feat: asset permission support exclude some account

* perf: add perm exclude * perf: exclude node action account * perf: add i18n * perf: pop exclude account --------- Co-authored-by: mikebofs <mikebofs@gmail.com>
2025-08-28 19:11:19 +00:00 · 2025-08-26 14:57:57 +08:00 · 2025-08-26 14:57:57 +08:00 · 1372fd7535
commit 1372fd7535
parent 3b0ef4cca7
3 changed files with 35 additions and 12 deletions
--- a/apps/i18n/lina/en.json
+++ b/apps/i18n/lina/en.json
@ -102,7 +102,7 @@
    "Aliyun": "Alibaba cloud",
    "All": "All",
    "AllAccountTip": "All accounts already added on the asset",
-    "AllAccounts": "All existing accounts",
+    "AllAccounts": "All accounts",
    "AllClickRead": "Mark all as read",
    "AllMembers": "All members",
    "AllowInvalidCert": "Ignore certificate check",
@ -575,6 +575,7 @@
    "Exclude": "Does not include",
    "ExcludeAsset": "Skipped assets",
    "ExcludeSymbol": "Exclude char",
+    "ExcludeAccount": "Exclude accounts",
    "ExecCloudSyncErrorMsg": "The cloud account configuration is incomplete, please update and try again.",
    "Execute": "Execute",
    "ExecuteAfterSaving": "Execute after saving",
@ -1616,4 +1617,4 @@
    "setVariable": "Set variable",
    "userId": "User ID",
    "userName": "User name"
-}
+}
--- a/apps/i18n/lina/zh.json
+++ b/apps/i18n/lina/zh.json
@ -574,6 +574,7 @@
    "Exclude": "不包含",
    "ExcludeAsset": "跳过的资产",
    "ExcludeSymbol": "排除字符",
+    "ExcludeAccount": "排除账号",
    "ExecCloudSyncErrorMsg": "云账号配置不完整，请更新后重试",
    "Execute": "执行",
    "ExecuteAfterSaving": "保存后执行",
@ -1624,5 +1625,8 @@
    "removeWarningMsg": "你确定要移除",
    "setVariable": "设置参数",
    "userId": "用户ID",
-    "userName": "用户名"
-}
+    "userName": "用户名",
+    "ExportAsPDF": "导出 PDF",
+    "EMailReport": "发送邮件报告",
+    "Print": "打印"
+}
--- a/apps/perms/utils/asset_perm.py
+++ b/apps/perms/utils/asset_perm.py
@ -85,15 +85,33 @@ class PermAssetDetailUtil:

        # @ALL 账号先处理，后面的每个最多映射一个账号
        all_action_bit = alias_action_bit_mapper.pop(AliasAccount.ALL, None)
-        if not all_action_bit:
-            return alias_action_bit_mapper, alias_date_expired_mapper
+        if all_action_bit:
+            asset_account_usernames = asset.all_valid_accounts.values_list('username', flat=True)
+            for username in asset_account_usernames:
+                alias_action_bit_mapper[username] |= all_action_bit
+                alias_date_expired_mapper[username].extend(
+                    alias_date_expired_mapper[AliasAccount.ALL]
+                )
+
+        # 排除某些账号的权限
+        exclude_alias_action_mapper = {
+            alias: action 
+            for alias, action in alias_action_bit_mapper.items() 
+            if alias.startswith('!')
+        }
+
+        for alias, action in exclude_alias_action_mapper.items():
+            alias_action_bit_mapper.pop(alias, None)
+            account = alias.lstrip('!')
+            alias_action_bit_mapper[account] -= action
+            
+        # 排除掉没有 action 的账号
+        alias_action_bit_mapper = {
+            alias: action_bit
+            for alias, action_bit in alias_action_bit_mapper.items()
+            if action_bit
+        }

-        asset_account_usernames = asset.all_valid_accounts.values_list('username', flat=True)
-        for username in asset_account_usernames:
-            alias_action_bit_mapper[username] |= all_action_bit
-            alias_date_expired_mapper[username].extend(
-                alias_date_expired_mapper[AliasAccount.ALL]
-            )
        return alias_action_bit_mapper, alias_date_expired_mapper

    @classmethod