github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

授权导入优化 (#6057) 

* 授权导入优化,支持使用 用户名,资产名,ip,节点路径,系统用户名称导入

* Update permission.py

* 授权导入优化

* 授权导入优化

* 授权导入优化

* 授权导入优化

Co-authored-by: fghbng@qq.com <fghbng@qq.com>
pull/6064/head
fit2bot 2021-04-28 16:42:54 +08:00 committed by GitHub
parent 657a2ac7e7
commit 4519ccfe1a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 73 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
apps/perms/models/asset_permission.py
View File

@ -72,7 +72,7 @@ class Action:
def value_to_choices_display(cls, value):
choices = cls.value_to_choices(value)
return [str(dict(cls.choices())[i]) for i in choices]
@classmethod
def choices_to_value(cls, value):
if not isinstance(value, list):
@ -143,6 +143,26 @@ class AssetPermission(BasePermission):
assets = Asset.objects.filter(id__in=asset_ids)
return assets
def users_display(self):
names = [user.username for user in self.users.all()]
return names
def user_groups_display(self):
names = [group.name for group in self.user_groups.all()]
return names
def assets_display(self):
names = [asset.hostname for asset in self.assets.all()]
return names
def system_users_display(self):
names = [system_user.name for system_user in self.system_users.all()]
return names
def nodes_display(self):
names = [node.full_value for node in self.nodes.all()]
return names
class UserAssetGrantedTreeNodeRelation(OrgModelMixin, FamilyMixin, models.JMSBaseModel):
class NodeFrom(ChoiceSet):

65
apps/perms/serializers/asset/permission.py
View File

@ -3,7 +3,7 @@
from rest_framework import serializers
from django.utils.translation import ugettext_lazy as _
from django.db.models import Prefetch
from django.db.models import Prefetch, Q
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
from perms.models import AssetPermission, Action
@ -41,21 +41,27 @@ class AssetPermissionSerializer(BulkOrgResourceModelSerializer):
actions = ActionsField(required=False, allow_null=True)
is_valid = serializers.BooleanField(read_only=True)
is_expired = serializers.BooleanField(read_only=True, label=_('Is expired'))
users_display = serializers.ListField(child=serializers.CharField(), label=_('Users name'), required=False)
user_groups_display = serializers.ListField(child=serializers.CharField(), label=_('User groups name'), required=False)
assets_display = serializers.ListField(child=serializers.CharField(), label=_('Assets name'), required=False)
nodes_display = serializers.ListField(child=serializers.CharField(), label=_('Nodes name'), required=False)
system_users_display = serializers.ListField(child=serializers.CharField(), label=_('System users name'), required=False)
class Meta:
model = AssetPermission
mini_fields = ['id', 'name']
small_fields = mini_fields + [
fields_mini = ['id', 'name']
fields_small = fields_mini + [
'is_active', 'is_expired', 'is_valid', 'actions',
'created_by', 'date_created', 'date_expired',
'date_start', 'comment'
]
m2m_fields = [
'users', 'user_groups', 'assets', 'nodes', 'system_users',
fields_m2m = [
'users', 'users_display', 'user_groups', 'user_groups_display', 'assets', 'assets_display',
'nodes', 'nodes_display', 'system_users', 'system_users_display',
'users_amount', 'user_groups_amount', 'assets_amount',
'nodes_amount', 'system_users_amount',
]
fields = small_fields + m2m_fields
fields = fields_small + fields_m2m
read_only_fields = ['created_by', 'date_created']
extra_kwargs = {
'is_expired': {'label': _('Is expired')},
@ -71,11 +77,44 @@ class AssetPermissionSerializer(BulkOrgResourceModelSerializer):
@classmethod
def setup_eager_loading(cls, queryset):
""" Perform necessary eager loading of data. """
queryset = queryset.prefetch_related(
Prefetch('system_users', queryset=SystemUser.objects.only('id')),
Prefetch('user_groups', queryset=UserGroup.objects.only('id')),
Prefetch('users', queryset=User.objects.only('id')),
Prefetch('assets', queryset=Asset.objects.only('id')),
Prefetch('nodes', queryset=Node.objects.only('id'))
)
queryset = queryset.prefetch_related('users', 'user_groups', 'assets', 'nodes', 'system_users')
return queryset
def to_internal_value(self, data):
# 系统用户是必填项
system_users_display = data.pop('system_users_display', '')
for i in range(len(system_users_display)):
system_user = SystemUser.objects.filter(name=system_users_display[i]).first()
if system_user and system_user.id not in data['system_users']:
data['system_users'].append(system_user.id)
return super().to_internal_value(data)
def perform_display_create(self, instance, **kwargs):
# 用户
users_to_set = User.objects.filter(
Q(name__in=kwargs.get('users_display')) | Q(username__in=kwargs.get('users_display'))
).distinct()
instance.users.set(users_to_set)
# 用户组
user_groups_to_set = UserGroup.objects.filter(name__in=kwargs.get('user_groups_display')).distinct()
instance.user_groups.set(user_groups_to_set)
# 资产
assets_to_set = Asset.objects.filter(
Q(ip__in=kwargs.get('assets_display')) | Q(hostname__in=kwargs.get('assets_display'))
).distinct()
instance.assets.set(assets_to_set)
# 节点
nodes_to_set = Node.objects.filter(full_value__in=kwargs.get('nodes_display')).distinct()
instance.nodes.set(nodes_to_set)
def create(self, validated_data):
display = {
'users_display' : validated_data.pop('users_display', ''),
'user_groups_display' : validated_data.pop('user_groups_display', ''),
'assets_display' : validated_data.pop('assets_display', ''),
'nodes_display' : validated_data.pop('nodes_display', '')
}
instance = super().create(validated_data)
self.perform_display_create(instance, **display)
return instance