From 0fec70fe69c245ad98f4ff2a8644cffc50c5d887 Mon Sep 17 00:00:00 2001 From: Bai Date: Mon, 12 Jul 2021 10:28:29 +0800 Subject: [PATCH 1/5] =?UTF-8?q?feat:=20=E6=B7=BB=E5=8A=A0=E7=A7=BB?= =?UTF-8?q?=E9=99=A4AssetUser=20Model=E7=9A=84migrations?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/migrations/0076_delete_assetuser.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 apps/assets/migrations/0076_delete_assetuser.py diff --git a/apps/assets/migrations/0076_delete_assetuser.py b/apps/assets/migrations/0076_delete_assetuser.py new file mode 100644 index 000000000..75fdebd7f --- /dev/null +++ b/apps/assets/migrations/0076_delete_assetuser.py @@ -0,0 +1,16 @@ +# Generated by Django 3.1.6 on 2021-07-12 02:25 + +from django.db import migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('assets', '0075_auto_20210705_1759'), + ] + + operations = [ + migrations.DeleteModel( + name='AssetUser', + ), + ] From 2494418208b0047aeb1379b7a554ca0d62e655f6 Mon Sep 17 00:00:00 2001 From: xinwen Date: Mon, 12 Jul 2021 17:54:08 +0800 Subject: [PATCH 2/5] =?UTF-8?q?fix:=20=E7=94=A8=E6=88=B7=E7=BB=84=E5=88=A0?= =?UTF-8?q?=E9=99=A4=E6=97=B6=EF=BC=8C=E6=8E=88=E6=9D=83=E6=A0=91=E4=B8=8D?= =?UTF-8?q?=E4=BC=9A=E8=87=AA=E5=8A=A8=E6=9B=B4=E6=96=B0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/signals_handler/refresh_perms.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/apps/perms/signals_handler/refresh_perms.py b/apps/perms/signals_handler/refresh_perms.py index 54edc7241..fc2d0da1c 100644 --- a/apps/perms/signals_handler/refresh_perms.py +++ b/apps/perms/signals_handler/refresh_perms.py @@ -16,6 +16,17 @@ from perms.utils.asset.user_permission import UserGrantedTreeRefreshController logger = get_logger(__file__) +@receiver(pre_delete, sender=UserGroup) +def on_user_group_delete(sender, instance: UserGroup, using, **kwargs): + exists = AssetPermission.user_groups.through.objects.filter(usergroup_id=instance.id).exists() + if not exists: + return + + org_id = instance.org_id + user_ids = UserGroup.users.through.objects.filter(usergroup_id=instance.id).values_list('user_id', flat=True) + UserGrantedTreeRefreshController.add_need_refresh_orgs_for_users([org_id], list(user_ids)) + + @receiver(m2m_changed, sender=User.groups.through) def on_user_groups_change(sender, instance, action, reverse, pk_set, **kwargs): if not action.startswith('post'): From 898b51c5937d9ead734d26d3e03fac12fffe9fc6 Mon Sep 17 00:00:00 2001 From: ibuler Date: Mon, 12 Jul 2021 15:55:29 +0800 Subject: [PATCH 3/5] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E8=B4=A6=E5=8F=B7?= =?UTF-8?q?=E6=90=9C=E7=B4=A2=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/assets/api/accounts.py | 36 +++++++++++++++++++++++--- apps/assets/models/asset.py | 6 +++++ apps/assets/serializers/asset.py | 2 +- apps/assets/serializers/system_user.py | 4 +-- 4 files changed, 42 insertions(+), 6 deletions(-) diff --git a/apps/assets/api/accounts.py b/apps/assets/api/accounts.py index ff40d2788..c6d85d541 100644 --- a/apps/assets/api/accounts.py +++ b/apps/assets/api/accounts.py @@ -1,10 +1,12 @@ -from django.db.models import F +from django.db.models import F, Q from django.conf import settings from rest_framework.decorators import action +from django_filters import rest_framework as filters from rest_framework.response import Response from orgs.mixins.api import OrgBulkModelViewSet from common.permissions import IsOrgAdmin, IsOrgAdminOrAppUser, NeedMFAVerify +from common.drf.filters import BaseFilterSet from ..tasks.account_connectivity import test_accounts_connectivity_manual from ..models import AuthBook from .. import serializers @@ -12,10 +14,38 @@ from .. import serializers __all__ = ['AccountViewSet', 'AccountSecretsViewSet'] +class AccountFilterSet(BaseFilterSet): + username = filters.CharFilter(method='do_nothing') + ip = filters.CharFilter(field_name='ip', lookup_expr='exact') + hostname = filters.CharFilter(field_name='hostname', lookup_expr='exact') + + @property + def qs(self): + qs = super().qs + qs = self.filter_username(qs) + return qs + + def filter_username(self, qs): + username = self.get_query_param('username') + if not username: + return qs + qs = qs.filter(Q(username=username) | Q(systemuser__username=username)).distinct() + return qs + + class Meta: + model = AuthBook + fields = [ + 'asset', 'systemuser', 'id', + ] + +from rest_framework.filters import SearchFilter + + class AccountViewSet(OrgBulkModelViewSet): model = AuthBook - filterset_fields = ("username", "asset", "systemuser") - search_fields = filterset_fields + filterset_fields = ("username", "asset", "systemuser", 'ip', 'hostname') + search_fields = ('username', 'ip', 'hostname', 'systemuser__username') + filterset_class = AccountFilterSet serializer_classes = { 'default': serializers.AccountSerializer, 'verify_account': serializers.AssetTaskSerializer diff --git a/apps/assets/models/asset.py b/apps/assets/models/asset.py index 1e5d82099..6bb46fc7c 100644 --- a/apps/assets/models/asset.py +++ b/apps/assets/models/asset.py @@ -237,6 +237,12 @@ class Asset(AbsConnectivity, ProtocolsMixin, NodesRelationMixin, OrgModelMixin): raise ValidationError('System user should be type admin') system_user.assets.add(self) + @property + def admin_user_display(self): + if not self.admin_user: + return '' + return str(self.admin_user) + def remove_admin_user(self): from ..models import AuthBook AuthBook.objects.filter(asset=self, systemuser__type='admin').delete() diff --git a/apps/assets/serializers/asset.py b/apps/assets/serializers/asset.py index 7fc2d3105..b2a65fad7 100644 --- a/apps/assets/serializers/asset.py +++ b/apps/assets/serializers/asset.py @@ -83,7 +83,7 @@ class AssetSerializer(BulkOrgResourceModelSerializer): 'hardware_info', 'connectivity', 'date_verified' ] fields_fk = [ - 'domain', 'domain_display', 'platform', 'admin_user' + 'domain', 'domain_display', 'platform', 'admin_user', 'admin_user_display' ] fields_m2m = [ 'nodes', 'nodes_display', 'labels', diff --git a/apps/assets/serializers/system_user.py b/apps/assets/serializers/system_user.py index a9a9f763b..abb70c47c 100644 --- a/apps/assets/serializers/system_user.py +++ b/apps/assets/serializers/system_user.py @@ -234,7 +234,7 @@ class SystemUserSimpleSerializer(serializers.ModelSerializer): class RelationMixin(BulkSerializerMixin, serializers.Serializer): - systemuser_display = serializers.ReadOnlyField() + systemuser_display = serializers.ReadOnlyField(label=_("System user")) def get_field_names(self, declared_fields, info): fields = super().get_field_names(declared_fields, info) @@ -243,7 +243,7 @@ class RelationMixin(BulkSerializerMixin, serializers.Serializer): class SystemUserAssetRelationSerializer(RelationMixin, serializers.ModelSerializer): - asset_display = serializers.ReadOnlyField() + asset_display = serializers.ReadOnlyField(label=_('Asset')) class Meta: model = SystemUser.assets.through From 4f23090a5cfc0fdf9755316935e7c7e5a31f6e79 Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Mon, 12 Jul 2021 18:20:32 +0800 Subject: [PATCH 4/5] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E8=B4=A6=E5=8F=B7?= =?UTF-8?q?=E6=90=9C=E7=B4=A2=205xx=20(#6413)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: ibuler Co-authored-by: Jiangjie.Bai <32935519+BaiJiangJie@users.noreply.github.com> --- apps/assets/models/authbook.py | 6 ++++++ apps/assets/serializers/account.py | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/apps/assets/models/authbook.py b/apps/assets/models/authbook.py index cf72d37b0..493ed1126 100644 --- a/apps/assets/models/authbook.py +++ b/apps/assets/models/authbook.py @@ -63,6 +63,12 @@ class AuthBook(BaseUser, AbsConnectivity): def username_display(self): return self.get_or_systemuser_attr('username') or '*' + @property + def systemuser_display(self): + if not self.systemuser: + return '' + return str(self.systemuser) + @property def smart_name(self): username = self.username_display diff --git a/apps/assets/serializers/account.py b/apps/assets/serializers/account.py index 5f26b7d32..49fac52ac 100644 --- a/apps/assets/serializers/account.py +++ b/apps/assets/serializers/account.py @@ -17,7 +17,7 @@ class AccountSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer): fields_write_only = ['password', 'private_key', "public_key"] fields_other = ['date_created', 'date_updated', 'connectivity', 'date_verified', 'comment'] fields_small = fields_mini + fields_write_only + fields_other - fields_fk = ['asset', 'systemuser'] + fields_fk = ['asset', 'systemuser', 'systemuser_display'] fields = fields_small + fields_fk extra_kwargs = { 'username': {'required': True}, From 1840609d535001d1f156b9e605b9332951db9a22 Mon Sep 17 00:00:00 2001 From: ibuler Date: Mon, 12 Jul 2021 12:46:55 +0800 Subject: [PATCH 5/5] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E5=8A=A8=E6=80=81?= =?UTF-8?q?=E7=B3=BB=E7=BB=9F=E7=94=A8=E6=88=B7=E6=97=A0=E6=B3=95=E6=8F=90?= =?UTF-8?q?=E4=BA=A4=E7=9A=84=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit fix: 修复动态系统用户 --- apps/assets/models/user.py | 7 +------ apps/assets/serializers/system_user.py | 9 ++++----- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/apps/assets/models/user.py b/apps/assets/models/user.py index fcdb9e244..3f8849188 100644 --- a/apps/assets/models/user.py +++ b/apps/assets/models/user.py @@ -215,7 +215,7 @@ class SystemUser(ProtocolMixin, AuthMixin, BaseUser): def __str__(self): username = self.username if self.username_same_with_user: - username = 'dynamic' + username = '*' return '{0.name}({1})'.format(self, username) @property @@ -270,11 +270,6 @@ class SystemUser(ProtocolMixin, AuthMixin, BaseUser): assets = Asset.objects.filter(id__in=asset_ids) return assets - def save(self, *args, **kwargs): - if self.username_same_with_user: - self.username = '*' - return super().save(*args, **kwargs) - class Meta: ordering = ['name'] unique_together = [('name', 'org_id')] diff --git a/apps/assets/serializers/system_user.py b/apps/assets/serializers/system_user.py index abb70c47c..381b46592 100644 --- a/apps/assets/serializers/system_user.py +++ b/apps/assets/serializers/system_user.py @@ -97,13 +97,12 @@ class SystemUserSerializer(AuthSerializerMixin, BulkOrgResourceModelSerializer): protocol = self.initial_data.get("protocol") username_same_with_user = self.initial_data.get("username_same_with_user") - if login_mode == SystemUser.LOGIN_AUTO and \ - protocol != SystemUser.Protocol.vnc: + if username_same_with_user: + return '' + + if login_mode == SystemUser.LOGIN_AUTO and protocol != SystemUser.Protocol.vnc: msg = _('* Automatic login mode must fill in the username.') raise serializers.ValidationError(msg) - - if username_same_with_user: - username = '*' return username def validate_home(self, home):