diff --git a/apps/common/mixins/api/permission.py b/apps/common/mixins/api/permission.py index 64efbe7f5..3a57658c3 100644 --- a/apps/common/mixins/api/permission.py +++ b/apps/common/mixins/api/permission.py @@ -27,7 +27,6 @@ class RoleAdminMixin: user_id = self.kwargs.get(self.user_id_url_kwarg) if hasattr(self, 'swagger_fake_view') and not user_id: return self.request.user # NOQA - user_model = get_user_model() return user_model.objects.get(id=user_id) @@ -37,4 +36,4 @@ class RoleUserMixin: @lazyproperty def user(self): - return self.request.user \ No newline at end of file + return self.request.user diff --git a/apps/perms/api/user_permission/assets/api.py b/apps/perms/api/user_permission/assets/api.py index da304ee6c..9c616adc3 100644 --- a/apps/perms/api/user_permission/assets/api.py +++ b/apps/perms/api/user_permission/assets/api.py @@ -9,54 +9,52 @@ from .mixin import ( ) __all__ = [ - 'UserDirectGrantedAssetsForAdminApi', 'MyDirectGrantedAssetsApi', 'UserFavoriteGrantedAssetsForAdminApi', - 'MyFavoriteGrantedAssetsApi', 'UserDirectGrantedAssetsAsTreeForAdminApi', 'MyUngroupAssetsAsTreeApi', - 'UserAllGrantedAssetsApi', 'MyAllGrantedAssetsApi', 'MyAllAssetsAsTreeApi', 'UserGrantedNodeAssetsForAdminApi', + 'UserDirectGrantedAssetsApi', 'MyDirectGrantedAssetsApi', + 'UserFavoriteGrantedAssetsApi', + 'MyFavoriteGrantedAssetsApi', 'UserDirectGrantedAssetsAsTreeApi', + 'MyUngroupAssetsAsTreeApi', + 'UserAllGrantedAssetsApi', 'MyAllGrantedAssetsApi', 'MyAllAssetsAsTreeApi', + 'UserGrantedNodeAssetsApi', 'MyGrantedNodeAssetsApi', ] logger = get_logger(__name__) -class UserDirectGrantedAssetsForAdminApi(UserDirectGrantedAssetsQuerysetMixin, - AssetRoleAdminMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class UserDirectGrantedAssetsApi( + AssetRoleAdminMixin, + UserDirectGrantedAssetsQuerysetMixin, AssetsSerializerFormatMixin, ListAPIView +): + """ 直接授权给用户的资产 """ pass -class MyDirectGrantedAssetsApi(UserDirectGrantedAssetsQuerysetMixin, - AssetRoleUserMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class MyDirectGrantedAssetsApi(AssetRoleUserMixin, UserDirectGrantedAssetsApi): + """ 直接授权给我的资产 """ pass -class UserFavoriteGrantedAssetsForAdminApi(UserFavoriteGrantedAssetsMixin, - AssetRoleAdminMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class UserFavoriteGrantedAssetsApi( + AssetRoleAdminMixin, + UserFavoriteGrantedAssetsMixin, AssetsSerializerFormatMixin, ListAPIView +): + """ 用户收藏的授权资产 """ pass -class MyFavoriteGrantedAssetsApi(UserFavoriteGrantedAssetsMixin, - AssetRoleUserMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class MyFavoriteGrantedAssetsApi(AssetRoleUserMixin, UserFavoriteGrantedAssetsApi): + """ 我收藏的授权资产 """ pass -class UserDirectGrantedAssetsAsTreeForAdminApi(UserDirectGrantedAssetsQuerysetMixin, - AssetRoleAdminMixin, - AssetsTreeFormatMixin, - ListAPIView): +class UserDirectGrantedAssetsAsTreeApi(AssetsTreeFormatMixin, UserDirectGrantedAssetsApi): + """ 用户直接授权的资产作为树 """ pass -class MyUngroupAssetsAsTreeApi(UserDirectGrantedAssetsQuerysetMixin, - AssetRoleUserMixin, - AssetsTreeFormatMixin, - ListAPIView): +class MyUngroupAssetsAsTreeApi(AssetRoleUserMixin, UserDirectGrantedAssetsAsTreeApi): + """ 我的未分组节点下的资产作为树 """ + def get_queryset(self): queryset = super().get_queryset() if not settings.PERM_SINGLE_ASSET_TO_UNGROUP_NODE: @@ -64,36 +62,31 @@ class MyUngroupAssetsAsTreeApi(UserDirectGrantedAssetsQuerysetMixin, return queryset -class UserAllGrantedAssetsApi(UserAllGrantedAssetsQuerysetMixin, - AssetRoleAdminMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class UserAllGrantedAssetsApi( + AssetRoleAdminMixin, + UserAllGrantedAssetsQuerysetMixin, AssetsSerializerFormatMixin, ListAPIView +): + """ 授权给用户的所有资产 """ pass -class MyAllGrantedAssetsApi(UserAllGrantedAssetsQuerysetMixin, - AssetRoleUserMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class MyAllGrantedAssetsApi(AssetRoleUserMixin, UserAllGrantedAssetsApi): + """ 授权给我的所有资产 """ pass -class MyAllAssetsAsTreeApi(UserAllGrantedAssetsQuerysetMixin, - AssetRoleUserMixin, - AssetsTreeFormatMixin, - ListAPIView): +class MyAllAssetsAsTreeApi(AssetsTreeFormatMixin, MyAllGrantedAssetsApi): + """ 授权给我的所有资产作为树 """ pass -class UserGrantedNodeAssetsForAdminApi(AssetRoleAdminMixin, - UserGrantedNodeAssetsMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class UserGrantedNodeAssetsApi( + AssetRoleAdminMixin, UserGrantedNodeAssetsMixin, AssetsSerializerFormatMixin, ListAPIView +): + """ 授权给用户的节点资产 """ pass -class MyGrantedNodeAssetsApi(AssetRoleUserMixin, - UserGrantedNodeAssetsMixin, - AssetsSerializerFormatMixin, - ListAPIView): +class MyGrantedNodeAssetsApi(AssetRoleUserMixin, UserGrantedNodeAssetsApi): + """ 授权给我的节点资产 """ pass diff --git a/apps/perms/api/user_permission/assets/mixin.py b/apps/perms/api/user_permission/assets/mixin.py index 096bd21b3..5e123091a 100644 --- a/apps/perms/api/user_permission/assets/mixin.py +++ b/apps/perms/api/user_permission/assets/mixin.py @@ -64,6 +64,7 @@ class UserGrantedNodeAssetsMixin: pagination_class = NodeGrantedAssetPagination pagination_node: Node user: User + kwargs: dict def get_queryset(self): if getattr(self, 'swagger_fake_view', False): @@ -91,6 +92,9 @@ class AssetsTreeFormatMixin(SerializeToTreeNodeMixin): """ 将 资产 序列化成树的结构返回 """ + filter_queryset: callable + get_queryset: callable + filterset_fields = ['name', 'ip', 'id', 'comment'] search_fields = ['name', 'ip', 'comment'] diff --git a/apps/perms/api/user_permission/mixin.py b/apps/perms/api/user_permission/mixin.py index c53f548e5..da9691f38 100644 --- a/apps/perms/api/user_permission/mixin.py +++ b/apps/perms/api/user_permission/mixin.py @@ -3,14 +3,14 @@ from rest_framework.request import Request from common.http import is_true -from common.mixins.api import RoleAdminMixin as _RoleAdminMixin -from common.mixins.api import RoleUserMixin as _RoleUserMixin +from common.mixins.api import RoleAdminMixin +from common.mixins.api import RoleUserMixin from orgs.utils import tmp_to_root_org from users.models import User from perms.utils.user_permission import UserGrantedTreeRefreshController -class PermBaseMixin: +class RebuildTreeMixin: user: User def get(self, request: Request, *args, **kwargs): @@ -20,7 +20,7 @@ class PermBaseMixin: return super().get(request, *args, **kwargs) -class AssetRoleAdminMixin(PermBaseMixin, _RoleAdminMixin): +class AssetRoleAdminMixin(RebuildTreeMixin, RoleAdminMixin): rbac_perms = ( ('list', 'perms.view_userassets'), ('retrieve', 'perms.view_userassets'), @@ -29,7 +29,7 @@ class AssetRoleAdminMixin(PermBaseMixin, _RoleAdminMixin): ) -class AssetRoleUserMixin(PermBaseMixin, _RoleUserMixin): +class AssetRoleUserMixin(RebuildTreeMixin, RoleUserMixin): rbac_perms = ( ('list', 'perms.view_myassets'), ('retrieve', 'perms.view_myassets'), diff --git a/apps/perms/urls/asset_permission.py b/apps/perms/urls/asset_permission.py index 4258a2698..7099aa137 100644 --- a/apps/perms/urls/asset_permission.py +++ b/apps/perms/urls/asset_permission.py @@ -24,7 +24,7 @@ user_permission_urlpatterns = [ path('assets/', api.MyAllGrantedAssetsApi.as_view(), name='my-assets'), # Tree Node 的数据格式返回 - path('/assets/tree/', api.UserDirectGrantedAssetsAsTreeForAdminApi.as_view(), name='user-assets-as-tree'), + path('/assets/tree/', api.UserDirectGrantedAssetsAsTreeApi.as_view(), name='user-assets-as-tree'), path('assets/tree/', api.MyAllAssetsAsTreeApi.as_view(), name='my-assets-as-tree'), path('ungroup/assets/tree/', api.MyUngroupAssetsAsTreeApi.as_view(), name='my-ungroup-assets-as-tree'), # ^--------------------------------------------------------^ @@ -60,17 +60,18 @@ user_permission_urlpatterns = [ path('nodes/children-with-assets/tree/', api.MyGrantedNodeChildrenWithAssetsAsTreeApi.as_view(), name='my-nodes-children-with-assets-as-tree'), # 查询授权树上某个节点的所有资产 - path('/nodes//assets/', api.UserGrantedNodeAssetsForAdminApi.as_view(), name='user-node-assets'), + path('/nodes//assets/', api.UserGrantedNodeAssetsApi.as_view(), name='user-node-assets'), path('nodes//assets/', api.MyGrantedNodeAssetsApi.as_view(), name='my-node-assets'), # 未分组的资产 - path('/nodes/ungrouped/assets/', api.UserDirectGrantedAssetsForAdminApi.as_view(), name='user-ungrouped-assets'), + path('/nodes/ungrouped/assets/', api.UserDirectGrantedAssetsApi.as_view(), name='user-ungrouped-assets'), path('nodes/ungrouped/assets/', api.MyDirectGrantedAssetsApi.as_view(), name='my-ungrouped-assets'), # 收藏的资产 - path('/nodes/favorite/assets/', api.UserFavoriteGrantedAssetsForAdminApi.as_view(), name='user-ungrouped-assets'), + path('/nodes/favorite/assets/', api.UserFavoriteGrantedAssetsApi.as_view(), name='user-ungrouped-assets'), path('nodes/favorite/assets/', api.MyFavoriteGrantedAssetsApi.as_view(), name='my-ungrouped-assets'), + # Todo: 删除 # Asset System users path('/assets//system-users/', api.UserGrantedAssetSystemUsersForAdminApi.as_view(), name='user-asset-system-users'), path('assets//system-users/', api.MyGrantedAssetSystemUsersApi.as_view(), name='my-asset-system-users'),