mirror of https://github.com/jumpserver/jumpserver
56 lines
1.8 KiB
Python
56 lines
1.8 KiB
Python
# coding: utf-8
|
|
#
|
|
|
|
from rest_framework import generics
|
|
from django.conf import settings
|
|
|
|
from ..hands import IsOrgAdminOrAppUser, IsOrgAdmin, NeedMFAVerify
|
|
from .. import serializers
|
|
from ..models import Application, ApplicationUser
|
|
from perms.models import ApplicationPermission
|
|
|
|
|
|
class ApplicationUserListApi(generics.ListAPIView):
|
|
permission_classes = (IsOrgAdmin, )
|
|
filterset_fields = ('name', 'username')
|
|
search_fields = filterset_fields
|
|
serializer_class = serializers.ApplicationUserSerializer
|
|
_application = None
|
|
|
|
@property
|
|
def application(self):
|
|
if self._application is None:
|
|
app_id = self.request.query_params.get('application_id')
|
|
if app_id:
|
|
self._application = Application.objects.get(id=app_id)
|
|
return self._application
|
|
|
|
def get_serializer_context(self):
|
|
context = super().get_serializer_context()
|
|
context.update({
|
|
'application': self.application
|
|
})
|
|
return context
|
|
|
|
def get_queryset(self):
|
|
queryset = ApplicationUser.objects.none()
|
|
if not self.application:
|
|
return queryset
|
|
system_user_ids = ApplicationPermission.objects.filter(applications=self.application)\
|
|
.values_list('system_users', flat=True)
|
|
if not system_user_ids:
|
|
return queryset
|
|
queryset = ApplicationUser.objects.filter(id__in=system_user_ids)
|
|
return queryset
|
|
|
|
|
|
class ApplicationUserAuthInfoListApi(ApplicationUserListApi):
|
|
serializer_class = serializers.ApplicationUserWithAuthInfoSerializer
|
|
http_method_names = ['get']
|
|
permission_classes = [IsOrgAdminOrAppUser]
|
|
|
|
def get_permissions(self):
|
|
if settings.SECURITY_VIEW_AUTH_NEED_MFA:
|
|
self.permission_classes = [IsOrgAdminOrAppUser, NeedMFAVerify]
|
|
return super().get_permissions()
|