feat: 修改作业权限

apps/ops/api/adhoc.py

@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-from .base import SelfBulkModelViewSet
+from orgs.mixins.api import OrgBulkModelViewSet
 from ..models import AdHoc
 from ..serializers import (
     AdHocSerializer
@@ -10,7 +10,11 @@ __all__ = [
 ]
 
 
-class AdHocViewSet(SelfBulkModelViewSet):
+class AdHocViewSet(OrgBulkModelViewSet):
     serializer_class = AdHocSerializer
     permission_classes = ()
     model = AdHoc
+
+    def get_queryset(self):
+        queryset = super().get_queryset()
+        return queryset.filter(creator=self.request.user)

apps/ops/api/base.py

@@ -1,17 +0,0 @@
-from rest_framework_bulk import BulkModelViewSet
-
-from common.mixins import CommonApiMixin
-
-__all__ = ['SelfBulkModelViewSet']
-
-
-class SelfBulkModelViewSet(CommonApiMixin, BulkModelViewSet):
-
-    def get_queryset(self):
-        if hasattr(self, 'model'):
-            return self.model.objects.filter(creator=self.request.user)
-        else:
-            assert self.queryset is None, (
-                    "'%s' should not include a `queryset` attribute"
-                    % self.__class__.__name__
-            )

apps/ops/api/job.py

@@ -2,7 +2,6 @@ from rest_framework.views import APIView
 from django.shortcuts import get_object_or_404
 from rest_framework.response import Response
 
-from ops.api.base import SelfBulkModelViewSet
 from ops.models import Job, JobExecution
 from ops.serializers.job import JobSerializer, JobExecutionSerializer
 
@@ -10,6 +9,7 @@ __all__ = ['JobViewSet', 'JobExecutionViewSet', 'JobRunVariableHelpAPIView', 'Jo
 
 from ops.tasks import run_ops_job_execution
 from ops.variables import JMS_JOB_VARIABLE_HELP
+from orgs.mixins.api import OrgBulkModelViewSet
 
 
 def set_task_to_serializer_data(serializer, task):
@@ -18,16 +18,17 @@ def set_task_to_serializer_data(serializer, task):
     setattr(serializer, "_data", data)
 
 
-class JobViewSet(SelfBulkModelViewSet):
+class JobViewSet(OrgBulkModelViewSet):
     serializer_class = JobSerializer
     permission_classes = ()
     model = Job
 
     def get_queryset(self):
-        query_set = super().get_queryset()
+        queryset = super().get_queryset()
+        queryset = queryset.filter(creator=self.request.user)
         if self.action != 'retrieve':
-            return query_set.filter(instant=False)
+            return queryset.filter(instant=False)
-        return query_set
+        return queryset
 
     def perform_create(self, serializer):
         instance = serializer.save()
@@ -48,7 +49,7 @@ class JobViewSet(SelfBulkModelViewSet):
         set_task_to_serializer_data(serializer, task)
 
 
-class JobExecutionViewSet(SelfBulkModelViewSet):
+class JobExecutionViewSet(OrgBulkModelViewSet):
     serializer_class = JobExecutionSerializer
     http_method_names = ('get', 'post', 'head', 'options',)
     permission_classes = ()
@@ -60,11 +61,12 @@ class JobExecutionViewSet(SelfBulkModelViewSet):
         set_task_to_serializer_data(serializer, task)
 
     def get_queryset(self):
-        query_set = super().get_queryset()
+        queryset = super().get_queryset()
+        queryset = queryset.filter(creator=self.request.user)
         job_id = self.request.query_params.get('job_id')
         if job_id:
-            query_set = query_set.filter(job_id=job_id)
+            queryset = queryset.filter(job_id=job_id)
-        return query_set
+        return queryset
 
 
 class JobRunVariableHelpAPIView(APIView):

apps/ops/api/playbook.py

@@ -2,11 +2,7 @@ import os
 import zipfile
 
 from django.conf import settings
-from rest_framework_bulk import BulkModelViewSet
-
-from common.mixins import CommonApiMixin
 from orgs.mixins.api import OrgBulkModelViewSet
-from .base import SelfBulkModelViewSet
 from ..exception import PlaybookNoValidEntry
 from ..models import Playbook
 from ..serializers.playbook import PlaybookSerializer
@@ -20,11 +16,16 @@ def unzip_playbook(src, dist):
         fz.extract(file, dist)
 
 
-class PlaybookViewSet(SelfBulkModelViewSet):
+class PlaybookViewSet(OrgBulkModelViewSet):
     serializer_class = PlaybookSerializer
     permission_classes = ()
     model = Playbook
 
+    def get_queryset(self):
+        queryset = super().get_queryset()
+        queryset = queryset.filter(creator=self.request.user)
+        return queryset
+
     def perform_create(self, serializer):
         instance = serializer.save()
         src_path = os.path.join(settings.MEDIA_ROOT, instance.path.name)

apps/ops/migrations/0029_auto_20221215_1712.py

@@ -0,0 +1,33 @@
+# Generated by Django 3.2.14 on 2022-12-15 09:12
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('ops', '0028_auto_20221205_1627'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='adhoc',
+            name='org_id',
+            field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
+        ),
+        migrations.AddField(
+            model_name='job',
+            name='org_id',
+            field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
+        ),
+        migrations.AddField(
+            model_name='jobexecution',
+            name='org_id',
+            field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
+        ),
+        migrations.AddField(
+            model_name='playbook',
+            name='org_id',
+            field=models.CharField(blank=True, db_index=True, default='', max_length=36, verbose_name='Organization'),
+        ),
+    ]

apps/ops/models/adhoc.py

@@ -9,10 +9,12 @@ from common.utils import get_logger
 
 __all__ = ["AdHoc"]
 
+from orgs.mixins.models import JMSOrgBaseModel
+
 logger = get_logger(__file__)
 
 
-class AdHoc(JMSBaseModel):
+class AdHoc(JMSOrgBaseModel):
     class Modules(models.TextChoices):
         shell = 'shell', _('Shell')
         winshell = 'win_shell', _('Powershell')

apps/ops/models/job.py

@@ -11,13 +11,13 @@ from celery import current_task
 
 __all__ = ["Job", "JobExecution"]
 
-from common.db.models import JMSBaseModel
 from ops.ansible import JMSInventory, AdHocRunner, PlaybookRunner
 from ops.mixin import PeriodTaskModelMixin
 from ops.variables import *
+from orgs.mixins.models import JMSOrgBaseModel
 
 
-class Job(JMSBaseModel, PeriodTaskModelMixin):
+class Job(JMSOrgBaseModel, PeriodTaskModelMixin):
     class Types(models.TextChoices):
         adhoc = 'adhoc', _('Adhoc')
         playbook = 'playbook', _('Playbook')
@@ -97,7 +97,7 @@ class Job(JMSBaseModel, PeriodTaskModelMixin):
         ordering = ['date_created']
 
 
-class JobExecution(JMSBaseModel):
+class JobExecution(JMSOrgBaseModel):
     id = models.UUIDField(default=uuid.uuid4, primary_key=True)
     task_id = models.UUIDField(null=True)
     status = models.CharField(max_length=16, verbose_name=_('Status'), default='running')
@@ -202,10 +202,11 @@ class JobExecution(JMSBaseModel):
 
     def gather_static_variables(self):
         default = {
-            JMS_USERNAME: self.creator.username,
+            JMS_JOB_ID: str(self.job.id),
-            JMS_JOB_ID: self.job.id,
             JMS_JOB_NAME: self.job.name,
         }
+        if self.creator:
+            default.update({JMS_USERNAME: self.creator.username})
         return default
 
     @property
@@ -255,7 +256,10 @@ class JobExecution(JMSBaseModel):
         this = self.__class__.objects.get(id=self.id)
         this.status = status_mapper.get(cb.status, cb.status)
         this.summary.update(cb.summary)
-        this.result.update(cb.result)
+        if this.result:
+            this.result.update(cb.result)
+        else:
+            this.result = cb.result
         this.finish_task()
 
     def finish_task(self):

apps/ops/models/playbook.py

@@ -5,11 +5,11 @@ from django.conf import settings
 from django.db import models
 from django.utils.translation import gettext_lazy as _
 
-from common.db.models import JMSBaseModel
 from ops.exception import PlaybookNoValidEntry
+from orgs.mixins.models import JMSOrgBaseModel
 
 
-class Playbook(JMSBaseModel):
+class Playbook(JMSOrgBaseModel):
     id = models.UUIDField(default=uuid.uuid4, primary_key=True)
     name = models.CharField(max_length=128, verbose_name=_('Name'), null=True)
     path = models.FileField(upload_to='playbooks/')

apps/ops/serializers/adhoc.py

@@ -4,10 +4,11 @@ from __future__ import unicode_literals
 from rest_framework import serializers
 
 from common.drf.fields import ReadableHiddenField
+from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from ..models import AdHoc
 
 
-class AdHocSerializer(serializers.ModelSerializer):
+class AdHocSerializer(BulkOrgResourceModelSerializer):
     creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
     row_count = serializers.IntegerField(read_only=True)
     size = serializers.IntegerField(read_only=True)

apps/ops/serializers/job.py

@@ -3,9 +3,10 @@ from rest_framework import serializers
 from common.drf.fields import ReadableHiddenField
 from ops.mixin import PeriodTaskSerializerMixin
 from ops.models import Job, JobExecution
+from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 
 
-class JobSerializer(serializers.ModelSerializer, PeriodTaskSerializerMixin):
+class JobSerializer(BulkOrgResourceModelSerializer, PeriodTaskSerializerMixin):
     creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
     run_after_save = serializers.BooleanField(label=_("Run after save"), read_only=True, default=False, required=False)
 
@@ -25,7 +26,7 @@ class JobSerializer(serializers.ModelSerializer, PeriodTaskSerializerMixin):
         ]
 
 
-class JobExecutionSerializer(serializers.ModelSerializer):
+class JobExecutionSerializer(BulkOrgResourceModelSerializer):
     creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
     job_type = serializers.ReadOnlyField(label=_("Job type"))
     count = serializers.ReadOnlyField(label=_("Count"))

apps/ops/serializers/playbook.py

@@ -12,7 +12,7 @@ def parse_playbook_name(path):
     return file_name.split(".")[-2]
 
 
-class PlaybookSerializer(serializers.ModelSerializer):
+class PlaybookSerializer(BulkOrgResourceModelSerializer):
     creator = ReadableHiddenField(default=serializers.CurrentUserDefault())
     path = serializers.FileField(required=False)
 

apps/ops/tasks.py

@@ -36,7 +36,8 @@ def run_ops_job(job_id):
 def run_ops_job_execution(execution_id, **kwargs):
     execution = get_object_or_none(JobExecution, id=execution_id)
     try:
-        execution.start()
+        with tmp_to_org(execution.org):
+            execution.start()
     except SoftTimeLimitExceeded:
         execution.set_error('Run timeout')
         logger.error("Run adhoc timeout")