diff --git a/apps/assets/api/asset.py b/apps/assets/api/asset.py index 2d22dd41b..bdf5b8d89 100644 --- a/apps/assets/api/asset.py +++ b/apps/assets/api/asset.py @@ -85,7 +85,7 @@ class AssetViewSet(LabelFilter, OrgBulkModelViewSet): queryset = queryset.filter( nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key), ) - return queryset + return queryset.distinct() def filter_admin_user_id(self, queryset): admin_user_id = self.request.query_params.get('admin_user_id') diff --git a/apps/assets/forms/cmd_filter.py b/apps/assets/forms/cmd_filter.py index 308a008d0..cd7df89e8 100644 --- a/apps/assets/forms/cmd_filter.py +++ b/apps/assets/forms/cmd_filter.py @@ -2,6 +2,7 @@ # from django import forms from django.core.exceptions import ValidationError +from django.utils.translation import ugettext_lazy as _ import re from orgs.mixins import OrgModelForm diff --git a/apps/assets/serializers/cmd_filter.py b/apps/assets/serializers/cmd_filter.py index dfdff2cdb..3f29ca686 100644 --- a/apps/assets/serializers/cmd_filter.py +++ b/apps/assets/serializers/cmd_filter.py @@ -2,6 +2,7 @@ # import re from rest_framework import serializers +from django.utils.translation import ugettext_lazy as _ from common.fields import ChoiceDisplayField from common.serializers import AdaptedBulkListSerializer @@ -35,6 +36,9 @@ class CommandFilterRuleSerializer(BulkOrgResourceModelSerializer): list_serializer_class = AdaptedBulkListSerializer def validate_content(self, content): + tp = self.initial_data.get("type") + if tp == CommandFilterRule.TYPE_REGEX: + return content if self.invalid_pattern.search(content): invalid_char = self.invalid_pattern.pattern.replace('\\', '') msg = _("Content should not be contain: {}").format(invalid_char) diff --git a/apps/assets/templates/assets/admin_user_list.html b/apps/assets/templates/assets/admin_user_list.html index 61389ad08..2212fd82f 100644 --- a/apps/assets/templates/assets/admin_user_list.html +++ b/apps/assets/templates/assets/admin_user_list.html @@ -115,7 +115,7 @@ function initTable() { }}], ajax_url: '{% url "api-assets:admin-user-list" %}', columns: [ - {data: function(){return ""}}, {data: "name"}, {data: "username" }, {data: "assets_amount" }, + {data: function(){return ""}}, {data: "name"}, {data: "username" }, {data: "assets_amount", orderable: false}, {#{data: "connectivity_amount"}, {data: "connectivity_amount"}, {data: "connectivity_amount"},#} {data: "comment"}, {data: "id"} ] diff --git a/apps/perms/api/user_permission.py b/apps/perms/api/user_permission.py index 0e67e2747..0746252cb 100644 --- a/apps/perms/api/user_permission.py +++ b/apps/perms/api/user_permission.py @@ -344,6 +344,12 @@ class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, RetrieveAPIView user_id = self.request.query_params.get('user_id', '') asset_id = self.request.query_params.get('asset_id', '') system_id = self.request.query_params.get('system_user_id', '') + try: + user_id = uuid.UUID(user_id) + asset_id = uuid.UUID(asset_id) + system_id = uuid.UUID(system_id) + except ValueError: + return Response({'msg': False}, status=403) user = get_object_or_404(User, id=user_id) diff --git a/apps/users/templates/users/_base_otp.html b/apps/users/templates/users/_base_otp.html index b45758afc..0bb257239 100644 --- a/apps/users/templates/users/_base_otp.html +++ b/apps/users/templates/users/_base_otp.html @@ -42,8 +42,7 @@
{% trans 'Security token validation' %}  {% trans 'Account' %} {{ user.username }}  {% trans 'Follow these steps to complete the binding operation' %}
-
- +
{% block content %} {% endblock %}