feat: 资产登录工单页面增加监控与中断

2025-08-31 15:11:27 +00:00 · 2021-12-29 20:07:56 +08:00
parent 100bfe0304
commit bd84edea62
15 changed files with 168 additions and 20 deletions
--- a/apps/terminal/api/session.py
+++ b/apps/terminal/api/session.py
@@ -6,7 +6,7 @@ import tarfile
 from django.shortcuts import get_object_or_404, reverse
 from django.utils.translation import ugettext as _
 from django.utils.encoding import escape_uri_path
-from django.http import FileResponse, HttpResponse
+from django.http import FileResponse
 from django.core.files.storage import default_storage
 from rest_framework import viewsets, views
 from rest_framework.response import Response
@@ -15,7 +15,7 @@ from rest_framework.decorators import action
 from common.utils import model_to_json
 from .. import utils
 from common.const.http import GET
-from common.utils import is_uuid, get_logger, get_object_or_none
+from common.utils import get_logger, get_object_or_none
 from common.mixins.api import AsyncApiMixin
 from common.permissions import IsOrgAdminOrAppUser, IsOrgAuditor, IsAppUser
 from common.drf.filters import DatetimeRangeFilter
@@ -24,13 +24,14 @@ from orgs.mixins.api import OrgBulkModelViewSet
 from orgs.utils import tmp_to_root_org, tmp_to_org
 from users.models import User
 from ..utils import find_session_replay_local, download_session_replay
-from ..hands import SystemUser
 from ..models import Session
 from .. import serializers
+from terminal.utils import is_session_approver

 __all__ = [
    'SessionViewSet', 'SessionReplayViewSet', 'SessionJoinValidateAPI'
 ]
+
 logger = get_logger(__name__)


@@ -197,6 +198,9 @@ class SessionJoinValidateAPI(views.APIView):
            msg = _('User does not exist: {}'.format(user_id))
            return Response({'ok': False, 'msg': msg}, status=401)
        with tmp_to_org(session.org):
+            if is_session_approver(session_id, user_id):
+                return Response({'ok': True, 'msg': ''}, status=200)
+
            if not user.admin_or_audit_orgs:
                msg = _('User does not have permission')
                return Response({'ok': False, 'msg': msg}, status=401)
--- a/apps/terminal/api/task.py
+++ b/apps/terminal/api/task.py
@@ -3,14 +3,18 @@
 import logging
 from rest_framework.views import APIView, Response
 from rest_framework_bulk import BulkModelViewSet
+from rest_framework import status
+from rest_framework.permissions import IsAuthenticated

 from common.utils import get_object_or_none
 from common.permissions import IsOrgAdminOrAppUser
 from ..models import Session, Task
 from .. import serializers
+from terminal.utils import is_session_approver
+from orgs.utils import tmp_to_root_org


-__all__ = ['TaskViewSet', 'KillSessionAPI']
+__all__ = ['TaskViewSet', 'KillSessionAPI', 'KillSessionForTicketAPI']
 logger = logging.getLogger(__file__)


@@ -21,20 +25,45 @@ class TaskViewSet(BulkModelViewSet):
    permission_classes = (IsOrgAdminOrAppUser,)


+def kill_sessions(session_ids, user):
+    validated_session = []
+
+    for session_id in session_ids:
+        session = get_object_or_none(Session, id=session_id)
+        if session and not session.is_finished:
+            validated_session.append(session_id)
+            Task.objects.create(
+                name="kill_session", args=session.id, terminal=session.terminal,
+                kwargs={
+                    'terminated_by': str(user)
+                }
+            )
+    return validated_session
+
+
 class KillSessionAPI(APIView):
    permission_classes = (IsOrgAdminOrAppUser,)
-    model = Task

    def post(self, request, *args, **kwargs):
-        validated_session = []
-        for session_id in request.data:
-            session = get_object_or_none(Session, id=session_id)
-            if session and not session.is_finished:
-                validated_session.append(session_id)
-                self.model.objects.create(
-                    name="kill_session", args=session.id, terminal=session.terminal,
-                    kwargs={
-                        'terminated_by': str(request.user)
-                    }
-                )
+        session_ids = request.data
+        user = request.user
+        validated_session = kill_sessions(session_ids, user)
        return Response({"ok": validated_session})
+
+
+class KillSessionForTicketAPI(APIView):
+    permission_classes = (IsAuthenticated, )
+
+    def post(self, request, *args, **kwargs):
+        session_ids = request.data
+        user_id = request.user.id
+
+        for session_id in session_ids:
+            if not is_session_approver(session_id, user_id):
+                return Response({}, status=status.HTTP_403_FORBIDDEN)
+
+        with tmp_to_root_org():
+            validated_session = kill_sessions(session_ids, request.user)
+
+        return Response({"ok": validated_session})
+