feat: asset permission support exclude some account

* perf: add perm exclude * perf: exclude node action account * perf: add i18n * perf: pop exclude account --------- Co-authored-by: mikebofs <mikebofs@gmail.com>
2025-08-29 11:23:17 +00:00 · 2025-08-26 14:57:57 +08:00 · 2025-08-26 14:57:57 +08:00 · 1372fd7535
commit 1372fd7535
parent 3b0ef4cca7
3 changed files with 35 additions and 12 deletions
--- a/apps/i18n/lina/en.json
+++ b/apps/i18n/lina/en.json
@ -102,7 +102,7 @@
    "Aliyun": "Alibaba cloud",
    "All": "All",
    "AllAccountTip": "All accounts already added on the asset",
-    "AllAccounts": "All existing accounts",
+    "AllAccounts": "All accounts",
    "AllClickRead": "Mark all as read",
    "AllMembers": "All members",
    "AllowInvalidCert": "Ignore certificate check",
@ -575,6 +575,7 @@
    "Exclude": "Does not include",
    "ExcludeAsset": "Skipped assets",
    "ExcludeSymbol": "Exclude char",
    "ExcludeAccount": "Exclude accounts",
    "ExecCloudSyncErrorMsg": "The cloud account configuration is incomplete, please update and try again.",
    "Execute": "Execute",
    "ExecuteAfterSaving": "Execute after saving",
--- a/apps/i18n/lina/zh.json
+++ b/apps/i18n/lina/zh.json
@ -574,6 +574,7 @@
    "Exclude": "不包含",
    "ExcludeAsset": "跳过的资产",
    "ExcludeSymbol": "排除字符",
    "ExcludeAccount": "排除账号",
    "ExecCloudSyncErrorMsg": "云账号配置不完整，请更新后重试",
    "Execute": "执行",
    "ExecuteAfterSaving": "保存后执行",
@ -1624,5 +1625,8 @@
    "removeWarningMsg": "你确定要移除",
    "setVariable": "设置参数",
    "userId": "用户ID",
-    "userName": "用户名"
+    "userName": "用户名",
    "ExportAsPDF": "导出 PDF",
    "EMailReport": "发送邮件报告",
    "Print": "打印"
 }
--- a/apps/perms/utils/asset_perm.py
+++ b/apps/perms/utils/asset_perm.py
@ -85,15 +85,33 @@ class PermAssetDetailUtil:
        # @ALL 账号先处理，后面的每个最多映射一个账号
        all_action_bit = alias_action_bit_mapper.pop(AliasAccount.ALL, None)
-        if not all_action_bit:
+        if all_action_bit:
            return alias_action_bit_mapper, alias_date_expired_mapper
            asset_account_usernames = asset.all_valid_accounts.values_list('username', flat=True)
            for username in asset_account_usernames:
                alias_action_bit_mapper[username] |= all_action_bit
                alias_date_expired_mapper[username].extend(
                    alias_date_expired_mapper[AliasAccount.ALL]
                )
        # 排除某些账号的权限
        exclude_alias_action_mapper = {
            alias: action 
            for alias, action in alias_action_bit_mapper.items() 
            if alias.startswith('!')
        }
        for alias, action in exclude_alias_action_mapper.items():
            alias_action_bit_mapper.pop(alias, None)
            account = alias.lstrip('!')
            alias_action_bit_mapper[account] -= action
        # 排除掉没有 action 的账号
        alias_action_bit_mapper = {
            alias: action_bit
            for alias, action_bit in alias_action_bit_mapper.items()
            if action_bit
        }
        return alias_action_bit_mapper, alias_date_expired_mapper
    @classmethod