mirror of https://github.com/jumpserver/jumpserver
[Update] 修改授权
ibuler
parent
2d3967872b
commit
274cb74097
|
|
@ -8,16 +8,15 @@ from .models import NodePermission
|
|||
|
||||
|
||||
class AssetPermissionForm(forms.ModelForm):
|
||||
|
||||
class Meta:
|
||||
model = NodePermission
|
||||
fields = [
|
||||
'node', 'user_group', 'system_user', 'is_active',
|
||||
'date_expired', 'comment'
|
||||
'date_expired', 'comment',
|
||||
]
|
||||
widgets = {
|
||||
'node': forms.Select(
|
||||
attrs={'class': 'select2', 'data-placeholder': _("Node")}
|
||||
attrs={'style': 'display:none'}
|
||||
),
|
||||
'user_group': forms.Select(
|
||||
attrs={'class': 'select2', 'data-placeholder': _("User group")}
|
||||
|
|
|
|||
|
|
@ -81,7 +81,8 @@ class NodePermission(models.Model):
|
|||
comment = models.TextField(verbose_name=_('Comment'), blank=True)
|
||||
|
||||
def __str__(self):
|
||||
return "{}:{}:{}".format(self.node.name, self.user_group.name, self.system_user.name)
|
||||
return "{}:{}:{}".format(self.node.value, self.user_group.name, self.system_user.name)
|
||||
|
||||
class Meta:
|
||||
unique_together = ('node', 'user_group', 'system_user')
|
||||
verbose_name = _("Asset permission")
|
||||
|
|
|
|||
|
|
@ -28,10 +28,21 @@
|
|||
</div>
|
||||
</div>
|
||||
<div class="ibox-content">
|
||||
{% if form.non_field_errors %}
|
||||
<div class="alert alert-danger">
|
||||
{{ form.non_field_errors }}
|
||||
</div>
|
||||
{% endif %}
|
||||
<form method="post" class="form-horizontal" action="" >
|
||||
{% csrf_token %}
|
||||
<h3>{% trans 'Basic' %}</h3>
|
||||
{% bootstrap_field form.node layout="horizontal" %}
|
||||
<div class="form-group">
|
||||
<label class="col-md-2 control-label" for="id_name">{% trans 'Node' %}</label>
|
||||
<div class="col-md-9">
|
||||
<input type="text" class="form-control" readonly value="{{ form.node.initial }}">
|
||||
</div>
|
||||
</div>
|
||||
{{ form.node }}
|
||||
{% bootstrap_field form.user_group layout="horizontal" %}
|
||||
{% bootstrap_field form.system_user layout="horizontal" %}
|
||||
<div class="hr-line-dashed"></div>
|
||||
|
|
|
|||
|
|
@ -9,10 +9,10 @@ urlpatterns = [
|
|||
url(r'^asset-permission$', views.AssetPermissionListView.as_view(), name='asset-permission-list'),
|
||||
url(r'^asset-permission/create$', views.AssetPermissionCreateView.as_view(), name='asset-permission-create'),
|
||||
url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})/update$', views.AssetPermissionUpdateView.as_view(), name='asset-permission-update'),
|
||||
url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})$', views.AssetPermissionDetailView.as_view(),name='asset-permission-detail'),
|
||||
# url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})$', views.AssetPermissionDetailView.as_view(),name='asset-permission-detail'),
|
||||
url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})/delete$', views.AssetPermissionDeleteView.as_view(), name='asset-permission-delete'),
|
||||
url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})/user$', views.AssetPermissionUserView.as_view(), name='asset-permission-user-list'),
|
||||
url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})/asset$', views.AssetPermissionAssetView.as_view(), name='asset-permission-asset-list'),
|
||||
# url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})/user$', views.AssetPermissionUserView.as_view(), name='asset-permission-user-list'),
|
||||
# url(r'^asset-permission/(?P<pk>[0-9a-zA-Z\-]{36})/asset$', views.AssetPermissionAssetView.as_view(), name='asset-permission-asset-list'),
|
||||
]
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -2,14 +2,21 @@
|
|||
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
import collections
|
||||
from django.utils import timezone
|
||||
|
||||
from common.utils import setattr_bulk, get_logger
|
||||
from .tasks import push_users
|
||||
from .hands import User, UserGroup, Asset, AssetGroup, SystemUser
|
||||
from .hands import AssetGroup
|
||||
|
||||
logger = get_logger(__file__)
|
||||
|
||||
|
||||
def get_user_group_permissions(user_group):
|
||||
return user_group.nodepermission_set.all() \
|
||||
.filter(is_active=True) \
|
||||
.filter(date_expired=timezone.now())
|
||||
|
||||
|
||||
def get_user_group_granted_asset_groups(user_group):
|
||||
"""Return asset groups granted of the user group
|
||||
|
||||
|
|
|
|||
|
|
@ -7,7 +7,6 @@ from django.conf import settings
|
|||
from django.views.generic import ListView, CreateView, UpdateView
|
||||
from django.views.generic.edit import DeleteView
|
||||
from django.urls import reverse_lazy
|
||||
from django.contrib.messages.views import SuccessMessageMixin
|
||||
from django.views.generic.detail import DetailView, SingleObjectMixin
|
||||
|
||||
from common.utils import get_object_or_none
|
||||
|
|
@ -61,6 +60,11 @@ class AssetPermissionUpdateView(AdminUserRequiredMixin, UpdateView):
|
|||
template_name = 'perms/asset_permission_create_update.html'
|
||||
success_url = reverse_lazy("perms:asset-permission-list")
|
||||
|
||||
def get_form(self, form_class=None):
|
||||
form = super().get_form(form_class=form_class)
|
||||
form['node'].initial = form.instance.node
|
||||
return form
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
|
|
@ -70,22 +74,22 @@ class AssetPermissionUpdateView(AdminUserRequiredMixin, UpdateView):
|
|||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionDetailView(AdminUserRequiredMixin, DetailView):
|
||||
template_name = 'perms/asset_permission_detail.html'
|
||||
context_object_name = 'asset_permission'
|
||||
model = AssetPermission
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Asset permission detail'),
|
||||
'system_users_remain': [
|
||||
system_user for system_user in SystemUser.objects.all()
|
||||
if system_user not in self.object.system_users.all()],
|
||||
'system_users': self.object.system_users.all(),
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super().get_context_data(**kwargs)
|
||||
# class AssetPermissionDetailView(AdminUserRequiredMixin, DetailView):
|
||||
# template_name = 'perms/asset_permission_detail.html'
|
||||
# context_object_name = 'asset_permission'
|
||||
# model = AssetPermission
|
||||
#
|
||||
# def get_context_data(self, **kwargs):
|
||||
# context = {
|
||||
# 'app': _('Perms'),
|
||||
# 'action': _('Asset permission detail'),
|
||||
# 'system_users_remain': [
|
||||
# system_user for system_user in SystemUser.objects.all()
|
||||
# if system_user not in self.object.system_users.all()],
|
||||
# 'system_users': self.object.system_users.all(),
|
||||
# }
|
||||
# kwargs.update(context)
|
||||
# return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionDeleteView(AdminUserRequiredMixin, DeleteView):
|
||||
|
|
@ -94,61 +98,61 @@ class AssetPermissionDeleteView(AdminUserRequiredMixin, DeleteView):
|
|||
success_url = reverse_lazy('perms:asset-permission-list')
|
||||
|
||||
|
||||
class AssetPermissionUserView(AdminUserRequiredMixin,
|
||||
SingleObjectMixin,
|
||||
ListView):
|
||||
template_name = 'perms/asset_permission_user.html'
|
||||
context_object_name = 'asset_permission'
|
||||
paginate_by = settings.DISPLAY_PER_PAGE
|
||||
object = None
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
self.object = self.get_object(queryset=AssetPermission.objects.all())
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = self.object.get_granted_users()
|
||||
return queryset
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
users_granted = self.get_queryset()
|
||||
groups_granted = self.object.user_groups.all()
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Asset permission user list'),
|
||||
'users_remain': User.objects.exclude(id__in=[user.id for user in users_granted]),
|
||||
'user_groups': self.object.user_groups.all(),
|
||||
'user_groups_remain': UserGroup.objects.exclude(id__in=[group.id for group in groups_granted])
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super().get_context_data(**kwargs)
|
||||
# class AssetPermissionUserView(AdminUserRequiredMixin,
|
||||
# SingleObjectMixin,
|
||||
# ListView):
|
||||
# template_name = 'perms/asset_permission_user.html'
|
||||
# context_object_name = 'asset_permission'
|
||||
# paginate_by = settings.DISPLAY_PER_PAGE
|
||||
# object = None
|
||||
#
|
||||
# def get(self, request, *args, **kwargs):
|
||||
# self.object = self.get_object(queryset=AssetPermission.objects.all())
|
||||
# return super().get(request, *args, **kwargs)
|
||||
#
|
||||
# def get_queryset(self):
|
||||
# queryset = self.object.get_granted_users()
|
||||
# return queryset
|
||||
#
|
||||
# def get_context_data(self, **kwargs):
|
||||
# users_granted = self.get_queryset()
|
||||
# groups_granted = self.object.user_groups.all()
|
||||
# context = {
|
||||
# 'app': _('Perms'),
|
||||
# 'action': _('Asset permission user list'),
|
||||
# 'users_remain': User.objects.exclude(id__in=[user.id for user in users_granted]),
|
||||
# 'user_groups': self.object.user_groups.all(),
|
||||
# 'user_groups_remain': UserGroup.objects.exclude(id__in=[group.id for group in groups_granted])
|
||||
# }
|
||||
# kwargs.update(context)
|
||||
# return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionAssetView(AdminUserRequiredMixin,
|
||||
SingleObjectMixin,
|
||||
ListView):
|
||||
template_name = 'perms/asset_permission_asset.html'
|
||||
context_object_name = 'asset_permission'
|
||||
paginate_by = settings.DISPLAY_PER_PAGE
|
||||
object = None
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
self.object = self.get_object(queryset=AssetPermission.objects.all())
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = self.object.get_granted_assets()
|
||||
return queryset
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
assets_granted = self.get_queryset()
|
||||
groups_granted = self.object.asset_groups.all()
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Asset permission asset list'),
|
||||
'assets_remain': Asset.objects.exclude(id__in=[asset.id for asset in assets_granted]),
|
||||
'asset_groups': self.object.asset_groups.all(),
|
||||
'asset_groups_remain': AssetGroup.objects.exclude(id__in=[group.id for group in groups_granted])
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super().get_context_data(**kwargs)
|
||||
# class AssetPermissionAssetView(AdminUserRequiredMixin,
|
||||
# SingleObjectMixin,
|
||||
# ListView):
|
||||
# template_name = 'perms/asset_permission_asset.html'
|
||||
# context_object_name = 'asset_permission'
|
||||
# paginate_by = settings.DISPLAY_PER_PAGE
|
||||
# object = None
|
||||
#
|
||||
# def get(self, request, *args, **kwargs):
|
||||
# self.object = self.get_object(queryset=AssetPermission.objects.all())
|
||||
# return super().get(request, *args, **kwargs)
|
||||
#
|
||||
# def get_queryset(self):
|
||||
# queryset = self.object.get_granted_assets()
|
||||
# return queryset
|
||||
#
|
||||
# def get_context_data(self, **kwargs):
|
||||
# assets_granted = self.get_queryset()
|
||||
# groups_granted = self.object.asset_groups.all()
|
||||
# context = {
|
||||
# 'app': _('Perms'),
|
||||
# 'action': _('Asset permission asset list'),
|
||||
# 'assets_remain': Asset.objects.exclude(id__in=[asset.id for asset in assets_granted]),
|
||||
# 'asset_groups': self.object.asset_groups.all(),
|
||||
# 'asset_groups_remain': AssetGroup.objects.exclude(id__in=[group.id for group in groups_granted])
|
||||
# }
|
||||
# kwargs.update(context)
|
||||
# return super().get_context_data(**kwargs)
|
||||
|
|
|
|||
Loading…
Reference in New Issue