[Update] 调整Luna的树形结构

apps/assets/models/node.py

@@ -61,10 +61,14 @@ class Node(models.Model):
         return child
 
     def get_children(self):
-        return self.__class__.objects.filter(key__regex=r'^{}:[0-9]+$'.format(self.key))
+        return self.__class__.objects.filter(
+            key__regex=r'^{}:[0-9]+$'.format(self.key)
+        )
 
     def get_all_children(self):
-        return self.__class__.objects.filter(key__startswith='{}:'.format(self.key))
+        return self.__class__.objects.filter(
+            key__startswith='{}:'.format(self.key)
+        )
 
     def get_family(self):
         children = list(self.get_all_children())

apps/perms/api.py

@@ -6,7 +6,7 @@ from rest_framework.views import APIView, Response
 from rest_framework.generics import ListAPIView, get_object_or_404, RetrieveUpdateAPIView
 from rest_framework import viewsets
 
-from common.utils import set_or_append_attr_bulk
+from common.utils import set_or_append_attr_bulk, get_object_or_none
 from users.permissions import IsValidUser, IsSuperUser, IsSuperUserOrAppUser
 from .utils import AssetPermissionUtil
 from .models import AssetPermission
@@ -147,8 +147,13 @@ class UserGrantedNodeAssetsApi(ListAPIView):
             user = get_object_or_404(User, id=user_id)
         else:
             user = self.request.user
-        node = get_object_or_404(Node, id=node_id)
         nodes = AssetPermissionUtil.get_user_nodes_with_assets(user)
+        node = get_object_or_none(Node, id=node_id)
+
+        if not node:
+            unnode = [node for node in nodes if node.name == 'Unnode']
+            node = unnode[0] if unnode else None
+
         assets = nodes.get(node, [])
         for asset, system_users in assets.items():
             asset.system_users_granted = system_users

apps/perms/utils.py

@@ -13,7 +13,6 @@ logger = get_logger(__file__)
 
 
 class AssetPermissionUtil:
-
     @staticmethod
     def get_user_permissions(user):
         return AssetPermission.objects.all().valid().filter(users=user)
@@ -122,6 +121,24 @@ class AssetPermissionUtil:
                 nodes[node].update(set(_system_users))
         return nodes
 
+    @classmethod
+    def get_user_nodes_inherit_group(cls, user):
+        nodes = defaultdict(set)
+        groups = user.groups.all()
+        for group in groups:
+            _nodes = cls.get_user_group_nodes(group)
+            for node, system_users in _nodes.items():
+                nodes[node].update(set(system_users))
+        return nodes
+
+    @classmethod
+    def get_user_nodes(cls, user):
+        nodes = cls.get_user_nodes_direct(user)
+        nodes_inherit = cls.get_user_nodes_inherit_group(user)
+        for node, system_users in nodes_inherit.items():
+            nodes[node].update(set(system_users))
+        return nodes
+
     @classmethod
     def get_user_nodes_assets_direct(cls, user):
         assets = defaultdict(set)
@@ -164,15 +181,26 @@ class AssetPermissionUtil:
         :param user:
         :return: {node: {asset: set(su1, su2)}}
         """
+        from assets.models import Node
+        unnode = Node(value='Unnode')
         nodes = defaultdict(dict)
+        for _node in cls.get_user_nodes(user):
+            children = _node.get_family()
+            for node in children:
+                nodes[node] = defaultdict(set)
         _assets = cls.get_user_assets(user)
         for asset, _system_users in _assets.items():
             _nodes = asset.get_nodes()
+            in_node = False
             for node in _nodes:
-                if asset in nodes[node]:
+                if node in nodes:
+                    in_node = True
                     nodes[node][asset].update(_system_users)
+            if not in_node:
+                if unnode in nodes:
+                    nodes[unnode][asset].update(_system_users)
                 else:
-                    nodes[node][asset] = _system_users
+                    nodes[unnode][asset] = _system_users
         return nodes
 
     @classmethod