From da9136f7af8237611f23f5164c2a149ecc5000c1 Mon Sep 17 00:00:00 2001 From: ibuler Date: Wed, 16 Mar 2022 17:50:07 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BF=AE=E6=94=B9=20org=20role?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/orgs/models.py | 84 ++++++++++++++++++++++++++++----------------- 1 file changed, 53 insertions(+), 31 deletions(-) diff --git a/apps/orgs/models.py b/apps/orgs/models.py index a7ae90e9f..057c73ecf 100644 --- a/apps/orgs/models.py +++ b/apps/orgs/models.py @@ -7,7 +7,59 @@ from common.utils import lazyproperty, settings from common.tree import TreeNode -class Organization(models.Model): +class OrgRoleMixin: + members: models.Manager + + def get_members(self): + return self.members.all().distinct() + + def add_member(self, user, role=None): + from rbac.builtin import BuiltinRole + from .utils import tmp_to_org + role_id = BuiltinRole.org_user.id + if role: + role_id = role.id + with tmp_to_org(self): + defaults = { + 'user': user, 'role_id': role_id, + 'org_id': self.id, 'scope': 'org' + } + self.members.through.objects.update_or_create(**defaults, defaults=defaults) + + def get_origin_role_members(self, role_name): + from rbac.models import OrgRoleBinding + from users.models import User + from rbac.builtin import BuiltinRole + from .utils import tmp_to_org + + role_mapper = { + 'user': BuiltinRole.org_user, + 'auditor': BuiltinRole.org_auditor, + 'admin': BuiltinRole.org_admin + } + role = role_mapper.get(role_name) + with tmp_to_org(self): + org_admins = OrgRoleBinding.get_role_users(role) + return org_admins + + @property + def admins(self): + from users.models import User + admins = self.get_origin_role_members('admin') + if not admins: + admins = User.objects.filter(username='admin') + return admins + + @property + def auditors(self): + return self.get_origin_role_members('auditor') + + @property + def users(self): + return self.get_origin_role_members('user') + + +class Organization(OrgRoleMixin, models.Model): id = models.UUIDField(default=uuid.uuid4, primary_key=True) name = models.CharField(max_length=128, unique=True, verbose_name=_("Name")) created_by = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Created by')) @@ -101,22 +153,6 @@ class Organization(models.Model): from .caches import OrgResourceStatisticsCache return OrgResourceStatisticsCache(self) - def get_members(self): - return self.members.all().distinct() - - def add_member(self, user, role=None): - from rbac.builtin import BuiltinRole - from .utils import tmp_to_org - role_id = BuiltinRole.org_user.id - if role: - role_id = role.id - with tmp_to_org(self): - defaults = { - 'user': user, 'role_id': role_id, - 'org_id': self.id, 'scope': 'org' - } - self.members.through.objects.update_or_create(**defaults, defaults=defaults) - def get_total_resources_amount(self): from django.apps import apps from orgs.mixins.models import OrgModelMixin @@ -163,20 +199,6 @@ class Organization(models.Model): self.delete_related_models() return super().delete(*args, **kwargs) - @property - def admins(self): - from rbac.models import OrgRoleBinding - from users.models import User - from rbac.builtin import BuiltinRole - from .utils import tmp_to_org - - role_org_admin = BuiltinRole.org_admin.get_role() - with tmp_to_org(self): - org_admins = OrgRoleBinding.get_role_users(role_org_admin) - if not org_admins: - org_admins = User.objects.filter(username='admin') - return org_admins - class OrganizationMember(models.Model): """