github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Update] 修改用户页面授权资产

pull/2420/head^2
ibuler 2019-02-21 17:35:28 +08:00
parent 3c2a4703bc
commit 202aba048b
4 changed files with 122 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

111
apps/perms/api.py
View File

@ -16,7 +16,9 @@ from common.tree import TreeNode, TreeNodeSerializer
from common.utils import get_object_or_none from common.utils import get_object_or_none
from orgs.mixins import RootOrgViewMixin from orgs.mixins import RootOrgViewMixin
from orgs.utils import set_to_root_org from orgs.utils import set_to_root_org
from .utils import AssetPermissionUtil from .utils import (
AssetPermissionUtil, parse_asset_to_tree_node, parse_node_to_tree_node
)
from .models import AssetPermission from .models import AssetPermission
from .hands import ( from .hands import (
AssetGrantedSerializer, User, UserGroup, Asset, Node, AssetGrantedSerializer, User, UserGroup, Asset, Node,
@ -298,71 +300,6 @@ class UserGrantedNodesWithAssetsAsTreeApi(ListAPIView):
self.system_user_id = request.query_params.get('system_user') self.system_user_id = request.query_params.get('system_user')
return super().get(request, *args, **kwargs) return super().get(request, *args, **kwargs)
@staticmethod
def parse_node_to_tree_node(node):
name = '{} ({})'.format(node.value, node.assets_amount)
node_serializer = serializers.GrantedNodeSerializer(node)
data = {
'id': node.key,
'name': name,
'title': name,
'pId': node.parent_key,
'isParent': True,
'open': node.is_root(),
'meta': {
'node': node_serializer.data,
'type': 'node'
}
}
tree_node = TreeNode(**data)
return tree_node
@staticmethod
def parse_asset_to_tree_node(node, asset, system_users):
system_users_protocol_matched = [s for s in system_users if s.protocol == asset.protocol]
icon_skin = 'file'
if asset.platform.lower() == 'windows':
icon_skin = 'windows'
elif asset.platform.lower() == 'linux':
icon_skin = 'linux'
system_users = []
for system_user in system_users_protocol_matched:
system_users.append({
'id': system_user.id,
'name': system_user.name,
'username': system_user.username,
'protocol': system_user.protocol,
'priority': system_user.priority,
'login_mode': system_user.login_mode,
'comment': system_user.comment,
})
data = {
'id': str(asset.id),
'name': asset.hostname,
'title': asset.ip,
'pId': node.key,
'isParent': False,
'open': False,
'iconSkin': icon_skin,
'meta': {
'system_users': system_users,
'type': 'asset',
'asset': {
'id': asset.id,
'hostname': asset.hostname,
'ip': asset.ip,
'port': asset.port,
'protocol': asset.protocol,
'platform': asset.platform,
'domain': None if not asset.domain else asset.domain.id,
'is_active': asset.is_active,
'comment': asset.comment
},
}
}
tree_node = TreeNode(**data)
return tree_node
def get_permissions(self): def get_permissions(self):
if self.kwargs.get('pk') is None: if self.kwargs.get('pk') is None:
self.permission_classes = (IsValidUser,) self.permission_classes = (IsValidUser,)
@ -381,12 +318,12 @@ class UserGrantedNodesWithAssetsAsTreeApi(ListAPIView):
util.filter_permission_with_system_user(system_user=self.system_user_id) util.filter_permission_with_system_user(system_user=self.system_user_id)
nodes = util.get_nodes_with_assets() nodes = util.get_nodes_with_assets()
for node, assets in nodes.items(): for node, assets in nodes.items():
data = self.parse_node_to_tree_node(node) data = parse_node_to_tree_node(node)
queryset.append(data) queryset.append(data)
if not self.show_assets: if not self.show_assets:
continue continue
for asset, system_users in assets.items(): for asset, system_users in assets.items():
data = self.parse_asset_to_tree_node(node, asset, system_users) data = parse_asset_to_tree_node(node, asset, system_users)
queryset.append(data) queryset.append(data)
queryset = sorted(queryset) queryset = sorted(queryset)
return queryset return queryset
@ -490,6 +427,44 @@ class UserGroupGrantedNodesWithAssetsApi(ListAPIView):
return queryset return queryset
class UserGroupGrantedNodesWithAssetsAsTreeApi(ListAPIView):
serializer_class = TreeNodeSerializer
permission_classes = (IsOrgAdminOrAppUser,)
show_assets = True
system_user_id = None
def change_org_if_need(self):
if self.request.user.is_superuser or \
self.request.user.is_app or \
self.kwargs.get('pk') is None:
set_to_root_org()
def get(self, request, *args, **kwargs):
self.show_assets = request.query_params.get('show_assets', '1') == '1'
self.system_user_id = request.query_params.get('system_user')
return super().get(request, *args, **kwargs)
def get_queryset(self):
self.change_org_if_need()
user_group_id = self.kwargs.get('pk', '')
queryset = []
group = get_object_or_404(UserGroup, id=user_group_id)
util = AssetPermissionUtil(group)
if self.system_user_id:
util.filter_permission_with_system_user(system_user=self.system_user_id)
nodes = util.get_nodes_with_assets()
for node, assets in nodes.items():
data = parse_node_to_tree_node(node)
queryset.append(data)
if not self.show_assets:
continue
for asset, system_users in assets.items():
data = parse_asset_to_tree_node(node, asset, system_users)
queryset.append(data)
queryset = sorted(queryset)
return queryset
class UserGroupGrantedNodeAssetsApi(ListAPIView): class UserGroupGrantedNodeAssetsApi(ListAPIView):
permission_classes = (IsOrgAdminOrAppUser,) permission_classes = (IsOrgAdminOrAppUser,)
serializer_class = AssetGrantedSerializer serializer_class = AssetGrantedSerializer

3
apps/perms/urls/api_urls.py
View File

@ -43,6 +43,9 @@ urlpatterns = [
path('user-group/<uuid:pk>/nodes-assets/', path('user-group/<uuid:pk>/nodes-assets/',
api.UserGroupGrantedNodesWithAssetsApi.as_view(), api.UserGroupGrantedNodesWithAssetsApi.as_view(),
name='user-group-nodes-assets'), name='user-group-nodes-assets'),
path('user-group/<uuid:pk>/nodes-assets/tree/',
api.UserGroupGrantedNodesWithAssetsAsTreeApi.as_view(),
name='user-group-nodes-assets-as-tree'),
path('user-group/<uuid:pk>/nodes/<uuid:node_id>/assets/', path('user-group/<uuid:pk>/nodes/<uuid:node_id>/assets/',
api.UserGroupGrantedNodeAssetsApi.as_view(), api.UserGroupGrantedNodeAssetsApi.as_view(),
name='user-group-node-assets'), name='user-group-node-assets'),

67
apps/perms/utils.py
View File

@ -5,6 +5,7 @@ from collections import defaultdict
from django.db.models import Q from django.db.models import Q
from common.utils import get_logger from common.utils import get_logger
from common.tree import TreeNode
from .models import AssetPermission from .models import AssetPermission
from .hands import Node from .hands import Node
@ -193,3 +194,69 @@ def sort_assets(assets, order_by='hostname', reverse=False):
else: else:
assets = sorted(assets, key=lambda asset: getattr(asset, order_by), reverse=reverse) assets = sorted(assets, key=lambda asset: getattr(asset, order_by), reverse=reverse)
return assets return assets
def parse_node_to_tree_node(node):
from . import serializers
name = '{} ({})'.format(node.value, node.assets_amount)
node_serializer = serializers.GrantedNodeSerializer(node)
data = {
'id': node.key,
'name': name,
'title': name,
'pId': node.parent_key,
'isParent': True,
'open': node.is_root(),
'meta': {
'node': node_serializer.data,
'type': 'node'
}
}
tree_node = TreeNode(**data)
return tree_node
def parse_asset_to_tree_node(node, asset, system_users):
system_users_protocol_matched = [s for s in system_users if s.protocol == asset.protocol]
icon_skin = 'file'
if asset.platform.lower() == 'windows':
icon_skin = 'windows'
elif asset.platform.lower() == 'linux':
icon_skin = 'linux'
system_users = []
for system_user in system_users_protocol_matched:
system_users.append({
'id': system_user.id,
'name': system_user.name,
'username': system_user.username,
'protocol': system_user.protocol,
'priority': system_user.priority,
'login_mode': system_user.login_mode,
'comment': system_user.comment,
})
data = {
'id': str(asset.id),
'name': asset.hostname,
'title': asset.ip,
'pId': node.key,
'isParent': False,
'open': False,
'iconSkin': icon_skin,
'meta': {
'system_users': system_users,
'type': 'asset',
'asset': {
'id': asset.id,
'hostname': asset.hostname,
'ip': asset.ip,
'port': asset.port,
'protocol': asset.protocol,
'platform': asset.platform,
'domain': None if not asset.domain else asset.domain.id,
'is_active': asset.is_active,
'comment': asset.comment
},
}
}
tree_node = TreeNode(**data)
return tree_node

25
apps/users/templates/users/user_group_granted_asset.html
View File

@ -72,6 +72,7 @@ function initTable() {
} else { } else {
inited = true; inited = true;
} }
url = "{% url 'api-perms:user-group-assets' pk=object.id %}";
var options = { var options = {
ele: $('#user_assets_table'), ele: $('#user_assets_table'),
columnDefs: [ columnDefs: [
@ -106,15 +107,16 @@ function initTable() {
return asset_table return asset_table
} }
function onSelected(event, treeNode) { function onSelected(event, treeNode) {
url = '{% url "api-perms:user-group-node-assets" pk=object.id node_id=DEFAULT_PK %}'; url = '{% url "api-perms:user-group-node-assets" pk=object.id node_id=DEFAULT_PK %}';
url = url.replace("{{ DEFAULT_PK }}", treeNode.id); var node_id = treeNode.meta.node.id;
setCookie('node_selected', treeNode.id); url = url.replace("{{ DEFAULT_PK }}", node_id);
asset_table = initTable();
asset_table.ajax.url(url); asset_table.ajax.url(url);
asset_table.ajax.reload(); asset_table.ajax.reload();
} }
function selectQueryNode() { function selectQueryNode() {
var query_node_id = $.getUrlParam("node"); var query_node_id = $.getUrlParam("node");
var cookie_node_id = getCookie('node_selected'); var cookie_node_id = getCookie('node_selected');
@ -149,25 +151,16 @@ function initTree() {
} }
}; };
var zNodes = []; $.get("{% url 'api-perms:user-group-nodes-assets-as-tree' pk=object.id %}?show_assets=0", function(data, status) {
$.get("{% url 'api-perms:user-group-nodes' pk=object.id %}", function(data, status){ $.fn.zTree.init($("#assetTree"), setting, data);
$.each(data, function (index, value) {
value["pId"] = value["parent"];
if (value["key"] === "0") {
value["open"] = true;
}
value["name"] = value["value"]
});
zNodes = data;
$.fn.zTree.init($("#assetTree"), setting, zNodes);
zTree = $.fn.zTree.getZTreeObj("assetTree"); zTree = $.fn.zTree.getZTreeObj("assetTree");
rMenu = $("#rMenu");
selectQueryNode();
}); });
} }
$(document).ready(function () { $(document).ready(function () {
initTree(); initTree();
initTable();
}); });
</script> </script>
{% endblock %} {% endblock %}