github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #6458 from jumpserver/dev 

v2.12.0 rc5
pull/6468/head
Jiangjie.Bai 2021-07-15 18:00:27 +08:00 committed by GitHub
parent c4fb3a8c04 329565251a
commit 2f0fcddc29
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 42 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
apps/assets/api/asset.py
View File

@ -42,7 +42,6 @@ class AssetViewSet(FilterAssetByNodeMixin, OrgBulkModelViewSet):
ordering_fields = ("hostname", "ip", "port", "cpu_cores")
serializer_classes = {
'default': serializers.AssetSerializer,
'single': serializers.AssetVerboseSerializer,
}
permission_classes = (IsOrgAdminOrAppUser,)
extra_filter_backends = [FilterAssetByNodeFilterBackend, LabelFilterBackend, IpInFilterBackend]

26
apps/assets/migrations/0071_systemuser_type.py
View File

@ -1,6 +1,8 @@
# Generated by Django 3.1.6 on 2021-06-04 16:46
from django.db import migrations, models, transaction
import django.db.models.deletion
from django.db.models import F
def migrate_admin_user_to_system_user(apps, schema_editor):
@ -40,6 +42,13 @@ def migrate_admin_user_to_system_user(apps, schema_editor):
s.assets.set(assets)
def migrate_assets_admin_user(apps, schema_editor):
asset_model = apps.get_model("assets", "Asset")
db_alias = schema_editor.connection.alias
assets = asset_model.objects.using(db_alias).all()
assets.update(admin_user=F('_admin_user'))
class Migration(migrations.Migration):
dependencies = [
@ -62,5 +71,20 @@ class Migration(migrations.Migration):
name='protocol',
field=models.CharField(choices=[('ssh', 'SSH'), ('rdp', 'RDP'), ('telnet', 'Telnet'), ('vnc', 'VNC'), ('mysql', 'MySQL'), ('oracle', 'Oracle'), ('mariadb', 'MariaDB'), ('postgresql', 'PostgreSQL'), ('k8s', 'K8S')], default='ssh', max_length=16, verbose_name='Protocol'),
),
migrations.RunPython(migrate_admin_user_to_system_user)
migrations.RunPython(migrate_admin_user_to_system_user),
migrations.RenameField(
model_name='asset',
old_name='admin_user',
new_name='_admin_user',
),
migrations.AddField(
model_name='asset',
name='admin_user',
field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='admin_assets', to='assets.systemuser', verbose_name='Admin user'),
),
migrations.RunPython(migrate_assets_admin_user),
migrations.RemoveField(
model_name='asset',
name='_admin_user',
),
]

7
apps/assets/migrations/0074_remove_systemuser_assets.py
View File

@ -1,6 +1,7 @@
# Generated by Django 3.1.6 on 2021-06-06 03:40
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
@ -14,11 +15,7 @@ class Migration(migrations.Migration):
model_name='systemuser',
name='assets',
),
migrations.RenameField(
model_name='asset',
old_name='admin_user',
new_name='_admin_user',
),
migrations.AddField(
model_name='systemuser',
name='assets',

28
apps/assets/models/asset.py
View File

@ -7,7 +7,6 @@ import logging
from functools import reduce
from collections import OrderedDict
from django.utils import timezone
from django.db import models
from common.db.models import TextChoices
from django.utils.translation import ugettext_lazy as _
@ -191,7 +190,7 @@ class Asset(AbsConnectivity, ProtocolsMixin, NodesRelationMixin, OrgModelMixin):
is_active = models.BooleanField(default=True, verbose_name=_('Is active'))
# Auth
_admin_user = models.ForeignKey('assets.AdminUser', on_delete=models.PROTECT, null=True, verbose_name=_("Admin user"), related_name='assets')
admin_user = models.ForeignKey('assets.SystemUser', on_delete=models.SET_NULL, null=True, verbose_name=_("Admin user"), related_name='admin_assets')
# Some information
public_ip = models.CharField(max_length=128, blank=True, null=True, verbose_name=_('Public IP'))
@ -225,22 +224,15 @@ class Asset(AbsConnectivity, ProtocolsMixin, NodesRelationMixin, OrgModelMixin):
def __str__(self):
return '{0.hostname}({0.ip})'.format(self)
__admin_user = None
@property
def admin_user(self):
# 解决每次获取资产管理用户时都是最新的对象
if self.__admin_user is None:
self.__admin_user = self.system_users.filter(type='admin').first()
return self.__admin_user
@admin_user.setter
def admin_user(self, system_user):
if not system_user:
def set_admin_user_relation(self):
from .authbook import AuthBook
if not self.admin_user:
return
if system_user.type != 'admin':
if self.admin_user.type != 'admin':
raise ValidationError('System user should be type admin')
system_user.assets.add(self)
defaults = {'asset': self, 'systemuser': self.admin_user, 'org_id': self.org_id}
AuthBook.objects.get_or_create(defaults=defaults, asset=self, systemuser=self.admin_user)
@property
def admin_user_display(self):
@ -248,10 +240,6 @@ class Asset(AbsConnectivity, ProtocolsMixin, NodesRelationMixin, OrgModelMixin):
return ''
return str(self.admin_user)
def remove_admin_user(self):
from ..models import AuthBook
AuthBook.objects.filter(asset=self, systemuser__type='admin').delete()
@property
def is_valid(self):
warning = ''

22
apps/assets/serializers/asset.py
View File

@ -8,7 +8,7 @@ from orgs.mixins.serializers import BulkOrgResourceModelSerializer
from ..models import Asset, Node, Platform, SystemUser
__all__ = [
'AssetSerializer', 'AssetSimpleSerializer', 'AssetVerboseSerializer',
'AssetSerializer', 'AssetSimpleSerializer',
'ProtocolsField', 'PlatformSerializer',
'AssetTaskSerializer',
]
@ -62,9 +62,6 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
platform = serializers.SlugRelatedField(
slug_field='name', queryset=Platform.objects.all(), label=_("Platform")
)
admin_user = serializers.PrimaryKeyRelatedField(
queryset=SystemUser.objects, label=_('Admin user'), write_only=True
)
protocols = ProtocolsField(label=_('Protocols'), required=False, default=['ssh/22'])
domain_display = serializers.ReadOnlyField(source='domain.name', label=_('Domain name'))
nodes_display = serializers.ListField(child=serializers.CharField(), label=_('Nodes name'), required=False)
@ -83,7 +80,7 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
'hardware_info', 'connectivity', 'date_verified'
]
fields_fk = [
'domain', 'domain_display', 'platform', 'admin_user',
'domain', 'domain_display', 'platform', 'admin_user', 'admin_user_display'
]
fields_m2m = [
'nodes', 'nodes_display', 'labels',
@ -112,7 +109,7 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
@classmethod
def setup_eager_loading(cls, queryset):
""" Perform necessary eager loading of data. """
queryset = queryset.prefetch_related('domain', 'platform')
queryset = queryset.prefetch_related('domain', 'platform', 'admin_user')
queryset = queryset.prefetch_related('nodes', 'labels')
return queryset
@ -147,31 +144,18 @@ class AssetSerializer(BulkOrgResourceModelSerializer):
def create(self, validated_data):
self.compatible_with_old_protocol(validated_data)
nodes_display = validated_data.pop('nodes_display', '')
admin_user = validated_data.pop('admin_user', '')
instance = super().create(validated_data)
self.perform_nodes_display_create(instance, nodes_display)
instance.admin_user = admin_user
return instance
def update(self, instance, validated_data):
nodes_display = validated_data.pop('nodes_display', '')
self.compatible_with_old_protocol(validated_data)
admin_user = validated_data.pop('admin_user', '')
instance = super().update(instance, validated_data)
self.perform_nodes_display_create(instance, nodes_display)
instance.admin_user = admin_user
return instance
class AssetVerboseSerializer(AssetSerializer):
admin_user = serializers.PrimaryKeyRelatedField(
queryset=SystemUser.objects, label=_('Admin user')
)
class Meta(AssetSerializer.Meta):
fields = AssetSerializer.Meta.fields + ['admin_user_display']
class PlatformSerializer(serializers.ModelSerializer):
meta = serializers.DictField(required=False, allow_null=True, label=_('Meta'))

5
apps/assets/signals_handler/asset.py
View File

@ -52,6 +52,8 @@ def on_asset_created_or_update(sender, instance=None, created=False, **kwargs):
if not has_node:
instance.nodes.add(Node.org_root())
instance.set_admin_user_relation()
@receiver(m2m_changed, sender=Asset.nodes.through)
def on_asset_nodes_add(instance, action, reverse, pk_set, **kwargs):
@ -96,7 +98,8 @@ def on_asset_nodes_add(instance, action, reverse, pk_set, **kwargs):
asset_ids_to_push.append(asset_id)
to_create.append(m2m_model(
systemuser_id=system_user_id,
asset_id=asset_id
asset_id=asset_id,
org_id=instance.org_id
))
if asset_ids_to_push:
push_system_user_to_assets.delay(system_user_id, asset_ids_to_push)

10
apps/assets/signals_handler/authbook.py
View File

@ -4,7 +4,6 @@ from simple_history.signals import pre_create_historical_record
from django.db.models.signals import post_save, pre_save
from common.utils import get_logger
from orgs.utils import tmp_to_root_org
from ..models import AuthBook, SystemUser
AuthBookHistory = apps.get_model('assets', 'HistoricalAuthBook')
@ -31,15 +30,6 @@ def pre_create_historical_record_callback(sender, history_instance=None, **kwarg
@receiver(post_save, sender=AuthBook)
def on_authbook_post_create(sender, instance, **kwargs):
# 去掉这个资产的管理用户
if instance.systemuser and instance.systemuser.is_admin_user:
with tmp_to_root_org():
deleted_count, other = AuthBook.objects.filter(
asset=instance.asset,
systemuser__type=SystemUser.Type.admin
).exclude(id=instance.id).delete()
logger.debug('Remove asset old admin user: {}'.format(deleted_count))
if not instance.systemuser:
instance.sync_to_system_user_account()