perf: 修改用户权限

3e3835dc · ibuler · 老广 · f4ed4e11 · 3e3835dc · 3e3835dc
Commit 3e3835dc authored 3 years ago by ibuler Committed by 老广 3 years ago
Hide whitespace changes
Inline Side-by-side

Showing

with 12 additions and 9 deletions
+12 -9
--- a/apps/authentication/migrations/0010_temptoken.py
+++ b/apps/authentication/migrations/0010_temptoken.py
@@ -23,7 +23,7 @@ class Migration(migrations.Migration):
                ('secret', models.CharField(max_length=64, verbose_name='Secret')),
                ('verified', models.BooleanField(default=False, verbose_name='Verified')),
                ('date_verified', models.DateTimeField(null=True, verbose_name='Date verified')),
-                ('date_expired', models.DateTimeField(verbose_name='Date verified')),
+                ('date_expired', models.DateTimeField(verbose_name='Date expired')),
            ],
            options={
                'verbose_name': 'Temporary token',

--- a/apps/rbac/builtin.py
+++ b/apps/rbac/builtin.py
@@ -2,6 +2,13 @@ from django.utils.translation import ugettext_noop

 from .const import Scope, system_exclude_permissions, org_exclude_permissions

+system_user_perms = (
+    ('authentication', 'connectiontoken', 'add', 'connectiontoken'),
+    ('authentication', 'temptoken', 'add', 'temptoken'),
+    ('tickets', 'ticket', 'view', 'ticket'),
+    ('orgs', 'organization', 'view', 'rootorg'),
+)
+
 # Todo: 获取应该区分 系统用户，和组织用户的权限
 # 工作台也区分组织后再考虑
 user_perms = (
@@ -15,10 +22,6 @@ user_perms = (
    ('assets', 'node', 'match', 'node'),
    ('applications', 'application', 'match', 'application'),
    ('ops', 'commandexecution', 'add', 'commandexecution'),
-    ('authentication', 'connectiontoken', 'add', 'connectiontoken'),
-    ('authentication', 'temptoken', 'add', 'temptoken'),
-    ('tickets', 'ticket', 'view', 'ticket'),
-    ('orgs', 'organization', 'view', 'rootorg'),
 )

 auditor_perms = user_perms + (
@@ -104,7 +107,7 @@ class BuiltinRole:
        '4', ugettext_noop('SystemComponent'), Scope.system, app_exclude_perms, 'exclude'
    )
    system_user = PredefineRole(
-        '3', ugettext_noop('User'), Scope.system, user_perms
+        '3', ugettext_noop('User'), Scope.system, system_user_perms
    )
    org_admin = PredefineRole(
        '5', ugettext_noop('OrgAdmin'), Scope.org, []

--- a/apps/terminal/migrations/0048_endpoint_endpointrule.py
+++ b/apps/terminal/migrations/0048_endpoint_endpointrule.py
@@ -20,7 +20,7 @@ def migrate_endpoints(apps, schema_editor):
        'http_port': 0,
        'created_by': 'System'
    }
-    default_endpoint = Endpoint.objects.create(**default_data)
+    Endpoint.objects.create(**default_data)

    if not settings.XRDP_ENABLED:
        return
@@ -81,8 +81,8 @@ class Migration(migrations.Migration):
                ('date_created', models.DateTimeField(auto_now_add=True, null=True, verbose_name='Date created')),
                ('date_updated', models.DateTimeField(auto_now=True, verbose_name='Date updated')),
                ('id', models.UUIDField(default=uuid.uuid4, primary_key=True, serialize=False)),
-                ('name', models.CharField(max_length=128, unique=True, blank=True, verbose_name='Name')),
-                ('host', models.CharField(max_length=256, verbose_name='Host')),
+                ('name', models.CharField(max_length=128, unique=True, verbose_name='Name')),
+                ('host', models.CharField(max_length=256, verbose_name='Host', blank=True)),
                ('https_port', common.fields.model.PortField(default=443, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(65535)], verbose_name='HTTPS Port')),
                ('http_port', common.fields.model.PortField(default=80, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(65535)], verbose_name='HTTP Port')),
                ('ssh_port', common.fields.model.PortField(default=2222, validators=[django.core.validators.MinValueValidator(0), django.core.validators.MaxValueValidator(65535)], verbose_name='SSH Port')),