From 0a7f63cc5efb3190df2dce7f3b0365b4dce63116 Mon Sep 17 00:00:00 2001 From: ibuler Date: Sat, 9 May 2020 14:51:19 +0800 Subject: [PATCH] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=94=B9remote=20app=20api?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/api/asset_permission.py | 5 +-- apps/perms/api/remote_app_permission.py | 6 +-- apps/perms/models/asset_permission.py | 14 ++++++- apps/perms/models/base.py | 10 ++++- apps/perms/serializers/asset_permission.py | 40 ++++++++++--------- .../serializers/remote_app_permission.py | 26 ++++-------- apps/users/serializers/user.py | 11 ++++- 7 files changed, 62 insertions(+), 50 deletions(-) diff --git a/apps/perms/api/asset_permission.py b/apps/perms/api/asset_permission.py index ff477f5af..18061f236 100644 --- a/apps/perms/api/asset_permission.py +++ b/apps/perms/api/asset_permission.py @@ -22,10 +22,7 @@ class AssetPermissionViewSet(OrgModelViewSet): 资产授权列表的增删改查api """ model = AssetPermission - serializer_classes = { - 'default': serializers.AssetPermissionCreateUpdateSerializer, - 'display': serializers.AssetPermissionListSerializer - } + serializer_class = serializers.AssetPermissionSerializer filter_fields = ['name'] permission_classes = (IsOrgAdmin,) diff --git a/apps/perms/api/remote_app_permission.py b/apps/perms/api/remote_app_permission.py index b7fa6de19..6ced7f0ae 100644 --- a/apps/perms/api/remote_app_permission.py +++ b/apps/perms/api/remote_app_permission.py @@ -11,7 +11,6 @@ from ..serializers import ( RemoteAppPermissionSerializer, RemoteAppPermissionUpdateUserSerializer, RemoteAppPermissionUpdateRemoteAppSerializer, - RemoteAppPermissionListSerializer, ) @@ -26,10 +25,7 @@ class RemoteAppPermissionViewSet(OrgModelViewSet): model = RemoteAppPermission filter_fields = ('name', ) search_fields = filter_fields - serializer_classes = { - 'default': RemoteAppPermissionSerializer, - 'display': RemoteAppPermissionListSerializer, - } + serializer_class = RemoteAppPermissionSerializer permission_classes = (IsOrgAdmin,) diff --git a/apps/perms/models/asset_permission.py b/apps/perms/models/asset_permission.py index 1d92b9852..8552edc74 100644 --- a/apps/perms/models/asset_permission.py +++ b/apps/perms/models/asset_permission.py @@ -3,9 +3,9 @@ import logging from functools import reduce from django.db import models -from django.db.models import Q from django.utils.translation import ugettext_lazy as _ +from common.utils import lazyproperty from orgs.models import Organization from orgs.utils import get_current_org from assets.models import Asset, SystemUser, Node @@ -87,6 +87,18 @@ class AssetPermission(BasePermission): verbose_name = _("Asset permission") ordering = ('name',) + @lazyproperty + def assets_amount(self): + return self.assets.count() + + @lazyproperty + def nodes_amount(self): + return self.nodes.count() + + @lazyproperty + def system_users_amount(self): + return self.system_users.count() + @classmethod def get_queryset_with_prefetch(cls): return cls.objects.all().valid().prefetch_related( diff --git a/apps/perms/models/base.py b/apps/perms/models/base.py index da40ced9d..2467a31b8 100644 --- a/apps/perms/models/base.py +++ b/apps/perms/models/base.py @@ -8,7 +8,7 @@ from django.db.models import Q from django.utils import timezone from orgs.mixins.models import OrgModelMixin -from common.utils import date_expired_default +from common.utils import date_expired_default, lazyproperty from orgs.mixins.models import OrgManager @@ -87,3 +87,11 @@ class BasePermission(OrgModelMixin): Q(id__in=users_id) | Q(groups__id__in=groups_id) ).distinct() return users + + @lazyproperty + def users_amount(self): + return self.users.count() + + @lazyproperty + def user_groups_amount(self): + return self.user_groups.count() diff --git a/apps/perms/serializers/asset_permission.py b/apps/perms/serializers/asset_permission.py index 73612a7e6..96fa58781 100644 --- a/apps/perms/serializers/asset_permission.py +++ b/apps/perms/serializers/asset_permission.py @@ -3,12 +3,12 @@ from rest_framework import serializers -from common.fields import StringManyToManyField +from django.db.models import Count from orgs.mixins.serializers import BulkOrgResourceModelSerializer from perms.models import AssetPermission, Action __all__ = [ - 'AssetPermissionCreateUpdateSerializer', 'AssetPermissionListSerializer', + 'AssetPermissionSerializer', 'ActionsField', ] @@ -34,27 +34,29 @@ class ActionsDisplayField(ActionsField): return [choices.get(i) for i in values] -class AssetPermissionCreateUpdateSerializer(BulkOrgResourceModelSerializer): +class AssetPermissionSerializer(BulkOrgResourceModelSerializer): actions = ActionsField(required=False, allow_null=True) - - class Meta: - model = AssetPermission - exclude = ('created_by', 'date_created') - - -class AssetPermissionListSerializer(BulkOrgResourceModelSerializer): - users = StringManyToManyField(many=True, read_only=True) - user_groups = StringManyToManyField(many=True, read_only=True) - assets = StringManyToManyField(many=True, read_only=True) - nodes = StringManyToManyField(many=True, read_only=True) - system_users = StringManyToManyField(many=True, read_only=True) - actions = ActionsDisplayField() is_valid = serializers.BooleanField() is_expired = serializers.BooleanField() class Meta: model = AssetPermission - fields = '__all__' - - + mini_fields = ['id', 'name'] + small_fields = [ + 'is_active', 'is_expired', 'is_valid', 'actions', 'created_by', 'date_created' + ] + m2m_fields = [ + 'users', 'user_groups', 'assets', 'nodes', 'system_users', + 'users_amount', 'user_groups_amount', 'assets_amount', 'nodes_amount', 'system_users_amount', + ] + fields = small_fields + m2m_fields + @classmethod + def setup_eager_loading(cls, queryset): + """ Perform necessary eager loading of data. """ + queryset = queryset.annotate( + users_amount=Count('users'), user_groups_amount=Count('user_groups'), + assets_amount=Count('assets'), nodes_amount=Count('nodes'), + system_users_amount=Count('system_users') + ) + return queryset diff --git a/apps/perms/serializers/remote_app_permission.py b/apps/perms/serializers/remote_app_permission.py index 41c5d7022..1700fca14 100644 --- a/apps/perms/serializers/remote_app_permission.py +++ b/apps/perms/serializers/remote_app_permission.py @@ -1,9 +1,7 @@ # coding: utf-8 # - from rest_framework import serializers -from common.fields import StringManyToManyField from common.serializers import AdaptedBulkListSerializer from orgs.mixins.serializers import BulkOrgResourceModelSerializer from ..models import RemoteAppPermission @@ -13,7 +11,6 @@ __all__ = [ 'RemoteAppPermissionSerializer', 'RemoteAppPermissionUpdateUserSerializer', 'RemoteAppPermissionUpdateRemoteAppSerializer', - 'RemoteAppPermissionListSerializer', ] @@ -21,27 +18,18 @@ class RemoteAppPermissionSerializer(BulkOrgResourceModelSerializer): class Meta: model = RemoteAppPermission list_serializer_class = AdaptedBulkListSerializer - fields = [ - 'id', 'name', 'users', 'user_groups', 'remote_apps', 'system_users', + mini_fields = ['id', 'name'] + small_fields = mini_fields + [ 'comment', 'is_active', 'date_start', 'date_expired', 'is_valid', - 'created_by', 'date_created', + 'create_by', 'date_created' ] + m2m_fields = [ + 'users', 'user_groups', 'remote_apps', 'system_users', + ] + fields = small_fields + m2m_fields read_only_fields = ['created_by', 'date_created'] -class RemoteAppPermissionListSerializer(BulkOrgResourceModelSerializer): - users = StringManyToManyField(many=True, read_only=True) - user_groups = StringManyToManyField(many=True, read_only=True) - remote_apps = StringManyToManyField(many=True, read_only=True) - system_users = StringManyToManyField(many=True, read_only=True) - is_valid = serializers.BooleanField() - is_expired = serializers.BooleanField() - - class Meta: - model = RemoteAppPermission - fields = '__all__' - - class RemoteAppPermissionUpdateUserSerializer(serializers.ModelSerializer): class Meta: model = RemoteAppPermission diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py index ba5c4ec2a..62a487559 100644 --- a/apps/users/serializers/user.py +++ b/apps/users/serializers/user.py @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- # +from django.core.cache import cache from django.utils.translation import ugettext_lazy as _ from rest_framework import serializers @@ -34,9 +35,12 @@ class UserSerializer(CommonSerializerMixin, serializers.ModelSerializer): label=_('Password strategy'), write_only=True ) mfa_level_display = serializers.ReadOnlyField(source='get_mfa_level_display') + login_blocked = serializers.SerializerMethodField() can_update = serializers.SerializerMethodField() can_delete = serializers.SerializerMethodField() + key_prefix_block = "_LOGIN_BLOCK_{}" + class Meta: model = User list_serializer_class = AdaptedBulkListSerializer @@ -53,7 +57,7 @@ class UserSerializer(CommonSerializerMixin, serializers.ModelSerializer): ] fields = fields_small + [ 'groups', 'role', 'groups_display', 'role_display', - 'can_update', 'can_delete' + 'can_update', 'can_delete', 'login_blocked', ] extra_kwargs = { @@ -142,6 +146,11 @@ class UserSerializer(CommonSerializerMixin, serializers.ModelSerializer): self.context['request'], self.context['view'], obj ) + def get_login_blocked(self, obj): + key_block = self.key_prefix_block.format(obj.username) + blocked = bool(cache.get(key_block)) + return blocked + class UserPKUpdateSerializer(serializers.ModelSerializer): class Meta: