github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

用户和组查询api完成

pull/26/head
ibuler 2015-11-21 11:53:36 +08:00
parent 558309599c
commit 1478ac18fa
1 changed files with 34 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
jperm/perm_api.py
View File

@ -10,12 +10,12 @@ from jperm.models import PermRole
from jperm.models import PermRule from jperm.models import PermRule
def get_user_perm(user): def get_group_user_perm(ob):
""" """
return: return:
{asset_group': { {asset_group': {
asset_group1: {'role': [role1, role2], 'rule': [rule1, rule2]}, asset_group1: {'asset': [], 'role': [role1, role2], 'rule': [rule1, rule2]},
asset_group2: {'role': [role1, role2], 'rule': [rule1, rule2]}, asset_group2: {'asset: [], 'role': [role1, role2], 'rule': [rule1, rule2]},
} }
'asset':{ 'asset':{
asset1: {'role': [role1, role2], 'rule': [rule1, rule2]}, asset1: {'role': [role1, role2], 'rule': [rule1, rule2]},
@ -26,38 +26,49 @@ def get_user_perm(user):
} }
""" """
perm = {} perm = {}
user_rule_all = PermRule.objects.filter(user=user) if isinstance(ob, User):
perm['rule'] = user_rule_all rule_all = PermRule.objects.filter(user=ob)
elif isinstance(ob, UserGroup):
rule_all = PermRule.objects.filter(user_group=ob)
else:
rule_all = []
perm['rule'] = rule_all
perm_asset_group = perm['asset_group'] = {} perm_asset_group = perm['asset_group'] = {}
perm_asset = perm['asset'] = {} perm_asset = perm['asset'] = {}
for rule in user_rule_all: for rule in rule_all:
asset_groups = rule.asset_group.all() asset_groups = rule.asset_group.all()
assets = rule.asset.all() assets = rule.asset.all()
for asset_group in asset_groups:
if perm_asset_group.get(asset_group):
perm_asset_group[asset_group].get('role', []).update(set(rule.role.all()))
perm_asset_group[asset_group].get('rule', []).append(rule)
else:
perm_asset_group[asset_group] = {'role': set(rule.role.all()), 'rule': [rule]}
# 获取一个规则用户授权的资产
for asset in assets: for asset in assets:
if perm_asset.get(asset): if perm_asset.get(asset):
perm_asset[asset].get('role', []).update(set(rule.role.all())) perm_asset[asset].get('role', set()).update(set(rule.role.all()))
perm_asset[asset].get('rule', []).append(rule) perm_asset[asset].get('rule', set()).add(rule)
else: else:
perm_asset[asset] = {'role': set(rule.role.all()), 'rule': [rule]} perm_asset[asset] = {'role': set(rule.role.all()), 'rule': set([rule])}
# 获取一个规则用户授权的资产组
for asset_group in asset_groups:
asset_group_assets = asset_group.asset_set.all()
if perm_asset_group.get(asset_group):
perm_asset_group[asset_group].get('role', set()).update(set(rule.role.all()))
perm_asset_group[asset_group].get('rule', set()).add(rule)
else:
perm_asset_group[asset_group] = {'role': set(rule.role.all()), 'rule': set([rule]),
'asset': asset_group_assets}
# 将资产组中的资产添加到资产授权中
for asset in asset_group_assets:
if perm_asset.get(asset):
perm_asset[asset].get('role', set()).update(perm_asset_group[asset_group].get('role', set()))
perm_asset[asset].get('rule', set()).update(perm_asset_group[asset_group].get('rule', set()))
else:
perm_asset[asset] = {'role': perm_asset_group[asset_group].get('role', set()),
'rule': perm_asset_group[asset_group].get('rule', set())}
return perm return perm
def get_object_list(model, id_list): def get_object_list(model, id_list):
"""根据id列表获取对象列表""" """根据id列表获取对象列表"""
object_list = [] object_list = []