Merge branch 'dev' of github.com:jumpserver/jumpserver into dev

apps/authentication/middleware.py

@@ -21,8 +21,8 @@ class MFAMiddleware:
 
         # 这个是 mfa 登录页需要的请求, 也得放出来, 用户其实已经在 CAS/OIDC 中完成登录了
         white_urls = [
-            'login/mfa', 'mfa/select', 'jsi18n/', '/static/', '/profile/otp',
-            '/logout/', '/login/'
+            'login/mfa', 'mfa/select', 'jsi18n/', '/static/',
+            '/profile/otp', '/logout/',
         ]
         for url in white_urls:
             if request.path.find(url) > -1:

apps/perms/filters.py

@@ -170,13 +170,13 @@ class AssetPermissionFilter(PermissionBaseFilter):
             return queryset
         if not assets:
             return queryset.none()
-        asset = assets.first()
+        assetids = list(assets.values_list('id', flat=True))
 
         if not is_query_all:
-            queryset = queryset.filter(assets=asset)
+            queryset = queryset.filter(assets__in=assetids)
             return queryset
         inherit_all_nodekeys = set()
-        inherit_nodekeys = asset.nodes.values_list('key', flat=True)
+        inherit_nodekeys = set(assets.values_list('nodes__key', flat=True))
 
         for key in inherit_nodekeys:
             ancestor_keys = Node.get_node_ancestor_keys(key, with_self=True)
@@ -185,8 +185,8 @@ class AssetPermissionFilter(PermissionBaseFilter):
         inherit_all_nodeids = Node.objects.filter(key__in=inherit_all_nodekeys).values_list('id', flat=True)
         inherit_all_nodeids = list(inherit_all_nodeids)
 
-        qs1 = queryset.filter(assets=asset).distinct()
-        qs2 = queryset.filter(nodes__id__in=inherit_all_nodeids).distinct()
+        qs1 = queryset.filter(assets__in=assetids).distinct()
+        qs2 = queryset.filter(nodes__in=inherit_all_nodeids).distinct()
 
         qs = UnionQuerySet(qs1, qs2)
         return qs