github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: 优化 platform

pull/8873/head
ibuler 2022-08-29 15:50:25 +08:00
parent 5358f35c08
commit a0b6849ccb
8 changed files with 54 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
apps/assets/api/platform.py
View File

@ -6,6 +6,7 @@ from common.drf.serializers import GroupedChoiceSerailizer
from assets.models import Platform from assets.models import Platform
from assets.serializers import PlatformSerializer from assets.serializers import PlatformSerializer
from assets.const import AllTypes, Category from assets.const import AllTypes, Category
from assets.resources.platform import get_platform_methods
__all__ = ['AssetPlatformViewSet'] __all__ = ['AssetPlatformViewSet']
@ -21,7 +22,8 @@ class AssetPlatformViewSet(JMSModelViewSet):
search_fields = ['name'] search_fields = ['name']
rbac_perms = { rbac_perms = {
'categories': 'assets.view_platform', 'categories': 'assets.view_platform',
'type_constraints': 'assets.view_platform' 'type_constraints': 'assets.view_platform',
'ops_methods': 'assets.view_platform'
} }
@action(methods=['GET'], detail=False) @action(methods=['GET'], detail=False)
@ -37,6 +39,20 @@ class AssetPlatformViewSet(JMSModelViewSet):
limits = AllTypes.get_constraints(category, tp) limits = AllTypes.get_constraints(category, tp)
return Response(limits) return Response(limits)
@action(methods=['GET'], detail=False, url_path='ops-methods')
def ops_methods(self, request, *args, **kwargs):
category = request.query_params.get('category')
tp = request.query_params.get('type')
item = request.query_params.get('item')
methods = get_platform_methods()
if category:
methods = list(filter(lambda x: x['category'] == category, methods))
if tp:
methods = list(filter(lambda x: x['type'] == tp, methods))
if item:
methods = list(filter(lambda x: x.get('method') == item, methods))
return Response(methods)
def check_object_permissions(self, request, obj): def check_object_permissions(self, request, obj):
if request.method.lower() in ['delete', 'put', 'patch'] and obj.internal: if request.method.lower() in ['delete', 'put', 'patch'] and obj.internal:
self.permission_denied( self.permission_denied(

15
apps/assets/resources/platform/__init__.py
View File

@ -3,7 +3,7 @@ import yaml
BASE_DIR = os.path.dirname(os.path.abspath(__file__)) BASE_DIR = os.path.dirname(os.path.abspath(__file__))
platform_ops_methods = [] platform_ops_methods = None
def get_platform_methods(): def get_platform_methods():
@ -16,29 +16,16 @@ def get_platform_methods():
continue continue
manifest_path = os.path.join(path, 'manifest.yml') manifest_path = os.path.join(path, 'manifest.yml')
if not os.path.exists(manifest_path): if not os.path.exists(manifest_path):
print("Path not exists: {}".format(manifest_path))
continue continue
f = open(manifest_path, 'r') f = open(manifest_path, 'r')
try: try:
manifest = yaml.safe_load(f) manifest = yaml.safe_load(f)
except yaml.YAMLError as e: except yaml.YAMLError as e:
print(e)
continue continue
current, category, tp, name = rel_path.split('/') current, category, tp, name = rel_path.split('/')
manifest.update({ manifest.update({
'id': name,
'category': category, 'category': category,
'type': tp, 'type': tp,
}) })
methods.append(manifest) methods.append(manifest)
return methods return methods
def get_platform_method(platform, method):
methods = get_platform_methods()
def key(m):
return m.get('method') == method \
and m['category'] == platform.category \
and m['type'] == platform.type
return list(filter(key, methods))

1
apps/assets/resources/platform/host/linux/change_password_ansible/manifest.yml
View File

@ -1,3 +1,4 @@
id: change_password_ansible
name: Change password using ansible name: Change password using ansible
version: 1 version: 1
description: 使用特权账号更改账号的密码 description: 使用特权账号更改账号的密码

1
apps/assets/resources/platform/host/linux/create_account_ansible/manifest.yml
View File

@ -1,3 +1,4 @@
id: create_account_ansible
name: Create account by ansible name: Create account by ansible
version: 1 version: 1
description: 使用特权账号更改账号的密码 description: 使用特权账号更改账号的密码

4
apps/assets/resources/platform/host/linux/verifiy_account_ansible/manifest.yml
View File

@ -1,4 +1,8 @@
id: verify_account_ansible
name: Change password using ansible name: Change password using ansible
version: 1 version: 1
description: 使用特权账号更改账号的密码 description: 使用特权账号更改账号的密码
author: ibuler author: ibuler
category: host
type: linux
method: verify_account

1
apps/assets/serializers/asset/category.py
View File

@ -42,3 +42,4 @@ class NetworkingSerializer(AssetSerializer):
class CloudSerializer(AssetSerializer): class CloudSerializer(AssetSerializer):
class Meta(AssetSerializer.Meta): class Meta(AssetSerializer.Meta):
model = Cloud model = Cloud
fields = AssetSerializer.Meta.fields + ['cluster']

38
apps/assets/serializers/platform.py
View File

@ -10,7 +10,20 @@ from ..const import Category, AllTypes
__all__ = ['PlatformSerializer'] __all__ = ['PlatformSerializer']
class ProtocolSettingSerializer(serializers.Serializer):
SECURITY_CHOICES = [
('any', 'Any'),
('rdp', 'RDP'),
('tls', 'TLS'),
('nla', 'NLA'),
]
console = serializers.BooleanField(required=False)
security = serializers.ChoiceField(choices=SECURITY_CHOICES, default='any', required=False)
class PlatformProtocolsSerializer(serializers.ModelSerializer): class PlatformProtocolsSerializer(serializers.ModelSerializer):
setting = ProtocolSettingSerializer(required=False)
class Meta: class Meta:
model = PlatformProtocol model = PlatformProtocol
fields = ['id', 'name', 'port', 'setting'] fields = ['id', 'name', 'port', 'setting']
@ -33,18 +46,12 @@ class PlatformSerializer(JMSWritableNestedModelSerializer):
'category', 'type', 'category', 'type',
] ]
fields = fields_small + [ fields = fields_small + [
'domain_enabled', 'domain_default', 'domain_enabled', 'domain_default', 'su_enabled', 'su_method',
'su_enabled', 'su_method', 'protocols_enabled', 'protocols', 'ping_enabled', 'ping_method',
'protocols_enabled', 'protocols',
'ping_enabled', 'ping_method',
'verify_account_enabled', 'verify_account_method', 'verify_account_enabled', 'verify_account_method',
'create_account_enabled', 'create_account_method', 'create_account_enabled', 'create_account_method',
'change_password_enabled', 'change_password_method', 'change_password_enabled', 'change_password_method',
'type_constraints', 'type_constraints', 'comment', 'charset',
'comment', 'charset',
]
read_only_fields = [
'category_display', 'type_display',
] ]
extra_kwargs = { extra_kwargs = {
'su_enabled': {'label': '启用切换账号'}, 'su_enabled': {'label': '启用切换账号'},
@ -56,4 +63,17 @@ class PlatformSerializer(JMSWritableNestedModelSerializer):
'change_password_method': {'label': '账号改密方式'}, 'change_password_method': {'label': '账号改密方式'},
} }
def validate_verify_account_method(self, value):
if not value and self.initial_data.get('verify_account_enabled', False):
raise serializers.ValidationError(_('This field is required.'))
return value
def validate_create_account_method(self, value):
if not value and self.initial_data.get('create_account_enabled', False):
raise serializers.ValidationError(_('This field is required.'))
return value
def validate_change_password_method(self, value):
if not value and self.initial_data.get('change_password_enabled', False):
raise serializers.ValidationError(_('This field is required.'))
return value

1
apps/common/drf/metadata.py
View File

@ -33,7 +33,6 @@ class SimpleMetadataWithFilters(SimpleMetadata):
""" """
actions = {} actions = {}
view.raw_action = getattr(view, 'action', None) view.raw_action = getattr(view, 'action', None)
print("Request in metadata: ", request.path, request.GET)
for method in self.methods & set(view.allowed_methods): for method in self.methods & set(view.allowed_methods):
if hasattr(view, 'action_map'): if hasattr(view, 'action_map'):
view.action = view.action_map.get(method.lower(), view.action) view.action = view.action_map.get(method.lower(), view.action)