的api, 与上面api不同的是，只返回某个节点下的资产
     """
     permission_classes = (IsOrgAdminOrAppUser,)
-    serializer_class = AssetGrantedSerializer
+    serializer_class = serializers.AssetGrantedSerializer
     pagination_class = LimitOffsetPagination
 
     def get_object(self):

apps/perms/hands.py

@@ -3,9 +3,7 @@
 
 from users.models import User, UserGroup
 from assets.models import Asset, SystemUser, Node
-from assets.serializers import (
+from assets.serializers import NodeSerializer
-    AssetGrantedSerializer, NodeSerializer
-)
 from applications.serializers import RemoteAppSerializer
 from applications.models import RemoteApp
 

apps/perms/serializers/__init__.py

@@ -2,4 +2,5 @@
 #
 
 from .asset_permission import *
+from .user_permission import *
 from .remote_app_permission import *

apps/perms/serializers/asset_permission.py

@@ -1,20 +1,16 @@
 # -*- coding: utf-8 -*-
 #
 
-from functools import reduce
 from rest_framework import serializers
 
 from common.fields import StringManyToManyField
 from orgs.mixins import BulkOrgResourceModelSerializer
-from perms.models import AssetPermission, Action, ActionFlag
+from perms.models import AssetPermission, ActionFlag
-from assets.models import Node
-from assets.serializers import AssetGrantedSerializer
 
 __all__ = [
     'AssetPermissionCreateUpdateSerializer', 'AssetPermissionListSerializer',
     'AssetPermissionUpdateUserSerializer', 'AssetPermissionUpdateAssetSerializer',
-    'AssetPermissionNodeSerializer', 'GrantedNodeSerializer',
+    'ActionField',
-    'NodeGrantedSerializer',
 ]
 
 
@@ -72,87 +68,3 @@ class AssetPermissionUpdateAssetSerializer(serializers.ModelSerializer):
     class Meta:
         model = AssetPermission
         fields = ['id', 'assets']
-
-
-class AssetPermissionNodeSerializer(serializers.ModelSerializer):
-    asset = AssetGrantedSerializer(required=False)
-    assets_amount = serializers.SerializerMethodField()
-
-    tree_id = serializers.SerializerMethodField()
-    tree_parent = serializers.SerializerMethodField()
-
-    class Meta:
-        model = Node
-        fields = [
-            'id', 'key', 'value', 'asset', 'is_node', 'org_id',
-            'tree_id', 'tree_parent', 'assets_amount',
-        ]
-
-    @staticmethod
-    def get_assets_amount(obj):
-        return obj.assets_amount
-
-    @staticmethod
-    def get_tree_id(obj):
-        return obj.key
-
-    @staticmethod
-    def get_tree_parent(obj):
-        return obj.parent_key
-
-
-class NodeGrantedSerializer(serializers.ModelSerializer):
-    """
-    授权资产组
-    """
-    assets_granted = AssetGrantedSerializer(many=True, read_only=True)
-    assets_amount = serializers.SerializerMethodField()
-    parent = serializers.SerializerMethodField()
-    name = serializers.SerializerMethodField()
-
-    class Meta:
-        model = Node
-        fields = [
-            'id', 'key', 'name', 'value', 'parent',
-            'assets_granted', 'assets_amount', 'org_id',
-        ]
-
-    @staticmethod
-    def get_assets_amount(obj):
-        return len(obj.assets_granted)
-
-    @staticmethod
-    def get_name(obj):
-        return obj.name
-
-    @staticmethod
-    def get_parent(obj):
-        return obj.parent.id
-
-
-class GrantedNodeSerializer(serializers.ModelSerializer):
-    class Meta:
-        model = Node
-        fields = [
-            'id', 'name', 'key', 'value',
-        ]
-
-
-# class GrantedAssetSerializer(serializers.ModelSerializer):
-#     protocols = ProtocolSerializer(many=True)
-#
-#     class Meta:
-#         model = Asset
-#         fields = [
-#             'id', 'hostname', 'ip', 'protocols', 'port', 'protocol',
-#             'platform', 'domain', 'is_active', 'comment'
-#         ]
-
-
-# class GrantedSystemUserSerializer(serializers.ModelSerializer):
-#     class Meta:
-#         model = SystemUser
-#         fields = [
-#             'id', 'name', 'username', 'protocol', 'priority',
-#             'login_mode', 'comment'
-#         ]

apps/perms/serializers/user_permission.py

@@ -0,0 +1,113 @@
+# -*- coding: utf-8 -*-
+#
+
+from rest_framework import serializers
+
+from assets.models import Node, SystemUser
+from assets.serializers import AssetSerializer
+
+from .asset_permission import ActionField
+
+__all__ = [
+    'AssetPermissionNodeSerializer', 'GrantedNodeSerializer',
+    'NodeGrantedSerializer', 'AssetGrantedSerializer',
+]
+
+
+class AssetSystemUserSerializer(serializers.ModelSerializer):
+    """
+    查看授权的资产系统用户的数据结构，这个和AssetSerializer不同，字段少
+    """
+    actions = ActionField(read_only=True)
+
+    class Meta:
+        model = SystemUser
+        fields = (
+            'id', 'name', 'username', 'priority', "actions",
+            'protocol', 'login_mode',
+        )
+
+
+class AssetGrantedSerializer(AssetSerializer):
+    """
+    被授权资产的数据结构
+    """
+    system_users_granted = AssetSystemUserSerializer(many=True, read_only=True)
+    system_users_join = serializers.SerializerMethodField()
+
+    @staticmethod
+    def get_system_users_join(obj):
+        system_users = [s.username for s in obj.system_users_granted]
+        return ', '.join(system_users)
+
+    def get_field_names(self, declared_fields, info):
+        fields = (
+            "id", "hostname", "ip", "protocols",
+            "system_users_granted", "is_active", "system_users_join", "os",
+            'domain', "platform", "comment", "org_id", "org_name",
+        )
+        return fields
+
+
+class AssetPermissionNodeSerializer(serializers.ModelSerializer):
+    asset = AssetGrantedSerializer(required=False)
+    assets_amount = serializers.SerializerMethodField()
+
+    tree_id = serializers.SerializerMethodField()
+    tree_parent = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Node
+        fields = [
+            'id', 'key', 'value', 'asset', 'is_node', 'org_id',
+            'tree_id', 'tree_parent', 'assets_amount',
+        ]
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return obj.assets_amount
+
+    @staticmethod
+    def get_tree_id(obj):
+        return obj.key
+
+    @staticmethod
+    def get_tree_parent(obj):
+        return obj.parent_key
+
+
+class NodeGrantedSerializer(serializers.ModelSerializer):
+    """
+    授权资产组
+    """
+    assets_granted = AssetGrantedSerializer(many=True, read_only=True)
+    assets_amount = serializers.SerializerMethodField()
+    parent = serializers.SerializerMethodField()
+    name = serializers.SerializerMethodField()
+
+    class Meta:
+        model = Node
+        fields = [
+            'id', 'key', 'name', 'value', 'parent',
+            'assets_granted', 'assets_amount', 'org_id',
+        ]
+
+    @staticmethod
+    def get_assets_amount(obj):
+        return len(obj.assets_granted)
+
+    @staticmethod
+    def get_name(obj):
+        return obj.name
+
+    @staticmethod
+    def get_parent(obj):
+        return obj.parent.id
+
+
+class GrantedNodeSerializer(serializers.ModelSerializer):
+    class Meta:
+        model = Node
+        fields = [
+            'id', 'name', 'key', 'value',
+        ]