github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11680 Commits
69 Branches
244 Tags
136 MiB
 
 
 
 
Tree: 647736f4e3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '647736f4e3'
${ noResults }
jumpserver/apps/tickets/api/perms.py

66 lines
2.1 KiB
Raw Blame History

from django.conf import settings
from assets.models import Asset, Node
from assets.serializers.asset.common import MiniAssetSerializer
from assets.serializers.node import NodeSerializer
from common.api import SuggestionMixin
from orgs.mixins.api import OrgReadonlyModelViewSet
from perms.utils import AssetPermissionPermAssetUtil
from perms.utils.permission import AssetPermissionUtil
from tickets.const import TicketApplyAssetScope
__all__ = ['ApplyAssetsViewSet', 'ApplyNodesViewSet']
class ApplyAssetsViewSet(OrgReadonlyModelViewSet, SuggestionMixin):
model = Asset
serializer_class = MiniAssetSerializer
rbac_perms = (
("match", "assets.match_asset"),
)
search_fields = ("name", "address", "comment")
def get_queryset(self):
if TicketApplyAssetScope.is_permed():
queryset = self.get_assets(with_expired=True)
elif TicketApplyAssetScope.is_permed_valid():
queryset = self.get_assets()
else:
queryset = super().get_queryset()
return queryset
def get_assets(self, with_expired=False):
perms = AssetPermissionUtil().get_permissions_for_user(
self.request.user, flat=True, with_expired=with_expired
)
util = AssetPermissionPermAssetUtil(perms)
assets = util.get_all_assets()
return assets
class ApplyNodesViewSet(OrgReadonlyModelViewSet, SuggestionMixin):
model = Node
serializer_class = NodeSerializer
rbac_perms = (
("match", "assets.match_node"),
)
search_fields = ('full_value',)
def get_queryset(self):
if TicketApplyAssetScope.is_permed():
queryset = self.get_nodes(with_expired=True)
elif TicketApplyAssetScope.is_permed_valid():
queryset = self.get_nodes()
else:
queryset = super().get_queryset()
return queryset
def get_nodes(self, with_expired=False):
perms = AssetPermissionUtil().get_permissions_for_user(
self.request.user, flat=True, with_expired=with_expired
)
util = AssetPermissionPermAssetUtil(perms)
nodes = util.get_perm_nodes()
return nodes