perf: 优化 acl 默认排序和manager

2023-06-12 13:59:54 +08:00 · 2023-06-12 13:59:54 +08:00 · dc35a8c52b
parent fc90ced2b0
commit dc35a8c52b
6 changed files with 38 additions and 25 deletions
--- a/apps/acls/api/login_asset_check.py
+++ b/apps/acls/api/login_asset_check.py
@ -43,7 +43,7 @@ class LoginAssetCheckAPI(CreateAPIView):
        queryset = queryset.filter(accounts__contains=account_username)

        with tmp_to_org(self.serializer.asset.org):
-            acl = queryset.order_by('priority').valid().first()
+            acl = queryset.valid().first()

        if acl:
            need_review = True
--- a/apps/acls/migrations/0001_initial.py
+++ b/apps/acls/migrations/0001_initial.py
@ -1,14 +1,14 @@
 # Generated by Django 3.1 on 2021-03-11 09:53

-from django.conf import settings
-import django.core.validators
-from django.db import migrations, models
-import django.db.models.deletion
 import uuid

+import django.core.validators
+import django.db.models.deletion
+from django.conf import settings
+from django.db import migrations, models
+

 class Migration(migrations.Migration):
-
    initial = True

    dependencies = [
@ -24,37 +24,51 @@ class Migration(migrations.Migration):
                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
                ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')),
                ('name', models.CharField(max_length=128, verbose_name='Name')),
-                ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first', validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(100)], verbose_name='Priority')),
+                ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first',
+                                                 validators=[django.core.validators.MinValueValidator(1),
+                                                             django.core.validators.MaxValueValidator(100)],
+                                                 verbose_name='Priority')),
                ('is_active', models.BooleanField(default=True, verbose_name='Active')),
                ('comment', models.TextField(blank=True, default='', verbose_name='Comment')),
                ('ip_group', models.JSONField(default=list, verbose_name='Login IP')),
-                ('action', models.CharField(choices=[('reject', 'Reject'), ('allow', 'Allow')], default='reject', max_length=64, verbose_name='Action')),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='login_acls', to=settings.AUTH_USER_MODEL, verbose_name='User')),
+                ('action',
+                 models.CharField(choices=[('reject', 'Reject'), ('allow', 'Allow')], default='reject', max_length=64,
+                                  verbose_name='Action')),
+                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='login_acls',
+                                           to=settings.AUTH_USER_MODEL, verbose_name='User')),
            ],
            options={
-                'ordering': ('priority', '-date_updated', 'name'),
+                'ordering': ('priority', 'name'),
            },
        ),
        migrations.CreateModel(
            name='LoginAssetACL',
            fields=[
-                ('org_id', models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization')),
+                ('org_id',
+                 models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization')),
                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
                ('created_by', models.CharField(blank=True, max_length=32, null=True, verbose_name='Created by')),
                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
                ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')),
                ('name', models.CharField(max_length=128, verbose_name='Name')),
-                ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first', validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(100)], verbose_name='Priority')),
+                ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first',
+                                                 validators=[django.core.validators.MinValueValidator(1),
+                                                             django.core.validators.MaxValueValidator(100)],
+                                                 verbose_name='Priority')),
                ('is_active', models.BooleanField(default=True, verbose_name='Active')),
                ('comment', models.TextField(blank=True, default='', verbose_name='Comment')),
                ('users', models.JSONField(verbose_name='User')),
                ('system_users', models.JSONField(verbose_name='System User')),
                ('assets', models.JSONField(verbose_name='Asset')),
-                ('action', models.CharField(choices=[('login_confirm', 'Login confirm')], default='login_confirm', max_length=64, verbose_name='Action')),
-                ('reviewers', models.ManyToManyField(blank=True, related_name='review_login_asset_acls', to=settings.AUTH_USER_MODEL, verbose_name='Reviewers')),
+                ('action',
+                 models.CharField(choices=[('login_confirm', 'Login confirm')], default='login_confirm', max_length=64,
+                                  verbose_name='Action')),
+                ('reviewers',
+                 models.ManyToManyField(blank=True, related_name='review_login_asset_acls', to=settings.AUTH_USER_MODEL,
+                                        verbose_name='Reviewers')),
            ],
            options={
-                'ordering': ('priority', '-date_updated', 'name'),
+                'ordering': ('priority', 'name'),
                'unique_together': {('name', 'org_id')},
            },
        ),
--- a/apps/acls/migrations/0002_auto_20210926_1047.py
+++ b/apps/acls/migrations/0002_auto_20210926_1047.py
@ -2,7 +2,6 @@
 import django
 from django.conf import settings
 from django.db import migrations, models, transaction
-from acls.models import LoginACL

 LOGIN_CONFIRM_ZH = '登录复核'
 LOGIN_CONFIRM_EN = 'Login confirm'
@ -90,10 +89,10 @@ class Migration(migrations.Migration):
        ),
        migrations.AlterModelOptions(
            name='loginacl',
-            options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login acl'},
+            options={'ordering': ('priority', 'name'), 'verbose_name': 'Login acl'},
        ),
        migrations.AlterModelOptions(
            name='loginassetacl',
-            options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login asset acl'},
+            options={'ordering': ('priority', 'name'), 'verbose_name': 'Login asset acl'},
        ),
    ]
--- a/apps/acls/migrations/0003_auto_20211130_1037.py
+++ b/apps/acls/migrations/0003_auto_20211130_1037.py
@ -4,7 +4,6 @@ from django.db import migrations


 class Migration(migrations.Migration):
-
    dependencies = [
        ('acls', '0002_auto_20210926_1047'),
    ]
@ -12,10 +11,10 @@ class Migration(migrations.Migration):
    operations = [
        migrations.AlterModelOptions(
            name='loginacl',
-            options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login acl'},
+            options={'ordering': ('priority', 'name'), 'verbose_name': 'Login acl'},
        ),
        migrations.AlterModelOptions(
            name='loginassetacl',
-            options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login asset acl'},
+            options={'ordering': ('priority', 'name'), 'verbose_name': 'Login asset acl'},
        ),
    ]
--- a/apps/acls/migrations/0006_commandfilteracl_commandgroup.py
+++ b/apps/acls/migrations/0006_commandfilteracl_commandgroup.py
@ -63,7 +63,7 @@ class Migration(migrations.Migration):
            ],
            options={
                'verbose_name': 'Command acl',
-                'ordering': ('priority', '-date_updated', 'name'),
+                'ordering': ('priority', 'name'),
                'unique_together': {('name', 'org_id')},
            },
        ),
--- a/apps/acls/models/base.py
+++ b/apps/acls/models/base.py
@ -6,7 +6,7 @@ from common.db.fields import JSONManyToManyField
 from common.db.models import JMSBaseModel
 from common.utils import contains_ip
 from common.utils.time_period import contains_time_period
-from orgs.mixins.models import OrgModelMixin
+from orgs.mixins.models import OrgModelMixin, OrgManager

 __all__ = [
    'BaseACL', 'UserBaseACL', 'UserAssetAccountBaseACL',
@ -48,7 +48,7 @@ class BaseACL(JMSBaseModel):
    objects = BaseACLQuerySet.as_manager()

    class Meta:
-        ordering = ('priority', 'date_updated', 'name')
+        ordering = ('priority', 'name')
        abstract = True

    def is_action(self, action):
@ -97,6 +97,7 @@ class UserAssetAccountBaseACL(OrgModelMixin, UserBaseACL):
    name = models.CharField(max_length=128, verbose_name=_('Name'))
    assets = JSONManyToManyField('assets.Asset', default=dict, verbose_name=_('Assets'))
    accounts = models.JSONField(default=list, verbose_name=_("Accounts"))
+    objects = OrgManager.from_queryset(BaseACLQuerySet)()

    class Meta(UserBaseACL.Meta):
        unique_together = [('name', 'org_id')]
@ -125,4 +126,4 @@ class UserAssetAccountBaseACL(OrgModelMixin, UserBaseACL):
            kwargs['org_id'] = org_id
        if kwargs:
            queryset = queryset.filter(**kwargs)
-        return queryset.filter(is_active=True).distinct().order_by('priority', 'date_created')
+        return queryset.valid().distinct()