From c389c5f5f69a4dceec58e5fff366c3f2ce71aa43 Mon Sep 17 00:00:00 2001 From: xinwen Date: Thu, 26 Nov 2020 19:53:15 +0800 Subject: [PATCH] =?UTF-8?q?fix(perms):=20=E6=96=B0=E5=BB=BA=E6=8E=88?= =?UTF-8?q?=E6=9D=83=E6=97=B6=E5=8A=A8=E6=80=81=E7=94=A8=E6=88=B7=E5=8F=AF?= =?UTF-8?q?=E8=83=BD=E6=8E=A8=E9=80=81=E4=B8=8D=E6=88=90=E5=8A=9F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/signals_handler.py | 3 +++ apps/assets/tasks/push_system_user.py | 27 +++++++++++++++++++++++++-- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/apps/assets/signals_handler.py b/apps/assets/signals_handler.py index f89c8da94..061d7d84c 100644 --- a/apps/assets/signals_handler.py +++ b/apps/assets/signals_handler.py @@ -78,6 +78,7 @@ def on_system_user_update(instance: SystemUser, created, **kwargs): @receiver(m2m_changed, sender=SystemUser.assets.through) +@on_transaction_commit def on_system_user_assets_change(instance, action, model, pk_set, **kwargs): """ 当系统用户和资产关系发生变化时,应该重新推送系统用户到新添加的资产中 @@ -96,6 +97,7 @@ def on_system_user_assets_change(instance, action, model, pk_set, **kwargs): @receiver(m2m_changed, sender=SystemUser.users.through) +@on_transaction_commit def on_system_user_users_change(sender, instance: SystemUser, action, model, pk_set, reverse, **kwargs): """ 当系统用户和用户关系发生变化时,应该重新推送系统用户资产中 @@ -117,6 +119,7 @@ def on_system_user_users_change(sender, instance: SystemUser, action, model, pk_ @receiver(m2m_changed, sender=SystemUser.nodes.through) +@on_transaction_commit def on_system_user_nodes_change(sender, instance=None, action=None, model=None, pk_set=None, **kwargs): """ 当系统用户和节点关系发生变化时,应该将节点下资产关联到新的系统用户上 diff --git a/apps/assets/tasks/push_system_user.py b/apps/assets/tasks/push_system_user.py index 0bb9be407..5b61c656e 100644 --- a/apps/assets/tasks/push_system_user.py +++ b/apps/assets/tasks/push_system_user.py @@ -2,13 +2,13 @@ from itertools import groupby from celery import shared_task -from common.db.utils import get_object_if_need, get_objects_if_need, get_objects +from common.db.utils import get_object_if_need, get_objects from django.utils.translation import ugettext as _ from django.db.models import Empty from common.utils import encrypt_password, get_logger from assets.models import SystemUser, Asset -from orgs.utils import org_aware_func +from orgs.utils import org_aware_func, tmp_to_root_org from . import const from .utils import clean_ansible_task_hosts, group_asset_by_platform @@ -229,7 +229,11 @@ def push_system_user_util(system_user, assets, task_name, username=None): @shared_task(queue="ansible") +@tmp_to_root_org() def push_system_user_to_assets_manual(system_user, username=None): + """ + 将系统用户推送到与它关联的所有资产上 + """ system_user = get_object_if_need(SystemUser, system_user) assets = system_user.get_related_assets() task_name = _("Push system users to assets: {}").format(system_user.name) @@ -237,7 +241,11 @@ def push_system_user_to_assets_manual(system_user, username=None): @shared_task(queue="ansible") +@tmp_to_root_org() def push_system_user_a_asset_manual(system_user, asset, username=None): + """ + 将系统用户推送到一个资产上 + """ if username is None: username = system_user.username task_name = _("Push system users to asset: {}({}) => {}").format( @@ -247,10 +255,25 @@ def push_system_user_a_asset_manual(system_user, asset, username=None): @shared_task(queue="ansible") +@tmp_to_root_org() def push_system_user_to_assets(system_user_id, assets_id, username=None): + """ + 推送系统用户到指定的若干资产上 + """ system_user = SystemUser.objects.get(id=system_user_id) assets = get_objects(Asset, assets_id) task_name = _("Push system users to assets: {}").format(system_user.name) + + if username is None and system_user.username_same_with_user: + # 动态系统用户,把与系统用户关联的所有用户推送到新关联的资产上 + usernames = system_user.users.all().values_list('username', flat=True).distinct() + ret = [] + for username in usernames: + ret.append( + push_system_user_util(system_user, assets, task_name, username=username) + ) + return ret + return push_system_user_util(system_user, assets, task_name, username=username) # @shared_task