mirror of https://github.com/jumpserver/jumpserver
stash it
ibuler
parent
f278b735cc
commit
53e97dac40
|
|
@ -2,8 +2,17 @@
|
|||
#
|
||||
|
||||
from rest_framework.views import APIView, Response
|
||||
from users.backends import IsValidUser
|
||||
from rest_framework.generics import ListCreateAPIView
|
||||
from users.backends import IsValidUser, IsSuperUser
|
||||
from .utils import get_user_granted_assets, get_user_granted_asset_groups
|
||||
from .models import AssetPermission
|
||||
from . import serializers
|
||||
|
||||
|
||||
class AssetPermissionListCreateApi(ListCreateAPIView):
|
||||
queryset = AssetPermission.objects.all()
|
||||
serializer_class = serializers.AssetPermissionSerializer
|
||||
permission_classes = (IsSuperUser,)
|
||||
|
||||
|
||||
class UserAssetsGrantedApi(APIView):
|
||||
|
|
@ -34,3 +43,26 @@ class UserAssetsGrantedApi(APIView):
|
|||
|
||||
return Response(assets_json, status=200)
|
||||
|
||||
|
||||
class UserAssetsGroupsGrantedApi(APIView):
|
||||
permission_classes = (IsValidUser,)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
asset_groups = {}
|
||||
user = request.user
|
||||
|
||||
if user:
|
||||
assets = get_user_granted_assets(user)
|
||||
for asset in assets:
|
||||
for asset_group in asset.groups.all():
|
||||
if asset_group.id in asset_groups:
|
||||
asset_groups[asset_group.id]['asset_num'] += 1
|
||||
else:
|
||||
asset_groups[asset_group.id] = {
|
||||
'id': asset_group.id,
|
||||
'name': asset_group.name,
|
||||
'asset_num': 1
|
||||
}
|
||||
|
||||
asset_groups_json = asset_groups.values()
|
||||
return Response(asset_groups_json, status=200)
|
||||
|
|
@ -11,19 +11,19 @@ from common.utils import date_expired_default, combine_seq
|
|||
|
||||
|
||||
class AssetPermission(models.Model):
|
||||
PRIVATE_FOR_CHOICE = (
|
||||
('N', 'None'),
|
||||
('U', 'user'),
|
||||
('G', 'user group'),
|
||||
)
|
||||
# PRIVATE_FOR_CHOICE = (
|
||||
# ('N', 'None'),
|
||||
# ('U', 'user'),
|
||||
# ('G', 'user group'),
|
||||
# )
|
||||
name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
|
||||
users = models.ManyToManyField(User, related_name='asset_permissions', blank=True)
|
||||
user_groups = models.ManyToManyField(UserGroup, related_name='asset_permissions', blank=True)
|
||||
assets = models.ManyToManyField(Asset, related_name='granted_by_permissions', blank=True)
|
||||
asset_groups = models.ManyToManyField(AssetGroup, related_name='granted_by_permissions', blank=True)
|
||||
system_users = models.ManyToManyField(SystemUser, related_name='granted_by_permissions')
|
||||
private_for = models.CharField(choices=PRIVATE_FOR_CHOICE, max_length=1, default='N', blank=True,
|
||||
verbose_name=_('Private for'))
|
||||
# private_for = models.CharField(choices=PRIVATE_FOR_CHOICE, max_length=1, default='N', blank=True,
|
||||
# verbose_name=_('Private for'))
|
||||
is_active = models.BooleanField(default=True, verbose_name=_('Active'))
|
||||
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
|
||||
created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))
|
||||
|
|
|
|||
|
|
@ -1,4 +1,34 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
|
||||
from rest_framework import serializers
|
||||
from .models import AssetPermission
|
||||
|
||||
|
||||
class AssetPermissionSerializer(serializers.ModelSerializer):
|
||||
# users_amount = serializers.SerializerMethodField()
|
||||
# user_groups_amount = serializers.SerializerMethodField()
|
||||
# assets_amount = serializers.SerializerMethodField()
|
||||
# asset_groups_amount = serializers.SerializerMethodField()
|
||||
|
||||
class Meta:
|
||||
model = AssetPermission
|
||||
fields = ['id', 'name', 'users', 'user_groups', 'assets', 'asset_groups',
|
||||
'system_users', 'is_active', 'comment', 'date_expired']
|
||||
|
||||
# @staticmethod
|
||||
# def get_users_amount(obj):
|
||||
# return obj.users.count()
|
||||
#
|
||||
# @staticmethod
|
||||
# def get_user_groups_amount(obj):
|
||||
# return obj.user_groups.count()
|
||||
#
|
||||
# @staticmethod
|
||||
# def get_assets_amount(obj):
|
||||
# return obj.assets.count()
|
||||
#
|
||||
# @staticmethod
|
||||
# def get_asset_groups_amount(obj):
|
||||
# return obj.asset_groups.count()
|
||||
|
||||
|
|
|
|||
|
|
@ -1,73 +1,120 @@
|
|||
{% extends '_base_list.html' %}
|
||||
{% load i18n %}
|
||||
{% load static %}
|
||||
{% load common_tags %}
|
||||
{% block content_left_head %}
|
||||
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary "> {% trans "Create permission" %} </a>
|
||||
{% block custom_head_css_js %}
|
||||
{{ block.super }}
|
||||
<style>
|
||||
div.dataTables_wrapper div.dataTables_filter,
|
||||
.dataTables_length {
|
||||
float: right !important;
|
||||
}
|
||||
|
||||
div.dataTables_wrapper div.dataTables_filter {
|
||||
margin-left: 15px;
|
||||
}
|
||||
</style>
|
||||
{% endblock %}
|
||||
{% block table_search %}{% endblock %}
|
||||
{% block table_container %}
|
||||
<div class="uc pull-left m-l-5 m-r-5">
|
||||
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary "> {% trans "Create permission" %} </a>
|
||||
</div>
|
||||
<table class="table table-striped table-bordered table-hover " id="asset-permission-list-table" >
|
||||
<thead>
|
||||
<tr>
|
||||
<th class="text-center">
|
||||
<div class="checkbox checkbox-default">
|
||||
<input type="checkbox" class="ipt_check_all">
|
||||
</div>
|
||||
</th>
|
||||
<th class="text-center">{% trans 'Name' %}</th>
|
||||
<th class="text-center">{% trans 'User' %}</th>
|
||||
<th class="text-center">{% trans 'User group' %}</th>
|
||||
<th class="text-center">{% trans 'Asset' %}</th>
|
||||
<th class="text-center">{% trans 'Asset group' %}</th>
|
||||
<th class="text-center">{% trans 'System user' %}</th>
|
||||
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Is valid' %}</a></th>
|
||||
<th class="text-center">{% trans 'Action' %}</th>
|
||||
</tr>
|
||||
</thead>
|
||||
</table>
|
||||
{% endblock %}
|
||||
|
||||
{% block table_head %}
|
||||
<th class="text-center">
|
||||
<input type="checkbox" id="check_all" onclick="checkAll('check_all', 'checked')">
|
||||
</th>
|
||||
<th class="text-center"><a href="{% url 'perms:asset-permission-list' %}?sort=name">{% trans 'Name' %}</a></th>
|
||||
<th class="text-center">{% trans 'User count' %}</th>
|
||||
<th class="text-center">{% trans 'User group count' %}</th>
|
||||
<th class="text-center">{% trans 'Asset count' %}</th>
|
||||
<th class="text-center">{% trans 'Asset group count' %}</th>
|
||||
<th class="text-center">{% trans 'System user count' %}</th>
|
||||
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Is valid' %}</a></th>
|
||||
<th class="text-center"></th>
|
||||
{% endblock %}
|
||||
{% block custom_foot_js %}
|
||||
<script>
|
||||
|
||||
{% block table_body %}
|
||||
{% for asset_permission in asset_permission_list %}
|
||||
<tr class="gradeX">
|
||||
<td class="text-center">
|
||||
<input type="checkbox" name="checked" value="{{ asset_permission.id }}">
|
||||
</td>
|
||||
<td class="text-center">
|
||||
<a href="{% url 'perms:asset-permission-detail' pk=asset_permission.id %}">
|
||||
{{ asset_permission.name }}
|
||||
</a>
|
||||
</td>
|
||||
<td class="text-center">{{ asset_permission.users.count}}</td>
|
||||
<td class="text-center">{{ asset_permission.user_groups.count}}</td>
|
||||
<td class="text-center">{{ asset_permission.assets.count }}</td>
|
||||
<td class="text-center">{{ asset_permission.asset_groups.count }}</td>
|
||||
<td class="text-center">{{ asset_permission.system_users.count }}</td>
|
||||
<td class="text-center">
|
||||
{% if asset_permission.is_valid %}
|
||||
<i class="fa fa-check text-navy"></i>
|
||||
{% else %}
|
||||
<i class="fa fa-times text-danger"></i>
|
||||
{% endif %}
|
||||
</td>
|
||||
<td class="text-center">
|
||||
<a href="{% url 'perms:asset-permission-update' pk=asset_permission.id %}" class="btn btn-xs btn-info">{% trans 'Update' %}</a>
|
||||
<a href="{% url 'perms:asset-permission-delete' pk=asset_permission.id %}" class="btn btn-xs btn-danger del">{% trans 'Delete' %}</a>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
{% endblock %}
|
||||
function assetPermissionTableDraw(url) {
|
||||
var options = {
|
||||
ele: $('#asset-permission-list-table'),
|
||||
buttons: [],
|
||||
columnDefs: [
|
||||
{targets: 1, createdCell: function (td, cellData, rowData) {
|
||||
var detail_btn = '<a href="{% url "perms:asset-permission-detail" pk=99991937 %}">' + cellData + '</a>';
|
||||
$(td).html(detail_btn.replace('99991937', rowData.id));
|
||||
}},
|
||||
{targets: 2, createdCell: function (td, cellData) {
|
||||
if (cellData) {
|
||||
$(td).html(cellData.length)
|
||||
}
|
||||
}},
|
||||
{targets: 3, createdCell: function (td, cellData) {
|
||||
if (cellData) {
|
||||
$(td).html(cellData.length)
|
||||
}
|
||||
}},
|
||||
{targets: 4, createdCell: function (td, cellData) {
|
||||
if (cellData) {
|
||||
$(td).html(cellData.length)
|
||||
}
|
||||
}},
|
||||
{targets: 5, createdCell: function (td, cellData) {
|
||||
if (cellData) {
|
||||
$(td).html(cellData.length)
|
||||
}
|
||||
}},
|
||||
{targets: 6, createdCell: function (td, cellData) {
|
||||
if (cellData) {
|
||||
$(td).html(cellData.length)
|
||||
}
|
||||
}},
|
||||
{targets: 7, createdCell: function (td, cellData) {
|
||||
if (!cellData) {
|
||||
$(td).html('<i class="fa fa-times text-danger"></i>')
|
||||
} else {
|
||||
$(td).html('<i class="fa fa-check text-navy"></i>')
|
||||
}
|
||||
}},
|
||||
{targets: 8, createdCell: function (td, cellData, rowData) {
|
||||
var detail_btn = '<a href="{% url "audits:proxy-log-detail" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Detail" %}</a>'
|
||||
.replace('99991937', cellData);
|
||||
var delete_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_delete" data-uid="99991937" data-name="99991938">{% trans "Delete" %}</a>'
|
||||
.replace('99991937', cellData)
|
||||
.replace('99991938', rowData.name);
|
||||
$(td).html(detail_btn + delete_btn)
|
||||
}}
|
||||
],
|
||||
ajax_url: url,
|
||||
columns: [{data: function(){return ""}}, {data: "name" }, {data: "users"},
|
||||
{data: "user_groups"}, {data: "assets"}, {data: 'asset_groups'},
|
||||
{data: "system_users"}, {data: "is_active"}, {data: 'id'}],
|
||||
op_html: $('#actions').html()
|
||||
};
|
||||
jumpserver.initDataTable(options);
|
||||
|
||||
{% block content_bottom_left %}
|
||||
<form id="" method="get" action="" class=" mail-search">
|
||||
<div class="input-group">
|
||||
<select class="form-control m-b" style="width: auto">
|
||||
<option>{% trans 'Delete selected' %}</option>
|
||||
<option>{% trans 'Update selected' %}</option>
|
||||
<option>{% trans 'Deactive selected' %}</option>
|
||||
<option>{% trans 'Export selected' %}</option>
|
||||
</select>
|
||||
}
|
||||
|
||||
<div class="input-group-btn pull-left" style="padding-left: 5px;">
|
||||
<button id='search_btn' type="submit" style="height: 32px;" class="btn btn-sm btn-primary">
|
||||
{% trans 'Submit' %}
|
||||
</button>
|
||||
</div>
|
||||
function searchAssetPermission() {
|
||||
var value = $('.dataTables_filter input').val();
|
||||
assetPermissionTableDraw()
|
||||
}
|
||||
|
||||
</div>
|
||||
</form>
|
||||
$(document).ready(function(){
|
||||
assetPermissionTableDraw('{% url "perms:asset-permission-list-create-api" %}');
|
||||
}).on('keyup', '.dataTables_filter input', function () {
|
||||
searchAssetPermission()
|
||||
})
|
||||
</script>
|
||||
{% endblock %}
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,11 @@ urlpatterns = [
|
|||
]
|
||||
|
||||
urlpatterns += [
|
||||
url(r'^v1/asset-permission/$', api.AssetPermissionListCreateApi.as_view(),
|
||||
name='asset-permission-list-create-api'),
|
||||
url(r'^v1/user/assets/granted/$', api.UserAssetsGrantedApi.as_view(),
|
||||
name='user-assets-granted'),
|
||||
url(r'^v1/user/asset-groups/granted/$', api.UserAssetsGroupsGrantedApi.as_view(),
|
||||
name='user-asset-groups-granted'),
|
||||
]
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,6 @@ class AssetPermissionListView(AdminUserRequiredMixin, ListView):
|
|||
return super(AssetPermissionListView, self).get_context_data(**kwargs)
|
||||
|
||||
def get_queryset(self):
|
||||
# Todo: Default order by lose asset connection num
|
||||
self.queryset = super(AssetPermissionListView, self).get_queryset()
|
||||
self.keyword = keyword = self.request.GET.get('keyword', '')
|
||||
self.sort = sort = self.request.GET.get('sort', '-date_created')
|
||||
|
|
|
|||
|
|
@ -81,8 +81,7 @@ class AccessTokenAuthentication(authentication.BaseAuthentication):
|
|||
user = get_object_or_none(User, id=user_id)
|
||||
|
||||
if not user:
|
||||
msg = _('Invalid token')
|
||||
raise exceptions.AuthenticationFailed(msg)
|
||||
return None
|
||||
|
||||
remote_addr = request.META.get('REMOTE_ADDR', '')
|
||||
remote_addr = base64.b16encode(remote_addr).replace('=', '')
|
||||
|
|
|
|||
|
|
@ -108,7 +108,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
|
|||
|
||||
def save(self, commit=True):
|
||||
self.instance = super(UserPrivateAssetPermissionForm, self).save(commit=commit)
|
||||
self.instance.private_for = 'U'
|
||||
# self.instance.private_for = 'U'
|
||||
self.instance.users = [self.user]
|
||||
self.instance.save()
|
||||
return self.instance
|
||||
|
|
@ -116,7 +116,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
|
|||
class Meta:
|
||||
model = AssetPermission
|
||||
fields = [
|
||||
'assets', 'asset_groups', 'system_users', 'private_for', 'name',
|
||||
'assets', 'asset_groups', 'system_users', 'name',
|
||||
]
|
||||
widgets = {
|
||||
'assets': forms.SelectMultiple(attrs={'class': 'select2',
|
||||
|
|
|
|||
Loading…
Reference in New Issue