From ac238aa36e37513523ec00f7266189addb50c023 Mon Sep 17 00:00:00 2001 From: BaiJiangJie <32935519+BaiJiangJie@users.noreply.github.com> Date: Wed, 25 Jul 2018 17:51:09 +0800 Subject: [PATCH 01/11] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=94=B9=E7=94=A8?= =?UTF-8?q?=E6=88=B7=E7=99=BB=E5=BD=95=E5=A4=B1=E8=B4=A5=E9=99=90=E5=88=B6?= =?UTF-8?q?=E6=AC=A1=E6=95=B0=EF=BC=8C3->7=20(#1586)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [Update] 修改用户登录失败限制次数,3->7 * [Update] 修改用户登录失败限制次数,3->7 - 续 --- apps/common/forms.py | 2 +- apps/jumpserver/settings.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/common/forms.py b/apps/common/forms.py index a11420498..8667aa128 100644 --- a/apps/common/forms.py +++ b/apps/common/forms.py @@ -181,7 +181,7 @@ class SecuritySettingForm(BaseForm): ) # limit login count SECURITY_LOGIN_LIMIT_COUNT = forms.IntegerField( - initial=3, min_value=3, + initial=7, min_value=3, label=_("Limit the number of login failures") ) # limit login time diff --git a/apps/jumpserver/settings.py b/apps/jumpserver/settings.py index 547a9ac3d..0bd38d95b 100644 --- a/apps/jumpserver/settings.py +++ b/apps/jumpserver/settings.py @@ -406,7 +406,7 @@ TERMINAL_REPLAY_STORAGE = { DEFAULT_PASSWORD_MIN_LENGTH = 6 -DEFAULT_LOGIN_LIMIT_COUNT = 3 +DEFAULT_LOGIN_LIMIT_COUNT = 7 DEFAULT_LOGIN_LIMIT_TIME = 30 # Django bootstrap3 setting, more see http://django-bootstrap3.readthedocs.io/en/latest/settings.html From 74c3f122757b2ce246e15b9c661c847dd85fa45c Mon Sep 17 00:00:00 2001 From: ibuler Date: Thu, 26 Jul 2018 14:37:10 +0800 Subject: [PATCH 02/11] =?UTF-8?q?[Update]=20=E6=B7=BB=E5=8A=A0=E8=84=9A?= =?UTF-8?q?=E6=9C=AC=EF=BC=8C=E5=B0=86windows=E5=8D=8F=E8=AE=AE=E6=94=B9?= =?UTF-8?q?=E4=B8=BArdp?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/models/domain.py | 2 +- utils/2018_07_15_set_win_protocol_to_ssh.sh | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 utils/2018_07_15_set_win_protocol_to_ssh.sh diff --git a/apps/assets/models/domain.py b/apps/assets/models/domain.py index 6f29a0381..61c3bcc1f 100644 --- a/apps/assets/models/domain.py +++ b/apps/assets/models/domain.py @@ -43,7 +43,7 @@ class Gateway(AssetUser): ip = models.GenericIPAddressField(max_length=32, verbose_name=_('IP'), db_index=True) port = models.IntegerField(default=22, verbose_name=_('Port')) protocol = models.CharField(choices=PROTOCOL_CHOICES, max_length=16, default=SSH_PROTOCOL, verbose_name=_("Protocol")) - domain = models.ForeignKey(Domain, verbose_name=_("Domain")) + domain = models.ForeignKey(Domain, verbose_name=_("Domain"), on_delete=models.CASCADE) comment = models.CharField(max_length=128, blank=True, null=True, verbose_name=_("Comment")) is_active = models.BooleanField(default=True, verbose_name=_("Is active")) diff --git a/utils/2018_07_15_set_win_protocol_to_ssh.sh b/utils/2018_07_15_set_win_protocol_to_ssh.sh new file mode 100644 index 000000000..6d8596244 --- /dev/null +++ b/utils/2018_07_15_set_win_protocol_to_ssh.sh @@ -0,0 +1,9 @@ +#!/bin/bash +# + +python ../apps/manage.py shell << EOF +from assets.models import Asset + +Asset.objects.filter(platform__startswith='Win').update(protocol='rdp') + +EOF From 7e65e44a3cec8e66eff60ea84f42d88755c73c25 Mon Sep 17 00:00:00 2001 From: ibuler Date: Thu, 26 Jul 2018 18:12:25 +0800 Subject: [PATCH 03/11] =?UTF-8?q?[Update]=20=E5=85=BC=E5=AE=B9guacamole?= =?UTF-8?q?=E6=89=8B=E5=8A=A8=E6=A8=A1=E5=BC=8F=E4=B8=8A=E4=BC=A0system=20?= =?UTF-8?q?user=E6=98=AFuuid?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/models/user.py | 20 +++++++++++++++++++ apps/terminal/api.py | 13 ++++++++---- apps/terminal/hands.py | 3 ++- .../templates/terminal/session_list.html | 2 +- apps/terminal/templatetags/terminal_tags.py | 2 ++ 5 files changed, 34 insertions(+), 6 deletions(-) diff --git a/apps/assets/models/user.py b/apps/assets/models/user.py index 5faca5da8..21b7c9a41 100644 --- a/apps/assets/models/user.py +++ b/apps/assets/models/user.py @@ -118,6 +118,8 @@ class SystemUser(AssetUser): shell = models.CharField(max_length=64, default='/bin/bash', verbose_name=_('Shell')) login_mode = models.CharField(choices=LOGIN_MODE_CHOICES, default=AUTO_LOGIN, max_length=10, verbose_name=_('Login mode')) + cache_key = "__SYSTEM_USER_CACHED_{}" + def __str__(self): return '{0.name}({0.username})'.format(self) @@ -154,6 +156,24 @@ class SystemUser(AssetUser): else: return False + def set_cache(self): + cache.set(self.cache_key.format(self.id), self, 3600) + + def expire_cache(self): + cache.delete(self.cache_key.format(self.id)) + + @classmethod + def get_system_user_by_id_or_cached(cls, sid): + cached = cache.get(cls.cache_key.format(sid)) + if cached: + return cached + try: + system_user = cls.objects.get(id=sid) + system_user.set_cache() + return system_user + except cls.DoesNotExist: + return None + class Meta: ordering = ['name'] verbose_name = _("System user") diff --git a/apps/terminal/api.py b/apps/terminal/api.py index b428acb3e..956491f21 100644 --- a/apps/terminal/api.py +++ b/apps/terminal/api.py @@ -4,7 +4,6 @@ from collections import OrderedDict import logging import os import uuid -import copy from django.core.cache import cache from django.shortcuts import get_object_or_404, redirect @@ -16,12 +15,13 @@ from django.conf import settings import jms_storage -from rest_framework import viewsets, serializers +from rest_framework import viewsets from rest_framework.views import APIView, Response from rest_framework.permissions import AllowAny from rest_framework_bulk import BulkModelViewSet -from common.utils import get_object_or_none +from common.utils import get_object_or_none, is_uuid +from .hands import SystemUser from .models import Terminal, Status, Session, Task from .serializers import TerminalSerializer, StatusSerializer, \ SessionSerializer, TaskSerializer, ReplaySerializer @@ -187,8 +187,13 @@ class SessionViewSet(viewsets.ModelViewSet): return self.queryset def perform_create(self, serializer): - if self.request.user.terminal: + if hasattr(self.request.user, 'terminal'): serializer.validated_data["terminal"] = self.request.user.terminal + sid = serializer.validated_data["system_user"] + if is_uuid(sid): + _system_user = SystemUser.get_system_user_by_id_or_cached(sid) + if _system_user: + serializer.validated_data["system_user"] = _system_user.name return super().perform_create(serializer) diff --git a/apps/terminal/hands.py b/apps/terminal/hands.py index ce075bfc5..3461730b8 100644 --- a/apps/terminal/hands.py +++ b/apps/terminal/hands.py @@ -4,4 +4,5 @@ from users.models import User from users.permissions import IsSuperUserOrAppUser, IsAppUser, \ IsSuperUserOrAppUserOrUserReadonly -from users.utils import AdminUserRequiredMixin \ No newline at end of file +from users.utils import AdminUserRequiredMixin +from assets.models import SystemUser \ No newline at end of file diff --git a/apps/terminal/templates/terminal/session_list.html b/apps/terminal/templates/terminal/session_list.html index 33ae09877..4bdf61fab 100644 --- a/apps/terminal/templates/terminal/session_list.html +++ b/apps/terminal/templates/terminal/session_list.html @@ -58,7 +58,7 @@
diff --git a/apps/terminal/templatetags/terminal_tags.py b/apps/terminal/templatetags/terminal_tags.py index c5643c67b..e8ba23186 100644 --- a/apps/terminal/templatetags/terminal_tags.py +++ b/apps/terminal/templatetags/terminal_tags.py @@ -1,6 +1,7 @@ # ~*~ coding: utf-8 ~*~ from django import template + from ..backends import get_multi_command_storage register = template.Library() @@ -10,3 +11,4 @@ command_store = get_multi_command_storage() @register.filter def get_session_command_amount(session_id): return command_store.count(session=session_id) + From d649aacfd6b0c101bbcf1ed806f917105a47a5d2 Mon Sep 17 00:00:00 2001 From: BaiJiangJie <32935519+BaiJiangJie@users.noreply.github.com> Date: Thu, 26 Jul 2018 18:25:14 +0800 Subject: [PATCH 04/11] =?UTF-8?q?[Update]=20asset=20platform=20=E5=8F=96?= =?UTF-8?q?=E6=B6=88*required=20(#1595)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/forms/asset.py | 4 ++-- apps/assets/templates/assets/asset_create.html | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/assets/forms/asset.py b/apps/assets/forms/asset.py index 5000c087d..5e52e3ac9 100644 --- a/apps/assets/forms/asset.py +++ b/apps/assets/forms/asset.py @@ -45,7 +45,7 @@ class AssetCreateForm(forms.ModelForm): 'root or other NOPASSWD sudo privilege user existed in asset,' 'If asset is windows or other set any one, more see admin user left menu' ), - 'platform': _("* required Must set exact system platform, Windows, Linux ..."), + # 'platform': _("* required Must set exact system platform, Windows, Linux ..."), 'domain': _("If your have some network not connect with each other, you can set domain") } @@ -85,7 +85,7 @@ class AssetUpdateForm(forms.ModelForm): 'root or other NOPASSWD sudo privilege user existed in asset,' 'If asset is windows or other set any one, more see admin user left menu' ), - 'platform': _("* required Must set exact system platform, Windows, Linux ..."), + # 'platform': _("* required Must set exact system platform, Windows, Linux ..."), 'domain': _("If your have some network not connect with each other, you can set domain") } diff --git a/apps/assets/templates/assets/asset_create.html b/apps/assets/templates/assets/asset_create.html index 55e233d0d..2a3d62b3d 100644 --- a/apps/assets/templates/assets/asset_create.html +++ b/apps/assets/templates/assets/asset_create.html @@ -15,10 +15,10 @@ {% csrf_token %}

{% trans 'Basic' %}

{% bootstrap_field form.hostname layout="horizontal" %} - {% bootstrap_field form.platform layout="horizontal" %} {% bootstrap_field form.ip layout="horizontal" %} {% bootstrap_field form.protocol layout="horizontal" %} {% bootstrap_field form.port layout="horizontal" %} + {% bootstrap_field form.platform layout="horizontal" %} {% bootstrap_field form.public_ip layout="horizontal" %} {% bootstrap_field form.domain layout="horizontal" %} From 5ce3dd4079301a07f70da9cdefa2b77352509ea7 Mon Sep 17 00:00:00 2001 From: ibuler Date: Thu, 26 Jul 2018 19:30:37 +0800 Subject: [PATCH 05/11] =?UTF-8?q?[Update]=20=E6=B7=BB=E5=8A=A0unblock=20us?= =?UTF-8?q?er=E8=84=9A=E6=9C=AC?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- utils/unblock_all_user.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 utils/unblock_all_user.sh diff --git a/utils/unblock_all_user.sh b/utils/unblock_all_user.sh new file mode 100644 index 000000000..6fe4e3356 --- /dev/null +++ b/utils/unblock_all_user.sh @@ -0,0 +1,10 @@ +#!/bin/bash +# + +python ../apps/manage.py shell << EOF +from django.core.cache import cache + +cache.delete_pattern('_LOGIN_BLOCK_*') +cache.delete_pattern('_LOGIN_LIMIT_*') + +EOF From 45a354f8488d93d51ee275c9f339040234685e25 Mon Sep 17 00:00:00 2001 From: BaiJiangJie Date: Fri, 27 Jul 2018 10:42:32 +0800 Subject: [PATCH 06/11] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8Dorg=E4=B8=8B?= =?UTF-8?q?=E6=99=AE=E9=80=9A=E7=94=A8=E6=88=B7=E6=89=93=E5=BC=80web?= =?UTF-8?q?=E7=BB=88=E7=AB=AF=E7=9C=8B=E4=B8=8D=E5=88=B0=E5=B7=B2=E8=A2=AB?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E7=9A=84=E8=B5=84=E4=BA=A7=E5=92=8C=E8=8A=82?= =?UTF-8?q?=E7=82=B9bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/api.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/apps/perms/api.py b/apps/perms/api.py index 3851d401a..6d249993d 100644 --- a/apps/perms/api.py +++ b/apps/perms/api.py @@ -14,6 +14,8 @@ from .models import AssetPermission from .hands import AssetGrantedSerializer, User, UserGroup, Asset, Node, \ NodeGrantedSerializer, SystemUser, NodeSerializer from . import serializers +from orgs.utils import set_current_org +from orgs.models import Organization class AssetPermissionViewSet(viewsets.ModelViewSet): @@ -128,6 +130,7 @@ class UserGrantedNodesWithAssetsApi(ListAPIView): return queryset def get_permissions(self): + set_current_org(Organization.root()) if self.kwargs.get('pk') is None: self.permission_classes = (IsValidUser,) return super().get_permissions() From eca245fdd5b956306df454dc0d59aa2e07c11085 Mon Sep 17 00:00:00 2001 From: ibuler Date: Fri, 27 Jul 2018 11:59:39 +0800 Subject: [PATCH 07/11] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8D=E8=8A=82?= =?UTF-8?q?=E7=82=B9=E5=89=8D=E9=9D=A2=E6=9C=89=E4=B8=AA=E7=A9=BA=E7=9B=AE?= =?UTF-8?q?=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/api/node.py | 7 ------- apps/assets/models/node.py | 15 +++++++++------ apps/assets/serializers/node.py | 7 +++++-- apps/assets/templates/assets/asset_list.html | 9 +++++---- .../templates/perms/asset_permission_list.html | 7 +++++-- apps/templates/_user_profile.html | 2 +- 6 files changed, 25 insertions(+), 22 deletions(-) diff --git a/apps/assets/api/node.py b/apps/assets/api/node.py index ff04ee492..471a096b6 100644 --- a/apps/assets/api/node.py +++ b/apps/assets/api/node.py @@ -42,13 +42,6 @@ class NodeViewSet(viewsets.ModelViewSet): permission_classes = (IsOrgAdmin,) serializer_class = serializers.NodeSerializer - def get_queryset(self): - # queryset = super(NodeViewSet, self).get_queryset() - print("API GET QUWRYSET") - # print(get_current_org()) - # print(queryset) - return Node.objects.all() - def perform_create(self, serializer): child_key = Node.root().get_next_child_key() serializer.validated_data["key"] = child_key diff --git a/apps/assets/models/node.py b/apps/assets/models/node.py index 34becbdb6..e04b9a401 100644 --- a/apps/assets/models/node.py +++ b/apps/assets/models/node.py @@ -178,12 +178,15 @@ class Node(OrgModelMixin): # 如果使用current_org 在set_current_org时会死循环 _current_org = get_current_org() with transaction.atomic(): - set_current_org(Organization.root()) - org_nodes_roots = cls.objects.filter(key__regex=r'^[0-9]+$') - org_nodes_roots_keys = org_nodes_roots.values_list('key', flat=True) - max_value = max([int(k) for k in org_nodes_roots_keys]) if org_nodes_roots_keys else -1 - set_current_org(_current_org) - root = cls.objects.create(key=str(max_value+1), value=_current_org.name) + if _current_org.is_default(): + key = '0' + else: + set_current_org(Organization.root()) + org_nodes_roots = cls.objects.filter(key__regex=r'^[0-9]+$') + org_nodes_roots_keys = org_nodes_roots.values_list('key', flat=True) + key = max([int(k) for k in org_nodes_roots_keys]) + 1 + set_current_org(_current_org) + root = cls.objects.create(key=key, value=_current_org.name) return root @classmethod diff --git a/apps/assets/serializers/node.py b/apps/assets/serializers/node.py index 0352dfecc..3eca3276f 100644 --- a/apps/assets/serializers/node.py +++ b/apps/assets/serializers/node.py @@ -26,7 +26,7 @@ class NodeGrantedSerializer(BulkSerializerMixin, serializers.ModelSerializer): model = Node fields = [ 'id', 'key', 'name', 'value', 'parent', - 'assets_granted', 'assets_amount', + 'assets_granted', 'assets_amount', 'org_id', ] @staticmethod @@ -48,7 +48,10 @@ class NodeSerializer(serializers.ModelSerializer): class Meta: model = Node - fields = ['id', 'key', 'value', 'parent', 'assets_amount', 'is_node'] + fields = [ + 'id', 'key', 'value', 'parent', 'assets_amount', + 'is_node', 'org_id', + ] list_serializer_class = BulkListSerializer def validate(self, data): diff --git a/apps/assets/templates/assets/asset_list.html b/apps/assets/templates/assets/asset_list.html index 23d7fe001..270cc4c4f 100644 --- a/apps/assets/templates/assets/asset_list.html +++ b/apps/assets/templates/assets/asset_list.html @@ -406,10 +406,11 @@ function initTree() { var zNodes = []; $.get("{% url 'api-assets:node-list' %}", function(data, status){ $.each(data, function (index, value) { - value["pId"] = value["parent"]; - if (value["key"] === "0") { - value["open"] = true; - } + if (value["parent"] !== value["id"]){ + value["pId"] = value["parent"]; + } else { + value["isParent"] = true; + } value["name"] = value["value"] + ' (' + value['assets_amount'] + ')'; value['value'] = value['value']; }); diff --git a/apps/perms/templates/perms/asset_permission_list.html b/apps/perms/templates/perms/asset_permission_list.html index e9edd7637..013447901 100644 --- a/apps/perms/templates/perms/asset_permission_list.html +++ b/apps/perms/templates/perms/asset_permission_list.html @@ -240,9 +240,12 @@ function initTree() { var zNodes = []; $.get("{% url 'api-assets:node-children-2' %}?assets=1&all=", function(data, status){ $.each(data, function (index, value) { - value["pId"] = value["parent"]; + if (value["parent"] !== value["id"]){ + value["pId"] = value["parent"]; + } else { + value["isParent"] = true; + } value["name"] = value["value"]; - value["open"] = value["key"] === "0"; value["isParent"] = value["is_node"]; value["iconSkin"] = value["is_node"] ? null : 'file'; }); diff --git a/apps/templates/_user_profile.html b/apps/templates/_user_profile.html index 6717fa771..f4129be9b 100644 --- a/apps/templates/_user_profile.html +++ b/apps/templates/_user_profile.html @@ -15,7 +15,7 @@ From 9fd52f6665a5987d710c8e97928dfc1b58a5e701 Mon Sep 17 00:00:00 2001 From: ibuler Date: Fri, 27 Jul 2018 12:14:13 +0800 Subject: [PATCH 08/11] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8Dmerge?= =?UTF-8?q?=E5=BC=95=E8=B5=B7=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/terminal/hands.py | 1 + 1 file changed, 1 insertion(+) diff --git a/apps/terminal/hands.py b/apps/terminal/hands.py index 71167b09c..6f4c6c78f 100644 --- a/apps/terminal/hands.py +++ b/apps/terminal/hands.py @@ -2,3 +2,4 @@ # from users.models import User +from assets.models import SystemUser From b29a541aa69665ce01835ae9ca37f5eb3fc34e77 Mon Sep 17 00:00:00 2001 From: ibuler Date: Fri, 27 Jul 2018 12:55:59 +0800 Subject: [PATCH 09/11] [Update] Add init --- apps/orgs/migrations/__init__.py | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 apps/orgs/migrations/__init__.py diff --git a/apps/orgs/migrations/__init__.py b/apps/orgs/migrations/__init__.py new file mode 100644 index 000000000..e69de29bb From 8f654c37a9761aca38c8c66cdafe83ecff352468 Mon Sep 17 00:00:00 2001 From: BaiJiangJie Date: Fri, 27 Jul 2018 13:01:41 +0800 Subject: [PATCH 10/11] =?UTF-8?q?[Update]=20Node=20get=5Fall=5Fassets=20?= =?UTF-8?q?=E8=BF=87=E6=BB=A4=E6=B8=B8=E7=A6=BB=E8=B5=84=E4=BA=A7=EF=BC=8C?= =?UTF-8?q?=E6=9D=A1=E4=BB=B6nodes=5Fkey=3DNone=20->=20nodes=3DNone?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/models/node.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/assets/models/node.py b/apps/assets/models/node.py index e04b9a401..27a8e4519 100644 --- a/apps/assets/models/node.py +++ b/apps/assets/models/node.py @@ -114,7 +114,7 @@ class Node(OrgModelMixin): args = [] kwargs = {} if self.is_default_node(): - args.append(Q(nodes__key__regex=pattern) | Q(nodes__key=None)) + args.append(Q(nodes__key__regex=pattern) | Q(nodes=None)) else: kwargs['nodes__key__regex'] = pattern assets = Asset.objects.filter(*args, **kwargs) From 3dc214d1fa05f71e8dd12c71271cb1308abf7148 Mon Sep 17 00:00:00 2001 From: BaiJiangJie Date: Fri, 27 Jul 2018 15:24:09 +0800 Subject: [PATCH 11/11] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8Dorg=E4=B8=8B?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E6=9F=A5=E7=9C=8B=E6=88=91=E7=9A=84=E8=B5=84?= =?UTF-8?q?=E4=BA=A7=E4=B8=8D=E6=98=BE=E7=A4=BA=E5=B7=B2=E6=8E=88=E6=9D=83?= =?UTF-8?q?=E8=8A=82=E7=82=B9/=E8=B5=84=E4=BA=A7=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/api.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/apps/perms/api.py b/apps/perms/api.py index 6d249993d..042070f47 100644 --- a/apps/perms/api.py +++ b/apps/perms/api.py @@ -101,6 +101,7 @@ class UserGrantedNodesApi(ListAPIView): return nodes.keys() def get_permissions(self): + set_current_org(Organization.root()) if self.kwargs.get('pk') is None: self.permission_classes = (IsValidUser,) return super().get_permissions() @@ -157,6 +158,7 @@ class UserGrantedNodeAssetsApi(ListAPIView): return assets def get_permissions(self): + set_current_org(Organization.root()) if self.kwargs.get('pk') is None: self.permission_classes = (IsValidUser,) return super().get_permissions()