From a0b6849ccb9bc83a53dc80a6177048d28b84e3f2 Mon Sep 17 00:00:00 2001 From: ibuler Date: Mon, 29 Aug 2022 15:50:25 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=20platform?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/api/platform.py | 18 ++++++++- apps/assets/resources/platform/__init__.py | 15 +------- .../change_password_ansible/manifest.yml | 1 + .../linux/create_account_ansible/manifest.yml | 1 + .../verifiy_account_ansible/manifest.yml | 4 ++ apps/assets/serializers/asset/category.py | 1 + apps/assets/serializers/platform.py | 38 ++++++++++++++----- apps/common/drf/metadata.py | 1 - 8 files changed, 54 insertions(+), 25 deletions(-) diff --git a/apps/assets/api/platform.py b/apps/assets/api/platform.py index fc038ee67..ca0e83dcf 100644 --- a/apps/assets/api/platform.py +++ b/apps/assets/api/platform.py @@ -6,6 +6,7 @@ from common.drf.serializers import GroupedChoiceSerailizer from assets.models import Platform from assets.serializers import PlatformSerializer from assets.const import AllTypes, Category +from assets.resources.platform import get_platform_methods __all__ = ['AssetPlatformViewSet'] @@ -21,7 +22,8 @@ class AssetPlatformViewSet(JMSModelViewSet): search_fields = ['name'] rbac_perms = { 'categories': 'assets.view_platform', - 'type_constraints': 'assets.view_platform' + 'type_constraints': 'assets.view_platform', + 'ops_methods': 'assets.view_platform' } @action(methods=['GET'], detail=False) @@ -37,6 +39,20 @@ class AssetPlatformViewSet(JMSModelViewSet): limits = AllTypes.get_constraints(category, tp) return Response(limits) + @action(methods=['GET'], detail=False, url_path='ops-methods') + def ops_methods(self, request, *args, **kwargs): + category = request.query_params.get('category') + tp = request.query_params.get('type') + item = request.query_params.get('item') + methods = get_platform_methods() + if category: + methods = list(filter(lambda x: x['category'] == category, methods)) + if tp: + methods = list(filter(lambda x: x['type'] == tp, methods)) + if item: + methods = list(filter(lambda x: x.get('method') == item, methods)) + return Response(methods) + def check_object_permissions(self, request, obj): if request.method.lower() in ['delete', 'put', 'patch'] and obj.internal: self.permission_denied( diff --git a/apps/assets/resources/platform/__init__.py b/apps/assets/resources/platform/__init__.py index 1290c8930..83da5fbf8 100644 --- a/apps/assets/resources/platform/__init__.py +++ b/apps/assets/resources/platform/__init__.py @@ -3,7 +3,7 @@ import yaml BASE_DIR = os.path.dirname(os.path.abspath(__file__)) -platform_ops_methods = [] +platform_ops_methods = None def get_platform_methods(): @@ -16,29 +16,16 @@ def get_platform_methods(): continue manifest_path = os.path.join(path, 'manifest.yml') if not os.path.exists(manifest_path): - print("Path not exists: {}".format(manifest_path)) continue f = open(manifest_path, 'r') try: manifest = yaml.safe_load(f) except yaml.YAMLError as e: - print(e) continue current, category, tp, name = rel_path.split('/') manifest.update({ - 'id': name, 'category': category, 'type': tp, }) methods.append(manifest) return methods - - -def get_platform_method(platform, method): - methods = get_platform_methods() - - def key(m): - return m.get('method') == method \ - and m['category'] == platform.category \ - and m['type'] == platform.type - return list(filter(key, methods)) diff --git a/apps/assets/resources/platform/host/linux/change_password_ansible/manifest.yml b/apps/assets/resources/platform/host/linux/change_password_ansible/manifest.yml index b0c52754d..a7df6a8f3 100644 --- a/apps/assets/resources/platform/host/linux/change_password_ansible/manifest.yml +++ b/apps/assets/resources/platform/host/linux/change_password_ansible/manifest.yml @@ -1,3 +1,4 @@ +id: change_password_ansible name: Change password using ansible version: 1 description: 使用特权账号更改账号的密码 diff --git a/apps/assets/resources/platform/host/linux/create_account_ansible/manifest.yml b/apps/assets/resources/platform/host/linux/create_account_ansible/manifest.yml index 4768a4423..391bc24ec 100644 --- a/apps/assets/resources/platform/host/linux/create_account_ansible/manifest.yml +++ b/apps/assets/resources/platform/host/linux/create_account_ansible/manifest.yml @@ -1,3 +1,4 @@ +id: create_account_ansible name: Create account by ansible version: 1 description: 使用特权账号更改账号的密码 diff --git a/apps/assets/resources/platform/host/linux/verifiy_account_ansible/manifest.yml b/apps/assets/resources/platform/host/linux/verifiy_account_ansible/manifest.yml index b7baca4e7..07c92d1e5 100644 --- a/apps/assets/resources/platform/host/linux/verifiy_account_ansible/manifest.yml +++ b/apps/assets/resources/platform/host/linux/verifiy_account_ansible/manifest.yml @@ -1,4 +1,8 @@ +id: verify_account_ansible name: Change password using ansible version: 1 description: 使用特权账号更改账号的密码 author: ibuler +category: host +type: linux +method: verify_account diff --git a/apps/assets/serializers/asset/category.py b/apps/assets/serializers/asset/category.py index 4a7f1fa32..8431b0169 100644 --- a/apps/assets/serializers/asset/category.py +++ b/apps/assets/serializers/asset/category.py @@ -42,3 +42,4 @@ class NetworkingSerializer(AssetSerializer): class CloudSerializer(AssetSerializer): class Meta(AssetSerializer.Meta): model = Cloud + fields = AssetSerializer.Meta.fields + ['cluster'] diff --git a/apps/assets/serializers/platform.py b/apps/assets/serializers/platform.py index 5f44dc520..d6f34e714 100644 --- a/apps/assets/serializers/platform.py +++ b/apps/assets/serializers/platform.py @@ -10,7 +10,20 @@ from ..const import Category, AllTypes __all__ = ['PlatformSerializer'] +class ProtocolSettingSerializer(serializers.Serializer): + SECURITY_CHOICES = [ + ('any', 'Any'), + ('rdp', 'RDP'), + ('tls', 'TLS'), + ('nla', 'NLA'), + ] + console = serializers.BooleanField(required=False) + security = serializers.ChoiceField(choices=SECURITY_CHOICES, default='any', required=False) + + class PlatformProtocolsSerializer(serializers.ModelSerializer): + setting = ProtocolSettingSerializer(required=False) + class Meta: model = PlatformProtocol fields = ['id', 'name', 'port', 'setting'] @@ -33,18 +46,12 @@ class PlatformSerializer(JMSWritableNestedModelSerializer): 'category', 'type', ] fields = fields_small + [ - 'domain_enabled', 'domain_default', - 'su_enabled', 'su_method', - 'protocols_enabled', 'protocols', - 'ping_enabled', 'ping_method', + 'domain_enabled', 'domain_default', 'su_enabled', 'su_method', + 'protocols_enabled', 'protocols', 'ping_enabled', 'ping_method', 'verify_account_enabled', 'verify_account_method', 'create_account_enabled', 'create_account_method', 'change_password_enabled', 'change_password_method', - 'type_constraints', - 'comment', 'charset', - ] - read_only_fields = [ - 'category_display', 'type_display', + 'type_constraints', 'comment', 'charset', ] extra_kwargs = { 'su_enabled': {'label': '启用切换账号'}, @@ -56,4 +63,17 @@ class PlatformSerializer(JMSWritableNestedModelSerializer): 'change_password_method': {'label': '账号改密方式'}, } + def validate_verify_account_method(self, value): + if not value and self.initial_data.get('verify_account_enabled', False): + raise serializers.ValidationError(_('This field is required.')) + return value + def validate_create_account_method(self, value): + if not value and self.initial_data.get('create_account_enabled', False): + raise serializers.ValidationError(_('This field is required.')) + return value + + def validate_change_password_method(self, value): + if not value and self.initial_data.get('change_password_enabled', False): + raise serializers.ValidationError(_('This field is required.')) + return value diff --git a/apps/common/drf/metadata.py b/apps/common/drf/metadata.py index 7e4d32527..626147f2f 100644 --- a/apps/common/drf/metadata.py +++ b/apps/common/drf/metadata.py @@ -33,7 +33,6 @@ class SimpleMetadataWithFilters(SimpleMetadata): """ actions = {} view.raw_action = getattr(view, 'action', None) - print("Request in metadata: ", request.path, request.GET) for method in self.methods & set(view.allowed_methods): if hasattr(view, 'action_map'): view.action = view.action_map.get(method.lower(), view.action)