Fix rbac (#7713)

* fix: token 系统用户增加 protocol * fix: 修复清除orphan session时同时清除对应的 session_task * perf: 修改 connection token api * fix: 修复无法获取系统角色绑定的问题 * perf: 增加 db terminal 及 magnus 组件 * perf: 修改 migrations * fix: 修复AUTHENTICATION_BACKENDS相关的逻辑 * fix: 修改判断backend认证逻辑 * fix: 修复资产账号查看密码跳过mfa * fix: 修复用户组授权权限错误 * feat: 支持COS对象存储 * feat: 升级依赖 jms_storage==0.0.42 * fix: 修复 koko api 问题 * feat: 修改存储翻译信息 * perf: 修改 ticket 权限 * fix: 修复获取资产授权系统用户 get_queryset * perf: 抽取 ticket * perf: 修改 cmd filter 的权限 * fix: 修改 ticket perm * fix: 修复oidc依赖问题 Co-authored-by: Eric <xplzv@126.com> Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: 小冯 <xiaofeng@xiaofengdeMacBook-Pro.local> Co-authored-by: feng626 <1304903146@qq.com>
2025-09-22 11:58:29 +00:00 · 2022-02-28 19:28:58 +08:00
parent edfca5eb24
commit 03afa4f974
33 changed files with 294 additions and 205 deletions
--- a/apps/tickets/models/ticket.py
+++ b/apps/tickets/models/ticket.py
@@ -48,7 +48,81 @@ class TicketAssignee(CommonModelMixin):
        return '{0.assignee.name}({0.assignee.username})_{0.step}'.format(self)


-class Ticket(CommonModelMixin, OrgModelMixin):
+class StatusMixin:
+    state: str
+    status: str
+    applicant: models.ForeignKey
+    current_node: models.Manager
+
+    def set_state_approve(self):
+        self.state = TicketState.approved
+
+    def set_state_reject(self):
+        self.state = TicketState.rejected
+
+    def set_state_closed(self):
+        self.state = TicketState.closed
+
+    def set_status_closed(self):
+        self.status = TicketStatus.closed
+
+    # status
+    @property
+    def status_open(self):
+        return self.status == TicketStatus.open.value
+
+    @property
+    def status_closed(self):
+        return self.status == TicketStatus.closed.value
+
+    @property
+    def state_open(self):
+        return self.state == TicketState.open.value
+
+    @property
+    def state_approve(self):
+        return self.state == TicketState.approved.value
+
+    @property
+    def state_reject(self):
+        return self.state == TicketState.rejected.value
+
+    @property
+    def state_close(self):
+        return self.state == TicketState.closed.value
+
+    # action changed
+    def open(self, applicant):
+        self.applicant = applicant
+        self._change_action(TicketAction.open)
+
+    def approve(self, processor):
+        self.update_current_step_state_and_assignee(processor, TicketState.approved)
+        self._change_action(TicketAction.approve)
+
+    def reject(self, processor):
+        self.update_current_step_state_and_assignee(processor, TicketState.rejected)
+        self._change_action(TicketAction.reject)
+
+    def close(self, processor):
+        self.update_current_step_state_and_assignee(processor, TicketState.closed)
+        self._change_action(TicketAction.close)
+
+    def update_current_step_state_and_assignee(self, processor, state):
+        if self.status_closed:
+            raise AlreadyClosed
+        if state != TicketState.approved:
+            self.state = state
+        current_node = self.current_node
+        current_node.update(state=state)
+        current_node.first().ticket_assignees.filter(assignee=processor).update(state=state)
+
+    def _change_action(self, action):
+        self.save()
+        post_change_ticket_action.send(sender=self.__class__, ticket=self, action=action)
+
+
+class Ticket(CommonModelMixin, StatusMixin, OrgModelMixin):
    title = models.CharField(max_length=256, verbose_name=_("Title"))
    type = models.CharField(
        max_length=64, choices=TicketType.choices,
@@ -102,31 +176,6 @@ class Ticket(CommonModelMixin, OrgModelMixin):
    def type_login_confirm(self):
        return self.type == TicketType.login_confirm.value

-    # status
-    @property
-    def status_open(self):
-        return self.status == TicketStatus.open.value
-
-    @property
-    def status_closed(self):
-        return self.status == TicketStatus.closed.value
-
-    @property
-    def state_open(self):
-        return self.state == TicketState.open.value
-
-    @property
-    def state_approve(self):
-        return self.state == TicketState.approved.value
-
-    @property
-    def state_reject(self):
-        return self.state == TicketState.rejected.value
-
-    @property
-    def state_close(self):
-        return self.state == TicketState.closed.value
-
    @property
    def current_node(self):
        return self.ticket_steps.filter(level=self.approval_step)
@@ -136,18 +185,6 @@ class Ticket(CommonModelMixin, OrgModelMixin):
        processor = self.current_node.first().ticket_assignees.exclude(state=ProcessStatus.notified).first()
        return processor.assignee if processor else None

-    def set_state_approve(self):
-        self.state = TicketState.approved
-
-    def set_state_reject(self):
-        self.state = TicketState.rejected
-
-    def set_state_closed(self):
-        self.state = TicketState.closed
-
-    def set_status_closed(self):
-        self.status = TicketStatus.closed
-
    def create_related_node(self):
        org_id = self.flow.org_id
        approval_rule = self.get_current_ticket_flow_approve()
@@ -191,36 +228,6 @@ class Ticket(CommonModelMixin, OrgModelMixin):
            ticket_assignees.append(TicketAssignee(step=ticket_step, assignee=assignee))
        TicketAssignee.objects.bulk_create(ticket_assignees)

-    # action changed
-    def open(self, applicant):
-        self.applicant = applicant
-        self._change_action(TicketAction.open)
-
-    def update_current_step_state_and_assignee(self, processor, state):
-        if self.status_closed:
-            raise AlreadyClosed
-        if state != TicketState.approved:
-            self.state = state
-        current_node = self.current_node
-        current_node.update(state=state)
-        current_node.first().ticket_assignees.filter(assignee=processor).update(state=state)
-
-    def approve(self, processor):
-        self.update_current_step_state_and_assignee(processor, TicketState.approved)
-        self._change_action(TicketAction.approve)
-
-    def reject(self, processor):
-        self.update_current_step_state_and_assignee(processor, TicketState.rejected)
-        self._change_action(TicketAction.reject)
-
-    def close(self, processor):
-        self.update_current_step_state_and_assignee(processor, TicketState.closed)
-        self._change_action(TicketAction.close)
-
-    def _change_action(self, action):
-        self.save()
-        post_change_ticket_action.send(sender=self.__class__, ticket=self, action=action)
-
    def has_current_assignee(self, assignee):
        return self.ticket_steps.filter(ticket_assignees__assignee=assignee, level=self.approval_step).exists()

@@ -301,3 +308,9 @@ class Ticket(CommonModelMixin, OrgModelMixin):
                raise JMSException(detail=_('Please try again'), code='please_try_again')

            raise e
+
+
+class SuperTicket(Ticket):
+    class Meta:
+        proxy = True
+        verbose_name = _("Super ticket")