perf(perms): 用户/用户组授权的所有应用API返回attrs属性

apps/applications/api/application.py

@@ -3,55 +3,18 @@
 
 from orgs.mixins.api import OrgBulkModelViewSet
 
-from common.exceptions import JMSException
-from .. import models
-from .. import serializers
+from .mixin import ApplicationAttrsSerializerViewMixin
 from ..hands import IsOrgAdminOrAppUser
+from .. import models, serializers
 
 __all__ = [
     'ApplicationViewSet',
 ]
 
 
-class ApplicationViewSet(OrgBulkModelViewSet):
+class ApplicationViewSet(ApplicationAttrsSerializerViewMixin, OrgBulkModelViewSet):
     model = models.Application
     filter_fields = ('name', 'type', 'category')
     search_fields = filter_fields
     permission_classes = (IsOrgAdminOrAppUser,)
     serializer_class = serializers.ApplicationSerializer
-
-    def get_serializer_class(self):
-        serializer_class = super().get_serializer_class()
-        app_type = self.request.query_params.get('type')
-        app_category = self.request.query_params.get('category')
-        type_options = list(dict(models.Category.get_all_type_serializer_mapper()).keys())
-        category_options = list(dict(models.Category.get_category_serializer_mapper()).keys())
-
-        if app_type and app_type not in type_options:
-            raise JMSException(
-                'Invalid query parameter `type`, select from the following options: {}'
-                ''.format(type_options)
-            )
-        if app_category and app_category not in category_options:
-            raise JMSException(
-                'Invalid query parameter `category`, select from the following options: {}'
-                ''.format(category_options)
-            )
-
-        if self.action in [
-            'create', 'update', 'partial_update', 'bulk_update', 'partial_bulk_update'
-        ] and not app_type:
-            # action: create / update
-            raise JMSException(
-                'The `{}` action must take the `type` query parameter'.format(self.action)
-            )
-
-        if app_type:
-            # action: create / update / list / retrieve / metadata
-            attrs_cls = models.Category.get_type_serializer_cls(app_type)
-        elif app_category:
-            # action: list / retrieve / metadata
-            attrs_cls = models.Category.get_category_serializer_cls(app_category)
-        else:
-            attrs_cls = models.Category.get_no_password_serializer_cls()
-        return type('ApplicationDynamicSerializer', (serializer_class,), {'attrs': attrs_cls()})

apps/applications/api/mixin.py

@@ -1,3 +1,49 @@
+from common.exceptions import JMSException
+from .. import models
+
+
+class ApplicationAttrsSerializerViewMixin:
+
+    def get_serializer_class(self):
+        serializer_class = super().get_serializer_class()
+        app_type = self.request.query_params.get('type')
+        app_category = self.request.query_params.get('category')
+        type_options = list(dict(models.Category.get_all_type_serializer_mapper()).keys())
+        category_options = list(dict(models.Category.get_category_serializer_mapper()).keys())
+
+        # ListAPIView 没有 action 属性
+        # 不使用method属性，因为options请求时为method为post
+        action = getattr(self, 'action', 'list')
+
+        if app_type and app_type not in type_options:
+            raise JMSException(
+                'Invalid query parameter `type`, select from the following options: {}'
+                ''.format(type_options)
+            )
+        if app_category and app_category not in category_options:
+            raise JMSException(
+                'Invalid query parameter `category`, select from the following options: {}'
+                ''.format(category_options)
+            )
+
+        if action in [
+            'create', 'update', 'partial_update', 'bulk_update', 'partial_bulk_update'
+        ] and not app_type:
+            # action: create / update
+            raise JMSException(
+                'The `{}` action must take the `type` query parameter'.format(action)
+            )
+
+        if app_type:
+            # action: create / update / list / retrieve / metadata
+            attrs_cls = models.Category.get_type_serializer_cls(app_type)
+        elif app_category:
+            # action: list / retrieve / metadata
+            attrs_cls = models.Category.get_category_serializer_cls(app_category)
+        else:
+            attrs_cls = models.Category.get_no_password_serializer_cls()
+        return type('ApplicationDynamicSerializer', (serializer_class,), {'attrs': attrs_cls()})
+
 
 class SerializeApplicationToTreeNodeMixin:
 

apps/perms/api/application/user_group_permission.py

@@ -6,6 +6,7 @@ from rest_framework.generics import ListAPIView
 
 from common.permissions import IsOrgAdminOrAppUser
 from applications.models import Application
+from applications.api.mixin import ApplicationAttrsSerializerViewMixin
 from perms import serializers
 
 __all__ = [
@@ -13,14 +14,14 @@ __all__ = [
 ]
 
 
-class UserGroupGrantedApplicationsApi(ListAPIView):
+class UserGroupGrantedApplicationsApi(ApplicationAttrsSerializerViewMixin, ListAPIView):
     """
     获取用户组直接授权的资产
     """
     permission_classes = (IsOrgAdminOrAppUser,)
     serializer_class = serializers.ApplicationGrantedSerializer
     only_fields = serializers.ApplicationGrantedSerializer.Meta.only_fields
-    filter_fields = ['id', 'name', 'comment']
+    filter_fields = ['id', 'name', 'category', 'type', 'comment']
     search_fields = ['name', 'comment']
 
     def get_queryset(self):

apps/perms/api/application/user_permission/user_permission_applications.py

@@ -3,7 +3,9 @@
 from rest_framework.generics import ListAPIView
 from rest_framework.response import Response
 
-from applications.api.mixin import SerializeApplicationToTreeNodeMixin
+from applications.api.mixin import (
+    SerializeApplicationToTreeNodeMixin, ApplicationAttrsSerializerViewMixin
+)
 from perms import serializers
 from perms.api.asset.user_permission.mixin import ForAdminMixin, ForUserMixin
 from perms.utils.application.user_permission import (
@@ -19,7 +21,7 @@ __all__ = [
 ]
 
 
-class AllGrantedApplicationsMixin(ListAPIView):
+class AllGrantedApplicationsMixin(ApplicationAttrsSerializerViewMixin, ListAPIView):
     only_fields = serializers.ApplicationGrantedSerializer.Meta.only_fields
     serializer_class = serializers.ApplicationGrantedSerializer
     filter_fields = ['id', 'name', 'category', 'type', 'comment']

apps/perms/serializers/application/user_permission.py

@@ -36,7 +36,7 @@ class ApplicationGrantedSerializer(serializers.ModelSerializer):
     class Meta:
         model = Application
         only_fields = [
-            'id', 'name', 'domain', 'category', 'type', 'comment', 'org_id'
+            'id', 'name', 'domain', 'category', 'type', 'attrs', 'comment', 'org_id'
         ]
         fields = only_fields + ['category_display', 'type_display', 'org_name']
         read_only_fields = fields