github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

fix: 修复批量命令权限

pull/7846/head
Jiangjie.Bai 3 years ago committed by Jiangjie.Bai
parent
faf82d7cfb
commit
72247d1df3
2 changed files with 6 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 13
      apps/ops/api/command.py
  2. 3
      apps/rbac/tree.py

13
apps/ops/api/command.py
Unescape View File

@ -10,6 +10,7 @@ from django.conf import settings
from assets.models import Asset, Node from assets.models import Asset, Node
from orgs.mixins.api import RootOrgViewMixin from orgs.mixins.api import RootOrgViewMixin
from common.permissions import IsValidUser from common.permissions import IsValidUser
from rbac.permissions import RBACPermission
from ..models import CommandExecution from ..models import CommandExecution
from ..serializers import CommandExecutionSerializer from ..serializers import CommandExecutionSerializer
from ..tasks import run_command_execution from ..tasks import run_command_execution
@ -17,12 +18,10 @@ from ..tasks import run_command_execution
class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet): class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet):
serializer_class = CommandExecutionSerializer serializer_class = CommandExecutionSerializer
permission_classes = (IsValidUser,) permission_classes = (RBACPermission,)
def get_queryset(self): def get_queryset(self):
return CommandExecution.objects.filter( return CommandExecution.objects.filter(user_id=str(self.request.user.id))
user_id=str(self.request.user.id)
)
def check_hosts(self, serializer): def check_hosts(self, serializer):
data = serializer.validated_data data = serializer.validated_data
@ -36,11 +35,7 @@ class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet):
) )
permed_assets = set() permed_assets = set()
permed_assets.update( permed_assets.update(Asset.objects.filter(id__in=[a.id for a in assets]).filter(q).distinct())
Asset.objects.filter(
id__in=[a.id for a in assets]
).filter(q).distinct()
)
node_keys = Node.objects.filter(q).distinct().values_list('key', flat=True) node_keys = Node.objects.filter(q).distinct().values_list('key', flat=True)
nodes_assets_q = Q() nodes_assets_q = Q()

3
apps/rbac/tree.py
Unescape View File

@ -90,7 +90,8 @@ special_pid_mapper = {
'perms.connect_myassets': 'my_assets', 'perms.connect_myassets': 'my_assets',
'perms.view_myapps': 'my_apps', 'perms.view_myapps': 'my_apps',
'perms.connect_myapps': 'my_apps', 'perms.connect_myapps': 'my_apps',
'ops.commandexecution': 'view_workspace', 'ops.add_commandexecution': 'view_workspace',
'ops.view_commandexecution': 'audits',
"perms.view_mykubernetsapp": "my_apps", "perms.view_mykubernetsapp": "my_apps",
"perms.connect_mykubernetsapp": "my_apps", "perms.connect_mykubernetsapp": "my_apps",
"perms.view_myremoteapp": "my_apps", "perms.view_myremoteapp": "my_apps",

Write Preview
Loading…
Cancel
Save