mirror of https://github.com/jumpserver/jumpserver
Jiangjie.Bai
2 years ago
2 changed files with 0 additions and 117 deletions
@ -1,67 +0,0 @@
|
||||
# -*- coding: utf-8 -*- |
||||
# |
||||
from rest_framework.response import Response |
||||
from rest_framework.generics import RetrieveAPIView |
||||
|
||||
from perms import serializers |
||||
from perms.models import ApplicationPermission |
||||
from applications.models import Application |
||||
from common.permissions import IsValidUser |
||||
from ..base import BasePermissionViewSet |
||||
|
||||
|
||||
class ApplicationPermissionViewSet(BasePermissionViewSet): |
||||
""" |
||||
应用授权列表的增删改查API |
||||
""" |
||||
model = ApplicationPermission |
||||
serializer_class = serializers.ApplicationPermissionSerializer |
||||
filterset_fields = { |
||||
'name': ['exact'], |
||||
'category': ['exact'], |
||||
'type': ['exact', 'in'], |
||||
'from_ticket': ['exact'] |
||||
} |
||||
search_fields = ['name', 'category', 'type'] |
||||
custom_filter_fields = BasePermissionViewSet.custom_filter_fields + [ |
||||
'application_id', 'application', 'app', 'app_name' |
||||
] |
||||
ordering_fields = ('name',) |
||||
ordering = ('name',) |
||||
|
||||
def get_queryset(self): |
||||
queryset = super().get_queryset().prefetch_related( |
||||
"applications", "users", "user_groups", "system_users" |
||||
) |
||||
return queryset |
||||
|
||||
def filter_application(self, queryset): |
||||
app_id = self.request.query_params.get('application_id') or \ |
||||
self.request.query_params.get('app') |
||||
app_name = self.request.query_params.get('application') or \ |
||||
self.request.query_params.get('app_name') |
||||
|
||||
if app_id: |
||||
applications = Application.objects.filter(pk=app_id) |
||||
elif app_name: |
||||
applications = Application.objects.filter(name=app_name) |
||||
else: |
||||
return queryset |
||||
if not applications: |
||||
return queryset.none() |
||||
queryset = queryset.filter(applications__in=applications) |
||||
return queryset |
||||
|
||||
def filter_queryset(self, queryset): |
||||
queryset = super().filter_queryset(queryset) |
||||
queryset = self.filter_application(queryset) |
||||
return queryset |
||||
|
||||
|
||||
class ApplicationPermissionActionsApi(RetrieveAPIView): |
||||
permission_classes = (IsValidUser,) |
||||
|
||||
def retrieve(self, request, *args, **kwargs): |
||||
category = request.GET.get('category') |
||||
actions = ApplicationPermission.get_include_actions_choices(category=category) |
||||
return Response(data=actions) |
||||
@ -1,50 +0,0 @@
|
||||
# coding: utf-8 |
||||
# |
||||
|
||||
from django.urls import path, include |
||||
from rest_framework_bulk.routes import BulkRouter |
||||
from .. import api |
||||
|
||||
|
||||
router = BulkRouter() |
||||
router.register('application-permissions', api.ApplicationPermissionViewSet, 'application-permission') |
||||
router.register('application-permissions-users-relations', api.ApplicationPermissionUserRelationViewSet, 'application-permissions-users-relation') |
||||
router.register('application-permissions-user-groups-relations', api.ApplicationPermissionUserGroupRelationViewSet, 'application-permissions-user-groups-relation') |
||||
router.register('application-permissions-applications-relations', api.ApplicationPermissionApplicationRelationViewSet, 'application-permissions-application-relation') |
||||
router.register('application-permissions-system-users-relations', api.ApplicationPermissionSystemUserRelationViewSet, 'application-permissions-system-users-relation') |
||||
|
||||
user_permission_urlpatterns = [ |
||||
path('<uuid:pk>/applications/', api.UserAllGrantedApplicationsApi.as_view(), name='user-applications'), |
||||
path('applications/', api.MyAllGrantedApplicationsApi.as_view(), name='my-applications'), |
||||
|
||||
# Application As Tree |
||||
path('<uuid:pk>/applications/tree/', api.UserAllGrantedApplicationsAsTreeApi.as_view(), name='user-applications-as-tree'), |
||||
path('applications/tree/', api.MyAllGrantedApplicationsAsTreeApi.as_view(), name='my-applications-as-tree'), |
||||
|
||||
# Application System Users |
||||
path('<uuid:pk>/applications/<uuid:application_id>/system-users/', api.UserGrantedApplicationSystemUsersApi.as_view(), name='user-application-system-users'), |
||||
path('applications/<uuid:application_id>/system-users/', api.MyGrantedApplicationSystemUsersApi.as_view(), name='my-application-system-users'), |
||||
] |
||||
|
||||
user_group_permission_urlpatterns = [ |
||||
path('<uuid:pk>/applications/', api.UserGroupGrantedApplicationsApi.as_view(), name='user-group-applications'), |
||||
] |
||||
|
||||
permission_urlpatterns = [ |
||||
# 授权规则中授权的用户和应用 |
||||
path('<uuid:pk>/applications/all/', api.ApplicationPermissionAllApplicationListApi.as_view(), name='application-permission-all-applications'), |
||||
path('<uuid:pk>/users/all/', api.ApplicationPermissionAllUserListApi.as_view(), name='application-permission-all-users'), |
||||
|
||||
# 验证用户是否有某个应用的权限 |
||||
path('user/validate/', api.ValidateUserApplicationPermissionApi.as_view(), name='validate-user-application-permission'), |
||||
|
||||
path('applications/actions/', api.ApplicationPermissionActionsApi.as_view(), name='application-actions'), |
||||
] |
||||
|
||||
application_permission_urlpatterns = [ |
||||
path('users/', include(user_permission_urlpatterns)), |
||||
path('user-groups/', include(user_group_permission_urlpatterns)), |
||||
path('application-permissions/', include(permission_urlpatterns)) |
||||
] |
||||
|
||||
application_permission_urlpatterns += router.urls |
||||
Loading…
Reference in new issue