[Update] 添加授权规则org (#1580)

* [Update] 修复创建授权规则，显示org_name不是有效UUID的bug

* [Update] 更新org之间隔离授权规则，解决QuerySet与Manager问题；修复创建用户，显示org_name不是有效UUID之bug；

apps/orgs/mixins.py

@@ -58,7 +58,7 @@ class OrgManager(models.Manager):
 
 
 class OrgModelMixin(models.Model):
-    org_id = models.CharField(max_length=36, null=True)
+    org_id = models.CharField(max_length=36, null=True, blank=True)
     objects = OrgManager()
 
     def save(self, *args, **kwargs):

apps/perms/forms.py

@@ -29,12 +29,13 @@ class AssetPermissionForm(OrgModelForm):
             return
         users_field = self.fields.get('users')
         if hasattr(users_field, 'queryset'):
-            users_field.queryset = User.objects.filter(orgs=current_org)
+            # users_field.queryset = User.objects.filter(orgs=current_org)
+            users_field.queryset = current_org.get_org_users().exclude(role=User.ROLE_APP)
 
     class Meta:
         model = AssetPermission
         exclude = (
-            'id', 'date_created', 'created_by'
+            'id', 'date_created', 'created_by', 'org_id'
         )
         widgets = {
             'users': forms.SelectMultiple(

apps/perms/models.py

@@ -6,6 +6,8 @@ from django.utils import timezone
 
 from common.utils import date_expired_default, set_or_append_attr_bulk
 
+from orgs.mixins import OrgModelMixin, OrgManager
+
 
 class AssetPermissionQuerySet(models.QuerySet):
     def active(self):
@@ -16,15 +18,12 @@ class AssetPermissionQuerySet(models.QuerySet):
             .filter(date_expired__gt=timezone.now())
 
 
-class AssetPermissionManager(models.Manager):
+class AssetPermissionManager(OrgManager):
-    def get_queryset(self):
-        return AssetPermissionQuerySet(self.model, using=self._db)
-
     def valid(self):
         return self.get_queryset().valid()
 
 
-class AssetPermission(models.Model):
+class AssetPermission(OrgModelMixin):
     id = models.UUIDField(default=uuid.uuid4, primary_key=True)
     name = models.CharField(max_length=128, unique=True, verbose_name=_('Name'))
     users = models.ManyToManyField('users.User', related_name='asset_permissions', blank=True, verbose_name=_("User"))
@@ -39,7 +38,7 @@ class AssetPermission(models.Model):
     date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created'))
     comment = models.TextField(verbose_name=_('Comment'), blank=True)
 
-    objects = AssetPermissionManager()
+    objects = AssetPermissionManager.from_queryset(AssetPermissionQuerySet)()
 
     def __str__(self):
         return self.name
@@ -71,7 +70,7 @@ class AssetPermission(models.Model):
         return assets
 
 
-class NodePermission(models.Model):
+class NodePermission(OrgModelMixin):
     id = models.UUIDField(default=uuid.uuid4, primary_key=True)
     node = models.ForeignKey('assets.Node', on_delete=models.CASCADE, verbose_name=_("Node"))
     user_group = models.ForeignKey('users.UserGroup', on_delete=models.CASCADE, verbose_name=_("User group"))

apps/users/forms.py

@@ -332,6 +332,5 @@ class OrgUserField(forms.ModelMultipleChoiceField):
         return {"orgs"}
 
 
-
 class FileForm(forms.Form):
     file = forms.FileField()