diff --git a/apps/tickets/api/request_asset_perm.py b/apps/tickets/api/request_asset_perm.py index 5bfedabe0..5f6562caa 100644 --- a/apps/tickets/api/request_asset_perm.py +++ b/apps/tickets/api/request_asset_perm.py @@ -63,13 +63,14 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet): meta = instance.meta ips = ', '.join(meta.get('ips', [])) confirmed_assets = ', '.join(meta.get('confirmed_assets', [])) + confirmed_system_users = ', '.join(meta.get('confirmed_system_users', [])) return textwrap.dedent(f'''\ {_('IP group')}: {ips} {_('Hostname')}: {meta.get('hostname', '')} {_('System user')}: {meta.get('system_user', '')} {_('Confirmed assets')}: {confirmed_assets} - {_('Confirmed system user')}: {meta.get('confirmed_system_user', '')} + {_('Confirmed system users')}: {confirmed_system_users} ''') @action(detail=True, methods=[POST], permission_classes=[IsAssignee, IsValidUser]) @@ -95,15 +96,15 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet): if len(assets) != len(confirmed_assets): raise ConfirmedAssetsChanged(detail=_('Confirmed assets changed')) - confirmed_system_user = meta.get('confirmed_system_user') - if not confirmed_system_user: - raise NotHaveConfirmedSystemUser(detail=_('Confirm system-user first')) + confirmed_system_users = meta.get('confirmed_system_users', []) + if not confirmed_system_users: + raise NotHaveConfirmedSystemUser(detail=_('Confirm system-users first')) - system_user = get_object_or_none(SystemUser, id=confirmed_system_user) - if system_user is None: - raise ConfirmedSystemUserChanged(detail=_('Confirmed system-user changed')) + system_users = SystemUser.objects.filter(id__in=confirmed_system_users) + if system_users is None: + raise ConfirmedSystemUserChanged(detail=_('Confirmed system-users changed')) - self._create_asset_permission(instance, assets, system_user) + self._create_asset_permission(instance, assets, system_users) return Response({'detail': _('Succeed')}) @action(detail=True, methods=[POST], permission_classes=[IsAssignee | IsObjectOwner]) @@ -113,7 +114,7 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet): instance.save() return Response({'detail': _('Succeed')}) - def _create_asset_permission(self, instance: Ticket, assets, system_user): + def _create_asset_permission(self, instance: Ticket, assets, system_users): meta = instance.meta request = self.request actions = meta.get('actions', Action.CONNECT) @@ -135,7 +136,7 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet): request.user, self._get_extra_comment(instance)) ap = AssetPermission.objects.create(**ap_kwargs) - ap.system_users.add(system_user) + ap.system_users.add(*system_users) ap.assets.add(*assets) ap.users.add(instance.user) diff --git a/apps/tickets/migrations/0005_ticket_meta_confirmed_system_users.py b/apps/tickets/migrations/0005_ticket_meta_confirmed_system_users.py new file mode 100644 index 000000000..dd8fb686a --- /dev/null +++ b/apps/tickets/migrations/0005_ticket_meta_confirmed_system_users.py @@ -0,0 +1,31 @@ +# Generated by BaiJiangjie 2020-09-29 18:31 + +from django.db import migrations + + +def migrate_ticket_meta_confirmed_system_user_to_confirmed_system_users(apps, schema_editor): + ticket_model = apps.get_model("tickets", "Ticket") + tickets = ticket_model.origin_objects.all() + + for ticket in tickets: + meta = ticket.meta + confirmed_system_user = meta.get('confirmed_system_user') + if confirmed_system_user: + confirmed_system_users = [confirmed_system_user] + else: + confirmed_system_users = [] + meta.update({ + 'confirmed_system_users': confirmed_system_users + }) + ticket.meta = meta + ticket.save() + + +class Migration(migrations.Migration): + + dependencies = [ + ('tickets', '0004_ticket_comment'), + ] + operations = [ + migrations.RunPython(migrate_ticket_meta_confirmed_system_user_to_confirmed_system_users) + ] diff --git a/apps/tickets/serializers/request_asset_perm.py b/apps/tickets/serializers/request_asset_perm.py index 5c7e08cfd..77757ff62 100644 --- a/apps/tickets/serializers/request_asset_perm.py +++ b/apps/tickets/serializers/request_asset_perm.py @@ -33,19 +33,20 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer): source='meta.confirmed_assets', default=list, required=False, label=_('Confirmed assets')) - confirmed_system_user = serializers.UUIDField(source='meta.confirmed_system_user', - default='', required=False, + confirmed_system_users = serializers.ListField(child=serializers.UUIDField(), + source='meta.confirmed_system_users', + default=list, required=False, label=_('Confirmed system user')) assets_waitlist_url = serializers.SerializerMethodField() - system_user_waitlist_url = serializers.SerializerMethodField() + system_users_waitlist_url = serializers.SerializerMethodField() class Meta: model = Ticket mini_fields = ['id', 'title'] small_fields = [ - 'status', 'action', 'date_created', 'date_updated', 'system_user_waitlist_url', + 'status', 'action', 'date_created', 'date_updated', 'system_users_waitlist_url', 'type', 'type_display', 'action_display', 'ips', 'confirmed_assets', - 'date_start', 'date_expired', 'confirmed_system_user', 'hostname', + 'date_start', 'date_expired', 'confirmed_system_users', 'hostname', 'assets_waitlist_url', 'system_user', 'org_id', 'actions', 'comment' ] m2m_fields = [ @@ -96,7 +97,7 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer): raise serializers.ValidationError(_('Field `assignees` must be organization admin or superuser')) return attrs - def get_system_user_waitlist_url(self, instance: Ticket): + def get_system_users_waitlist_url(self, instance: Ticket): if not self._is_assignee(instance): return None return reverse('api-assets:system-user-list') @@ -190,16 +191,14 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer): meta['date_expired'] = dt_formater(date_expired) # UUID 的转换 - confirmed_system_user = meta.get('confirmed_system_user') - if confirmed_system_user: - meta['confirmed_system_user'] = str(confirmed_system_user) + confirmed_system_users = meta.get('confirmed_system_users') + if confirmed_system_users: + meta['confirmed_system_users'] = [str(system_user) for system_user in confirmed_system_users] confirmed_assets = meta.get('confirmed_assets') if confirmed_assets: - new_confirmed_assets = [] - for asset in confirmed_assets: - new_confirmed_assets.append(str(asset)) - meta['confirmed_assets'] = new_confirmed_assets + meta['confirmed_assets'] = [str(asset) for asset in confirmed_assets] + with tmp_to_root_org(): return super().save(**kwargs) @@ -220,7 +219,7 @@ class RequestAssetPermTicketSerializer(serializers.ModelSerializer): def _pop_confirmed_fields(self): meta = self.validated_data['meta'] meta.pop('confirmed_assets', None) - meta.pop('confirmed_system_user', None) + meta.pop('confirmed_system_users', None) def _is_assignee(self, obj: Ticket): user = self.context['request'].user