github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Update] Merge

pull/1362/head
ibuler 2018-05-25 17:28:53 +08:00
parent a96bda8ca9
commit 3f4b5ad465
2 changed files with 32 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/perms/api.py
View File

@ -41,7 +41,7 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
asset = get_object_or_404(Asset, pk=asset_id) asset = get_object_or_404(Asset, pk=asset_id)
permissions = set(queryset.filter(assets=asset)) permissions = set(queryset.filter(assets=asset))
for node in asset.nodes.all(): for node in asset.nodes.all():
inherit_nodes.update(set(node.ancestor_with_node)) inherit_nodes.update(set(node.ancestor_with_self))
elif node_id: elif node_id:
node = get_object_or_404(Node, pk=node_id) node = get_object_or_404(Node, pk=node_id)
permissions = set(queryset.filter(nodes=node)) permissions = set(queryset.filter(nodes=node))

49
apps/perms/utils.py
View File

@ -8,10 +8,35 @@ import copy
from common.utils import set_or_append_attr_bulk, get_logger from common.utils import set_or_append_attr_bulk, get_logger
from .models import AssetPermission from .models import AssetPermission
from .hands import Node
logger = get_logger(__file__) logger = get_logger(__file__)
class Tree:
def __init__(self):
self.__all_nodes = list(Node.objects.all())
self.nodes = defaultdict(dict)
self.root = Node.root()
def add_node(self, node):
if node in self.nodes:
return
else:
self.nodes[node] = defaultdict(set)
if node.key == self.root.key:
return
parent_key = ':'.join(node.key.split(':')[:-1])
for n in self.__all_nodes:
if n.key == parent_key:
self.add_node(n)
break
def add_nodes(self, nodes):
for node in nodes:
self.add_node(node)
class AssetPermissionUtil: class AssetPermissionUtil:
@staticmethod @staticmethod
def get_user_permissions(user): def get_user_permissions(user):
@ -181,27 +206,15 @@ class AssetPermissionUtil:
:param user: :param user:
:return: {node: {asset: set(su1, su2)}} :return: {node: {asset: set(su1, su2)}}
""" """
from assets.models import Node tree = Tree()
unnode = Node(value='Unnode')
nodes = defaultdict(dict)
for _node in cls.get_user_nodes(user):
children = _node.get_family()
for node in children:
nodes[node] = defaultdict(set)
_assets = cls.get_user_assets(user) _assets = cls.get_user_assets(user)
for asset, _system_users in _assets.items(): for asset, _system_users in _assets.items():
_nodes = asset.get_nodes() _nodes = asset.get_nodes()
in_node = False tree.add_nodes(_nodes)
for node in _nodes: for node in _nodes:
if node in nodes: tree.nodes[node][asset].update(_system_users)
in_node = True return tree.nodes
nodes[node][asset].update(_system_users)
if not in_node:
if unnode in nodes:
nodes[unnode][asset].update(_system_users)
else:
nodes[unnode][asset] = _system_users
return nodes
@classmethod @classmethod
def get_system_user_assets(cls, system_user): def get_system_user_assets(cls, system_user):
@ -256,7 +269,7 @@ class NodePermissionUtil:
nodes = copy.deepcopy(nodes_directed) nodes = copy.deepcopy(nodes_directed)
for node, system_users in nodes_directed.items(): for node, system_users in nodes_directed.items():
for child in node.get_family(): for child in node.get_all_children_with_self():
nodes[child].update(system_users) nodes[child].update(system_users)
return nodes return nodes