mirror of https://github.com/jumpserver/jumpserver
[Update] 修改org.middleware自动切换组织的bug (#2829)
* [Update] 修改org.middleware自动切换组织的bug * [Update] 将切换组织逻辑移动到PermsUtil中 * [Update] 修改首页组织名称显示来源pull/2833/head
BaiJiangJie
GitHub
parent
b15e06ffec
commit
ed8ae300ae
|
|
@ -1,14 +1,14 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
#
|
#
|
||||||
|
|
||||||
from .utils import current_org, get_current_org
|
from .utils import current_org, get_org_from_request
|
||||||
from .models import Organization
|
from .models import Organization
|
||||||
|
|
||||||
|
|
||||||
def org_processor(request):
|
def org_processor(request):
|
||||||
context = {
|
context = {
|
||||||
'ADMIN_ORGS': Organization.get_user_admin_orgs(request.user),
|
'ADMIN_ORGS': Organization.get_user_admin_orgs(request.user),
|
||||||
'CURRENT_ORG': get_current_org(),
|
'CURRENT_ORG': get_org_from_request(request),
|
||||||
'HAS_ORG_PERM': current_org.can_admin_by(request.user),
|
'HAS_ORG_PERM': current_org.can_admin_by(request.user),
|
||||||
}
|
}
|
||||||
return context
|
return context
|
||||||
|
|
|
||||||
|
|
@ -11,7 +11,7 @@ class OrgMiddleware:
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def set_permed_org_if_need(request):
|
def set_permed_org_if_need(request):
|
||||||
if request.content_type != "text/plain":
|
if request.path.startswith('/api'):
|
||||||
return
|
return
|
||||||
if not (request.user.is_authenticated and request.user.is_org_admin):
|
if not (request.user.is_authenticated and request.user.is_org_admin):
|
||||||
return
|
return
|
||||||
|
|
|
||||||
|
|
@ -26,7 +26,7 @@ from ..hands import (
|
||||||
)
|
)
|
||||||
from .. import serializers, const
|
from .. import serializers, const
|
||||||
from ..mixins import (
|
from ..mixins import (
|
||||||
AssetsFilterMixin, RemoteAppFilterMixin, ChangeOrgIfNeedMixin
|
AssetsFilterMixin, RemoteAppFilterMixin
|
||||||
)
|
)
|
||||||
from ..models import Action
|
from ..models import Action
|
||||||
|
|
||||||
|
|
@ -48,14 +48,6 @@ class UserPermissionCacheMixin:
|
||||||
CACHE_TIME = settings.ASSETS_PERM_CACHE_TIME
|
CACHE_TIME = settings.ASSETS_PERM_CACHE_TIME
|
||||||
_object = None
|
_object = None
|
||||||
|
|
||||||
@staticmethod
|
|
||||||
def change_org_if_need(request, kwargs):
|
|
||||||
if request.user.is_authenticated and \
|
|
||||||
request.user.is_superuser or \
|
|
||||||
request.user.is_app or \
|
|
||||||
kwargs.get('pk') is None:
|
|
||||||
set_to_root_org()
|
|
||||||
|
|
||||||
def get_object(self):
|
def get_object(self):
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
@ -115,7 +107,6 @@ class UserPermissionCacheMixin:
|
||||||
cache.set(key, response.data, self.CACHE_TIME)
|
cache.set(key, response.data, self.CACHE_TIME)
|
||||||
|
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
self.change_org_if_need(request, kwargs)
|
|
||||||
self.cache_policy = request.GET.get('cache_policy', '0')
|
self.cache_policy = request.GET.get('cache_policy', '0')
|
||||||
|
|
||||||
obj = self._get_object()
|
obj = self._get_object()
|
||||||
|
|
@ -461,7 +452,7 @@ class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, APIView):
|
||||||
|
|
||||||
# RemoteApp permission
|
# RemoteApp permission
|
||||||
|
|
||||||
class UserGrantedRemoteAppsApi(ChangeOrgIfNeedMixin, RemoteAppFilterMixin, ListAPIView):
|
class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
|
||||||
permission_classes = (IsOrgAdminOrAppUser,)
|
permission_classes = (IsOrgAdminOrAppUser,)
|
||||||
serializer_class = RemoteAppSerializer
|
serializer_class = RemoteAppSerializer
|
||||||
pagination_class = LimitOffsetPagination
|
pagination_class = LimitOffsetPagination
|
||||||
|
|
@ -486,7 +477,7 @@ class UserGrantedRemoteAppsApi(ChangeOrgIfNeedMixin, RemoteAppFilterMixin, ListA
|
||||||
return super().get_permissions()
|
return super().get_permissions()
|
||||||
|
|
||||||
|
|
||||||
class UserGrantedRemoteAppsAsTreeApi(ChangeOrgIfNeedMixin, ListAPIView):
|
class UserGrantedRemoteAppsAsTreeApi(ListAPIView):
|
||||||
serializer_class = TreeNodeSerializer
|
serializer_class = TreeNodeSerializer
|
||||||
permission_classes = (IsOrgAdminOrAppUser,)
|
permission_classes = (IsOrgAdminOrAppUser,)
|
||||||
|
|
||||||
|
|
@ -518,11 +509,10 @@ class UserGrantedRemoteAppsAsTreeApi(ChangeOrgIfNeedMixin, ListAPIView):
|
||||||
return super().get_permissions()
|
return super().get_permissions()
|
||||||
|
|
||||||
|
|
||||||
class ValidateUserRemoteAppPermissionApi(ChangeOrgIfNeedMixin, APIView):
|
class ValidateUserRemoteAppPermissionApi(APIView):
|
||||||
permission_classes = (IsOrgAdminOrAppUser,)
|
permission_classes = (IsOrgAdminOrAppUser,)
|
||||||
|
|
||||||
def get(self, request, *args, **kwargs):
|
def get(self, request, *args, **kwargs):
|
||||||
self.change_org_if_need(request, kwargs)
|
|
||||||
user_id = request.query_params.get('user_id', '')
|
user_id = request.query_params.get('user_id', '')
|
||||||
remote_app_id = request.query_params.get('remote_app_id', '')
|
remote_app_id = request.query_params.get('remote_app_id', '')
|
||||||
user = get_object_or_404(User, id=user_id)
|
user = get_object_or_404(User, id=user_id)
|
||||||
|
|
|
||||||
|
|
@ -11,6 +11,7 @@ from django.core.cache import cache
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.utils.translation import ugettext as _
|
from django.utils.translation import ugettext as _
|
||||||
|
|
||||||
|
from orgs.utils import set_to_root_org
|
||||||
from common.utils import get_logger
|
from common.utils import get_logger
|
||||||
from common.tree import TreeNode
|
from common.tree import TreeNode
|
||||||
from .. import const
|
from .. import const
|
||||||
|
|
@ -162,6 +163,11 @@ class AssetPermissionUtil:
|
||||||
self._filter_id = 'None' # 当通过filter更改 permission是标记
|
self._filter_id = 'None' # 当通过filter更改 permission是标记
|
||||||
self.cache_policy = cache_policy
|
self.cache_policy = cache_policy
|
||||||
self.tree = GenerateTree()
|
self.tree = GenerateTree()
|
||||||
|
self.change_org_if_need()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def change_org_if_need():
|
||||||
|
set_to_root_org()
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def is_not_using_cache(cls, cache_policy):
|
def is_not_using_cache(cls, cache_policy):
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@
|
||||||
from django.db.models import Q
|
from django.db.models import Q
|
||||||
|
|
||||||
from common.tree import TreeNode
|
from common.tree import TreeNode
|
||||||
|
from orgs.utils import set_to_root_org
|
||||||
|
|
||||||
from ..models import RemoteAppPermission
|
from ..models import RemoteAppPermission
|
||||||
|
|
||||||
|
|
@ -38,6 +39,11 @@ class RemoteAppPermissionUtil:
|
||||||
|
|
||||||
def __init__(self, obj):
|
def __init__(self, obj):
|
||||||
self.object = obj
|
self.object = obj
|
||||||
|
self.change_org_if_need()
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def change_org_if_need():
|
||||||
|
set_to_root_org()
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def permissions(self):
|
def permissions(self):
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue