From 7b9c4b300d35598f9c3fce2657cda53c190cb9a6 Mon Sep 17 00:00:00 2001 From: Bai Date: Mon, 17 Jul 2023 15:53:35 +0800 Subject: [PATCH] =?UTF-8?q?perf:=20=E4=BC=98=E5=8C=96=E6=8E=A7=E5=88=B6=20?= =?UTF-8?q?ACL=20Action=20Choices=20=E7=9A=84=E9=80=89=E9=A1=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/acls/const.py | 9 ++++++ apps/acls/models/__init__.py | 1 - apps/acls/models/base.py | 9 +----- apps/acls/serializers/base.py | 40 ++++++++++++++----------- apps/acls/serializers/command_acl.py | 2 ++ apps/acls/serializers/connect_method.py | 13 +++----- apps/acls/serializers/login_acl.py | 8 ++--- 7 files changed, 42 insertions(+), 40 deletions(-) create mode 100644 apps/acls/const.py diff --git a/apps/acls/const.py b/apps/acls/const.py new file mode 100644 index 000000000..c2d2be586 --- /dev/null +++ b/apps/acls/const.py @@ -0,0 +1,9 @@ +from django.db import models +from django.utils.translation import gettext_lazy as _ + + +class ActionChoices(models.TextChoices): + reject = 'reject', _('Reject') + accept = 'accept', _('Accept') + review = 'review', _('Review') + warning = 'warning', _('Warning') diff --git a/apps/acls/models/__init__.py b/apps/acls/models/__init__.py index 0a4cc2a6e..28fe366b3 100644 --- a/apps/acls/models/__init__.py +++ b/apps/acls/models/__init__.py @@ -2,4 +2,3 @@ from .command_acl import * from .connect_method import * from .login_acl import * from .login_asset_acl import * -from .base import ActionChoices diff --git a/apps/acls/models/base.py b/apps/acls/models/base.py index c84ea3fcf..74782b2a3 100644 --- a/apps/acls/models/base.py +++ b/apps/acls/models/base.py @@ -7,23 +7,16 @@ from common.db.models import JMSBaseModel from common.utils import contains_ip from common.utils.time_period import contains_time_period from orgs.mixins.models import OrgModelMixin, OrgManager +from ..const import ActionChoices __all__ = [ 'BaseACL', 'UserBaseACL', 'UserAssetAccountBaseACL', - 'ActionChoices', ] from orgs.utils import tmp_to_root_org from orgs.utils import tmp_to_org -class ActionChoices(models.TextChoices): - reject = 'reject', _('Reject') - accept = 'accept', _('Accept') - review = 'review', _('Review') - warning = 'warning', _('Warning') - - class BaseACLQuerySet(models.QuerySet): def active(self): return self.filter(is_active=True) diff --git a/apps/acls/serializers/base.py b/apps/acls/serializers/base.py index 3892553d9..94c4d9fa1 100644 --- a/apps/acls/serializers/base.py +++ b/apps/acls/serializers/base.py @@ -1,10 +1,11 @@ from django.utils.translation import ugettext_lazy as _ from rest_framework import serializers -from acls.models.base import ActionChoices, BaseACL +from acls.models.base import BaseACL from common.serializers.fields import JSONManyToManyField, LabeledChoiceField from jumpserver.utils import has_valid_xpack_license from orgs.models import Organization +from ..const import ActionChoices common_help_text = _( "With * indicating a match all. " @@ -60,18 +61,21 @@ class ActionAclSerializer(serializers.Serializer): super().__init__(*args, **kwargs) self.set_action_choices() - def set_action_choices(self): - action = self.fields.get("action") - if not action: - return - choices = action.choices - if not has_valid_xpack_license(): - choices.pop(ActionChoices.review, None) - action._choices = choices - - -class BaserACLSerializer(ActionAclSerializer, serializers.Serializer): class Meta: + action_choices_exclude = [ActionChoices.warning] + + def set_action_choices(self): + field_action = self.fields.get("action") + if not field_action: + return + if not has_valid_xpack_license(): + field_action._choices.pop(ActionChoices.review, None) + for choice in self.Meta.action_choices_exclude: + field_action._choices.pop(choice, None) + + +class BaseACLSerializer(ActionAclSerializer, serializers.Serializer): + class Meta(ActionAclSerializer.Meta): model = BaseACL fields_mini = ["id", "name"] fields_small = fields_mini + [ @@ -108,16 +112,16 @@ class BaserACLSerializer(ActionAclSerializer, serializers.Serializer): return valid_reviewers -class BaserUserACLSerializer(BaserACLSerializer): +class BaseUserACLSerializer(BaseACLSerializer): users = JSONManyToManyField(label=_('User')) - class Meta(BaserACLSerializer.Meta): - fields = BaserACLSerializer.Meta.fields + ['users'] + class Meta(BaseACLSerializer.Meta): + fields = BaseACLSerializer.Meta.fields + ['users'] -class BaseUserAssetAccountACLSerializer(BaserUserACLSerializer): +class BaseUserAssetAccountACLSerializer(BaseUserACLSerializer): assets = JSONManyToManyField(label=_('Asset')) accounts = serializers.ListField(label=_('Account')) - class Meta(BaserUserACLSerializer.Meta): - fields = BaserUserACLSerializer.Meta.fields + ['assets', 'accounts'] + class Meta(BaseUserACLSerializer.Meta): + fields = BaseUserACLSerializer.Meta.fields + ['assets', 'accounts'] diff --git a/apps/acls/serializers/command_acl.py b/apps/acls/serializers/command_acl.py index a34ea4cc4..672164012 100644 --- a/apps/acls/serializers/command_acl.py +++ b/apps/acls/serializers/command_acl.py @@ -31,6 +31,8 @@ class CommandFilterACLSerializer(BaseSerializer, BulkOrgResourceModelSerializer) class Meta(BaseSerializer.Meta): model = CommandFilterACL fields = BaseSerializer.Meta.fields + ['command_groups'] + # 默认都支持所有的 actions + action_choices_exclude = [] class CommandReviewSerializer(serializers.Serializer): diff --git a/apps/acls/serializers/connect_method.py b/apps/acls/serializers/connect_method.py index b36fde06d..b1daf56ac 100644 --- a/apps/acls/serializers/connect_method.py +++ b/apps/acls/serializers/connect_method.py @@ -1,6 +1,7 @@ from orgs.mixins.serializers import BulkOrgResourceModelSerializer from .base import BaseUserAssetAccountACLSerializer as BaseSerializer from ..models import ConnectMethodACL +from ..const import ActionChoices __all__ = ["ConnectMethodACLSerializer"] @@ -12,12 +13,6 @@ class ConnectMethodACLSerializer(BaseSerializer, BulkOrgResourceModelSerializer) i for i in BaseSerializer.Meta.fields + ['connect_methods'] if i not in ['assets', 'accounts'] ] - - def __init__(self, *args, **kwargs): - super().__init__(*args, **kwargs) - field_action = self.fields.get('action') - if not field_action: - return - # 仅支持拒绝 - for k in ['review', 'accept']: - field_action._choices.pop(k, None) + action_choices_exclude = BaseSerializer.Meta.action_choices_exclude + [ + ActionChoices.review, ActionChoices.accept + ] diff --git a/apps/acls/serializers/login_acl.py b/apps/acls/serializers/login_acl.py index 1371bc091..c86424986 100644 --- a/apps/acls/serializers/login_acl.py +++ b/apps/acls/serializers/login_acl.py @@ -2,7 +2,7 @@ from django.utils.translation import ugettext as _ from common.serializers import MethodSerializer from orgs.mixins.serializers import BulkOrgResourceModelSerializer -from .base import BaserUserACLSerializer +from .base import BaseUserACLSerializer from .rules import RuleSerializer from ..models import LoginACL @@ -11,12 +11,12 @@ __all__ = ["LoginACLSerializer"] common_help_text = _("With * indicating a match all. ") -class LoginACLSerializer(BaserUserACLSerializer, BulkOrgResourceModelSerializer): +class LoginACLSerializer(BaseUserACLSerializer, BulkOrgResourceModelSerializer): rules = MethodSerializer(label=_('Rule')) - class Meta(BaserUserACLSerializer.Meta): + class Meta(BaseUserACLSerializer.Meta): model = LoginACL - fields = BaserUserACLSerializer.Meta.fields + ['rules', ] + fields = BaseUserACLSerializer.Meta.fields + ['rules', ] def get_rules_serializer(self): return RuleSerializer()