github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #3105 from jumpserver/bugfix 

Bugfix
pull/3107/head
老广 2019-08-12 17:14:50 +08:00 committed by GitHub
parent 39528a935b fdef282c57
commit 2d7d9d4de7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 34 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/assets/tasks.py
View File

@ -94,7 +94,7 @@ def set_assets_hardware_info(assets, result, **kwargs):
break break
else: else:
___cpu_model = 'Unknown' ___cpu_model = 'Unknown'
___cpu_model = ___cpu_model[:64] ___cpu_model = ___cpu_model[:48]
___cpu_count = info.get('ansible_processor_count', 0) ___cpu_count = info.get('ansible_processor_count', 0)
___cpu_cores = info.get('ansible_processor_cores', None) or \ ___cpu_cores = info.get('ansible_processor_cores', None) or \
len(info.get('ansible_processor', [])) len(info.get('ansible_processor', []))

16
apps/common/mixins/serializers.py
View File

@ -1,6 +1,7 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# #
from django.core.exceptions import ObjectDoesNotExist
from rest_framework.utils import html from rest_framework.utils import html
from rest_framework.settings import api_settings from rest_framework.settings import api_settings
from rest_framework.exceptions import ValidationError from rest_framework.exceptions import ValidationError
@ -74,16 +75,21 @@ class BulkListSerializerMixin(object):
for item in data: for item in data:
try: try:
# prepare child serializer to only handle one instance # prepare child serializer to only handle one instance
if 'id' in item.keys(): if 'id' in item:
self.child.instance = self.instance.get(id=item['id']) if self.instance else None pk = item["id"]
if 'pk' in item.keys(): elif 'pk' in item:
self.child.instance = self.instance.get(id=item['pk']) if self.instance else None pk = item["pk"]
else:
raise ValidationError("id or pk not in data")
child = self.instance.get(id=pk)
self.child.instance = child
self.child.initial_data = item self.child.initial_data = item
# raw # raw
validated = self.child.run_validation(item) validated = self.child.run_validation(item)
except ValidationError as exc: except ValidationError as exc:
errors.append(exc.detail) errors.append(exc.detail)
except ObjectDoesNotExist as e:
errors.append(e)
else: else:
ret.append(validated) ret.append(validated)
errors.append({}) errors.append({})

4
apps/common/parsers/csv.py
View File

@ -40,7 +40,7 @@ class JMSCSVParser(BaseParser):
@staticmethod @staticmethod
def _get_fields_map(serializer): def _get_fields_map(serializer):
fields_map = {} fields_map = {}
fields = serializer.get_fields() fields = serializer.fields
fields_map.update({v.label: k for k, v in fields.items()}) fields_map.update({v.label: k for k, v in fields.items()})
fields_map.update({k: k for k, _ in fields.items()}) fields_map.update({k: k for k, _ in fields.items()})
return fields_map return fields_map
@ -91,7 +91,7 @@ class JMSCSVParser(BaseParser):
header = next(rows) header = next(rows)
fields_map = self._get_fields_map(serializer) fields_map = self._get_fields_map(serializer)
header = [fields_map.get(name, '') for name in header] header = [fields_map.get(name.strip('*'), '') for name in header]
data = [] data = []
for row in rows: for row in rows:

29
apps/common/renders/csv.py
View File

@ -20,26 +20,18 @@ class JMSCSVRender(BaseRenderer):
format = 'csv' format = 'csv'
@staticmethod @staticmethod
def _get_header(fields, template): def _get_show_fields(fields, template):
if template == 'import': if template in ('import', 'update'):
header = [ return [v for k, v in fields.items() if not v.read_only and k != "org_id"]
k for k, v in fields.items()
if not v.read_only and k != 'org_id'
]
elif template == 'update':
header = [k for k, v in fields.items() if not v.read_only]
else: else:
# template in ['export'] return [v for k, v in fields.items() if not v.write_only and k != "org_id"]
header = [k for k, v in fields.items() if not v.write_only]
return header
@staticmethod @staticmethod
def _gen_table(data, header, labels=None): def _gen_table(data, fields):
labels = labels or {} yield ['*{}'.format(f.label) if f.required else f.label for f in fields]
yield [labels.get(k, k) for k in header]
for item in data: for item in data:
row = [item.get(key) for key in header] row = [item.get(f.field_name) for f in fields]
yield row yield row
def set_response_disposition(self, serializer, context): def set_response_disposition(self, serializer, context):
@ -73,10 +65,9 @@ class JMSCSVRender(BaseRenderer):
logger.debug(e, exc_info=True) logger.debug(e, exc_info=True)
value = 'The resource not support export!'.encode('utf-8') value = 'The resource not support export!'.encode('utf-8')
else: else:
fields = serializer.get_fields() fields = serializer.fields
header = self._get_header(fields, template) show_fields = self._get_show_fields(fields, template)
labels = {k: v.label for k, v in fields.items() if v.label} table = self._gen_table(data, show_fields)
table = self._gen_table(data, header, labels)
csv_buffer = BytesIO() csv_buffer = BytesIO()
csv_buffer.write(codecs.BOM_UTF8) csv_buffer.write(codecs.BOM_UTF8)

24
apps/users/api/user.py
View File

@ -5,10 +5,10 @@ from django.core.cache import cache
from django.contrib.auth import logout from django.contrib.auth import logout
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from rest_framework import status
from rest_framework import generics from rest_framework import generics
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.permissions import IsAuthenticated from rest_framework.permissions import IsAuthenticated
from rest_framework.serializers import ValidationError
from rest_framework_bulk import BulkModelViewSet from rest_framework_bulk import BulkModelViewSet
from rest_framework.pagination import LimitOffsetPagination from rest_framework.pagination import LimitOffsetPagination
@ -69,9 +69,7 @@ class UserViewSet(IDInCacheFilterMixin, BulkModelViewSet):
check current user has permission to handle instance check current user has permission to handle instance
(update, destroy, bulk_update, bulk destroy) (update, destroy, bulk_update, bulk destroy)
""" """
if not self.request.user.is_superuser and instance.is_superuser: if instance.is_superuser and not self.request.user.is_superuser:
return True
if self.request.user == instance:
return True return True
return False return False
@ -87,16 +85,14 @@ class UserViewSet(IDInCacheFilterMixin, BulkModelViewSet):
return False return False
return qs.count() != filtered.count() return qs.count() != filtered.count()
def bulk_update(self, request, *args, **kwargs): def perform_bulk_update(self, serializer):
""" users_ids = [d.get("id") or d.get("pk") for d in serializer.validated_data]
rewrite because limit org_admin update superuser users = User.objects.filter(id__in=users_ids)
""" deny_instances = [str(i.id) for i in users if self._deny_permission(i)]
# restrict the update to the filtered queryset if deny_instances:
queryset = self.filter_queryset(self.get_queryset()) msg = "{} can't be update".format(deny_instances)
if self._bulk_deny_permission(queryset): raise ValidationError({"id": msg})
data = {'msg': _("You do not have permission.")} return super().perform_bulk_update(serializer)
return Response(data=data, status=status.HTTP_403_FORBIDDEN)
return super().bulk_update(request, *args, **kwargs)
class UserChangePasswordApi(generics.RetrieveUpdateAPIView): class UserChangePasswordApi(generics.RetrieveUpdateAPIView):