github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

feat(users): 添加用户suggetion api

pull/4767/head
ibuler 2020-10-10 19:05:22 +08:00 committed by xinwen
parent 535d7d8373
commit 93a400f6e6
1 changed files with 37 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
apps/users/api/user.py
View File

@ -1,7 +1,7 @@
# ~*~ coding: utf-8 ~*~ # ~*~ coding: utf-8 ~*~
from django.core.cache import cache from django.core.cache import cache
from django.db.models import CharField
from django.utils.translation import ugettext as _ from django.utils.translation import ugettext as _
from rest_framework.decorators import action
from rest_framework import generics from rest_framework import generics
from rest_framework.response import Response from rest_framework.response import Response
@ -17,7 +17,7 @@ from common.utils import get_logger
from orgs.utils import current_org from orgs.utils import current_org
from orgs.models import ROLE as ORG_ROLE, OrganizationMember from orgs.models import ROLE as ORG_ROLE, OrganizationMember
from .. import serializers from .. import serializers
from ..serializers import UserSerializer, UserRetrieveSerializer from ..serializers import UserSerializer, UserRetrieveSerializer, MiniUserSerializer
from .mixins import UserQuerysetMixin from .mixins import UserQuerysetMixin
from ..models import User from ..models import User
from ..signals import post_user_create from ..signals import post_user_create
@ -37,7 +37,8 @@ class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
permission_classes = (IsOrgAdmin, CanUpdateDeleteUser) permission_classes = (IsOrgAdmin, CanUpdateDeleteUser)
serializer_classes = { serializer_classes = {
'default': UserSerializer, 'default': UserSerializer,
'retrieve': UserRetrieveSerializer 'retrieve': UserRetrieveSerializer,
'suggestion': MiniUserSerializer
} }
extra_filter_backends = [OrgRoleUserFilterBackend] extra_filter_backends = [OrgRoleUserFilterBackend]
@ -52,27 +53,24 @@ class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
for user in users: for user in users:
post_user_create.send(self.__class__, user=user) post_user_create.send(self.__class__, user=user)
@staticmethod
def set_users_to_org(users, org_roles):
# 只有真实存在的组织才真正关联用户
if not current_org or not current_org.is_real():
return
for user, roles in zip(users, org_roles):
if not roles:
# 当前组织创建的用户,至少是该组织的`User`
roles = [ORG_ROLE.USER]
OrganizationMember.objects.set_user_roles(current_org, user, roles)
def perform_create(self, serializer): def perform_create(self, serializer):
validated_data = serializer.validated_data org_roles = self.get_serializer_org_roles(serializer)
# `org_roles` 先 `pop`
if isinstance(validated_data, list):
org_roles = [item.pop('org_roles', []) for item in validated_data]
else:
org_roles = [validated_data.pop('org_roles', [])]
# 创建用户 # 创建用户
users = serializer.save() users = serializer.save()
if isinstance(users, User): if isinstance(users, User):
users = [users] users = [users]
self.set_users_to_org(users, org_roles)
# 只有真实存在的组织才真正关联用户
if current_org and current_org.is_real():
for user, roles in zip(users, org_roles):
if not roles:
# 当前组织创建的用户,至少是该组织的`User`
roles.append(ORG_ROLE.USER)
OrganizationMember.objects.set_user_roles(current_org, user, roles)
self.send_created_signal(users) self.send_created_signal(users)
def get_permissions(self): def get_permissions(self):
@ -93,22 +91,22 @@ class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
self.check_object_permissions(self.request, obj) self.check_object_permissions(self.request, obj)
self.perform_destroy(obj) self.perform_destroy(obj)
def perform_update(self, serializer): @staticmethod
def get_serializer_org_roles(serializer):
validated_data = serializer.validated_data validated_data = serializer.validated_data
# `org_roles` 先 `pop` # `org_roles` 先 `pop`
if isinstance(validated_data, list): if isinstance(validated_data, list):
org_roles = [item.pop('org_roles', None) for item in validated_data] org_roles = [item.pop('org_roles', None) for item in validated_data]
else: else:
org_roles = [validated_data.pop('org_roles', None)] org_roles = [validated_data.pop('org_roles', None)]
return org_roles
def perform_update(self, serializer):
org_roles = self.get_serializer_org_roles(serializer)
users = serializer.save() users = serializer.save()
if isinstance(users, User): if isinstance(users, User):
users = [users] users = [users]
if current_org and current_org.is_real(): self.set_users_to_org(users, org_roles)
for user, roles in zip(users, org_roles):
if roles is not None:
# roles 是 `Node` 表明不需要更新
OrganizationMember.objects.set_user_roles(current_org, user, roles)
def perform_bulk_update(self, serializer): def perform_bulk_update(self, serializer):
# TODO: 需要测试 # TODO: 需要测试
@ -120,6 +118,20 @@ class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
self.check_object_permissions(self.request, user) self.check_object_permissions(self.request, user)
return super().perform_bulk_update(serializer) return super().perform_bulk_update(serializer)
@action(methods=['get'], detail=False, permission_classes=(IsOrgAdminOrAppUser,))
def suggestion(self, request):
queryset = User.objects.exclude(role=User.ROLE.APP)
queryset = self.filter_queryset(queryset)
queryset = queryset[:3]
page = self.paginate_queryset(queryset)
if page is not None:
serializer = self.get_serializer(page, many=True)
return self.get_paginated_response(serializer.data)
serializer = self.get_serializer(queryset, many=True)
return Response(serializer.data)
class UserChangePasswordApi(UserQuerysetMixin, generics.RetrieveUpdateAPIView): class UserChangePasswordApi(UserQuerysetMixin, generics.RetrieveUpdateAPIView):
permission_classes = (IsOrgAdmin,) permission_classes = (IsOrgAdmin,)