feat: 命令过滤器支持关联节点; 添加端点规则迁移文件

apps/assets/api/system_user.py

@@ -208,7 +208,8 @@ class SystemUserTaskApi(generics.CreateAPIView):
 
 class SystemUserCommandFilterRuleListApi(generics.ListAPIView):
     rbac_perms = {
-        'list': 'assets.view_commandfilterule'
+        'list': 'assets.view_commandfilterule',
+        'GET': 'assets.view_commandfilterule',
     }
 
     def get_serializer_class(self):
@@ -223,12 +224,14 @@ class SystemUserCommandFilterRuleListApi(generics.ListAPIView):
         if not system_user:
             system_user_id = self.request.query_params.get('system_user_id')
         asset_id = self.request.query_params.get('asset_id')
+        node_id = self.request.query_params.get('node_id')
         application_id = self.request.query_params.get('application_id')
         rules = CommandFilterRule.get_queryset(
             user_id=user_id,
             user_group_id=user_group_id,
             system_user_id=system_user_id,
             asset_id=asset_id,
+            node_id=node_id,
             application_id=application_id
         )
         return rules

apps/assets/migrations/0092_commandfilter_nodes.py

@@ -0,0 +1,18 @@
+# Generated by Django 3.2.15 on 2022-10-09 09:55
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0091_auto_20220629_1826'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='commandfilter',
+            name='nodes',
+            field=models.ManyToManyField(blank=True, related_name='cmd_filters', to='assets.Node', verbose_name='Nodes'),
+        ),
+    ]

apps/assets/models/asset.py

@@ -116,7 +116,7 @@ class NodesRelationMixin:
         nodes = []
         for node in self.get_nodes():
             _nodes = node.get_ancestors(with_self=True)
-            nodes.append(_nodes)
+            nodes.extend(list(_nodes))
         if flat:
             nodes = list(reduce(lambda x, y: set(x) | set(y), nodes))
         return nodes

apps/assets/models/cmd_filter.py

@@ -10,7 +10,7 @@ from django.utils.translation import ugettext_lazy as _
 
 from users.models import User, UserGroup
 from applications.models import Application
-from ..models import SystemUser, Asset
+from ..models import SystemUser, Asset, Node
 
 from common.utils import lazyproperty, get_logger, get_object_or_none
 from orgs.mixins.models import OrgModelMixin
@@ -33,6 +33,10 @@ class CommandFilter(OrgModelMixin):
         'users.UserGroup', related_name='cmd_filters', blank=True,
         verbose_name=_("User group"),
     )
+    nodes = models.ManyToManyField(
+        'assets.Node', related_name='cmd_filters', blank=True,
+        verbose_name=_("Nodes")
+    )
     assets = models.ManyToManyField(
         'assets.Asset', related_name='cmd_filters', blank=True,
         verbose_name=_("Asset")
@@ -189,7 +193,8 @@ class CommandFilterRule(OrgModelMixin):
 
     @classmethod
     def get_queryset(cls, user_id=None, user_group_id=None, system_user_id=None,
-                     asset_id=None, application_id=None, org_id=None):
+                     asset_id=None, node_id=None, application_id=None, org_id=None):
+        # user & user_group
         user_groups = []
         user = get_object_or_none(User, pk=user_id)
         if user:
@@ -198,8 +203,18 @@ class CommandFilterRule(OrgModelMixin):
         if user_group:
             org_id = user_group.org_id
             user_groups.append(user_group)
-        system_user = get_object_or_none(SystemUser, pk=system_user_id)
+
+        # asset & node
+        nodes = []
         asset = get_object_or_none(Asset, pk=asset_id)
+        if asset:
+            nodes.extend(asset.get_all_nodes())
+        node = get_object_or_none(Node, pk=node_id)
+        if node:
+            org_id = node.org_id
+            nodes.append(node)
+
+        system_user = get_object_or_none(SystemUser, pk=system_user_id)
         application = get_object_or_none(Application, pk=application_id)
         q = Q()
         if user:
@@ -212,6 +227,8 @@ class CommandFilterRule(OrgModelMixin):
         if asset:
             org_id = asset.org_id
             q |= Q(assets=asset)
+        if nodes:
+            q |= Q(nodes__in=set(nodes))
         if application:
             org_id = application.org_id
             q |= Q(applications=application)

apps/assets/serializers/cmd_filter.py

@@ -21,7 +21,7 @@ class CommandFilterSerializer(BulkOrgResourceModelSerializer):
             'comment', 'created_by',
         ]
         fields_fk = ['rules']
-        fields_m2m = ['users', 'user_groups', 'system_users', 'assets', 'applications']
+        fields_m2m = ['users', 'user_groups', 'system_users', 'nodes', 'assets', 'applications']
         fields = fields_small + fields_fk + fields_m2m
         extra_kwargs = {
             'rules': {'read_only': True},

apps/terminal/migrations/0053_auto_20221009_1755.py

@@ -0,0 +1,37 @@
+# Generated by Django 3.2.15 on 2022-10-09 09:55
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('terminal', '0052_auto_20220713_1417'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='mariadb_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='mysql_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='oracle_11g_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='oracle_12c_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='postgresql_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='redis_port',
+        ),
+    ]