github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Update] 修改remote app api

pull/3986/head
ibuler 2020-05-09 14:51:19 +08:00
parent 8c0bf0b71b
commit 0a7f63cc5e
7 changed files with 62 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
apps/perms/api/asset_permission.py
View File

@ -22,10 +22,7 @@ class AssetPermissionViewSet(OrgModelViewSet):
资产授权列表的增删改查api
"""
model = AssetPermission
serializer_classes = {
'default': serializers.AssetPermissionCreateUpdateSerializer,
'display': serializers.AssetPermissionListSerializer
}
serializer_class = serializers.AssetPermissionSerializer
filter_fields = ['name']
permission_classes = (IsOrgAdmin,)

6
apps/perms/api/remote_app_permission.py
View File

@ -11,7 +11,6 @@ from ..serializers import (
RemoteAppPermissionSerializer,
RemoteAppPermissionUpdateUserSerializer,
RemoteAppPermissionUpdateRemoteAppSerializer,
RemoteAppPermissionListSerializer,
)
@ -26,10 +25,7 @@ class RemoteAppPermissionViewSet(OrgModelViewSet):
model = RemoteAppPermission
filter_fields = ('name', )
search_fields = filter_fields
serializer_classes = {
'default': RemoteAppPermissionSerializer,
'display': RemoteAppPermissionListSerializer,
}
serializer_class = RemoteAppPermissionSerializer
permission_classes = (IsOrgAdmin,)

14
apps/perms/models/asset_permission.py
View File

@ -3,9 +3,9 @@ import logging
from functools import reduce
from django.db import models
from django.db.models import Q
from django.utils.translation import ugettext_lazy as _
from common.utils import lazyproperty
from orgs.models import Organization
from orgs.utils import get_current_org
from assets.models import Asset, SystemUser, Node
@ -87,6 +87,18 @@ class AssetPermission(BasePermission):
verbose_name = _("Asset permission")
ordering = ('name',)
@lazyproperty
def assets_amount(self):
return self.assets.count()
@lazyproperty
def nodes_amount(self):
return self.nodes.count()
@lazyproperty
def system_users_amount(self):
return self.system_users.count()
@classmethod
def get_queryset_with_prefetch(cls):
return cls.objects.all().valid().prefetch_related(

10
apps/perms/models/base.py
View File

@ -8,7 +8,7 @@ from django.db.models import Q
from django.utils import timezone
from orgs.mixins.models import OrgModelMixin
from common.utils import date_expired_default
from common.utils import date_expired_default, lazyproperty
from orgs.mixins.models import OrgManager
@ -87,3 +87,11 @@ class BasePermission(OrgModelMixin):
Q(id__in=users_id) | Q(groups__id__in=groups_id)
).distinct()
return users
@lazyproperty
def users_amount(self):
return self.users.count()
@lazyproperty
def user_groups_amount(self):
return self.user_groups.count()

40
apps/perms/serializers/asset_permission.py
View File

@ -3,12 +3,12 @@
from rest_framework import serializers
from common.fields import StringManyToManyField
from django.db.models import Count
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
from perms.models import AssetPermission, Action
__all__ = [
'AssetPermissionCreateUpdateSerializer', 'AssetPermissionListSerializer',
'AssetPermissionSerializer',
'ActionsField',
]
@ -34,27 +34,29 @@ class ActionsDisplayField(ActionsField):
return [choices.get(i) for i in values]
class AssetPermissionCreateUpdateSerializer(BulkOrgResourceModelSerializer):
class AssetPermissionSerializer(BulkOrgResourceModelSerializer):
actions = ActionsField(required=False, allow_null=True)
class Meta:
model = AssetPermission
exclude = ('created_by', 'date_created')
class AssetPermissionListSerializer(BulkOrgResourceModelSerializer):
users = StringManyToManyField(many=True, read_only=True)
user_groups = StringManyToManyField(many=True, read_only=True)
assets = StringManyToManyField(many=True, read_only=True)
nodes = StringManyToManyField(many=True, read_only=True)
system_users = StringManyToManyField(many=True, read_only=True)
actions = ActionsDisplayField()
is_valid = serializers.BooleanField()
is_expired = serializers.BooleanField()
class Meta:
model = AssetPermission
fields = '__all__'
mini_fields = ['id', 'name']
small_fields = [
'is_active', 'is_expired', 'is_valid', 'actions', 'created_by', 'date_created'
]
m2m_fields = [
'users', 'user_groups', 'assets', 'nodes', 'system_users',
'users_amount', 'user_groups_amount', 'assets_amount', 'nodes_amount', 'system_users_amount',
]
fields = small_fields + m2m_fields
@classmethod
def setup_eager_loading(cls, queryset):
""" Perform necessary eager loading of data. """
queryset = queryset.annotate(
users_amount=Count('users'), user_groups_amount=Count('user_groups'),
assets_amount=Count('assets'), nodes_amount=Count('nodes'),
system_users_amount=Count('system_users')
)
return queryset

26
apps/perms/serializers/remote_app_permission.py
View File

@ -1,9 +1,7 @@
# coding: utf-8
#
from rest_framework import serializers
from common.fields import StringManyToManyField
from common.serializers import AdaptedBulkListSerializer
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
from ..models import RemoteAppPermission
@ -13,7 +11,6 @@ __all__ = [
'RemoteAppPermissionSerializer',
'RemoteAppPermissionUpdateUserSerializer',
'RemoteAppPermissionUpdateRemoteAppSerializer',
'RemoteAppPermissionListSerializer',
]
@ -21,27 +18,18 @@ class RemoteAppPermissionSerializer(BulkOrgResourceModelSerializer):
class Meta:
model = RemoteAppPermission
list_serializer_class = AdaptedBulkListSerializer
fields = [
'id', 'name', 'users', 'user_groups', 'remote_apps', 'system_users',
mini_fields = ['id', 'name']
small_fields = mini_fields + [
'comment', 'is_active', 'date_start', 'date_expired', 'is_valid',
'created_by', 'date_created',
'create_by', 'date_created'
]
m2m_fields = [
'users', 'user_groups', 'remote_apps', 'system_users',
]
fields = small_fields + m2m_fields
read_only_fields = ['created_by', 'date_created']
class RemoteAppPermissionListSerializer(BulkOrgResourceModelSerializer):
users = StringManyToManyField(many=True, read_only=True)
user_groups = StringManyToManyField(many=True, read_only=True)
remote_apps = StringManyToManyField(many=True, read_only=True)
system_users = StringManyToManyField(many=True, read_only=True)
is_valid = serializers.BooleanField()
is_expired = serializers.BooleanField()
class Meta:
model = RemoteAppPermission
fields = '__all__'
class RemoteAppPermissionUpdateUserSerializer(serializers.ModelSerializer):
class Meta:
model = RemoteAppPermission

11
apps/users/serializers/user.py
View File

@ -1,5 +1,6 @@
# -*- coding: utf-8 -*-
#
from django.core.cache import cache
from django.utils.translation import ugettext_lazy as _
from rest_framework import serializers
@ -34,9 +35,12 @@ class UserSerializer(CommonSerializerMixin, serializers.ModelSerializer):
label=_('Password strategy'), write_only=True
)
mfa_level_display = serializers.ReadOnlyField(source='get_mfa_level_display')
login_blocked = serializers.SerializerMethodField()
can_update = serializers.SerializerMethodField()
can_delete = serializers.SerializerMethodField()
key_prefix_block = "_LOGIN_BLOCK_{}"
class Meta:
model = User
list_serializer_class = AdaptedBulkListSerializer
@ -53,7 +57,7 @@ class UserSerializer(CommonSerializerMixin, serializers.ModelSerializer):
]
fields = fields_small + [
'groups', 'role', 'groups_display', 'role_display',
'can_update', 'can_delete'
'can_update', 'can_delete', 'login_blocked',
]
extra_kwargs = {
@ -142,6 +146,11 @@ class UserSerializer(CommonSerializerMixin, serializers.ModelSerializer):
self.context['request'], self.context['view'], obj
)
def get_login_blocked(self, obj):
key_block = self.key_prefix_block.format(obj.username)
blocked = bool(cache.get(key_block))
return blocked
class UserPKUpdateSerializer(serializers.ModelSerializer):
class Meta: