github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-07 18:31:04 +00:00
Code Issues Projects Releases Wiki Activity

Config (#3502)

Browse Source 
* [Update] 修改config

* [Update] 移动存储设置到到terminal中

* [Update] 修改permission 查看

* [Update] pre merge

* [Update] 录像存储

* [Update] 命令存储

* [Update] 添加存储测试可连接性

* [Update] 修改 meta 值的 key 为大写

* [Update] 修改 Terminal 相关 Storage 配置

* [Update] 删除之前获取录像/命令存储的代码

* [Update] 修改导入失败

* [Update] 迁移文件添加default存储

* [Update] 删除之前代码,添加help_text信息

* [Update] 删除之前代码

* [Update] 删除之前代码

* [Update] 抽象命令/录像存储 APIView

* [Update] 抽象命令/录像存储 APIView 1

* [Update] 抽象命令/录像存储 DictField

* [Update] 抽象命令/录像存储列表页面

* [Update] 修复CustomDictField的bug

* [Update] RemoteApp 页面添加 hidden

* [Update] 用户页面添加用户关联授权

* [Update] 修改存储测试可连接性 target

* [Update] 修改配置

* [Update] 修改存储前端 Form 渲染逻辑

* [Update] 修改存储细节

* [Update] 统一存储类型到 const 文件

* [Update] 修改迁移文件及Model,创建默认存储

* [Update] 修改迁移文件及Model初始化默认数据

* [Update] 修改迁移文件

* [Update] 修改迁移文件

* [Update] 修改迁移文件

* [Update] 修改迁移文件

* [Update] 修改迁移文件

* [Update] 修改迁移文件

* [Update] 修改迁移文件

* [Update] 限制删除默认存储配置,只允许创建扩展的存储类型

* [Update] 修改ip字段长度

* [Update] 修改ip字段长度

* [Update] 修改一些css

* [Update] 修改关联

* [Update] 添加操作日志定时清理

* [Update] 修改记录syslog的instance encoder

* [Update] 忽略登录产生的操作日志

* [Update] 限制更新存储时不覆盖原有AK SK 等字段

* [Update] 修改迁移文件添加comment字段

* [Update] 修改迁移文件

* [Update] 添加 comment 字段

* [Update] 修改默认存储no -> null

* [Update] 修改细节

* [Update] 更新翻译(存储配置

* [Update] 修改定时任务注册,修改系统用户资产、节点关系api

* [Update] 添加监控磁盘任务

* [Update] 修改session

* [Update] 拆分serializer

* [Update] 还原setting原来的manager
This commit is contained in:
老广
2019-12-05 15:09:25 +08:00
committed by BaiJiangJie
parent fd1b9d97c0
commit 4944ac8e75
193 changed files with 5609 additions and 4357 deletions
Download Patch File Download Diff File Expand all files Collapse all files

137
apps/perms/api/asset_permission.py
View File

@@ -2,12 +2,9 @@
#
from django.db.models import Q
from rest_framework.views import Response
from django.shortcuts import get_object_or_404
from common.permissions import IsOrgAdmin
from orgs.mixins.api import OrgModelViewSet
from orgs.mixins import generics
from common.utils import get_object_or_none
from ..models import AssetPermission
from ..hands import (
@@ -17,9 +14,7 @@ from .. import serializers
__all__ = [
'AssetPermissionViewSet', 'AssetPermissionRemoveUserApi',
'AssetPermissionAddUserApi', 'AssetPermissionRemoveAssetApi',
'AssetPermissionAddAssetApi', 'AssetPermissionAssetsApi',
'AssetPermissionViewSet',
]
@@ -29,6 +24,7 @@ class AssetPermissionViewSet(OrgModelViewSet):
"""
model = AssetPermission
serializer_class = serializers.AssetPermissionCreateUpdateSerializer
serializer_display_class = serializers.AssetPermissionListSerializer
filter_fields = ['name']
permission_classes = (IsOrgAdmin,)
@@ -38,11 +34,9 @@ class AssetPermissionViewSet(OrgModelViewSet):
)
return queryset
def get_serializer_class(self):
if self.action in ("list", 'retrieve') and \
self.request.query_params.get("display"):
return serializers.AssetPermissionListSerializer
return self.serializer_class
def is_query_all(self):
query_all = self.request.query_params.get('all', '1') == '1'
return query_all
def filter_valid(self, queryset):
valid_query = self.request.query_params.get('is_valid', None)
@@ -81,7 +75,10 @@ class AssetPermissionViewSet(OrgModelViewSet):
if not _nodes:
return queryset.none()
nodes = set()
if not self.is_query_all():
queryset = queryset.filter(nodes__in=_nodes)
return queryset
nodes = set(_nodes)
for node in _nodes:
nodes |= set(node.get_ancestors(with_self=True))
queryset = queryset.filter(nodes__in=nodes)
@@ -101,6 +98,9 @@ class AssetPermissionViewSet(OrgModelViewSet):
return queryset
if not assets:
return queryset.none()
if not self.is_query_all():
queryset = queryset.filter(assets__in=assets)
return queryset
inherit_all_nodes = set()
inherit_nodes_keys = assets.all().values_list('nodes__key', flat=True)
@@ -117,7 +117,6 @@ class AssetPermissionViewSet(OrgModelViewSet):
def filter_user(self, queryset):
user_id = self.request.query_params.get('user_id')
username = self.request.query_params.get('username')
query_group = self.request.query_params.get('all')
if user_id:
user = get_object_or_none(User, pk=user_id)
elif username:
@@ -126,14 +125,14 @@ class AssetPermissionViewSet(OrgModelViewSet):
return queryset
if not user:
return queryset.none()
kwargs = {}
args = []
if query_group:
groups = user.groups.all()
args.append(Q(users=user) | Q(user_groups__in=groups))
else:
kwargs["users"] = user
return queryset.filter(*args, **kwargs).distinct()
if not self.is_query_all():
queryset = queryset.filter(users=user)
return queryset
groups = user.groups.all()
queryset = queryset.filter(
Q(users=user) | Q(user_groups__in=groups)
).distinct()
return queryset
def filter_user_group(self, queryset):
user_group_id = self.request.query_params.get('user_group_id')
@@ -167,99 +166,3 @@ class AssetPermissionViewSet(OrgModelViewSet):
queryset = self.filter_user_group(queryset)
queryset = queryset.distinct()
return queryset
class AssetPermissionRemoveUserApi(generics.RetrieveUpdateAPIView):
"""
将用户从授权中移除Detail页面会调用
"""
model = AssetPermission
permission_classes = (IsOrgAdmin,)
serializer_class = serializers.AssetPermissionUpdateUserSerializer
def update(self, request, *args, **kwargs):
perm = self.get_object()
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
users = serializer.validated_data.get('users')
if users:
perm.users.remove(*tuple(users))
perm.save()
return Response({"msg": "ok"})
else:
return Response({"error": serializer.errors})
class AssetPermissionAddUserApi(generics.RetrieveUpdateAPIView):
model = AssetPermission
permission_classes = (IsOrgAdmin,)
serializer_class = serializers.AssetPermissionUpdateUserSerializer
def update(self, request, *args, **kwargs):
perm = self.get_object()
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
users = serializer.validated_data.get('users')
if users:
perm.users.add(*tuple(users))
perm.save()
return Response({"msg": "ok"})
else:
return Response({"error": serializer.errors})
class AssetPermissionRemoveAssetApi(generics.RetrieveUpdateAPIView):
"""
将用户从授权中移除Detail页面会调用
"""
model = AssetPermission
permission_classes = (IsOrgAdmin,)
serializer_class = serializers.AssetPermissionUpdateAssetSerializer
def update(self, request, *args, **kwargs):
perm = self.get_object()
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
assets = serializer.validated_data.get('assets')
if assets:
perm.assets.remove(*tuple(assets))
perm.save()
return Response({"msg": "ok"})
else:
return Response({"error": serializer.errors})
class AssetPermissionAddAssetApi(generics.RetrieveUpdateAPIView):
model = AssetPermission
permission_classes = (IsOrgAdmin,)
serializer_class = serializers.AssetPermissionUpdateAssetSerializer
def update(self, request, *args, **kwargs):
perm = self.get_object()
serializer = self.serializer_class(data=request.data)
if serializer.is_valid():
assets = serializer.validated_data.get('assets')
if assets:
perm.assets.add(*tuple(assets))
perm.save()
return Response({"msg": "ok"})
else:
return Response({"error": serializer.errors})
class AssetPermissionAssetsApi(generics.ListAPIView):
permission_classes = (IsOrgAdmin,)
serializer_class = serializers.AssetPermissionAssetsSerializer
filter_fields = ("hostname", "ip")
search_fields = filter_fields
def get_object(self):
pk = self.kwargs.get('pk')
return get_object_or_404(AssetPermission, pk=pk)
def get_queryset(self):
perm = self.get_object()
assets = perm.get_all_assets().only(
*self.serializer_class.Meta.only_fields
)
return assets