github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #10409 from jumpserver/pr@dev@perf_job_permission 

perf: 优化 job permission
pull/10410/head
Chenyang Shen 2023-05-09 17:25:36 +08:00 committed by GitHub
parent 1933e82587 873c019b58
commit 65ca953f5b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 46 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
apps/ops/api/job.py
View File

@ -1,23 +1,25 @@
from django.conf import settings from django.conf import settings
from django.db.models import Count from django.db.models import Count
from django.db.transaction import atomic from django.db.transaction import atomic
from rest_framework.views import APIView
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.views import APIView
from common.permissions import IsValidUser
from ops.const import Types from ops.const import Types
from ops.models import Job, JobExecution from ops.models import Job, JobExecution
from ops.serializers.job import JobSerializer, JobExecutionSerializer from ops.serializers.job import JobSerializer, JobExecutionSerializer
__all__ = ['JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView', __all__ = [
'JobAssetDetail', 'JobExecutionTaskDetail', 'FrequentUsernames'] 'JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView',
'JobAssetDetail', 'JobExecutionTaskDetail', 'FrequentUsernames'
]
from ops.tasks import run_ops_job_execution from ops.tasks import run_ops_job_execution
from ops.variables import JMS_JOB_VARIABLE_HELP from ops.variables import JMS_JOB_VARIABLE_HELP
from orgs.mixins.api import OrgBulkModelViewSet from orgs.mixins.api import OrgBulkModelViewSet
from orgs.utils import tmp_to_org, get_current_org from orgs.utils import tmp_to_org, get_current_org
from accounts.models import Account from accounts.models import Account
from rbac.permissions import RBACPermission
def set_task_to_serializer_data(serializer, task): def set_task_to_serializer_data(serializer, task):
@ -28,7 +30,6 @@ def set_task_to_serializer_data(serializer, task):
class JobViewSet(OrgBulkModelViewSet): class JobViewSet(OrgBulkModelViewSet):
serializer_class = JobSerializer serializer_class = JobSerializer
permission_classes = (RBACPermission,)
search_fields = ('name', 'comment') search_fields = ('name', 'comment')
model = Job model = Job
@ -70,9 +71,9 @@ class JobViewSet(OrgBulkModelViewSet):
class JobExecutionViewSet(OrgBulkModelViewSet): class JobExecutionViewSet(OrgBulkModelViewSet):
serializer_class = JobExecutionSerializer serializer_class = JobExecutionSerializer
http_method_names = ('get', 'post', 'head', 'options',) http_method_names = ('get', 'post', 'head', 'options',)
permission_classes = (RBACPermission,)
model = JobExecution model = JobExecution
search_fields = ('material',) search_fields = ('material',)
filterset_fields = ['status', 'job_id']
@atomic @atomic
def perform_create(self, serializer): def perform_create(self, serializer):
@ -88,41 +89,32 @@ class JobExecutionViewSet(OrgBulkModelViewSet):
def get_queryset(self): def get_queryset(self):
queryset = super().get_queryset() queryset = super().get_queryset()
queryset = queryset.filter(creator=self.request.user) queryset = queryset.filter(creator=self.request.user)
job_id = self.request.query_params.get('job_id')
if job_id:
queryset = queryset.filter(job_id=job_id)
return queryset return queryset
class JobRunVariableHelpAPIView(APIView):
rbac_perms = ()
permission_classes = ()
def get(self, request, **kwargs):
return Response(data=JMS_JOB_VARIABLE_HELP)
class JobAssetDetail(APIView): class JobAssetDetail(APIView):
rbac_perms = () rbac_perms = {
permission_classes = () 'get': ['ops.view_jobexecution'],
}
def get(self, request, **kwargs): def get(self, request, **kwargs):
execution_id = request.query_params.get('execution_id') execution_id = request.query_params.get('execution_id', '')
if execution_id:
execution = get_object_or_404(JobExecution, id=execution_id) execution = get_object_or_404(JobExecution, id=execution_id)
return Response(data=execution.assent_result_detail) return Response(data=execution.assent_result_detail)
class JobExecutionTaskDetail(APIView): class JobExecutionTaskDetail(APIView):
rbac_perms = () rbac_perms = {
permission_classes = () 'get': ['ops.view_jobexecution'],
}
def get(self, request, **kwargs): def get(self, request, **kwargs):
org = get_current_org() org = get_current_org()
task_id = str(kwargs.get('task_id')) task_id = str(kwargs.get('task_id'))
if task_id:
with tmp_to_org(org): with tmp_to_org(org):
execution = get_object_or_404(JobExecution, task_id=task_id) execution = get_object_or_404(JobExecution, task_id=task_id)
return Response(data={ return Response(data={
'status': execution.status, 'status': execution.status,
'is_finished': execution.is_finished, 'is_finished': execution.is_finished,
@ -132,12 +124,20 @@ class JobExecutionTaskDetail(APIView):
}) })
class FrequentUsernames(APIView): class JobRunVariableHelpAPIView(APIView):
rbac_perms = () permission_classes = [IsValidUser]
permission_classes = ()
def get(self, request, **kwargs): def get(self, request, **kwargs):
top_accounts = Account.objects.exclude(username='root').exclude(username__startswith='jms_').values( return Response(data=JMS_JOB_VARIABLE_HELP)
'username').annotate(
total=Count('username')).order_by('total')[:5]
class FrequentUsernames(APIView):
permission_classes = [IsValidUser]
def get(self, request, **kwargs):
top_accounts = Account.objects.exclude(username='root') \
.exclude(username__startswith='jms_') \
.values('username') \
.annotate(total=Count('username')) \
.order_by('total')[:5]
return Response(data=top_accounts) return Response(data=top_accounts)