github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: 修改 acl assets name/address

pull/9134/head
Bai 2022-11-30 16:21:27 +08:00
parent 99e126f515
commit 48d2949404
3 changed files with 16 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
apps/acls/models/login_asset_acl.py
View File

@ -61,19 +61,18 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
@classmethod @classmethod
def filter_asset(cls, asset, queryset): def filter_asset(cls, asset, queryset):
queryset = queryset.filter( queryset = queryset.filter(
Q(assets__hostname_group__contains=asset.name) | Q(assets__name_group__contains=asset.name) |
Q(assets__hostname_group__contains='*') Q(assets__name_group__contains='*')
) )
ids = [q.id for q in queryset if contains_ip(asset.address, q.assets.get('ip_group', []))] ids = [
q.id for q in queryset if contains_ip(asset.address, q.assets.get('address_group', []))
]
queryset = cls.objects.filter(id__in=ids) queryset = cls.objects.filter(id__in=ids)
return queryset return queryset
@classmethod @classmethod
def filter_account(cls, account_username, queryset): def filter_account(cls, account_username, queryset):
queryset = queryset.filter( queryset = queryset.filter(
Q(accounts__name_group__contains=account_username) |
Q(accounts__name_group__contains='*')
).filter(
Q(accounts__username_group__contains=account_username) | Q(accounts__username_group__contains=account_username) |
Q(accounts__username_group__contains='*') Q(accounts__username_group__contains='*')
) )

26
apps/acls/serializers/login_asset_acl.py
View File

@ -25,34 +25,28 @@ class LoginAssetACLUsersSerializer(serializers.Serializer):
class LoginAssetACLAssestsSerializer(serializers.Serializer): class LoginAssetACLAssestsSerializer(serializers.Serializer):
ip_group_help_text = _( address_group_help_text = _(
"Format for comma-delimited string, with * indicating a match all. " "Format for comma-delimited string, with * indicating a match all. "
"Such as: " "Such as: "
"192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64" "192.168.10.1, 192.168.1.0/24, 10.1.1.1-10.1.1.20, 2001:db8:2de::e13, 2001:db8:1a:1110::/64"
" (Domain name support)" " (Domain name support)"
) )
ip_group = serializers.ListField(
default=["*"],
child=serializers.CharField(max_length=1024),
label=_("IP/Host"),
help_text=ip_group_help_text,
)
hostname_group = serializers.ListField(
default=["*"],
child=serializers.CharField(max_length=128),
label=_("Name"),
help_text=common_help_text,
)
class LoginAssetACLAccountsSerializer(serializers.Serializer):
name_group = serializers.ListField( name_group = serializers.ListField(
default=["*"], default=["*"],
child=serializers.CharField(max_length=128), child=serializers.CharField(max_length=128),
label=_("Name"), label=_("Name"),
help_text=common_help_text, help_text=common_help_text,
) )
address_group = serializers.ListField(
default=["*"],
child=serializers.CharField(max_length=1024),
label=_("IP/Host"),
help_text=address_group_help_text,
)
class LoginAssetACLAccountsSerializer(serializers.Serializer):
username_group = serializers.ListField( username_group = serializers.ListField(
default=["*"], default=["*"],
child=serializers.CharField(max_length=128), child=serializers.CharField(max_length=128),

4
apps/acls/serializers/login_asset_check.py
View File

@ -37,9 +37,7 @@ class LoginAssetCheckSerializer(serializers.Serializer):
def validate_account_username(self, account_username): def validate_account_username(self, account_username):
asset_id = self.initial_data.get('asset_id') asset_id = self.initial_data.get('asset_id')
account = Account.objects.filter( account = Account.objects.filter(username=account_username, asset_id=asset_id).first()
username=account_username, asset_id=asset_id
).first()
if not account: if not account:
error = 'Account username does not exist' error = 'Account username does not exist'
raise serializers.ValidationError(error) raise serializers.ValidationError(error)