mirror of https://github.com/jumpserver/jumpserver
Jiangjie.Bai
GitHub
commit
2b2821c0a1
|
|
@ -105,7 +105,7 @@ class UserLoginLog(models.Model):
|
|||
reason = models.CharField(default='', max_length=128, blank=True, verbose_name=_('Reason'))
|
||||
status = models.BooleanField(max_length=2, default=True, choices=STATUS_CHOICE, verbose_name=_('Status'))
|
||||
datetime = models.DateTimeField(default=timezone.now, verbose_name=_('Date login'))
|
||||
backend = models.CharField(max_length=32, default='', verbose_name=_('Login backend'))
|
||||
backend = models.CharField(max_length=32, default='', verbose_name=_('Authentication backend'))
|
||||
|
||||
@classmethod
|
||||
def get_login_logs(cls, date_from=None, date_to=None, user=None, keyword=None):
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -1162,8 +1162,8 @@ msgid "Date login"
|
|||
msgstr "登录日期"
|
||||
|
||||
#: audits/models.py:108
|
||||
msgid "Login backend"
|
||||
msgstr "登录引擎"
|
||||
msgid "Authentication backend"
|
||||
msgstr "认证方式"
|
||||
|
||||
#: audits/serializers.py:15
|
||||
msgid "Operate for display"
|
||||
|
|
|
|||
|
|
@ -1,12 +1,12 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
from common.permissions import IsOrgAdmin
|
||||
from orgs.mixins.api import OrgBulkModelViewSet
|
||||
from applications.models import Application
|
||||
from perms.models import ApplicationPermission
|
||||
from perms import serializers
|
||||
from ..base import BasePermissionViewSet
|
||||
|
||||
|
||||
class ApplicationPermissionViewSet(OrgBulkModelViewSet):
|
||||
class ApplicationPermissionViewSet(BasePermissionViewSet):
|
||||
"""
|
||||
应用授权列表的增删改查API
|
||||
"""
|
||||
|
|
@ -14,7 +14,9 @@ class ApplicationPermissionViewSet(OrgBulkModelViewSet):
|
|||
serializer_class = serializers.ApplicationPermissionSerializer
|
||||
filter_fields = ['name', 'category', 'type']
|
||||
search_fields = filter_fields
|
||||
permission_classes = (IsOrgAdmin,)
|
||||
custom_filter_fields = BasePermissionViewSet.custom_filter_fields + [
|
||||
'application_id', 'application'
|
||||
]
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset().prefetch_related(
|
||||
|
|
@ -22,3 +24,22 @@ class ApplicationPermissionViewSet(OrgBulkModelViewSet):
|
|||
)
|
||||
return queryset
|
||||
|
||||
def filter_application(self, queryset):
|
||||
application_id = self.request.query_params.get('application_id')
|
||||
application_name = self.request.query_params.get('application')
|
||||
if application_id:
|
||||
applications = Application.objects.filter(pk=application_id)
|
||||
elif application_name:
|
||||
applications = Application.objects.filter(name=application_name)
|
||||
else:
|
||||
return queryset
|
||||
if not applications:
|
||||
return queryset.none()
|
||||
queryset = queryset.filter(applications=applications)
|
||||
return queryset
|
||||
|
||||
def filter_queryset(self, queryset):
|
||||
queryset = super().filter_queryset(queryset)
|
||||
queryset = self.filter_application(queryset)
|
||||
return queryset
|
||||
|
||||
|
|
|
|||
|
|
@ -2,14 +2,12 @@
|
|||
#
|
||||
from django.db.models import Q
|
||||
|
||||
from common.permissions import IsOrgAdmin
|
||||
from orgs.mixins.api import OrgBulkModelViewSet
|
||||
from common.utils import get_object_or_none
|
||||
from perms.models import AssetPermission
|
||||
from perms.hands import (
|
||||
User, UserGroup, Asset, Node, SystemUser,
|
||||
Asset, Node
|
||||
)
|
||||
from perms import serializers
|
||||
from ..base import BasePermissionViewSet
|
||||
|
||||
|
||||
__all__ = [
|
||||
|
|
@ -17,14 +15,16 @@ __all__ = [
|
|||
]
|
||||
|
||||
|
||||
class AssetPermissionViewSet(OrgBulkModelViewSet):
|
||||
class AssetPermissionViewSet(BasePermissionViewSet):
|
||||
"""
|
||||
资产授权列表的增删改查api
|
||||
"""
|
||||
model = AssetPermission
|
||||
serializer_class = serializers.AssetPermissionSerializer
|
||||
filter_fields = ['name']
|
||||
permission_classes = (IsOrgAdmin,)
|
||||
custom_filter_fields = BasePermissionViewSet.custom_filter_fields + [
|
||||
'node_id', 'node', 'asset_id', 'hostname', 'ip'
|
||||
]
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset().prefetch_related(
|
||||
|
|
@ -32,35 +32,6 @@ class AssetPermissionViewSet(OrgBulkModelViewSet):
|
|||
)
|
||||
return queryset
|
||||
|
||||
def is_query_all(self):
|
||||
query_all = self.request.query_params.get('all', '1') == '1'
|
||||
return query_all
|
||||
|
||||
def filter_valid(self, queryset):
|
||||
valid_query = self.request.query_params.get('is_valid', None)
|
||||
if valid_query is None:
|
||||
return queryset
|
||||
invalid = valid_query in ['0', 'N', 'false', 'False']
|
||||
if invalid:
|
||||
queryset = queryset.invalid()
|
||||
else:
|
||||
queryset = queryset.valid()
|
||||
return queryset
|
||||
|
||||
def filter_system_user(self, queryset):
|
||||
system_user_id = self.request.query_params.get('system_user_id')
|
||||
system_user_name = self.request.query_params.get('system_user')
|
||||
if system_user_id:
|
||||
system_user = get_object_or_none(SystemUser, pk=system_user_id)
|
||||
elif system_user_name:
|
||||
system_user = get_object_or_none(SystemUser, name=system_user_name)
|
||||
else:
|
||||
return queryset
|
||||
if not system_user:
|
||||
return queryset.none()
|
||||
queryset = queryset.filter(system_users=system_user)
|
||||
return queryset
|
||||
|
||||
def filter_node(self, queryset):
|
||||
node_id = self.request.query_params.get('node_id')
|
||||
node_name = self.request.query_params.get('node')
|
||||
|
|
@ -112,55 +83,8 @@ class AssetPermissionViewSet(OrgBulkModelViewSet):
|
|||
).distinct()
|
||||
return queryset
|
||||
|
||||
def filter_user(self, queryset):
|
||||
user_id = self.request.query_params.get('user_id')
|
||||
username = self.request.query_params.get('username')
|
||||
if user_id:
|
||||
user = get_object_or_none(User, pk=user_id)
|
||||
elif username:
|
||||
user = get_object_or_none(User, username=username)
|
||||
else:
|
||||
return queryset
|
||||
if not user:
|
||||
return queryset.none()
|
||||
if not self.is_query_all():
|
||||
queryset = queryset.filter(users=user)
|
||||
return queryset
|
||||
groups = user.groups.all()
|
||||
queryset = queryset.filter(
|
||||
Q(users=user) | Q(user_groups__in=groups)
|
||||
).distinct()
|
||||
return queryset
|
||||
|
||||
def filter_user_group(self, queryset):
|
||||
user_group_id = self.request.query_params.get('user_group_id')
|
||||
user_group_name = self.request.query_params.get('user_group')
|
||||
if user_group_id:
|
||||
group = get_object_or_none(UserGroup, pk=user_group_id)
|
||||
elif user_group_name:
|
||||
group = get_object_or_none(UserGroup, name=user_group_name)
|
||||
else:
|
||||
return queryset
|
||||
if not group:
|
||||
return queryset.none()
|
||||
queryset = queryset.filter(user_groups=group)
|
||||
return queryset
|
||||
|
||||
def filter_keyword(self, queryset):
|
||||
keyword = self.request.query_params.get('search')
|
||||
if not keyword:
|
||||
return queryset
|
||||
queryset = queryset.filter(name__icontains=keyword)
|
||||
return queryset
|
||||
|
||||
def filter_queryset(self, queryset):
|
||||
queryset = super().filter_queryset(queryset)
|
||||
queryset = self.filter_valid(queryset)
|
||||
queryset = self.filter_user(queryset)
|
||||
queryset = self.filter_keyword(queryset)
|
||||
queryset = self.filter_asset(queryset)
|
||||
queryset = self.filter_node(queryset)
|
||||
queryset = self.filter_system_user(queryset)
|
||||
queryset = self.filter_user_group(queryset)
|
||||
queryset = queryset.distinct()
|
||||
return queryset
|
||||
|
|
|
|||
|
|
@ -1,13 +1,106 @@
|
|||
from django.db.models import F
|
||||
from orgs.mixins.api import OrgBulkModelViewSet
|
||||
from orgs.mixins.api import OrgRelationMixin
|
||||
from django.db.models import Q
|
||||
from common.permissions import IsOrgAdmin
|
||||
from common.utils import get_object_or_none
|
||||
from orgs.mixins.api import OrgBulkModelViewSet
|
||||
from assets.models import SystemUser
|
||||
from users.models import User, UserGroup
|
||||
|
||||
|
||||
__all__ = [
|
||||
'RelationViewSet'
|
||||
'RelationViewSet', 'BasePermissionViewSet'
|
||||
]
|
||||
|
||||
|
||||
class BasePermissionViewSet(OrgBulkModelViewSet):
|
||||
custom_filter_fields = [
|
||||
'user_id', 'username', 'search', 'system_user_id', 'system_user',
|
||||
'user_group_id', 'user_group'
|
||||
]
|
||||
permission_classes = (IsOrgAdmin,)
|
||||
|
||||
def filter_valid(self, queryset):
|
||||
valid_query = self.request.query_params.get('is_valid', None)
|
||||
if valid_query is None:
|
||||
return queryset
|
||||
invalid = valid_query in ['0', 'N', 'false', 'False']
|
||||
if invalid:
|
||||
queryset = queryset.invalid()
|
||||
else:
|
||||
queryset = queryset.valid()
|
||||
return queryset
|
||||
|
||||
def is_query_all(self):
|
||||
query_all = self.request.query_params.get('all', '1') == '1'
|
||||
return query_all
|
||||
|
||||
def filter_user(self, queryset):
|
||||
user_id = self.request.query_params.get('user_id')
|
||||
username = self.request.query_params.get('username')
|
||||
if user_id:
|
||||
user = get_object_or_none(User, pk=user_id)
|
||||
elif username:
|
||||
user = get_object_or_none(User, username=username)
|
||||
else:
|
||||
return queryset
|
||||
if not user:
|
||||
return queryset.none()
|
||||
if not self.is_query_all():
|
||||
queryset = queryset.filter(users=user)
|
||||
return queryset
|
||||
groups = user.groups.all()
|
||||
queryset = queryset.filter(
|
||||
Q(users=user) | Q(user_groups__in=groups)
|
||||
).distinct()
|
||||
return queryset
|
||||
|
||||
def filter_keyword(self, queryset):
|
||||
keyword = self.request.query_params.get('search')
|
||||
if not keyword:
|
||||
return queryset
|
||||
queryset = queryset.filter(name__icontains=keyword)
|
||||
return queryset
|
||||
|
||||
def filter_system_user(self, queryset):
|
||||
system_user_id = self.request.query_params.get('system_user_id')
|
||||
system_user_name = self.request.query_params.get('system_user')
|
||||
if system_user_id:
|
||||
system_user = get_object_or_none(SystemUser, pk=system_user_id)
|
||||
elif system_user_name:
|
||||
system_user = get_object_or_none(SystemUser, name=system_user_name)
|
||||
else:
|
||||
return queryset
|
||||
if not system_user:
|
||||
return queryset.none()
|
||||
queryset = queryset.filter(system_users=system_user)
|
||||
return queryset
|
||||
|
||||
def filter_user_group(self, queryset):
|
||||
user_group_id = self.request.query_params.get('user_group_id')
|
||||
user_group_name = self.request.query_params.get('user_group')
|
||||
if user_group_id:
|
||||
group = get_object_or_none(UserGroup, pk=user_group_id)
|
||||
elif user_group_name:
|
||||
group = get_object_or_none(UserGroup, name=user_group_name)
|
||||
else:
|
||||
return queryset
|
||||
if not group:
|
||||
return queryset.none()
|
||||
queryset = queryset.filter(user_groups=group)
|
||||
return queryset
|
||||
|
||||
def filter_queryset(self, queryset):
|
||||
queryset = super().filter_queryset(queryset)
|
||||
queryset = self.filter_valid(queryset)
|
||||
queryset = self.filter_user(queryset)
|
||||
queryset = self.filter_system_user(queryset)
|
||||
queryset = self.filter_user_group(queryset)
|
||||
queryset = self.filter_keyword(queryset)
|
||||
queryset = queryset.distinct()
|
||||
return queryset
|
||||
|
||||
|
||||
class RelationViewSet(OrgRelationMixin, OrgBulkModelViewSet):
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
|
|
|
|||
|
|
@ -237,6 +237,9 @@ class UserProfileSerializer(UserSerializer):
|
|||
'public_key_comment', 'public_key_hash_md5', 'admin_or_audit_orgs', 'current_org_roles',
|
||||
'guide_url', 'user_all_orgs'
|
||||
]
|
||||
read_only_fields = [
|
||||
'date_joined', 'last_login', 'created_by', 'source'
|
||||
]
|
||||
extra_kwargs = dict(UserSerializer.Meta.extra_kwargs)
|
||||
extra_kwargs.update({
|
||||
'name': {'read_only': True, 'max_length': 128},
|
||||
|
|
|
|||
Loading…
Reference in New Issue