From df31f47c689470eb26c616f87a6efffba0777a77 Mon Sep 17 00:00:00 2001
From: "Jiangjie.Bai" <bugatti_it@163.com>
Date: Sun, 9 Oct 2022 18:59:39 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20=E5=91=BD=E4=BB=A4=E8=BF=87=E6=BB=A4?=
 =?UTF-8?q?=E5=99=A8=E6=94=AF=E6=8C=81=E5=85=B3=E8=81=94=E8=8A=82=E7=82=B9?=
 =?UTF-8?q?;=20=E6=B7=BB=E5=8A=A0=E7=AB=AF=E7=82=B9=E8=A7=84=E5=88=99?=
 =?UTF-8?q?=E8=BF=81=E7=A7=BB=E6=96=87=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/assets/api/system_user.py                |  5 ++-
 .../migrations/0092_commandfilter_nodes.py    | 18 +++++++++
 apps/assets/models/asset.py                   |  2 +-
 apps/assets/models/cmd_filter.py              | 23 ++++++++++--
 apps/assets/serializers/cmd_filter.py         |  2 +-
 .../migrations/0053_auto_20221009_1755.py     | 37 +++++++++++++++++++
 6 files changed, 81 insertions(+), 6 deletions(-)
 create mode 100644 apps/assets/migrations/0092_commandfilter_nodes.py
 create mode 100644 apps/terminal/migrations/0053_auto_20221009_1755.py

diff --git a/apps/assets/api/system_user.py b/apps/assets/api/system_user.py
index f95303a5e..64457db75 100644
--- a/apps/assets/api/system_user.py
+++ b/apps/assets/api/system_user.py
@@ -208,7 +208,8 @@ class SystemUserTaskApi(generics.CreateAPIView):
 
 class SystemUserCommandFilterRuleListApi(generics.ListAPIView):
     rbac_perms = {
-        'list': 'assets.view_commandfilterule'
+        'list': 'assets.view_commandfilterule',
+        'GET': 'assets.view_commandfilterule',
     }
 
     def get_serializer_class(self):
@@ -223,12 +224,14 @@ class SystemUserCommandFilterRuleListApi(generics.ListAPIView):
         if not system_user:
             system_user_id = self.request.query_params.get('system_user_id')
         asset_id = self.request.query_params.get('asset_id')
+        node_id = self.request.query_params.get('node_id')
         application_id = self.request.query_params.get('application_id')
         rules = CommandFilterRule.get_queryset(
             user_id=user_id,
             user_group_id=user_group_id,
             system_user_id=system_user_id,
             asset_id=asset_id,
+            node_id=node_id,
             application_id=application_id
         )
         return rules
diff --git a/apps/assets/migrations/0092_commandfilter_nodes.py b/apps/assets/migrations/0092_commandfilter_nodes.py
new file mode 100644
index 000000000..b3c1916e3
--- /dev/null
+++ b/apps/assets/migrations/0092_commandfilter_nodes.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.15 on 2022-10-09 09:55
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('assets', '0091_auto_20220629_1826'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='commandfilter',
+            name='nodes',
+            field=models.ManyToManyField(blank=True, related_name='cmd_filters', to='assets.Node', verbose_name='Nodes'),
+        ),
+    ]
diff --git a/apps/assets/models/asset.py b/apps/assets/models/asset.py
index 7dde0862f..95ba28d21 100644
--- a/apps/assets/models/asset.py
+++ b/apps/assets/models/asset.py
@@ -116,7 +116,7 @@ class NodesRelationMixin:
         nodes = []
         for node in self.get_nodes():
             _nodes = node.get_ancestors(with_self=True)
-            nodes.append(_nodes)
+            nodes.extend(list(_nodes))
         if flat:
             nodes = list(reduce(lambda x, y: set(x) | set(y), nodes))
         return nodes
diff --git a/apps/assets/models/cmd_filter.py b/apps/assets/models/cmd_filter.py
index c7fa33aae..2daf308a3 100644
--- a/apps/assets/models/cmd_filter.py
+++ b/apps/assets/models/cmd_filter.py
@@ -10,7 +10,7 @@ from django.utils.translation import ugettext_lazy as _
 
 from users.models import User, UserGroup
 from applications.models import Application
-from ..models import SystemUser, Asset
+from ..models import SystemUser, Asset, Node
 
 from common.utils import lazyproperty, get_logger, get_object_or_none
 from orgs.mixins.models import OrgModelMixin
@@ -33,6 +33,10 @@ class CommandFilter(OrgModelMixin):
         'users.UserGroup', related_name='cmd_filters', blank=True,
         verbose_name=_("User group"),
     )
+    nodes = models.ManyToManyField(
+        'assets.Node', related_name='cmd_filters', blank=True,
+        verbose_name=_("Nodes")
+    )
     assets = models.ManyToManyField(
         'assets.Asset', related_name='cmd_filters', blank=True,
         verbose_name=_("Asset")
@@ -189,7 +193,8 @@ class CommandFilterRule(OrgModelMixin):
 
     @classmethod
     def get_queryset(cls, user_id=None, user_group_id=None, system_user_id=None,
-                     asset_id=None, application_id=None, org_id=None):
+                     asset_id=None, node_id=None, application_id=None, org_id=None):
+        # user & user_group
         user_groups = []
         user = get_object_or_none(User, pk=user_id)
         if user:
@@ -198,8 +203,18 @@ class CommandFilterRule(OrgModelMixin):
         if user_group:
             org_id = user_group.org_id
             user_groups.append(user_group)
-        system_user = get_object_or_none(SystemUser, pk=system_user_id)
+
+        # asset & node
+        nodes = []
         asset = get_object_or_none(Asset, pk=asset_id)
+        if asset:
+            nodes.extend(asset.get_all_nodes())
+        node = get_object_or_none(Node, pk=node_id)
+        if node:
+            org_id = node.org_id
+            nodes.append(node)
+
+        system_user = get_object_or_none(SystemUser, pk=system_user_id)
         application = get_object_or_none(Application, pk=application_id)
         q = Q()
         if user:
@@ -212,6 +227,8 @@ class CommandFilterRule(OrgModelMixin):
         if asset:
             org_id = asset.org_id
             q |= Q(assets=asset)
+        if nodes:
+            q |= Q(nodes__in=set(nodes))
         if application:
             org_id = application.org_id
             q |= Q(applications=application)
diff --git a/apps/assets/serializers/cmd_filter.py b/apps/assets/serializers/cmd_filter.py
index 9a33dd6fa..9bd5d38cc 100644
--- a/apps/assets/serializers/cmd_filter.py
+++ b/apps/assets/serializers/cmd_filter.py
@@ -21,7 +21,7 @@ class CommandFilterSerializer(BulkOrgResourceModelSerializer):
             'comment', 'created_by',
         ]
         fields_fk = ['rules']
-        fields_m2m = ['users', 'user_groups', 'system_users', 'assets', 'applications']
+        fields_m2m = ['users', 'user_groups', 'system_users', 'nodes', 'assets', 'applications']
         fields = fields_small + fields_fk + fields_m2m
         extra_kwargs = {
             'rules': {'read_only': True},
diff --git a/apps/terminal/migrations/0053_auto_20221009_1755.py b/apps/terminal/migrations/0053_auto_20221009_1755.py
new file mode 100644
index 000000000..0a6e30993
--- /dev/null
+++ b/apps/terminal/migrations/0053_auto_20221009_1755.py
@@ -0,0 +1,37 @@
+# Generated by Django 3.2.15 on 2022-10-09 09:55
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('terminal', '0052_auto_20220713_1417'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='mariadb_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='mysql_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='oracle_11g_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='oracle_12c_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='postgresql_port',
+        ),
+        migrations.RemoveField(
+            model_name='endpoint',
+            name='redis_port',
+        ),
+    ]