Merge branch 'audits' of code.jumpserver.org:Jumpserver/jumpserver into audits

2016-11-16 12:34:01 +08:00 · 2016-11-16 12:34:01 +08:00 · aa08f0aa48
parent 32d12b7f78 3b30eb3278
commit aa08f0aa48
5 changed files with 41 additions and 5 deletions
--- a/apps/perms/api.py
+++ b/apps/perms/api.py
@ -7,7 +7,7 @@ from rest_framework import viewsets
 from users.backends import IsValidUser, IsSuperUser
 from common.utils import get_object_or_none
 from .utils import get_user_granted_assets, get_user_granted_asset_groups, get_user_asset_permissions, \
-    get_user_group_asset_permissions, get_user_group_granted_assets
+    get_user_group_asset_permissions, get_user_group_granted_assets, get_user_group_granted_asset_groups
 from .models import AssetPermission
 from .hands import AssetGrantedSerializer, User, UserGroup, AssetGroup, Asset, AssetGroup, AssetGroupSerializer
 from . import serializers
@ -155,3 +155,33 @@ class MyAssetGroupAssetsApi(ListAPIView):
                if asset_group in asset.groups.all():
                    queryset.append(asset)
        return queryset
+
+
+class UserGroupGrantedAssetsApi(ListAPIView):
+    permission_classes = (IsSuperUser,)
+    serializer_class = AssetGrantedSerializer
+
+    def get_queryset(self):
+        user_group_id = self.kwargs.get('pk', '')
+
+        if user_group_id:
+            user_group = get_object_or_404(User, id=user_group_id)
+            queryset = get_user_group_granted_assets(user_group)
+        else:
+            queryset = []
+        return queryset
+
+
+class UserGroupGrantedAssetGroupsApi(ListAPIView):
+    permission_classes = (IsSuperUser,)
+    serializer_class = AssetGroupSerializer
+
+    def get_queryset(self):
+        user_group_id = self.kwargs.get('pk', '')
+
+        if user_group_id:
+            user_group = get_object_or_404(User, id=user_group_id)
+            queryset = get_user_group_granted_asset_groups(user_group)
+        else:
+            queryset = []
+        return queryset
--- a/apps/perms/urls.py
+++ b/apps/perms/urls.py
@ -31,11 +31,17 @@ urlpatterns += [
    url(r'^v1/user/my/asset-group/(?P<pk>[0-9]+)/assets/$', api.MyAssetGroupAssetsApi.as_view(),
        name='user-my-asset-group-assets'),

-    # Select user or user group permission of asset or asset group
+    # Select user permission of asset and asset group
    url(r'^v1/user/(?P<pk>[0-9]+)/assets/$', api.UserGrantedAssetsApi.as_view(), name='api-user-assets'),
    url(r'^v1/user/(?P<pk>[0-9]+)/asset-groups/$', api.UserGrantedAssetGroupsApi.as_view(),
        name='api-user-asset-groups'),

+    # Select user group permission of asset and asset group
+    url(r'^v1/user-group/(?P<pk>[0-9]+)/assets/$', api.UserGroupGrantedAssetsApi.as_view(), name='api-user-group-assets'),
+    url(r'^v1/user-group/(?P<pk>[0-9]+)/asset-groups/$', api.UserGroupGrantedAssetGroupsApi.as_view(),
+        name='api-user-group-asset-groups'),
+
+
    # Revoke permission api
    url(r'^v1/asset-permissions/user/revoke/', api.RevokeUserAssetPermission.as_view(),
        name='revoke-user-asset-permission'),
--- a/apps/users/templates/users/user_group_detail.html
+++ b/apps/users/templates/users/user_group_detail.html
@ -25,7 +25,7 @@
                                <a href="{% url 'users:user-group-asset-permission' pk=user_group.id %}" class="text-center"><i class="fa fa-bar-chart-o"></i> {% trans 'Asset permission' %}</a>
                            </li>
                            <li>
-                                <a href="{% url 'users:user-granted-asset' pk=user.id %}" class="text-center"><i class="fa fa-cubes"></i> {% trans 'Asset granted' %}</a>
+                                <a href="{% url 'users:user-group-granted-asset' pk=user.id %}" class="text-center"><i class="fa fa-cubes"></i> {% trans 'Asset granted' %}</a>
                            </li>
                            <li class="pull-right">
                                <a class="btn btn-outline btn-default" href="{% url 'users:user-group-update' pk=user_group.id %}"><i class="fa fa-edit"></i>Update</a>
--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@ -36,7 +36,7 @@ urlpatterns = [
    url(r'^user-group/(?P<pk>[0-9]+)/update$', views.UserGroupUpdateView.as_view(), name='user-group-update'),
    url(r'^user-group/(?P<pk>[0-9]+)/asset-permission$', views.UserGroupAssetPermissionView.as_view(),
        name='user-group-asset-permission'),
-    url(r'^user-group/(?P<pk>[0-9]+)/asset-permission/create$', views.UserAssetPermissionCreateView.as_view(),
+    url(r'^user-group/(?P<pk>[0-9]+)/asset-permission/create$', views.UserGroupAssetPermissionCreateView.as_view(),
        name='user-group-asset-permission-create'),
    url(r'^user-group/(?P<pk>[0-9]+)/assets', views.UserGroupGrantedAssetView.as_view(),
        name='user-group-granted-asset'),
--- a/apps/users/views.py
+++ b/apps/users/views.py
@ -414,7 +414,7 @@ class UserAssetPermissionCreateView(AdminUserRequiredMixin, CreateView):


 class UserGroupAssetPermissionCreateView(AdminUserRequiredMixin, CreateView):
-    form_class = forms.UserPrivateAssetPermissionForm
+    form_class = forms.UserGroupPrivateAssetPermissionForm
    model = AssetPermission

    def get(self, request, *args, **kwargs):