github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: 优化 job permission

pull/10409/head
ibuler 2023-05-09 17:18:52 +08:00
parent 6b6900cfd4
commit b5599fd3a6
1 changed files with 45 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

88
apps/ops/api/job.py
View File

@ -1,23 +1,25 @@
from django.conf import settings from django.conf import settings
from django.db.models import Count from django.db.models import Count
from django.db.transaction import atomic from django.db.transaction import atomic
from rest_framework.views import APIView
from django.shortcuts import get_object_or_404 from django.shortcuts import get_object_or_404
from rest_framework.response import Response from rest_framework.response import Response
from rest_framework.views import APIView
from common.permissions import IsValidUser
from ops.const import Types from ops.const import Types
from ops.models import Job, JobExecution from ops.models import Job, JobExecution
from ops.serializers.job import JobSerializer, JobExecutionSerializer from ops.serializers.job import JobSerializer, JobExecutionSerializer
__all__ = ['JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView', __all__ = [
'JobAssetDetail', 'JobExecutionTaskDetail', 'FrequentUsernames'] 'JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView',
'JobAssetDetail', 'JobExecutionTaskDetail', 'FrequentUsernames'
]
from ops.tasks import run_ops_job_execution from ops.tasks import run_ops_job_execution
from ops.variables import JMS_JOB_VARIABLE_HELP from ops.variables import JMS_JOB_VARIABLE_HELP
from orgs.mixins.api import OrgBulkModelViewSet from orgs.mixins.api import OrgBulkModelViewSet
from orgs.utils import tmp_to_org, get_current_org from orgs.utils import tmp_to_org, get_current_org
from accounts.models import Account from accounts.models import Account
from rbac.permissions import RBACPermission
def set_task_to_serializer_data(serializer, task): def set_task_to_serializer_data(serializer, task):
@ -28,7 +30,6 @@ def set_task_to_serializer_data(serializer, task):
class JobViewSet(OrgBulkModelViewSet): class JobViewSet(OrgBulkModelViewSet):
serializer_class = JobSerializer serializer_class = JobSerializer
permission_classes = (RBACPermission,)
search_fields = ('name', 'comment') search_fields = ('name', 'comment')
model = Job model = Job
@ -70,7 +71,6 @@ class JobViewSet(OrgBulkModelViewSet):
class JobExecutionViewSet(OrgBulkModelViewSet): class JobExecutionViewSet(OrgBulkModelViewSet):
serializer_class = JobExecutionSerializer serializer_class = JobExecutionSerializer
http_method_names = ('get', 'post', 'head', 'options',) http_method_names = ('get', 'post', 'head', 'options',)
permission_classes = (RBACPermission,)
model = JobExecution model = JobExecution
search_fields = ('material',) search_fields = ('material',)
@ -94,50 +94,52 @@ class JobExecutionViewSet(OrgBulkModelViewSet):
return queryset return queryset
class JobAssetDetail(APIView):
rbac_perms = {
'get': ['ops.view_jobexecution'],
}
def get(self, request, **kwargs):
execution_id = request.query_params.get('execution_id', '')
execution = get_object_or_404(JobExecution, id=execution_id)
return Response(data=execution.assent_result_detail)
class JobExecutionTaskDetail(APIView):
rbac_perms = {
'get': ['ops.view_jobexecution'],
}
def get(self, request, **kwargs):
org = get_current_org()
task_id = str(kwargs.get('task_id'))
with tmp_to_org(org):
execution = get_object_or_404(JobExecution, task_id=task_id)
return Response(data={
'status': execution.status,
'is_finished': execution.is_finished,
'is_success': execution.is_success,
'time_cost': execution.time_cost,
'job_id': execution.job.id,
})
class JobRunVariableHelpAPIView(APIView): class JobRunVariableHelpAPIView(APIView):
rbac_perms = () permission_classes = [IsValidUser]
permission_classes = ()
def get(self, request, **kwargs): def get(self, request, **kwargs):
return Response(data=JMS_JOB_VARIABLE_HELP) return Response(data=JMS_JOB_VARIABLE_HELP)
class JobAssetDetail(APIView):
rbac_perms = ()
permission_classes = ()
def get(self, request, **kwargs):
execution_id = request.query_params.get('execution_id')
if execution_id:
execution = get_object_or_404(JobExecution, id=execution_id)
return Response(data=execution.assent_result_detail)
class JobExecutionTaskDetail(APIView):
rbac_perms = ()
permission_classes = ()
def get(self, request, **kwargs):
org = get_current_org()
task_id = str(kwargs.get('task_id'))
if task_id:
with tmp_to_org(org):
execution = get_object_or_404(JobExecution, task_id=task_id)
return Response(data={
'status': execution.status,
'is_finished': execution.is_finished,
'is_success': execution.is_success,
'time_cost': execution.time_cost,
'job_id': execution.job.id,
})
class FrequentUsernames(APIView): class FrequentUsernames(APIView):
rbac_perms = () permission_classes = [IsValidUser]
permission_classes = ()
def get(self, request, **kwargs): def get(self, request, **kwargs):
top_accounts = Account.objects.exclude(username='root').exclude(username__startswith='jms_').values( top_accounts = Account.objects.exclude(username='root') \
'username').annotate( .exclude(username__startswith='jms_') \
total=Count('username')).order_by('total')[:5] .values('username') \
.annotate(total=Count('username')) \
.order_by('total')[:5]
return Response(data=top_accounts) return Response(data=top_accounts)