diff --git a/apps/acls/api/login_asset_check.py b/apps/acls/api/login_asset_check.py index bb61a9043..0bdaef46a 100644 --- a/apps/acls/api/login_asset_check.py +++ b/apps/acls/api/login_asset_check.py @@ -43,7 +43,7 @@ class LoginAssetCheckAPI(CreateAPIView): queryset = queryset.filter(accounts__contains=account_username) with tmp_to_org(self.serializer.asset.org): - acl = queryset.order_by('priority').valid().first() + acl = queryset.valid().first() if acl: need_review = True diff --git a/apps/acls/migrations/0001_initial.py b/apps/acls/migrations/0001_initial.py index 83ebc4bf1..378f33de3 100644 --- a/apps/acls/migrations/0001_initial.py +++ b/apps/acls/migrations/0001_initial.py @@ -1,14 +1,14 @@ # Generated by Django 3.1 on 2021-03-11 09:53 -from django.conf import settings -import django.core.validators -from django.db import migrations, models -import django.db.models.deletion import uuid +import django.core.validators +import django.db.models.deletion +from django.conf import settings +from django.db import migrations, models + class Migration(migrations.Migration): - initial = True dependencies = [ @@ -24,37 +24,51 @@ class Migration(migrations.Migration): ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')), ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')), ('name', models.CharField(max_length=128, verbose_name='Name')), - ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first', validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(100)], verbose_name='Priority')), + ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first', + validators=[django.core.validators.MinValueValidator(1), + django.core.validators.MaxValueValidator(100)], + verbose_name='Priority')), ('is_active', models.BooleanField(default=True, verbose_name='Active')), ('comment', models.TextField(blank=True, default='', verbose_name='Comment')), ('ip_group', models.JSONField(default=list, verbose_name='Login IP')), - ('action', models.CharField(choices=[('reject', 'Reject'), ('allow', 'Allow')], default='reject', max_length=64, verbose_name='Action')), - ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='login_acls', to=settings.AUTH_USER_MODEL, verbose_name='User')), + ('action', + models.CharField(choices=[('reject', 'Reject'), ('allow', 'Allow')], default='reject', max_length=64, + verbose_name='Action')), + ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='login_acls', + to=settings.AUTH_USER_MODEL, verbose_name='User')), ], options={ - 'ordering': ('priority', '-date_updated', 'name'), + 'ordering': ('priority', 'name'), }, ), migrations.CreateModel( name='LoginAssetACL', fields=[ - ('org_id', models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization')), + ('org_id', + models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization')), ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)), ('created_by', models.CharField(blank=True, max_length=32, null=True, verbose_name='Created by')), ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')), ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')), ('name', models.CharField(max_length=128, verbose_name='Name')), - ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first', validators=[django.core.validators.MinValueValidator(1), django.core.validators.MaxValueValidator(100)], verbose_name='Priority')), + ('priority', models.IntegerField(default=50, help_text='1-100, the lower the value will be match first', + validators=[django.core.validators.MinValueValidator(1), + django.core.validators.MaxValueValidator(100)], + verbose_name='Priority')), ('is_active', models.BooleanField(default=True, verbose_name='Active')), ('comment', models.TextField(blank=True, default='', verbose_name='Comment')), ('users', models.JSONField(verbose_name='User')), ('system_users', models.JSONField(verbose_name='System User')), ('assets', models.JSONField(verbose_name='Asset')), - ('action', models.CharField(choices=[('login_confirm', 'Login confirm')], default='login_confirm', max_length=64, verbose_name='Action')), - ('reviewers', models.ManyToManyField(blank=True, related_name='review_login_asset_acls', to=settings.AUTH_USER_MODEL, verbose_name='Reviewers')), + ('action', + models.CharField(choices=[('login_confirm', 'Login confirm')], default='login_confirm', max_length=64, + verbose_name='Action')), + ('reviewers', + models.ManyToManyField(blank=True, related_name='review_login_asset_acls', to=settings.AUTH_USER_MODEL, + verbose_name='Reviewers')), ], options={ - 'ordering': ('priority', '-date_updated', 'name'), + 'ordering': ('priority', 'name'), 'unique_together': {('name', 'org_id')}, }, ), diff --git a/apps/acls/migrations/0002_auto_20210926_1047.py b/apps/acls/migrations/0002_auto_20210926_1047.py index 2429b7cea..a4af4bd69 100644 --- a/apps/acls/migrations/0002_auto_20210926_1047.py +++ b/apps/acls/migrations/0002_auto_20210926_1047.py @@ -2,7 +2,6 @@ import django from django.conf import settings from django.db import migrations, models, transaction -from acls.models import LoginACL LOGIN_CONFIRM_ZH = '登录复核' LOGIN_CONFIRM_EN = 'Login confirm' @@ -90,10 +89,10 @@ class Migration(migrations.Migration): ), migrations.AlterModelOptions( name='loginacl', - options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login acl'}, + options={'ordering': ('priority', 'name'), 'verbose_name': 'Login acl'}, ), migrations.AlterModelOptions( name='loginassetacl', - options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login asset acl'}, + options={'ordering': ('priority', 'name'), 'verbose_name': 'Login asset acl'}, ), ] diff --git a/apps/acls/migrations/0003_auto_20211130_1037.py b/apps/acls/migrations/0003_auto_20211130_1037.py index d4d3524be..cf32bca45 100644 --- a/apps/acls/migrations/0003_auto_20211130_1037.py +++ b/apps/acls/migrations/0003_auto_20211130_1037.py @@ -4,7 +4,6 @@ from django.db import migrations class Migration(migrations.Migration): - dependencies = [ ('acls', '0002_auto_20210926_1047'), ] @@ -12,10 +11,10 @@ class Migration(migrations.Migration): operations = [ migrations.AlterModelOptions( name='loginacl', - options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login acl'}, + options={'ordering': ('priority', 'name'), 'verbose_name': 'Login acl'}, ), migrations.AlterModelOptions( name='loginassetacl', - options={'ordering': ('priority', '-date_updated', 'name'), 'verbose_name': 'Login asset acl'}, + options={'ordering': ('priority', 'name'), 'verbose_name': 'Login asset acl'}, ), ] diff --git a/apps/acls/migrations/0006_commandfilteracl_commandgroup.py b/apps/acls/migrations/0006_commandfilteracl_commandgroup.py index cc91c998e..991efe556 100644 --- a/apps/acls/migrations/0006_commandfilteracl_commandgroup.py +++ b/apps/acls/migrations/0006_commandfilteracl_commandgroup.py @@ -63,7 +63,7 @@ class Migration(migrations.Migration): ], options={ 'verbose_name': 'Command acl', - 'ordering': ('priority', '-date_updated', 'name'), + 'ordering': ('priority', 'name'), 'unique_together': {('name', 'org_id')}, }, ), diff --git a/apps/acls/models/base.py b/apps/acls/models/base.py index 63b49bcf7..9bd46aa53 100644 --- a/apps/acls/models/base.py +++ b/apps/acls/models/base.py @@ -6,7 +6,7 @@ from common.db.fields import JSONManyToManyField from common.db.models import JMSBaseModel from common.utils import contains_ip from common.utils.time_period import contains_time_period -from orgs.mixins.models import OrgModelMixin +from orgs.mixins.models import OrgModelMixin, OrgManager __all__ = [ 'BaseACL', 'UserBaseACL', 'UserAssetAccountBaseACL', @@ -48,7 +48,7 @@ class BaseACL(JMSBaseModel): objects = BaseACLQuerySet.as_manager() class Meta: - ordering = ('priority', 'date_updated', 'name') + ordering = ('priority', 'name') abstract = True def is_action(self, action): @@ -97,6 +97,7 @@ class UserAssetAccountBaseACL(OrgModelMixin, UserBaseACL): name = models.CharField(max_length=128, verbose_name=_('Name')) assets = JSONManyToManyField('assets.Asset', default=dict, verbose_name=_('Assets')) accounts = models.JSONField(default=list, verbose_name=_("Accounts")) + objects = OrgManager.from_queryset(BaseACLQuerySet)() class Meta(UserBaseACL.Meta): unique_together = [('name', 'org_id')] @@ -125,4 +126,4 @@ class UserAssetAccountBaseACL(OrgModelMixin, UserBaseACL): kwargs['org_id'] = org_id if kwargs: queryset = queryset.filter(**kwargs) - return queryset.filter(is_active=True).distinct().order_by('priority', 'date_created') + return queryset.valid().distinct()