mirror of https://github.com/jumpserver/jumpserver
perf: ticket
feng
parent
543d61442c
commit
49a4ceba85
|
|
@ -53,12 +53,13 @@ class LoginACL(BaseACL):
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def match(user, ip):
|
def match(user, ip):
|
||||||
acls = LoginACL.filter_acl(user)
|
acl_qs = LoginACL.filter_acl(user)
|
||||||
if not acls:
|
if not acl_qs:
|
||||||
return
|
return
|
||||||
|
|
||||||
for acl in acls:
|
for acl in acl_qs:
|
||||||
if acl.is_action(LoginACL.ActionChoices.confirm) and not acl.reviewers.exists():
|
if acl.is_action(LoginACL.ActionChoices.confirm) and \
|
||||||
|
not acl.reviewers.exists():
|
||||||
continue
|
continue
|
||||||
ip_group = acl.rules.get('ip_group')
|
ip_group = acl.rules.get('ip_group')
|
||||||
time_periods = acl.rules.get('time_period')
|
time_periods = acl.rules.get('time_period')
|
||||||
|
|
@ -79,12 +80,12 @@ class LoginACL(BaseACL):
|
||||||
login_datetime = local_now_display()
|
login_datetime = local_now_display()
|
||||||
data = {
|
data = {
|
||||||
'title': title,
|
'title': title,
|
||||||
'type': const.TicketType.login_confirm,
|
|
||||||
'applicant': self.user,
|
'applicant': self.user,
|
||||||
'apply_login_city': login_city,
|
|
||||||
'apply_login_ip': login_ip,
|
'apply_login_ip': login_ip,
|
||||||
'apply_login_datetime': login_datetime,
|
|
||||||
'org_id': Organization.ROOT_ID,
|
'org_id': Organization.ROOT_ID,
|
||||||
|
'apply_login_city': login_city,
|
||||||
|
'apply_login_datetime': login_datetime,
|
||||||
|
'type': const.TicketType.login_confirm,
|
||||||
}
|
}
|
||||||
ticket = ApplyLoginTicket.objects.create(**data)
|
ticket = ApplyLoginTicket.objects.create(**data)
|
||||||
assignees = self.reviewers.all()
|
assignees = self.reviewers.all()
|
||||||
|
|
|
||||||
|
|
@ -86,12 +86,12 @@ class LoginAssetACL(BaseACL, OrgModelMixin):
|
||||||
title = _('Login asset confirm') + ' ({})'.format(user)
|
title = _('Login asset confirm') + ' ({})'.format(user)
|
||||||
data = {
|
data = {
|
||||||
'title': title,
|
'title': title,
|
||||||
'type': TicketType.login_asset_confirm,
|
'org_id': org_id,
|
||||||
'applicant': user,
|
'applicant': user,
|
||||||
'apply_login_user': user,
|
'apply_login_user': user,
|
||||||
'apply_login_asset': asset,
|
'apply_login_asset': asset,
|
||||||
'apply_login_account': str(account),
|
'apply_login_account': str(account),
|
||||||
'org_id': org_id,
|
'type': TicketType.login_asset_confirm,
|
||||||
}
|
}
|
||||||
ticket = ApplyLoginAssetTicket.objects.create(**data)
|
ticket = ApplyLoginAssetTicket.objects.create(**data)
|
||||||
ticket.open_by_system(assignees)
|
ticket.open_by_system(assignees)
|
||||||
|
|
|
||||||
|
|
@ -10,8 +10,8 @@ class ApplyCommandTicket(Ticket):
|
||||||
null=True, verbose_name=_('Run user')
|
null=True, verbose_name=_('Run user')
|
||||||
)
|
)
|
||||||
apply_run_asset = models.CharField(max_length=128, verbose_name=_('Run asset'))
|
apply_run_asset = models.CharField(max_length=128, verbose_name=_('Run asset'))
|
||||||
apply_run_account = models.CharField(max_length=128, default='', verbose_name=_('Run account'))
|
|
||||||
apply_run_command = models.CharField(max_length=4096, verbose_name=_('Run command'))
|
apply_run_command = models.CharField(max_length=4096, verbose_name=_('Run command'))
|
||||||
|
apply_run_account = models.CharField(max_length=128, default='', verbose_name=_('Run account'))
|
||||||
apply_from_session = models.ForeignKey(
|
apply_from_session = models.ForeignKey(
|
||||||
'terminal.Session', on_delete=models.SET_NULL,
|
'terminal.Session', on_delete=models.SET_NULL,
|
||||||
null=True, verbose_name=_("Session")
|
null=True, verbose_name=_("Session")
|
||||||
|
|
|
||||||
|
|
@ -206,11 +206,11 @@ class StatusMixin:
|
||||||
|
|
||||||
step_info = {
|
step_info = {
|
||||||
'state': state,
|
'state': state,
|
||||||
'approval_level': step.level,
|
|
||||||
'assignees': assignee_ids,
|
'assignees': assignee_ids,
|
||||||
|
'processor': processor_id,
|
||||||
|
'approval_level': step.level,
|
||||||
'assignees_display': assignees_display,
|
'assignees_display': assignees_display,
|
||||||
'approval_date': str(step.date_updated),
|
'approval_date': str(step.date_updated),
|
||||||
'processor': processor_id,
|
|
||||||
'processor_display': processor_display
|
'processor_display': processor_display
|
||||||
}
|
}
|
||||||
process_map.append(step_info)
|
process_map.append(step_info)
|
||||||
|
|
@ -226,15 +226,15 @@ class StatusMixin:
|
||||||
org_id = self.flow.org_id
|
org_id = self.flow.org_id
|
||||||
flow_rules = self.flow.rules.order_by('level')
|
flow_rules = self.flow.rules.order_by('level')
|
||||||
for rule in flow_rules:
|
for rule in flow_rules:
|
||||||
step = TicketStep.objects.create(ticket=self, level=rule.level)
|
|
||||||
assignees = rule.get_assignees(org_id=org_id)
|
assignees = rule.get_assignees(org_id=org_id)
|
||||||
assignees = self.exclude_applicant(assignees, self.applicant)
|
assignees = self.exclude_applicant(assignees, self.applicant)
|
||||||
|
step = TicketStep.objects.create(ticket=self, level=rule.level)
|
||||||
step_assignees = [TicketAssignee(step=step, assignee=user) for user in assignees]
|
step_assignees = [TicketAssignee(step=step, assignee=user) for user in assignees]
|
||||||
TicketAssignee.objects.bulk_create(step_assignees)
|
TicketAssignee.objects.bulk_create(step_assignees)
|
||||||
|
|
||||||
def create_process_steps_by_assignees(self, assignees):
|
def create_process_steps_by_assignees(self, assignees):
|
||||||
assignees = self.exclude_applicant(assignees, self.applicant)
|
|
||||||
step = TicketStep.objects.create(ticket=self, level=1)
|
step = TicketStep.objects.create(ticket=self, level=1)
|
||||||
|
assignees = self.exclude_applicant(assignees, self.applicant)
|
||||||
ticket_assignees = [TicketAssignee(step=step, assignee=user) for user in assignees]
|
ticket_assignees = [TicketAssignee(step=step, assignee=user) for user in assignees]
|
||||||
TicketAssignee.objects.bulk_create(ticket_assignees)
|
TicketAssignee.objects.bulk_create(ticket_assignees)
|
||||||
|
|
||||||
|
|
@ -250,14 +250,13 @@ class StatusMixin:
|
||||||
@property
|
@property
|
||||||
def processor(self):
|
def processor(self):
|
||||||
processor = self.current_step.ticket_assignees \
|
processor = self.current_step.ticket_assignees \
|
||||||
.exclude(state=StepState.pending) \
|
.exclude(state=StepState.pending).first()
|
||||||
.first()
|
|
||||||
return processor.assignee if processor else None
|
return processor.assignee if processor else None
|
||||||
|
|
||||||
def has_current_assignee(self, assignee):
|
def has_current_assignee(self, assignee):
|
||||||
return self.ticket_steps.filter(
|
return self.ticket_steps.filter(
|
||||||
|
level=self.approval_step,
|
||||||
ticket_assignees__assignee=assignee,
|
ticket_assignees__assignee=assignee,
|
||||||
level=self.approval_step
|
|
||||||
).exists()
|
).exists()
|
||||||
|
|
||||||
def has_all_assignee(self, assignee):
|
def has_all_assignee(self, assignee):
|
||||||
|
|
@ -326,7 +325,7 @@ class Ticket(StatusMixin, CommonModelMixin):
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_user_related_tickets(cls, user):
|
def get_user_related_tickets(cls, user):
|
||||||
queries = Q(applicant=user) | Q(ticket_steps__ticket_assignees__assignee=user)
|
queries = Q(applicant=user) | Q(ticket_steps__ticket_assignees__assignee=user)
|
||||||
tickets = cls.objects.all().filter(queries).distinct()
|
tickets = cls.objects.filter(queries).distinct()
|
||||||
return tickets
|
return tickets
|
||||||
|
|
||||||
def get_current_ticket_flow_approve(self):
|
def get_current_ticket_flow_approve(self):
|
||||||
|
|
@ -405,12 +404,12 @@ class Ticket(StatusMixin, CommonModelMixin):
|
||||||
return value
|
return value
|
||||||
|
|
||||||
def get_local_snapshot(self):
|
def get_local_snapshot(self):
|
||||||
|
snapshot = {}
|
||||||
|
excludes = ['ticket_ptr']
|
||||||
fields = self._meta._forward_fields_map
|
fields = self._meta._forward_fields_map
|
||||||
json_data = json.dumps(model_to_dict(self), cls=ModelJSONFieldEncoder)
|
json_data = json.dumps(model_to_dict(self), cls=ModelJSONFieldEncoder)
|
||||||
data = json.loads(json_data)
|
data = json.loads(json_data)
|
||||||
snapshot = {}
|
|
||||||
local_fields = self._meta.local_fields + self._meta.local_many_to_many
|
local_fields = self._meta.local_fields + self._meta.local_many_to_many
|
||||||
excludes = ['ticket_ptr']
|
|
||||||
item_names = [field.name for field in local_fields if field.name not in excludes]
|
item_names = [field.name for field in local_fields if field.name not in excludes]
|
||||||
for name in item_names:
|
for name in item_names:
|
||||||
field = fields[name]
|
field = fields[name]
|
||||||
|
|
|
||||||
|
|
@ -8,12 +8,10 @@ __all__ = ['ApplyLoginAssetTicket']
|
||||||
|
|
||||||
class ApplyLoginAssetTicket(Ticket):
|
class ApplyLoginAssetTicket(Ticket):
|
||||||
apply_login_user = models.ForeignKey(
|
apply_login_user = models.ForeignKey(
|
||||||
'users.User', on_delete=models.SET_NULL, null=True,
|
'users.User', on_delete=models.SET_NULL, null=True, verbose_name=_('Login user'),
|
||||||
verbose_name=_('Login user'),
|
|
||||||
)
|
)
|
||||||
apply_login_asset = models.ForeignKey(
|
apply_login_asset = models.ForeignKey(
|
||||||
'assets.Asset', on_delete=models.SET_NULL, null=True,
|
'assets.Asset', on_delete=models.SET_NULL, null=True, verbose_name=_('Login asset'),
|
||||||
verbose_name=_('Login asset'),
|
|
||||||
)
|
)
|
||||||
apply_login_account = models.CharField(
|
apply_login_account = models.CharField(
|
||||||
max_length=128, default='', verbose_name=_('Login account')
|
max_length=128, default='', verbose_name=_('Login account')
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue