perf: ticket login asset acl

2022-11-28 21:54:20 +08:00 · 2022-11-28 21:54:20 +08:00 · 3052aa759c
parent 11636dafd8
commit 3052aa759c
3 changed files with 21 additions and 16 deletions
--- a/apps/acls/api/login_asset_check.py
+++ b/apps/acls/api/login_asset_check.py
@ -26,7 +26,7 @@ class LoginAssetCheckAPI(CreateAPIView):
    def check_if_need_confirm(self):
        queries = {
            'user': self.serializer.user, 'asset': self.serializer.asset,
-            'account': self.serializer.account,
+            'account_username': self.serializer.username,
            'action': LoginAssetACL.ActionChoices.login_confirm
        }
        with tmp_to_org(self.serializer.org):
@ -45,7 +45,7 @@ class LoginAssetCheckAPI(CreateAPIView):
        ticket = LoginAssetACL.create_login_asset_confirm_ticket(
            user=self.serializer.user,
            asset=self.serializer.asset,
-            account=self.serializer.account,
+            account_username=self.serializer.username,
            assignees=acl.reviewers.all(),
            org_id=self.serializer.org.id,
        )
--- a/apps/acls/models/login_asset_acl.py
+++ b/apps/acls/models/login_asset_acl.py
@ -43,11 +43,11 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
        return self.name

    @classmethod
-    def filter(cls, user, asset, account, action):
+    def filter(cls, user, asset, account_username, action):
        queryset = cls.objects.filter(action=action)
        queryset = cls.filter_user(user, queryset)
        queryset = cls.filter_asset(asset, queryset)
-        queryset = cls.filter_account(account, queryset)
+        queryset = cls.filter_account(account_username, queryset)
        return queryset

    @classmethod
@ -69,18 +69,18 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
        return queryset

    @classmethod
-    def filter_account(cls, account, queryset):
+    def filter_account(cls, account_username, queryset):
        queryset = queryset.filter(
-            Q(accounts__name_group__contains=account.name) |
+            Q(accounts__name_group__contains=account_username) |
            Q(accounts__name_group__contains='*')
        ).filter(
-            Q(accounts__username_group__contains=account.username) |
+            Q(accounts__username_group__contains=account_username) |
            Q(accounts__username_group__contains='*')
        )
        return queryset

    @classmethod
-    def create_login_asset_confirm_ticket(cls, user, asset, account, assignees, org_id):
+    def create_login_asset_confirm_ticket(cls, user, asset, account_username, assignees, org_id):
        from tickets.const import TicketType
        from tickets.models import ApplyLoginAssetTicket
        title = _('Login asset confirm') + ' ({})'.format(user)
@ -90,7 +90,7 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
            'applicant': user,
            'apply_login_user': user,
            'apply_login_asset': asset,
-            'apply_login_account': str(account),
+            'apply_login_account': account_username,
            'type': TicketType.login_asset_confirm,
        }
        ticket = ApplyLoginAssetTicket.objects.create(**data)
--- a/apps/acls/serializers/login_asset_check.py
+++ b/apps/acls/serializers/login_asset_check.py
@ -10,15 +10,13 @@ __all__ = ['LoginAssetCheckSerializer']
 class LoginAssetCheckSerializer(serializers.Serializer):
    user_id = serializers.UUIDField(required=True, allow_null=False)
    asset_id = serializers.UUIDField(required=True, allow_null=False)
-    account_id = serializers.UUIDField(required=True, allow_null=False)
    account_username = serializers.CharField(max_length=128, default='')

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.user = None
        self.asset = None
-        self.account = None
-        self._account_username = None
+        self.username = None

    def validate_user_id(self, user_id):
        self.user = self.validate_object_exist(User, user_id)
@ -28,10 +26,6 @@ class LoginAssetCheckSerializer(serializers.Serializer):
        self.asset = self.validate_object_exist(Asset, asset_id)
        return asset_id

-    def validate_account_id(self, account_id):
-        self.account = self.validate_object_exist(Account, account_id)
-        return account_id
-
    @staticmethod
    def validate_object_exist(model, field_id):
        with tmp_to_root_org():
@ -41,6 +35,17 @@ class LoginAssetCheckSerializer(serializers.Serializer):
            raise serializers.ValidationError(error)
        return obj

+    def validate_account_username(self, account_username):
+        asset_id = self.initial_data.get('asset_id')
+        account = Account.objects.filter(
+            username=account_username, asset_id=asset_id
+        ).first()
+        if not account:
+            error = 'Account username does not exist'
+            raise serializers.ValidationError(error)
+        self.username = account_username
+        return account_username
+
    @lazyproperty
    def org(self):
        return self.asset.org