Merge remote-tracking branch 'origin/v3' into v3

2022-10-26 17:20:55 +08:00 · 2022-10-26 17:20:55 +08:00 · 3977b81ea1
parent 77436724b4 bd001bb262
commit 3977b81ea1
3 changed files with 37 additions and 69 deletions
--- a/apps/authentication/migrations/0013_auto_20221025_1908.py
+++ b/apps/authentication/migrations/0013_auto_20221025_1908.py
@ -1,29 +0,0 @@
-# Generated by Django 3.2.14 on 2022-10-25 11:08
-
-from django.db import migrations, models
-import django.db.models.deletion
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('assets', '0110_auto_20221021_1506'),
-        ('authentication', '0012_auto_20220816_1629'),
-    ]
-
-    operations = [
-        migrations.RemoveField(
-            model_name='connectiontoken',
-            name='type',
-        ),
-        migrations.AddField(
-            model_name='connectiontoken',
-            name='account_display',
-            field=models.CharField(default='', max_length=128, verbose_name='Account display'),
-        ),
-        migrations.AlterField(
-            model_name='connectiontoken',
-            name='account',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='connection_tokens', to='assets.account', verbose_name='Account'),
-        ),
-    ]
--- a/apps/authentication/migrations/0013_remove_connectiontoken_type.py
+++ b/apps/authentication/migrations/0013_remove_connectiontoken_type.py
@ -0,0 +1,17 @@
+# Generated by Django 3.2.14 on 2022-10-26 08:07
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0012_auto_20220816_1629'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='connectiontoken',
+            name='type',
+        ),
+    ]
--- a/apps/authentication/models.py
+++ b/apps/authentication/models.py
@ -78,11 +78,7 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
        related_name='connection_tokens', null=True, blank=True
    )
    asset_display = models.CharField(max_length=128, default='', verbose_name=_("Asset display"))
-    account = models.ForeignKey(
-        'assets.Account', on_delete=models.SET_NULL, verbose_name=_('Account'),
-        related_name='connection_tokens', null=True, blank=True
-    )
-    account_display = models.CharField(max_length=128, default='', verbose_name=_("Account display"))
+    account = models.CharField(max_length=128, default='', verbose_name=_("Account"))

    class Meta:
        ordering = ('-date_expired',)
@ -127,7 +123,6 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):

    def check_valid(self):
        from perms.utils.permission import validate_permission as asset_validate_permission
-        from perms.utils.application.permission import validate_permission as app_validate_permission

        if self.is_expired:
            is_valid = False
@ -143,45 +138,30 @@ class ConnectionToken(OrgModelMixin, JMSBaseModel):
            error = _('User invalid, disabled or expired')
            return is_valid, error

-        if not self.system_user:
+        if not self.account:
            is_valid = False
-            error = _('System user not exists')
+            error = _('Account not exists')
            return is_valid, error

-        if self.is_type(self.Type.asset):
-            if not self.asset:
-                is_valid = False
-                error = _('Asset not exists')
-                return is_valid, error
-            if not self.asset.is_active:
-                is_valid = False
-                error = _('Asset inactive')
-                return is_valid, error
-            has_perm, actions, expired_at = asset_validate_permission(
-                self.user, self.asset, self.system_user
-            )
-            if not has_perm:
-                is_valid = False
-                error = _('User has no permission to access asset or permission expired')
-                return is_valid, error
-            self.actions = actions
-            self.expired_at = expired_at
+        if not self.asset:
+            is_valid = False
+            error = _('Asset not exists')
+            return is_valid, error

-        elif self.is_type(self.Type.application):
-            if not self.application:
-                is_valid = False
-                error = _('Application not exists')
-                return is_valid, error
-            has_perm, actions, expired_at = app_validate_permission(
-                self.user, self.application, self.system_user
-            )
-            if not has_perm:
-                is_valid = False
-                error = _('User has no permission to access application or permission expired')
-                return is_valid, error
-            self.actions = actions
-            self.expired_at = expired_at
+        if not self.asset.is_active:
+            is_valid = False
+            error = _('Asset inactive')
+            return is_valid, error

+        has_perm, actions, expired_at = asset_validate_permission(
+            self.user, self.asset, self.account
+        )
+        if not has_perm:
+            is_valid = False
+            error = _('User has no permission to access asset or permission expired')
+            return is_valid, error
+        self.actions = actions
+        self.expired_at = expired_at
        return True, ''

    @lazyproperty