perf(perms): 应用授权表添加字段，type和category

2020-10-28 12:14:14 +08:00 · 2020-10-28 12:14:14 +08:00 · 77c8ca5863
parent 8fa15b3378
commit 77c8ca5863
3 changed files with 47 additions and 12 deletions
--- a/apps/applications/models/application.py
+++ b/apps/applications/models/application.py
@ -133,4 +133,6 @@ class Application(CommonModelMixin, OrgModelMixin):
        ordering = ('name',)

    def __str__(self):
-        return '{}({})'.format(self.name, self.get_category_display())
+        category_display = self.get_category_display()
+        type_display = self.get_type_display()
+        return f'{self.name}({type_display})[{category_display}]'
--- a/apps/perms/migrations/0016_applicationpermission.py
+++ b/apps/perms/migrations/0016_applicationpermission.py
@ -1,4 +1,4 @@
-# Generated by Django 2.2.13 on 2020-10-21 07:14
+# Generated by Django 2.2.13 on 2020-10-28 02:19

 import common.utils.django
 from django.conf import settings
@ -7,10 +7,12 @@ import django.utils.timezone
 import uuid


-def old_perm_to_application_permission_json(old_perm):
+def old_perm_to_application_permission_json(old_perm, category, _type):
    return {
        'id': old_perm.id,
        'name': old_perm.name,
+        'category': category,
+        'type': _type,
        'is_active': old_perm.is_active,
        'date_start': old_perm.date_start,
        'date_expired': old_perm.date_expired,
@ -58,21 +60,39 @@ def old_perm_relation_user_to_application_permission_json(old_perm_relation_user
    return data


+CATEGORY_DB = 'db'
+CATEGORY_REMOTE = 'remote_app'
+CATEGORY_CLOUD = 'cloud'
+
+TYPE_DB_MYSQL = 'mysql'
+TYPE_CLOUD_K8S = 'k8s'
+TYPE_REMOTE_CHROME = 'chrome'
+TYPE_REMOTE_MYSQL_WORKBENCH = 'mysql_workbench'
+TYPE_REMOTE_VMWARE_CLIENT = 'vmware_client'
+TYPE_REMOTE_CUSTOM = 'custom'
+
+
 OLD_PERM_MODELS_NAME_MAP_DATA_JSON = {
    'DatabaseAppPermission': {
        'app_m2m_fields': 'database_apps',
        'relation_app_perm_id': 'databaseapppermission_id',
-        'relation_app_id': 'databaseapp_id'
+        'relation_app_id': 'databaseapp_id',
+        'category': CATEGORY_DB,
+        'type': TYPE_DB_MYSQL,
    },
    'RemoteAppPermission': {
        'app_m2m_fields': 'remote_apps',
        'relation_app_perm_id': 'remoteapppermission_id',
-        'relation_app_id': 'remoteapp_id'
+        'relation_app_id': 'remoteapp_id',
+        'category': CATEGORY_REMOTE,
+        'type': None,
    },
    'K8sAppPermission': {
        'app_m2m_fields': 'k8s_apps',
        'relation_app_perm_id': 'k8sapppermission_id',
-        'relation_app_id': 'k8sapp_id'
+        'relation_app_id': 'k8sapp_id',
+        'category': CATEGORY_CLOUD,
+        'type': TYPE_CLOUD_K8S,
    }
 }

@ -99,10 +119,17 @@ def migrate_and_integrate_application_permissions(apps, schema_editor):
        old_perms_relation_users = old_perm_model.users.through.objects.using(db_alias).all()

        # json
-        perms_json = [
-            old_perm_to_application_permission_json(old_perm)
-            for old_perm in old_perms
-        ]
+        perms_json = []
+        category = data_json['category']
+        for old_perm in old_perms:
+            if category == CATEGORY_REMOTE:
+                type_list = list(old_perm.remote_apps.values_list('type', flat=True))
+                _type = max(type_list, key=type_list.count)
+            else:
+                _type = data_json['type']
+            perm_json = old_perm_to_application_permission_json(old_perm, category, _type)
+            perms_json.append(perm_json)
+
        perms_relation_apps_json = [
            old_perm_relation_app_to_application_permission_json(old_perm_relation_app, data_json)
            for old_perm_relation_app in old_perms_relation_apps
@ -166,13 +193,14 @@ def migrate_and_integrate_application_permissions(apps, schema_editor):
    new_app_perm_relation_user_model.objects.using(db_alias).bulk_create(new_app_perm_relation_user_objects)


+
 class Migration(migrations.Migration):

    dependencies = [
        ('users', '0030_auto_20200819_2041'),
-        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+        ('assets', '0059_auto_20201027_1905'),
        ('applications', '0006_application'),
-        ('assets', '0057_fill_node_value_assets_amount_and_parent_key'),
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('perms', '0015_auto_20200929_1728'),
    ]

@ -189,6 +217,8 @@ class Migration(migrations.Migration):
                ('created_by', models.CharField(blank=True, max_length=128, verbose_name='Created by')),
                ('date_created', models.DateTimeField(auto_now_add=True, verbose_name='Date created')),
                ('comment', models.TextField(blank=True, verbose_name='Comment')),
+                ('category', models.CharField(choices=[('db', 'Database'), ('remote_app', 'Remote app'), ('cloud', 'Cloud')], max_length=16, verbose_name='Category')),
+                ('type', models.CharField(choices=[('mysql', 'MySQL'), ('oracle', 'Oracle'), ('postgresql', 'PostgreSQL'), ('mariadb', 'MariaDB'), ('chrome', 'Chrome'), ('mysql_workbench', 'MySQL Workbench'), ('vmware_client', 'vSphere Client'), ('custom', 'Custom'), ('k8s', 'Kubernetes')], max_length=16, verbose_name='Type')),
                ('applications', models.ManyToManyField(blank=True, related_name='granted_by_permissions', to='applications.Application', verbose_name='Application')),
                ('system_users', models.ManyToManyField(related_name='granted_by_application_permissions', to='assets.SystemUser', verbose_name='System user')),
                ('user_groups', models.ManyToManyField(blank=True, related_name='applicationpermissions', to='users.UserGroup', verbose_name='User group')),
--- a/apps/perms/models/application_permission.py
+++ b/apps/perms/models/application_permission.py
@ -8,6 +8,7 @@ from django.utils.translation import ugettext_lazy as _
 from common.utils import lazyproperty
 from .base import BasePermission
 from users.models import User
+from applications.models import Category

 __all__ = [
    'ApplicationPermission',
@ -15,6 +16,8 @@ __all__ = [


 class ApplicationPermission(BasePermission):
+    category = models.CharField(max_length=16, choices=Category.choices, verbose_name=_('Category'))
+    type = models.CharField(max_length=16, choices=Category.get_all_type_choices(), verbose_name=_('Type'))
    applications = models.ManyToManyField('applications.Application', related_name='granted_by_permissions', blank=True, verbose_name=_("Application"))
    system_users = models.ManyToManyField('assets.SystemUser', related_name='granted_by_application_permissions', verbose_name=_("System user"))