github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

feat: 修改作业权限

pull/9219/head
Aaron3S 2022-12-15 17:25:21 +08:00
parent 9d80abadd8
commit e969a01689
12 changed files with 79 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apps/ops/api/adhoc.py
View File

@ -1,5 +1,5 @@
# -*- coding: utf-8 -*-
from .base import SelfBulkModelViewSet
from orgs.mixins.api import OrgBulkModelViewSet
from ..models import AdHoc
from ..serializers import (
AdHocSerializer
@ -10,7 +10,11 @@ __all__ = [
]
class AdHocViewSet(SelfBulkModelViewSet):
class AdHocViewSet(OrgBulkModelViewSet):
serializer_class = AdHocSerializer
permission_classes = ()
model = AdHoc
def get_queryset(self):
queryset = super().get_queryset()
return queryset.filter(creator=self.request.user)

17
apps/ops/api/base.py
View File

@ -1,17 +0,0 @@
from rest_framework_bulk import BulkModelViewSet
from common.mixins import CommonApiMixin
__all__ = ['SelfBulkModelViewSet']
class SelfBulkModelViewSet(CommonApiMixin, BulkModelViewSet):
def get_queryset(self):
if hasattr(self, 'model'):
return self.model.objects.filter(creator=self.request.user)
else:
assert self.queryset is None, (
"'%s' should not include a `queryset` attribute"
% self.__class__.__name__
)

20
apps/ops/api/job.py
View File

@ -2,7 +2,6 @@ from rest_framework.views import APIView
from django.shortcuts import get_object_or_404
from rest_framework.response import Response
from ops.api.base import SelfBulkModelViewSet
from ops.models import Job, JobExecution
from ops.serializers.job import JobSerializer, JobExecutionSerializer
@ -10,6 +9,7 @@ __all__ = ['JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView', 'Jo
from ops.tasks import run_ops_job_execution
from ops.variables import JMS_JOB_VARIABLE_HELP
from orgs.mixins.api import OrgBulkModelViewSet
def set_task_to_serializer_data(serializer, task):
@ -18,16 +18,17 @@ def set_task_to_serializer_data(serializer, task):
setattr(serializer, "_data", data)
class JobViewSet(SelfBulkModelViewSet):
class JobViewSet(OrgBulkModelViewSet):
serializer_class = JobSerializer
permission_classes = ()
model = Job
def get_queryset(self):
query_set = super().get_queryset()
queryset = super().get_queryset()
queryset = queryset.filter(creator=self.request.user)
if self.action != 'retrieve':
return query_set.filter(instant=False)
return query_set
return queryset.filter(instant=False)
return queryset
def perform_create(self, serializer):
instance = serializer.save()
@ -48,7 +49,7 @@ class JobViewSet(SelfBulkModelViewSet):
set_task_to_serializer_data(serializer, task)
class JobExecutionViewSet(SelfBulkModelViewSet):
class JobExecutionViewSet(OrgBulkModelViewSet):
serializer_class = JobExecutionSerializer
http_method_names = ('get', 'post', 'head', 'options',)
permission_classes = ()
@ -60,11 +61,12 @@ class JobExecutionViewSet(SelfBulkModelViewSet):
set_task_to_serializer_data(serializer, task)
def get_queryset(self):
query_set = super().get_queryset()
queryset = super().get_queryset()
queryset = queryset.filter(creator=self.request.user)
job_id = self.request.query_params.get('job_id')
if job_id:
query_set = query_set.filter(job_id=job_id)
return query_set
queryset = queryset.filter(job_id=job_id)
return queryset
class JobRunVariableHelpAPIView(APIView):

11
apps/ops/api/playbook.py
View File

@ -2,11 +2,7 @@ import os
import zipfile
from django.conf import settings
from rest_framework_bulk import BulkModelViewSet
from common.mixins import CommonApiMixin
from orgs.mixins.api import OrgBulkModelViewSet
from .base import SelfBulkModelViewSet
from ..exception import PlaybookNoValidEntry
from ..models import Playbook
from ..serializers.playbook import PlaybookSerializer
@ -20,11 +16,16 @@ def unzip_playbook(src, dist):
fz.extract(file, dist)
class PlaybookViewSet(SelfBulkModelViewSet):
class PlaybookViewSet(OrgBulkModelViewSet):
serializer_class = PlaybookSerializer
permission_classes = ()
model = Playbook
def get_queryset(self):
queryset = super().get_queryset()
queryset = queryset.filter(creator=self.request.user)
return queryset
def perform_create(self, serializer):
instance = serializer.save()
src_path = os.path.join(settings.MEDIA_ROOT, instance.path.name)

33
apps/ops/migrations/0029_auto_20221215_1712.py Normal file
View File

@ -0,0 +1,33 @@
# Generated by Django 3.2.14 on 2022-12-15 09:12
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('ops', '0028_auto_20221205_1627'),
]
operations = [
migrations.AddField(
model_name='adhoc',
name='org_id',
field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
),
migrations.AddField(
model_name='job',
name='org_id',
field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
),
migrations.AddField(
model_name='jobexecution',
name='org_id',
field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
),
migrations.AddField(
model_name='playbook',
name='org_id',
field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
),
]

4
apps/ops/models/adhoc.py
View File

@ -9,10 +9,12 @@ from common.utils import get_logger
__all__ = ["AdHoc"]
from orgs.mixins.models import JMSOrgBaseModel
logger = get_logger(__file__)
class AdHoc(JMSBaseModel):
class AdHoc(JMSOrgBaseModel):
class Modules(models.TextChoices):
shell = 'shell', _('Shell')
winshell = 'win_shell', _('Powershell')

16
apps/ops/models/job.py
View File

@ -11,13 +11,13 @@ from celery import current_task
__all__ = ["Job", "JobExecution"]
from common.db.models import JMSBaseModel
from ops.ansible import JMSInventory, AdHocRunner, PlaybookRunner
from ops.mixin import PeriodTaskModelMixin
from ops.variables import *
from orgs.mixins.models import JMSOrgBaseModel
class Job(JMSBaseModel, PeriodTaskModelMixin):
class Job(JMSOrgBaseModel, PeriodTaskModelMixin):
class Types(models.TextChoices):
adhoc = 'adhoc', _('Adhoc')
playbook = 'playbook', _('Playbook')
@ -97,7 +97,7 @@ class Job(JMSBaseModel, PeriodTaskModelMixin):
ordering = ['date_created']
class JobExecution(JMSBaseModel):
class JobExecution(JMSOrgBaseModel):
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
task_id = models.UUIDField(null=True)
status = models.CharField(max_length=16, verbose_name=_('Status'), default='running')
@ -202,10 +202,11 @@ class JobExecution(JMSBaseModel):
def gather_static_variables(self):
default = {
JMS_USERNAME: self.creator.username,
JMS_JOB_ID: self.job.id,
JMS_JOB_ID: str(self.job.id),
JMS_JOB_NAME: self.job.name,
}
if self.creator:
default.update({JMS_USERNAME: self.creator.username})
return default
@property
@ -255,7 +256,10 @@ class JobExecution(JMSBaseModel):
this = self.__class__.objects.get(id=self.id)
this.status = status_mapper.get(cb.status, cb.status)
this.summary.update(cb.summary)
this.result.update(cb.result)
if this.result:
this.result.update(cb.result)
else:
this.result = cb.result
this.finish_task()
def finish_task(self):

4
apps/ops/models/playbook.py
View File

@ -5,11 +5,11 @@ from django.conf import settings
from django.db import models
from django.utils.translation import gettext_lazy as _
from common.db.models import JMSBaseModel
from ops.exception import PlaybookNoValidEntry
from orgs.mixins.models import JMSOrgBaseModel
class Playbook(JMSBaseModel):
class Playbook(JMSOrgBaseModel):
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
name = models.CharField(max_length=128, verbose_name=_('Name'), null=True)
path = models.FileField(upload_to='playbooks/')

3
apps/ops/serializers/adhoc.py
View File

@ -4,10 +4,11 @@ from __future__ import unicode_literals
from rest_framework import serializers
from common.drf.fields import ReadableHiddenField
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
from ..models import AdHoc
class AdHocSerializer(serializers.ModelSerializer):
class AdHocSerializer(BulkOrgResourceModelSerializer):
creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
row_count = serializers.IntegerField(read_only=True)
size = serializers.IntegerField(read_only=True)

5
apps/ops/serializers/job.py
View File

@ -3,9 +3,10 @@ from rest_framework import serializers
from common.drf.fields import ReadableHiddenField
from ops.mixin import PeriodTaskSerializerMixin
from ops.models import Job, JobExecution
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
class JobSerializer(serializers.ModelSerializer, PeriodTaskSerializerMixin):
class JobSerializer(BulkOrgResourceModelSerializer, PeriodTaskSerializerMixin):
creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
run_after_save = serializers.BooleanField(label=_("Run after save"), read_only=True, default=False, required=False)
@ -25,7 +26,7 @@ class JobSerializer(serializers.ModelSerializer, PeriodTaskSerializerMixin):
]
class JobExecutionSerializer(serializers.ModelSerializer):
class JobExecutionSerializer(BulkOrgResourceModelSerializer):
creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
job_type = serializers.ReadOnlyField(label=_("Job type"))
count = serializers.ReadOnlyField(label=_("Count"))

2
apps/ops/serializers/playbook.py
View File

@ -12,7 +12,7 @@ def parse_playbook_name(path):
return file_name.split(".")[-2]
class PlaybookSerializer(serializers.ModelSerializer):
class PlaybookSerializer(BulkOrgResourceModelSerializer):
creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
path = serializers.FileField(required=False)

3
apps/ops/tasks.py
View File

@ -36,7 +36,8 @@ def run_ops_job(job_id):
def run_ops_job_execution(execution_id, **kwargs):
execution = get_object_or_none(JobExecution, id=execution_id)
try:
execution.start()
with tmp_to_org(execution.org):
execution.start()
except SoftTimeLimitExceeded:
execution.set_error('Run timeout')
logger.error("Run adhoc timeout")