jumpserver/apps/ops/api/adhoc.py

38 lines
1.2 KiB
Python

# -*- coding: utf-8 -*-
from django.db.models import Q
from common.api.generic import JMSBulkModelViewSet
from common.utils.http import is_true
from rbac.permissions import RBACPermission
from ..const import Scope
from ..models import AdHoc
from ..serializers import AdHocSerializer
__all__ = [
'AdHocViewSet'
]
class AdHocViewSet(JMSBulkModelViewSet):
queryset = AdHoc.objects.all()
serializer_class = AdHocSerializer
permission_classes = (RBACPermission,)
search_fields = ('name', 'comment')
filterset_fields = ['scope', 'creator']
def check_object_permissions(self, request, obj):
if request.method != 'GET' and obj.creator != request.user:
self.permission_denied(
request, message={"detail": "Deleting other people's script is not allowed"}
)
return super().check_object_permissions(request, obj)
def get_queryset(self):
queryset = super().get_queryset()
user = self.request.user
if is_true(self.request.query_params.get('only_mine')):
queryset = queryset.filter(creator=user)
else:
queryset = queryset.filter(Q(creator=user) | Q(scope=Scope.public))
return queryset