mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-10-22 00:09:14 +00:00
[Update] 修改一些bug
This commit is contained in:
ibuler
@@ -180,6 +180,7 @@ class AssetPermissionRemoveUserApi(RetrieveUpdateAPIView):
|
||||
users = serializer.validated_data.get('users')
|
||||
if users:
|
||||
perm.users.remove(*tuple(users))
|
||||
perm.save()
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
@@ -197,6 +198,7 @@ class AssetPermissionAddUserApi(RetrieveUpdateAPIView):
|
||||
users = serializer.validated_data.get('users')
|
||||
if users:
|
||||
perm.users.add(*tuple(users))
|
||||
perm.save()
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
@@ -217,6 +219,7 @@ class AssetPermissionRemoveAssetApi(RetrieveUpdateAPIView):
|
||||
assets = serializer.validated_data.get('assets')
|
||||
if assets:
|
||||
perm.assets.remove(*tuple(assets))
|
||||
perm.save()
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
@@ -234,6 +237,7 @@ class AssetPermissionAddAssetApi(RetrieveUpdateAPIView):
|
||||
assets = serializer.validated_data.get('assets')
|
||||
if assets:
|
||||
perm.assets.add(*tuple(assets))
|
||||
perm.save()
|
||||
return Response({"msg": "ok"})
|
||||
else:
|
||||
return Response({"error": serializer.errors})
|
||||
|
||||
@@ -51,8 +51,7 @@ class GetUserAssetPermissionActionsApi(UserAssetPermissionMixin,
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
system_user = get_object_or_404(SystemUser, id=system_id)
|
||||
|
||||
system_users_actions = self.util.get_asset_system_users_with_actions(
|
||||
asset)
|
||||
system_users_actions = self.util.get_asset_system_users_with_actions(asset)
|
||||
actions = system_users_actions.get(system_user)
|
||||
return {"actions": actions}
|
||||
|
||||
@@ -103,8 +102,7 @@ class UserGrantedAssetSystemUsersApi(UserAssetPermissionMixin, ListAPIView):
|
||||
def get_queryset(self):
|
||||
asset_id = self.kwargs.get('asset_id')
|
||||
asset = get_object_or_404(Asset, id=asset_id)
|
||||
system_users_with_actions = self.util.get_asset_system_users_with_actions(
|
||||
asset)
|
||||
system_users_with_actions = self.util.get_asset_system_users_with_actions(asset)
|
||||
system_users = []
|
||||
for system_user, actions in system_users_with_actions.items():
|
||||
system_user.actions = actions
|
||||
|
||||
@@ -1,23 +1,27 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
from common.utils import lazyproperty
|
||||
from common.tree import TreeNodeSerializer
|
||||
from ..mixin import UserPermissionMixin
|
||||
from ...utils import AssetPermissionUtilV2, ParserNode
|
||||
from ...hands import Node, Asset
|
||||
from common.tree import TreeNodeSerializer
|
||||
|
||||
|
||||
class UserAssetPermissionMixin(UserPermissionMixin):
|
||||
util = None
|
||||
tree = None
|
||||
|
||||
def initial(self, *args, **kwargs):
|
||||
super().initial(*args, *kwargs)
|
||||
@lazyproperty
|
||||
def util(self):
|
||||
cache_policy = self.request.query_params.get('cache_policy', '0')
|
||||
system_user_id = self.request.query_params.get("system_user")
|
||||
self.util = AssetPermissionUtilV2(self.obj, cache_policy=cache_policy)
|
||||
util = AssetPermissionUtilV2(self.obj, cache_policy=cache_policy)
|
||||
if system_user_id:
|
||||
self.util.filter_permissions(system_users=system_user_id)
|
||||
self.tree = self.util.get_user_tree()
|
||||
util.filter_permissions(system_users=system_user_id)
|
||||
return util
|
||||
|
||||
@lazyproperty
|
||||
def tree(self):
|
||||
return self.util.get_user_tree()
|
||||
|
||||
|
||||
class UserNodeTreeMixin:
|
||||
|
||||
@@ -19,18 +19,6 @@ permission_m2m_senders = (
|
||||
)
|
||||
|
||||
|
||||
@on_transaction_commit
|
||||
def on_permission_m2m_change(sender, action='', **kwargs):
|
||||
if not action.startswith('post'):
|
||||
return
|
||||
logger.debug('Asset permission m2m changed, refresh user tree cache')
|
||||
AssetPermissionUtilV2.expire_all_user_tree_cache()
|
||||
|
||||
|
||||
for sender in permission_m2m_senders:
|
||||
m2m_changed.connect(on_permission_m2m_change, sender=sender)
|
||||
|
||||
|
||||
@receiver([post_save, post_delete], sender=AssetPermission)
|
||||
@on_transaction_commit
|
||||
def on_permission_change(sender, action='', **kwargs):
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
# coding: utf-8
|
||||
|
||||
import time
|
||||
import pickle
|
||||
import threading
|
||||
from collections import defaultdict
|
||||
from functools import reduce
|
||||
from hashlib import md5
|
||||
@@ -12,7 +12,7 @@ from django.db.models import Q
|
||||
from django.conf import settings
|
||||
|
||||
from orgs.utils import set_to_root_org
|
||||
from common.utils import get_logger, timeit
|
||||
from common.utils import get_logger, timeit, lazyproperty
|
||||
from common.tree import TreeNode
|
||||
from assets.utils import TreeService
|
||||
from ..models import AssetPermission
|
||||
@@ -131,18 +131,19 @@ class AssetPermissionUtilV2(AssetPermissionUtilCacheMixin):
|
||||
self.cache_policy = cache_policy
|
||||
self.obj_id = str(obj.id) if obj else None
|
||||
self._permissions = None
|
||||
self._permissions_id = None # 标记_permission的唯一值
|
||||
self._filter_id = 'None' # 当通过filter更改 permission是标记
|
||||
self.change_org_if_need()
|
||||
self._user_tree = None
|
||||
self._user_tree_filter_id = 'None'
|
||||
self.full_tree = Node.tree()
|
||||
self.mutex = threading.Lock()
|
||||
|
||||
@staticmethod
|
||||
def change_org_if_need():
|
||||
set_to_root_org()
|
||||
|
||||
@lazyproperty
|
||||
def full_tree(self):
|
||||
return Node.tree()
|
||||
|
||||
@property
|
||||
def permissions(self):
|
||||
if self._permissions:
|
||||
@@ -161,7 +162,7 @@ class AssetPermissionUtilV2(AssetPermissionUtilCacheMixin):
|
||||
self._permissions = self.permissions.filter(**filters)
|
||||
self._filter_id = md5(filters_json.encode()).hexdigest()
|
||||
|
||||
@property
|
||||
@lazyproperty
|
||||
def user_tree(self):
|
||||
return self.get_user_tree()
|
||||
|
||||
@@ -305,27 +306,26 @@ class AssetPermissionUtilV2(AssetPermissionUtilCacheMixin):
|
||||
@timeit
|
||||
def get_user_tree(self):
|
||||
# 使用锁,保证多次获取tree的时候顺序执行,可以使用缓存
|
||||
with self.mutex:
|
||||
user_tree = self.get_user_tree_from_local()
|
||||
if user_tree:
|
||||
return user_tree
|
||||
user_tree = self.get_user_tree_from_cache_if_need()
|
||||
if user_tree:
|
||||
self.set_user_tree_to_local(user_tree)
|
||||
return user_tree
|
||||
user_tree = TreeService()
|
||||
full_tree_root = self.full_tree.root_node()
|
||||
user_tree.create_node(
|
||||
tag=full_tree_root.tag,
|
||||
identifier=full_tree_root.identifier
|
||||
)
|
||||
self.add_direct_nodes_to_user_tree(user_tree)
|
||||
self.add_single_assets_node_to_user_tree(user_tree)
|
||||
self.parse_user_tree_to_full_tree(user_tree)
|
||||
self.add_empty_node_if_need(user_tree)
|
||||
self.set_user_tree_to_cache_if_need(user_tree)
|
||||
user_tree = self.get_user_tree_from_local()
|
||||
if user_tree:
|
||||
return user_tree
|
||||
user_tree = self.get_user_tree_from_cache_if_need()
|
||||
if user_tree:
|
||||
self.set_user_tree_to_local(user_tree)
|
||||
return user_tree
|
||||
user_tree = TreeService()
|
||||
full_tree_root = self.full_tree.root_node()
|
||||
user_tree.create_node(
|
||||
tag=full_tree_root.tag,
|
||||
identifier=full_tree_root.identifier
|
||||
)
|
||||
self.add_direct_nodes_to_user_tree(user_tree)
|
||||
self.add_single_assets_node_to_user_tree(user_tree)
|
||||
self.parse_user_tree_to_full_tree(user_tree)
|
||||
self.add_empty_node_if_need(user_tree)
|
||||
self.set_user_tree_to_cache_if_need(user_tree)
|
||||
self.set_user_tree_to_local(user_tree)
|
||||
return user_tree
|
||||
|
||||
# Todo: 是否可以获取多个资产的系统用户
|
||||
def get_asset_system_users_with_actions(self, asset):
|
||||
|
||||
Reference in New Issue
Block a user