[Update] 恢复到原来的sql (#3707)

2020-02-15 20:49:20 +08:00 · 2020-02-15 20:49:20 +08:00 · 8b8b11ce1e
parent 5f61f2b555
commit 8b8b11ce1e
6 changed files with 33 additions and 40 deletions
--- a/apps/perms/api/asset_permission.py
+++ b/apps/perms/api/asset_permission.py
@ -1,9 +1,10 @@
 # -*- coding: utf-8 -*-
 #
+from django.db.models import Q

 from common.permissions import IsOrgAdmin
 from orgs.mixins.api import OrgModelViewSet
-from common.utils import get_object_or_none, union_queryset
+from common.utils import get_object_or_none
 from ..models import AssetPermission
 from ..hands import (
    User, UserGroup, Asset, Node, SystemUser,
@ -109,9 +110,9 @@ class AssetPermissionViewSet(OrgModelViewSet):
                continue
            ancestor_keys = Node.get_node_ancestor_keys(key, with_self=True)
            inherit_all_nodes.update(ancestor_keys)
-        assets_queryset = queryset.filter(assets__in=assets)
-        nodes_queryset = queryset.filter(nodes__key__in=inherit_all_nodes)
-        queryset = union_queryset(assets_queryset, nodes_queryset)
+        queryset = queryset.filter(
+            Q(assets__in=assets) | Q(nodes__key__in=inherit_all_nodes)
+        ).distinct()
        return queryset

    def filter_user(self, queryset):
@ -129,9 +130,9 @@ class AssetPermissionViewSet(OrgModelViewSet):
            queryset = queryset.filter(users=user)
            return queryset
        groups = user.groups.all()
-        users_queryset = queryset.filter(users=user)
-        groups_queryset = queryset.filter(user_groups__in=groups)
-        queryset = union_queryset(users_queryset, groups_queryset)
+        queryset = queryset.filter(
+            Q(users=user) | Q(user_groups__in=groups)
+        ).distinct()
        return queryset

    def filter_user_group(self, queryset):
--- a/apps/perms/api/user_permission/common.py
+++ b/apps/perms/api/user_permission/common.py
@ -105,6 +105,7 @@ class UserGrantedAssetSystemUsersApi(UserAssetPermissionMixin, ListAPIView):
    only_fields = serializers.AssetSystemUserSerializer.Meta.only_fields

    def get_queryset(self):
+        import time
        asset_id = self.kwargs.get('asset_id')
        asset = get_object_or_404(Asset, id=asset_id)
        system_users_with_actions = self.util.get_asset_system_users_with_actions(asset)
@ -114,3 +115,4 @@ class UserGrantedAssetSystemUsersApi(UserAssetPermissionMixin, ListAPIView):
            system_users.append(system_user)
        system_users.sort(key=lambda x: x.priority)
        return system_users
+
--- a/apps/perms/models/base.py
+++ b/apps/perms/models/base.py
@ -8,7 +8,7 @@ from django.db.models import Q
 from django.utils import timezone
 from orgs.mixins.models import OrgModelMixin

-from common.utils import date_expired_default, union_queryset
+from common.utils import date_expired_default
 from orgs.mixins.models import OrgManager


@ -83,8 +83,7 @@ class BasePermission(OrgModelMixin):
        from users.models import User
        users_id = self.users.all().values_list('id', flat=True)
        groups_id = self.user_groups.all().values_list('id', flat=True)
-        users = User.objects.filter(id__in=users_id)
-        if groups_id:
-            groups_users = User.objects.filter(groups__id__in=groups_id)
-            users = union_queryset(users, groups_users)
+        users = User.objects.filter(
+            Q(id__in=users_id) | Q(groups__id__in=groups_id)
+        ).distinct()
        return users
--- a/apps/perms/utils/asset_permission.py
+++ b/apps/perms/utils/asset_permission.py
@ -9,7 +9,7 @@ from django.db.models import Q
 from django.conf import settings

 from orgs.utils import set_to_root_org
-from common.utils import get_logger, timeit, lazyproperty, union_queryset
+from common.utils import get_logger, timeit, lazyproperty
 from common.tree import TreeNode
 from assets.utils import TreeService
 from ..models import AssetPermission
@ -25,17 +25,12 @@ __all__ = [


 def get_user_permissions(user, include_group=True):
-    permissions = AssetPermission.objects.filter(users=user)
    if include_group:
        groups = user.groups.all()
-        permissions_groups = AssetPermission.objects.filter(
-            user_groups__in=groups
-        )
-        base_queryset = AssetPermission.get_queryset_with_prefetch()
-        permissions = union_queryset(
-            permissions, permissions_groups, base_queryset=base_queryset
-        )
-    return permissions
+        arg = Q(users=user) | Q(user_groups__in=groups)
+    else:
+        arg = Q(users=user)
+    return AssetPermission.get_queryset_with_prefetch().filter(arg)


 def get_user_group_permissions(user_group):
@ -45,13 +40,12 @@ def get_user_group_permissions(user_group):


 def get_asset_permissions(asset, include_node=True):
-    permissions = AssetPermission.objects.filter(asset=asset)
    if include_node:
        nodes = asset.get_all_nodes(flat=True)
-        base_queryset = AssetPermission.get_queryset_with_prefetch()
-        permissions_nodes = AssetPermission.objects.filter(nodes__in=nodes)
-        permissions = union_queryset(permissions, permissions_nodes, base_queryset=base_queryset)
-    return permissions
+        arg = Q(assets=asset) | Q(nodes__in=nodes)
+    else:
+        arg = Q(assets=asset)
+    return AssetPermission.objects.valid().filter(arg)


 def get_node_permissions(node):
--- a/apps/perms/utils/database_app_permission.py
+++ b/apps/perms/utils/database_app_permission.py
@ -2,10 +2,10 @@
 #

 from django.utils.translation import ugettext as _
+from django.db.models import Q

 from orgs.utils import set_to_root_org
 from ..models import DatabaseAppPermission
-from common.utils import union_queryset
 from common.tree import TreeNode
 from applications.models import DatabaseApp
 from assets.models import SystemUser
@ -19,13 +19,12 @@ __all__ = [


 def get_user_database_app_permissions(user, include_group=True):
-    permissions = DatabaseAppPermission.objects.all().valid().filter(users=user)
    if include_group:
        groups = user.groups.all()
-        groups_permissions = DatabaseAppPermission.objects.all().valid()\
-            .filter(user_groups__in=groups)
-        permissions = union_queryset(permissions, groups_permissions)
-    return permissions
+        arg = Q(users=user) | Q(user_groups__in=groups)
+    else:
+        arg = Q(users=user)
+    return DatabaseAppPermission.objects.all().valid().filter(arg)


 def get_user_group_database_app_permission(user_group):
--- a/apps/perms/utils/remote_app_permission.py
+++ b/apps/perms/utils/remote_app_permission.py
@ -2,9 +2,9 @@
 #

 from django.utils.translation import ugettext as _
+from django.db.models import Q

 from common.tree import TreeNode
-from common.utils import union_queryset
 from orgs.utils import set_to_root_org

 from ..models import RemoteAppPermission
@ -18,14 +18,12 @@ __all__ = [


 def get_user_remote_app_permissions(user, include_group=True):
-    permissions = RemoteAppPermission.objects.all().valid().filter(users=user)
    if include_group:
        groups = user.groups.all()
-        groups_permissions = RemoteAppPermission.objects.all().valid().filter(
-            user_groups__in=groups
-        )
-        permissions = union_queryset(permissions, groups_permissions)
-    return permissions
+        arg = Q(users=user) | Q(user_groups__in=groups)
+    else:
+        arg = Q(users=user)
+    return RemoteAppPermission.objects.all().valid().filter(arg)


 def get_user_group_remote_app_permissions(user_group):