github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

[Update] 修改用户view

pull/1571/head
ibuler 2018-07-15 00:55:05 +08:00
parent 28e47f33c1
commit 5648dcd7e7
24 changed files with 138 additions and 100 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apps/assets/api/admin_user.py
View File

@ -37,19 +37,19 @@ class AdminUserViewSet(IDInFilterMixin, BulkModelViewSet):
""" """
Admin user api set, for add,delete,update,list,retrieve resource Admin user api set, for add,delete,update,list,retrieve resource
""" """
queryset = AdminUser.objects queryset = AdminUser.objects.all()
serializer_class = serializers.AdminUserSerializer serializer_class = serializers.AdminUserSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
class AdminUserAuthApi(generics.UpdateAPIView): class AdminUserAuthApi(generics.UpdateAPIView):
queryset = AdminUser.objects queryset = AdminUser.objects.all()
serializer_class = serializers.AdminUserAuthSerializer serializer_class = serializers.AdminUserAuthSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
class ReplaceNodesAdminUserApi(generics.UpdateAPIView): class ReplaceNodesAdminUserApi(generics.UpdateAPIView):
queryset = AdminUser.objects queryset = AdminUser.objects.all()
serializer_class = serializers.ReplaceNodeAdminUserSerializer serializer_class = serializers.ReplaceNodeAdminUserSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -74,7 +74,7 @@ class AdminUserTestConnectiveApi(generics.RetrieveAPIView):
""" """
Test asset admin user connectivity Test asset admin user connectivity
""" """
queryset = AdminUser.objects queryset = AdminUser.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
def retrieve(self, request, *args, **kwargs): def retrieve(self, request, *args, **kwargs):

12
apps/assets/api/asset.py
View File

@ -36,7 +36,7 @@ class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
filter_fields = ("hostname", "ip") filter_fields = ("hostname", "ip")
search_fields = filter_fields search_fields = filter_fields
ordering_fields = ("hostname", "ip", "port", "cpu_cores") ordering_fields = ("hostname", "ip", "port", "cpu_cores")
queryset = Asset.objects queryset = Asset.objects.all()
serializer_class = serializers.AssetSerializer serializer_class = serializers.AssetSerializer
pagination_class = LimitOffsetPagination pagination_class = LimitOffsetPagination
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)
@ -65,7 +65,7 @@ class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
if node_id and not show_current_asset: if node_id and not show_current_asset:
node = get_object_or_404(Node, id=node_id) node = get_object_or_404(Node, id=node_id)
if node.is_root(): if node.is_root():
queryset = Asset.objects queryset = Asset.objects.all()
else: else:
queryset = queryset.filter( queryset = queryset.filter(
nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key), nodes__key__regex='^{}(:[0-9]+)*$'.format(node.key),
@ -77,7 +77,7 @@ class AssetListUpdateApi(IDInFilterMixin, ListBulkCreateUpdateDestroyAPIView):
""" """
Asset bulk update api Asset bulk update api
""" """
queryset = Asset.objects queryset = Asset.objects.all()
serializer_class = serializers.AssetSerializer serializer_class = serializers.AssetSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -86,7 +86,7 @@ class AssetRefreshHardwareApi(generics.RetrieveAPIView):
""" """
Refresh asset hardware info Refresh asset hardware info
""" """
queryset = Asset.objects queryset = Asset.objects.all()
serializer_class = serializers.AssetSerializer serializer_class = serializers.AssetSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -101,7 +101,7 @@ class AssetAdminUserTestApi(generics.RetrieveAPIView):
""" """
Test asset admin user connectivity Test asset admin user connectivity
""" """
queryset = Asset.objects queryset = Asset.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
def retrieve(self, request, *args, **kwargs): def retrieve(self, request, *args, **kwargs):
@ -112,7 +112,7 @@ class AssetAdminUserTestApi(generics.RetrieveAPIView):
class AssetGatewayApi(generics.RetrieveAPIView): class AssetGatewayApi(generics.RetrieveAPIView):
queryset = Asset.objects queryset = Asset.objects.all()
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)
def retrieve(self, request, *args, **kwargs): def retrieve(self, request, *args, **kwargs):

4
apps/assets/api/domain.py
View File

@ -18,7 +18,7 @@ __all__ = ['DomainViewSet', 'GatewayViewSet', "GatewayTestConnectionApi"]
class DomainViewSet(BulkModelViewSet): class DomainViewSet(BulkModelViewSet):
queryset = Domain.objects queryset = Domain.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.DomainSerializer serializer_class = serializers.DomainSerializer
@ -36,7 +36,7 @@ class DomainViewSet(BulkModelViewSet):
class GatewayViewSet(BulkModelViewSet): class GatewayViewSet(BulkModelViewSet):
filter_fields = ("domain",) filter_fields = ("domain",)
search_fields = filter_fields search_fields = filter_fields
queryset = Gateway.objects queryset = Gateway.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.GatewaySerializer serializer_class = serializers.GatewaySerializer

12
apps/assets/api/node.py
View File

@ -40,7 +40,7 @@ __all__ = [
class NodeViewSet(BulkModelViewSet): class NodeViewSet(BulkModelViewSet):
queryset = Node.objects queryset = Node.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.NodeSerializer serializer_class = serializers.NodeSerializer
@ -79,7 +79,7 @@ class NodeViewSet(BulkModelViewSet):
class NodeChildrenApi(mixins.ListModelMixin, generics.CreateAPIView): class NodeChildrenApi(mixins.ListModelMixin, generics.CreateAPIView):
queryset = Node.objects queryset = Node.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.NodeSerializer serializer_class = serializers.NodeSerializer
instance = None instance = None
@ -166,7 +166,7 @@ class NodeAssetsApi(generics.ListAPIView):
class NodeAddChildrenApi(generics.UpdateAPIView): class NodeAddChildrenApi(generics.UpdateAPIView):
queryset = Node.objects queryset = Node.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.NodeAddChildrenSerializer serializer_class = serializers.NodeAddChildrenSerializer
instance = None instance = None
@ -184,7 +184,7 @@ class NodeAddChildrenApi(generics.UpdateAPIView):
class NodeAddAssetsApi(generics.UpdateAPIView): class NodeAddAssetsApi(generics.UpdateAPIView):
serializer_class = serializers.NodeAssetsSerializer serializer_class = serializers.NodeAssetsSerializer
queryset = Node.objects queryset = Node.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
instance = None instance = None
@ -196,7 +196,7 @@ class NodeAddAssetsApi(generics.UpdateAPIView):
class NodeRemoveAssetsApi(generics.UpdateAPIView): class NodeRemoveAssetsApi(generics.UpdateAPIView):
serializer_class = serializers.NodeAssetsSerializer serializer_class = serializers.NodeAssetsSerializer
queryset = Node.objects queryset = Node.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
instance = None instance = None
@ -212,7 +212,7 @@ class NodeRemoveAssetsApi(generics.UpdateAPIView):
class NodeReplaceAssetsApi(generics.UpdateAPIView): class NodeReplaceAssetsApi(generics.UpdateAPIView):
serializer_class = serializers.NodeAssetsSerializer serializer_class = serializers.NodeAssetsSerializer
queryset = Node.objects queryset = Node.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
instance = None instance = None

8
apps/assets/api/system_user.py
View File

@ -35,7 +35,7 @@ class SystemUserViewSet(BulkModelViewSet):
""" """
System user api set, for add,delete,update,list,retrieve resource System user api set, for add,delete,update,list,retrieve resource
""" """
queryset = SystemUser.objects queryset = SystemUser.objects.all()
serializer_class = serializers.SystemUserSerializer serializer_class = serializers.SystemUserSerializer
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)
@ -44,7 +44,7 @@ class SystemUserAuthInfoApi(generics.RetrieveUpdateDestroyAPIView):
""" """
Get system user auth info Get system user auth info
""" """
queryset = SystemUser.objects queryset = SystemUser.objects.all()
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)
serializer_class = serializers.SystemUserAuthSerializer serializer_class = serializers.SystemUserAuthSerializer
@ -58,7 +58,7 @@ class SystemUserPushApi(generics.RetrieveAPIView):
""" """
Push system user to cluster assets api Push system user to cluster assets api
""" """
queryset = SystemUser.objects queryset = SystemUser.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
def retrieve(self, request, *args, **kwargs): def retrieve(self, request, *args, **kwargs):
@ -74,7 +74,7 @@ class SystemUserTestConnectiveApi(generics.RetrieveAPIView):
""" """
Push system user to cluster assets api Push system user to cluster assets api
""" """
queryset = SystemUser.objects queryset = SystemUser.objects.all()
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
def retrieve(self, request, *args, **kwargs): def retrieve(self, request, *args, **kwargs):

2
apps/assets/forms/asset.py
View File

@ -93,7 +93,7 @@ class AssetUpdateForm(forms.ModelForm):
class AssetBulkUpdateForm(forms.ModelForm): class AssetBulkUpdateForm(forms.ModelForm):
assets = forms.ModelMultipleChoiceField( assets = forms.ModelMultipleChoiceField(
required=True, help_text='* required', required=True, help_text='* required',
label=_('Select assets'), queryset = Asset.objects, label=_('Select assets'), queryset=Asset.objects.all(),
widget=forms.SelectMultiple( widget=forms.SelectMultiple(
attrs={ attrs={
'class': 'select2', 'class': 'select2',

2
apps/assets/forms/domain.py
View File

@ -11,7 +11,7 @@ __all__ = ['DomainForm', 'GatewayForm']
class DomainForm(forms.ModelForm): class DomainForm(forms.ModelForm):
assets = forms.ModelMultipleChoiceField( assets = forms.ModelMultipleChoiceField(
queryset = Asset.objects, label=_('Asset'), required=False, queryset=Asset.objects.all(), label=_('Asset'), required=False,
widget=forms.SelectMultiple( widget=forms.SelectMultiple(
attrs={'class': 'select2', 'data-placeholder': _('Select assets')} attrs={'class': 'select2', 'data-placeholder': _('Select assets')}
) )

2
apps/assets/forms/label.py
View File

@ -10,7 +10,7 @@ __all__ = ['LabelForm']
class LabelForm(forms.ModelForm): class LabelForm(forms.ModelForm):
assets = forms.ModelMultipleChoiceField( assets = forms.ModelMultipleChoiceField(
queryset = Asset.objects, label=_('Asset'), required=False, queryset=Asset.objects.all(), label=_('Asset'), required=False,
widget=forms.SelectMultiple( widget=forms.SelectMultiple(
attrs={'class': 'select2', 'data-placeholder': _('Select assets')} attrs={'class': 'select2', 'data-placeholder': _('Select assets')}
) )

2
apps/assets/serializers/admin_user.py
View File

@ -58,7 +58,7 @@ class ReplaceNodeAdminUserSerializer(serializers.ModelSerializer):
管理用户更新关联到的集群 管理用户更新关联到的集群
""" """
nodes = serializers.PrimaryKeyRelatedField( nodes = serializers.PrimaryKeyRelatedField(
many=True, queryset = Node.objects many=True, queryset = Node.objects.all()
) )
class Meta: class Meta:

2
apps/assets/serializers/node.py
View File

@ -78,7 +78,7 @@ class NodeSerializer(serializers.ModelSerializer):
class NodeAssetsSerializer(serializers.ModelSerializer): class NodeAssetsSerializer(serializers.ModelSerializer):
assets = serializers.PrimaryKeyRelatedField(many=True, queryset = Asset.objects) assets = serializers.PrimaryKeyRelatedField(many=True, queryset = Asset.objects.all())
class Meta: class Meta:
model = Node model = Node

2
apps/assets/views/admin_user.py
View File

@ -90,7 +90,7 @@ class AdminUserAssetsView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
object = None object = None
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
self.object = self.get_object(queryset = AdminUser.objects) self.object = self.get_object(queryset=AdminUser.objects.all())
return super().get(request, *args, **kwargs) return super().get(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):

2
apps/audits/api.py
View File

@ -9,6 +9,6 @@ from .serializers import FTPLogSerializer
class FTPLogViewSet(viewsets.ModelViewSet): class FTPLogViewSet(viewsets.ModelViewSet):
queryset = FTPLog.objects queryset = FTPLog.objects.all()
serializer_class = FTPLogSerializer serializer_class = FTPLogSerializer
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)

1
apps/jumpserver/settings.py
View File

@ -78,6 +78,7 @@ INSTALLED_APPS = [
] ]
MIDDLEWARE = [ MIDDLEWARE = [
'orgs.middleware.OrgPreMiddleware',
'django.middleware.security.SecurityMiddleware', 'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.locale.LocaleMiddleware', 'django.middleware.locale.LocaleMiddleware',

10
apps/ops/api.py
View File

@ -16,13 +16,13 @@ from .tasks import run_ansible_task
class TaskViewSet(viewsets.ModelViewSet): class TaskViewSet(viewsets.ModelViewSet):
queryset = Task.objects queryset = Task.objects.all()
serializer_class = TaskSerializer serializer_class = TaskSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
class TaskRun(generics.RetrieveAPIView): class TaskRun(generics.RetrieveAPIView):
queryset = Task.objects queryset = Task.objects.all()
serializer_class = TaskViewSet serializer_class = TaskViewSet
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -33,7 +33,7 @@ class TaskRun(generics.RetrieveAPIView):
class AdHocViewSet(viewsets.ModelViewSet): class AdHocViewSet(viewsets.ModelViewSet):
queryset = AdHoc.objects queryset = AdHoc.objects.all()
serializer_class = AdHocSerializer serializer_class = AdHocSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -46,7 +46,7 @@ class AdHocViewSet(viewsets.ModelViewSet):
class AdHocRunHistorySet(viewsets.ModelViewSet): class AdHocRunHistorySet(viewsets.ModelViewSet):
queryset = AdHocRunHistory.objects queryset = AdHocRunHistory.objects.all()
serializer_class = AdHocRunHistorySerializer serializer_class = AdHocRunHistorySerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -68,7 +68,7 @@ class CeleryTaskLogApi(generics.RetrieveAPIView):
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
buff_size = 1024 * 10 buff_size = 1024 * 10
end = False end = False
queryset = CeleryTask.objects queryset = CeleryTask.objects.all()
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
mark = request.query_params.get("mark") or str(uuid.uuid4()) mark = request.query_params.get("mark") or str(uuid.uuid4())

11
apps/orgs/middleware.py
View File

@ -2,6 +2,17 @@
# #
from .utils import get_org_from_request, set_current_org from .utils import get_org_from_request, set_current_org
from .models import Organization
class OrgPreMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
set_current_org(Organization.root())
response = self.get_response(request)
return response
class OrgMiddleware: class OrgMiddleware:

43
apps/orgs/mixins.py
View File

@ -2,18 +2,26 @@
# #
from django.db import models from django.db import models
from django.shortcuts import redirect from django.shortcuts import redirect
import warnings
from django.contrib.auth import get_user_model from django.contrib.auth import get_user_model
from django.forms import ModelForm
from common.utils import get_logger from common.utils import get_logger
from .utils import get_current_org, get_model_by_db_table from .utils import get_current_org, get_model_by_db_table, set_current_org
logger = get_logger(__file__) logger = get_logger(__file__)
__all__ = ['OrgManager', 'OrgViewGenericMixin', 'OrgModelMixin'] __all__ = [
'OrgManager', 'OrgViewGenericMixin', 'OrgModelMixin', 'OrgModelForm'
]
class OrgManager(models.Manager): class OrgManager(models.Manager):
def __init__(self, *args, **kwargs):
print("INit manager")
super().__init__(*args, **kwargs)
def get_queryset(self): def get_queryset(self):
print("GET CURR") print("GET CURR")
current_org = get_current_org() current_org = get_current_org()
@ -22,9 +30,9 @@ class OrgManager(models.Manager):
print("Get queryset ") print("Get queryset ")
print(current_org) print(current_org)
print(self.model)
if not current_org: if not current_org:
return super().get_queryset().filter(**kwargs) pass
kwargs['id'] = None
elif current_org.is_real(): elif current_org.is_real():
kwargs['org'] = current_org kwargs['org'] = current_org
elif current_org.is_default(): elif current_org.is_default():
@ -34,6 +42,19 @@ class OrgManager(models.Manager):
print(queryset) print(queryset)
return queryset return queryset
def all(self):
current_org = get_current_org()
if not current_org:
msg = 'You should `objects.set_current_org(org).all()` then run it'
warnings.warn(msg)
return self
else:
return super().all()
def set_current_org(self, org):
set_current_org(org)
return self
class OrgModelMixin(models.Model): class OrgModelMixin(models.Model):
org = models.ForeignKey('orgs.Organization', on_delete=models.PROTECT, null=True) org = models.ForeignKey('orgs.Organization', on_delete=models.PROTECT, null=True)
@ -55,3 +76,17 @@ class OrgViewGenericMixin:
if not current_org: if not current_org:
return redirect('orgs:switch-a-org') return redirect('orgs:switch-a-org')
return super().dispatch(request, *args, **kwargs) return super().dispatch(request, *args, **kwargs)
class OrgModelForm(ModelForm):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
if 'initial' not in kwargs:
return
for name, field in self.fields.items():
if not hasattr(field, 'queryset'):
continue
print(field)
model = field.queryset.model
field.queryset = model.objects.all()

10
apps/perms/api.py
View File

@ -19,7 +19,7 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
""" """
资产授权列表的增删改查api 资产授权列表的增删改查api
""" """
queryset = AssetPermission.objects queryset = AssetPermission.objects.all()
serializer_class = serializers.AssetPermissionCreateUpdateSerializer serializer_class = serializers.AssetPermissionCreateUpdateSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
@ -268,7 +268,7 @@ class AssetPermissionRemoveUserApi(RetrieveUpdateAPIView):
""" """
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.AssetPermissionUpdateUserSerializer serializer_class = serializers.AssetPermissionUpdateUserSerializer
queryset = AssetPermission.objects queryset = AssetPermission.objects.all()
def update(self, request, *args, **kwargs): def update(self, request, *args, **kwargs):
perm = self.get_object() perm = self.get_object()
@ -285,7 +285,7 @@ class AssetPermissionRemoveUserApi(RetrieveUpdateAPIView):
class AssetPermissionAddUserApi(RetrieveUpdateAPIView): class AssetPermissionAddUserApi(RetrieveUpdateAPIView):
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.AssetPermissionUpdateUserSerializer serializer_class = serializers.AssetPermissionUpdateUserSerializer
queryset = AssetPermission.objects queryset = AssetPermission.objects.all()
def update(self, request, *args, **kwargs): def update(self, request, *args, **kwargs):
perm = self.get_object() perm = self.get_object()
@ -305,7 +305,7 @@ class AssetPermissionRemoveAssetApi(RetrieveUpdateAPIView):
""" """
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.AssetPermissionUpdateAssetSerializer serializer_class = serializers.AssetPermissionUpdateAssetSerializer
queryset = AssetPermission.objects queryset = AssetPermission.objects.all()
def update(self, request, *args, **kwargs): def update(self, request, *args, **kwargs):
perm = self.get_object() perm = self.get_object()
@ -322,7 +322,7 @@ class AssetPermissionRemoveAssetApi(RetrieveUpdateAPIView):
class AssetPermissionAddAssetApi(RetrieveUpdateAPIView): class AssetPermissionAddAssetApi(RetrieveUpdateAPIView):
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
serializer_class = serializers.AssetPermissionUpdateAssetSerializer serializer_class = serializers.AssetPermissionUpdateAssetSerializer
queryset = AssetPermission.objects queryset = AssetPermission.objects.all()
def update(self, request, *args, **kwargs): def update(self, request, *args, **kwargs):
perm = self.get_object() perm = self.get_object()

4
apps/perms/views.py
View File

@ -108,7 +108,7 @@ class AssetPermissionUserView(AdminUserRequiredMixin,
object = None object = None
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
self.object = self.get_object(queryset = AssetPermission.objects) self.object = self.get_object(queryset = AssetPermission.objects.all())
return super().get(request, *args, **kwargs) return super().get(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):
@ -138,7 +138,7 @@ class AssetPermissionAssetView(AdminUserRequiredMixin,
object = None object = None
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
self.object = self.get_object(queryset = AssetPermission.objects) self.object = self.get_object(queryset = AssetPermission.objects.all())
return super().get(request, *args, **kwargs) return super().get(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):

6
apps/terminal/api.py
View File

@ -102,7 +102,7 @@ class TerminalTokenApi(APIView):
class StatusViewSet(viewsets.ModelViewSet): class StatusViewSet(viewsets.ModelViewSet):
queryset = Status.objects queryset = Status.objects.all()
serializer_class = StatusSerializer serializer_class = StatusSerializer
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)
session_serializer_class = SessionSerializer session_serializer_class = SessionSerializer
@ -174,7 +174,7 @@ class StatusViewSet(viewsets.ModelViewSet):
class SessionViewSet(viewsets.ModelViewSet): class SessionViewSet(viewsets.ModelViewSet):
queryset = Session.objects queryset = Session.objects.all()
serializer_class = SessionSerializer serializer_class = SessionSerializer
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)
@ -192,7 +192,7 @@ class SessionViewSet(viewsets.ModelViewSet):
class TaskViewSet(BulkModelViewSet): class TaskViewSet(BulkModelViewSet):
queryset = Task.objects queryset = Task.objects.all()
serializer_class = TaskSerializer serializer_class = TaskSerializer
permission_classes = (IsSuperUserOrAppUser,) permission_classes = (IsSuperUserOrAppUser,)

15
apps/users/api.py
View File

@ -9,7 +9,6 @@ from rest_framework import generics
from rest_framework.permissions import AllowAny, IsAuthenticated from rest_framework.permissions import AllowAny, IsAuthenticated
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.views import APIView from rest_framework.views import APIView
from rest_framework import viewsets
from rest_framework_bulk import BulkModelViewSet from rest_framework_bulk import BulkModelViewSet
from .serializers import UserSerializer, UserGroupSerializer, \ from .serializers import UserSerializer, UserGroupSerializer, \
@ -53,7 +52,7 @@ class UserViewSet(IDInFilterMixin, BulkModelViewSet):
class ChangeUserPasswordApi(generics.RetrieveUpdateAPIView): class ChangeUserPasswordApi(generics.RetrieveUpdateAPIView):
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
queryset = User.objects queryset = User.objects.all()
serializer_class = ChangeUserPasswordSerializer serializer_class = ChangeUserPasswordSerializer
def perform_update(self, serializer): def perform_update(self, serializer):
@ -63,13 +62,13 @@ class ChangeUserPasswordApi(generics.RetrieveUpdateAPIView):
class UserUpdateGroupApi(generics.RetrieveUpdateAPIView): class UserUpdateGroupApi(generics.RetrieveUpdateAPIView):
queryset = User.objects queryset = User.objects.all()
serializer_class = UserUpdateGroupSerializer serializer_class = UserUpdateGroupSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
class UserResetPasswordApi(generics.UpdateAPIView): class UserResetPasswordApi(generics.UpdateAPIView):
queryset = User.objects queryset = User.objects.all()
serializer_class = UserSerializer serializer_class = UserSerializer
permission_classes = (IsAuthenticated,) permission_classes = (IsAuthenticated,)
@ -84,7 +83,7 @@ class UserResetPasswordApi(generics.UpdateAPIView):
class UserResetPKApi(generics.UpdateAPIView): class UserResetPKApi(generics.UpdateAPIView):
queryset = User.objects queryset = User.objects.all()
serializer_class = UserSerializer serializer_class = UserSerializer
permission_classes = (IsAuthenticated,) permission_classes = (IsAuthenticated,)
@ -97,7 +96,7 @@ class UserResetPKApi(generics.UpdateAPIView):
class UserUpdatePKApi(generics.UpdateAPIView): class UserUpdatePKApi(generics.UpdateAPIView):
queryset = User.objects queryset = User.objects.all()
serializer_class = UserPKUpdateSerializer serializer_class = UserPKUpdateSerializer
permission_classes = (IsCurrentUserOrReadOnly,) permission_classes = (IsCurrentUserOrReadOnly,)
@ -108,13 +107,13 @@ class UserUpdatePKApi(generics.UpdateAPIView):
class UserGroupViewSet(IDInFilterMixin, OrgViewGenericMixin, BulkModelViewSet): class UserGroupViewSet(IDInFilterMixin, OrgViewGenericMixin, BulkModelViewSet):
queryset = UserGroup.objects queryset = UserGroup.objects.all()
serializer_class = UserGroupSerializer serializer_class = UserGroupSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)
class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView): class UserGroupUpdateUserApi(generics.RetrieveUpdateAPIView):
queryset = UserGroup.objects queryset = UserGroup.objects.all()
serializer_class = UserGroupUpdateMemeberSerializer serializer_class = UserGroupUpdateMemeberSerializer
permission_classes = (IsSuperUser,) permission_classes = (IsSuperUser,)

57
apps/users/forms.py
View File

@ -6,6 +6,8 @@ from django.utils.translation import gettext_lazy as _
from captcha.fields import CaptchaField from captcha.fields import CaptchaField
from common.utils import validate_ssh_public_key from common.utils import validate_ssh_public_key
from orgs.mixins import OrgModelForm
from orgs.utils import get_current_org
from .models import User, UserGroup from .models import User, UserGroup
@ -39,7 +41,7 @@ class UserCheckOtpCodeForm(forms.Form):
otp_code = forms.CharField(label=_('MFA code'), max_length=6) otp_code = forms.CharField(label=_('MFA code'), max_length=6)
class UserCreateUpdateForm(forms.ModelForm): class UserCreateUpdateForm(OrgModelForm):
role_choices = ((i, n) for i, n in User.ROLE_CHOICES if i != User.ROLE_APP) role_choices = ((i, n) for i, n in User.ROLE_CHOICES if i != User.ROLE_APP)
password = forms.CharField( password = forms.CharField(
label=_('Password'), widget=forms.PasswordInput, label=_('Password'), widget=forms.PasswordInput,
@ -54,15 +56,6 @@ class UserCreateUpdateForm(forms.ModelForm):
widget=forms.Textarea(attrs={'placeholder': _('ssh-rsa AAAA...')}), widget=forms.Textarea(attrs={'placeholder': _('ssh-rsa AAAA...')}),
help_text=_('Paste user id_rsa.pub here.') help_text=_('Paste user id_rsa.pub here.')
) )
# groups = forms.ModelMultipleChoiceField(
# queryset=UserGroup.objects, required=False, label=_("Groups"),
# widget=forms.SelectMultiple(
# attrs={
# 'class': 'select2',
# 'data-placeholder': _('Join user groups')
# }
# )
# )
class Meta: class Meta:
model = User model = User
@ -77,6 +70,12 @@ class UserCreateUpdateForm(forms.ModelForm):
} }
widgets = { widgets = {
'otp_level': forms.RadioSelect(), 'otp_level': forms.RadioSelect(),
'groups': forms.SelectMultiple(
attrs={
'class': 'select2',
'data-placeholder': _('Join user groups')
}
)
} }
def clean_public_key(self): def clean_public_key(self):
@ -240,7 +239,7 @@ class UserBulkUpdateForm(forms.ModelForm):
required=True, required=True,
help_text='* required', help_text='* required',
label=_('Select users'), label=_('Select users'),
queryset = User.objects, queryset = User.objects.all(),
widget=forms.SelectMultiple( widget=forms.SelectMultiple(
attrs={ attrs={
'class': 'select2', 'class': 'select2',
@ -279,6 +278,11 @@ class UserBulkUpdateForm(forms.ModelForm):
return users return users
def user_limit_to():
org = get_current_org()
return {"orgs": org}
class UserGroupForm(forms.ModelForm): class UserGroupForm(forms.ModelForm):
users = forms.ModelMultipleChoiceField( users = forms.ModelMultipleChoiceField(
queryset=User.objects.exclude(role=User.ROLE_APP), queryset=User.objects.exclude(role=User.ROLE_APP),
@ -290,6 +294,7 @@ class UserGroupForm(forms.ModelForm):
} }
), ),
required=False, required=False,
limit_choices_to=user_limit_to
) )
def __init__(self, **kwargs): def __init__(self, **kwargs):
@ -318,30 +323,12 @@ class UserGroupForm(forms.ModelForm):
} }
# class UserGroupPrivateAssetPermissionForm(forms.ModelForm): class OrgUserField(forms.ModelMultipleChoiceField):
# def save(self, commit=True):
# self.instance = super(UserGroupPrivateAssetPermissionForm, self)\ def get_limit_choices_to(self):
# .save(commit=commit)
# self.instance.user_groups = [self.user_group] return {"orgs"}
# self.instance.save()
# return self.instance
#
# class Meta:
# model = AssetPermission
# fields = [
# 'assets', 'asset_groups', 'system_users', 'name',
# ]
# widgets = {
# 'assets': forms.SelectMultiple(
# attrs={'class': 'select2',
# 'data-placeholder': _('Select assets')}),
# 'asset_groups': forms.SelectMultiple(
# attrs={'class': 'select2',
# 'data-placeholder': _('Select asset groups')}),
# 'system_users': forms.SelectMultiple(
# attrs={'class': 'select2',
# 'data-placeholder': _('Select system users')}),
# }
class FileForm(forms.Form): class FileForm(forms.Form):

1
apps/users/models/user.py
View File

@ -15,6 +15,7 @@ from django.shortcuts import reverse
from common.utils import get_signer, date_expired_default from common.utils import get_signer, date_expired_default
from common.models import Setting from common.models import Setting
from orgs.mixins import OrgManager
from orgs.utils import get_current_org from orgs.utils import get_current_org

6
apps/users/serializers.py
View File

@ -14,7 +14,7 @@ signer = get_signer()
class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer): class UserSerializer(BulkSerializerMixin, serializers.ModelSerializer):
groups_display = serializers.SerializerMethodField() groups_display = serializers.SerializerMethodField()
groups = serializers.PrimaryKeyRelatedField(many=True, queryset = UserGroup.objects, required=False) groups = serializers.PrimaryKeyRelatedField(many=True, queryset = UserGroup.objects.all(), required=False)
class Meta: class Meta:
model = User model = User
@ -50,7 +50,7 @@ class UserPKUpdateSerializer(serializers.ModelSerializer):
class UserUpdateGroupSerializer(serializers.ModelSerializer): class UserUpdateGroupSerializer(serializers.ModelSerializer):
groups = serializers.PrimaryKeyRelatedField(many=True, queryset = UserGroup.objects) groups = serializers.PrimaryKeyRelatedField(many=True, queryset=UserGroup.objects.all())
class Meta: class Meta:
model = User model = User
@ -71,7 +71,7 @@ class UserGroupSerializer(BulkSerializerMixin, serializers.ModelSerializer):
class UserGroupUpdateMemeberSerializer(serializers.ModelSerializer): class UserGroupUpdateMemeberSerializer(serializers.ModelSerializer):
users = serializers.PrimaryKeyRelatedField(many=True, queryset = User.objects) users = serializers.PrimaryKeyRelatedField(many=True, queryset = User.objects.all())
class Meta: class Meta:
model = UserGroup model = UserGroup

14
apps/users/views/login.py
View File

@ -23,7 +23,7 @@ from django.conf import settings
from common.utils import get_object_or_none from common.utils import get_object_or_none
from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin
from common.models import Setting from orgs.utils import get_current_org
from ..models import User, LoginLog from ..models import User, LoginLog
from ..utils import send_reset_password_mail, check_otp_code, get_login_ip, \ from ..utils import send_reset_password_mail, check_otp_code, get_login_ip, \
redirect_user_first_login_or_index, get_user_or_tmp_user, \ redirect_user_first_login_or_index, get_user_or_tmp_user, \
@ -365,11 +365,17 @@ class LoginLogListView(AdminUserRequiredMixin, DatetimeSearchMixin, ListView):
user = keyword = "" user = keyword = ""
date_to = date_from = None date_to = date_from = None
def get_allow_users(self):
current_org = get_current_org()
users = current_org.get_org_users().values_list('username', flat=True)
return users
def get_queryset(self): def get_queryset(self):
users = self.get_allow_users()
queryset = super().get_queryset().filter(username__in=users)
self.user = self.request.GET.get('user', '') self.user = self.request.GET.get('user', '')
self.keyword = self.request.GET.get("keyword", '') self.keyword = self.request.GET.get("keyword", '')
queryset = super().get_queryset()
queryset = queryset.filter( queryset = queryset.filter(
datetime__gt=self.date_from, datetime__lt=self.date_to datetime__gt=self.date_from, datetime__lt=self.date_to
) )
@ -391,9 +397,7 @@ class LoginLogListView(AdminUserRequiredMixin, DatetimeSearchMixin, ListView):
'date_to': self.date_to, 'date_to': self.date_to,
'user': self.user, 'user': self.user,
'keyword': self.keyword, 'keyword': self.keyword,
'user_list': set( 'user_list': self.get_allow_users(),
LoginLog.objects.all().values_list('username', flat=True)
)
} }
kwargs.update(context) kwargs.update(context)
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)