Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
guo xiaoyong
Jumpserver
Commits
8eb6cfa9
Unverified
Commit
8eb6cfa9
authored
4 years ago
by
xinwen
Committed by
GitHub
4 years ago
Browse files
Options
Download
Email Patches
Plain Diff
fix(ticket): 修改工单获取系统用户的字段 (#4274)
fix(ticket): 申请资产工单修改bug
parent
f430c9e4
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
apps/locale/zh/LC_MESSAGES/django.mo
+0
-0
apps/locale/zh/LC_MESSAGES/django.mo
apps/locale/zh/LC_MESSAGES/django.po
+27
-26
apps/locale/zh/LC_MESSAGES/django.po
apps/tickets/api/request_asset_perm.py
+41
-1
apps/tickets/api/request_asset_perm.py
apps/tickets/serializers/request_asset_perm.py
+26
-5
apps/tickets/serializers/request_asset_perm.py
apps/users/filters.py
+2
-1
apps/users/filters.py
apps/users/serializers/user.py
+6
-0
apps/users/serializers/user.py
with
102 additions
and
33 deletions
+102
-33
apps/locale/zh/LC_MESSAGES/django.mo
+
0
-
0
View file @
8eb6cfa9
No preview for this file type
This diff is collapsed.
Click to expand it.
apps/locale/zh/LC_MESSAGES/django.po
+
27
-
26
View file @
8eb6cfa9
...
...
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: JumpServer 0.3.3\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2020-07-0
8
1
5
:05+0800\n"
"POT-Creation-Date: 2020-07-0
9
1
0
:05+0800\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: ibuler <ibuler@qq.com>\n"
"Language-Team: JumpServer team<ibuler@qq.com>\n"
...
...
@@ -211,7 +211,7 @@ msgstr "IP"
#: assets/models/asset.py:187 assets/serializers/asset_user.py:45
#: assets/serializers/gathered_user.py:20 settings/serializers/settings.py:51
#: tickets/serializers/request_asset_perm.py:1
3
#: tickets/serializers/request_asset_perm.py:1
4
#: users/templates/users/_granted_assets.html:25
#: users/templates/users/user_asset_permission.html:157
msgid "Hostname"
...
...
@@ -485,7 +485,7 @@ msgstr "每行一个命令"
#: assets/models/cmd_filter.py:55 audits/models.py:57
#: authentication/templates/authentication/_access_key_modal.html:34
#: perms/forms/asset_permission.py:20
#: tickets/serializers/request_asset_perm.py:5
1
#: tickets/serializers/request_asset_perm.py:5
4
#: tickets/serializers/ticket.py:26
#: users/templates/users/_granted_assets.html:29
#: users/templates/users/user_asset_permission.html:44
...
...
@@ -540,7 +540,7 @@ msgstr "默认资产组"
#: templates/index.html:78 terminal/backends/command/models.py:18
#: terminal/backends/command/serializers.py:12 terminal/models.py:185
#: tickets/models/ticket.py:35 tickets/models/ticket.py:130
#: tickets/serializers/request_asset_perm.py:5
2
#: tickets/serializers/request_asset_perm.py:5
5
#: tickets/serializers/ticket.py:27 users/forms/group.py:15
#: users/models/user.py:160 users/models/user.py:176 users/models/user.py:615
#: users/serializers/group.py:20
...
...
@@ -648,6 +648,7 @@ msgstr "SFTP根路径"
#: perms/models/remote_app_permission.py:16 templates/_nav.html:45
#: terminal/backends/command/models.py:20
#: terminal/backends/command/serializers.py:14 terminal/models.py:189
#: tickets/serializers/request_asset_perm.py:16
#: users/templates/users/_granted_assets.html:27
#: users/templates/users/user_asset_permission.html:42
#: users/templates/users/user_asset_permission.html:76
...
...
@@ -918,7 +919,7 @@ msgid "Success"
msgstr "成功"
#: audits/models.py:43 ops/models/command.py:28 perms/models/base.py:52
#: terminal/models.py:199 tickets/serializers/request_asset_perm.py:1
5
#: terminal/models.py:199 tickets/serializers/request_asset_perm.py:1
8
#: xpack/plugins/change_auth_plan/models.py:177
#: xpack/plugins/change_auth_plan/models.py:308
#: xpack/plugins/gathered_user/models.py:76
...
...
@@ -1009,7 +1010,7 @@ msgstr "多因子认证"
msgid "Reason"
msgstr "原因"
#: audits/models.py:106 tickets/serializers/request_asset_perm.py:5
0
#: audits/models.py:106 tickets/serializers/request_asset_perm.py:5
3
#: tickets/serializers/ticket.py:25 xpack/plugins/cloud/models.py:214
#: xpack/plugins/cloud/models.py:272
msgid "Status"
...
...
@@ -1699,7 +1700,7 @@ msgstr "动作"
msgid "Asset permission"
msgstr "资产授权"
#: perms/models/base.py:53 tickets/serializers/request_asset_perm.py:
17
#: perms/models/base.py:53 tickets/serializers/request_asset_perm.py:
20
#: users/models/user.py:505 users/templates/users/user_detail.html:93
#: users/templates/users/user_profile.html:120
msgid "Date expired"
...
...
@@ -2432,36 +2433,40 @@ msgstr "结束日期"
msgid "Args"
msgstr "参数"
#: tickets/api/request_asset_perm.py:
36
#: tickets/api/request_asset_perm.py:
40
msgid "Ticket closed"
msgstr "工单已关闭"
#: tickets/api/request_asset_perm.py:3
9
#: tickets/api/request_asset_perm.py:
4
3
#, python-format
msgid "Ticket has %s"
msgstr "工单已%s"
#: tickets/api/request_asset_perm.py:59
#: tickets/api/request_asset_perm.py:69
msgid "Superuser"
msgstr "超级管理员"
#: tickets/api/request_asset_perm.py:102
msgid "Confirm assets first"
msgstr "请先确认资产"
#: tickets/api/request_asset_perm.py:
62
#: tickets/api/request_asset_perm.py:
105
msgid "Confirmed assets changed"
msgstr "确认的资产变更了"
#: tickets/api/request_asset_perm.py:
66
#: tickets/api/request_asset_perm.py:
109
msgid "Confirm system-user first"
msgstr "请先确认系统用户"
#: tickets/api/request_asset_perm.py:
70
#: tickets/api/request_asset_perm.py:
113
msgid "Confirmed system-user changed"
msgstr "确认的系统用户变更了"
#: tickets/api/request_asset_perm.py:
73
xpack/plugins/cloud/models.py:205
#: tickets/api/request_asset_perm.py:
116
xpack/plugins/cloud/models.py:205
msgid "Succeed"
msgstr "成功"
#: tickets/api/request_asset_perm.py:
8
1
#: tickets/api/request_asset_perm.py:1
24
msgid "{} request assets, approved by {}"
msgstr "{} 申请资产,通过人 {}"
...
...
@@ -2525,19 +2530,19 @@ msgstr "{} {} 这个工单"
msgid "this ticket"
msgstr "这个工单"
#: tickets/serializers/request_asset_perm.py:1
1
#: tickets/serializers/request_asset_perm.py:1
2
msgid "IP group"
msgstr "IP组"
#: tickets/serializers/request_asset_perm.py:2
1
#: tickets/serializers/request_asset_perm.py:2
4
msgid "Confirmed assets"
msgstr "确认的资产"
#: tickets/serializers/request_asset_perm.py:2
5
#: tickets/serializers/request_asset_perm.py:2
8
msgid "Confirmed system user"
msgstr "确认的系统用户"
#: tickets/serializers/request_asset_perm.py:5
8
#: tickets/serializers/request_asset_perm.py:
6
5
msgid "Must be organization admin or superuser"
msgstr "必须是组织管理员或者超级管理员"
...
...
@@ -2778,10 +2783,6 @@ msgstr "最后更新密码日期"
msgid "Administrator is the super user of system"
msgstr "Administrator是初始的超级管理员"
#: users/serializers/group.py:50
msgid "Auditors cannot be join in the user group"
msgstr "审计员不能被加入到用户组"
#: users/serializers/user.py:69 users/serializers/user.py:229
msgid "Is first login"
msgstr "首次登录"
...
...
@@ -3948,6 +3949,9 @@ msgstr "企业版"
msgid "Ultimate edition"
msgstr "旗舰版"
#~ msgid "Auditors cannot be join in the user group"
#~ msgstr "审计员不能被加入到用户组"
#~ msgid "Always update"
#~ msgstr "总是更新"
...
...
@@ -4758,9 +4762,6 @@ msgstr "旗舰版"
#~ msgid "Tips: Some provider use token except password"
#~ msgstr "提示:一些邮件提供商需要输入的是Token"
#~ msgid "Send user"
#~ msgstr "发送账号"
#~ msgid "Tips: Send mail account, default SMTP account as the send account"
#~ msgstr "提示:发送邮件账号,默认使用SMTP账号作为发送账号"
...
...
This diff is collapsed.
Click to expand it.
apps/tickets/api/request_asset_perm.py
+
41
-
1
View file @
8eb6cfa9
from
collections
import
namedtuple
from
django.db.transaction
import
atomic
from
django.db.models
import
F
from
django.utils.translation
import
ugettext_lazy
as
_
from
rest_framework.decorators
import
action
from
rest_framework.response
import
Response
from
common.const.http
import
POST
from
users.models.user
import
User
from
common.const.http
import
POST
,
GET
from
common.drf.api
import
JMSModelViewSet
from
common.permissions
import
IsValidUser
from
common.utils.django
import
get_object_or_none
...
...
@@ -26,6 +30,7 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
'default'
:
serializers
.
RequestAssetPermTicketSerializer
,
'approve'
:
EmptySerializer
,
'reject'
:
EmptySerializer
,
'assignees'
:
serializers
.
OrgAssigneeSerializer
,
}
permission_classes
=
(
IsValidUser
,)
filter_fields
=
[
'status'
,
'title'
,
'action'
,
'user_display'
]
...
...
@@ -38,6 +43,41 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
action_display
=
dict
(
instance
.
ACTION_CHOICES
).
get
(
action
)
raise
TicketActionYet
(
detail
=
_
(
'Ticket has %s'
)
%
action_display
)
@
action
(
detail
=
False
,
methods
=
[
GET
],
permission_classes
=
[
IsValidUser
])
def
assignees
(
self
,
request
,
*
args
,
**
kwargs
):
org_mapper
=
{}
UserTuple
=
namedtuple
(
'UserTuple'
,
(
'id'
,
'name'
,
'username'
))
user
=
request
.
user
superusers
=
User
.
objects
.
filter
(
role
=
User
.
ROLE_ADMIN
)
admins_with_org
=
User
.
objects
.
filter
(
related_admin_orgs__users
=
user
).
annotate
(
org_id
=
F
(
'related_admin_orgs__id'
),
org_name
=
F
(
'related_admin_orgs__name'
)
)
for
user
in
admins_with_org
:
org_id
=
user
.
org_id
if
org_id
not
in
org_mapper
:
org_mapper
[
org_id
]
=
{
'org_name'
:
user
.
org_name
,
'org_admins'
:
set
()
# 去重
}
org_mapper
[
org_id
][
'org_admins'
].
add
(
UserTuple
(
user
.
id
,
user
.
name
,
user
.
username
))
result
=
[
{
'org_name'
:
_
(
'Superuser'
),
'org_admins'
:
set
(
UserTuple
(
user
.
id
,
user
.
name
,
user
.
username
)
for
user
in
superusers
)
}
]
for
org
in
org_mapper
.
values
():
result
.
append
(
org
)
serializer_class
=
self
.
get_serializer_class
()
serilizer
=
serializer_class
(
instance
=
result
,
many
=
True
)
return
Response
(
data
=
serilizer
.
data
)
@
action
(
detail
=
True
,
methods
=
[
POST
],
permission_classes
=
[
IsAssignee
,
IsValidUser
])
def
reject
(
self
,
request
,
*
args
,
**
kwargs
):
instance
=
self
.
get_object
()
...
...
This diff is collapsed.
Click to expand it.
apps/tickets/serializers/request_asset_perm.py
+
26
-
5
View file @
8eb6cfa9
from
rest_framework
import
serializers
from
django.utils.translation
import
ugettext_lazy
as
_
from
django.urls
import
reverse
from
django.db.models
import
Q
from
orgs.utils
import
current_org
from
users.models.user
import
User
from
..models
import
Ticket
...
...
@@ -10,7 +11,9 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
ips
=
serializers
.
ListField
(
child
=
serializers
.
IPAddressField
(),
source
=
'meta.ips'
,
default
=
list
,
label
=
_
(
'IP group'
))
hostname
=
serializers
.
CharField
(
max_length
=
256
,
source
=
'meta.hostname'
,
default
=
None
,
allow_blank
=
True
,
label
=
_
(
'Hostname'
))
allow_blank
=
True
,
label
=
_
(
'Hostname'
))
system_user
=
serializers
.
CharField
(
max_length
=
256
,
source
=
'meta.system_user'
,
default
=
''
,
allow_blank
=
True
,
label
=
_
(
'System user'
))
date_start
=
serializers
.
DateTimeField
(
source
=
'meta.date_start'
,
allow_null
=
True
,
required
=
False
,
label
=
_
(
'Date start'
))
date_expired
=
serializers
.
DateTimeField
(
source
=
'meta.date_expired'
,
allow_null
=
True
,
...
...
@@ -33,7 +36,7 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
'status'
,
'action'
,
'date_created'
,
'date_updated'
,
'system_user_waitlist_url'
,
'type'
,
'type_display'
,
'action_display'
,
'ips'
,
'confirmed_assets'
,
'date_start'
,
'date_expired'
,
'confirmed_system_user'
,
'hostname'
,
'assets_waitlist_url'
'assets_waitlist_url'
,
'system_user'
]
m2m_fields
=
[
'user'
,
'user_display'
,
'assignees'
,
'assignees_display'
,
...
...
@@ -53,7 +56,11 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
}
def
validate_assignees
(
self
,
assignees
):
count
=
current_org
.
org_admins
().
filter
(
id__in
=
[
assignee
.
id
for
assignee
in
assignees
]).
count
()
user
=
self
.
context
[
'request'
].
user
count
=
User
.
objects
.
filter
(
Q
(
related_admin_orgs__users
=
user
)
|
Q
(
role
=
User
.
ROLE_ADMIN
)).
filter
(
id__in
=
[
assignee
.
id
for
assignee
in
assignees
]).
distinct
().
count
()
if
count
!=
len
(
assignees
):
raise
serializers
.
ValidationError
(
_
(
'Must be organization admin or superuser'
))
return
assignees
...
...
@@ -61,7 +68,10 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
def
get_system_user_waitlist_url
(
self
,
instance
:
Ticket
):
if
not
self
.
_is_assignee
(
instance
):
return
None
return
{
'url'
:
reverse
(
'api-assets:system-user-list'
)}
meta
=
instance
.
meta
url
=
reverse
(
'api-assets:system-user-list'
)
query
=
meta
.
get
(
'system_user'
,
''
)
return
'{}?search={}'
.
format
(
url
,
query
)
def
get_assets_waitlist_url
(
self
,
instance
:
Ticket
):
if
not
self
.
_is_assignee
(
instance
):
...
...
@@ -118,3 +128,14 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer):
def
_is_assignee
(
self
,
obj
:
Ticket
):
user
=
self
.
context
[
'request'
].
user
return
obj
.
is_assignee
(
user
)
class
AssigneeSerializer
(
serializers
.
Serializer
):
id
=
serializers
.
UUIDField
()
name
=
serializers
.
CharField
()
username
=
serializers
.
CharField
()
class
OrgAssigneeSerializer
(
serializers
.
Serializer
):
org_name
=
serializers
.
CharField
()
org_admins
=
AssigneeSerializer
(
many
=
True
)
This diff is collapsed.
Click to expand it.
apps/users/filters.py
+
2
-
1
View file @
8eb6cfa9
from
rest_framework.compat
import
coreapi
,
coreschema
from
rest_framework
import
filters
from
users.models.user
import
User
from
orgs.utils
import
current_org
...
...
@@ -11,7 +12,7 @@ class OrgRoleUserFilterBackend(filters.BaseFilterBackend):
return
queryset
if
org_role
==
'admins'
:
return
queryset
&
current_org
.
get_org_admins
()
return
queryset
&
(
current_org
.
get_org_admins
()
|
User
.
objects
.
filter
(
role
=
User
.
ROLE_ADMIN
))
elif
org_role
==
'auditors'
:
return
queryset
&
current_org
.
get_org_auditors
()
elif
org_role
==
'users'
:
...
...
This diff is collapsed.
Click to expand it.
apps/users/serializers/user.py
+
6
-
0
View file @
8eb6cfa9
...
...
@@ -320,3 +320,9 @@ class UserUpdatePublicKeySerializer(serializers.ModelSerializer):
new_public_key
=
self
.
validated_data
.
get
(
'public_key'
)
instance
.
set_public_key
(
new_public_key
)
return
instance
class
MiniUserSerializer
(
serializers
.
ModelSerializer
):
class
Meta
:
model
=
User
fields
=
[
'id'
,
'name'
,
'username'
]
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment