From 0b4df7839365e2c7574e14db5a7447f9a8e62578 Mon Sep 17 00:00:00 2001
From: ibuler <ibuler@qq.com>
Date: Mon, 28 May 2018 13:20:26 +0800
Subject: [PATCH] =?UTF-8?q?[Update]=20=E4=BF=AE=E6=94=B9permistion=20utils?=
 =?UTF-8?q?=E4=BC=98=E5=8C=96=E8=BF=94=E5=9B=9E=E7=9A=84=E5=B1=9E=E6=80=A7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/assets/models/asset.py      |  3 ++-
 apps/assets/models/node.py       |  8 ++++++-
 apps/assets/serializers/asset.py |  4 ++--
 apps/perms/models.py             |  4 ++--
 apps/perms/utils.py              | 36 +++++++++++++++++++++++++-------
 apps/users/models/user.py        |  2 +-
 6 files changed, 42 insertions(+), 15 deletions(-)

diff --git a/apps/assets/models/asset.py b/apps/assets/models/asset.py
index 4a2942291..297d50dfc 100644
--- a/apps/assets/models/asset.py
+++ b/apps/assets/models/asset.py
@@ -117,7 +117,8 @@ class Asset(models.Model):
 
     def get_nodes(self):
         from .node import Node
-        return self.nodes.all() or [Node.root()]
+        nodes = self.nodes.all() or [Node.root()]
+        return nodes
 
     @property
     def hardware_info(self):
diff --git a/apps/assets/models/node.py b/apps/assets/models/node.py
index b63daf513..5109f3d0a 100644
--- a/apps/assets/models/node.py
+++ b/apps/assets/models/node.py
@@ -3,6 +3,7 @@
 import uuid
 
 from django.db import models, transaction
+from django.db.models import Q
 from django.utils.translation import ugettext_lazy as _
 
 
@@ -87,7 +88,12 @@ class Node(models.Model):
 
     def get_assets(self):
         from .asset import Asset
-        assets = Asset.objects.filter(nodes__id=self.id)
+        if self.is_root():
+            assets = Asset.objects.filter(
+                Q(nodes__id=self.id) | Q(nodes__isnull=True)
+            )
+        else:
+            assets = Asset.objects.filter(nodes__id=self.id)
         return assets
 
     def get_valid_assets(self):
diff --git a/apps/assets/serializers/asset.py b/apps/assets/serializers/asset.py
index cf844b5c7..2c5aa253c 100644
--- a/apps/assets/serializers/asset.py
+++ b/apps/assets/serializers/asset.py
@@ -61,13 +61,13 @@ class AssetGrantedSerializer(serializers.ModelSerializer):
     """
     system_users_granted = AssetSystemUserSerializer(many=True, read_only=True)
     system_users_join = serializers.SerializerMethodField()
-    nodes = NodeTMPSerializer(many=True, read_only=True)
+    # nodes = NodeTMPSerializer(many=True, read_only=True)
 
     class Meta:
         model = Asset
         fields = (
             "id", "hostname", "ip", "port", "system_users_granted",
-            "is_active", "system_users_join", "os", 'domain', "nodes",
+            "is_active", "system_users_join", "os", 'domain',
             "platform", "comment"
         )
 
diff --git a/apps/perms/models.py b/apps/perms/models.py
index f7792ee6d..581b552b4 100644
--- a/apps/perms/models.py
+++ b/apps/perms/models.py
@@ -33,8 +33,8 @@ class AssetPermission(models.Model):
     nodes = models.ManyToManyField('assets.Node', related_name='granted_by_permissions', blank=True, verbose_name=_("Nodes"))
     system_users = models.ManyToManyField('assets.SystemUser', related_name='granted_by_permissions', verbose_name=_("System user"))
     is_active = models.BooleanField(default=True, verbose_name=_('Active'))
-    date_start = models.DateTimeField(default=timezone.now, verbose_name=_("Date start"))
-    date_expired = models.DateTimeField(default=date_expired_default, verbose_name=_('Date expired'))
+    date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start"))
+    date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired'))
     created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by'))
     date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created'))
     comment = models.TextField(verbose_name=_('Comment'), blank=True)
diff --git a/apps/perms/utils.py b/apps/perms/utils.py
index d45f0f3d7..87911120e 100644
--- a/apps/perms/utils.py
+++ b/apps/perms/utils.py
@@ -16,8 +16,22 @@ logger = get_logger(__file__)
 class Tree:
     def __init__(self):
         self.__all_nodes = list(Node.objects.all())
+        self.__node_asset_map = defaultdict(set)
         self.nodes = defaultdict(dict)
         self.root = Node.root()
+        self.init_node_asset_map()
+
+    def init_node_asset_map(self):
+        for node in self.__all_nodes:
+            assets = node.get_assets().values_list('id', flat=True)
+            for asset in assets:
+                self.__node_asset_map[str(asset)].add(node)
+
+    def add_asset(self, asset, system_users):
+        nodes = self.__node_asset_map.get(str(asset.id), [])
+        self.add_nodes(nodes)
+        for node in nodes:
+            self.nodes[node][asset].update(system_users)
 
     def add_node(self, node):
         if node in self.nodes:
@@ -44,11 +58,15 @@ class AssetPermissionUtil:
 
     @staticmethod
     def get_user_group_permissions(user_group):
-        return AssetPermission.objects.all().valid().filter(user_groups=user_group)
+        return AssetPermission.objects.all().valid().filter(
+            user_groups=user_group
+        )
 
     @staticmethod
     def get_asset_permissions(asset):
-        return AssetPermission.objects.all().valid().filter(assets=asset)
+        return AssetPermission.objects.all().valid().filter(
+            assets=asset
+        )
 
     @staticmethod
     def get_node_permissions(node):
@@ -56,7 +74,9 @@ class AssetPermissionUtil:
 
     @staticmethod
     def get_system_user_permissions(system_user):
-        return AssetPermission.objects.valid().all().filter(system_users=system_user)
+        return AssetPermission.objects.valid().all().filter(
+            system_users=system_user
+        )
 
     @classmethod
     def get_user_group_nodes(cls, group):
@@ -209,11 +229,11 @@ class AssetPermissionUtil:
         tree = Tree()
         _assets = cls.get_user_assets(user)
         for asset, _system_users in _assets.items():
-            _nodes = asset.get_nodes()
-            tree.add_nodes(_nodes)
-
-            for node in _nodes:
-                tree.nodes[node][asset].update(_system_users)
+            tree.add_asset(asset, _system_users)
+            # _nodes = asset.get_nodes()
+            # tree.add_nodes(_nodes)
+            # for node in _nodes:
+            #     tree.nodes[node][asset].update(_system_users)
         return tree.nodes
 
     @classmethod
diff --git a/apps/users/models/user.py b/apps/users/models/user.py
index 23c30cf77..025fe7c8f 100644
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -77,7 +77,7 @@ class User(AbstractUser):
     is_first_login = models.BooleanField(default=True)
     date_expired = models.DateTimeField(
         default=date_expired_default, blank=True, null=True,
-        verbose_name=_('Date expired')
+        db_index=True, verbose_name=_('Date expired')
     )
     created_by = models.CharField(
         max_length=30, default='', verbose_name=_('Created by')