bug fix for rule add check

2015-12-04 18:24:20 +08:00 · 2015-12-04 18:24:20 +08:00 · b5325fd0ac
parent 69bbdab450
commit b5325fd0ac
1 changed files with 11 additions and 8 deletions
--- a/jperm/views.py
+++ b/jperm/views.py
@ -78,11 +78,11 @@ def perm_rule_add(request):

    if request.method == 'POST':
        # 获取用户选择的 用户,用户组,资产,资产组,用户角色
-        users_select = request.POST.getlist('user', [])
-        user_groups_select = request.POST.getlist('usergroup', [])
-        assets_select = request.POST.getlist('asset', [])
-        asset_groups_select = request.POST.getlist('assetgroup', [])
-        roles_select = request.POST.getlist('role', [])
+        users_select = request.POST.getlist('user', [])  # 需要授权用户
+        user_groups_select = request.POST.getlist('usergroup', [])  # 需要授权用户组
+        assets_select = request.POST.getlist('asset', [])  # 需要授权资产
+        asset_groups_select = request.POST.getlist('assetgroup', [])  # 需要授权资产组
+        roles_select = request.POST.getlist('role', [])  # 需要授权角色
        rule_name = request.POST.get('rulename')
        rule_comment = request.POST.get('rule_comment')

@ -94,8 +94,10 @@ def perm_rule_add(request):
            # 获取需要授权的主机列表
            assets_obj = [Asset.objects.get(id=asset_id) for asset_id in assets_select]
            asset_groups_obj = [AssetGroup.objects.get(id=group_id) for group_id in asset_groups_select]
-            group_assets_obj = [asset for asset in [group.asset_set.all() for group in asset_groups_obj]]
-            calc_assets = set(group_assets_obj) | set(assets_obj)
+            group_assets_obj = []
+            for asset_group in asset_groups_obj:
+                group_assets_obj.extend(list(asset_group.asset_set.all()))
+            calc_assets = set(group_assets_obj) | set(assets_obj)  # 授权资产和资产组包含的资产

            # 获取需要授权的用户列表
            users_obj = [User.objects.get(id=user_id) for user_id in users_select]
@ -106,8 +108,9 @@ def perm_rule_add(request):
            # 获取授予的角色列表
            roles_obj = [PermRole.objects.get(id=role_id) for role_id in roles_select]
            need_push_asset = set()
+
            for role in roles_obj:
-                asset_no_push = get_role_push_host(role=role)[1]
+                asset_no_push = get_role_push_host(role=role)[0]  # 获取某角色已经推送的资产
                need_push_asset.update(set(calc_assets) - set(asset_no_push))
                if need_push_asset:
                    raise ServerError(u'没有推送角色 %s 的主机 %s'