fix: 删除组织时,确保没有跟节点之外的其他节点。以及组织删除后,将跟节点删除

pull/5754/head
xinwen 2021-03-15 17:46:43 +08:00 committed by 老广
parent 7f4377b0e8
commit 049f6dca67
2 changed files with 34 additions and 11 deletions

View File

@ -18,9 +18,13 @@ from .serializers import (
CurrentOrgSerializer
)
from users.models import User, UserGroup
from assets.models import Asset, Domain, AdminUser, SystemUser, Label
from perms.models import AssetPermission
from orgs.utils import current_org
from assets.models import (
Asset, Domain, AdminUser, SystemUser, Label, Node, Gateway,
CommandFilter, CommandFilterRule, GatheredUser
)
from applications.models import Application
from perms.models import AssetPermission, ApplicationPermission
from orgs.utils import current_org, tmp_to_root_org
from common.utils import get_logger
from .filters import OrgMemberRelationFilterSet
from .models import OrganizationMember
@ -29,6 +33,15 @@ from .models import OrganizationMember
logger = get_logger(__file__)
# 部分 org 相关的 model需要清空这些数据之后才能删除该组织
org_related_models = [
User, UserGroup, Asset, Label, Domain, Gateway, Node, AdminUser, SystemUser, Label,
CommandFilter, CommandFilterRule, GatheredUser,
AssetPermission, ApplicationPermission,
Application,
]
class OrgViewSet(BulkModelViewSet):
filterset_fields = ('name',)
search_fields = ('name', 'comment')
@ -44,24 +57,23 @@ class OrgViewSet(BulkModelViewSet):
}
return mapper.get(self.action, super().get_serializer_class())
@tmp_to_root_org()
def get_data_from_model(self, model):
if model == User:
data = model.objects.filter(orgs__id=self.org.id, m2m_org_members__role=ROLE.USER)
elif model == Node:
# 跟节点不能手动删除,所以排除检查
data = model.objects.filter(org_id=self.org.id).exclude(parent_key='', key__regex=r'^[0-9]+$')
else:
data = model.objects.filter(org_id=self.org.id)
return data
def destroy(self, request, *args, **kwargs):
self.org = self.get_object()
models = [
User, UserGroup,
Asset, Domain, AdminUser, SystemUser, Label,
AssetPermission,
]
for model in models:
for model in org_related_models:
data = self.get_data_from_model(model)
if data:
msg = _('Organization contains undeleted resources')
msg = _(f'Have `{model._meta.verbose_name}` exists, Please delete')
return Response(data={'error': msg}, status=status.HTTP_403_FORBIDDEN)
else:
if str(current_org) == str(self.org):

View File

@ -7,7 +7,8 @@ from functools import partial
from django.dispatch import receiver
from django.utils.functional import LazyObject
from django.db.models.signals import m2m_changed
from django.db.models.signals import post_save, post_delete
from django.db.models.signals import post_save, post_delete, pre_delete
from django.utils.translation import ugettext as _
from orgs.utils import tmp_to_org
from orgs.models import Organization, OrganizationMember
@ -18,6 +19,7 @@ from common.const.signals import PRE_REMOVE, POST_REMOVE
from common.signals import django_ready
from common.utils import get_logger
from common.utils.connection import RedisPubSub
from common.exceptions import JMSException
logger = get_logger(__file__)
@ -75,6 +77,15 @@ def on_org_delete(sender, **kwargs):
expire_orgs_mapping_for_memory()
@receiver(pre_delete, sender=Organization)
def on_org_delete(sender, instance, **kwargs):
# 删除该组织下所有 节点
with tmp_to_org(instance):
root_node = Node.org_root()
if root_node:
root_node.delete()
def _remove_users(model, users, org):
with tmp_to_org(org):
if not isinstance(users, (tuple, list, set)):