[Update] 修改系统用户推送，拆分assets的部分模块

2018-02-09 11:12:40 +08:00 · 2018-02-09 11:12:40 +08:00 · c7296c2498
parent f82d939d15
commit c7296c2498
23 changed files with 186 additions and 406 deletions
--- a/apps/assets/api/asset.py
+++ b/apps/assets/api/asset.py
@ -33,7 +33,7 @@ class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
    """
    filter_fields = ("hostname", "ip")
    search_fields = filter_fields
-    ordering_fields = ("hostname", "ip", "port", "cluster", "cpu_cores")
+    ordering_fields = ("hostname", "ip", "port", "cpu_cores")
    queryset = Asset.objects.all()
    serializer_class = serializers.AssetSerializer
    pagination_class = LimitOffsetPagination
@ -47,13 +47,9 @@ class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
        if admin_user_id:
            admin_user = get_object_or_404(AdminUser, id=admin_user_id)
-            assets_direct = [asset.id for asset in admin_user.asset_set.all()]
+            queryset = queryset.filter(admin_user=admin_user)
            clusters = [cluster.id for cluster in admin_user.cluster_set.all()]
            queryset = queryset.filter(Q(cluster__id__in=clusters)|Q(id__in=assets_direct))
        if system_user_id:
            system_user = get_object_or_404(SystemUser, id=system_user_id)
            clusters = system_user.get_clusters()
            queryset = queryset.filter(cluster__in=clusters)
        if node_id:
            node = get_object_or_404(Node, id=node_id)
            queryset = queryset.filter(nodes__key__startswith=node.key).distinct()
--- a/apps/assets/api/system_user.py
+++ b/apps/assets/api/system_user.py
@ -20,7 +20,7 @@ from common.utils import get_logger
 from ..hands import IsSuperUser, IsSuperUserOrAppUser
 from ..models import SystemUser
 from .. import serializers
-from ..tasks import push_system_user_to_cluster_assets_manual, \
+from ..tasks import push_system_user_to_assets_manual, \
    test_system_user_connectability_manual
@ -68,7 +68,7 @@ class SystemUserPushApi(generics.RetrieveAPIView):
    def retrieve(self, request, *args, **kwargs):
        system_user = self.get_object()
-        push_system_user_to_cluster_assets_manual.delay(system_user)
+        push_system_user_to_assets_manual.delay(system_user)
        return Response({"msg": "Task created"})
--- a/apps/assets/forms/asset.py
+++ b/apps/assets/forms/asset.py
@ -34,7 +34,9 @@ class AssetCreateForm(forms.ModelForm):
            'hostname': '* required',
            'ip': '* required',
            'port': '* required',
-            'admin_user': _('')
+            'admin_user': _('Admin user is a privilege user exist on this asset,'
                            'Example: root or other NOPASSWD sudo privilege user'
                            )
        }
--- a/apps/assets/forms/user.py
+++ b/apps/assets/forms/user.py
@ -114,22 +114,22 @@ class SystemUserForm(PasswordAndKeyAuthForm):
        fields = [
            'name', 'username', 'protocol', 'auto_generate_key',
            'password', 'private_key_file', 'auto_push', 'sudo',
-            'comment', 'shell', 'cluster', 'priority',
+            'comment', 'shell', 'nodes', 'priority',
        ]
        widgets = {
            'name': forms.TextInput(attrs={'placeholder': _('Name')}),
            'username': forms.TextInput(attrs={'placeholder': _('Username')}),
-            'cluster': forms.SelectMultiple(
+            'nodes': forms.SelectMultiple(
                attrs={
                    'class': 'select2',
-                    'data-placeholder': _(' Select clusters')
+                    'data-placeholder': _('Nodes')
                }
            ),
        }
        help_texts = {
            'name': '* required',
            'username': '* required',
-            'cluster': _('If auto push checked, system user will be create at cluster assets'),
+            'nodes': _('If auto push checked, system user will be create at node assets'),
            'auto_push': _('Auto push system user to asset'),
            'priority': _('High level will be using login asset as default, if user was granted more than 2 system user'),
        }
--- a/apps/assets/hands.py
+++ b/apps/assets/hands.py
@ -11,8 +11,7 @@
 """
-from users.utils import AdminUserRequiredMixin
+from common.mixins import AdminUserRequiredMixin
-from users.permissions import IsAppUser, IsSuperUser, IsValidUser, IsSuperUserOrAppUser
+from common.permissions import IsAppUser, IsSuperUser, IsValidUser, IsSuperUserOrAppUser
 from users.models import User, UserGroup
 from perms.utils import NodePermissionUtil
 from perms.tasks import push_users
--- a/apps/assets/models/init.py
+++ b/apps/assets/models/init.py
@ -5,6 +5,6 @@ from .user import AdminUser, SystemUser
 from .label import Label
 from .cluster import *
 from .group import *
-from .tree import *
+from .node import *
 from .asset import *
 from .utils import *
--- a/apps/assets/models/asset.py
+++ b/apps/assets/models/asset.py
@ -29,8 +29,11 @@ def default_cluster():
 def default_node():
    try:
        from .tree import Node
        return Node.root()
    except:
        return None
 class Asset(models.Model):
@ -102,30 +105,12 @@ class Asset(models.Model):
        else:
            return False
    @property
    def admin_user_avail(self):
        if self.admin_user:
            admin_user = self.admin_user
        elif self.cluster and self.cluster.admin_user:
            admin_user = self.cluster.admin_user
        else:
            return None
        return admin_user
    @property
    def is_has_private_admin_user(self):
        if self.admin_user:
            return True
        else:
            return False
    def to_json(self):
        return {
            'id': self.id,
            'hostname': self.hostname,
            'ip': self.ip,
            'port': self.port,
            'groups': [group.name for group in self.groups.all()],
        }
    def _to_secret_json(self):
@ -136,13 +121,14 @@ class Asset(models.Model):
        Todo: May be move to ops implements it
        """
        data = self.to_json()
-        if self.admin_user_avail:
+        if self.admin_user:
-            admin_user = self.admin_user_avail
+            admin_user = self.admin_user
            data.update({
                'username': admin_user.username,
                'password': admin_user.password,
                'private_key': admin_user.private_key_file,
                'become': admin_user.become_info,
                'groups': [node.value for node in self.nodes.all()],
            })
        return data
@ -161,7 +147,6 @@ class Asset(models.Model):
            asset = cls(ip='%s.%s.%s.%s' % (i, i, i, i),
                        hostname=forgery_py.internet.user_name(True),
                        admin_user=choice(AdminUser.objects.all()),
                        cluster=choice(Cluster.objects.all()),
                        port=22,
                        created_by='Fake')
            try:
--- a/apps/assets/models/node.py
+++ b/apps/assets/models/node.py
@ -24,7 +24,7 @@ class Node(models.Model):
        if self == self.__class__.root():
            return self.value
        else:
-            return '{}/{}'.format( self.value, self.parent.full_value)
+            return '{}/{}'.format(self.value, self.parent.full_value)
    @property
    def level(self):
@ -78,6 +78,19 @@ class Node(models.Model):
        else:
            return parent
    @property
    def ancestor(self):
        if self.parent == self.__class__.root():
            return [self.__class__.root()]
        else:
            return [self.parent, *tuple(self.parent.ancestor)]
    @property
    def ancestor_with_node(self):
        ancestor = self.ancestor
        ancestor.insert(0, self)
        return ancestor
    @classmethod
    def root(cls):
        obj, created = cls.objects.get_or_create(
--- a/apps/assets/models/user.py
+++ b/apps/assets/models/user.py
@ -218,7 +218,7 @@ class SystemUser(AssetUser):
        (RDP_PROTOCOL, 'rdp'),
    )
-    cluster = models.ManyToManyField('assets.Cluster', blank=True, verbose_name=_("Cluster"))
+    nodes = models.ManyToManyField('assets.Node', blank=True, verbose_name=_("Nodes"))
    priority = models.IntegerField(default=10, verbose_name=_("Priority"))
    protocol = models.CharField(max_length=16, choices=PROTOCOL_CHOICES, default='ssh', verbose_name=_('Protocol'))
    auto_push = models.BooleanField(default=True, verbose_name=_('Auto push'))
@ -228,21 +228,6 @@ class SystemUser(AssetUser):
    def __str__(self):
        return self.name
    def get_clusters_assets(self):
        from .asset import Asset
        clusters = self.get_clusters()
        return Asset.objects.filter(cluster__in=clusters)
    def get_clusters(self):
        return self.cluster.all()
    def get_clusters_joined(self):
        return ', '.join([cluster.name for cluster in self.get_clusters()])
    @property
    def assets_amount(self):
        return len(self.get_clusters_assets())
    def to_json(self):
        return {
            'id': self.id,
@ -266,6 +251,12 @@ class SystemUser(AssetUser):
    def reachable_assets(self):
        return self.assets_connective.get('contacted', [])
    def is_need_push(self):
        if self.auto_push and self.protocol == self.__class__.SSH_PROTOCOL:
            return True
        else:
            return False
    class Meta:
        ordering = ['name']
        verbose_name = _("System user")
--- a/apps/assets/signals.py
+++ b/apps/assets/signals.py
@ -3,4 +3,3 @@
 from django.dispatch import Signal
 on_app_ready = Signal()
 on_system_user_auth_changed = Signal(providing_args=['system_user'])
--- a/apps/assets/signals_handler.py
+++ b/apps/assets/signals_handler.py
@ -1,15 +1,14 @@
 # -*- coding: utf-8 -*-
 #
-from django.db.models.signals import post_save, post_init
+from django.db.models.signals import post_save, m2m_changed
 from django.dispatch import receiver
 from django.utils.translation import gettext as _
 from common.utils import get_logger
-from .models import Asset, SystemUser, Cluster
+from .models import Asset, SystemUser, Node
 from .tasks import update_assets_hardware_info_util, \
-    test_asset_connectability_util, \
+    test_asset_connectability_util, push_system_user_to_node, \
-    push_system_user_util
+    push_node_system_users_to_asset
 logger = get_logger(__file__)
@ -25,92 +24,42 @@ def test_asset_conn_on_created(asset):
    test_asset_connectability_util.delay(asset)
 def push_cluster_system_users_to_asset(asset):
    if asset.cluster:
        logger.info("Push cluster system user to asset: {}".format(asset))
        task_name = _("Push cluster system users to asset")
        system_users = asset.cluster.systemuser_set.all()
        push_system_user_util.delay(system_users, [asset], task_name)
@receiver(post_save, sender=Asset, dispatch_uid="my_unique_identifier")
 def on_asset_created(sender, instance=None, created=False, **kwargs):
    if instance and created:
        logger.info("Asset `{}` create signal received".format(instance))
        update_asset_hardware_info_on_created(instance)
        test_asset_conn_on_created(instance)
        # push_cluster_system_users_to_asset(instance)
-# def push_to_cluster_assets_on_system_user_created_or_update(system_user):
+@receiver(post_save, sender=SystemUser, dispatch_uid="my_unique_identifier")
-#     if not system_user.auto_push:
+def on_system_user_update(sender, instance=None, created=True, **kwargs):
-#         return
+    if instance and not created:
-#     logger.debug("Push system user `{}` to cluster assets".format(system_user.name))
+        for node in instance.nodes.all():
-#     for cluster in system_user.cluster.all():
+            push_system_user_to_node(instance, node)
 #         task_name = _("Push system user to cluster assets: {}->{}").format(
 #             cluster.name, system_user.name
 #         )
 #         assets = cluster.assets.all()
 #         push_system_user_util.delay([system_user], assets, task_name)
-# @receiver(post_save, sender=SystemUser)
+@receiver(m2m_changed, sender=SystemUser.nodes.through)
-# def on_system_user_created_or_updated(sender, instance=None, **kwargs):
+def on_system_user_node_change(sender, instance=None, **kwargs):
-#     if instance and instance.auto_push:
+    if instance and kwargs["action"] == "post_add":
-#         logger.info("System user `{}` create or update signal received".format(instance))
+        for pk in kwargs['pk_set']:
-#         push_to_cluster_assets_on_system_user_created_or_update(instance)
+            node = kwargs['model'].objects.get(pk=pk)
-#
+            push_system_user_to_node(instance, node)
-#
+
-# @receiver(post_init, sender=Cluster, dispatch_uid="my_unique_identifier")
+
-# def on_cluster_init(sender, instance, **kwargs):
+@receiver(m2m_changed, sender=Asset.nodes.through)
-#     instance.__original_assets = tuple(instance.assets.values_list('pk', flat=True))
+def on_asset_node_changed(sender, instance=None, **kwargs):
-#     instance.__origin_system_users = tuple(instance.systemuser_set.values_list('pk', flat=True))
+    if isinstance(instance, Asset) and kwargs['action'] == 'post_add':
-#
+        logger.debug("Asset node change signal received")
-#
+        for pk in kwargs['pk_set']:
-# @receiver(post_save, sender=Cluster, dispatch_uid="my_unique_identifier")
+            node = kwargs['model'].objects.get(pk=pk)
-# def on_cluster_assets_changed(sender, instance, **kwargs):
+            push_node_system_users_to_asset(node, [instance])
-#     assets_origin = instance.__original_assets
+
-#     assets_new = instance.assets.values_list('pk', flat=True)
+
-#     assets_added = set(assets_new) - set(assets_origin)
+@receiver(m2m_changed, sender=Asset.nodes.through)
-#     if assets_added:
+def on_node_assets_changed(sender, instance=None, **kwargs):
-#         logger.debug("Receive cluster change assets signal")
+    if isinstance(instance, Node) and kwargs['action'] == 'post_add':
-#         logger.debug("Push cluster `{}` system users to: {}".format(
+        logger.debug("Node assets change signal received")
-#             instance, ', '.join([str(asset) for asset in assets_added])
+        assets = kwargs['model'].objects.filter(pk__in=kwargs['pk_set'])
-#         ))
+        push_node_system_users_to_asset(instance, assets)
 #         assets = []
 #         for asset_id in assets_added:
 #             try:
 #                 asset = Asset.objects.get(pk=asset_id)
 #             except Asset.DoesNotExist:
 #                 continue
 #             else:
 #                 assets.append(asset)
 #         system_users = [s for s in instance.systemuser_set.all() if s.auto_push]
 #         task_name = _("Push system user to assets")
 #         push_system_user_util.delay(system_users, assets, task_name)
 #
 #
 # @receiver(post_save, sender=Cluster, dispatch_uid="my_unique_identifier2")
 # def on_cluster_system_user_changed(sender, instance, **kwargs):
 #     system_users_origin = instance.__origin_system_users
 #     system_user_new = instance.systemuser_set.values_list('pk', flat=True)
 #     system_users_added = set(system_user_new) - set(system_users_origin)
 #     if system_users_added:
 #         logger.debug("Receive cluster change system users signal")
 #         system_users = []
 #         for system_user_id in system_users_added:
 #             try:
 #                 system_user = SystemUser.objects.get(pk=system_user_id)
 #             except SystemUser.DoesNotExist:
 #                 continue
 #             else:
 #                 system_users.append(system_user)
 #         logger.debug("Push new system users `{}` to cluster `{}` assets".format(
 #             ','.join([s.name for s in system_users]), instance
 #         ))
 #         task_name = _(
 #             "Push system user to cluster assets: {}->{}").format(
 #              instance.name, ', '.join(s.name for s in system_users)
 #         )
        push_system_user_util.delay(system_users, instance.assets.all(), task_name)
--- a/apps/assets/tasks.py
+++ b/apps/assets/tasks.py
@ -99,7 +99,7 @@ def update_assets_hardware_info_util(assets, task_name=None):
    result = task.run()
    # Todo: may be somewhere using
    # Manual run callback function
-    assets_updated = set_assets_hardware_info(result)
+    set_assets_hardware_info(result)
    return result
@ -262,21 +262,23 @@ def test_system_user_connectability_util(system_user, task_name):
    :param task_name:
    :return:
    """
-    from ops.utils import update_or_create_ansible_task
+    # todo
-    assets = system_user.get_clusters_assets()
+    # from ops.utils import update_or_create_ansible_task
-    hosts = [asset.hostname for asset in assets]
+    # assets = system_user.get_clusters_assets()
-    tasks = const.TEST_SYSTEM_USER_CONN_TASKS
+    # hosts = [asset.hostname for asset in assets]
-    if not hosts:
+    # tasks = const.TEST_SYSTEM_USER_CONN_TASKS
-        logger.info("No hosts, passed")
+    # if not hosts:
    #     logger.info("No hosts, passed")
    #     return {}
    # task, created = update_or_create_ansible_task(
    #     task_name, hosts=hosts, tasks=tasks, pattern='all',
    #     options=const.TASK_OPTIONS,
    #     run_as=system_user.name, created_by="System",
    # )
    # result = task.run()
    # set_system_user_connectablity_info(result, system_user=system_user.name)
    # return result
    return {}
    task, created = update_or_create_ansible_task(
        task_name, hosts=hosts, tasks=tasks, pattern='all',
        options=const.TASK_OPTIONS,
        run_as=system_user.name, created_by="System",
    )
    result = task.run()
    set_system_user_connectablity_info(result, system_user=system_user.name)
    return result
@shared_task
@ -290,21 +292,23 @@ def test_system_user_connectability_manual(system_user):
@after_app_ready_start
@after_app_shutdown_clean
 def test_system_user_connectability_period():
-    from ops.utils import update_or_create_ansible_task
+    # Todo
-    system_users = SystemUser.objects.all()
+    pass
-    for system_user in system_users:
+    # from ops.utils import update_or_create_ansible_task
-        task_name = _("Test system user connectability period: {}").format(
+    # system_users = SystemUser.objects.all()
-            system_user.name
+    # for system_user in system_users:
-        )
+    #     task_name = _("Test system user connectability period: {}").format(
-        assets = system_user.get_clusters_assets()
+    #         system_user.name
-        hosts = [asset.hostname for asset in assets]
+    #     )
-        tasks = const.TEST_SYSTEM_USER_CONN_TASKS
+    #     assets = system_user.get_clusters_assets()
-        update_or_create_ansible_task(
+    #     hosts = [asset.hostname for asset in assets]
-            task_name=task_name, hosts=hosts, tasks=tasks, pattern='all',
+    #     tasks = const.TEST_SYSTEM_USER_CONN_TASKS
-            options=const.TASK_OPTIONS, run_as_admin=False,  run_as=system_user.name,
+    #     update_or_create_ansible_task(
-            created_by='System', interval=3600, is_periodic=True,
+    #         task_name=task_name, hosts=hosts, tasks=tasks, pattern='all',
-            callback=set_admin_user_connectability_info.name,
+    #         options=const.TASK_OPTIONS, run_as_admin=False,  run_as=system_user.name,
-        )
+    #         created_by='System', interval=3600, is_periodic=True,
    #         callback=set_admin_user_connectability_info.name,
    #     )
 ####  Push system user tasks ####
@ -315,7 +319,6 @@ def get_push_system_user_tasks(system_user):
        return []
    tasks = []
    if system_user.password:
        tasks.append({
            'name': 'Add user {}'.format(system_user.username),
@ -358,6 +361,7 @@ def push_system_user_util(system_users, assets, task_name):
    from ops.utils import update_or_create_ansible_task
    tasks = []
    for system_user in system_users:
        if system_user.is_need_push():
            tasks.extend(get_push_system_user_tasks(system_user))
    if not tasks:
@ -375,11 +379,41 @@ def push_system_user_util(system_users, assets, task_name):
    return task.run()
 def get_node_push_system_user_task_name(system_user, node):
    return _("Push system user to node: {} => {}").format(
        system_user.name,
        node.value
    )
 def push_system_user_to_node(system_user, node):
    assets = node.get_all_assets()
    task_name = get_node_push_system_user_task_name(system_user, node)
    push_system_user_util.delay([system_user], assets, task_name)
@shared_task
-def push_system_user_to_cluster_assets_manual(system_user):
+def push_system_user_related_nodes(system_user):
-    task_name = _("Push system user to cluster assets: {}").format(system_user.name)
+    nodes = system_user.nodes.all()
-    assets = system_user.get_clusters_assets()
+    for node in nodes:
-    return push_system_user_util([system_user], assets, task_name)
+        push_system_user_to_node(system_user, node)
@shared_task
 def push_system_user_to_assets_manual(system_user):
    push_system_user_related_nodes(system_user)
 def push_node_system_users_to_asset(node, assets):
    system_users = []
    nodes = node.ancestor_with_node
    # 获取该节点所有父节点有的系统用户, 然后推送
    for n in nodes:
        system_users.extend(list(n.systemuser_set.all()))
    if system_users:
        task_name = _("Push system users to node: {}").format(node.value)
        push_system_user_util.delay(system_users, assets, task_name)
@shared_task
@ -387,23 +421,5 @@ def push_system_user_to_cluster_assets_manual(system_user):
@after_app_ready_start
@after_app_shutdown_clean
 def push_system_user_period():
-    from ops.utils import update_or_create_ansible_task
+    for system_user in SystemUser.objects.all():
-    clusters = Cluster.objects.all()
+        push_system_user_related_nodes(system_user)
    for cluster in clusters:
        tasks = []
        system_users = [system_user for system_user in cluster.systemuser_set.all() if system_user.auto_push]
        if not system_users:
            return
        for system_user in system_users:
            tasks.extend(get_push_system_user_tasks(system_user))
        task_name = _("Push cluster system users to assets period: {}").format(
            cluster.name
        )
        hosts = [asset.hostname for asset in cluster.assets.all()]
        update_or_create_ansible_task(
            task_name=task_name, hosts=hosts, tasks=tasks, pattern='all',
            options=const.TASK_OPTIONS, run_as_admin=True, created_by='System',
            interval=60*60*24, is_periodic=True,
        )
--- a/apps/assets/templates/assets/_system_user.html
+++ b/apps/assets/templates/assets/_system_user.html
@ -39,7 +39,6 @@
                            {% bootstrap_field form.username layout="horizontal" %}
                            {% bootstrap_field form.priority layout="horizontal" %}
                            {% bootstrap_field form.protocol layout="horizontal" %}
                            {% bootstrap_field form.cluster layout="horizontal" %}
                            {% block auth %}
                            <h3>{% trans 'Auth' %}</h3>
--- a/apps/assets/templates/assets/admin_user_assets.html
+++ b/apps/assets/templates/assets/admin_user_assets.html
@ -59,7 +59,6 @@
                                                <th>{% trans 'Hostname' %}</th>
                                                <th>{% trans 'IP' %}</th>
                                                <th>{% trans 'Port' %}</th>
                                                <th>{% trans 'Type' %}</th>
                                                <th>{% trans 'Reachable' %}</th>
                                            </tr>
                                        </thead>
@ -109,7 +108,7 @@ function initTable() {
 				var detail_btn = '<a href="{% url "assets:asset-detail" pk=DEFAULT_PK %}" data-aid="'+rowData.id+'">' + cellData + '</a>';
 				$(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
 			}},
-			{targets: 5, createdCell: function (td, cellData) {
+			{targets: 4, createdCell: function (td, cellData) {
 				if (!cellData) {
 					$(td).html('<i class="fa fa-times text-danger"></i>')
 				} else {
@ -117,8 +116,9 @@ function initTable() {
 				}
 			}}],
 		ajax_url: '{% url "api-assets:asset-list" %}?admin_user_id={{ admin_user.id }}',
-		columns: [{data: function(){return ""}}, {data: "hostname" }, {data: "ip" }, {data: "port" },
+		columns: [
-			{data: "type" }, {data: "is_connective" }],
+		    {data: function(){return ""}}, {data: "hostname" }, {data: "ip" },
            {data: "port" },  {data: "is_connective" }],
 		op_html: $('#actions').html()
 	};
 	jumpserver.initServerSideDataTable(options);
--- a/apps/assets/templates/assets/asset_detail.html
+++ b/apps/assets/templates/assets/asset_detail.html
@ -71,11 +71,7 @@
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Admin user' %}:</td>
-                                            {% if asset.admin_user_avail %}
+                                            <td><b>{{ asset.admin_user }}</b></td>
                                            <td><b>{{ asset.admin_user_avail.name }}</b></td>
                                            {% else %}
                                            <td></td>
                                            {% endif %}
                                        </tr>
                                        <tr>
                                            <td>{% trans 'Cluster' %}:</td>
--- a/apps/assets/utils.py
+++ b/apps/assets/utils.py
@ -23,17 +23,6 @@ def get_system_user_by_name(name):
    return system_user
 def check_assets_have_system_user(assets, system_users):
    errors = defaultdict(list)
    for system_user in system_users:
        clusters = system_user.cluster.all()
        for asset in assets:
            if asset.cluster not in clusters:
                errors[asset].append(system_user)
    return errors
 class LabelFilter:
    def filter_queryset(self, queryset):
        queryset = super().filter_queryset(queryset)
@ -53,3 +42,7 @@ class LabelFilter:
            for kwargs in conditions:
                queryset = queryset.filter(**kwargs)
        return queryset
--- a/apps/assets/views/admin_user.py
+++ b/apps/assets/views/admin_user.py
@ -74,11 +74,9 @@ class AdminUserDetailView(AdminUserRequiredMixin, DetailView):
    object = None
    def get_context_data(self, **kwargs):
        cluster_remain = Cluster.objects.exclude(admin_user=self.object)
        context = {
            'app': _('Assets'),
            'action': _('Admin user detail'),
            'cluster_remain': cluster_remain,
        }
        kwargs.update(context)
        return super().get_context_data(**kwargs)
@ -95,11 +93,8 @@ class AdminUserAssetsView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
        return super().get(request, *args, **kwargs)
    def get_queryset(self):
-        queryset = []
+        self.queryset = self.object.asset_set.all()
-        for cluster in self.object.cluster_set.all():
+        return self.queryset
            queryset.extend([asset for asset in cluster.assets.all() if not asset.admin_user])
        self.queryset = queryset
        return queryset
    def get_context_data(self, **kwargs):
        context = {
--- a/apps/assets/views/system_user.py
+++ b/apps/assets/views/system_user.py
@ -70,11 +70,9 @@ class SystemUserDetailView(AdminUserRequiredMixin, DetailView):
    model = SystemUser
    def get_context_data(self, **kwargs):
        cluster_remain = Cluster.objects.exclude(systemuser=self.object)
        context = {
            'app': _('Assets'),
            'action': _('System user detail'),
            'cluster_remain': cluster_remain,
        }
        kwargs.update(context)
        return super().get_context_data(**kwargs)
--- a/apps/perms/apps.py
+++ b/apps/perms/apps.py
@ -5,3 +5,7 @@ from django.apps import AppConfig
 class PermsConfig(AppConfig):
    name = 'perms'
    def ready(self):
        from . import signals_handler
        return super().ready()
--- a/apps/perms/signals_handler.py
+++ b/apps/perms/signals_handler.py
@ -0,0 +1,18 @@
 # -*- coding: utf-8 -*-
 #
 from django.db.models.signals import post_save, post_delete
 from django.dispatch import receiver
 from common.utils import get_logger
 from .models import NodePermission
 logger = get_logger(__file__)
@receiver(post_save, sender=NodePermission, dispatch_uid="my_unique_identifier")
 def on_asset_permission_create_or_update(sender, instance=None, **kwargs):
    if instance and instance.node and instance.system_user:
        instance.system_user.nodes.add(instance.node)
--- a/apps/perms/tasks.py
+++ b/apps/perms/tasks.py
@ -7,7 +7,4 @@ from common.utils import get_logger, encrypt_password
 logger = get_logger(__file__)
@shared_task(bind=True)
 def push_users(self, assets, users):
    pass
--- a/apps/perms/utils.py
+++ b/apps/perms/utils.py
@ -3,11 +3,11 @@
 from __future__ import absolute_import, unicode_literals
 import collections
 from django.utils import timezone
 from django.utils.translation import ugettext as _
 import copy
 from common.utils import setattr_bulk, get_logger
-import copy
+from .models import NodePermission
 from .tasks import push_users
 from .hands import AssetGroup
 logger = get_logger(__file__)
@ -111,173 +111,3 @@ class NodePermissionUtil:
            assets.update(perm.node.get_all_assets())
        return assets
 # def get_user_group_granted_asset_groups(user_group):
 #     """Return asset groups granted of the user group
 #
 #     :param user_group: Instance of :class: ``UserGroup``
 #     :return: {asset_group1: {system_user1, },
 #               asset_group2: {system_user1, system_user2}}
 #     """
 #     asset_groups = {}
 #     asset_permissions = user_group.asset_permissions.all()
 #
 #     for asset_permission in asset_permissions:
 #         if not asset_permission.is_valid:
 #             continue
 #         for asset_group in asset_permission.asset_groups.all():
 #             if asset_group in asset_groups:
 #                 asset_groups[asset_group] |= set(asset_permission.system_users.all())
 #             else:
 #                 asset_groups[asset_group] = set(asset_permission.system_users.all())
 #     return asset_groups
 #
 #
 # def get_user_group_granted_assets(user_group):
 #     """Return assets granted of the user group
 #
 #     :param user_group: Instance of :class: ``UserGroup``
 #     :return: {asset1: {system_user1, }, asset1: {system_user1, system_user2]}
 #     """
 #     assets = {}
 #     asset_permissions = user_group.asset_permissions.all()
 #
 #     for asset_permission in asset_permissions:
 #         if not asset_permission.is_valid:
 #             continue
 #         for asset in asset_permission.get_granted_assets():
 #             if not asset.is_active:
 #                 continue
 #             if asset in assets:
 #                 assets[asset] |= set(asset_permission.system_users.all())
 #             else:
 #                 assets[asset] = set(asset_permission.system_users.all())
 #     return assets
 #
 #
 # def get_user_granted_assets_direct(user):
 #     """Return assets granted of the user directly
 #
 #      :param user: Instance of :class: ``User``
 #      :return: {asset1: {system_user1, system_user2}, asset2: {...}}
 #     """
 #     assets = {}
 #     asset_permissions_direct = user.asset_permissions.all()
 #
 #     for asset_permission in asset_permissions_direct:
 #         if not asset_permission.is_valid:
 #             continue
 #         for asset in asset_permission.get_granted_assets():
 #             if not asset.is_active:
 #                 continue
 #             if asset in assets:
 #                 assets[asset] |= set(asset_permission.system_users.all())
 #             else:
 #                 setattr(asset, 'inherited', False)
 #                 assets[asset] = set(asset_permission.system_users.all())
 #     return assets
 #
 #
 # def get_user_granted_assets_inherit_from_user_groups(user):
 #     """Return assets granted of the user inherit from user groups
 #
 #     :param user: Instance of :class: ``User``
 #     :return: {asset1: {system_user1, system_user2}, asset2: {...}}
 #     """
 #     assets = {}
 #     user_groups = user.groups.all()
 #
 #     for user_group in user_groups:
 #         assets_inherited = get_user_group_granted_assets(user_group)
 #         for asset in assets_inherited:
 #             if not asset.is_active:
 #                 continue
 #             if asset in assets:
 #                 assets[asset] |= assets_inherited[asset]
 #             else:
 #                 setattr(asset, 'inherited', True)
 #                 assets[asset] = assets_inherited[asset]
 #     return assets
 #
 #
 # def get_user_granted_assets(user):
 #     """Return assets granted of the user inherit from user groups
 #
 #     :param user: Instance of :class: ``User``
 #     :return: {asset1: {system_user1, system_user2}, asset2: {...}}
 #     """
 #     assets_direct = get_user_granted_assets_direct(user)
 #     assets_inherited = get_user_granted_assets_inherit_from_user_groups(user)
 #     assets = assets_inherited
 #
 #     for asset in assets_direct:
 #         if not asset.is_active:
 #             continue
 #         if asset in assets:
 #             assets[asset] |= assets_direct[asset]
 #         else:
 #             assets[asset] = assets_direct[asset]
 #     return assets
 #
 #
 # def get_user_granted_asset_groups(user):
 #     """Return asset groups with assets and system users, it's not the asset
 #     group direct permed in rules. We get all asset and then get it asset group
 #
 #     :param user: Instance of :class: ``User``
 #     :return: {asset_group1: [asset1, asset2], asset_group2: []}
 #     """
 #     asset_groups = collections.defaultdict(list)
 #     ungroups = [AssetGroup(name="UnGrouped")]
 #     for asset, system_users in get_user_granted_assets(user).items():
 #         groups = asset.groups.all()
 #         if not groups:
 #             groups = ungroups
 #         for asset_group in groups:
 #             asset_groups[asset_group].append((asset, system_users))
 #     return asset_groups
 #
 #
 # def get_user_group_asset_permissions(user_group):
 #     permissions = user_group.asset_permissions.all()
 #     return permissions
 #
 #
 # def get_user_asset_permissions(user):
 #     user_group_permissions = set()
 #     direct_permissions = set(setattr_bulk(user.asset_permissions.all(), 'inherited', 0))
 #
 #     for user_group in user.groups.all():
 #         permissions = get_user_group_asset_permissions(user_group)
 #         user_group_permissions |= set(permissions)
 #     user_group_permissions = set(setattr_bulk(user_group_permissions, 'inherited', 1))
 #     return direct_permissions | user_group_permissions
 #
 #
 # def get_user_granted_system_users(user):
 #     """
 #     :param user: the user
 #     :return: {"system_user": ["asset", "asset1"], "system_user": []}
 #     """
 #     assets = get_user_granted_assets(user)
 #     system_users_dict = {}
 #     for asset, system_users in assets.items():
 #         for system_user in system_users:
 #             if system_user in system_users_dict:
 #                 system_users_dict[system_user].append(asset)
 #             else:
 #                 system_users_dict[system_user] = [asset]
 #     return system_users_dict
 def push_system_user(assets, system_user):
    logger.info('Push system user %s' % system_user.name)
    for asset in assets:
        logger.info('\tAsset: %s' % asset.ip)
    if not assets:
        return None
    assets = [asset._to_secret_json() for asset in assets]
    system_user = system_user._to_secret_json()
    task = push_users.delay(assets, system_user)
    return task.id
--- a/apps/users/templates/users/login.html
+++ b/apps/users/templates/users/login.html
@ -75,7 +75,7 @@
        <hr/>
        <div class="row">
            <div class="col-md-6">
-                Copyright Jumpserver.org
+                Copyright 北京堆栈科技有限公司
            </div>
            <div class="col-md-6 text-right">
               <small>© 2014-2018</small>