github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-07-04 02:26:34 +00:00
Code Issues Projects Releases Wiki Activity

perf: leak password can bulk delete

Browse Source
This commit is contained in:
wangruidong 2025-06-05 15:51:14 +08:00 committed by 老广
parent 570566d9dd
commit 284d793253
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
apps/settings/api/security.py
View File

@ -4,8 +4,9 @@ from django.conf import settings
from django.core.cache import cache
from rest_framework.generics import ListAPIView, CreateAPIView
from rest_framework.views import Response
from rest_framework.viewsets import ModelViewSet
from rest_framework_bulk.generics import BulkModelViewSet
from common.drf.filters import IDSpmFilterBackend
from users.utils import LoginIpBlockUtil
from ..models import LeakPasswords
from ..serializers import SecurityBlockIPSerializer, LeakPasswordPSerializer
@ -60,7 +61,7 @@ class UnlockIPSecurityAPI(CreateAPIView):
return Response(status=200)
class LeakPasswordViewSet(ModelViewSet):
class LeakPasswordViewSet(BulkModelViewSet):
serializer_class = LeakPasswordPSerializer
model = LeakPasswords
rbac_perms = {
@ -71,3 +72,11 @@ class LeakPasswordViewSet(ModelViewSet):
def get_queryset(self):
return LeakPasswords.objects.using('sqlite').all()
def allow_bulk_destroy(self, qs, filtered):
return True
def filter_queryset(self, queryset):
queryset = super().filter_queryset(queryset)
queryset = IDSpmFilterBackend().filter_queryset(self.request, queryset, self)
return queryset