github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: 修改 accounts 字段

pull/10327/head
ibuler 2023-05-06 19:52:03 +08:00
parent 5a6e13721d
commit a112d3c99d
5 changed files with 23 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
apps/acls/models/base.py
View File

@ -95,35 +95,12 @@ class BaseACL(JMSBaseModel):
class UserAssetAccountBaseACL(BaseACL, OrgModelMixin): class UserAssetAccountBaseACL(BaseACL, OrgModelMixin):
# username_group
users = JSONManyToManyField('users.User', default=dict, verbose_name=_('Users')) users = JSONManyToManyField('users.User', default=dict, verbose_name=_('Users'))
# name_group, address_group
assets = JSONManyToManyField('assets.Asset', default=dict, verbose_name=_('Assets')) assets = JSONManyToManyField('assets.Asset', default=dict, verbose_name=_('Assets'))
# username_group accounts = models.JSONField(default=list, verbose_name=_("Account"))
accounts = JSONManyToManyField('assets.Account', default=dict, verbose_name=_('Accounts'))
objects = OrgACLManager.from_queryset(UserAssetAccountACLQuerySet)() objects = OrgACLManager.from_queryset(UserAssetAccountACLQuerySet)()
class Meta(BaseACL.Meta): class Meta(BaseACL.Meta):
unique_together = ('name', 'org_id') unique_together = ('name', 'org_id')
abstract = True abstract = True
@classmethod
def filter_queryset(cls, user=None, asset=None, account=None, account_username=None, **kwargs):
queryset = cls.objects.all()
org_id = None
if user:
queryset = queryset.filter_user(user.username)
if account:
org_id = account.org_id
queryset = queryset.filter_account(account.username)
if account_username:
queryset = queryset.filter_account(username=account_username)
if asset:
org_id = asset.org_id
queryset = queryset.filter_asset(asset.name, asset.address)
if org_id:
kwargs['org_id'] = org_id
if kwargs:
queryset = queryset.filter(**kwargs)
return queryset

4
apps/acls/serializers/base.py
View File

@ -20,7 +20,7 @@ class ACLUsersSerializer(serializers.Serializer):
) )
class ACLAssestsSerializer(serializers.Serializer): class ACLAssetsSerializer(serializers.Serializer):
address_group_help_text = _( address_group_help_text = _(
"With * indicating a match all. " "With * indicating a match all. "
"Such as: " "Such as: "
@ -54,7 +54,7 @@ class ACLAccountsSerializer(serializers.Serializer):
class BaseUserAssetAccountACLSerializerMixin(serializers.Serializer): class BaseUserAssetAccountACLSerializerMixin(serializers.Serializer):
users = JSONManyToManyField(label=_('User')) users = JSONManyToManyField(label=_('User'))
assets = JSONManyToManyField(label=_('Asset')) assets = JSONManyToManyField(label=_('Asset'))
accounts = JSONManyToManyField(label=_('Account')) accounts = serializers.ListField(label=_('Account'))
reviewers = ObjectRelatedField( reviewers = ObjectRelatedField(
queryset=User.objects, many=True, required=False, label=_('Reviewers') queryset=User.objects, many=True, required=False, label=_('Reviewers')
) )

19
apps/audits/handler.py
View File

@ -1,21 +1,20 @@
import json
from datetime import datetime from datetime import datetime
from django.db import transaction
from django.core.cache import cache from django.core.cache import cache
from django.db import transaction
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from common.utils import get_request_ip, get_logger
from common.utils.timezone import as_current_tz
from common.utils.encode import Singleton
from common.local import encrypted_field_set from common.local import encrypted_field_set
from settings.serializers import SettingsSerializer from common.utils import get_request_ip, get_logger
from common.utils.encode import Singleton
from common.utils.timezone import as_current_tz
from jumpserver.utils import current_request from jumpserver.utils import current_request
from orgs.utils import get_current_org_id
from orgs.models import Organization from orgs.models import Organization
from orgs.utils import get_current_org_id
from settings.serializers import SettingsSerializer
from .backends import get_operate_log_storage from .backends import get_operate_log_storage
logger = get_logger(__name__) logger = get_logger(__name__)
@ -106,7 +105,9 @@ class OperatorLogHandler(metaclass=Singleton):
return '' return ''
if isinstance(value[0], str): if isinstance(value[0], str):
return ','.join(value) return ','.join(value)
return ','.join([i['value'] for i in value if i.get('value')]) if isinstance(value[0], dict) and value[0].get('value') and isinstance(value[0]['value'], str):
return ','.join([str(i['value']) for i in value])
return json.dumps(value)
def __data_processing(self, dict_item, loop=True): def __data_processing(self, dict_item, loop=True):
encrypt_value = '******' encrypt_value = '******'

4
apps/common/db/fields.py
View File

@ -353,6 +353,8 @@ class RelatedManager:
elif match in ("exact", "contains", "startswith", "endswith", "regex"): elif match in ("exact", "contains", "startswith", "endswith", "regex"):
lookup = "{}__{}".format(name, match) lookup = "{}__{}".format(name, match)
q = Q(**{lookup: val}) q = Q(**{lookup: val})
elif match == "not":
q = ~Q(**{name: val})
elif match == "in" and isinstance(val, list): elif match == "in" and isinstance(val, list):
if '*' not in val: if '*' not in val:
lookup = "{}__in".format(name) lookup = "{}__in".format(name)
@ -435,7 +437,7 @@ class JSONManyToManyField(models.JSONField):
e = ValueError(_( e = ValueError(_(
"Invalid JSON data for JSONManyToManyField, should be like " "Invalid JSON data for JSONManyToManyField, should be like "
"{'type': 'all'} or {'type': 'ids', 'ids': []} " "{'type': 'all'} or {'type': 'ids', 'ids': []} "
"or {'type': 'attrs', 'attrs': [{'name': 'ip', 'match': 'exact', 'value': 'value'}" "or {'type': 'attrs', 'attrs': [{'name': 'ip', 'match': 'exact', 'value': 'value', 'rel': 'and|or|not'}}"
)) ))
if not isinstance(val, dict): if not isinstance(val, dict):
raise e raise e

29
apps/perms/serializers/permission.py
View File

@ -44,25 +44,12 @@ class AssetPermissionSerializer(BulkOrgResourceModelSerializer):
model = AssetPermission model = AssetPermission
fields_mini = ["id", "name"] fields_mini = ["id", "name"]
fields_generic = [ fields_generic = [
"accounts", "accounts", "actions", "created_by", "date_created",
"actions", "date_start", "date_expired", "is_active", "is_expired",
"created_by", "is_valid", "comment", "from_ticket",
"date_created",
"date_start",
"date_expired",
"is_active",
"is_expired",
"is_valid",
"comment",
"from_ticket",
] ]
fields_small = fields_mini + fields_generic fields_small = fields_mini + fields_generic
fields_m2m = [ fields_m2m = ["users", "user_groups", "assets", "nodes"]
"users",
"user_groups",
"assets",
"nodes",
]
fields = fields_mini + fields_m2m + fields_generic fields = fields_mini + fields_m2m + fields_generic
read_only_fields = ["created_by", "date_created", "from_ticket"] read_only_fields = ["created_by", "date_created", "from_ticket"]
extra_kwargs = { extra_kwargs = {
@ -91,7 +78,8 @@ class AssetPermissionSerializer(BulkOrgResourceModelSerializer):
def create_accounts(self, assets): def create_accounts(self, assets):
need_create_accounts = [] need_create_accounts = []
account_attribute = [ account_attribute = [
'name', 'username', 'secret_type', 'secret', 'privileged', 'is_active', 'org_id' 'name', 'username', 'secret_type', 'secret',
'privileged', 'is_active', 'org_id'
] ]
for asset in assets: for asset in assets:
asset_exist_accounts = Account.objects.none() asset_exist_accounts = Account.objects.none()
@ -139,10 +127,7 @@ class AssetPermissionSerializer(BulkOrgResourceModelSerializer):
def setup_eager_loading(cls, queryset): def setup_eager_loading(cls, queryset):
"""Perform necessary eager loading of data.""" """Perform necessary eager loading of data."""
queryset = queryset.prefetch_related( queryset = queryset.prefetch_related(
"users", "users", "user_groups", "assets", "nodes",
"user_groups",
"assets",
"nodes",
) )
return queryset return queryset