github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

stash it

pull/530/head
ibuler 2016-11-04 18:33:16 +08:00
parent f278b735cc
commit 53e97dac40
8 changed files with 185 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
apps/perms/api.py
View File

@ -2,8 +2,17 @@
# #
from rest_framework.views import APIView, Response from rest_framework.views import APIView, Response
from users.backends import IsValidUser from rest_framework.generics import ListCreateAPIView
from users.backends import IsValidUser, IsSuperUser
from .utils import get_user_granted_assets, get_user_granted_asset_groups from .utils import get_user_granted_assets, get_user_granted_asset_groups
from .models import AssetPermission
from . import serializers
class AssetPermissionListCreateApi(ListCreateAPIView):
queryset = AssetPermission.objects.all()
serializer_class = serializers.AssetPermissionSerializer
permission_classes = (IsSuperUser,)
class UserAssetsGrantedApi(APIView): class UserAssetsGrantedApi(APIView):
@ -34,3 +43,26 @@ class UserAssetsGrantedApi(APIView):
return Response(assets_json, status=200) return Response(assets_json, status=200)
class UserAssetsGroupsGrantedApi(APIView):
permission_classes = (IsValidUser,)
def get(self, request, *args, **kwargs):
asset_groups = {}
user = request.user
if user:
assets = get_user_granted_assets(user)
for asset in assets:
for asset_group in asset.groups.all():
if asset_group.id in asset_groups:
asset_groups[asset_group.id]['asset_num'] += 1
else:
asset_groups[asset_group.id] = {
'id': asset_group.id,
'name': asset_group.name,
'asset_num': 1
}
asset_groups_json = asset_groups.values()
return Response(asset_groups_json, status=200)

14
apps/perms/models.py
View File

@ -11,19 +11,19 @@ from common.utils import date_expired_default, combine_seq
class AssetPermission(models.Model): class AssetPermission(models.Model):
PRIVATE_FOR_CHOICE = ( # PRIVATE_FOR_CHOICE = (
('N', 'None'), # ('N', 'None'),
('U', 'user'), # ('U', 'user'),
('G', 'user group'), # ('G', 'user group'),
) # )
name = models.CharField(max_length=128, unique=True, verbose_name=_('Name')) name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
users = models.ManyToManyField(User, related_name='asset_permissions', blank=True) users = models.ManyToManyField(User, related_name='asset_permissions', blank=True)
user_groups = models.ManyToManyField(UserGroup, related_name='asset_permissions', blank=True) user_groups = models.ManyToManyField(UserGroup, related_name='asset_permissions', blank=True)
assets = models.ManyToManyField(Asset, related_name='granted_by_permissions', blank=True) assets = models.ManyToManyField(Asset, related_name='granted_by_permissions', blank=True)
asset_groups = models.ManyToManyField(AssetGroup, related_name='granted_by_permissions', blank=True) asset_groups = models.ManyToManyField(AssetGroup, related_name='granted_by_permissions', blank=True)
system_users = models.ManyToManyField(SystemUser, related_name='granted_by_permissions') system_users = models.ManyToManyField(SystemUser, related_name='granted_by_permissions')
private_for = models.CharField(choices=PRIVATE_FOR_CHOICE, max_length=1, default='N', blank=True, # private_for = models.CharField(choices=PRIVATE_FOR_CHOICE, max_length=1, default='N', blank=True,
verbose_name=_('Private for')) # verbose_name=_('Private for'))
is_active = models.BooleanField(default=True, verbose_name=_('Active')) is_active = models.BooleanField(default=True, verbose_name=_('Active'))
date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired')) date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by')) created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))

30
apps/perms/serializers.py
View File

@ -1,4 +1,34 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# #
from rest_framework import serializers
from .models import AssetPermission
class AssetPermissionSerializer(serializers.ModelSerializer):
# users_amount = serializers.SerializerMethodField()
# user_groups_amount = serializers.SerializerMethodField()
# assets_amount = serializers.SerializerMethodField()
# asset_groups_amount = serializers.SerializerMethodField()
class Meta:
model = AssetPermission
fields = ['id', 'name', 'users', 'user_groups', 'assets', 'asset_groups',
'system_users', 'is_active', 'comment', 'date_expired']
# @staticmethod
# def get_users_amount(obj):
# return obj.users.count()
#
# @staticmethod
# def get_user_groups_amount(obj):
# return obj.user_groups.count()
#
# @staticmethod
# def get_assets_amount(obj):
# return obj.assets.count()
#
# @staticmethod
# def get_asset_groups_amount(obj):
# return obj.asset_groups.count()

169
apps/perms/templates/perms/asset_permission_list.html
View File

@ -1,73 +1,120 @@
{% extends '_base_list.html' %} {% extends '_base_list.html' %}
{% load i18n %} {% load i18n %}
{% load static %}
{% load common_tags %} {% load common_tags %}
{% block content_left_head %} {% block custom_head_css_js %}
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary "> {% trans "Create permission" %} </a> {{ block.super }}
<style>
div.dataTables_wrapper div.dataTables_filter,
.dataTables_length {
float: right !important;
}
div.dataTables_wrapper div.dataTables_filter {
margin-left: 15px;
}
</style>
{% endblock %}
{% block table_search %}{% endblock %}
{% block table_container %}
<div class="uc pull-left m-l-5 m-r-5">
<a href="{% url 'perms:asset-permission-create' %}" class="btn btn-sm btn-primary "> {% trans "Create permission" %} </a>
</div>
<table class="table table-striped table-bordered table-hover " id="asset-permission-list-table" >
<thead>
<tr>
<th class="text-center">
<div class="checkbox checkbox-default">
<input type="checkbox" class="ipt_check_all">
</div>
</th>
<th class="text-center">{% trans 'Name' %}</th>
<th class="text-center">{% trans 'User' %}</th>
<th class="text-center">{% trans 'User group' %}</th>
<th class="text-center">{% trans 'Asset' %}</th>
<th class="text-center">{% trans 'Asset group' %}</th>
<th class="text-center">{% trans 'System user' %}</th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Is valid' %}</a></th>
<th class="text-center">{% trans 'Action' %}</th>
</tr>
</thead>
</table>
{% endblock %} {% endblock %}
{% block table_head %} {% block custom_foot_js %}
<th class="text-center"> <script>
<input type="checkbox" id="check_all" onclick="checkAll('check_all', 'checked')">
</th>
<th class="text-center"><a href="{% url 'perms:asset-permission-list' %}?sort=name">{% trans 'Name' %}</a></th>
<th class="text-center">{% trans 'User count' %}</th>
<th class="text-center">{% trans 'User group count' %}</th>
<th class="text-center">{% trans 'Asset count' %}</th>
<th class="text-center">{% trans 'Asset group count' %}</th>
<th class="text-center">{% trans 'System user count' %}</th>
<th class="text-center"><a href="{% url 'users:user-list' %}?sort=date_expired">{% trans 'Is valid' %}</a></th>
<th class="text-center"></th>
{% endblock %}
{% block table_body %} function assetPermissionTableDraw(url) {
{% for asset_permission in asset_permission_list %} var options = {
<tr class="gradeX"> ele: $('#asset-permission-list-table'),
<td class="text-center"> buttons: [],
<input type="checkbox" name="checked" value="{{ asset_permission.id }}"> columnDefs: [
</td> {targets: 1, createdCell: function (td, cellData, rowData) {
<td class="text-center"> var detail_btn = '<a href="{% url "perms:asset-permission-detail" pk=99991937 %}">' + cellData + '</a>';
<a href="{% url 'perms:asset-permission-detail' pk=asset_permission.id %}"> $(td).html(detail_btn.replace('99991937', rowData.id));
{{ asset_permission.name }} }},
</a> {targets: 2, createdCell: function (td, cellData) {
</td> if (cellData) {
<td class="text-center">{{ asset_permission.users.count}}</td> $(td).html(cellData.length)
<td class="text-center">{{ asset_permission.user_groups.count}}</td> }
<td class="text-center">{{ asset_permission.assets.count }}</td> }},
<td class="text-center">{{ asset_permission.asset_groups.count }}</td> {targets: 3, createdCell: function (td, cellData) {
<td class="text-center">{{ asset_permission.system_users.count }}</td> if (cellData) {
<td class="text-center"> $(td).html(cellData.length)
{% if asset_permission.is_valid %} }
<i class="fa fa-check text-navy"></i> }},
{% else %} {targets: 4, createdCell: function (td, cellData) {
<i class="fa fa-times text-danger"></i> if (cellData) {
{% endif %} $(td).html(cellData.length)
</td> }
<td class="text-center"> }},
<a href="{% url 'perms:asset-permission-update' pk=asset_permission.id %}" class="btn btn-xs btn-info">{% trans 'Update' %}</a> {targets: 5, createdCell: function (td, cellData) {
<a href="{% url 'perms:asset-permission-delete' pk=asset_permission.id %}" class="btn btn-xs btn-danger del">{% trans 'Delete' %}</a> if (cellData) {
</td> $(td).html(cellData.length)
</tr> }
{% endfor %} }},
{% endblock %} {targets: 6, createdCell: function (td, cellData) {
if (cellData) {
$(td).html(cellData.length)
}
}},
{targets: 7, createdCell: function (td, cellData) {
if (!cellData) {
$(td).html('<i class="fa fa-times text-danger"></i>')
} else {
$(td).html('<i class="fa fa-check text-navy"></i>')
}
}},
{targets: 8, createdCell: function (td, cellData, rowData) {
var detail_btn = '<a href="{% url "audits:proxy-log-detail" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Detail" %}</a>'
.replace('99991937', cellData);
var delete_btn = '<a class="btn btn-xs btn-danger m-l-xs btn_delete" data-uid="99991937" data-name="99991938">{% trans "Delete" %}</a>'
.replace('99991937', cellData)
.replace('99991938', rowData.name);
$(td).html(detail_btn + delete_btn)
}}
],
ajax_url: url,
columns: [{data: function(){return ""}}, {data: "name" }, {data: "users"},
{data: "user_groups"}, {data: "assets"}, {data: 'asset_groups'},
{data: "system_users"}, {data: "is_active"}, {data: 'id'}],
op_html: $('#actions').html()
};
jumpserver.initDataTable(options);
{% block content_bottom_left %} }
<form id="" method="get" action="" class=" mail-search">
<div class="input-group">
<select class="form-control m-b" style="width: auto">
<option>{% trans 'Delete selected' %}</option>
<option>{% trans 'Update selected' %}</option>
<option>{% trans 'Deactive selected' %}</option>
<option>{% trans 'Export selected' %}</option>
</select>
<div class="input-group-btn pull-left" style="padding-left: 5px;"> function searchAssetPermission() {
<button id='search_btn' type="submit" style="height: 32px;" class="btn btn-sm btn-primary"> var value = $('.dataTables_filter input').val();
{% trans 'Submit' %} assetPermissionTableDraw()
</button> }
</div>
</div> $(document).ready(function(){
</form> assetPermissionTableDraw('{% url "perms:asset-permission-list-create-api" %}');
}).on('keyup', '.dataTables_filter input', function () {
searchAssetPermission()
})
</script>
{% endblock %} {% endblock %}

4
apps/perms/urls.py
View File

@ -22,7 +22,11 @@ urlpatterns = [
] ]
urlpatterns += [ urlpatterns += [
url(r'^v1/asset-permission/$', api.AssetPermissionListCreateApi.as_view(),
name='asset-permission-list-create-api'),
url(r'^v1/user/assets/granted/$', api.UserAssetsGrantedApi.as_view(), url(r'^v1/user/assets/granted/$', api.UserAssetsGrantedApi.as_view(),
name='user-assets-granted'), name='user-assets-granted'),
url(r'^v1/user/asset-groups/granted/$', api.UserAssetsGroupsGrantedApi.as_view(),
name='user-asset-groups-granted'),
] ]

1
apps/perms/views.py
View File

@ -34,7 +34,6 @@ class AssetPermissionListView(AdminUserRequiredMixin, ListView):
return super(AssetPermissionListView, self).get_context_data(**kwargs) return super(AssetPermissionListView, self).get_context_data(**kwargs)
def get_queryset(self): def get_queryset(self):
# Todo: Default order by lose asset connection num
self.queryset = super(AssetPermissionListView, self).get_queryset() self.queryset = super(AssetPermissionListView, self).get_queryset()
self.keyword = keyword = self.request.GET.get('keyword', '') self.keyword = keyword = self.request.GET.get('keyword', '')
self.sort = sort = self.request.GET.get('sort', '-date_created') self.sort = sort = self.request.GET.get('sort', '-date_created')

3
apps/users/backends.py
View File

@ -81,8 +81,7 @@ class AccessTokenAuthentication(authentication.BaseAuthentication):
user = get_object_or_none(User, id=user_id) user = get_object_or_none(User, id=user_id)
if not user: if not user:
msg = _('Invalid token') return None
raise exceptions.AuthenticationFailed(msg)
remote_addr = request.META.get('REMOTE_ADDR', '') remote_addr = request.META.get('REMOTE_ADDR', '')
remote_addr = base64.b16encode(remote_addr).replace('=', '') remote_addr = base64.b16encode(remote_addr).replace('=', '')

4
apps/users/forms.py
View File

@ -108,7 +108,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
def save(self, commit=True): def save(self, commit=True):
self.instance = super(UserPrivateAssetPermissionForm, self).save(commit=commit) self.instance = super(UserPrivateAssetPermissionForm, self).save(commit=commit)
self.instance.private_for = 'U' # self.instance.private_for = 'U'
self.instance.users = [self.user] self.instance.users = [self.user]
self.instance.save() self.instance.save()
return self.instance return self.instance
@ -116,7 +116,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
class Meta: class Meta:
model = AssetPermission model = AssetPermission
fields = [ fields = [
'assets', 'asset_groups', 'system_users', 'private_for', 'name', 'assets', 'asset_groups', 'system_users', 'name',
] ]
widgets = { widgets = {
'assets': forms.SelectMultiple(attrs={'class': 'select2', 'assets': forms.SelectMultiple(attrs={'class': 'select2',