diff --git a/apps/assets/migrations/0001_initial.py b/apps/assets/migrations/0001_initial.py index 8a1733e68..d07b2ce0f 100644 --- a/apps/assets/migrations/0001_initial.py +++ b/apps/assets/migrations/0001_initial.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- -# Generated by Django 1.10 on 2016-09-10 16:40 +# Generated by Django 1.10 on 2016-09-11 09:22 from __future__ import unicode_literals from django.db import migrations, models diff --git a/apps/perms/forms.py b/apps/perms/forms.py index 36cf3ff8f..1826b4c29 100644 --- a/apps/perms/forms.py +++ b/apps/perms/forms.py @@ -4,23 +4,33 @@ from __future__ import absolute_import, unicode_literals from django import forms from django.utils.translation import ugettext_lazy as _ -from .hands import User, UserGroup, Asset, AssetGroup, SystemUser -from .models import PermUserAsset +# from .hands import User, UserGroup, Asset, AssetGroup, SystemUser +from .models import AssetPermission -class PermUserAssetForm(forms.ModelForm): +class AssetPermissionForm(forms.ModelForm): + class Meta: - model = PermUserAsset + model = AssetPermission fields = [ - 'user', 'action', 'assets', 'asset_groups', 'system_users', 'date_expired', 'comment' + 'name', 'users', 'user_groups', 'assets', 'asset_groups', + 'system_users', 'action', 'is_active', 'date_expired', 'comment', ] widgets = { - 'user': forms.HiddenInput(attrs={'style': 'display: none'}), + 'users': forms.SelectMultiple(attrs={'class': 'select2', + 'data-placeholder': _('Select users')}), + 'user_groups': forms.SelectMultiple(attrs={'class': 'select2', + 'data-placeholder': _('Select user groups')}), 'assets': forms.SelectMultiple(attrs={'class': 'select2', 'data-placeholder': _('Select assets')}), 'asset_groups': forms.SelectMultiple(attrs={'class': 'select2', 'data-placeholder': _('Select asset groups')}), 'system_users': forms.SelectMultiple(attrs={'class': 'select2', 'data-placeholder': _('Select system users')}), - + } + help_texts = { + 'name': '* required', + 'user_groups': '* User or user group at least one required', + 'asset_groups': '* Asset or Asset group at least one required', + 'system_users': '* required', } diff --git a/apps/perms/models.py b/apps/perms/models.py index e1108ce2f..dbd1996ee 100644 --- a/apps/perms/models.py +++ b/apps/perms/models.py @@ -9,70 +9,34 @@ from assets.models import Asset, AssetGroup, SystemUser from common.utils import date_expired_default -class PermUserAsset(models.Model): +class AssetPermission(models.Model): ACTION_CHOICE = ( ('1', 'Allow'), ('0', 'Deny'), ) - user = models.ForeignKey(User, on_delete=models.CASCADE) + name = models.CharField(max_length=128, verbose_name=_('Name')) + users = models.ManyToManyField(User, related_name='asset_permissions') + user_groups = models.ManyToManyField(UserGroup, related_name='asset_permissions') + assets = models.ManyToManyField(Asset, related_name='granted_by_permissions', blank=True) + asset_groups = models.ManyToManyField(AssetGroup, related_name='granted_by_permissions', blank=True) + system_users = models.ManyToManyField(SystemUser, related_name='granted_by_permissions') action = models.CharField(choices=ACTION_CHOICE, max_length=8, default='1') - assets = models.ManyToManyField(Asset, blank=True) - asset_groups = models.ManyToManyField(AssetGroup, blank=True) - system_users = models.ManyToManyField(SystemUser, blank=True) + is_active = models.BooleanField(default=True) date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired')) created_by = models.CharField(max_length=128, blank=True) date_created = models.DateTimeField(auto_now=True) comment = models.TextField(verbose_name=_('Comment'), blank=True) def __unicode__(self): - return '%(id)s: %(user)s %(action)s' % { - 'id': self.id, - 'user': self.user.username, - 'action': self.action, - } + return '%(name)s: %(action)s' % {'name': self.name, 'action': self.action} @property - def is_expired(self): - if self.date_expired > timezone.now(): - return False - else: + def is_valid(self): + if self.date_expired < timezone.now() and is_active: return True + return True class Meta: - db_table = 'perm_user_asset' - - -class PermUserGroupAsset(models.Model): - ACTION_CHOICES = ( - ('0', 'Deny'), - ('1', 'Allow'), - ) - - user_group = models.ForeignKey(User, on_delete=models.CASCADE) - action = models.CharField(choices=ACTION_CHOICES, max_length=8, default='1') - assets = models.ManyToManyField(Asset, blank=True) - asset_groups = models.ManyToManyField(AssetGroup, blank=True) - system_users = models.ManyToManyField(SystemUser, blank=True) - date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired')) - created_by = models.CharField(max_length=128) - date_created = models.DateTimeField(auto_now=True) - comment = models.TextField(verbose_name=_('Comment')) - - def __unicode__(self): - return '%(id)s: %(user)s %(action)s' % { - 'id': self.id, - 'user': self.user_group.name, - 'action': self.action, - } - - @property - def is_expired(self): - if self.date_expired > timezone.now(): - return False - else: - return True - - class Meta: - db_table = 'perm_user_group_asset' + db_table = 'asset_permission' diff --git a/apps/perms/templates/perms/perm_user_asset_create.html b/apps/perms/templates/perms/asset_permission_create.html similarity index 76% rename from apps/perms/templates/perms/perm_user_asset_create.html rename to apps/perms/templates/perms/asset_permission_create.html index 298f95cb4..68c023d59 100644 --- a/apps/perms/templates/perms/perm_user_asset_create.html +++ b/apps/perms/templates/perms/asset_permission_create.html @@ -14,7 +14,7 @@
-
{% trans 'Create asset perm for ' %}{{ user.name }}
+
{% trans 'Create asset permission ' %}
@@ -28,13 +28,29 @@
-
+ {% csrf_token %} - - {{ form.action|bootstrap_horizontal }} +

{% trans 'Name' %}

+ {{ form.name|bootstrap_horizontal }} +
+

{% trans 'User' %}

+ {{ form.users|bootstrap_horizontal }} + {{ form.user_groups|bootstrap_horizontal }} +
+

{% trans 'Asset' %}

{{ form.assets|bootstrap_horizontal }} {{ form.asset_groups|bootstrap_horizontal }} {{ form.system_users |bootstrap_horizontal }} +
+

{% trans 'Other' %}

+ {{ form.action|bootstrap_horizontal }} + +
+ +
+ {{ form.is_active }} +
+
diff --git a/apps/perms/templates/perms/user_asset_permission_list.html b/apps/perms/templates/perms/asset_permission_list.html similarity index 64% rename from apps/perms/templates/perms/user_asset_permission_list.html rename to apps/perms/templates/perms/asset_permission_list.html index f705a83b8..8d06f2e6f 100644 --- a/apps/perms/templates/perms/user_asset_permission_list.html +++ b/apps/perms/templates/perms/asset_permission_list.html @@ -2,41 +2,49 @@ {% load i18n %} {% load common_tags %} {% block content_left_head %} - {% trans "Batch create perm " %} + {% trans "Create permission" %} {% endblock %} {% block table_head %} - {% trans 'Name' %} - {% trans 'Username' %} + {% trans 'Name' %} + {% trans 'User count' %} + {% trans 'User group count' %} {% trans 'Asset count' %} {% trans 'Asset group count' %} {% trans 'System user count' %} - {% trans 'Is expired' %} + {% trans 'Is valid' %} {% endblock %} {% block table_body %} - {% for permission in user_permission_list %} + {% for permission in asset_permission_list %} - {{ permission.user.name }} + {{ permission.name }} - {{ permission.user.username }} + {{ permission.users.count}} + {{ permission.user_groups.count}} {{ permission.assets.count }} {{ permission.asset_groups.count }} {{ permission.system_users.count }} - {{ permission.is_expired }} - {% trans 'Create perm' %} - {% trans 'Flush' %} + {% if permission.is_valid %} + + {% else %} + + {% endif %} + + + {% trans 'Update' %} + {% trans 'Delete' %} {% endfor %} diff --git a/apps/perms/urls.py b/apps/perms/urls.py index 4491b2dcf..78a14c267 100644 --- a/apps/perms/urls.py +++ b/apps/perms/urls.py @@ -6,15 +6,7 @@ import views app_name = 'perms' urlpatterns = [ - # Resource asset url - url(r'^user$', views.PermUserListView.as_view(), name='perm-user-list'), - url(r'^user/(?P[0-9]+)/perm-asset/$', views.PermUserAssetListView.as_view(), name='perm-user-asset-list'), - url(r'^user/(?P[0-9]+)/perm-asset/create$', views.PermUserAssetCreateView.as_view(), - name='perm-user-asset-create'), - # url(r'^user/(?P[0-9]+)$', views.AssetListView.as_view(), name='asset-list'), - # url(r'^asset/create$', views.AssetCreateView.as_view(), name='asset-create'), - # url(r'^asset/(?P[0-9]+)$', views.AssetDetailView.as_view(), name='asset-detail'), - # url(r'^asset/(?P[0-9]+)/update', views.AssetUpdateView.as_view(), name='asset-update'), - # url(r'^asset/(?P[0-9]+)/delete$', views.AssetDeleteView.as_view(), name='asset-delete'), + url(r'^asset-permission$', views.UserAssetPermissionListView.as_view(), name='asset-permission-list'), + url(r'^asset-permission/create$', views.UserAssetPermissionCreateView.as_view(), name='asset-permission-create'), ] diff --git a/apps/perms/views.py b/apps/perms/views.py index 1932d899c..2ec9a01f2 100644 --- a/apps/perms/views.py +++ b/apps/perms/views.py @@ -12,33 +12,40 @@ from django.contrib.messages.views import SuccessMessageMixin from django.views.generic.detail import DetailView, SingleObjectMixin from .hands import AdminUserRequiredMixin, User, UserGroup -from .models import PermUserAsset, PermUserGroupAsset -from .forms import PermUserAssetForm +from .models import AssetPermission +from .forms import AssetPermissionForm -class PermUserListView(AdminUserRequiredMixin, ListView): - model = User +class UserAssetPermissionListView(AdminUserRequiredMixin, ListView): + model = AssetPermission paginate_by = settings.CONFIG.DISPLAY_PER_PAGE - context_object_name = 'user_list' - template_name = 'perms/perm_user_list.html' + context_object_name = 'asset_permission_list' + template_name = 'perms/asset_permission_list.html' def get_context_data(self, **kwargs): context = { 'app': _('Perms'), - 'action': _('Perms user list'), + 'action': _('Asset permission list'), 'keyword': self.request.GET.get('keyword', '') } kwargs.update(context) - return super(PermUserListView, self).get_context_data(**kwargs) + return super(UserAssetPermissionListView, self).get_context_data(**kwargs) def get_queryset(self): # Todo: Default order by lose asset connection num - self.queryset = super(PermUserListView, self).get_queryset() + self.queryset = super(UserAssetPermissionListView, self).get_queryset() self.keyword = keyword = self.request.GET.get('keyword', '') - self.sort = sort = self.request.GET.get('sort', '-date_joined') + self.sort = sort = self.request.GET.get('sort', '-date_created') if keyword: - self.queryset = self.queryset.filter(Q(name__icontains=keyword) | + self.queryset = self.queryset.filter(Q(users__name__icontains=keyword) | + Q(users__username__icontains=keyword) | + Q(user_groups__name__icontains=keyword) | + Q(assets__ip__icontains=keyword) | + Q(assets__hostname__icontains=keyword) | + Q(system_users__username_icontains=keyword) | + Q(system_users__name_icontains=keyword) | + Q(asset_groups__name__icontains=keyword) | Q(comment__icontains=keyword)) if sort: @@ -46,57 +53,25 @@ class PermUserListView(AdminUserRequiredMixin, ListView): return self.queryset -class PermUserAssetListView(AdminUserRequiredMixin, SingleObjectMixin, ListView): - paginate_by = settings.CONFIG.DISPLAY_PER_PAGE - context_object_name = 'perm_user_asset_list' - template_name = 'perms/perm_user_asset_list.html' - model = User - - def get(self, request, *args, **kwargs): - self.object = self.get_object(queryset=User.objects.all()) - return super(PermUserAssetListView, self).get(request, *args, **kwargs) - - def get_context_data(self, **kwargs): - context = { - 'app': _('Assets'), - 'action': _('User perm asset list'), - 'keyword': self.request.GET.get('keyword', '') - } - kwargs.update(context) - return super(PermUserAssetListView, self).get_context_data(**kwargs) - - def get_queryset(self): - self.queryset = self.object.permuserasset_set.all() - return self.queryset - - -class PermUserAssetCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView): - model = PermUserAsset - form_class = PermUserAssetForm - template_name = 'perms/perm_user_asset_create_update.html' - success_url = reverse_lazy('perms:perm-user-list') - success_message = _('Create user asset perm %s successfully.') - - def get_initial(self): - return {'user': self.get_object(queryset=User.objects.all())} - - def form_invalid(self, form): - print(form.errors) - return super(PermUserAssetCreateView, self).form_invalid(form) +class UserAssetPermissionCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView): + model = AssetPermission + form_class = AssetPermissionForm + template_name = 'perms/asset_permission_create.html' + success_url = reverse_lazy('perms:asset-permission-list') + success_message = _('Create asset %s perm successfully.') def get_context_data(self, **kwargs): context = { 'app': _('Perms'), - 'action': _('Create user asset perm'), - 'user': self.get_object(queryset=User.objects.all()), + 'action': _('Create asset permission'), } kwargs.update(context) - return super(PermUserAssetCreateView, self).get_context_data(**kwargs) + return super(UserAssetPermissionCreateView, self).get_context_data(**kwargs) - def get_success_message(self, cleaned_data): - return self.success_message % ( - reverse_lazy('perms:perm-user-asset-list', kwargs={'pk': self.object.user.id}) - ) + # def get_success_message(self, cleaned_data): + # return self.success_message % ( + # reverse_lazy('perms:asset-permission-list', kwargs={'pk': self.object.pk}) + # ) # class PermUserAssetUpdateView(AdminUserRequiredMixin, UpdateView): diff --git a/apps/templates/_nav.html b/apps/templates/_nav.html index dbb2bf637..b8ee3e775 100644 --- a/apps/templates/_nav.html +++ b/apps/templates/_nav.html @@ -26,15 +26,15 @@
  • {% trans 'Label' %}
    • -
  • +
  • {% trans 'Perms' %}
  • diff --git a/apps/users/models.py b/apps/users/models.py index 80a5b51da..516c9dd20 100644 --- a/apps/users/models.py +++ b/apps/users/models.py @@ -32,7 +32,7 @@ class UserGroup(models.Model): return False class Meta: - db_table = 'user-group' + db_table = 'user_group' @classmethod def initial(cls): diff --git a/apps/users/views.py b/apps/users/views.py index cfa3dd6fc..a385b473c 100644 --- a/apps/users/views.py +++ b/apps/users/views.py @@ -84,7 +84,7 @@ class UserListView(AdminUserRequiredMixin, ListView): model = User paginate_by = settings.CONFIG.DISPLAY_PER_PAGE context_object_name = 'user_list' - template_name = 'users/user_list.html' + template_name = 'users/asset_permission_list.html' ordering = '-date_joined' def get_queryset(self):