From 6b46f5b48eb1f1e11d6950ffb6f24bb1ec90732e Mon Sep 17 00:00:00 2001 From: Bai Date: Mon, 24 May 2021 19:11:47 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=B7=BB=E5=8A=A0ApplicationUserList?= =?UTF-8?q?=20API?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/applications/api/application.py | 37 ++++++++++++++++++++-- apps/applications/urls/api_urls.py | 1 + apps/perms/utils/application/permission.py | 4 +++ 3 files changed, 39 insertions(+), 3 deletions(-) diff --git a/apps/applications/api/application.py b/apps/applications/api/application.py index cb51ff023..b4255b426 100644 --- a/apps/applications/api/application.py +++ b/apps/applications/api/application.py @@ -2,18 +2,49 @@ # from orgs.mixins.api import OrgBulkModelViewSet +from rest_framework import generics -from ..hands import IsOrgAdminOrAppUser +from ..hands import IsOrgAdminOrAppUser, IsOrgAdmin from .. import models, serializers +from ..models import Application +from assets.models import SystemUser +from assets.serializers import SystemUserListSerializer +from perms.models import ApplicationPermission +from ..const import ApplicationCategoryChoices -__all__ = ['ApplicationViewSet'] +__all__ = ['ApplicationViewSet', 'ApplicationUserListApi'] class ApplicationViewSet(OrgBulkModelViewSet): - model = models.Application + model = Application filterset_fields = ('name', 'type', 'category') search_fields = filterset_fields permission_classes = (IsOrgAdminOrAppUser,) serializer_class = serializers.ApplicationSerializer + +class ApplicationUserListApi(generics.ListAPIView): + permission_classes = (IsOrgAdmin, ) + serializer_class = SystemUserListSerializer + + def get_application(self): + application = None + app_id = self.request.query_params.get('application_id') + if app_id: + application = Application.objects.get(id=app_id) + return application + + def get_queryset(self): + queryset = SystemUser.objects.none() + application = self.get_application() + if not application: + return queryset + if application.category == ApplicationCategoryChoices.remote_app: + return queryset + system_user_ids = ApplicationPermission.objects.filter(applications=application)\ + .values_list('system_users', flat=True) + if not system_user_ids: + return queryset + queryset = SystemUser.objects.filter(id__in=system_user_ids) + return queryset diff --git a/apps/applications/urls/api_urls.py b/apps/applications/urls/api_urls.py index ab463a401..9ca50d32c 100644 --- a/apps/applications/urls/api_urls.py +++ b/apps/applications/urls/api_urls.py @@ -14,6 +14,7 @@ router.register(r'applications', api.ApplicationViewSet, 'application') urlpatterns = [ path('remote-apps//connection-info/', api.RemoteAppConnectionInfoApi.as_view(), name='remote-app-connection-info'), + path('application-users/', api.ApplicationUserListApi.as_view(), name='application-user') ] diff --git a/apps/perms/utils/application/permission.py b/apps/perms/utils/application/permission.py index c4ebb5bdb..939a8e53c 100644 --- a/apps/perms/utils/application/permission.py +++ b/apps/perms/utils/application/permission.py @@ -72,3 +72,7 @@ def get_application_system_user_ids(user, application): def has_application_system_permission(user, application, system_user): system_user_ids = get_application_system_user_ids(user, application) return system_user.id in system_user_ids + + +def get_application_system_users_ids(application): + return system_users_id