From 183ff09530fe4f86895139e9dc2f795ceb1a6a47 Mon Sep 17 00:00:00 2001 From: ibuler Date: Wed, 1 Aug 2018 12:35:48 +0800 Subject: [PATCH 1/2] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=94=B9token=E8=BF=94?= =?UTF-8?q?=E5=9B=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/users/api.py | 10 +++++++++- apps/users/hands.py | 1 + 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/apps/users/api.py b/apps/users/api.py index 840b8c913..2f41de361 100644 --- a/apps/users/api.py +++ b/apps/users/api.py @@ -3,6 +3,7 @@ import uuid from django.core.cache import cache from django.urls import reverse +from django.shortcuts import get_object_or_404 from django.utils.translation import ugettext as _ from rest_framework import generics @@ -20,6 +21,7 @@ from .permissions import IsSuperUser, IsValidUser, IsCurrentUserOrReadOnly, \ IsSuperUserOrAppUser from .utils import check_user_valid, generate_token, get_login_ip, \ check_otp_code, set_user_login_failed_count_to_cache, is_block_login +from .hands import Asset, SystemUser from common.mixins import IDInFilterMixin from common.utils import get_logger @@ -305,10 +307,16 @@ class UserConnectionTokenApi(APIView): asset_id = request.data.get('asset', '') system_user_id = request.data.get('system_user', '') token = str(uuid.uuid4()) + user = get_object_or_404(User, id=user_id) + asset = get_object_or_404(Asset, id=asset_id) + system_user = get_object_or_404(SystemUser, id=system_user_id) value = { 'user': user_id, + 'username': user.username, 'asset': asset_id, - 'system_user': system_user_id + 'hostname': asset.hostname, + 'system_user': system_user_id, + 'system_user_name': system_user.name } cache.set(token, value, timeout=20) return Response({"token": token}, status=201) diff --git a/apps/users/hands.py b/apps/users/hands.py index 56435a5a4..0792fa099 100644 --- a/apps/users/hands.py +++ b/apps/users/hands.py @@ -15,3 +15,4 @@ # from users.models import User # from perms.models import AssetPermission # from perms.utils import get_user_granted_assets, get_user_granted_asset_groups +from assets.models import Asset, SystemUser From c01936facc1390f76ed01397d73910d714d321b3 Mon Sep 17 00:00:00 2001 From: ibuler Date: Fri, 3 Aug 2018 10:32:02 +0800 Subject: [PATCH 2/2] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8D=E4=B8=8D?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E5=B0=B1=E8=83=BD=E6=9F=A5=E7=9C=8B=E8=B5=84?= =?UTF-8?q?=E4=BA=A7=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/views/asset.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/assets/views/asset.py b/apps/assets/views/asset.py index 273323193..2a50a4879 100644 --- a/apps/assets/views/asset.py +++ b/apps/assets/views/asset.py @@ -186,7 +186,7 @@ class AssetDeleteView(AdminUserRequiredMixin, DeleteView): success_url = reverse_lazy('assets:asset-list') -class AssetDetailView(DetailView): +class AssetDetailView(LoginRequiredMixin, DetailView): model = Asset context_object_name = 'asset' template_name = 'assets/asset_detail.html' @@ -203,7 +203,7 @@ class AssetDetailView(DetailView): @method_decorator(csrf_exempt, name='dispatch') -class AssetExportView(View): +class AssetExportView(LoginRequiredMixin, View): def get(self, request): spm = request.GET.get('spm', '') assets_id_default = [Asset.objects.first().id] if Asset.objects.first() else []