fix(perms): 修复用户的资产不区分组织的问题

2c208895 · ibuler · 老广 · 7d325856 · 2c208895 · 2c208895
Commit 2c208895 authored 4 years ago by ibuler Committed by 老广 4 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 15 additions and 20 deletions
+15 -20
--- a/apps/perms/api/user_permission/mixin.py
+++ b/apps/perms/api/user_permission/mixin.py
@@ -4,6 +4,7 @@ from rest_framework.request import Request

 from common.permissions import IsOrgAdminOrAppUser, IsValidUser
 from common.utils import lazyproperty
+from orgs.utils import tmp_to_root_org
 from users.models import User
 from perms.models import UserGrantedMappingNode

@@ -47,6 +48,10 @@ class ForUserMixin:
    permission_classes = (IsValidUser,)
    request: Request

+    def get(self, request, *args, **kwargs):
+        with tmp_to_root_org():
+            return super().get(request, *args, **kwargs)
+
    @lazyproperty
    def user(self):
        return self.request.user
--- a/apps/perms/api/user_permission/user_permission_assets.py
+++ b/apps/perms/api/user_permission/user_permission_assets.py
 # -*- coding: utf-8 -*-
 #
-from django.utils.decorators import method_decorator
 from perms.api.user_permission.mixin import UserNodeGrantStatusDispatchMixin
 from rest_framework.generics import ListAPIView
 from rest_framework.response import Response
@@ -10,7 +9,6 @@ from assets.api.mixin import SerializeToTreeNodeMixin
 from common.utils import get_logger
 from perms.pagination import GrantedAssetLimitOffsetPagination
 from assets.models import Asset, Node, FavoriteAsset
-from orgs.utils import tmp_to_root_org
 from ... import serializers
 from ...utils.user_asset_permission import (
    get_node_all_granted_assets, get_user_direct_granted_assets,
@@ -22,7 +20,6 @@ from .mixin import ForAdminMixin, ForUserMixin
 logger = get_logger(__name__)


-@method_decorator(tmp_to_root_org(), name='list')
 class UserDirectGrantedAssetsApi(ListAPIView):
    """
    用户直接授权的资产的列表，也就是授权规则上直接授权的资产，并非是来自节点的
@@ -40,7 +37,6 @@ class UserDirectGrantedAssetsApi(ListAPIView):
        return assets


-@method_decorator(tmp_to_root_org(), name='list')
 class UserFavoriteGrantedAssetsApi(ListAPIView):
    serializer_class = serializers.AssetGrantedSerializer
    only_fields = serializers.AssetGrantedSerializer.Meta.only_fields
@@ -55,7 +51,6 @@ class UserFavoriteGrantedAssetsApi(ListAPIView):
        return assets


-@method_decorator(tmp_to_root_org(), name='list')
 class AssetsAsTreeMixin(SerializeToTreeNodeMixin):
    """
    将 资产 序列化成树的结构返回
@@ -82,12 +77,10 @@ class MyFavoriteGrantedAssetsApi(ForUserMixin, UserFavoriteGrantedAssetsApi):
    pass


-@method_decorator(tmp_to_root_org(), name='list')
 class UserDirectGrantedAssetsAsTreeForAdminApi(ForAdminMixin, AssetsAsTreeMixin, UserDirectGrantedAssetsApi):
    pass


-@method_decorator(tmp_to_root_org(), name='list')
 class MyUngroupAssetsAsTreeApi(ForUserMixin, AssetsAsTreeMixin, UserDirectGrantedAssetsApi):
    def get_queryset(self):
        queryset = super().get_queryset()
@@ -96,9 +89,11 @@ class MyUngroupAssetsAsTreeApi(ForUserMixin, AssetsAsTreeMixin, UserDirectGrante
        return queryset


-@method_decorator(tmp_to_root_org(), name='list')
-class UserAllGrantedAssetsApi(ListAPIView):
+class UserAllGrantedAssetsApi(ForAdminMixin, ListAPIView):
    only_fields = serializers.AssetGrantedSerializer.Meta.only_fields
+    serializer_class = serializers.AssetGrantedSerializer
+    filter_fields = ['hostname', 'ip', 'id', 'comment']
+    search_fields = ['hostname', 'ip', 'comment']

    def get_queryset(self):
        queryset = get_user_granted_all_assets(self.user)
@@ -106,11 +101,14 @@ class UserAllGrantedAssetsApi(ListAPIView):
        return queryset.only(*self.only_fields)


+class MyAllGrantedAssetsApi(ForUserMixin, UserAllGrantedAssetsApi):
+    pass
+
+
 class MyAllAssetsAsTreeApi(ForUserMixin, AssetsAsTreeMixin, UserAllGrantedAssetsApi):
    search_fields = ['hostname', 'ip']


-@method_decorator(tmp_to_root_org(), name='list')
 class UserGrantedNodeAssetsApi(UserNodeGrantStatusDispatchMixin, ListAPIView):
    serializer_class = serializers.AssetGrantedSerializer
    only_fields = serializers.AssetGrantedSerializer.Meta.only_fields

--- a/apps/perms/api/user_permission/user_permission_nodes.py
+++ b/apps/perms/api/user_permission/user_permission_nodes.py
@@ -7,7 +7,6 @@ from rest_framework.generics import (
 from rest_framework.response import Response
 from rest_framework.request import Request

-from orgs.utils import tmp_to_root_org
 from assets.api.mixin import SerializeToTreeNodeMixin
 from common.utils import get_logger
 from .mixin import ForAdminMixin, ForUserMixin, UserNodeGrantStatusDispatchMixin
@@ -59,7 +58,6 @@ class NodeChildrenMixin:
 class BaseGrantedNodeApi(_GrantedNodeStructApi, metaclass=abc.ABCMeta):
    serializer_class = serializers.NodeGrantedSerializer

-    @tmp_to_root_org()
    def list(self, request, *args, **kwargs):
        rebuild_user_tree_if_need(request, self.user)
        nodes = self.get_nodes()
@@ -72,7 +70,6 @@ class BaseNodeChildrenApi(NodeChildrenMixin, BaseGrantedNodeApi, metaclass=abc.A


 class BaseGrantedNodeAsTreeApi(SerializeToTreeNodeMixin, _GrantedNodeStructApi, metaclass=abc.ABCMeta):
-    @tmp_to_root_org()
    def list(self, request: Request, *args, **kwargs):
        rebuild_user_tree_if_need(request, self.user)
        nodes = self.get_nodes()

--- a/apps/perms/api/user_permission/user_permission_nodes_with_assets.py
+++ b/apps/perms/api/user_permission/user_permission_nodes_with_assets.py
@@ -19,7 +19,6 @@ from ...utils.user_asset_permission import (

 from assets.models import Asset, FavoriteAsset
 from assets.api import SerializeToTreeNodeMixin
-from orgs.utils import tmp_to_root_org
 from ...hands import Node

 logger = get_logger(__name__)
@@ -28,7 +27,6 @@ logger = get_logger(__name__)
 class MyGrantedNodesWithAssetsAsTreeApi(SerializeToTreeNodeMixin, ListAPIView):
    permission_classes = (IsValidUser,)

-    @tmp_to_root_org()
    def list(self, request: Request, *args, **kwargs):
        """
        此算法依赖 UserGrantedMappingNode
@@ -102,7 +100,6 @@ class UserGrantedNodeChildrenWithAssetsAsTreeForAdminApi(ForAdminMixin, UserNode
            if node:
                return node.key

-    @tmp_to_root_org()
    def list(self, request: Request, *args, **kwargs):
        key = self.request.query_params.get('key')
        if key is None:

--- a/apps/perms/urls/asset_permission.py
+++ b/apps/perms/urls/asset_permission.py
@@ -19,11 +19,9 @@ user_permission_urlpatterns = [
    # 直接授权：在 `AssetPermission` 中关联的对象

    # ---------------------------------------------------------
-    # 获取用户所有直接授权的资产
-
    # 以 serializer 格式返回
-    path('<uuid:pk>/assets/', api.UserDirectGrantedAssetsForAdminApi.as_view(), name='user-assets'),
-    path('assets/', api.MyDirectGrantedAssetsApi.as_view(), name='my-assets'),
+    path('<uuid:pk>/assets/', api.UserAllGrantedAssetsApi.as_view(), name='user-assets'),
+    path('assets/', api.MyAllAssetsAsTreeApi.as_view(), name='my-assets'),

    # Tree Node 的数据格式返回
    path('<uuid:pk>/assets/tree/', api.UserDirectGrantedAssetsAsTreeForAdminApi.as_view(), name='user-assets-as-tree'),