mirror of https://github.com/jumpserver/jumpserver
Merge branch 'dev' of github.com:jumpserver/jumpserver into dev
ibuler
commit
40d48cdfe4
|
|
@ -61,13 +61,19 @@ class AssetSystemUserSerializer(serializers.ModelSerializer):
|
|||
"""
|
||||
查看授权的资产系统用户的数据结构,这个和AssetSerializer不同,字段少
|
||||
"""
|
||||
actions = serializers.SerializerMethodField()
|
||||
|
||||
class Meta:
|
||||
model = SystemUser
|
||||
fields = (
|
||||
'id', 'name', 'username', 'priority',
|
||||
'protocol', 'comment', 'login_mode'
|
||||
'protocol', 'comment', 'login_mode', 'actions',
|
||||
)
|
||||
|
||||
@staticmethod
|
||||
def get_actions(obj):
|
||||
return [action.name for action in obj.actions]
|
||||
|
||||
|
||||
class SystemUserSimpleSerializer(serializers.ModelSerializer):
|
||||
"""
|
||||
|
|
|
|||
Binary file not shown.
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: Jumpserver 0.3.3\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2019-03-29 17:11+0800\n"
|
||||
"POT-Creation-Date: 2019-04-22 11:30+0800\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: ibuler <ibuler@qq.com>\n"
|
||||
"Language-Team: Jumpserver team<ibuler@qq.com>\n"
|
||||
|
|
@ -17,6 +17,10 @@ msgstr ""
|
|||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
|
||||
#: assets/api/asset.py:112
|
||||
msgid "Please select assets that need to be updated"
|
||||
msgstr "请选择需要更新的资产"
|
||||
|
||||
#: assets/api/node.py:58
|
||||
msgid "You can't update the root node name"
|
||||
msgstr "不能修改根节点名称"
|
||||
|
|
@ -32,7 +36,7 @@ msgstr "测试节点下资产是否可连接: {}"
|
|||
#: assets/forms/asset.py:27 assets/models/asset.py:80 assets/models/user.py:133
|
||||
#: assets/templates/assets/asset_detail.html:194
|
||||
#: assets/templates/assets/asset_detail.html:202
|
||||
#: assets/templates/assets/system_user_asset.html:95 perms/models.py:31
|
||||
#: assets/templates/assets/system_user_asset.html:95 perms/models.py:51
|
||||
#: xpack/plugins/change_auth_plan/models.py:69
|
||||
msgid "Nodes"
|
||||
msgstr "节点管理"
|
||||
|
|
@ -69,7 +73,7 @@ msgstr "网域"
|
|||
#: assets/forms/asset.py:112 assets/models/node.py:31
|
||||
#: assets/templates/assets/asset_create.html:30
|
||||
#: assets/templates/assets/asset_update.html:35 perms/forms.py:45
|
||||
#: perms/forms.py:52 perms/models.py:84
|
||||
#: perms/forms.py:55 perms/models.py:105
|
||||
#: perms/templates/perms/asset_permission_list.html:57
|
||||
#: perms/templates/perms/asset_permission_list.html:78
|
||||
#: perms/templates/perms/asset_permission_list.html:128
|
||||
|
|
@ -116,7 +120,7 @@ msgstr "选择资产"
|
|||
#: assets/templates/assets/system_user_list.html:33 audits/models.py:19
|
||||
#: audits/templates/audits/ftp_log_list.html:41
|
||||
#: audits/templates/audits/ftp_log_list.html:71 perms/forms.py:42
|
||||
#: perms/models.py:30
|
||||
#: perms/models.py:50
|
||||
#: perms/templates/perms/asset_permission_create_update.html:45
|
||||
#: perms/templates/perms/asset_permission_list.html:56
|
||||
#: perms/templates/perms/asset_permission_list.html:125
|
||||
|
|
@ -126,7 +130,7 @@ msgstr "选择资产"
|
|||
#: terminal/templates/terminal/session_list.html:41
|
||||
#: terminal/templates/terminal/session_list.html:72
|
||||
#: xpack/plugins/change_auth_plan/forms.py:114
|
||||
#: xpack/plugins/change_auth_plan/models.py:408
|
||||
#: xpack/plugins/change_auth_plan/models.py:409
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_create_update.html:46
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_list.html:54
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_subtask_list.html:13
|
||||
|
|
@ -160,7 +164,7 @@ msgstr "SSH网关,支持代理SSH,RDP和VNC"
|
|||
#: assets/templates/assets/system_user_detail.html:58
|
||||
#: assets/templates/assets/system_user_list.html:29 ops/models/adhoc.py:37
|
||||
#: ops/templates/ops/task_detail.html:60 ops/templates/ops/task_list.html:27
|
||||
#: orgs/models.py:12 perms/models.py:27
|
||||
#: orgs/models.py:12 perms/models.py:17 perms/models.py:47
|
||||
#: perms/templates/perms/asset_permission_detail.html:62
|
||||
#: perms/templates/perms/asset_permission_list.html:53
|
||||
#: perms/templates/perms/asset_permission_list.html:72
|
||||
|
|
@ -214,7 +218,7 @@ msgstr "名称"
|
|||
#: users/templates/users/user_profile.html:47
|
||||
#: xpack/plugins/change_auth_plan/forms.py:99
|
||||
#: xpack/plugins/change_auth_plan/models.py:60
|
||||
#: xpack/plugins/change_auth_plan/models.py:404
|
||||
#: xpack/plugins/change_auth_plan/models.py:405
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:65
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_list.html:53
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_subtask_list.html:12
|
||||
|
|
@ -241,7 +245,7 @@ msgstr "密码或密钥密码"
|
|||
#: users/templates/users/user_pubkey_update.html:40
|
||||
#: users/templates/users/user_update.html:20
|
||||
#: xpack/plugins/change_auth_plan/models.py:90
|
||||
#: xpack/plugins/change_auth_plan/models.py:259
|
||||
#: xpack/plugins/change_auth_plan/models.py:260
|
||||
msgid "Password"
|
||||
msgstr "密码"
|
||||
|
||||
|
|
@ -380,7 +384,7 @@ msgid "CPU model"
|
|||
msgstr "CPU型号"
|
||||
|
||||
#: assets/models/asset.py:96
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:71
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:80
|
||||
msgid "CPU count"
|
||||
msgstr "CPU数量"
|
||||
|
||||
|
|
@ -435,8 +439,8 @@ msgstr "标签管理"
|
|||
#: assets/templates/assets/cmd_filter_detail.html:77
|
||||
#: assets/templates/assets/domain_detail.html:72
|
||||
#: assets/templates/assets/system_user_detail.html:100
|
||||
#: ops/templates/ops/adhoc_detail.html:86 orgs/models.py:15 perms/models.py:36
|
||||
#: perms/models.py:89 perms/templates/perms/asset_permission_detail.html:98
|
||||
#: ops/templates/ops/adhoc_detail.html:86 orgs/models.py:15 perms/models.py:57
|
||||
#: perms/models.py:110 perms/templates/perms/asset_permission_detail.html:98
|
||||
#: users/models/user.py:102 users/templates/users/user_detail.html:111
|
||||
#: xpack/plugins/change_auth_plan/models.py:103
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:113
|
||||
|
|
@ -451,7 +455,7 @@ msgstr "创建者"
|
|||
#: assets/templates/assets/domain_detail.html:68
|
||||
#: assets/templates/assets/system_user_detail.html:96
|
||||
#: ops/templates/ops/adhoc_detail.html:90 ops/templates/ops/task_detail.html:64
|
||||
#: orgs/models.py:16 perms/models.py:37 perms/models.py:90
|
||||
#: orgs/models.py:16 perms/models.py:58 perms/models.py:111
|
||||
#: perms/templates/perms/asset_permission_detail.html:94
|
||||
#: terminal/templates/terminal/terminal_detail.html:59 users/models/group.py:17
|
||||
#: users/templates/users/user_group_detail.html:63
|
||||
|
|
@ -479,7 +483,7 @@ msgstr "创建日期"
|
|||
#: assets/templates/assets/system_user_detail.html:104
|
||||
#: assets/templates/assets/system_user_list.html:37
|
||||
#: assets/templates/assets/user_asset_list.html:171 ops/models/adhoc.py:43
|
||||
#: orgs/models.py:17 perms/models.py:38 perms/models.py:91
|
||||
#: orgs/models.py:17 perms/models.py:59 perms/models.py:112
|
||||
#: perms/templates/perms/asset_permission_detail.html:102 settings/models.py:34
|
||||
#: terminal/models.py:32 terminal/templates/terminal/terminal_detail.html:63
|
||||
#: users/models/group.py:15 users/models/user.py:94
|
||||
|
|
@ -537,12 +541,12 @@ msgid "AuthBook"
|
|||
msgstr ""
|
||||
|
||||
#: assets/models/base.py:29 xpack/plugins/change_auth_plan/models.py:94
|
||||
#: xpack/plugins/change_auth_plan/models.py:266
|
||||
#: xpack/plugins/change_auth_plan/models.py:267
|
||||
msgid "SSH private key"
|
||||
msgstr "ssh密钥"
|
||||
|
||||
#: assets/models/base.py:30 xpack/plugins/change_auth_plan/models.py:97
|
||||
#: xpack/plugins/change_auth_plan/models.py:262
|
||||
#: xpack/plugins/change_auth_plan/models.py:263
|
||||
msgid "SSH public key"
|
||||
msgstr "ssh公钥"
|
||||
|
||||
|
|
@ -580,7 +584,7 @@ msgid "Default"
|
|||
msgstr "默认"
|
||||
|
||||
#: assets/models/cluster.py:36 assets/models/label.py:14
|
||||
#: users/models/user.py:473
|
||||
#: users/models/user.py:475
|
||||
msgid "System"
|
||||
msgstr "系统"
|
||||
|
||||
|
|
@ -675,6 +679,8 @@ msgstr "每行一个命令"
|
|||
#: audits/templates/audits/operate_log_list.html:67
|
||||
#: ops/templates/ops/adhoc_history.html:59 ops/templates/ops/task_adhoc.html:64
|
||||
#: ops/templates/ops/task_history.html:65 ops/templates/ops/task_list.html:34
|
||||
#: perms/forms.py:51 perms/models.py:21 perms/models.py:53
|
||||
#: perms/templates/perms/asset_permission_create_update.html:50
|
||||
#: perms/templates/perms/asset_permission_list.html:60
|
||||
#: settings/templates/settings/terminal_setting.html:82
|
||||
#: settings/templates/settings/terminal_setting.html:104
|
||||
|
|
@ -719,7 +725,7 @@ msgstr "默认资产组"
|
|||
#: audits/templates/audits/password_change_log_list.html:50
|
||||
#: ops/templates/ops/command_execution_list.html:35
|
||||
#: ops/templates/ops/command_execution_list.html:60 perms/forms.py:36
|
||||
#: perms/models.py:28
|
||||
#: perms/models.py:48
|
||||
#: perms/templates/perms/asset_permission_create_update.html:41
|
||||
#: perms/templates/perms/asset_permission_list.html:54
|
||||
#: perms/templates/perms/asset_permission_list.html:119 templates/index.html:87
|
||||
|
|
@ -728,7 +734,7 @@ msgstr "默认资产组"
|
|||
#: terminal/templates/terminal/command_list.html:72
|
||||
#: terminal/templates/terminal/session_list.html:33
|
||||
#: terminal/templates/terminal/session_list.html:71 users/forms.py:283
|
||||
#: users/models/user.py:36 users/models/user.py:461
|
||||
#: users/models/user.py:36 users/models/user.py:463
|
||||
#: users/templates/users/user_group_detail.html:78
|
||||
#: users/templates/users/user_group_list.html:13 users/views/user.py:386
|
||||
#: xpack/plugins/orgs/forms.py:26
|
||||
|
|
@ -768,9 +774,9 @@ msgstr "手动登录"
|
|||
#: assets/templates/assets/system_user_detail.html:22
|
||||
#: assets/views/admin_user.py:29 assets/views/admin_user.py:47
|
||||
#: assets/views/admin_user.py:63 assets/views/admin_user.py:78
|
||||
#: assets/views/admin_user.py:102 assets/views/asset.py:50
|
||||
#: assets/views/asset.py:66 assets/views/asset.py:103 assets/views/asset.py:147
|
||||
#: assets/views/asset.py:164 assets/views/asset.py:188
|
||||
#: assets/views/admin_user.py:102 assets/views/asset.py:51
|
||||
#: assets/views/asset.py:67 assets/views/asset.py:104 assets/views/asset.py:145
|
||||
#: assets/views/asset.py:162 assets/views/asset.py:186
|
||||
#: assets/views/cmd_filter.py:30 assets/views/cmd_filter.py:46
|
||||
#: assets/views/cmd_filter.py:62 assets/views/cmd_filter.py:78
|
||||
#: assets/views/cmd_filter.py:97 assets/views/cmd_filter.py:130
|
||||
|
|
@ -807,7 +813,7 @@ msgstr "登录模式"
|
|||
#: assets/models/user.py:247 assets/templates/assets/user_asset_list.html:168
|
||||
#: audits/models.py:20 audits/templates/audits/ftp_log_list.html:49
|
||||
#: audits/templates/audits/ftp_log_list.html:72 perms/forms.py:48
|
||||
#: perms/models.py:32 perms/models.py:86
|
||||
#: perms/models.py:52 perms/models.py:107
|
||||
#: perms/templates/perms/asset_permission_detail.html:140
|
||||
#: perms/templates/perms/asset_permission_list.html:58
|
||||
#: perms/templates/perms/asset_permission_list.html:79
|
||||
|
|
@ -954,7 +960,7 @@ msgstr "资产csv文件"
|
|||
msgid "If set id, will use this id update asset existed"
|
||||
msgstr "如果设置了id,则会使用该行信息更新该id的资产"
|
||||
|
||||
#: assets/templates/assets/_asset_list_modal.html:7 assets/views/asset.py:51
|
||||
#: assets/templates/assets/_asset_list_modal.html:7 assets/views/asset.py:52
|
||||
#: templates/_nav.html:22 xpack/plugins/change_auth_plan/views.py:110
|
||||
msgid "Asset list"
|
||||
msgstr "资产列表"
|
||||
|
|
@ -1005,7 +1011,7 @@ msgstr "自动生成密钥"
|
|||
#: assets/templates/assets/asset_create.html:60
|
||||
#: assets/templates/assets/asset_update.html:64
|
||||
#: assets/templates/assets/gateway_create_update.html:53
|
||||
#: perms/templates/perms/asset_permission_create_update.html:50
|
||||
#: perms/templates/perms/asset_permission_create_update.html:53
|
||||
#: terminal/templates/terminal/terminal_update.html:40
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_create_update.html:67
|
||||
msgid "Other"
|
||||
|
|
@ -1021,7 +1027,7 @@ msgstr "其它"
|
|||
#: assets/templates/assets/domain_create_update.html:16
|
||||
#: assets/templates/assets/gateway_create_update.html:58
|
||||
#: assets/templates/assets/label_create_update.html:18
|
||||
#: perms/templates/perms/asset_permission_create_update.html:80
|
||||
#: perms/templates/perms/asset_permission_create_update.html:83
|
||||
#: settings/templates/settings/basic_setting.html:61
|
||||
#: settings/templates/settings/command_storage_create.html:79
|
||||
#: settings/templates/settings/email_setting.html:62
|
||||
|
|
@ -1057,7 +1063,7 @@ msgstr "重置"
|
|||
#: assets/templates/assets/gateway_create_update.html:59
|
||||
#: assets/templates/assets/label_create_update.html:19
|
||||
#: audits/templates/audits/login_log_list.html:89
|
||||
#: perms/templates/perms/asset_permission_create_update.html:81
|
||||
#: perms/templates/perms/asset_permission_create_update.html:84
|
||||
#: settings/templates/settings/basic_setting.html:62
|
||||
#: settings/templates/settings/command_storage_create.html:80
|
||||
#: settings/templates/settings/email_setting.html:63
|
||||
|
|
@ -1082,7 +1088,7 @@ msgstr "提交"
|
|||
|
||||
#: assets/templates/assets/_user_asset_detail_modal.html:11
|
||||
#: assets/templates/assets/asset_asset_user_list.html:17
|
||||
#: assets/templates/assets/asset_detail.html:20 assets/views/asset.py:189
|
||||
#: assets/templates/assets/asset_detail.html:20 assets/views/asset.py:187
|
||||
msgid "Asset detail"
|
||||
msgstr "资产详情"
|
||||
|
||||
|
|
@ -1306,7 +1312,7 @@ msgid "Ratio"
|
|||
msgstr "比例"
|
||||
|
||||
#: assets/templates/assets/asset_asset_user_list.html:20
|
||||
#: assets/templates/assets/asset_detail.html:23 assets/views/asset.py:67
|
||||
#: assets/templates/assets/asset_detail.html:23 assets/views/asset.py:68
|
||||
msgid "Asset user list"
|
||||
msgstr "资产用户列表"
|
||||
|
||||
|
|
@ -1330,7 +1336,7 @@ msgstr "更新日期"
|
|||
#: users/templates/users/user_detail.html:138
|
||||
#: users/templates/users/user_profile.html:146
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:128
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:93
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:102
|
||||
msgid "Quick modify"
|
||||
msgstr "快速修改"
|
||||
|
||||
|
|
@ -1359,9 +1365,9 @@ msgid "Date joined"
|
|||
msgstr "创建日期"
|
||||
|
||||
#: assets/templates/assets/asset_detail.html:154
|
||||
#: assets/templates/assets/user_asset_list.html:46 perms/models.py:33
|
||||
#: perms/models.py:87
|
||||
#: perms/templates/perms/asset_permission_create_update.html:52
|
||||
#: assets/templates/assets/user_asset_list.html:46 perms/models.py:54
|
||||
#: perms/models.py:108
|
||||
#: perms/templates/perms/asset_permission_create_update.html:55
|
||||
#: perms/templates/perms/asset_permission_detail.html:120
|
||||
#: terminal/templates/terminal/terminal_list.html:34
|
||||
#: users/templates/users/_select_user_modal.html:18
|
||||
|
|
@ -1389,14 +1395,14 @@ msgstr ""
|
|||
"左侧是资产树,右击可以新建、删除、更改树节点,授权资产也是以节点方式组织的,"
|
||||
"右侧是属于该节点下的资产"
|
||||
|
||||
#: assets/templates/assets/asset_list.html:69 assets/views/asset.py:104
|
||||
#: assets/templates/assets/asset_list.html:69 assets/views/asset.py:105
|
||||
msgid "Create asset"
|
||||
msgstr "创建资产"
|
||||
|
||||
#: assets/templates/assets/asset_list.html:73
|
||||
#: settings/templates/settings/_ldap_list_users_modal.html:97
|
||||
#: users/templates/users/user_list.html:7
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:101
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:110
|
||||
msgid "Import"
|
||||
msgstr "导入"
|
||||
|
||||
|
|
@ -1737,7 +1743,7 @@ msgstr "删除系统用户"
|
|||
msgid "System Users Deleting failed."
|
||||
msgstr "系统用户删除失败"
|
||||
|
||||
#: assets/templates/assets/user_asset_list.html:100
|
||||
#: assets/templates/assets/user_asset_list.html:100 perms/const.py:19
|
||||
msgid "Connect"
|
||||
msgstr "连接"
|
||||
|
||||
|
|
@ -1753,23 +1759,23 @@ msgstr "更新管理用户"
|
|||
msgid "Admin user detail"
|
||||
msgstr "管理用户详情"
|
||||
|
||||
#: assets/views/asset.py:78 templates/_nav_user.html:4
|
||||
#: assets/views/asset.py:79 templates/_nav_user.html:4
|
||||
msgid "My assets"
|
||||
msgstr "我的资产"
|
||||
|
||||
#: assets/views/asset.py:118
|
||||
#: assets/views/asset.py:119
|
||||
msgid "Bulk update asset success"
|
||||
msgstr "批量更新资产成功"
|
||||
|
||||
#: assets/views/asset.py:148
|
||||
#: assets/views/asset.py:146
|
||||
msgid "Bulk update asset"
|
||||
msgstr "批量更新资产"
|
||||
|
||||
#: assets/views/asset.py:165
|
||||
#: assets/views/asset.py:163
|
||||
msgid "Update asset"
|
||||
msgstr "更新资产"
|
||||
|
||||
#: assets/views/asset.py:306
|
||||
#: assets/views/asset.py:304
|
||||
msgid "already exists"
|
||||
msgstr "已经存在"
|
||||
|
||||
|
|
@ -1947,7 +1953,7 @@ msgid "MFA"
|
|||
msgstr "MFA"
|
||||
|
||||
#: audits/models.py:100 audits/templates/audits/login_log_list.html:57
|
||||
#: xpack/plugins/change_auth_plan/models.py:412
|
||||
#: xpack/plugins/change_auth_plan/models.py:413
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_subtask_list.html:15
|
||||
#: xpack/plugins/cloud/models.py:172
|
||||
#: xpack/plugins/cloud/templates/cloud/sync_instance_task_history.html:69
|
||||
|
|
@ -1969,11 +1975,11 @@ msgstr "登录日期"
|
|||
#: ops/templates/ops/adhoc_history.html:52
|
||||
#: ops/templates/ops/adhoc_history_detail.html:61
|
||||
#: ops/templates/ops/command_execution_list.html:66
|
||||
#: ops/templates/ops/task_history.html:58 perms/models.py:34
|
||||
#: ops/templates/ops/task_history.html:58 perms/models.py:55
|
||||
#: perms/templates/perms/asset_permission_detail.html:86 terminal/models.py:165
|
||||
#: terminal/templates/terminal/session_list.html:78
|
||||
#: xpack/plugins/change_auth_plan/models.py:245
|
||||
#: xpack/plugins/change_auth_plan/models.py:415
|
||||
#: xpack/plugins/change_auth_plan/models.py:246
|
||||
#: xpack/plugins/change_auth_plan/models.py:416
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_list.html:59
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_subtask_list.html:17
|
||||
msgid "Date start"
|
||||
|
|
@ -2434,8 +2440,8 @@ msgstr "完成时间"
|
|||
|
||||
#: ops/models/adhoc.py:326 ops/templates/ops/adhoc_history.html:57
|
||||
#: ops/templates/ops/task_history.html:63 ops/templates/ops/task_list.html:33
|
||||
#: xpack/plugins/change_auth_plan/models.py:248
|
||||
#: xpack/plugins/change_auth_plan/models.py:418
|
||||
#: xpack/plugins/change_auth_plan/models.py:249
|
||||
#: xpack/plugins/change_auth_plan/models.py:419
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_list.html:58
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_execution_subtask_list.html:16
|
||||
msgid "Time"
|
||||
|
|
@ -2696,7 +2702,19 @@ msgstr "命令执行"
|
|||
msgid "Organization"
|
||||
msgstr "组织管理"
|
||||
|
||||
#: perms/forms.py:39 perms/models.py:29 perms/models.py:85
|
||||
#: perms/const.py:18 settings/forms.py:136
|
||||
msgid "All"
|
||||
msgstr "全部"
|
||||
|
||||
#: perms/const.py:20
|
||||
msgid "Upload file"
|
||||
msgstr "上传文件"
|
||||
|
||||
#: perms/const.py:21
|
||||
msgid "Download file"
|
||||
msgstr "下载文件"
|
||||
|
||||
#: perms/forms.py:39 perms/models.py:49 perms/models.py:106
|
||||
#: perms/templates/perms/asset_permission_list.html:55
|
||||
#: perms/templates/perms/asset_permission_list.html:75
|
||||
#: perms/templates/perms/asset_permission_list.html:122 templates/_nav.html:14
|
||||
|
|
@ -2708,22 +2726,28 @@ msgstr "组织管理"
|
|||
msgid "User group"
|
||||
msgstr "用户组"
|
||||
|
||||
#: perms/forms.py:61
|
||||
#: perms/forms.py:58
|
||||
msgid ""
|
||||
"Tips: The RDP protocol does not support separate controls for uploading or "
|
||||
"downloading files"
|
||||
msgstr "提示:RDP 协议不支持单独控制上传或下载文件"
|
||||
|
||||
#: perms/forms.py:68
|
||||
msgid "User or group at least one required"
|
||||
msgstr "用户和用户组至少选一个"
|
||||
|
||||
#: perms/forms.py:70
|
||||
#: perms/forms.py:77
|
||||
msgid "Asset or group at least one required"
|
||||
msgstr "资产和节点至少选一个"
|
||||
|
||||
#: perms/models.py:35 perms/models.py:88
|
||||
#: perms/models.py:56 perms/models.py:109
|
||||
#: perms/templates/perms/asset_permission_detail.html:90
|
||||
#: users/models/user.py:99 users/templates/users/user_detail.html:107
|
||||
#: users/templates/users/user_profile.html:116
|
||||
msgid "Date expired"
|
||||
msgstr "失效日期"
|
||||
|
||||
#: perms/models.py:44 perms/models.py:97 templates/_nav.html:34
|
||||
#: perms/models.py:65 perms/models.py:118 templates/_nav.html:34
|
||||
msgid "Asset permission"
|
||||
msgstr "资产授权"
|
||||
|
||||
|
|
@ -2769,12 +2793,12 @@ msgstr "添加节点"
|
|||
msgid "Join"
|
||||
msgstr "加入"
|
||||
|
||||
#: perms/templates/perms/asset_permission_create_update.html:58
|
||||
#: perms/templates/perms/asset_permission_create_update.html:61
|
||||
msgid "Validity period"
|
||||
msgstr "有效期"
|
||||
|
||||
#: perms/templates/perms/asset_permission_detail.html:66
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:67
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:76
|
||||
msgid "User count"
|
||||
msgstr "用户数量"
|
||||
|
||||
|
|
@ -2783,7 +2807,7 @@ msgid "User group count"
|
|||
msgstr "用户组列表"
|
||||
|
||||
#: perms/templates/perms/asset_permission_detail.html:74
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:63
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:72
|
||||
msgid "Asset count"
|
||||
msgstr "资产数量"
|
||||
|
||||
|
|
@ -2827,29 +2851,29 @@ msgstr "添加用户组"
|
|||
msgid "Select user groups"
|
||||
msgstr "选择用户组"
|
||||
|
||||
#: perms/views.py:23 perms/views.py:53 perms/views.py:68 perms/views.py:83
|
||||
#: perms/views.py:118 perms/views.py:150 templates/_nav.html:31
|
||||
#: perms/views.py:24 perms/views.py:56 perms/views.py:71 perms/views.py:86
|
||||
#: perms/views.py:121 perms/views.py:153 templates/_nav.html:31
|
||||
#: xpack/plugins/orgs/templates/orgs/org_list.html:21
|
||||
msgid "Perms"
|
||||
msgstr "权限管理"
|
||||
|
||||
#: perms/views.py:24
|
||||
#: perms/views.py:25
|
||||
msgid "Asset permission list"
|
||||
msgstr "资产授权列表"
|
||||
|
||||
#: perms/views.py:54
|
||||
#: perms/views.py:57
|
||||
msgid "Create asset permission"
|
||||
msgstr "创建权限规则"
|
||||
|
||||
#: perms/views.py:69 perms/views.py:84
|
||||
#: perms/views.py:72 perms/views.py:87
|
||||
msgid "Update asset permission"
|
||||
msgstr "更新资产授权"
|
||||
|
||||
#: perms/views.py:119
|
||||
#: perms/views.py:122
|
||||
msgid "Asset permission user list"
|
||||
msgstr "资产授权用户列表"
|
||||
|
||||
#: perms/views.py:151
|
||||
#: perms/views.py:154
|
||||
msgid "Asset permission asset list"
|
||||
msgstr "资产授权资产列表"
|
||||
|
||||
|
|
@ -2981,10 +3005,6 @@ msgstr ""
|
|||
msgid "Enable LDAP auth"
|
||||
msgstr "启用LDAP认证"
|
||||
|
||||
#: settings/forms.py:136
|
||||
msgid "All"
|
||||
msgstr "全部"
|
||||
|
||||
#: settings/forms.py:137
|
||||
msgid "Auto"
|
||||
msgstr "自动"
|
||||
|
|
@ -3444,7 +3464,7 @@ msgstr ""
|
|||
|
||||
#: templates/_nav.html:10 users/views/group.py:27 users/views/group.py:43
|
||||
#: users/views/group.py:59 users/views/group.py:75 users/views/group.py:91
|
||||
#: users/views/login.py:153 users/views/user.py:68 users/views/user.py:83
|
||||
#: users/views/login.py:154 users/views/user.py:68 users/views/user.py:83
|
||||
#: users/views/user.py:113 users/views/user.py:194 users/views/user.py:355
|
||||
#: users/views/user.py:405 users/views/user.py:445
|
||||
msgid "Users"
|
||||
|
|
@ -3977,7 +3997,7 @@ msgstr "复制你的公钥到这里"
|
|||
msgid "Select users"
|
||||
msgstr "选择用户"
|
||||
|
||||
#: users/models/user.py:35 users/models/user.py:469
|
||||
#: users/models/user.py:35 users/models/user.py:471
|
||||
msgid "Administrator"
|
||||
msgstr "管理员"
|
||||
|
||||
|
|
@ -4019,11 +4039,11 @@ msgid "Date password last updated"
|
|||
msgstr "最后更新密码日期"
|
||||
|
||||
#: users/models/user.py:136 users/templates/users/user_update.html:22
|
||||
#: users/views/login.py:46 users/views/login.py:107 users/views/user.py:418
|
||||
#: users/views/login.py:47 users/views/login.py:108 users/views/user.py:418
|
||||
msgid "User auth from {}, go there change password"
|
||||
msgstr "用户认证源来自 {}, 请去相应系统修改密码"
|
||||
|
||||
#: users/models/user.py:472
|
||||
#: users/models/user.py:474
|
||||
msgid "Administrator is the super user of system"
|
||||
msgstr "Administrator是初始的超级管理员"
|
||||
|
||||
|
|
@ -4671,40 +4691,40 @@ msgstr "更新用户组"
|
|||
msgid "User group granted asset"
|
||||
msgstr "用户组授权资产"
|
||||
|
||||
#: users/views/login.py:43
|
||||
#: users/views/login.py:44
|
||||
msgid "Email address invalid, please input again"
|
||||
msgstr "邮箱地址错误,重新输入"
|
||||
|
||||
#: users/views/login.py:59
|
||||
#: users/views/login.py:60
|
||||
msgid "Send reset password message"
|
||||
msgstr "发送重置密码邮件"
|
||||
|
||||
#: users/views/login.py:60
|
||||
#: users/views/login.py:61
|
||||
msgid "Send reset password mail success, login your mail box and follow it "
|
||||
msgstr ""
|
||||
"发送重置邮件成功, 请登录邮箱查看, 按照提示操作 (如果没收到,请等待3-5分钟)"
|
||||
|
||||
#: users/views/login.py:73
|
||||
#: users/views/login.py:74
|
||||
msgid "Reset password success"
|
||||
msgstr "重置密码成功"
|
||||
|
||||
#: users/views/login.py:74
|
||||
#: users/views/login.py:75
|
||||
msgid "Reset password success, return to login page"
|
||||
msgstr "重置密码成功,返回到登录页面"
|
||||
|
||||
#: users/views/login.py:89 users/views/login.py:105
|
||||
#: users/views/login.py:90 users/views/login.py:106
|
||||
msgid "Token invalid or expired"
|
||||
msgstr "Token错误或失效"
|
||||
|
||||
#: users/views/login.py:101
|
||||
#: users/views/login.py:102
|
||||
msgid "Password not same"
|
||||
msgstr "密码不一致"
|
||||
|
||||
#: users/views/login.py:114 users/views/user.py:128 users/views/user.py:428
|
||||
#: users/views/login.py:115 users/views/user.py:128 users/views/user.py:428
|
||||
msgid "* Your password does not meet the requirements"
|
||||
msgstr "* 您的密码不符合要求"
|
||||
|
||||
#: users/views/login.py:153
|
||||
#: users/views/login.py:154
|
||||
msgid "First login"
|
||||
msgstr "首次登录"
|
||||
|
||||
|
|
@ -4809,8 +4829,8 @@ msgstr ""
|
|||
"具</a>) <br>注意: 如果同时设置了定期执行和周期执行,优先使用定期执行"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/meta.py:9
|
||||
#: xpack/plugins/change_auth_plan/models.py:110
|
||||
#: xpack/plugins/change_auth_plan/models.py:252
|
||||
#: xpack/plugins/change_auth_plan/models.py:111
|
||||
#: xpack/plugins/change_auth_plan/models.py:253
|
||||
#: xpack/plugins/change_auth_plan/views.py:31
|
||||
#: xpack/plugins/change_auth_plan/views.py:47
|
||||
#: xpack/plugins/change_auth_plan/views.py:68
|
||||
|
|
@ -4834,13 +4854,13 @@ msgid "All assets use different random password"
|
|||
msgstr "所有资产使用不同的随机密码"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:73
|
||||
#: xpack/plugins/change_auth_plan/models.py:141
|
||||
#: xpack/plugins/change_auth_plan/models.py:142
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:100
|
||||
msgid "Cycle perform"
|
||||
msgstr "周期执行"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:78
|
||||
#: xpack/plugins/change_auth_plan/models.py:139
|
||||
#: xpack/plugins/change_auth_plan/models.py:140
|
||||
#: xpack/plugins/change_auth_plan/templates/change_auth_plan/plan_detail.html:92
|
||||
msgid "Regularly perform"
|
||||
msgstr "定期执行"
|
||||
|
|
@ -4858,32 +4878,32 @@ msgstr "密码策略"
|
|||
msgid "Password rules"
|
||||
msgstr "密码规则"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:209
|
||||
#: xpack/plugins/change_auth_plan/models.py:210
|
||||
msgid "For security, do not change root user's password"
|
||||
msgstr "为了安全,禁止更改root用户的密码"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:212
|
||||
#: xpack/plugins/change_auth_plan/models.py:213
|
||||
msgid "Assets is empty, please add the asset"
|
||||
msgstr "资产为空,请添加资产"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:256
|
||||
#: xpack/plugins/change_auth_plan/models.py:257
|
||||
msgid "Change auth plan snapshot"
|
||||
msgstr "改密计划快照"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:271
|
||||
#: xpack/plugins/change_auth_plan/models.py:422
|
||||
#: xpack/plugins/change_auth_plan/models.py:272
|
||||
#: xpack/plugins/change_auth_plan/models.py:423
|
||||
msgid "Change auth plan execution"
|
||||
msgstr "改密计划执行"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:431
|
||||
#: xpack/plugins/change_auth_plan/models.py:432
|
||||
msgid "Change auth plan execution subtask"
|
||||
msgstr "改密计划执行子任务"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:449
|
||||
#: xpack/plugins/change_auth_plan/models.py:450
|
||||
msgid "Authentication failed"
|
||||
msgstr "认证失败"
|
||||
|
||||
#: xpack/plugins/change_auth_plan/models.py:451
|
||||
#: xpack/plugins/change_auth_plan/models.py:452
|
||||
msgid "Connection timeout"
|
||||
msgstr "连接超时"
|
||||
|
||||
|
|
@ -5245,6 +5265,7 @@ msgid "This will restore default Settings of the interface !!!"
|
|||
msgstr "您确定要恢复默认初始化吗?"
|
||||
|
||||
#: xpack/plugins/interface/templates/interface/interface.html:107
|
||||
#: xpack/plugins/interface/views.py:53
|
||||
msgid "Restore default successfully."
|
||||
msgstr "恢复默认成功!"
|
||||
|
||||
|
|
@ -5257,15 +5278,12 @@ msgid "Interface"
|
|||
msgstr "界面"
|
||||
|
||||
#: xpack/plugins/interface/views.py:49
|
||||
msgid "It is already in the default setting state!"
|
||||
msgid "It is already in the default setting state!"
|
||||
msgstr "当前已经是初始化状态!"
|
||||
|
||||
#: xpack/plugins/interface/views.py:53
|
||||
msgid "Restore default successfully!"
|
||||
msgstr "恢复默认成功!"
|
||||
|
||||
#: xpack/plugins/license/meta.py:11 xpack/plugins/license/models.py:94
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:50
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:55
|
||||
#: xpack/plugins/license/views.py:31
|
||||
msgid "License"
|
||||
msgstr "许可证"
|
||||
|
|
@ -5279,7 +5297,7 @@ msgid "Enterprise edition"
|
|||
msgstr "企业版"
|
||||
|
||||
#: xpack/plugins/license/templates/license/_license_import_modal.html:4
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:99
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:108
|
||||
msgid "Import license"
|
||||
msgstr "导入许可证"
|
||||
|
||||
|
|
@ -5292,6 +5310,7 @@ msgid "Please Import License"
|
|||
msgstr "请导入许可证"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:17
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:56
|
||||
msgid "License has expired"
|
||||
msgstr "许可证已经过期"
|
||||
|
||||
|
|
@ -5312,34 +5331,38 @@ msgstr "许可证详情"
|
|||
msgid "No license"
|
||||
msgstr "暂无许可证"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:55
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:60
|
||||
msgid "Subscription ID"
|
||||
msgstr "订阅授权ID"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:64
|
||||
msgid "Corporation"
|
||||
msgstr "公司"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:59
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:68
|
||||
msgid "Expired"
|
||||
msgstr "过期时间"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:64
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:68
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:72
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:76
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:73
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:77
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:81
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:85
|
||||
msgid "Unlimited"
|
||||
msgstr "无限制"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:75
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:84
|
||||
msgid "Concurrent connections"
|
||||
msgstr "并发连接"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:80
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:89
|
||||
msgid "Edition"
|
||||
msgstr "版本"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:106
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:115
|
||||
msgid "Technology consulting"
|
||||
msgstr "技术咨询"
|
||||
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:109
|
||||
#: xpack/plugins/license/templates/license/license_detail.html:118
|
||||
msgid "Consult"
|
||||
msgstr "咨询"
|
||||
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ from rest_framework.pagination import LimitOffsetPagination
|
|||
|
||||
from common.permissions import IsOrgAdmin
|
||||
from common.utils import get_object_or_none
|
||||
from ..models import AssetPermission
|
||||
from ..models import AssetPermission, Action
|
||||
from ..hands import (
|
||||
User, UserGroup, Asset, Node, SystemUser,
|
||||
)
|
||||
|
|
@ -20,10 +20,16 @@ from .. import serializers
|
|||
__all__ = [
|
||||
'AssetPermissionViewSet', 'AssetPermissionRemoveUserApi',
|
||||
'AssetPermissionAddUserApi', 'AssetPermissionRemoveAssetApi',
|
||||
'AssetPermissionAddAssetApi',
|
||||
'AssetPermissionAddAssetApi', 'ActionViewSet',
|
||||
]
|
||||
|
||||
|
||||
class ActionViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
queryset = Action.objects.all()
|
||||
serializer_class = serializers.ActionSerializer
|
||||
permission_classes = (IsOrgAdmin,)
|
||||
|
||||
|
||||
class AssetPermissionViewSet(viewsets.ModelViewSet):
|
||||
"""
|
||||
资产授权列表的增删改查api
|
||||
|
|
|
|||
|
|
@ -16,7 +16,8 @@ from common.tree import TreeNodeSerializer
|
|||
from common.utils import get_logger
|
||||
from orgs.utils import set_to_root_org
|
||||
from ..utils import (
|
||||
AssetPermissionUtil, parse_asset_to_tree_node, parse_node_to_tree_node
|
||||
AssetPermissionUtil, parse_asset_to_tree_node, parse_node_to_tree_node,
|
||||
check_system_user_action
|
||||
)
|
||||
from ..hands import (
|
||||
AssetGrantedSerializer, User, Asset, Node,
|
||||
|
|
@ -24,6 +25,7 @@ from ..hands import (
|
|||
)
|
||||
from .. import serializers
|
||||
from ..mixins import AssetsFilterMixin
|
||||
from ..models import Action
|
||||
|
||||
logger = get_logger(__name__)
|
||||
|
||||
|
|
@ -31,7 +33,7 @@ __all__ = [
|
|||
'UserGrantedAssetsApi', 'UserGrantedNodesApi',
|
||||
'UserGrantedNodesWithAssetsApi', 'UserGrantedNodeAssetsApi',
|
||||
'ValidateUserAssetPermissionApi', 'UserGrantedNodeChildrenApi',
|
||||
'UserGrantedNodesWithAssetsAsTreeApi',
|
||||
'UserGrantedNodesWithAssetsAsTreeApi', 'GetUserAssetPermissionActionsApi',
|
||||
]
|
||||
|
||||
|
||||
|
|
@ -403,16 +405,45 @@ class ValidateUserAssetPermissionApi(UserPermissionCacheMixin, APIView):
|
|||
user_id = request.query_params.get('user_id', '')
|
||||
asset_id = request.query_params.get('asset_id', '')
|
||||
system_id = request.query_params.get('system_user_id', '')
|
||||
action_name = request.query_params.get('action_name', '')
|
||||
|
||||
user = get_object_or_404(User, id=user_id)
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
system_user = get_object_or_404(SystemUser, id=system_id)
|
||||
su = get_object_or_404(SystemUser, id=system_id)
|
||||
action = get_object_or_404(Action, name=action_name)
|
||||
|
||||
util = AssetPermissionUtil(user, cache_policy=self.cache_policy)
|
||||
assets_granted = util.get_assets()
|
||||
if system_user in assets_granted.get(asset, []):
|
||||
return Response({'msg': True}, status=200)
|
||||
else:
|
||||
granted_assets = util.get_assets()
|
||||
granted_system_users = granted_assets.get(asset, [])
|
||||
|
||||
if su not in granted_system_users:
|
||||
return Response({'msg': False}, status=403)
|
||||
|
||||
_su = next((s for s in granted_system_users if s.id == su.id), None)
|
||||
if not check_system_user_action(_su, action):
|
||||
return Response({'msg': False}, status=403)
|
||||
|
||||
return Response({'msg': True}, status=200)
|
||||
|
||||
|
||||
class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, APIView):
|
||||
permission_classes = (IsOrgAdminOrAppUser,)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
user_id = request.query_params.get('user_id', '')
|
||||
asset_id = request.query_params.get('asset_id', '')
|
||||
system_id = request.query_params.get('system_user_id', '')
|
||||
|
||||
user = get_object_or_404(User, id=user_id)
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
su = get_object_or_404(SystemUser, id=system_id)
|
||||
|
||||
util = AssetPermissionUtil(user, cache_policy=self.cache_policy)
|
||||
granted_assets = util.get_assets()
|
||||
granted_system_users = granted_assets.get(asset, [])
|
||||
_su = next((s for s in granted_system_users if s.id == su.id), None)
|
||||
if not _su:
|
||||
return Response({'actions': []}, status=403)
|
||||
|
||||
actions = [action.name for action in getattr(_su, 'actions', [])]
|
||||
return Response({'actions': actions}, status=200)
|
||||
|
|
|
|||
|
|
@ -0,0 +1,22 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
__all__ = [
|
||||
'PERMS_ACTION_NAME_ALL', 'PERMS_ACTION_NAME_CONNECT',
|
||||
'PERMS_ACTION_NAME_DOWNLOAD_FILE', 'PERMS_ACTION_NAME_UPLOAD_FILE',
|
||||
'PERMS_ACTION_NAME_CHOICES'
|
||||
]
|
||||
|
||||
PERMS_ACTION_NAME_ALL = 'all'
|
||||
PERMS_ACTION_NAME_CONNECT = 'connect'
|
||||
PERMS_ACTION_NAME_UPLOAD_FILE = 'upload_file'
|
||||
PERMS_ACTION_NAME_DOWNLOAD_FILE = 'download_file'
|
||||
|
||||
PERMS_ACTION_NAME_CHOICES = (
|
||||
(PERMS_ACTION_NAME_ALL, _('All')),
|
||||
(PERMS_ACTION_NAME_CONNECT, _('Connect')),
|
||||
(PERMS_ACTION_NAME_UPLOAD_FILE, _('Upload file')),
|
||||
(PERMS_ACTION_NAME_DOWNLOAD_FILE, _('Download file')),
|
||||
)
|
||||
|
|
@ -47,10 +47,17 @@ class AssetPermissionForm(OrgModelForm):
|
|||
'system_users': forms.SelectMultiple(
|
||||
attrs={'class': 'select2', 'data-placeholder': _('System user')}
|
||||
),
|
||||
'actions': forms.SelectMultiple(
|
||||
attrs={'class': 'select2', 'data-placeholder': _('Action')}
|
||||
)
|
||||
}
|
||||
labels = {
|
||||
'nodes': _("Node"),
|
||||
}
|
||||
help_texts = {
|
||||
'actions': _('Tips: The RDP protocol does not support separate '
|
||||
'controls for uploading or downloading files')
|
||||
}
|
||||
|
||||
def clean_user_groups(self):
|
||||
users = self.cleaned_data.get('users')
|
||||
|
|
|
|||
|
|
@ -0,0 +1,33 @@
|
|||
# Generated by Django 2.1.7 on 2019-04-12 07:00
|
||||
|
||||
from django.db import migrations, models
|
||||
import uuid
|
||||
|
||||
|
||||
def add_default_actions(apps, schema_editor):
|
||||
from ..const import PERMS_ACTION_NAME_CHOICES
|
||||
action_model = apps.get_model('perms', 'Action')
|
||||
db_alias = schema_editor.connection.alias
|
||||
for action, _ in PERMS_ACTION_NAME_CHOICES:
|
||||
action_model.objects.using(db_alias).update_or_create(name=action)
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('perms', '0002_auto_20171228_0025_squashed_0009_auto_20180903_1132'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.CreateModel(
|
||||
name='Action',
|
||||
fields=[
|
||||
('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
|
||||
('name', models.CharField(choices=[('all', 'All'), ('connect', 'Connect'), ('upload_file', 'Upload file'), ('download_file', 'Download file')], max_length=128, unique=True, verbose_name='Name')),
|
||||
],
|
||||
options={
|
||||
'verbose_name': 'Action',
|
||||
},
|
||||
),
|
||||
migrations.RunPython(add_default_actions)
|
||||
]
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
# Generated by Django 2.1.7 on 2019-04-12 09:17
|
||||
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
def set_default_action_to_existing_perms(apps, schema_editor):
|
||||
from orgs.utils import set_to_root_org
|
||||
from ..models import Action
|
||||
set_to_root_org()
|
||||
perm_model = apps.get_model('perms', 'AssetPermission')
|
||||
db_alias = schema_editor.connection.alias
|
||||
perms = perm_model.objects.using(db_alias).all()
|
||||
default_action = Action.get_action_all()
|
||||
for perm in perms:
|
||||
perm.actions.add(default_action.id)
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
|
||||
dependencies = [
|
||||
('perms', '0003_action'),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AddField(
|
||||
model_name='assetpermission',
|
||||
name='actions',
|
||||
field=models.ManyToManyField(blank=True, related_name='permissions', to='perms.Action', verbose_name='Action'),
|
||||
),
|
||||
migrations.RunPython(set_default_action_to_existing_perms)
|
||||
]
|
||||
|
|
@ -7,6 +7,26 @@ from django.utils import timezone
|
|||
from common.utils import date_expired_default, set_or_append_attr_bulk
|
||||
from orgs.mixins import OrgModelMixin, OrgManager
|
||||
|
||||
from .const import PERMS_ACTION_NAME_CHOICES, PERMS_ACTION_NAME_ALL
|
||||
|
||||
|
||||
class Action(models.Model):
|
||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||
name = models.CharField(
|
||||
max_length=128, unique=True, choices=PERMS_ACTION_NAME_CHOICES,
|
||||
verbose_name=_('Name')
|
||||
)
|
||||
|
||||
class Meta:
|
||||
verbose_name = _('Action')
|
||||
|
||||
def __str__(self):
|
||||
return self.get_name_display()
|
||||
|
||||
@classmethod
|
||||
def get_action_all(cls):
|
||||
return cls.objects.get(name=PERMS_ACTION_NAME_ALL)
|
||||
|
||||
|
||||
class AssetPermissionQuerySet(models.QuerySet):
|
||||
def active(self):
|
||||
|
|
@ -30,6 +50,7 @@ class AssetPermission(OrgModelMixin):
|
|||
assets = models.ManyToManyField('assets.Asset', related_name='granted_by_permissions', blank=True, verbose_name=_("Asset"))
|
||||
nodes = models.ManyToManyField('assets.Node', related_name='granted_by_permissions', blank=True, verbose_name=_("Nodes"))
|
||||
system_users = models.ManyToManyField('assets.SystemUser', related_name='granted_by_permissions', verbose_name=_("System user"))
|
||||
actions = models.ManyToManyField('Action', related_name='permissions', blank=True, verbose_name=_('Action'))
|
||||
is_active = models.BooleanField(default=True, verbose_name=_('Active'))
|
||||
date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start"))
|
||||
date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired'))
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@
|
|||
from rest_framework import serializers
|
||||
|
||||
from common.fields import StringManyToManyField
|
||||
from .models import AssetPermission
|
||||
from .models import AssetPermission, Action
|
||||
from assets.models import Node, Asset, SystemUser
|
||||
from assets.serializers import AssetGrantedSerializer
|
||||
|
||||
|
|
@ -13,9 +13,16 @@ __all__ = [
|
|||
'AssetPermissionUpdateUserSerializer', 'AssetPermissionUpdateAssetSerializer',
|
||||
'AssetPermissionNodeSerializer', 'GrantedNodeSerializer',
|
||||
'GrantedAssetSerializer', 'GrantedSystemUserSerializer',
|
||||
'ActionSerializer',
|
||||
]
|
||||
|
||||
|
||||
class ActionSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = Action
|
||||
fields = '__all__'
|
||||
|
||||
|
||||
class AssetPermissionCreateUpdateSerializer(serializers.ModelSerializer):
|
||||
class Meta:
|
||||
model = AssetPermission
|
||||
|
|
@ -28,6 +35,7 @@ class AssetPermissionListSerializer(serializers.ModelSerializer):
|
|||
assets = StringManyToManyField(many=True, read_only=True)
|
||||
nodes = StringManyToManyField(many=True, read_only=True)
|
||||
system_users = StringManyToManyField(many=True, read_only=True)
|
||||
actions = StringManyToManyField(many=True, read_only=True)
|
||||
is_valid = serializers.BooleanField()
|
||||
is_expired = serializers.BooleanField()
|
||||
|
||||
|
|
|
|||
|
|
@ -2,15 +2,37 @@
|
|||
#
|
||||
from django.db.models.signals import m2m_changed, post_save, post_delete
|
||||
from django.dispatch import receiver
|
||||
from django.db import transaction
|
||||
|
||||
from common.utils import get_logger
|
||||
from .utils import AssetPermissionUtil
|
||||
from .models import AssetPermission
|
||||
from .models import AssetPermission, Action
|
||||
|
||||
|
||||
logger = get_logger(__file__)
|
||||
|
||||
|
||||
def on_transaction_commit(func):
|
||||
"""
|
||||
如果不调用on_commit, 对象创建时添加多对多字段值失败
|
||||
"""
|
||||
def inner(*args, **kwargs):
|
||||
transaction.on_commit(lambda: func(*args, **kwargs))
|
||||
return inner
|
||||
|
||||
|
||||
@receiver(post_save, sender=AssetPermission, dispatch_uid="my_unique_identifier")
|
||||
@on_transaction_commit
|
||||
def on_permission_created(sender, instance=None, created=False, **kwargs):
|
||||
actions = instance.actions.all()
|
||||
if created and not actions:
|
||||
default_action = Action.get_action_all()
|
||||
instance.actions.add(default_action)
|
||||
logger.debug(
|
||||
"Set default action to perms: {}".format(default_action, instance)
|
||||
)
|
||||
|
||||
|
||||
@receiver(post_save, sender=AssetPermission)
|
||||
def on_permission_update(sender, **kwargs):
|
||||
AssetPermissionUtil.expire_all_cache()
|
||||
|
|
|
|||
|
|
@ -47,6 +47,9 @@
|
|||
{% bootstrap_field form.nodes layout="horizontal" %}
|
||||
{% bootstrap_field form.system_users layout="horizontal" %}
|
||||
<div class="hr-line-dashed"></div>
|
||||
<h3>{% trans 'Action' %}</h3>
|
||||
{% bootstrap_field form.actions layout="horizontal" %}
|
||||
<div class="hr-line-dashed"></div>
|
||||
<h3>{% trans 'Other' %}</h3>
|
||||
<div class="form-group">
|
||||
<label for="{{ form.is_active.id_for_label }}" class="col-sm-2 control-label">{% trans 'Active' %}</label>
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ from .. import api
|
|||
app_name = 'perms'
|
||||
|
||||
router = routers.DefaultRouter()
|
||||
router.register('actions', api.ActionViewSet, 'action')
|
||||
router.register('asset-permissions', api.AssetPermissionViewSet, 'asset-permission')
|
||||
|
||||
urlpatterns = [
|
||||
|
|
@ -67,6 +68,8 @@ urlpatterns = [
|
|||
# 验证用户是否有某个资产和系统用户的权限
|
||||
path('asset-permission/user/validate/', api.ValidateUserAssetPermissionApi.as_view(),
|
||||
name='validate-user-asset-permission'),
|
||||
path('asset-permission/user/actions/', api.GetUserAssetPermissionActionsApi.as_view(),
|
||||
name='get-user-asset-permission-actions'),
|
||||
]
|
||||
|
||||
urlpatterns += router.urls
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
# coding: utf-8
|
||||
|
||||
from __future__ import absolute_import, unicode_literals
|
||||
import uuid
|
||||
from collections import defaultdict
|
||||
import json
|
||||
|
|
@ -13,7 +12,7 @@ from django.conf import settings
|
|||
|
||||
from common.utils import get_logger
|
||||
from common.tree import TreeNode
|
||||
from .models import AssetPermission
|
||||
from .models import AssetPermission, Action
|
||||
from .hands import Node
|
||||
|
||||
logger = get_logger(__file__)
|
||||
|
|
@ -101,7 +100,7 @@ class AssetPermissionUtil:
|
|||
"UserGroup": get_user_group_permissions,
|
||||
"Asset": get_asset_permissions,
|
||||
"Node": get_node_permissions,
|
||||
"SystemUser": get_node_permissions,
|
||||
"SystemUser": get_system_user_permissions,
|
||||
}
|
||||
|
||||
CACHE_KEY_PREFIX = '_ASSET_PERM_CACHE_'
|
||||
|
|
@ -180,6 +179,24 @@ class AssetPermissionUtil:
|
|||
)
|
||||
return assets
|
||||
|
||||
def _setattr_actions_to_system_user(self):
|
||||
"""
|
||||
动态给system_use设置属性actions
|
||||
"""
|
||||
for asset, system_users in self._assets.items():
|
||||
# 获取资产和资产的祖先节点的所有授权规则
|
||||
perms = get_asset_permissions(asset, include_node=True)
|
||||
# 过滤当前self.permission的授权规则
|
||||
perms = perms.filter(id__in=[perm.id for perm in self.permissions])
|
||||
|
||||
for system_user in system_users:
|
||||
actions = set()
|
||||
_perms = perms.filter(system_users=system_user).\
|
||||
prefetch_related('actions')
|
||||
for _perm in _perms:
|
||||
actions.update(_perm.actions.all())
|
||||
setattr(system_user, 'actions', actions)
|
||||
|
||||
def get_assets_without_cache(self):
|
||||
if self._assets:
|
||||
return self._assets
|
||||
|
|
@ -192,6 +209,7 @@ class AssetPermissionUtil:
|
|||
[s for s in system_users if s.protocol == asset.protocol]
|
||||
)
|
||||
self._assets = assets
|
||||
self._setattr_actions_to_system_user()
|
||||
return self._assets
|
||||
|
||||
def get_cache_key(self, resource):
|
||||
|
|
@ -395,6 +413,7 @@ def parse_asset_to_tree_node(node, asset, system_users):
|
|||
'protocol': system_user.protocol,
|
||||
'priority': system_user.priority,
|
||||
'login_mode': system_user.login_mode,
|
||||
'actions': [action.name for action in system_user.actions],
|
||||
'comment': system_user.comment,
|
||||
})
|
||||
data = {
|
||||
|
|
@ -423,3 +442,21 @@ def parse_asset_to_tree_node(node, asset, system_users):
|
|||
}
|
||||
tree_node = TreeNode(**data)
|
||||
return tree_node
|
||||
|
||||
|
||||
#
|
||||
# actions
|
||||
#
|
||||
|
||||
|
||||
def check_system_user_action(system_user, action):
|
||||
"""
|
||||
:param system_user: SystemUser object (包含动态属性: actions)
|
||||
:param action: Action object
|
||||
:return: bool
|
||||
"""
|
||||
|
||||
check_actions = [Action.get_action_all(), action]
|
||||
granted_actions = getattr(system_user, 'actions', [])
|
||||
actions = list(set(granted_actions).intersection(set(check_actions)))
|
||||
return bool(actions)
|
||||
|
|
|
|||
|
|
@ -11,8 +11,9 @@ from django.conf import settings
|
|||
from common.permissions import AdminUserRequiredMixin
|
||||
from orgs.utils import current_org
|
||||
from .hands import Node, Asset, SystemUser, User, UserGroup
|
||||
from .models import AssetPermission
|
||||
from .models import AssetPermission, Action
|
||||
from .forms import AssetPermissionForm
|
||||
from .const import PERMS_ACTION_NAME_ALL
|
||||
|
||||
|
||||
class AssetPermissionListView(AdminUserRequiredMixin, TemplateView):
|
||||
|
|
@ -46,6 +47,8 @@ class AssetPermissionCreateView(AdminUserRequiredMixin, CreateView):
|
|||
assets_id = assets_id.split(",")
|
||||
assets = Asset.objects.filter(id__in=assets_id)
|
||||
form['assets'].initial = assets
|
||||
form['actions'].initial = Action.objects.get(name=PERMS_ACTION_NAME_ALL)
|
||||
|
||||
return form
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
|
|
|
|||
|
|
@ -252,7 +252,7 @@ $(document).ready(function() {
|
|||
var name = $(id_field).attr('name');
|
||||
data[name] = $(id_field).val();
|
||||
});
|
||||
if (data['ENDPOINT'] !== '' && data['ENDPOINT'].indexOf('http') === -1) {
|
||||
if (data['ENDPOINT'] && data['ENDPOINT'].indexOf('http') === -1) {
|
||||
var msg = "{% trans 'Endpoint need contain protocol, ex: http' %}";
|
||||
$("#endpoint_error").html(msg);
|
||||
submitBtn.removeClass('disabled');
|
||||
|
|
|
|||
Loading…
Reference in New Issue