Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
l y
Jumpserver
Commits
2c208895
Commit
2c208895
authored
4 years ago
by
ibuler
Committed by
老广
4 years ago
Browse files
Options
Download
Email Patches
Plain Diff
fix(perms): 修复用户的资产不区分组织的问题
parent
7d325856
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
apps/perms/api/user_permission/mixin.py
+5
-0
apps/perms/api/user_permission/mixin.py
apps/perms/api/user_permission/user_permission_assets.py
+8
-10
apps/perms/api/user_permission/user_permission_assets.py
apps/perms/api/user_permission/user_permission_nodes.py
+0
-3
apps/perms/api/user_permission/user_permission_nodes.py
apps/perms/api/user_permission/user_permission_nodes_with_assets.py
+0
-3
.../api/user_permission/user_permission_nodes_with_assets.py
apps/perms/urls/asset_permission.py
+2
-4
apps/perms/urls/asset_permission.py
with
15 additions
and
20 deletions
+15
-20
apps/perms/api/user_permission/mixin.py
+
5
-
0
View file @
2c208895
...
...
@@ -4,6 +4,7 @@ from rest_framework.request import Request
from
common.permissions
import
IsOrgAdminOrAppUser
,
IsValidUser
from
common.utils
import
lazyproperty
from
orgs.utils
import
tmp_to_root_org
from
users.models
import
User
from
perms.models
import
UserGrantedMappingNode
...
...
@@ -47,6 +48,10 @@ class ForUserMixin:
permission_classes
=
(
IsValidUser
,)
request
:
Request
def
get
(
self
,
request
,
*
args
,
**
kwargs
):
with
tmp_to_root_org
():
return
super
().
get
(
request
,
*
args
,
**
kwargs
)
@
lazyproperty
def
user
(
self
):
return
self
.
request
.
user
This diff is collapsed.
Click to expand it.
apps/perms/api/user_permission/user_permission_assets.py
+
8
-
10
View file @
2c208895
# -*- coding: utf-8 -*-
#
from
django.utils.decorators
import
method_decorator
from
perms.api.user_permission.mixin
import
UserNodeGrantStatusDispatchMixin
from
rest_framework.generics
import
ListAPIView
from
rest_framework.response
import
Response
...
...
@@ -10,7 +9,6 @@ from assets.api.mixin import SerializeToTreeNodeMixin
from
common.utils
import
get_logger
from
perms.pagination
import
GrantedAssetLimitOffsetPagination
from
assets.models
import
Asset
,
Node
,
FavoriteAsset
from
orgs.utils
import
tmp_to_root_org
from
...
import
serializers
from
...utils.user_asset_permission
import
(
get_node_all_granted_assets
,
get_user_direct_granted_assets
,
...
...
@@ -22,7 +20,6 @@ from .mixin import ForAdminMixin, ForUserMixin
logger
=
get_logger
(
__name__
)
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
UserDirectGrantedAssetsApi
(
ListAPIView
):
"""
用户直接授权的资产的列表,也就是授权规则上直接授权的资产,并非是来自节点的
...
...
@@ -40,7 +37,6 @@ class UserDirectGrantedAssetsApi(ListAPIView):
return
assets
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
UserFavoriteGrantedAssetsApi
(
ListAPIView
):
serializer_class
=
serializers
.
AssetGrantedSerializer
only_fields
=
serializers
.
AssetGrantedSerializer
.
Meta
.
only_fields
...
...
@@ -55,7 +51,6 @@ class UserFavoriteGrantedAssetsApi(ListAPIView):
return
assets
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
AssetsAsTreeMixin
(
SerializeToTreeNodeMixin
):
"""
将 资产 序列化成树的结构返回
...
...
@@ -82,12 +77,10 @@ class MyFavoriteGrantedAssetsApi(ForUserMixin, UserFavoriteGrantedAssetsApi):
pass
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
UserDirectGrantedAssetsAsTreeForAdminApi
(
ForAdminMixin
,
AssetsAsTreeMixin
,
UserDirectGrantedAssetsApi
):
pass
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
MyUngroupAssetsAsTreeApi
(
ForUserMixin
,
AssetsAsTreeMixin
,
UserDirectGrantedAssetsApi
):
def
get_queryset
(
self
):
queryset
=
super
().
get_queryset
()
...
...
@@ -96,9 +89,11 @@ class MyUngroupAssetsAsTreeApi(ForUserMixin, AssetsAsTreeMixin, UserDirectGrante
return
queryset
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
UserAllGrantedAssetsApi
(
ListAPIView
):
class
UserAllGrantedAssetsApi
(
ForAdminMixin
,
ListAPIView
):
only_fields
=
serializers
.
AssetGrantedSerializer
.
Meta
.
only_fields
serializer_class
=
serializers
.
AssetGrantedSerializer
filter_fields
=
[
'hostname'
,
'ip'
,
'id'
,
'comment'
]
search_fields
=
[
'hostname'
,
'ip'
,
'comment'
]
def
get_queryset
(
self
):
queryset
=
get_user_granted_all_assets
(
self
.
user
)
...
...
@@ -106,11 +101,14 @@ class UserAllGrantedAssetsApi(ListAPIView):
return
queryset
.
only
(
*
self
.
only_fields
)
class
MyAllGrantedAssetsApi
(
ForUserMixin
,
UserAllGrantedAssetsApi
):
pass
class
MyAllAssetsAsTreeApi
(
ForUserMixin
,
AssetsAsTreeMixin
,
UserAllGrantedAssetsApi
):
search_fields
=
[
'hostname'
,
'ip'
]
@
method_decorator
(
tmp_to_root_org
(),
name
=
'list'
)
class
UserGrantedNodeAssetsApi
(
UserNodeGrantStatusDispatchMixin
,
ListAPIView
):
serializer_class
=
serializers
.
AssetGrantedSerializer
only_fields
=
serializers
.
AssetGrantedSerializer
.
Meta
.
only_fields
...
...
This diff is collapsed.
Click to expand it.
apps/perms/api/user_permission/user_permission_nodes.py
+
0
-
3
View file @
2c208895
...
...
@@ -7,7 +7,6 @@ from rest_framework.generics import (
from
rest_framework.response
import
Response
from
rest_framework.request
import
Request
from
orgs.utils
import
tmp_to_root_org
from
assets.api.mixin
import
SerializeToTreeNodeMixin
from
common.utils
import
get_logger
from
.mixin
import
ForAdminMixin
,
ForUserMixin
,
UserNodeGrantStatusDispatchMixin
...
...
@@ -59,7 +58,6 @@ class NodeChildrenMixin:
class
BaseGrantedNodeApi
(
_GrantedNodeStructApi
,
metaclass
=
abc
.
ABCMeta
):
serializer_class
=
serializers
.
NodeGrantedSerializer
@
tmp_to_root_org
()
def
list
(
self
,
request
,
*
args
,
**
kwargs
):
rebuild_user_tree_if_need
(
request
,
self
.
user
)
nodes
=
self
.
get_nodes
()
...
...
@@ -72,7 +70,6 @@ class BaseNodeChildrenApi(NodeChildrenMixin, BaseGrantedNodeApi, metaclass=abc.A
class
BaseGrantedNodeAsTreeApi
(
SerializeToTreeNodeMixin
,
_GrantedNodeStructApi
,
metaclass
=
abc
.
ABCMeta
):
@
tmp_to_root_org
()
def
list
(
self
,
request
:
Request
,
*
args
,
**
kwargs
):
rebuild_user_tree_if_need
(
request
,
self
.
user
)
nodes
=
self
.
get_nodes
()
...
...
This diff is collapsed.
Click to expand it.
apps/perms/api/user_permission/user_permission_nodes_with_assets.py
+
0
-
3
View file @
2c208895
...
...
@@ -19,7 +19,6 @@ from ...utils.user_asset_permission import (
from
assets.models
import
Asset
,
FavoriteAsset
from
assets.api
import
SerializeToTreeNodeMixin
from
orgs.utils
import
tmp_to_root_org
from
...hands
import
Node
logger
=
get_logger
(
__name__
)
...
...
@@ -28,7 +27,6 @@ logger = get_logger(__name__)
class
MyGrantedNodesWithAssetsAsTreeApi
(
SerializeToTreeNodeMixin
,
ListAPIView
):
permission_classes
=
(
IsValidUser
,)
@
tmp_to_root_org
()
def
list
(
self
,
request
:
Request
,
*
args
,
**
kwargs
):
"""
此算法依赖 UserGrantedMappingNode
...
...
@@ -102,7 +100,6 @@ class UserGrantedNodeChildrenWithAssetsAsTreeForAdminApi(ForAdminMixin, UserNode
if
node
:
return
node
.
key
@
tmp_to_root_org
()
def
list
(
self
,
request
:
Request
,
*
args
,
**
kwargs
):
key
=
self
.
request
.
query_params
.
get
(
'key'
)
if
key
is
None
:
...
...
This diff is collapsed.
Click to expand it.
apps/perms/urls/asset_permission.py
+
2
-
4
View file @
2c208895
...
...
@@ -19,11 +19,9 @@ user_permission_urlpatterns = [
# 直接授权:在 `AssetPermission` 中关联的对象
# ---------------------------------------------------------
# 获取用户所有直接授权的资产
# 以 serializer 格式返回
path
(
'<uuid:pk>/assets/'
,
api
.
User
Direct
GrantedAssets
ForAdmin
Api
.
as_view
(),
name
=
'user-assets'
),
path
(
'assets/'
,
api
.
My
DirectGrantedAssets
Api
.
as_view
(),
name
=
'my-assets'
),
path
(
'<uuid:pk>/assets/'
,
api
.
User
All
GrantedAssetsApi
.
as_view
(),
name
=
'user-assets'
),
path
(
'assets/'
,
api
.
My
AllAssetsAsTree
Api
.
as_view
(),
name
=
'my-assets'
),
# Tree Node 的数据格式返回
path
(
'<uuid:pk>/assets/tree/'
,
api
.
UserDirectGrantedAssetsAsTreeForAdminApi
.
as_view
(),
name
=
'user-assets-as-tree'
),
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment