github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-10 20:00:10 +00:00
Code Issues Projects Releases Wiki Activity

remove rbac redundant perms

Browse Source
This commit is contained in:
feng
2022-12-28 11:25:12 +08:00
parent dbad0851e3
commit 7094df3527
2 changed files with 11 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/rbac/const.py
View File

@@ -52,6 +52,8 @@ exclude_permissions = (
('assets', 'verifyaccountautomation', '*', '*'),
('assets', 'changesecretrecord', 'add,delete,change', 'changesecretrecord'),
('assets', 'automationexecution', '*', 'automationexecution'),
('assets', 'commandfilter', '*', '*'),
('assets', 'commandfilterrule', '*', '*'),
# TODO 暂时去掉历史账号的权限
('assets', 'account', '*', 'assethistoryaccount'),
('assets', 'account', '*', 'assethistoryaccountsecret'),

9
apps/rbac/migrations/0011_remove_redundant_permission.py
View File

@@ -7,12 +7,21 @@ def migrate_remove_redundant_permission(apps, *args):
model = apps.get_model('rbac', 'ContentType')
model.objects.filter(app_label='applications').delete()
model.objects.filter(app_label='ops', model='task').delete()
model.objects.filter(app_label='xpack', model__in=[
'applicationchangeauthplan', 'applicationchangeauthplanexecution',
'applicationchangeauthplantask', 'changeauthplan', 'changeauthplanexecution',
'changeauthplantask', 'gatherusertask', 'gatherusertaskexecution'
]).delete()
model.objects.filter(app_label='assets', model__in=[
'authbook', 'historicalauthbook'
]).delete()
model.objects.filter(app_label='perms', model__in=[
'applicationpermission', 'permedapplication', 'commandfilterrule', 'historicalauthbook'
]).delete()
class Migration(migrations.Migration):
dependencies = [