mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-09-20 02:51:27 +00:00
perf(project): 优化命名的风格 (#5693)
perf: 修改错误的地 perf: 优化写错的几个 Co-authored-by: ibuler <ibuler@qq.com>
This commit is contained in:
fit2bot
GitHub
@@ -12,7 +12,7 @@ from orgs.utils import tmp_to_root_org
|
||||
from applications.models import Application
|
||||
from perms.utils.application.permission import (
|
||||
has_application_system_permission,
|
||||
get_application_system_users_id
|
||||
get_application_system_user_ids
|
||||
)
|
||||
from perms.api.asset.user_permission.mixin import RoleAdminMixin, RoleUserMixin
|
||||
from common.permissions import IsOrgAdminOrAppUser
|
||||
@@ -32,14 +32,14 @@ class GrantedApplicationSystemUsersMixin(ListAPIView):
|
||||
only_fields = serializers.ApplicationSystemUserSerializer.Meta.only_fields
|
||||
user: None
|
||||
|
||||
def get_application_system_users_id(self, application):
|
||||
return get_application_system_users_id(self.user, application)
|
||||
def get_application_system_user_ids(self, application):
|
||||
return get_application_system_user_ids(self.user, application)
|
||||
|
||||
def get_queryset(self):
|
||||
application_id = self.kwargs.get('application_id')
|
||||
application = get_object_or_404(Application, id=application_id)
|
||||
system_users_id = self.get_application_system_users_id(application)
|
||||
system_users = SystemUser.objects.filter(id__in=system_users_id)\
|
||||
system_user_ids = self.get_application_system_user_ids(application)
|
||||
system_users = SystemUser.objects.filter(id__in=system_user_ids)\
|
||||
.only(*self.only_fields).order_by('priority')
|
||||
return system_users
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ from perms.models import AssetPermission
|
||||
from assets.models import Asset, Node
|
||||
from perms.api.asset import user_permission as uapi
|
||||
from perms import serializers
|
||||
from perms.utils.asset.permission import get_asset_system_users_id_with_actions_by_group
|
||||
from perms.utils.asset.permission import get_asset_system_user_ids_with_actions_by_group
|
||||
from assets.api.mixin import SerializeToTreeNodeMixin
|
||||
from users.models import UserGroup
|
||||
|
||||
@@ -41,12 +41,12 @@ class UserGroupGrantedAssetsApi(ListAPIView):
|
||||
def get_queryset(self):
|
||||
user_group_id = self.kwargs.get('pk', '')
|
||||
|
||||
asset_perms_id = list(AssetPermission.objects.valid().filter(
|
||||
asset_perm_ids = list(AssetPermission.objects.valid().filter(
|
||||
user_groups__id=user_group_id
|
||||
).distinct().values_list('id', flat=True))
|
||||
|
||||
granted_node_keys = Node.objects.filter(
|
||||
granted_by_permissions__id__in=asset_perms_id,
|
||||
granted_by_permissions__id__in=asset_perm_ids,
|
||||
).distinct().values_list('key', flat=True)
|
||||
|
||||
granted_q = Q()
|
||||
@@ -54,7 +54,7 @@ class UserGroupGrantedAssetsApi(ListAPIView):
|
||||
granted_q |= Q(nodes__key__startswith=f'{_key}:')
|
||||
granted_q |= Q(nodes__key=_key)
|
||||
|
||||
granted_q |= Q(granted_by_permissions__id__in=asset_perms_id)
|
||||
granted_q |= Q(granted_by_permissions__id__in=asset_perm_ids)
|
||||
|
||||
assets = Asset.objects.filter(
|
||||
granted_q
|
||||
@@ -89,12 +89,12 @@ class UserGroupGrantedNodeAssetsApi(ListAPIView):
|
||||
)
|
||||
return assets
|
||||
else:
|
||||
asset_perms_id = list(AssetPermission.objects.valid().filter(
|
||||
asset_perm_ids = list(AssetPermission.objects.valid().filter(
|
||||
user_groups__id=user_group_id
|
||||
).distinct().values_list('id', flat=True))
|
||||
|
||||
granted_node_keys = Node.objects.filter(
|
||||
granted_by_permissions__id__in=asset_perms_id,
|
||||
granted_by_permissions__id__in=asset_perm_ids,
|
||||
key__startswith=f'{node.key}:'
|
||||
).distinct().values_list('key', flat=True)
|
||||
|
||||
@@ -104,7 +104,7 @@ class UserGroupGrantedNodeAssetsApi(ListAPIView):
|
||||
granted_node_q |= Q(nodes__key=_key)
|
||||
|
||||
granted_asset_q = (
|
||||
Q(granted_by_permissions__id__in=asset_perms_id) &
|
||||
Q(granted_by_permissions__id__in=asset_perm_ids) &
|
||||
(
|
||||
Q(nodes__key__startswith=f'{node.key}:') |
|
||||
Q(nodes__key=node.key)
|
||||
@@ -148,16 +148,16 @@ class UserGroupGrantedNodeChildrenAsTreeApi(SerializeToTreeNodeMixin, ListAPIVie
|
||||
group_id = self.kwargs.get('pk')
|
||||
node_key = self.request.query_params.get('key', None)
|
||||
|
||||
asset_perms_id = list(AssetPermission.objects.valid().filter(
|
||||
asset_perm_ids = list(AssetPermission.objects.valid().filter(
|
||||
user_groups__id=group_id
|
||||
).distinct().values_list('id', flat=True))
|
||||
|
||||
granted_keys = Node.objects.filter(
|
||||
granted_by_permissions__id__in=asset_perms_id
|
||||
granted_by_permissions__id__in=asset_perm_ids
|
||||
).values_list('key', flat=True)
|
||||
|
||||
asset_granted_keys = Node.objects.filter(
|
||||
assets__granted_by_permissions__id__in=asset_perms_id
|
||||
assets__granted_by_permissions__id__in=asset_perm_ids
|
||||
).values_list('key', flat=True)
|
||||
|
||||
if node_key is None:
|
||||
@@ -188,5 +188,5 @@ class UserGroupGrantedNodeChildrenAsTreeApi(SerializeToTreeNodeMixin, ListAPIVie
|
||||
|
||||
|
||||
class UserGroupGrantedAssetSystemUsersApi(UserGroupMixin, uapi.UserGrantedAssetSystemUsersForAdminApi):
|
||||
def get_asset_system_users_id_with_actions(self, asset):
|
||||
return get_asset_system_users_id_with_actions_by_group(self.group, asset)
|
||||
def get_asset_system_user_ids_with_actions(self, asset):
|
||||
return get_asset_system_user_ids_with_actions_by_group(self.group, asset)
|
||||
|
||||
@@ -10,7 +10,7 @@ from rest_framework.generics import (
|
||||
)
|
||||
|
||||
from orgs.utils import tmp_to_root_org
|
||||
from perms.utils.asset.permission import get_asset_system_users_id_with_actions_by_user
|
||||
from perms.utils.asset.permission import get_asset_system_user_ids_with_actions_by_user
|
||||
from common.permissions import IsOrgAdminOrAppUser, IsOrgAdmin, IsValidUser
|
||||
from common.utils import get_logger, lazyproperty
|
||||
|
||||
@@ -53,7 +53,7 @@ class GetUserAssetPermissionActionsApi(RetrieveAPIView):
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
system_user = get_object_or_404(SystemUser, id=system_id)
|
||||
|
||||
system_users_actions = get_asset_system_users_id_with_actions_by_user(self.get_user(), asset)
|
||||
system_users_actions = get_asset_system_user_ids_with_actions_by_user(self.get_user(), asset)
|
||||
actions = system_users_actions.get(system_user.id)
|
||||
return {"actions": actions}
|
||||
|
||||
@@ -84,7 +84,7 @@ class ValidateUserAssetPermissionApi(APIView):
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
system_user = get_object_or_404(SystemUser, id=system_id)
|
||||
|
||||
system_users_actions = get_asset_system_users_id_with_actions_by_user(self.get_user(), asset)
|
||||
system_users_actions = get_asset_system_user_ids_with_actions_by_user(self.get_user(), asset)
|
||||
actions = system_users_actions.get(system_user.id)
|
||||
if actions is None:
|
||||
return Response({'msg': False}, status=403)
|
||||
@@ -111,15 +111,15 @@ class UserGrantedAssetSystemUsersForAdminApi(ListAPIView):
|
||||
user_id = self.kwargs.get('pk')
|
||||
return User.objects.get(id=user_id)
|
||||
|
||||
def get_asset_system_users_id_with_actions(self, asset):
|
||||
return get_asset_system_users_id_with_actions_by_user(self.user, asset)
|
||||
def get_asset_system_user_ids_with_actions(self, asset):
|
||||
return get_asset_system_user_ids_with_actions_by_user(self.user, asset)
|
||||
|
||||
def get_queryset(self):
|
||||
asset_id = self.kwargs.get('asset_id')
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
system_users_with_actions = self.get_asset_system_users_id_with_actions(asset)
|
||||
system_users_id = system_users_with_actions.keys()
|
||||
system_users = SystemUser.objects.filter(id__in=system_users_id)\
|
||||
system_users_with_actions = self.get_asset_system_user_ids_with_actions(asset)
|
||||
system_user_ids = system_users_with_actions.keys()
|
||||
system_users = SystemUser.objects.filter(id__in=system_user_ids)\
|
||||
.only(*self.serializer_class.Meta.only_fields) \
|
||||
.order_by('priority')
|
||||
system_users = list(system_users)
|
||||
|
||||
@@ -52,8 +52,8 @@ class MyGrantedNodesWithAssetsAsTreeApi(SerializeToTreeNodeMixin, ListAPIView):
|
||||
data.extend(self.serialize_assets(favorite_assets))
|
||||
|
||||
@timeit
|
||||
def add_node_filtered_by_system_user(self, data: list, user, asset_perms_id):
|
||||
utils = UserGrantedTreeBuildUtils(user, asset_perms_id)
|
||||
def add_node_filtered_by_system_user(self, data: list, user, asset_perm_ids):
|
||||
utils = UserGrantedTreeBuildUtils(user, asset_perm_ids)
|
||||
nodes = utils.get_whole_tree_nodes()
|
||||
data.extend(self.serialize_nodes(nodes, with_asset_amount=True))
|
||||
|
||||
@@ -77,23 +77,23 @@ class MyGrantedNodesWithAssetsAsTreeApi(SerializeToTreeNodeMixin, ListAPIView):
|
||||
|
||||
user = request.user
|
||||
data = []
|
||||
asset_perms_id = get_user_all_asset_perm_ids(user)
|
||||
asset_perm_ids = get_user_all_asset_perm_ids(user)
|
||||
|
||||
system_user_id = request.query_params.get('system_user')
|
||||
if system_user_id:
|
||||
asset_perms_id = list(AssetPermission.objects.valid().filter(
|
||||
id__in=asset_perms_id, system_users__id=system_user_id, actions__gt=0
|
||||
asset_perm_ids = list(AssetPermission.objects.valid().filter(
|
||||
id__in=asset_perm_ids, system_users__id=system_user_id, actions__gt=0
|
||||
).values_list('id', flat=True).distinct())
|
||||
|
||||
nodes_query_utils = UserGrantedNodesQueryUtils(user, asset_perms_id)
|
||||
assets_query_utils = UserGrantedAssetsQueryUtils(user, asset_perms_id)
|
||||
nodes_query_utils = UserGrantedNodesQueryUtils(user, asset_perm_ids)
|
||||
assets_query_utils = UserGrantedAssetsQueryUtils(user, asset_perm_ids)
|
||||
|
||||
self.add_ungrouped_resource(data, nodes_query_utils, assets_query_utils)
|
||||
self.add_favorite_resource(data, nodes_query_utils, assets_query_utils)
|
||||
|
||||
if system_user_id:
|
||||
# 有系统用户筛选的需要重新计算树结构
|
||||
self.add_node_filtered_by_system_user(data, user, asset_perms_id)
|
||||
self.add_node_filtered_by_system_user(data, user, asset_perm_ids)
|
||||
else:
|
||||
all_nodes = nodes_query_utils.get_whole_tree_nodes(with_special=False)
|
||||
data.extend(self.serialize_nodes(all_nodes, with_asset_amount=True))
|
||||
|
||||
@@ -16,9 +16,9 @@ class SystemUserPermission(generics.ListAPIView):
|
||||
def get_queryset(self):
|
||||
user = self.request.user
|
||||
|
||||
asset_perms_id = get_user_all_asset_perm_ids(user)
|
||||
asset_perm_ids = get_user_all_asset_perm_ids(user)
|
||||
queryset = SystemUser.objects.filter(
|
||||
granted_by_permissions__id__in=asset_perms_id
|
||||
granted_by_permissions__id__in=asset_perm_ids
|
||||
).distinct()
|
||||
|
||||
return queryset
|
||||
|
||||
@@ -65,9 +65,9 @@ class ApplicationPermission(BasePermission):
|
||||
return self.system_users.count()
|
||||
|
||||
def get_all_users(self):
|
||||
users_id = self.users.all().values_list('id', flat=True)
|
||||
user_groups_id = self.user_groups.all().values_list('id', flat=True)
|
||||
user_ids = self.users.all().values_list('id', flat=True)
|
||||
user_group_ids = self.user_groups.all().values_list('id', flat=True)
|
||||
users = User.objects.filter(
|
||||
Q(id__in=users_id) | Q(groups__id__in=user_groups_id)
|
||||
Q(id__in=user_ids) | Q(groups__id__in=user_group_ids)
|
||||
)
|
||||
return users
|
||||
|
||||
@@ -137,10 +137,10 @@ class AssetPermission(BasePermission):
|
||||
def get_all_assets(self):
|
||||
from assets.models import Node
|
||||
nodes_keys = self.nodes.all().values_list('key', flat=True)
|
||||
assets_ids = set(self.assets.all().values_list('id', flat=True))
|
||||
nodes_assets_ids = Node.get_nodes_all_assets_ids_by_keys(nodes_keys)
|
||||
assets_ids.update(nodes_assets_ids)
|
||||
assets = Asset.objects.filter(id__in=assets_ids)
|
||||
asset_ids = set(self.assets.all().values_list('id', flat=True))
|
||||
nodes_asset_ids = Node.get_nodes_all_asset_ids_by_keys(nodes_keys)
|
||||
asset_ids.update(nodes_asset_ids)
|
||||
assets = Asset.objects.filter(id__in=asset_ids)
|
||||
return assets
|
||||
|
||||
|
||||
|
||||
@@ -99,14 +99,14 @@ class BasePermission(OrgModelMixin):
|
||||
|
||||
def get_all_users(self):
|
||||
from users.models import User
|
||||
users_id = self.users.all().values_list('id', flat=True)
|
||||
groups_id = self.user_groups.all().values_list('id', flat=True)
|
||||
user_ids = self.users.all().values_list('id', flat=True)
|
||||
group_ids = self.user_groups.all().values_list('id', flat=True)
|
||||
|
||||
users_id = list(users_id)
|
||||
groups_id = list(groups_id)
|
||||
user_ids = list(user_ids)
|
||||
group_ids = list(group_ids)
|
||||
|
||||
qs1 = User.objects.filter(id__in=users_id).distinct()
|
||||
qs2 = User.objects.filter(groups__id__in=groups_id).distinct()
|
||||
qs1 = User.objects.filter(id__in=user_ids).distinct()
|
||||
qs2 = User.objects.filter(groups__id__in=group_ids).distinct()
|
||||
|
||||
qs = UnionQuerySet(qs1, qs2)
|
||||
return qs
|
||||
|
||||
@@ -27,15 +27,15 @@ def on_user_groups_change(sender, instance, action, reverse, pk_set, **kwargs):
|
||||
|
||||
if not reverse:
|
||||
# 一个用户添加了多个用户组
|
||||
users_id = [instance.id]
|
||||
user_ids = [instance.id]
|
||||
system_users = SystemUser.objects.filter(groups__id__in=pk_set).distinct()
|
||||
else:
|
||||
# 一个用户组添加了多个用户
|
||||
users_id = pk_set
|
||||
user_ids = pk_set
|
||||
system_users = SystemUser.objects.filter(groups__id=instance.pk).distinct()
|
||||
|
||||
for system_user in system_users:
|
||||
system_user.users.add(*users_id)
|
||||
system_user.users.add(*user_ids)
|
||||
|
||||
|
||||
@receiver(m2m_changed, sender=AssetPermission.nodes.through)
|
||||
@@ -139,17 +139,17 @@ def on_application_permission_system_users_changed(sender, instance: Application
|
||||
logger.debug("Application permission system_users change signal received")
|
||||
attrs = instance.applications.all().values_list('attrs', flat=True)
|
||||
|
||||
assets_id = [attr['asset'] for attr in attrs if attr.get('asset')]
|
||||
if not assets_id:
|
||||
asset_ids = [attr['asset'] for attr in attrs if attr.get('asset')]
|
||||
if not asset_ids:
|
||||
return
|
||||
|
||||
for system_user in system_users:
|
||||
system_user.assets.add(*assets_id)
|
||||
system_user.assets.add(*asset_ids)
|
||||
if system_user.username_same_with_user:
|
||||
users_id = instance.users.all().values_list('id', flat=True)
|
||||
groups_id = instance.user_groups.all().values_list('id', flat=True)
|
||||
system_user.groups.add(*groups_id)
|
||||
system_user.users.add(*users_id)
|
||||
user_ids = instance.users.all().values_list('id', flat=True)
|
||||
group_ids = instance.user_groups.all().values_list('id', flat=True)
|
||||
system_user.groups.add(*group_ids)
|
||||
system_user.users.add(*user_ids)
|
||||
|
||||
|
||||
@receiver(m2m_changed, sender=ApplicationPermission.users.through)
|
||||
@@ -164,12 +164,12 @@ def on_application_permission_users_changed(sender, instance, action, reverse, p
|
||||
return
|
||||
|
||||
logger.debug("Application permission users change signal received")
|
||||
users_id = User.objects.filter(pk__in=pk_set).values_list('id', flat=True)
|
||||
user_ids = User.objects.filter(pk__in=pk_set).values_list('id', flat=True)
|
||||
system_users = instance.system_users.all()
|
||||
|
||||
for system_user in system_users:
|
||||
if system_user.username_same_with_user:
|
||||
system_user.users.add(*users_id)
|
||||
system_user.users.add(*user_ids)
|
||||
|
||||
|
||||
@receiver(m2m_changed, sender=ApplicationPermission.user_groups.through)
|
||||
@@ -182,12 +182,12 @@ def on_application_permission_user_groups_changed(sender, instance, action, reve
|
||||
return
|
||||
|
||||
logger.debug("Application permission user groups change signal received")
|
||||
groups_id = UserGroup.objects.filter(pk__in=pk_set).values_list('id', flat=True)
|
||||
group_ids = UserGroup.objects.filter(pk__in=pk_set).values_list('id', flat=True)
|
||||
system_users = instance.system_users.all()
|
||||
|
||||
for system_user in system_users:
|
||||
if system_user.username_same_with_user:
|
||||
system_user.groups.add(*groups_id)
|
||||
system_user.groups.add(*group_ids)
|
||||
|
||||
|
||||
@receiver(m2m_changed, sender=ApplicationPermission.applications.through)
|
||||
@@ -202,11 +202,11 @@ def on_application_permission_applications_changed(sender, instance, action, rev
|
||||
return
|
||||
|
||||
attrs = Application.objects.filter(id__in=pk_set).values_list('attrs', flat=True)
|
||||
assets_id = [attr['asset'] for attr in attrs if attr.get('asset')]
|
||||
if not assets_id:
|
||||
asset_ids = [attr['asset'] for attr in attrs if attr.get('asset')]
|
||||
if not asset_ids:
|
||||
return
|
||||
|
||||
system_users = instance.system_users.all()
|
||||
|
||||
for system_user in system_users:
|
||||
system_user.assets.add(*assets_id)
|
||||
system_user.assets.add(*asset_ids)
|
||||
|
||||
@@ -6,7 +6,7 @@ from perms.models import ApplicationPermission
|
||||
logger = get_logger(__file__)
|
||||
|
||||
|
||||
def get_application_system_users_id(user, application):
|
||||
def get_application_system_user_ids(user, application):
|
||||
queryset = ApplicationPermission.objects.valid()\
|
||||
.filter(
|
||||
Q(users=user) | Q(user_groups__users=user),
|
||||
@@ -16,5 +16,5 @@ def get_application_system_users_id(user, application):
|
||||
|
||||
|
||||
def has_application_system_permission(user, application, system_user):
|
||||
system_users_id = get_application_system_users_id(user, application)
|
||||
return system_user.id in system_users_id
|
||||
system_user_ids = get_application_system_user_ids(user, application)
|
||||
return system_user.id in system_user_ids
|
||||
|
||||
@@ -3,7 +3,7 @@ from perms.models import ApplicationPermission
|
||||
from applications.models import Application
|
||||
|
||||
|
||||
def get_user_all_applicationpermissions_id(user):
|
||||
def get_user_all_applicationpermission_ids(user):
|
||||
application_perm_ids = ApplicationPermission.objects.valid().filter(
|
||||
Q(users=user) | Q(user_groups__users=user)
|
||||
).distinct().values_list('id', flat=True)
|
||||
@@ -11,8 +11,8 @@ def get_user_all_applicationpermissions_id(user):
|
||||
|
||||
|
||||
def get_user_granted_all_applications(user):
|
||||
application_perms_id = get_user_all_applicationpermissions_id(user)
|
||||
application_perm_ids = get_user_all_applicationpermission_ids(user)
|
||||
applications = Application.objects.filter(
|
||||
granted_by_permissions__id__in=application_perms_id
|
||||
granted_by_permissions__id__in=application_perm_ids
|
||||
).distinct()
|
||||
return applications
|
||||
|
||||
@@ -5,13 +5,12 @@ from django.db.models import Q
|
||||
from common.utils import get_logger
|
||||
from perms.models import AssetPermission
|
||||
from perms.hands import Asset, User, UserGroup, SystemUser
|
||||
from perms.models.base import BasePermissionQuerySet
|
||||
from perms.utils.asset.user_permission import get_user_all_asset_perm_ids
|
||||
|
||||
logger = get_logger(__file__)
|
||||
|
||||
|
||||
def get_asset_system_users_id_with_actions(asset_perm_ids, asset: Asset):
|
||||
def get_asset_system_user_ids_with_actions(asset_perm_ids, asset: Asset):
|
||||
nodes = asset.get_nodes()
|
||||
node_keys = set()
|
||||
for node in nodes:
|
||||
@@ -34,21 +33,21 @@ def get_asset_system_users_id_with_actions(asset_perm_ids, asset: Asset):
|
||||
return system_users_actions
|
||||
|
||||
|
||||
def get_asset_system_users_id_with_actions_by_user(user: User, asset: Asset):
|
||||
def get_asset_system_user_ids_with_actions_by_user(user: User, asset: Asset):
|
||||
asset_perm_ids = get_user_all_asset_perm_ids(user)
|
||||
return get_asset_system_users_id_with_actions(asset_perm_ids, asset)
|
||||
return get_asset_system_user_ids_with_actions(asset_perm_ids, asset)
|
||||
|
||||
|
||||
def has_asset_system_permission(user: User, asset: Asset, system_user: SystemUser):
|
||||
systemuser_actions_mapper = get_asset_system_users_id_with_actions_by_user(user, asset)
|
||||
systemuser_actions_mapper = get_asset_system_user_ids_with_actions_by_user(user, asset)
|
||||
actions = systemuser_actions_mapper.get(system_user.id, [])
|
||||
if actions:
|
||||
return True
|
||||
return False
|
||||
|
||||
|
||||
def get_asset_system_users_id_with_actions_by_group(group: UserGroup, asset: Asset):
|
||||
def get_asset_system_user_ids_with_actions_by_group(group: UserGroup, asset: Asset):
|
||||
asset_perm_ids = AssetPermission.objects.filter(
|
||||
user_groups=group
|
||||
).valid().values_list('id', flat=True).distinct()
|
||||
return get_asset_system_users_id_with_actions(asset_perm_ids, asset)
|
||||
return get_asset_system_user_ids_with_actions(asset_perm_ids, asset)
|
||||
|
||||
@@ -70,43 +70,43 @@ class UserGrantedTreeRefreshController:
|
||||
return {org_id.decode() for org_id in org_ids}
|
||||
|
||||
def set_all_orgs_as_builed(self):
|
||||
self.client.sadd(self.key, *self.orgs_id)
|
||||
self.client.sadd(self.key, *self.org_ids)
|
||||
|
||||
def have_need_refresh_orgs(self):
|
||||
builded_org_ids = self.client.smembers(self.key)
|
||||
builded_org_ids = {org_id.decode() for org_id in builded_org_ids}
|
||||
have = self.orgs_id - builded_org_ids
|
||||
have = self.org_ids - builded_org_ids
|
||||
return have
|
||||
|
||||
def get_need_refresh_orgs_and_fill_up(self):
|
||||
orgs_id = self.orgs_id
|
||||
org_ids = self.org_ids
|
||||
|
||||
with self.client.pipeline() as p:
|
||||
p.smembers(self.key)
|
||||
p.sadd(self.key, *orgs_id)
|
||||
p.sadd(self.key, *org_ids)
|
||||
ret = p.execute()
|
||||
builded_orgs_id = {org_id.decode() for org_id in ret[0]}
|
||||
ids = orgs_id - builded_orgs_id
|
||||
builded_org_ids = {org_id.decode() for org_id in ret[0]}
|
||||
ids = org_ids - builded_org_ids
|
||||
orgs = {*Organization.objects.filter(id__in=ids)}
|
||||
logger.info(f'Need rebuild orgs are {orgs}, builed orgs are {ret[0]}, all orgs are {orgs_id}')
|
||||
logger.info(f'Need rebuild orgs are {orgs}, builed orgs are {ret[0]}, all orgs are {org_ids}')
|
||||
return orgs
|
||||
|
||||
@classmethod
|
||||
@on_transaction_commit
|
||||
def remove_builed_orgs_from_users(cls, orgs_id, users_id):
|
||||
def remove_builed_orgs_from_users(cls, org_ids, user_ids):
|
||||
client = cls.get_redis_client()
|
||||
org_ids = [str(org_id) for org_id in orgs_id]
|
||||
org_ids = [str(org_id) for org_id in org_ids]
|
||||
|
||||
with client.pipeline() as p:
|
||||
for user_id in users_id:
|
||||
for user_id in user_ids:
|
||||
key = cls.key_template.format(user_id=user_id)
|
||||
p.srem(key, *org_ids)
|
||||
p.execute()
|
||||
logger.info(f'Remove orgs from users builded tree: users:{users_id} orgs:{orgs_id}')
|
||||
logger.info(f'Remove orgs from users builded tree: users:{user_ids} orgs:{org_ids}')
|
||||
|
||||
@classmethod
|
||||
def add_need_refresh_orgs_for_users(cls, orgs_id, users_id):
|
||||
cls.remove_builed_orgs_from_users(orgs_id, users_id)
|
||||
def add_need_refresh_orgs_for_users(cls, org_ids, user_ids):
|
||||
cls.remove_builed_orgs_from_users(org_ids, user_ids)
|
||||
|
||||
@classmethod
|
||||
@ensure_in_real_or_default_org
|
||||
@@ -127,15 +127,15 @@ class UserGrantedTreeRefreshController:
|
||||
ancestor_id = PermNode.objects.filter(key__in=ancestor_node_keys).values_list('id', flat=True)
|
||||
node_ids.update(ancestor_id)
|
||||
|
||||
assets_related_perms_id = AssetPermission.nodes.through.objects.filter(
|
||||
assets_related_perm_ids = AssetPermission.nodes.through.objects.filter(
|
||||
node_id__in=node_ids
|
||||
).values_list('assetpermission_id', flat=True)
|
||||
asset_perm_ids.update(assets_related_perms_id)
|
||||
asset_perm_ids.update(assets_related_perm_ids)
|
||||
|
||||
nodes_related_perms_id = AssetPermission.assets.through.objects.filter(
|
||||
nodes_related_perm_ids = AssetPermission.assets.through.objects.filter(
|
||||
asset_id__in=asset_ids
|
||||
).values_list('assetpermission_id', flat=True)
|
||||
asset_perm_ids.update(nodes_related_perms_id)
|
||||
asset_perm_ids.update(nodes_related_perm_ids)
|
||||
|
||||
cls.add_need_refresh_by_asset_perm_ids(asset_perm_ids)
|
||||
|
||||
@@ -173,7 +173,7 @@ class UserGrantedTreeRefreshController:
|
||||
)
|
||||
|
||||
@lazyproperty
|
||||
def orgs_id(self):
|
||||
def org_ids(self):
|
||||
ret = {str(org.id) for org in self.orgs}
|
||||
return ret
|
||||
|
||||
@@ -187,7 +187,7 @@ class UserGrantedTreeRefreshController:
|
||||
user = self.user
|
||||
|
||||
with tmp_to_root_org():
|
||||
UserAssetGrantedTreeNodeRelation.objects.filter(user=user).exclude(org_id__in=self.orgs_id).delete()
|
||||
UserAssetGrantedTreeNodeRelation.objects.filter(user=user).exclude(org_id__in=self.org_ids).delete()
|
||||
|
||||
if force or self.have_need_refresh_orgs():
|
||||
with UserGrantedTreeRebuildLock(user_id=user.id):
|
||||
@@ -295,10 +295,10 @@ class UserGrantedTreeBuildUtils(UserGrantedUtilsBase):
|
||||
# 查询授权资产关联的节点设置
|
||||
def process_direct_granted_assets():
|
||||
# 查询直接授权资产
|
||||
nodes_id = {node_id_str for node_id_str, _ in self.direct_granted_asset_id_node_id_str_pairs}
|
||||
node_ids = {node_id_str for node_id_str, _ in self.direct_granted_asset_id_node_id_str_pairs}
|
||||
# 查询授权资产关联的节点设置 2.80
|
||||
granted_asset_nodes = PermNode.objects.filter(
|
||||
id__in=nodes_id
|
||||
id__in=node_ids
|
||||
).distinct().only(*node_only_fields)
|
||||
granted_asset_nodes = list(granted_asset_nodes)
|
||||
|
||||
@@ -350,11 +350,11 @@ class UserGrantedTreeBuildUtils(UserGrantedUtilsBase):
|
||||
UserAssetGrantedTreeNodeRelation.objects.bulk_create(to_create)
|
||||
|
||||
@timeit
|
||||
def _fill_direct_granted_node_assets_id_from_mem(self, nodes_key, mapper):
|
||||
def _fill_direct_granted_node_asset_ids_from_mem(self, nodes_key, mapper):
|
||||
org_id = current_org.id
|
||||
for key in nodes_key:
|
||||
assets_id = PermNode.get_all_assets_id_by_node_key(org_id, key)
|
||||
mapper[key].update(assets_id)
|
||||
asset_ids = PermNode.get_all_asset_ids_by_node_key(org_id, key)
|
||||
mapper[key].update(asset_ids)
|
||||
|
||||
@lazyproperty
|
||||
def direct_granted_asset_id_node_id_str_pairs(self):
|
||||
@@ -379,7 +379,7 @@ class UserGrantedTreeBuildUtils(UserGrantedUtilsBase):
|
||||
node = nodes[0]
|
||||
if node.node_from == NodeFrom.granted and node.key.isdigit():
|
||||
with tmp_to_org(node.org):
|
||||
node.granted_assets_amount = len(node.get_all_assets_id())
|
||||
node.granted_assets_amount = len(node.get_all_asset_ids())
|
||||
return
|
||||
|
||||
direct_granted_nodes_key = []
|
||||
@@ -392,7 +392,7 @@ class UserGrantedTreeBuildUtils(UserGrantedUtilsBase):
|
||||
# 授权的节点和直接资产的映射
|
||||
nodekey_assetsid_mapper = defaultdict(set)
|
||||
# 直接授权的节点,资产从完整树过来
|
||||
self._fill_direct_granted_node_assets_id_from_mem(
|
||||
self._fill_direct_granted_node_asset_ids_from_mem(
|
||||
direct_granted_nodes_key, nodekey_assetsid_mapper
|
||||
)
|
||||
|
||||
|
||||
Reference in New Issue
Block a user