perf(tickets): 申请资产工单支持授权多个系统用户

2020-09-29 18:53:58 +08:00 · 2020-09-29 18:53:58 +08:00 · a53e930950
parent 8f52f79d91
commit a53e930950
3 changed files with 55 additions and 24 deletions
--- a/apps/tickets/api/request_asset_perm.py
+++ b/apps/tickets/api/request_asset_perm.py
@ -63,13 +63,14 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
        meta = instance.meta
        ips = ', '.join(meta.get('ips', []))
        confirmed_assets = ', '.join(meta.get('confirmed_assets', []))
+        confirmed_system_users = ', '.join(meta.get('confirmed_system_users', []))

        return textwrap.dedent(f'''\
            {_('IP group')}: {ips}
            {_('Hostname')}: {meta.get('hostname', '')}
            {_('System user')}: {meta.get('system_user', '')}
            {_('Confirmed assets')}: {confirmed_assets}
-            {_('Confirmed system user')}: {meta.get('confirmed_system_user', '')}
+            {_('Confirmed system users')}: {confirmed_system_users}
        ''')

    @action(detail=True, methods=[POST], permission_classes=[IsAssignee, IsValidUser])
@ -95,15 +96,15 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
        if len(assets) != len(confirmed_assets):
            raise ConfirmedAssetsChanged(detail=_('Confirmed assets changed'))

-        confirmed_system_user = meta.get('confirmed_system_user')
-        if not confirmed_system_user:
-            raise NotHaveConfirmedSystemUser(detail=_('Confirm system-user first'))
+        confirmed_system_users = meta.get('confirmed_system_users', [])
+        if not confirmed_system_users:
+            raise NotHaveConfirmedSystemUser(detail=_('Confirm system-users first'))

-        system_user = get_object_or_none(SystemUser, id=confirmed_system_user)
-        if system_user is None:
-            raise ConfirmedSystemUserChanged(detail=_('Confirmed system-user changed'))
+        system_users = SystemUser.objects.filter(id__in=confirmed_system_users)
+        if system_users is None:
+            raise ConfirmedSystemUserChanged(detail=_('Confirmed system-users changed'))

-        self._create_asset_permission(instance, assets, system_user)
+        self._create_asset_permission(instance, assets, system_users)
        return Response({'detail': _('Succeed')})

    @action(detail=True, methods=[POST], permission_classes=[IsAssignee | IsObjectOwner])
@ -113,7 +114,7 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
        instance.save()
        return Response({'detail': _('Succeed')})

-    def _create_asset_permission(self, instance: Ticket, assets, system_user):
+    def _create_asset_permission(self, instance: Ticket, assets, system_users):
        meta = instance.meta
        request = self.request
        actions = meta.get('actions', Action.CONNECT)
@ -135,7 +136,7 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
                                request.user,
                                self._get_extra_comment(instance))
        ap = AssetPermission.objects.create(**ap_kwargs)
-        ap.system_users.add(system_user)
+        ap.system_users.add(*system_users)
        ap.assets.add(*assets)
        ap.users.add(instance.user)

--- a/apps/tickets/migrations/0005_ticket_meta_confirmed_system_users.py
+++ b/apps/tickets/migrations/0005_ticket_meta_confirmed_system_users.py
@ -0,0 +1,31 @@
+# Generated by BaiJiangjie 2020-09-29 18:31
+
+from django.db import migrations
+
+
+def migrate_ticket_meta_confirmed_system_user_to_confirmed_system_users(apps, schema_editor):
+    ticket_model = apps.get_model("tickets", "Ticket")
+    tickets = ticket_model.origin_objects.all()
+
+    for ticket in tickets:
+        meta = ticket.meta
+        confirmed_system_user = meta.get('confirmed_system_user')
+        if confirmed_system_user:
+            confirmed_system_users = [confirmed_system_user]
+        else:
+            confirmed_system_users = []
+        meta.update({
+            'confirmed_system_users': confirmed_system_users
+        })
+        ticket.meta = meta
+        ticket.save()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('tickets', '0004_ticket_comment'),
+    ]
+    operations = [
+        migrations.RunPython(migrate_ticket_meta_confirmed_system_user_to_confirmed_system_users)
+    ]
--- a/apps/tickets/serializers/request_asset_perm.py
+++ b/apps/tickets/serializers/request_asset_perm.py
@ -33,19 +33,20 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
                                             source='meta.confirmed_assets',
                                             default=list, required=False,
                                             label=_('Confirmed assets'))
-    confirmed_system_user = serializers.UUIDField(source='meta.confirmed_system_user',
-                                                  default='', required=False,
+    confirmed_system_users = serializers.ListField(child=serializers.UUIDField(),
+                                                  source='meta.confirmed_system_users',
+                                                  default=list, required=False,
                                                  label=_('Confirmed system user'))
    assets_waitlist_url = serializers.SerializerMethodField()
-    system_user_waitlist_url = serializers.SerializerMethodField()
+    system_users_waitlist_url = serializers.SerializerMethodField()

    class Meta:
        model = Ticket
        mini_fields = ['id', 'title']
        small_fields = [
-            'status', 'action', 'date_created', 'date_updated', 'system_user_waitlist_url',
+            'status', 'action', 'date_created', 'date_updated', 'system_users_waitlist_url',
            'type', 'type_display', 'action_display', 'ips', 'confirmed_assets',
-            'date_start', 'date_expired', 'confirmed_system_user', 'hostname',
+            'date_start', 'date_expired', 'confirmed_system_users', 'hostname',
            'assets_waitlist_url', 'system_user', 'org_id', 'actions', 'comment'
        ]
        m2m_fields = [
@ -96,7 +97,7 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
            raise serializers.ValidationError(_('Field `assignees` must be organization admin or superuser'))
        return attrs

-    def get_system_user_waitlist_url(self, instance: Ticket):
+    def get_system_users_waitlist_url(self, instance: Ticket):
        if not self._is_assignee(instance):
            return None
        return reverse('api-assets:system-user-list')
@ -190,16 +191,14 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
            meta['date_expired'] = dt_formater(date_expired)

        # UUID 的转换
-        confirmed_system_user = meta.get('confirmed_system_user')
-        if confirmed_system_user:
-            meta['confirmed_system_user'] = str(confirmed_system_user)
+        confirmed_system_users = meta.get('confirmed_system_users')
+        if confirmed_system_users:
+            meta['confirmed_system_users'] = [str(system_user) for system_user in confirmed_system_users]

        confirmed_assets = meta.get('confirmed_assets')
        if confirmed_assets:
-            new_confirmed_assets = []
-            for asset in confirmed_assets:
-                new_confirmed_assets.append(str(asset))
-            meta['confirmed_assets'] = new_confirmed_assets
+            meta['confirmed_assets'] = [str(asset) for asset in confirmed_assets]
+
        with tmp_to_root_org():
            return super().save(**kwargs)

@ -220,7 +219,7 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
    def _pop_confirmed_fields(self):
        meta = self.validated_data['meta']
        meta.pop('confirmed_assets', None)
-        meta.pop('confirmed_system_user', None)
+        meta.pop('confirmed_system_users', None)

    def _is_assignee(self, obj: Ticket):
        user = self.context['request'].user