github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: 添加ApplicationUserList API

pull/6224/head
Bai 2021-05-24 19:11:47 +08:00
parent 33fb063f78
commit 6b46f5b48e
3 changed files with 39 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
apps/applications/api/application.py
View File

@ -2,18 +2,49 @@
# #
from orgs.mixins.api import OrgBulkModelViewSet from orgs.mixins.api import OrgBulkModelViewSet
from rest_framework import generics
from ..hands import IsOrgAdminOrAppUser from ..hands import IsOrgAdminOrAppUser, IsOrgAdmin
from .. import models, serializers from .. import models, serializers
from ..models import Application
from assets.models import SystemUser
from assets.serializers import SystemUserListSerializer
from perms.models import ApplicationPermission
from ..const import ApplicationCategoryChoices
__all__ = ['ApplicationViewSet'] __all__ = ['ApplicationViewSet', 'ApplicationUserListApi']
class ApplicationViewSet(OrgBulkModelViewSet): class ApplicationViewSet(OrgBulkModelViewSet):
model = models.Application model = Application
filterset_fields = ('name', 'type', 'category') filterset_fields = ('name', 'type', 'category')
search_fields = filterset_fields search_fields = filterset_fields
permission_classes = (IsOrgAdminOrAppUser,) permission_classes = (IsOrgAdminOrAppUser,)
serializer_class = serializers.ApplicationSerializer serializer_class = serializers.ApplicationSerializer
class ApplicationUserListApi(generics.ListAPIView):
permission_classes = (IsOrgAdmin, )
serializer_class = SystemUserListSerializer
def get_application(self):
application = None
app_id = self.request.query_params.get('application_id')
if app_id:
application = Application.objects.get(id=app_id)
return application
def get_queryset(self):
queryset = SystemUser.objects.none()
application = self.get_application()
if not application:
return queryset
if application.category == ApplicationCategoryChoices.remote_app:
return queryset
system_user_ids = ApplicationPermission.objects.filter(applications=application)\
.values_list('system_users', flat=True)
if not system_user_ids:
return queryset
queryset = SystemUser.objects.filter(id__in=system_user_ids)
return queryset

1
apps/applications/urls/api_urls.py
View File

@ -14,6 +14,7 @@ router.register(r'applications', api.ApplicationViewSet, 'application')
urlpatterns = [ urlpatterns = [
path('remote-apps/<uuid:pk>/connection-info/', api.RemoteAppConnectionInfoApi.as_view(), name='remote-app-connection-info'), path('remote-apps/<uuid:pk>/connection-info/', api.RemoteAppConnectionInfoApi.as_view(), name='remote-app-connection-info'),
path('application-users/', api.ApplicationUserListApi.as_view(), name='application-user')
] ]

4
apps/perms/utils/application/permission.py
View File

@ -72,3 +72,7 @@ def get_application_system_user_ids(user, application):
def has_application_system_permission(user, application, system_user): def has_application_system_permission(user, application, system_user):
system_user_ids = get_application_system_user_ids(user, application) system_user_ids = get_application_system_user_ids(user, application)
return system_user.id in system_user_ids return system_user.id in system_user_ids
def get_application_system_users_ids(application):
return system_users_id