mirror of https://github.com/jumpserver/jumpserver
[Bugfix] 修复授权和资产的一部分bug
ibuler
parent
b0eace6ad8
commit
3f89701b84
|
|
@ -87,7 +87,7 @@ class Asset(models.Model):
|
|||
comment = models.TextField(max_length=128, default='', blank=True, verbose_name=_('Comment'))
|
||||
|
||||
def __str__(self):
|
||||
return '%s <%s: %s>' % (self.hostname, self.ip, self.port)
|
||||
return self.hostname
|
||||
|
||||
@property
|
||||
def is_valid(self):
|
||||
|
|
|
|||
|
|
@ -198,7 +198,7 @@ class SystemUser(AssetUser):
|
|||
('P', 'Password'),
|
||||
('K', 'Public key'),
|
||||
)
|
||||
cluster = models.ManyToManyField('assets.Cluster', null=True, blank=True, verbose_name=_("Cluster"))
|
||||
cluster = models.ManyToManyField('assets.Cluster', blank=True, verbose_name=_("Cluster"))
|
||||
priority = models.IntegerField(default=10, verbose_name=_("Priority")) # Todo: If user granted more priority user, default will be login as the hign
|
||||
protocol = models.CharField(max_length=16, choices=PROTOCOL_CHOICES, default='ssh', verbose_name=_('Protocol'))
|
||||
auto_push = models.BooleanField(default=True, verbose_name=_('Auto push'))
|
||||
|
|
|
|||
|
|
@ -123,24 +123,6 @@
|
|||
{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
Array.prototype.remove = function(val) {
|
||||
var index = this.indexOf(val);
|
||||
if (index > -1) {
|
||||
this.splice(index, 1);
|
||||
}
|
||||
};
|
||||
Array.prototype.unique = function(){
|
||||
var res = [];
|
||||
var json = {};
|
||||
for(var i = 0; i < this.length; i++){
|
||||
if(!json[this[i]]){
|
||||
res.push(this[i]);
|
||||
json[this[i]] = 1;
|
||||
}
|
||||
}
|
||||
return res;
|
||||
};
|
||||
|
||||
function bindToCluster(clusters) {
|
||||
var the_url = "{% url 'api-assets:admin-user-add-clusters' pk=admin_user.id %}";
|
||||
var body = {
|
||||
|
|
|
|||
|
|
@ -227,7 +227,7 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" class="no-borders">
|
||||
<button type="button" class="btn btn-info btn-sm" id="btn_add_user_group">{% trans 'Confirm' %}</button>
|
||||
<button type="button" class="btn btn-info btn-sm" id="btn-add-user-group">{% trans 'Confirm' %}</button>
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
|
|
@ -327,7 +327,7 @@ $(document).ready(function () {
|
|||
}else{
|
||||
$(".ibox-content > table > tbody > tr:nth-child(13) > td:last >b").html('False');
|
||||
}
|
||||
}).on('click', '#btn_add_user_group', function () {
|
||||
}).on('click', '#btn-add-user-group', function () {
|
||||
if (Object.keys(jumpserver.groups_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -101,7 +101,7 @@
|
|||
</tr>
|
||||
<tr class="no-borders-tr">
|
||||
<td colspan="2">
|
||||
<button type="button" class="btn btn-primary btn-sm btn-add-assets">{% trans 'Confirm' %}</button>
|
||||
<button type="button" class="btn btn-info btn-sm btn-add-assets">{% trans 'Confirm' %}</button>
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
$(document).ready(function(){
|
||||
function initTable() {
|
||||
var options = {
|
||||
ele: $('#system_user_list_table'),
|
||||
columnDefs: [
|
||||
|
|
@ -74,7 +74,6 @@ $(document).ready(function(){
|
|||
|
||||
}},
|
||||
{targets: 8, createdCell: function (td, cellData, rowData) {
|
||||
{# var script_btn = '<a href="{% url "assets:system-user-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-primary">{% trans "Script" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);#}
|
||||
var update_btn = '<a href="{% url "assets:system-user-update" pk=DEFAULT_PK %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
|
||||
var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_admin_user_delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
|
||||
$(td).html(update_btn + del_btn)
|
||||
|
|
@ -87,6 +86,10 @@ $(document).ready(function(){
|
|||
op_html: $('#actions').html()
|
||||
};
|
||||
jumpserver.initDataTable(options);
|
||||
}
|
||||
|
||||
$(document).ready(function(){
|
||||
initTable();
|
||||
})
|
||||
|
||||
.on('click', '.btn_admin_user_delete', function () {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
# ~*~ coding: utf-8 ~*~
|
||||
|
||||
from collections import defaultdict
|
||||
|
||||
from ansible.plugins.callback import CallbackBase
|
||||
from ansible.plugins.callback.default import CallbackModule
|
||||
|
||||
|
|
@ -19,8 +21,9 @@ class AdHocResultCallback(CallbackModule):
|
|||
# "contacted": {"hostname",...},
|
||||
# "dark": {"hostname": {"task_name": {}, "task_name": {}},...,},
|
||||
# }
|
||||
self.results_raw = dict(ok={}, failed={}, unreachable={}, skipped={})
|
||||
self.results_summary = dict(contacted=[], dark={})
|
||||
self.results_raw = dict(ok=defaultdict(dict), failed=defaultdict(dict),
|
||||
unreachable=defaultdict(dict), skipped=defaultdict(dict))
|
||||
self.results_summary = dict(contacted=[], dark=defaultdict(dict))
|
||||
super().__init__()
|
||||
|
||||
def gather_result(self, t, res):
|
||||
|
|
@ -31,8 +34,8 @@ class AdHocResultCallback(CallbackModule):
|
|||
|
||||
if self.results_raw[t].get(host):
|
||||
self.results_raw[t][host][task_name] = task_result
|
||||
else:
|
||||
self.results_raw[t][host] = {task_name: task_result}
|
||||
# else:
|
||||
# self.results_raw[t][host] = {task_name: task_result}
|
||||
self.clean_result(t, host, task_name, task_result)
|
||||
|
||||
def clean_result(self, t, host, task_name, task_result):
|
||||
|
|
@ -42,10 +45,10 @@ class AdHocResultCallback(CallbackModule):
|
|||
if host not in contacted:
|
||||
contacted.append(host)
|
||||
else:
|
||||
if dark.get(host):
|
||||
dark[host][task_name] = task_result
|
||||
else:
|
||||
dark[host] = {task_name: task_result}
|
||||
# if dark.get(host):
|
||||
dark[host][task_name] = task_result.values
|
||||
# else:
|
||||
# dark[host] = {task_name: task_result}
|
||||
if host in contacted:
|
||||
contacted.remove(host)
|
||||
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
from django.shortcuts import get_object_or_404
|
||||
from rest_framework.views import APIView, Response
|
||||
from rest_framework.generics import ListAPIView, get_object_or_404
|
||||
from rest_framework.generics import ListAPIView, get_object_or_404, RetrieveUpdateAPIView
|
||||
from rest_framework import viewsets
|
||||
from users.permissions import IsValidUser, IsSuperUser, IsAppUser, IsSuperUserOrAppUser
|
||||
from common.utils import get_object_or_none
|
||||
|
|
@ -14,7 +14,6 @@ from .models import AssetPermission
|
|||
from .hands import AssetGrantedSerializer, User, UserGroup, AssetGroup, Asset, \
|
||||
AssetGroup, AssetGroupGrantedSerializer, SystemUser, MyAssetGroupGrantedSerializer
|
||||
from . import serializers
|
||||
from .utils import associate_system_users_and_assets
|
||||
|
||||
|
||||
class AssetPermissionViewSet(viewsets.ModelViewSet):
|
||||
|
|
@ -39,93 +38,85 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
|
|||
queryset = get_user_group_asset_permissions(user_group)
|
||||
return queryset
|
||||
|
||||
# Todo: 忘记为何要重写get_serializer_class了
|
||||
def get_serializer_class(self):
|
||||
if getattr(self, 'user_id', ''):
|
||||
return serializers.UserAssetPermissionSerializer
|
||||
return serializers.AssetPermissionSerializer
|
||||
|
||||
def associate_system_users_and_assets(self, serializer):
|
||||
assets = serializer.validated_data.get('assets', [])
|
||||
asset_groups = serializer.validated_data.get('asset_groups', [])
|
||||
system_users = serializer.validated_data.get('system_users', [])
|
||||
if serializer.partial:
|
||||
instance = self.get_object()
|
||||
assets.extend(list(instance.assets.all()))
|
||||
asset_groups.extend(list(instance.asset_groups.all()))
|
||||
system_users.extend(list(instance.system_users.all()))
|
||||
associate_system_users_and_assets(system_users, assets, asset_groups)
|
||||
|
||||
def perform_create(self, serializer):
|
||||
self.associate_system_users_and_assets(serializer)
|
||||
return super(AssetPermissionViewSet, self).perform_create(serializer)
|
||||
|
||||
def perform_update(self, serializer):
|
||||
self.associate_system_users_and_assets(serializer)
|
||||
return super(AssetPermissionViewSet, self).perform_update(serializer)
|
||||
|
||||
|
||||
class RevokeUserAssetPermission(APIView):
|
||||
class AssetPermissionRemoveUserApi(RetrieveUpdateAPIView):
|
||||
"""
|
||||
将用户从授权中移除,Detail页面会调用
|
||||
"""
|
||||
permission_classes = (IsSuperUser,)
|
||||
serializer_class = serializers.AssetPermissionUpdateUserSerializer
|
||||
queryset = AssetPermission.objects.all()
|
||||
|
||||
def put(self, request, *args, **kwargs):
|
||||
permission_id = str(request.data.get('id', ''))
|
||||
user_id = str(request.data.get('user_id', ''))
|
||||
|
||||
if permission_id and user_id and permission_id.isdigit() and user_id.isdigit():
|
||||
asset_permission = get_object_or_404(AssetPermission, id=int(permission_id))
|
||||
user = get_object_or_404(User, id=int(user_id))
|
||||
|
||||
if asset_permission and user:
|
||||
asset_permission.users.remove(user)
|
||||
return Response({'msg': 'success'})
|
||||
return Response({'msg': 'failed'}, status=404)
|
||||
def update(self, request, *args, **kwargs):
|
||||
perm = self.get_object()
|
||||
serializer = self.serializer_class(data=request.data)
|
||||
if serializer.is_valid():
|
||||
users = serializer.validated_data.get('users')
|
||||
if users:
|
||||
perm.users.remove(*tuple(users))
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
|
||||
|
||||
class RemoveSystemUserAssetPermission(APIView):
|
||||
class AssetPermissionAddUserApi(RetrieveUpdateAPIView):
|
||||
permission_classes = (IsSuperUser,)
|
||||
serializer_class = serializers.AssetPermissionUpdateUserSerializer
|
||||
queryset = AssetPermission.objects.all()
|
||||
|
||||
def update(self, request, *args, **kwargs):
|
||||
perm = self.get_object()
|
||||
serializer = self.serializer_class(data=request.data)
|
||||
if serializer.is_valid():
|
||||
users = serializer.validated_data.get('users')
|
||||
if users:
|
||||
perm.users.add(*tuple(users))
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
|
||||
|
||||
class AssetPermissionRemoveAssetApi(RetrieveUpdateAPIView):
|
||||
"""
|
||||
将系统用户从授权中移除, Detail页面会调用
|
||||
将用户从授权中移除,Detail页面会调用
|
||||
"""
|
||||
permission_classes = (IsSuperUser,)
|
||||
serializer_class = serializers.AssetPermissionUpdateAssetSerializer
|
||||
queryset = AssetPermission.objects.all()
|
||||
|
||||
def put(self, request, *args, **kwargs):
|
||||
response = []
|
||||
asset_permission_id = kwargs.pop('pk')
|
||||
system_users_id = request.data.get('system_users')
|
||||
print(system_users_id)
|
||||
asset_permission = get_object_or_404(
|
||||
AssetPermission, id=asset_permission_id)
|
||||
if not isinstance(system_users_id, list):
|
||||
system_users_id = [system_users_id]
|
||||
for system_user_id in system_users_id:
|
||||
system_user = get_object_or_none(SystemUser, id=system_user_id)
|
||||
if system_user:
|
||||
asset_permission.system_users.remove(system_user)
|
||||
response.append(system_user.to_json())
|
||||
return Response(response, status=200)
|
||||
def update(self, request, *args, **kwargs):
|
||||
perm = self.get_object()
|
||||
serializer = self.serializer_class(data=request.data)
|
||||
if serializer.is_valid():
|
||||
print(serializer.data)
|
||||
assets = serializer.validated_data.get('assets')
|
||||
if assets:
|
||||
perm.assets.remove(*tuple(assets))
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
|
||||
|
||||
class RevokeUserGroupAssetPermission(APIView):
|
||||
"""
|
||||
将用户组从授权中删除
|
||||
"""
|
||||
class AssetPermissionAddAssetApi(RetrieveUpdateAPIView):
|
||||
permission_classes = (IsSuperUser,)
|
||||
serializer_class = serializers.AssetPermissionUpdateAssetSerializer
|
||||
queryset = AssetPermission.objects.all()
|
||||
|
||||
def put(self, request, *args, **kwargs):
|
||||
permission_id = str(request.data.get('id', ''))
|
||||
user_group_id = str(request.data.get('user_group_id', ''))
|
||||
|
||||
if permission_id and user_group_id and permission_id.isdigit() and user_group_id.isdigit():
|
||||
asset_permission = get_object_or_404(AssetPermission, id=int(permission_id))
|
||||
user_group = get_object_or_404(UserGroup, id=int(user_group_id))
|
||||
|
||||
if asset_permission and user_group:
|
||||
asset_permission.user_groups.remove(user_group)
|
||||
return Response({'msg': 'success'})
|
||||
return Response({'msg': 'failed'}, status=404)
|
||||
def update(self, request, *args, **kwargs):
|
||||
perm = self.get_object()
|
||||
serializer = self.serializer_class(data=request.data)
|
||||
if serializer.is_valid():
|
||||
assets = serializer.validated_data.get('assets')
|
||||
if assets:
|
||||
perm.assets.add(*tuple(assets))
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
|
||||
|
||||
class UserGrantedAssetsApi(ListAPIView):
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ class AssetPermissionForm(forms.ModelForm):
|
|||
}
|
||||
help_texts = {
|
||||
'name': '* required',
|
||||
'user_groups': '* User or user group at least one required',
|
||||
'asset_groups': '* Asset or Asset group at least one required',
|
||||
'system_users': '* required',
|
||||
'user_groups': _('User or user group at least one required'),
|
||||
'asset_groups': _('Asset or Asset group at least one required'),
|
||||
}
|
||||
|
|
|
|||
|
|
@ -9,28 +9,18 @@ from common.utils import date_expired_default
|
|||
|
||||
class AssetPermission(models.Model):
|
||||
from users.models import User, UserGroup
|
||||
from assets.models import Asset, AssetGroup, SystemUser
|
||||
from assets.models import Asset, AssetGroup, SystemUser, Cluster
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
name = models.CharField(
|
||||
max_length=128, unique=True, verbose_name=_('Name'))
|
||||
users = models.ManyToManyField(
|
||||
User, related_name='asset_permissions', blank=True)
|
||||
user_groups = models.ManyToManyField(
|
||||
UserGroup, related_name='asset_permissions', blank=True)
|
||||
assets = models.ManyToManyField(
|
||||
Asset, related_name='granted_by_permissions', blank=True)
|
||||
asset_groups = models.ManyToManyField(
|
||||
AssetGroup, related_name='granted_by_permissions', blank=True)
|
||||
system_users = models.ManyToManyField(
|
||||
SystemUser, related_name='granted_by_permissions')
|
||||
is_active = models.BooleanField(
|
||||
default=True, verbose_name=_('Active'))
|
||||
date_expired = models.DateTimeField(
|
||||
default=date_expired_default, verbose_name=_('Date expired'))
|
||||
created_by = models.CharField(
|
||||
max_length=128, blank=True, verbose_name=_('Created by'))
|
||||
date_created = models.DateTimeField(
|
||||
auto_now_add=True, verbose_name=_('Date created'))
|
||||
name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
|
||||
users = models.ManyToManyField(User, related_name='asset_permissions', blank=True, verbose_name=_("User"))
|
||||
user_groups = models.ManyToManyField(UserGroup, related_name='asset_permissions', blank=True, verbose_name=_("User group"))
|
||||
assets = models.ManyToManyField(Asset, related_name='granted_by_permissions', blank=True, verbose_name=_("Asset"))
|
||||
asset_groups = models.ManyToManyField(AssetGroup, related_name='granted_by_permissions', blank=True, verbose_name=_("Asset group"))
|
||||
system_users = models.ManyToManyField(SystemUser, related_name='granted_by_permissions', verbose_name=_("System user"))
|
||||
is_active = models.BooleanField(default=True, verbose_name=_('Active'))
|
||||
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
|
||||
created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))
|
||||
date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created'))
|
||||
comment = models.TextField(verbose_name=_('Comment'), blank=True)
|
||||
|
||||
def __str__(self):
|
||||
|
|
@ -38,7 +28,7 @@ class AssetPermission(models.Model):
|
|||
|
||||
@property
|
||||
def is_valid(self):
|
||||
if self.date_expired < timezone.now() and self.is_active:
|
||||
if self.date_expired > timezone.now() and self.is_active:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
|
@ -68,18 +58,12 @@ class AssetPermission(models.Model):
|
|||
assets.add(asset)
|
||||
return assets
|
||||
|
||||
# class Meta:
|
||||
# db_table = 'asset_permission'
|
||||
|
||||
|
||||
# def change_permission(sender, **kwargs):
|
||||
# print('Sender: %s' % sender)
|
||||
# for k, v in kwargs.items():
|
||||
# print('%s: %s' % (k, v))
|
||||
# print()
|
||||
|
||||
#
|
||||
# m2m_changed.connect(change_permission, sender=AssetPermission.assets.through)
|
||||
|
||||
|
||||
|
||||
def check_system_user_in_assets(self):
|
||||
errors = {}
|
||||
assets = self.get_granted_assets()
|
||||
clusters = set([asset.cluster for asset in assets])
|
||||
for system_user in self.system_users.all():
|
||||
cluster_remain = clusters - set(system_user.cluster.all())
|
||||
if cluster_remain:
|
||||
errors[system_user.name] = cluster_remain
|
||||
return errors
|
||||
|
|
|
|||
|
|
@ -9,10 +9,50 @@ from .hands import User
|
|||
|
||||
|
||||
class AssetPermissionSerializer(serializers.ModelSerializer):
|
||||
assets_ = serializers.SerializerMethodField()
|
||||
asset_groups_ = serializers.SerializerMethodField()
|
||||
users_ = serializers.SerializerMethodField()
|
||||
user_groups_ = serializers.SerializerMethodField()
|
||||
system_users_ = serializers.SerializerMethodField()
|
||||
|
||||
class Meta:
|
||||
model = AssetPermission
|
||||
fields = '__all__'
|
||||
|
||||
@staticmethod
|
||||
def get_assets_(obj):
|
||||
return [asset.hostname for asset in obj.assets.all()]
|
||||
|
||||
@staticmethod
|
||||
def get_asset_groups_(obj):
|
||||
return [group.name for group in obj.asset_groups.all()]
|
||||
|
||||
@staticmethod
|
||||
def get_users_(obj):
|
||||
return [user.username for user in obj.users.all()]
|
||||
|
||||
@staticmethod
|
||||
def get_user_groups_(obj):
|
||||
return [group.name for group in obj.user_groups.all()]
|
||||
|
||||
@staticmethod
|
||||
def get_system_users_(obj):
|
||||
return [user.username for user in obj.system_users.all()]
|
||||
|
||||
|
||||
class AssetPermissionUpdateUserSerializer(serializers.ModelSerializer):
|
||||
|
||||
class Meta:
|
||||
model = AssetPermission
|
||||
fields = ['id', 'users']
|
||||
|
||||
|
||||
class AssetPermissionUpdateAssetSerializer(serializers.ModelSerializer):
|
||||
|
||||
class Meta:
|
||||
model = AssetPermission
|
||||
fields = ['id', 'assets']
|
||||
|
||||
|
||||
class UserAssetPermissionSerializer(AssetPermissionSerializer):
|
||||
is_inherited = serializers.SerializerMethodField()
|
||||
|
|
|
|||
|
|
@ -26,16 +26,6 @@
|
|||
<a href="{% url 'perms:asset-permission-asset-list' pk=asset_permission.id %}" class="text-center">
|
||||
<i class="fa fa-bar-chart-o"></i> {% trans 'Assets and asset groups' %}</a>
|
||||
</li>
|
||||
<form id="search_form" method="get" action="" class="pull-right mail-search">
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control input-sm" name="keyword" placeholder="Search" value="{{ keyword }}">
|
||||
<div class="input-group-btn">
|
||||
<button id="search_btn" type="submit" class="btn btn-sm btn-primary">
|
||||
搜索
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="tab-content">
|
||||
|
|
@ -83,7 +73,7 @@
|
|||
</td>
|
||||
|
||||
<td>
|
||||
<button title="{{ asset.inherit_from_asset_groups }}" class="btn btn-danger btn-xs {% if asset.is_inherit_from_asset_groups %} disabled {% endif %}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
<button title="{{ asset.inherit_from_asset_groups }}" data-gid="{{ asset.id }}" class="btn btn-danger btn-xs btn-remove-asset {% if asset.is_inherit_from_asset_groups %} disabled {% endif %}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
|
@ -106,16 +96,16 @@
|
|||
<form>
|
||||
<tr class="no-borders-tr">
|
||||
<td colspan="2">
|
||||
<select data-placeholder="{% trans 'Select assets' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
|
||||
{% for asset in asset_remain %}
|
||||
<option value="{{ asset.id }}">{{ asset.hostname }}: {{ asset.ip }}</option>
|
||||
<select data-placeholder="{% trans 'Select assets' %}" class="select2 asset" style="width: 100%" multiple="" tabindex="4">
|
||||
{% for asset in assets_remain %}
|
||||
<option value="{{ asset.id }}">{{ asset.hostname }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<tr class="no-borders-tr">
|
||||
<td colspan="2">
|
||||
<button type="button" class="btn btn-primary btn-sm">{% trans 'Add' %}</button>
|
||||
<button type="button" class="btn btn-primary btn-sm btn-add-assets">{% trans 'Add' %}</button>
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
|
|
@ -134,16 +124,16 @@
|
|||
<form>
|
||||
<tr>
|
||||
<td colspan="2" class="no-borders">
|
||||
<select data-placeholder="{% trans 'Select asset groups' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
|
||||
<select data-placeholder="{% trans 'Select asset groups' %}" class="select2 group" style="width: 100%" multiple="" tabindex="4">
|
||||
{% for asset_group in asset_groups_remain %}
|
||||
<option value="{{ asset_group.id }}">{{ asset_group.name }}</option>
|
||||
<option value="{{ asset_group.id }}" id="opt_{{ asset_group.id }}">{{ asset_group.name }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" class="no-borders">
|
||||
<button type="button" class="btn btn-info btn-small" id="btn_add_user_group">{% trans 'Join' %}</button>
|
||||
<button type="button" class="btn btn-info btn-sm" id="btn-add-group">{% trans 'Join' %}</button>
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
|
|
@ -152,7 +142,7 @@
|
|||
<tr>
|
||||
<td ><b class="bdg_user_group" data-gid={{ asset_group.id }}>{{ asset_group.name }}</b></td>
|
||||
<td>
|
||||
<button class="btn btn-danger btn-xs btn_delete_user_group" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
<button class="btn btn-danger btn-xs btn-remove-group" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
|
@ -169,26 +159,121 @@
|
|||
|
||||
{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
{# function switch_user_status(obj) {#}
|
||||
{# var status = $(obj).prop('checked');#}
|
||||
{##}
|
||||
{# $.ajax({#}
|
||||
{# url: "{% url 'users:user-active-api' pk=user.id %}",#}
|
||||
{# type: "PUT",#}
|
||||
{# data: {#}
|
||||
{# 'is_active': status#}
|
||||
{# },#}
|
||||
{# success: function (data, status) {#}
|
||||
{# console.log(data)#}
|
||||
{# },#}
|
||||
{# error: function () {#}
|
||||
{# console.log('error')#}
|
||||
{# }#}
|
||||
{# })#}
|
||||
{# }#}
|
||||
$(document).ready(function () {
|
||||
$('.select2').select2();
|
||||
<script>
|
||||
function addAssets(assets) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-add-asset' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
assets: assets
|
||||
};
|
||||
var success = function(data) {
|
||||
location.reload();
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body),
|
||||
success: success
|
||||
});
|
||||
}
|
||||
|
||||
function removeAssets(assets) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-remove-asset' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
assets: assets
|
||||
};
|
||||
var success = function(data) {
|
||||
location.reload();
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body),
|
||||
success: success
|
||||
});
|
||||
}
|
||||
|
||||
function updateGroup(groups) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-detail' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
asset_groups: groups
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body)
|
||||
});
|
||||
}
|
||||
|
||||
jumpserver.assets_selected = {};
|
||||
jumpserver.groups_selected = {};
|
||||
|
||||
$(document).ready(function () {
|
||||
$('.select2.asset').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.assets_selected[data.id] = data.text;
|
||||
})
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.assets_selected[data.id]
|
||||
});
|
||||
</script>
|
||||
$('.select2.group').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.groups_selected[data.id] = data.text;
|
||||
})
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.groups_selected[data.id]
|
||||
})
|
||||
})
|
||||
.on('click', '.btn-add-assets', function () {
|
||||
if (Object.keys(jumpserver.assets_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
var assets = [];
|
||||
$.map(jumpserver.assets_selected, function(value, index) {
|
||||
assets.push(index);
|
||||
});
|
||||
addAssets(assets);
|
||||
})
|
||||
.on('click', '.btn-remove-asset', function () {
|
||||
var asset_id = $(this).data("gid");
|
||||
if (asset_id === "") {
|
||||
return
|
||||
}
|
||||
var assets = [asset_id];
|
||||
removeAssets(assets)
|
||||
})
|
||||
.on('click', '#btn-add-group', function () {
|
||||
if (Object.keys(jumpserver.groups_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
var groups = $('.bdg_group').map(function() {
|
||||
return $(this).data('gid');
|
||||
}).get();
|
||||
|
||||
$.map(jumpserver.groups_selected, function(group_name, index) {
|
||||
groups.push(index);
|
||||
$('#opt_' + index).remove();
|
||||
$('.group_edit tbody').append(
|
||||
'<tr>' +
|
||||
'<td><b class="bdg_group" data-gid="' + index + '">' + group_name + '</b></td>' +
|
||||
'<td><button class="btn btn-danger btn-xs pull-right btn-leave-group" type="button"><i class="fa fa-minus"></i></button></td>' +
|
||||
'</tr>'
|
||||
)
|
||||
});
|
||||
|
||||
updateGroup(groups);
|
||||
})
|
||||
.on('click', '.btn-remove-group', function () {
|
||||
var $this = $(this);
|
||||
var $tr = $this.closest('tr');
|
||||
var groups = $('.bdg_group').map(function() {
|
||||
if ($(this).data('gid') !== $this.data('gid')){
|
||||
return $(this).data('gid');
|
||||
}
|
||||
}).get();
|
||||
updateGroup(groups);
|
||||
$tr.remove()
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -126,23 +126,6 @@
|
|||
</div>
|
||||
</span></td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td width="50%">{% trans 'Retest asset connectivity' %}:</td>
|
||||
<td>
|
||||
<span style="float: right">
|
||||
<button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Start' %}</button>
|
||||
</span>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
<tr>
|
||||
<td width="50%">{% trans 'Repush system user' %}:</td>
|
||||
<td>
|
||||
<span style="float: right">
|
||||
<button type="button" class="btn btn-primary btn-xs" style="width: 54px">{% trans 'Push' %}</button>
|
||||
</span>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
|
@ -153,21 +136,21 @@
|
|||
<i class="fa fa-info-circle"></i> {% trans 'System user' %}
|
||||
</div>
|
||||
<div class="panel-body">
|
||||
<table class="table group_edit">
|
||||
<table class="table" id="system-user-table">
|
||||
<tbody>
|
||||
<form>
|
||||
<tr>
|
||||
<td colspan="2" class="no-borders">
|
||||
<select data-placeholder="{% trans 'Select system users' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
|
||||
{% for system_user in system_users_remain %}
|
||||
<option value="{{ system_user.id }}" id="opt_{{ system_user.id }}">{{ system_user.name }}: {{ system_user.username }}</option>
|
||||
<option value="{{ system_user.id }}" id="opt_{{ system_user.id }}">{{ system_user.name }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" class="no-borders">
|
||||
<button type="button" class="btn btn-info btn-small" id="btn_add_system_user">{% trans 'Join' %}</button>
|
||||
<button type="button" class="btn btn-info btn-small" id="btn-add-system-user">{% trans 'Add' %}</button>
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
|
|
@ -176,7 +159,7 @@
|
|||
<tr>
|
||||
<td ><b class="bdg-system-user" data-uid={{ system_user.id }}>{{ system_user.name }}</b></td>
|
||||
<td>
|
||||
<button class="btn btn-danger btn-xs btn-del" data-uid="{{ system_user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
<button class="btn btn-danger btn-xs btn-remove-user" data-uid="{{ system_user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
|
@ -190,80 +173,70 @@
|
|||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
jumpserver.system_users_selected = {};
|
||||
function addSystemUser(system_users) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-detail' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
system_users: Object.assign([], system_users)
|
||||
};
|
||||
var success = function(data) {
|
||||
window.location.reload();
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body),
|
||||
success: success
|
||||
});
|
||||
}
|
||||
function removeSystemUser(system_users, tr) {
|
||||
var the_url = "{% url 'api-perms:remove-system-user-asset-permission' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
system_users: system_users
|
||||
};
|
||||
var success = function (data) {
|
||||
tr.remove()
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body),
|
||||
method: 'PUT',
|
||||
success: success
|
||||
})
|
||||
}
|
||||
$(document).ready(function () {
|
||||
$('.select2').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.system_users_selected[data.id] = data.text;
|
||||
})
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.system_users_selected[data.id]
|
||||
})
|
||||
<script>
|
||||
jumpserver.system_users_selected = {};
|
||||
|
||||
}).on('click', '.btn-delete-perm', function () {
|
||||
var $this = $(this);
|
||||
var name = "{{ asset_permission.name }}";
|
||||
var uid = "{{ asset_permission.id }}";
|
||||
var the_url = '{% url "api-perms:asset-permission-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
|
||||
var redirect_url = "{% url 'perms:asset-permission-list' %}";
|
||||
objectDelete($this, name, the_url, redirect_url);
|
||||
}).on('click', '#btn_add_system_user', function () {
|
||||
if (Object.keys(jumpserver.system_users_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
var system_users = $('.bdg-system-user').map(function() {
|
||||
return $(this).data('uid');
|
||||
}).get();
|
||||
$.map(jumpserver.system_users_selected, function(value, index) {
|
||||
system_users.push(parseInt(index));
|
||||
$('#opt_' + index).remove();
|
||||
});
|
||||
addSystemUser(system_users)
|
||||
}).on('click', '.btn-del', function () {
|
||||
var $this = $(this);
|
||||
var $uid = $this.data('uid');
|
||||
var $tr = $this.closest('tr');
|
||||
var $badge = $tr.find('.bdg-system-user');
|
||||
var $system_user = $badge.html() || $badge.text();
|
||||
$('#groups_selected').append(
|
||||
'<option value="' + $uid + '" id="opt_' + $uid + '">' + $system_user + '</option>'
|
||||
);
|
||||
removeSystemUser($uid, $tr)
|
||||
function updateSystemUser(system_users) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-detail' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
system_users: Object.assign([], system_users)
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body)
|
||||
});
|
||||
}
|
||||
|
||||
$(document).ready(function () {
|
||||
$('.select2').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.system_users_selected[data.id] = data.text;
|
||||
})
|
||||
</script>
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.system_users_selected[data.id]
|
||||
})
|
||||
})
|
||||
.on('click', '.btn-delete-perm', function () {
|
||||
var $this = $(this);
|
||||
var name = "{{ asset_permission.name }}";
|
||||
var uid = "{{ asset_permission.id }}";
|
||||
var the_url = '{% url "api-perms:asset-permission-detail" pk=DEFAULT_PK %}'.replace('{{ DEFAULT_PK }}', uid);
|
||||
var redirect_url = "{% url 'perms:asset-permission-list' %}";
|
||||
objectDelete($this, name, the_url, redirect_url);
|
||||
})
|
||||
.on('click', '#btn-add-system-user', function () {
|
||||
if (Object.keys(jumpserver.system_users_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
var system_users = $('.bdg-system-user').map(function() {
|
||||
return $(this).data('uid');
|
||||
}).get();
|
||||
|
||||
$.map(jumpserver.system_users_selected, function(name, index) {
|
||||
system_users.push(index);
|
||||
$('#opt_' + index).remove();
|
||||
$('.group_edit tbody').append(
|
||||
'<tr>' +
|
||||
'<td><b class="bdg-system-user" data-gid="' + index + '">' + name + '</b></td>' +
|
||||
'<td><button class="btn btn-danger btn-xs pull-right btn-remove-user" type="button"><i class="fa fa-minus"></i></button></td>' +
|
||||
'</tr>'
|
||||
)
|
||||
});
|
||||
updateSystemUser(system_users);
|
||||
}).on('click', '.btn-remove-user', function () {
|
||||
var $this = $(this);
|
||||
var $tr = $this.closest('tr');
|
||||
var system_users = $('.bdg-system-user').map(function() {
|
||||
if ($(this).data('uid') !== $this.data('uid')){
|
||||
return $(this).data('uid');
|
||||
}
|
||||
}).get();
|
||||
updateSystemUser(system_users);
|
||||
$tr.remove()
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -1,69 +1,96 @@
|
|||
{% extends '_base_list.html' %}
|
||||
{% load i18n %}
|
||||
{% block content_left_head %}
|
||||
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary">
|
||||
|
||||
{% block table_search %}
|
||||
{% endblock %}
|
||||
|
||||
{% block table_container %}
|
||||
<div class="uc pull-left m-r-5">
|
||||
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary ">
|
||||
{% trans "Create permission" %}
|
||||
</a>
|
||||
{% endblock %}
|
||||
|
||||
{% block table_head %}
|
||||
<th class="text-center">{% trans 'Name' %}</th>
|
||||
<th class="text-center">{% trans 'User' %}</th>
|
||||
<th class="text-center">{% trans 'User group' %}</th>
|
||||
<th class="text-center">{% trans 'Asset' %}</th>
|
||||
<th class="text-center">{% trans 'Asset group' %}</th>
|
||||
<th class="text-center">{% trans 'System user' %}</th>
|
||||
<th class="text-center">{% trans 'Is valid' %}</th>
|
||||
<th class="text-center">{% trans 'Action' %}</th>
|
||||
{% endblock %}
|
||||
|
||||
{% block table_body %}
|
||||
{% for asset_permission in asset_permission_list %}
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">
|
||||
<a href="{% url 'perms:asset-permission-detail' pk=asset_permission.id %}">
|
||||
{{ asset_permission.name }}
|
||||
</a>
|
||||
</td>
|
||||
<td class="text-center">{{ asset_permission.users.count }}</td>
|
||||
<td class="text-center">{{ asset_permission.user_groups.count }}</td>
|
||||
<td class="text-center">{{ asset_permission.assets.count }}</td>
|
||||
<td class="text-center">{{ asset_permission.asset_groups.count }}</td>
|
||||
<td class="text-center">{{ asset_permission.system_users.count }}</td>
|
||||
<td class="text-center">
|
||||
{% if asset_permission.is_valid %}
|
||||
<i class="fa fa-check text-navy"></i>
|
||||
{% else %}
|
||||
<i class="fa fa-times text-danger"></i>
|
||||
{% endif %}
|
||||
</td>
|
||||
<td class="text-center">
|
||||
<a href="{% url 'perms:asset-permission-update' pk=asset_permission.id %}"
|
||||
class="btn btn-xs btn-info">{% trans 'Update' %}
|
||||
</a>
|
||||
<a class="btn btn-xs btn-danger btn-del" data-name="{{ asset_permission.name }}"
|
||||
data-uid="{{ asset_permission.id }}">{% trans 'Delete' %}
|
||||
</a>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</div>
|
||||
<table class="table table-striped table-bordered table-hover" id="permission_list_table" >
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="text-center">
|
||||
<input type="checkbox" id="check_all" class="ipt_check_all" >
|
||||
</th>
|
||||
<th class="text-center">{% trans 'Name' %}</th>
|
||||
<th class="text-center">{% trans 'User' %}</th>
|
||||
<th class="text-center">{% trans 'User group' %}</th>
|
||||
<th class="text-center">{% trans 'Asset' %}</th>
|
||||
<th class="text-center">{% trans 'Asset group' %}</th>
|
||||
<th class="text-center">{% trans 'System user' %}</th>
|
||||
<th class="text-center">{% trans 'Is valid' %}</th>
|
||||
<th class="text-center">{% trans 'Action' %}</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
</tbody>
|
||||
</table>
|
||||
{% endblock %}
|
||||
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
$(document).ready(function() {
|
||||
$('table').DataTable({
|
||||
"searching": false,
|
||||
"paging": false,
|
||||
"order": []
|
||||
})
|
||||
}).on('click', '.btn-del', function () {
|
||||
var $this = $(this);
|
||||
var name = $this.data('name');
|
||||
var uid = $this.data('uid');
|
||||
var the_url = '{% url "api-perms:asset-permission-detail" pk=DEFAULT_PK %}'
|
||||
.replace('{{ DEFAULT_PK }}', uid);
|
||||
objectDelete($this, name, the_url);
|
||||
})
|
||||
</script>
|
||||
<script>
|
||||
function initTable() {
|
||||
var options = {
|
||||
ele: $('#permission_list_table'),
|
||||
columnDefs: [
|
||||
{targets: 1, createdCell: function (td, cellData, rowData) {
|
||||
var detail_btn = '<a href="{% url "perms:asset-permission-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';
|
||||
$(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
|
||||
}},
|
||||
{targets: 2, createdCell: function (td, cellData) {
|
||||
$(td).html(cellData.length);
|
||||
}},
|
||||
{targets: 3, createdCell: function (td, cellData) {
|
||||
$(td).html(cellData.length);
|
||||
}},
|
||||
{targets: 4, createdCell: function (td, cellData) {
|
||||
$(td).html(cellData.length);
|
||||
}},
|
||||
{targets: 5, createdCell: function (td, cellData) {
|
||||
$(td).html(cellData.length);
|
||||
}},
|
||||
{targets: 6, createdCell: function (td, cellData) {
|
||||
$(td).html(cellData.length);
|
||||
}},
|
||||
{targets: 7, createdCell: function (td, cellData) {
|
||||
if (!cellData) {
|
||||
$(td).html('<i class="fa fa-times text-danger"></i>')
|
||||
} else {
|
||||
$(td).html('<i class="fa fa-check text-navy"></i>')
|
||||
}
|
||||
}},
|
||||
{targets: 8, createdCell: function (td, cellData) {
|
||||
var update_btn = '<a href="{% url "perms:asset-permission-update" pk=DEFAULT_PK %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
|
||||
var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-del-permission" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
|
||||
$(td).html(update_btn + del_btn);
|
||||
}}
|
||||
|
||||
],
|
||||
ajax_url: '{% url "api-perms:asset-permission-list" %}',
|
||||
columns: [
|
||||
{data: "id" }, {data: "name"}, {data: "users_" }, {data: "user_groups_" }, {data: "assets_" },
|
||||
{data: "asset_groups_"}, {data: "system_users_"}, {data: "is_active"}, {data: "id" }
|
||||
],
|
||||
op_html: $('#actions').html()
|
||||
};
|
||||
jumpserver.initDataTable(options);
|
||||
}
|
||||
|
||||
$(document).ready(function(){
|
||||
initTable();
|
||||
})
|
||||
|
||||
.on('click', '.btn-del', function () {
|
||||
var $this = $(this);
|
||||
var name = $this.data('name');
|
||||
var uid = $this.data('uid');
|
||||
var the_url = '{% url "api-perms:asset-permission-detail" pk=DEFAULT_PK %}'
|
||||
.replace('{{ DEFAULT_PK }}', uid);
|
||||
objectDelete($this, name, the_url);
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -26,16 +26,6 @@
|
|||
<a href="{% url 'perms:asset-permission-asset-list' pk=asset_permission.id %}" class="text-center">
|
||||
<i class="fa fa-bar-chart-o"></i> {% trans 'Assets and asset groups' %}</a>
|
||||
</li>
|
||||
<form id="search_form" method="get" action="" class="pull-right mail-search">
|
||||
<div class="input-group">
|
||||
<input type="text" class="form-control input-sm" name="keyword" placeholder="Search" value="{{ keyword }}">
|
||||
<div class="input-group-btn">
|
||||
<button id="search_btn" type="submit" class="btn btn-sm btn-primary">
|
||||
搜索
|
||||
</button>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</ul>
|
||||
</div>
|
||||
<div class="tab-content">
|
||||
|
|
@ -83,7 +73,7 @@
|
|||
</td>
|
||||
|
||||
<td>
|
||||
<button class="btn btn-danger btn-xs btn_delete_user_group {% if user.is_inherit_from_user_groups %} disabled {% endif %}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
<button class="btn btn-danger btn-xs btn-remove-user {% if user.is_inherit_from_user_groups %} disabled {% endif %}" data-gid="{{ user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
|
@ -108,7 +98,7 @@
|
|||
<td colspan="2">
|
||||
<select data-placeholder="{% trans 'Select user' %}" class="select2 user" style="width: 100%" multiple="" tabindex="4">
|
||||
{% for user in users_remain %}
|
||||
<option value="{{ user.id }}">{{ user.name }}: {{ user.username }}</option>
|
||||
<option value="{{ user.id }}">{{ user.name }}</option>
|
||||
{% endfor %}
|
||||
</select>
|
||||
</td>
|
||||
|
|
@ -143,16 +133,16 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<td colspan="2" class="no-borders">
|
||||
<button type="button" class="btn btn-info btn-small" id="btn_add_user_group">{% trans 'Add' %}</button>
|
||||
<button type="button" class="btn btn-info btn-sm" id="btn-add-group">{% trans 'Add' %}</button>
|
||||
</td>
|
||||
</tr>
|
||||
</form>
|
||||
|
||||
{% for user_group in user_groups %}
|
||||
<tr>
|
||||
<td ><b class="bdg_user_group" data-gid={{ user_group.id }}>{{ user_group.name }}</b></td>
|
||||
<td ><b class="bdg_group" data-gid={{ user_group.id }}>{{ user_group.name }}</b></td>
|
||||
<td>
|
||||
<button class="btn btn-danger btn-xs btn_delete_user_group" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
<button class="btn btn-danger btn-xs btn-remove-group" type="button" data-gid="{{ user_group.id }}" style="float: right;"><i class="fa fa-minus"></i></button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
|
|
@ -169,30 +159,118 @@
|
|||
|
||||
{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
jumpserver.users_selected = {};
|
||||
jumpserver.user_groups_selected = {};
|
||||
$(document).ready(function () {
|
||||
$('.select2.user').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.users_selected[data.id] = data.text;
|
||||
})
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.users_selected[data.id]
|
||||
});
|
||||
$('.select2.user-group').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.user_groups_selected[data.id] = data.text;
|
||||
})
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.user_groups_selected[data.id]
|
||||
})
|
||||
}).on('click', '.btn-add-user', function () {
|
||||
console.log(jumpserver.users_selected)
|
||||
<script>
|
||||
jumpserver.users_selected = {};
|
||||
jumpserver.groups_selected = {};
|
||||
|
||||
function addUsers(users) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-add-user' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
users: users
|
||||
};
|
||||
var success = function(data) {
|
||||
location.reload();
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body),
|
||||
success: success
|
||||
});
|
||||
}
|
||||
|
||||
function removeUser(users) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-remove-user' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
users: users
|
||||
};
|
||||
var success = function(data) {
|
||||
location.reload();
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body),
|
||||
success: success
|
||||
});
|
||||
}
|
||||
|
||||
function updateGroup(groups) {
|
||||
var the_url = "{% url 'api-perms:asset-permission-detail' pk=asset_permission.id %}";
|
||||
var body = {
|
||||
user_groups: groups
|
||||
};
|
||||
APIUpdateAttr({
|
||||
url: the_url,
|
||||
body: JSON.stringify(body)
|
||||
});
|
||||
}
|
||||
|
||||
$(document).ready(function () {
|
||||
$('.select2.user').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.users_selected[data.id] = data.text;
|
||||
})
|
||||
</script>
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.users_selected[data.id]
|
||||
});
|
||||
$('.select2.user-group').select2()
|
||||
.on('select2:select', function(evt) {
|
||||
var data = evt.params.data;
|
||||
jumpserver.groups_selected[data.id] = data.text;
|
||||
})
|
||||
.on('select2:unselect', function(evt) {
|
||||
var data = evt.params.data;
|
||||
delete jumpserver.groups_selected[data.id]
|
||||
})
|
||||
}).on('click', '.btn-add-user', function () {
|
||||
if (Object.keys(jumpserver.users_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
var users_id = [];
|
||||
$.map(jumpserver.users_selected, function(value, index) {
|
||||
users_id.push(index);
|
||||
});
|
||||
console.log(users_id);
|
||||
addUsers(users_id);
|
||||
}).on('click', '.btn-remove-user', function () {
|
||||
var user_id = $(this).data("gid");
|
||||
if (user_id === "") {
|
||||
return
|
||||
}
|
||||
var users = [user_id];
|
||||
removeUser(users)
|
||||
}).on('click', '#btn-add-group', function () {
|
||||
if (Object.keys(jumpserver.groups_selected).length === 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
var groups = $('.bdg_group').map(function() {
|
||||
return $(this).data('gid');
|
||||
}).get();
|
||||
|
||||
$.map(jumpserver.groups_selected, function(group_name, index) {
|
||||
groups.push(index);
|
||||
$('#opt_' + index).remove();
|
||||
$('.group_edit tbody').append(
|
||||
'<tr>' +
|
||||
'<td><b class="bdg_group" data-gid="' + index + '">' + group_name + '</b></td>' +
|
||||
'<td><button class="btn btn-danger btn-xs pull-right btn-leave-group" type="button"><i class="fa fa-minus"></i></button></td>' +
|
||||
'</tr>'
|
||||
)
|
||||
});
|
||||
|
||||
updateGroup(groups);
|
||||
}).on('click', '.btn-remove-group', function () {
|
||||
var $this = $(this);
|
||||
var $tr = $this.closest('tr');
|
||||
var groups = $('.bdg_group').map(function() {
|
||||
if ($(this).data('gid') !== $this.data('gid')){
|
||||
return $(this).data('gid');
|
||||
}
|
||||
}).get();
|
||||
updateGroup(groups);
|
||||
$tr.remove()
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
|
|
|||
|
|
@ -19,41 +19,22 @@ urlpatterns = [
|
|||
url(r'^v1/user/my/asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', api.MyAssetGroupOfAssetsApi.as_view(), name='my-asset-group-of-assets'),
|
||||
|
||||
# 查询某个用户授权的资产和资产组
|
||||
url(r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$',
|
||||
api.UserGrantedAssetsApi.as_view(),
|
||||
name='user-assets'),
|
||||
url(r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups/$',
|
||||
api.UserGrantedAssetGroupsApi.as_view(),
|
||||
name='user-asset-groups'),
|
||||
url(r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups-assets/$',
|
||||
api.UserGrantedAssetGroupsWithAssetsApi.as_view(),
|
||||
name='user-asset-groups'),
|
||||
url(r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', api.UserGrantedAssetsApi.as_view(), name='user-assets'),
|
||||
url(r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups/$', api.UserGrantedAssetGroupsApi.as_view(), name='user-asset-groups'),
|
||||
url(r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups-assets/$', api.UserGrantedAssetGroupsWithAssetsApi.as_view(), name='user-asset-groups'),
|
||||
|
||||
# 查询某个用户组授权的资产和资产组
|
||||
url(r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$',
|
||||
api.UserGroupGrantedAssetsApi.as_view(),
|
||||
name='user-group-assets'),
|
||||
url(r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups/$',
|
||||
api.UserGroupGrantedAssetGroupsApi.as_view(),
|
||||
name='user-group-asset-groups'),
|
||||
url(r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', api.UserGroupGrantedAssetsApi.as_view(), name='user-group-assets'),
|
||||
url(r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups/$', api.UserGroupGrantedAssetGroupsApi.as_view(), name='user-group-asset-groups'),
|
||||
|
||||
# 回收用户或用户组授权
|
||||
url(r'^v1/asset-permissions/user/revoke/$',
|
||||
api.RevokeUserAssetPermission.as_view(),
|
||||
name='revoke-user-asset-permission'),
|
||||
url(r'^v1/asset-permissions/user-group/revoke/$',
|
||||
api.RevokeUserGroupAssetPermission.as_view(),
|
||||
name='revoke-user-group-asset-permission'),
|
||||
# 用户和资产授权变更
|
||||
url(r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/user/remove/$', api.AssetPermissionRemoveUserApi.as_view(), name='asset-permission-remove-user'),
|
||||
url(r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/user/add/$', api.AssetPermissionAddUserApi.as_view(), name='asset-permission-add-user'),
|
||||
url(r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/asset/remove/$', api.AssetPermissionRemoveAssetApi.as_view(), name='asset-permission-remove-asset'),
|
||||
url(r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/asset/add/$', api.AssetPermissionAddAssetApi.as_view(), name='asset-permission-add-asset'),
|
||||
|
||||
# 验证用户是否有某个资产和系统用户的权限
|
||||
url(r'v1/asset-permission/user/validate/$',
|
||||
api.ValidateUserAssetPermissionView.as_view(),
|
||||
name='validate-user-asset-permission'),
|
||||
|
||||
# 删除asset permission中的某个系统用户
|
||||
url(r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/system-user/remove/$',
|
||||
api.RemoveSystemUserAssetPermission.as_view(),
|
||||
name='remove-system-user-asset-permission'),
|
||||
url(r'v1/asset-permission/user/validate/$', api.ValidateUserAssetPermissionView.as_view(), name='validate-user-asset-permission'),
|
||||
]
|
||||
|
||||
urlpatterns += router.urls
|
||||
|
|
|
|||
|
|
@ -179,31 +179,3 @@ def push_system_user(assets, system_user):
|
|||
system_user = system_user._to_secret_json()
|
||||
task = push_users.delay(assets, system_user)
|
||||
return task.id
|
||||
|
||||
|
||||
def associate_system_users_and_assets(system_users, assets, asset_groups, force=False):
|
||||
"""关联系统用户和资产, 目的是保存它们的关系, 然后新加入的资产或系统
|
||||
用户时,推送系统用户到资产
|
||||
|
||||
Todo: 这里需要最终Api定下来更改一下, 现在策略是以系统用户为核心推送, 一个系统用户
|
||||
推送一次
|
||||
"""
|
||||
assets_all = set(assets)
|
||||
|
||||
for asset_group in asset_groups:
|
||||
assets_all |= set(asset_group.assets.all())
|
||||
|
||||
for system_user in system_users:
|
||||
assets_need_push = []
|
||||
if system_user.auto_push:
|
||||
if force:
|
||||
assets_need_push = assets_all
|
||||
else:
|
||||
assets_need_push.extend(
|
||||
[asset for asset in assets_all
|
||||
if asset not in system_user.assets.all()
|
||||
]
|
||||
)
|
||||
system_user.assets.add(*(tuple(assets_all)))
|
||||
push_system_user(assets_need_push, system_user)
|
||||
|
||||
|
|
|
|||
|
|
@ -2,24 +2,19 @@
|
|||
|
||||
from __future__ import unicode_literals, absolute_import
|
||||
|
||||
import functools
|
||||
|
||||
from django.utils.translation import ugettext as _
|
||||
from django.db import transaction
|
||||
from django.conf import settings
|
||||
from django.db.models import Q
|
||||
from django.views.generic import ListView, CreateView, UpdateView
|
||||
from django.views.generic.edit import DeleteView, FormView
|
||||
from django.urls import reverse_lazy
|
||||
from django.contrib.messages.views import SuccessMessageMixin
|
||||
from django.views.generic.detail import DetailView, SingleObjectMixin
|
||||
from django.contrib import messages
|
||||
|
||||
from common.utils import search_object_attr
|
||||
from .hands import AdminUserRequiredMixin, User, UserGroup, SystemUser, \
|
||||
Asset, AssetGroup
|
||||
from .models import AssetPermission
|
||||
from .forms import AssetPermissionForm
|
||||
# from .utils import associate_system_users_and_assets
|
||||
|
||||
|
||||
class AssetPermissionListView(AdminUserRequiredMixin, ListView):
|
||||
|
|
@ -32,52 +27,34 @@ class AssetPermissionListView(AdminUserRequiredMixin, ListView):
|
|||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Asset permission list'),
|
||||
'keyword': self.keyword,
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super(AssetPermissionListView, self).get_context_data(**kwargs)
|
||||
|
||||
def get_queryset(self):
|
||||
self.queryset = super(AssetPermissionListView, self).get_queryset()
|
||||
self.keyword = keyword = self.request.GET.get('keyword', '')
|
||||
self.sort = sort = self.request.GET.get('sort', '-date_created')
|
||||
|
||||
if keyword:
|
||||
self.queryset = self.queryset\
|
||||
.filter(Q(users__name__contains=keyword) |
|
||||
Q(users__username__contains=keyword) |
|
||||
Q(user_groups__name__contains=keyword) |
|
||||
Q(assets__ip__contains=keyword) |
|
||||
Q(assets__hostname__contains=keyword) |
|
||||
Q(system_users__username__icontains=keyword) |
|
||||
Q(system_users__name__icontains=keyword) |
|
||||
Q(asset_groups__name__icontains=keyword) |
|
||||
Q(comment__icontains=keyword) |
|
||||
Q(name__icontains=keyword)).distinct()
|
||||
if sort:
|
||||
self.queryset = self.queryset.order_by(sort)
|
||||
return self.queryset
|
||||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionCreateView(AdminUserRequiredMixin,
|
||||
SuccessMessageMixin,
|
||||
CreateView):
|
||||
model = AssetPermission
|
||||
form_class = AssetPermissionForm
|
||||
template_name = 'perms/asset_permission_create_update.html'
|
||||
success_url = reverse_lazy('perms:asset-permission-list')
|
||||
class MessageMixin:
|
||||
def form_valid(self, form):
|
||||
response = super().form_valid(form)
|
||||
errors = self.object.check_system_user_in_assets()
|
||||
if errors:
|
||||
message = self.get_warning_messages(errors)
|
||||
messages.warning(self.request, message)
|
||||
else:
|
||||
message = self.get_success_message(form.cleaned_data)
|
||||
messages.success(self.request, message)
|
||||
|
||||
@transaction.atomic
|
||||
def post(self, request, *args, **kwargs):
|
||||
return super(AssetPermissionCreateView, self).post(request, *args, **kwargs)
|
||||
success_message = self.get_success_message(form.cleaned_data)
|
||||
if success_message:
|
||||
messages.success(self.request, success_message)
|
||||
return response
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Create asset permission'),
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super(AssetPermissionCreateView, self).get_context_data(**kwargs)
|
||||
@staticmethod
|
||||
def get_warning_messages(errors):
|
||||
message = "System user should in behind clusters, so that " \
|
||||
"system user auto push to cluster assets <br>"
|
||||
for system_user, clusters in errors:
|
||||
message += "{}: {} ".format(system_user.name, ", ".join(list(clusters)))
|
||||
return message
|
||||
|
||||
def get_success_message(self, cleaned_data):
|
||||
url = reverse_lazy('perms:asset-permission-detail',
|
||||
|
|
@ -87,24 +64,29 @@ class AssetPermissionCreateView(AdminUserRequiredMixin,
|
|||
'successfully.'.format(url=url, name=self.object.name))
|
||||
return success_message
|
||||
|
||||
# Todo: When create push system user
|
||||
# def form_valid(self, form):
|
||||
# assets = form.cleaned_data['assets']
|
||||
# asset_groups = form.cleaned_data['asset_groups']
|
||||
# system_users = form.cleaned_data['system_users']
|
||||
# response = super(AssetPermissionCreateView, self).form_valid(form)
|
||||
# self.object.created_by = self.request.user.name
|
||||
# self.object.save()
|
||||
# return response
|
||||
|
||||
|
||||
class AssetPermissionUpdateView(AdminUserRequiredMixin, UpdateView):
|
||||
class AssetPermissionCreateView(AdminUserRequiredMixin,
|
||||
MessageMixin,
|
||||
CreateView):
|
||||
model = AssetPermission
|
||||
form_class = AssetPermissionForm
|
||||
template_name = 'perms/asset_permission_create_update.html'
|
||||
success_url = reverse_lazy('perms:asset-permission-list')
|
||||
warning = None
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Create asset permission'),
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionUpdateView(AdminUserRequiredMixin, MessageMixin, UpdateView):
|
||||
model = AssetPermission
|
||||
form_class = AssetPermissionForm
|
||||
template_name = 'perms/asset_permission_create_update.html'
|
||||
success_message = _(
|
||||
'Update asset permission <a href="{url}"> {name} </a> successfully.'
|
||||
)
|
||||
success_url = reverse_lazy("perms:asset-permission-list")
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
|
|
@ -113,14 +95,7 @@ class AssetPermissionUpdateView(AdminUserRequiredMixin, UpdateView):
|
|||
'action': _('Update asset permission')
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super(AssetPermissionUpdateView, self).get_context_data(**kwargs)
|
||||
|
||||
def get_success_message(self):
|
||||
url = reverse_lazy('perms:asset-permission-detail',
|
||||
kwargs={'pk': self.object.pk})
|
||||
return self.success_message.format(
|
||||
url=url, name=self.object.name
|
||||
)
|
||||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionDetailView(AdminUserRequiredMixin, DetailView):
|
||||
|
|
@ -138,7 +113,7 @@ class AssetPermissionDetailView(AdminUserRequiredMixin, DetailView):
|
|||
'system_users': self.object.system_users.all(),
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super(AssetPermissionDetailView, self).get_context_data(**kwargs)
|
||||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionDeleteView(AdminUserRequiredMixin, DeleteView):
|
||||
|
|
@ -153,40 +128,28 @@ class AssetPermissionUserView(AdminUserRequiredMixin,
|
|||
template_name = 'perms/asset_permission_user.html'
|
||||
context_object_name = 'asset_permission'
|
||||
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
|
||||
object = None
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
self.object = self.get_object(queryset=AssetPermission.objects.all())
|
||||
self.keyword = self.request.GET.get('keyword', '')
|
||||
return super(AssetPermissionUserView, self).get(request, *args, **kwargs)
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = self.object.get_granted_users()
|
||||
if self.keyword:
|
||||
search_func = functools.partial(
|
||||
search_object_attr,
|
||||
value=self.keyword,
|
||||
attr_list=['username', 'name', 'email'],
|
||||
ignore_case=True)
|
||||
queryset = filter(search_func, queryset)
|
||||
return queryset
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
users_granted = self.get_queryset()
|
||||
user_groups_granted = self.object.user_groups.all()
|
||||
groups_granted = self.object.user_groups.all()
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Asset permission user list'),
|
||||
'users_remain': [
|
||||
user for user in User.objects.all()
|
||||
if user not in users_granted],
|
||||
'users_remain': User.objects.exclude(id__in=[user.id for user in users_granted]),
|
||||
'user_groups': self.object.user_groups.all(),
|
||||
'user_groups_remain': [
|
||||
user_group for user_group in UserGroup.objects.all()
|
||||
if user_group not in user_groups_granted],
|
||||
'keyword': self.keyword,
|
||||
'user_groups_remain': UserGroup.objects.exclude(id__in=[group.id for group in groups_granted])
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super(AssetPermissionUserView, self).get_context_data(**kwargs)
|
||||
return super().get_context_data(**kwargs)
|
||||
|
||||
|
||||
class AssetPermissionAssetView(AdminUserRequiredMixin,
|
||||
|
|
@ -195,37 +158,25 @@ class AssetPermissionAssetView(AdminUserRequiredMixin,
|
|||
template_name = 'perms/asset_permission_asset.html'
|
||||
context_object_name = 'asset_permission'
|
||||
paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
|
||||
object = None
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
self.object = self.get_object(queryset=AssetPermission.objects.all())
|
||||
self.keyword = self.request.GET.get('keyword', '')
|
||||
return super(AssetPermissionAssetView, self)\
|
||||
.get(request, *args, **kwargs)
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = self.object.get_granted_assets()
|
||||
if self.keyword:
|
||||
search_func = functools.partial(
|
||||
search_object_attr, value=self.keyword,
|
||||
attr_list=['hostname', 'ip'],
|
||||
ignore_case=True)
|
||||
queryset = filter(search_func, queryset)
|
||||
return queryset
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
assets_granted = self.get_queryset()
|
||||
asset_groups_granted = self.object.user_groups.all()
|
||||
groups_granted = self.object.asset_groups.all()
|
||||
context = {
|
||||
'app': _('Perms'),
|
||||
'action': _('Asset permission asset list'),
|
||||
'assets_remain': [
|
||||
asset for asset in Asset.objects.all()
|
||||
if asset not in assets_granted],
|
||||
'assets_remain': Asset.objects.exclude(id__in=[asset.id for asset in assets_granted]),
|
||||
'asset_groups': self.object.asset_groups.all(),
|
||||
'asset_groups_remain': [
|
||||
asset_group for asset_group in AssetGroup.objects.all()
|
||||
if asset_group not in asset_groups_granted],
|
||||
'keyword': self.keyword,
|
||||
'asset_groups_remain': AssetGroup.objects.exclude(id__in=[group.id for group in groups_granted])
|
||||
}
|
||||
kwargs.update(context)
|
||||
return super(AssetPermissionAssetView, self).get_context_data(**kwargs)
|
||||
return super().get_context_data(**kwargs)
|
||||
|
|
|
|||
Loading…
Reference in New Issue