From 558309599cfd5b52db8045aa03209c22b4e0d8b8 Mon Sep 17 00:00:00 2001 From: ibuler Date: Sat, 21 Nov 2015 00:42:54 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E6=8E=88=E6=9D=83=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2api?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- jperm/perm_api.py | 49 +++++++++++++++++++++++++-- jperm/urls.py | 7 ---- jperm/views.py | 86 ----------------------------------------------- 3 files changed, 46 insertions(+), 96 deletions(-) diff --git a/jperm/perm_api.py b/jperm/perm_api.py index 1bcfe0679..dd747b2be 100644 --- a/jperm/perm_api.py +++ b/jperm/perm_api.py @@ -10,9 +10,52 @@ from jperm.models import PermRole from jperm.models import PermRule -class PermGet(object): - def __init__(self): - pass +def get_user_perm(user): + """ + return: + {’asset_group': { + asset_group1: {'role': [role1, role2], 'rule': [rule1, rule2]}, + asset_group2: {'role': [role1, role2], 'rule': [rule1, rule2]}, + } + 'asset':{ + asset1: {'role': [role1, role2], 'rule': [rule1, rule2]}, + asset2: {'role': [role1, role2], 'rule': [rule1, rule2]}, + } + ]}, + 'rule':[rule1, rule2,] + } + """ + perm = {} + user_rule_all = PermRule.objects.filter(user=user) + perm['rule'] = user_rule_all + perm_asset_group = perm['asset_group'] = {} + perm_asset = perm['asset'] = {} + for rule in user_rule_all: + asset_groups = rule.asset_group.all() + assets = rule.asset.all() + for asset_group in asset_groups: + if perm_asset_group.get(asset_group): + perm_asset_group[asset_group].get('role', []).update(set(rule.role.all())) + perm_asset_group[asset_group].get('rule', []).append(rule) + else: + perm_asset_group[asset_group] = {'role': set(rule.role.all()), 'rule': [rule]} + + for asset in assets: + if perm_asset.get(asset): + perm_asset[asset].get('role', []).update(set(rule.role.all())) + perm_asset[asset].get('rule', []).append(rule) + else: + perm_asset[asset] = {'role': set(rule.role.all()), 'rule': [rule]} + + return perm + + + + + + + + def get_object_list(model, id_list): diff --git a/jperm/urls.py b/jperm/urls.py index aa80f7f75..fd40dc1cd 100644 --- a/jperm/urls.py +++ b/jperm/urls.py @@ -13,11 +13,4 @@ urlpatterns = patterns('jperm.views', (r'^role/perm_role_detail/$', perm_role_detail), (r'^role/perm_role_edit/$', perm_role_edit), (r'^role/perm_role_push/$', perm_role_push), - - - (r'^log/$', log), - (r'^sys_user_add/$', sys_user_add), - (r'^perm_user_list/$', sys_user_list), - (r'^sys_user_del/$', sys_user_del), - (r'^sys_user_edit/$', sys_user_edit), ) diff --git a/jperm/views.py b/jperm/views.py index 294774736..1c9eaa15c 100644 --- a/jperm/views.py +++ b/jperm/views.py @@ -378,8 +378,6 @@ def perm_role_edit(request): return my_render('jperm/perm_role_list.html', locals(), request) - - @require_role('admin') def perm_role_push(request): """ @@ -458,87 +456,3 @@ def perm_role_push(request): else: return HttpResponse(u"推送系统角色: %s" % ','.join(role_names)) - - - - - - - - - -@require_role('admin') -def perm_group_list(request): - header_title, path1, path2 = '用户组授权', '授权管理', '用户组授权' - keyword = request.GET.get('search', '') - user_groups_list = UserGroup.objects.all() - if keyword: - request = user_groups_list.filter(Q(name=keyword) | Q(comment=keyword)) - user_groups_list, p, user_groups, page_range, current_page, show_first, show_end = pages(user_groups_list, request) - return my_render('jperm/perm_group_list.html', locals(), request) - - - -@require_role('admin') -def perm_group_edit(request): - header_title, path1, path2 = '用户组授权', '授权管理', '授权更改' - user_group_id = request.GET.get('id', '') - user_group = get_object(UserGroup, id=user_group_id) - asset_all = Asset.objects.all() - asset_group_all = AssetGroup.objects.all() - asset_permed = user_group.asset.all() # 获取授权的资产对象列表 - asset_group_permed = user_group.asset_group.all() # 获取授权的资产组对象列表 - if request.method == 'GET' and user_group: - assets = [asset for asset in asset_all if asset not in asset_permed] - asset_groups = [asset_group for asset_group in asset_group_all if asset_group not in asset_group_permed] - return my_render('jperm/perm_group_edit.html', locals(), request) - elif request.method == 'POST' and user_group: - asset_id_select = request.POST.getlist('asset_select', []) - asset_group_id_select = request.POST.getlist('asset_groups_select', []) - asset_select = get_object_list(Asset, asset_id_select) - asset_group_select = get_object_list(AssetGroup, asset_group_id_select) - asset_new = list(set(asset_select) - set(asset_permed)) # 计算的得到新授权的资产对象列表 - asset_del = list(set(asset_permed) - set(asset_select)) # 计算得到回收权限的资产对象列表 - asset_group_new = list(set(asset_group_select) - set(asset_group_permed)) # 新授权的资产组对象列表 - asset_group_del = list(set(asset_group_permed) - set(asset_group_select)) # 回收的资产组对象列表 - users = user_group.user_set.all() - perm_info = { - 'action': 'perm group edit: ' + user_group.name, - 'del': {'users': users, 'assets': asset_del}, - 'new': {'users': users, 'assets': asset_new} - } - results = perm_user_api(perm_info) - unreachable_asset = [] - failures_asset = [] - for ip in results.get('unreachable'): - unreachable_asset.extend(filter(lambda x: x, Asset.objects.filter(ip=ip))) - for ip in results.get('failures'): - failures_asset.extend(filter(lambda x: x, Asset.objects.filter(ip=ip))) - failures_asset.extend(unreachable_asset) # 失败的授权要统计 - for asset in failures_asset: - if asset in asset_select: - asset_select.remove(asset) - else: - asset_select.append(asset) - user_group.asset = asset_select - user_group.asset_group = asset_group_select - user_group.save() # 保存到数据库 - return HttpResponse(json.dumps(results, sort_keys=True, indent=4), content_type="application/json") - else: - return HttpResponse('输入错误') - - -def log(request): - header_title, path1, path2 = '授权记录', '授权管理', '授权记录' - log_all = Log.objects.all().order_by('-datetime') - log_all, p, logs, page_range, current_page, show_first, show_end = pages(log_all, request) - return my_render('jperm/perm_log.html', locals(), request) - - -def sys_user_edit(request): - pass - - -def sys_user_del(request): - pass -