github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: 修复设置未分组节点显示单独授权资产的配置时,用户授权树没有变化的问题

pull/6845/head
Michael Bai 2021-09-14 14:36:36 +08:00 committed by Jiangjie.Bai
parent fafc2791ab
commit e6e2a35745
2 changed files with 34 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
apps/perms/utils/asset/user_permission.py
View File

@ -54,13 +54,24 @@ def get_user_all_asset_perm_ids(user) -> set:
class UserGrantedTreeRefreshController: class UserGrantedTreeRefreshController:
key_template = 'perms.user.node_tree.builded_orgs.user_id:{user_id}' key_template = 'perms.user.node_tree.built_orgs.user_id:{user_id}'
def __init__(self, user): def __init__(self, user):
self.user = user self.user = user
self.key = self.key_template.format(user_id=user.id) self.key = self.key_template.format(user_id=user.id)
self.client = self.get_redis_client() self.client = self.get_redis_client()
@classmethod
def clean_all_user_tree_built_mark(cls):
""" 清除所有用户已构建树的标记 """
client = cls.get_redis_client()
key_match = cls.key_template.format(user_id='*')
keys = client.keys(key_match)
with client.pipeline() as p:
for key in keys:
p.delete(key)
p.execute()
@classmethod @classmethod
def get_redis_client(cls): def get_redis_client(cls):
return cache.client.get_client(write=True) return cache.client.get_client(write=True)
@ -69,13 +80,13 @@ class UserGrantedTreeRefreshController:
org_ids = self.client.smembers(self.key) org_ids = self.client.smembers(self.key)
return {org_id.decode() for org_id in org_ids} return {org_id.decode() for org_id in org_ids}
def set_all_orgs_as_builed(self): def set_all_orgs_as_built(self):
self.client.sadd(self.key, *self.org_ids) self.client.sadd(self.key, *self.org_ids)
def have_need_refresh_orgs(self): def have_need_refresh_orgs(self):
builded_org_ids = self.client.smembers(self.key) built_org_ids = self.client.smembers(self.key)
builded_org_ids = {org_id.decode() for org_id in builded_org_ids} built_org_ids = {org_id.decode() for org_id in built_org_ids}
have = self.org_ids - builded_org_ids have = self.org_ids - built_org_ids
return have return have
def get_need_refresh_orgs_and_fill_up(self): def get_need_refresh_orgs_and_fill_up(self):
@ -85,15 +96,18 @@ class UserGrantedTreeRefreshController:
p.smembers(self.key) p.smembers(self.key)
p.sadd(self.key, *org_ids) p.sadd(self.key, *org_ids)
ret = p.execute() ret = p.execute()
builded_org_ids = {org_id.decode() for org_id in ret[0]} built_org_ids = {org_id.decode() for org_id in ret[0]}
ids = org_ids - builded_org_ids ids = org_ids - built_org_ids
orgs = {*Organization.objects.filter(id__in=ids)} orgs = {*Organization.objects.filter(id__in=ids)}
logger.info(f'Need rebuild orgs are {orgs}, builed orgs are {ret[0]}, all orgs are {org_ids}') logger.info(
f'Need rebuild orgs are {orgs}, built orgs are {ret[0]}, '
f'all orgs are {org_ids}'
)
return orgs return orgs
@classmethod @classmethod
@on_transaction_commit @on_transaction_commit
def remove_builed_orgs_from_users(cls, org_ids, user_ids): def remove_built_orgs_from_users(cls, org_ids, user_ids):
client = cls.get_redis_client() client = cls.get_redis_client()
org_ids = [str(org_id) for org_id in org_ids] org_ids = [str(org_id) for org_id in org_ids]
@ -102,11 +116,12 @@ class UserGrantedTreeRefreshController:
key = cls.key_template.format(user_id=user_id) key = cls.key_template.format(user_id=user_id)
p.srem(key, *org_ids) p.srem(key, *org_ids)
p.execute() p.execute()
logger.info(f'Remove orgs from users builded tree: users:{user_ids} orgs:{org_ids}') logger.info(f'Remove orgs from users built tree: users:{user_ids} '
f'orgs:{org_ids}')
@classmethod @classmethod
def add_need_refresh_orgs_for_users(cls, org_ids, user_ids): def add_need_refresh_orgs_for_users(cls, org_ids, user_ids):
cls.remove_builed_orgs_from_users(org_ids, user_ids) cls.remove_built_orgs_from_users(org_ids, user_ids)
@classmethod @classmethod
@ensure_in_real_or_default_org @ensure_in_real_or_default_org
@ -168,7 +183,7 @@ class UserGrantedTreeRefreshController:
).values_list('user_id', flat=True) ).values_list('user_id', flat=True)
user_ids.update(group_user_ids) user_ids.update(group_user_ids)
cls.remove_builed_orgs_from_users( cls.remove_built_orgs_from_users(
[current_org.id], user_ids [current_org.id], user_ids
) )
@ -193,7 +208,7 @@ class UserGrantedTreeRefreshController:
with UserGrantedTreeRebuildLock(user_id=user.id): with UserGrantedTreeRebuildLock(user_id=user.id):
if force: if force:
orgs = self.orgs orgs = self.orgs
self.set_all_orgs_as_builed() self.set_all_orgs_as_built()
else: else:
orgs = self.get_need_refresh_orgs_and_fill_up() orgs = self.get_need_refresh_orgs_and_fill_up()

6
apps/settings/signals_handler.py
View File

@ -36,6 +36,12 @@ def refresh_settings_on_changed(sender, instance=None, **kwargs):
if instance: if instance:
setting_pub_sub.publish(instance.name) setting_pub_sub.publish(instance.name)
if instance.name == 'PERM_SINGLE_ASSET_TO_UNGROUP_NODE':
# 清除所有用户授权树已构建的标记,下次访问重新生成
logger.debug('Clean ALL User perm tree built mark')
from perms.utils.asset import UserGrantedTreeRefreshController
UserGrantedTreeRefreshController.clean_all_user_tree_built_mark()
@receiver(django_ready) @receiver(django_ready)
def on_django_ready_add_db_config(sender, **kwargs): def on_django_ready_add_db_config(sender, **kwargs):