diff --git a/apps/applications/api/database_app.py b/apps/applications/api/database_app.py index 8f5f704ef..af5810e0f 100644 --- a/apps/applications/api/database_app.py +++ b/apps/applications/api/database_app.py @@ -2,11 +2,10 @@ # from orgs.mixins.api import OrgBulkModelViewSet -from orgs.mixins import generics from .. import models from .. import serializers -from ..hands import IsOrgAdmin, IsAppUser +from ..hands import IsOrgAdminOrAppUser __all__ = [ 'DatabaseAppViewSet', @@ -17,5 +16,5 @@ class DatabaseAppViewSet(OrgBulkModelViewSet): model = models.DatabaseApp filter_fields = ('name',) search_fields = filter_fields - permission_classes = (IsOrgAdmin,) + permission_classes = (IsOrgAdminOrAppUser,) serializer_class = serializers.DatabaseAppSerializer diff --git a/apps/audits/signals_handler.py b/apps/audits/signals_handler.py index e7c61313d..9579ca6e5 100644 --- a/apps/audits/signals_handler.py +++ b/apps/audits/signals_handler.py @@ -15,8 +15,8 @@ from users.signals import post_user_change_password from authentication.signals import post_auth_failed, post_auth_success from terminal.models import Session, Command from common.utils.encode import model_to_json +from .utils import write_login_log from . import models -from .tasks import write_login_log_async logger = get_logger(__name__) sys_logger = get_syslogger(__name__) @@ -27,7 +27,8 @@ MODELS_NEED_RECORD = ( 'User', 'UserGroup', 'Asset', 'Node', 'AdminUser', 'SystemUser', 'Domain', 'Gateway', 'Organization', 'AssetPermission', 'CommandFilter', 'CommandFilterRule', 'License', 'Setting', 'Account', 'SyncInstanceTask', - 'Platform', 'RemoteAppPermission', 'ChangeAuthPlan', 'GatherUserTask', + 'Platform', 'ChangeAuthPlan', 'GatherUserTask', + 'RemoteApp', 'RemoteAppPermission', 'DatabaseApp', 'DatabaseAppPermission', ) @@ -133,7 +134,7 @@ def on_user_auth_success(sender, user, request, **kwargs): logger.debug('User login success: {}'.format(user.username)) data = generate_data(user.username, request) data.update({'mfa': int(user.mfa_enabled), 'status': True}) - write_login_log_async.delay(**data) + write_login_log(**data) @receiver(post_auth_failed) @@ -141,4 +142,4 @@ def on_user_auth_failed(sender, username, request, reason, **kwargs): logger.debug('User login failed: {}'.format(username)) data = generate_data(username, request) data.update({'reason': reason, 'status': False}) - write_login_log_async.delay(**data) + write_login_log(**data) diff --git a/apps/audits/tasks.py b/apps/audits/tasks.py index c69a24e08..2dfe4a2dd 100644 --- a/apps/audits/tasks.py +++ b/apps/audits/tasks.py @@ -7,7 +7,6 @@ from celery import shared_task from ops.celery.decorator import register_as_period_task from .models import UserLoginLog, OperateLog -from .utils import write_login_log @register_as_period_task(interval=3600*24) @@ -32,8 +31,3 @@ def clean_operation_log_period(): days = 90 expired_day = now - datetime.timedelta(days=days) OperateLog.objects.filter(datetime__lt=expired_day).delete() - - -@shared_task -def write_login_log_async(*args, **kwargs): - write_login_log(*args, **kwargs) diff --git a/apps/users/hands.py b/apps/users/hands.py index 0792fa099..5e2007c8a 100644 --- a/apps/users/hands.py +++ b/apps/users/hands.py @@ -11,7 +11,6 @@ """ # from terminal.models import Terminal -# from audits.tasks import write_login_log_async # from users.models import User # from perms.models import AssetPermission # from perms.utils import get_user_granted_assets, get_user_granted_asset_groups