diff --git a/apps/assets/hands.py b/apps/assets/hands.py index a1a376135..c788ee632 100644 --- a/apps/assets/hands.py +++ b/apps/assets/hands.py @@ -11,6 +11,6 @@ """ -from common.mixins import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from common.permissions import IsAppUser, IsSuperUser, IsValidUser, IsSuperUserOrAppUser from users.models import User, UserGroup diff --git a/apps/assets/models/node.py b/apps/assets/models/node.py index b1aa5cb3d..8507906c8 100644 --- a/apps/assets/models/node.py +++ b/apps/assets/models/node.py @@ -7,7 +7,7 @@ from django.db.models import Q from django.utils.translation import ugettext_lazy as _ from orgs.mixins import OrgModelMixin -from orgs.utils import current_org, set_current_org +from orgs.utils import current_org, set_current_org, get_current_org from orgs.models import Organization __all__ = ['Node'] @@ -169,13 +169,15 @@ class Node(OrgModelMixin): @classmethod def create_root_node(cls): + # 如果使用current_org 在set_current_org时会死循环 + _current_org = get_current_org() with transaction.atomic(): set_current_org(Organization.root()) org_nodes_roots = cls.objects.filter(key__regex=r'^[0-9]+$') org_nodes_roots_keys = org_nodes_roots.values_list('key', flat=True) max_value = max([int(k) for k in org_nodes_roots_keys]) if org_nodes_roots_keys else 0 - set_current_org(current_org) - root = cls.objects.create(key=max_value+1, value=current_org.name) + set_current_org(_current_org) + root = cls.objects.create(key=str(max_value+1), value=_current_org.name) return root @classmethod diff --git a/apps/assets/views/admin_user.py b/apps/assets/views/admin_user.py index 7d7878e88..e325e4f08 100644 --- a/apps/assets/views/admin_user.py +++ b/apps/assets/views/admin_user.py @@ -11,7 +11,7 @@ from django.views.generic.detail import DetailView, SingleObjectMixin from common.const import create_success_msg, update_success_msg from .. import forms from ..models import AdminUser, Node -from ..hands import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin __all__ = [ 'AdminUserCreateView', 'AdminUserDetailView', diff --git a/apps/assets/views/asset.py b/apps/assets/views/asset.py index ff9462503..4b83ab6fc 100644 --- a/apps/assets/views/asset.py +++ b/apps/assets/views/asset.py @@ -29,7 +29,7 @@ from common.utils import get_object_or_none, get_logger, is_uuid from common.const import create_success_msg, update_success_msg from .. import forms from ..models import Asset, AdminUser, SystemUser, Label, Node, Domain -from ..hands import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin __all__ = [ diff --git a/apps/assets/views/domain.py b/apps/assets/views/domain.py index be6528219..0bfce6905 100644 --- a/apps/assets/views/domain.py +++ b/apps/assets/views/domain.py @@ -7,7 +7,7 @@ from django.views.generic.detail import SingleObjectMixin from django.utils.translation import ugettext_lazy as _ from django.urls import reverse_lazy, reverse -from common.mixins import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from common.const import create_success_msg, update_success_msg from common.utils import get_object_or_none from ..models import Domain, Gateway diff --git a/apps/assets/views/label.py b/apps/assets/views/label.py index 0b2d0d6ad..de30eaaa3 100644 --- a/apps/assets/views/label.py +++ b/apps/assets/views/label.py @@ -6,7 +6,7 @@ from django.views.generic import TemplateView, CreateView, \ from django.utils.translation import ugettext_lazy as _ from django.urls import reverse_lazy -from common.mixins import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from common.const import create_success_msg, update_success_msg from ..models import Label from ..forms import LabelForm diff --git a/apps/assets/views/system_user.py b/apps/assets/views/system_user.py index 2e4eacf56..66c9450a6 100644 --- a/apps/assets/views/system_user.py +++ b/apps/assets/views/system_user.py @@ -10,7 +10,7 @@ from django.views.generic.detail import DetailView from common.const import create_success_msg, update_success_msg from ..forms import SystemUserForm from ..models import SystemUser, Node -from ..hands import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin __all__ = [ diff --git a/apps/audits/views.py b/apps/audits/views.py index f8e0a1dd3..b7b14032f 100644 --- a/apps/audits/views.py +++ b/apps/audits/views.py @@ -2,7 +2,8 @@ from django.conf import settings from django.views.generic import ListView from django.utils.translation import ugettext as _ -from common.mixins import AdminUserRequiredMixin, DatetimeSearchMixin +from common.mixins import DatetimeSearchMixin +from common.permissions import AdminUserRequiredMixin from .models import FTPLog diff --git a/apps/common/mixins.py b/apps/common/mixins.py index 29e0ad876..1973eaa8f 100644 --- a/apps/common/mixins.py +++ b/apps/common/mixins.py @@ -4,7 +4,7 @@ from django.db import models from django.http import JsonResponse from django.utils import timezone from django.utils.translation import ugettext_lazy as _ -from django.contrib.auth.mixins import UserPassesTestMixin + class NoDeleteQuerySet(models.query.QuerySet): @@ -116,11 +116,4 @@ class DatetimeSearchMixin: return super().get(request, *args, **kwargs) -class AdminUserRequiredMixin(UserPassesTestMixin): - def test_func(self): - if not self.request.user.is_authenticated: - return False - elif not self.request.user: - self.raise_exception = True - return False - return True + diff --git a/apps/common/permissions.py b/apps/common/permissions.py index 6a1cb8230..85a10b228 100644 --- a/apps/common/permissions.py +++ b/apps/common/permissions.py @@ -2,6 +2,9 @@ # from rest_framework import permissions +from django.contrib.auth.mixins import UserPassesTestMixin + +from orgs.utils import current_org class IsValidUser(permissions.IsAuthenticated, permissions.BasePermission): @@ -50,3 +53,13 @@ class IsCurrentUserOrReadOnly(permissions.BasePermission): if request.method in permissions.SAFE_METHODS: return True return obj == request.user + + +class AdminUserRequiredMixin(UserPassesTestMixin): + def test_func(self): + if not self.request.user.is_authenticated: + return False + elif not self.request.user: + self.raise_exception = True + return False + return True diff --git a/apps/common/views.py b/apps/common/views.py index 6a7d37f49..fd5acb502 100644 --- a/apps/common/views.py +++ b/apps/common/views.py @@ -8,7 +8,7 @@ from django.conf import settings from .forms import EmailSettingForm, LDAPSettingForm, BasicSettingForm, \ TerminalSettingForm, SecuritySettingForm -from .mixins import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from .signals import ldap_auth_enable diff --git a/apps/ops/hands.py b/apps/ops/hands.py index b6e3d3479..5ecf40d43 100644 --- a/apps/ops/hands.py +++ b/apps/ops/hands.py @@ -1,4 +1,4 @@ # ~*~ coding: utf-8 ~*~ from users.permissions import IsSuperUser -from users.utils import AdminUserRequiredMixin \ No newline at end of file +from common.permissions import AdminUserRequiredMixin \ No newline at end of file diff --git a/apps/ops/views.py b/apps/ops/views.py index e3ba2789a..0f1ee7f69 100644 --- a/apps/ops/views.py +++ b/apps/ops/views.py @@ -6,7 +6,7 @@ from django.views.generic import ListView, DetailView, TemplateView from common.mixins import DatetimeSearchMixin from .models import Task, AdHoc, AdHocRunHistory, CeleryTask -from .hands import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin class TaskListView(AdminUserRequiredMixin, DatetimeSearchMixin, ListView): diff --git a/apps/orgs/utils.py b/apps/orgs/utils.py index 3df8c953f..acf578447 100644 --- a/apps/orgs/utils.py +++ b/apps/orgs/utils.py @@ -20,19 +20,6 @@ def get_org_from_request(request): return org -def get_current_request(): - return getattr(_thread_locals, 'request', None) - - -def get_current_org(): - org = getattr(_thread_locals, 'current_org', None) - return org - - -def get_current_user(): - return getattr(_thread_locals, 'user', None) - - def set_current_org(org): setattr(_thread_locals, 'current_org', org) @@ -46,10 +33,13 @@ def set_to_root_org(): def _find(attr): - if hasattr(_thread_locals, attr): - return getattr(_thread_locals, attr) - return None + return getattr(_thread_locals, attr, None) -current_org = LocalProxy(get_current_org) +def get_current_org(): + return _find('current_org') + +current_org = LocalProxy(partial(_find, 'current_org')) +current_user = LocalProxy(partial(_find, 'current_user')) +current_request = LocalProxy(partial(_find, 'current_request')) diff --git a/apps/perms/hands.py b/apps/perms/hands.py index f608a4aa2..0bc38abb9 100644 --- a/apps/perms/hands.py +++ b/apps/perms/hands.py @@ -1,7 +1,7 @@ # ~*~ coding: utf-8 ~*~ # -from users.utils import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from users.models import User, UserGroup from assets.models import Asset, SystemUser, Node from assets.serializers import AssetGrantedSerializer, NodeGrantedSerializer, NodeSerializer diff --git a/apps/perms/views.py b/apps/perms/views.py index a0095a3a5..cd2481222 100644 --- a/apps/perms/views.py +++ b/apps/perms/views.py @@ -8,7 +8,7 @@ from django.views.generic.edit import DeleteView, SingleObjectMixin from django.urls import reverse_lazy from django.conf import settings -from common.mixins import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from .hands import Node, Asset, SystemUser, User, UserGroup from .models import AssetPermission from .forms import AssetPermissionForm diff --git a/apps/terminal/hands.py b/apps/terminal/hands.py index ce075bfc5..f936c9dc3 100644 --- a/apps/terminal/hands.py +++ b/apps/terminal/hands.py @@ -4,4 +4,4 @@ from users.models import User from users.permissions import IsSuperUserOrAppUser, IsAppUser, \ IsSuperUserOrAppUserOrUserReadonly -from users.utils import AdminUserRequiredMixin \ No newline at end of file +from common.permissions import AdminUserRequiredMixin \ No newline at end of file diff --git a/apps/terminal/views/command.py b/apps/terminal/views/command.py index 748261414..b7f62f369 100644 --- a/apps/terminal/views/command.py +++ b/apps/terminal/views/command.py @@ -6,7 +6,8 @@ from django.conf import settings from django.utils import timezone from django.utils.translation import ugettext as _ -from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin +from common.mixins import DatetimeSearchMixin +from common.permissions import AdminUserRequiredMixin from ..models import Command from .. import utils from ..backends import get_multi_command_storage diff --git a/apps/terminal/views/session.py b/apps/terminal/views/session.py index 71caeae48..bc49e1b65 100644 --- a/apps/terminal/views/session.py +++ b/apps/terminal/views/session.py @@ -7,7 +7,7 @@ from django.utils.translation import ugettext as _ from django.utils import timezone from django.conf import settings -from users.utils import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from common.mixins import DatetimeSearchMixin from ..models import Session, Command, Terminal from ..backends import get_multi_command_storage diff --git a/apps/terminal/views/terminal.py b/apps/terminal/views/terminal.py index 21f318172..b2c95c4a8 100644 --- a/apps/terminal/views/terminal.py +++ b/apps/terminal/views/terminal.py @@ -10,7 +10,7 @@ from django.urls import reverse_lazy, reverse from common.mixins import JSONResponseMixin from ..models import Terminal from ..forms import TerminalForm -from ..hands import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin __all__ = [ diff --git a/apps/users/views/group.py b/apps/users/views/group.py index 657acd8d9..74a65a41c 100644 --- a/apps/users/views/group.py +++ b/apps/users/views/group.py @@ -13,7 +13,7 @@ from common.utils import get_logger from common.const import create_success_msg, update_success_msg from orgs.mixins import OrgViewGenericMixin from ..models import User, UserGroup -from ..utils import AdminUserRequiredMixin +from common.permissions import AdminUserRequiredMixin from .. import forms __all__ = ['UserGroupListView', 'UserGroupCreateView', 'UserGroupDetailView', diff --git a/apps/users/views/login.py b/apps/users/views/login.py index f665224ce..f8740c95b 100644 --- a/apps/users/views/login.py +++ b/apps/users/views/login.py @@ -22,7 +22,8 @@ from formtools.wizard.views import SessionWizardView from django.conf import settings from common.utils import get_object_or_none -from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin +from common.mixins import DatetimeSearchMixin +from common.permissions import AdminUserRequiredMixin from orgs.utils import current_org from ..models import User, LoginLog from ..utils import send_reset_password_mail, check_otp_code, get_login_ip, \ diff --git a/apps/users/views/user.py b/apps/users/views/user.py index 645517276..3a0200fd0 100644 --- a/apps/users/views/user.py +++ b/apps/users/views/user.py @@ -34,9 +34,10 @@ from common.const import create_success_msg, update_success_msg from common.mixins import JSONResponseMixin from common.utils import get_logger, get_object_or_none, is_uuid, ssh_key_gen from common.models import Setting +from common.permissions import AdminUserRequiredMixin from .. import forms from ..models import User, UserGroup -from ..utils import AdminUserRequiredMixin, generate_otp_uri, check_otp_code, get_user_or_tmp_user, get_password_check_rules, check_password_rules +from ..utils import generate_otp_uri, check_otp_code, get_user_or_tmp_user, get_password_check_rules, check_password_rules from ..signals import post_user_create from ..tasks import write_login_log_async