mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-06-29 00:07:18 +00:00
fix: 修改授权权限
This commit is contained in:
feng626
Jiangjie.Bai
parent
7ba19ab1a1
commit
c41a81c8d0
@ -16,7 +16,7 @@ from perms.utils.application.permission import (
|
|||||||
get_application_system_user_ids,
|
get_application_system_user_ids,
|
||||||
validate_permission,
|
validate_permission,
|
||||||
)
|
)
|
||||||
from .mixin import RoleAdminMixin, RoleUserMixin
|
from .mixin import AppRoleAdminMixin, AppRoleUserMixin
|
||||||
from perms.hands import User, SystemUser
|
from perms.hands import User, SystemUser
|
||||||
from perms import serializers
|
from perms import serializers
|
||||||
|
|
||||||
@ -45,11 +45,11 @@ class BaseGrantedApplicationSystemUsersApi(ListAPIView):
|
|||||||
return system_users
|
return system_users
|
||||||
|
|
||||||
|
|
||||||
class UserGrantedApplicationSystemUsersApi(RoleAdminMixin, BaseGrantedApplicationSystemUsersApi):
|
class UserGrantedApplicationSystemUsersApi(AppRoleAdminMixin, BaseGrantedApplicationSystemUsersApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedApplicationSystemUsersApi(RoleUserMixin, BaseGrantedApplicationSystemUsersApi):
|
class MyGrantedApplicationSystemUsersApi(AppRoleUserMixin, BaseGrantedApplicationSystemUsersApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -6,7 +6,7 @@ from common.mixins.api import RoleUserMixin as _RoleUserMixin
|
|||||||
from orgs.utils import tmp_to_root_org
|
from orgs.utils import tmp_to_root_org
|
||||||
|
|
||||||
|
|
||||||
class RoleAdminMixin(_RoleAdminMixin):
|
class AppRoleAdminMixin(_RoleAdminMixin):
|
||||||
rbac_perms = (
|
rbac_perms = (
|
||||||
('list', 'perms.view_userapp'),
|
('list', 'perms.view_userapp'),
|
||||||
('retrieve', 'perms.view_userapps'),
|
('retrieve', 'perms.view_userapps'),
|
||||||
@ -15,7 +15,7 @@ class RoleAdminMixin(_RoleAdminMixin):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class RoleUserMixin(_RoleUserMixin):
|
class AppRoleUserMixin(_RoleUserMixin):
|
||||||
rbac_perms = (
|
rbac_perms = (
|
||||||
('list', 'perms.view_myapps'),
|
('list', 'perms.view_myapps'),
|
||||||
('retrieve', 'perms.view_myapps'),
|
('retrieve', 'perms.view_myapps'),
|
||||||
|
|||||||
@ -9,7 +9,7 @@ from applications.api.mixin import (
|
|||||||
SerializeApplicationToTreeNodeMixin
|
SerializeApplicationToTreeNodeMixin
|
||||||
)
|
)
|
||||||
from perms import serializers
|
from perms import serializers
|
||||||
from perms.api.asset.user_permission.mixin import RoleAdminMixin, RoleUserMixin
|
from .mixin import AppRoleAdminMixin, AppRoleUserMixin
|
||||||
from perms.utils.application.user_permission import (
|
from perms.utils.application.user_permission import (
|
||||||
get_user_granted_all_applications
|
get_user_granted_all_applications
|
||||||
)
|
)
|
||||||
@ -41,11 +41,11 @@ class AllGrantedApplicationsMixin(CommonApiMixin, ListAPIView):
|
|||||||
return queryset.only(*self.only_fields)
|
return queryset.only(*self.only_fields)
|
||||||
|
|
||||||
|
|
||||||
class UserAllGrantedApplicationsApi(RoleAdminMixin, AllGrantedApplicationsMixin):
|
class UserAllGrantedApplicationsApi(AppRoleAdminMixin, AllGrantedApplicationsMixin):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyAllGrantedApplicationsApi(RoleUserMixin, AllGrantedApplicationsMixin):
|
class MyAllGrantedApplicationsApi(AppRoleUserMixin, AllGrantedApplicationsMixin):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -20,7 +20,7 @@ class PermBaseMixin:
|
|||||||
return super().get(request, *args, **kwargs)
|
return super().get(request, *args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
class RoleAdminMixin(PermBaseMixin, _RoleAdminMixin):
|
class AssetRoleAdminMixin(PermBaseMixin, _RoleAdminMixin):
|
||||||
rbac_perms = (
|
rbac_perms = (
|
||||||
('list', 'perms.view_userassets'),
|
('list', 'perms.view_userassets'),
|
||||||
('retrieve', 'perms.view_userassets'),
|
('retrieve', 'perms.view_userassets'),
|
||||||
@ -29,7 +29,7 @@ class RoleAdminMixin(PermBaseMixin, _RoleAdminMixin):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class RoleUserMixin(PermBaseMixin, _RoleUserMixin):
|
class AssetRoleUserMixin(PermBaseMixin, _RoleUserMixin):
|
||||||
rbac_perms = (
|
rbac_perms = (
|
||||||
('list', 'perms.view_myassets'),
|
('list', 'perms.view_myassets'),
|
||||||
('retrieve', 'perms.view_myassets'),
|
('retrieve', 'perms.view_myassets'),
|
||||||
|
|||||||
@ -2,7 +2,7 @@ from rest_framework.generics import ListAPIView
|
|||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
|
|
||||||
from common.utils import get_logger
|
from common.utils import get_logger
|
||||||
from ..mixin import RoleAdminMixin, RoleUserMixin
|
from ..mixin import AssetRoleAdminMixin, AssetRoleUserMixin
|
||||||
from .mixin import (
|
from .mixin import (
|
||||||
UserAllGrantedAssetsQuerysetMixin, UserDirectGrantedAssetsQuerysetMixin, UserFavoriteGrantedAssetsMixin,
|
UserAllGrantedAssetsQuerysetMixin, UserDirectGrantedAssetsQuerysetMixin, UserFavoriteGrantedAssetsMixin,
|
||||||
UserGrantedNodeAssetsMixin, AssetsSerializerFormatMixin, AssetsTreeFormatMixin,
|
UserGrantedNodeAssetsMixin, AssetsSerializerFormatMixin, AssetsTreeFormatMixin,
|
||||||
@ -19,42 +19,42 @@ logger = get_logger(__name__)
|
|||||||
|
|
||||||
|
|
||||||
class UserDirectGrantedAssetsForAdminApi(UserDirectGrantedAssetsQuerysetMixin,
|
class UserDirectGrantedAssetsForAdminApi(UserDirectGrantedAssetsQuerysetMixin,
|
||||||
RoleAdminMixin,
|
AssetRoleAdminMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyDirectGrantedAssetsApi(UserDirectGrantedAssetsQuerysetMixin,
|
class MyDirectGrantedAssetsApi(UserDirectGrantedAssetsQuerysetMixin,
|
||||||
RoleUserMixin,
|
AssetRoleUserMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class UserFavoriteGrantedAssetsForAdminApi(UserFavoriteGrantedAssetsMixin,
|
class UserFavoriteGrantedAssetsForAdminApi(UserFavoriteGrantedAssetsMixin,
|
||||||
RoleAdminMixin,
|
AssetRoleAdminMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyFavoriteGrantedAssetsApi(UserFavoriteGrantedAssetsMixin,
|
class MyFavoriteGrantedAssetsApi(UserFavoriteGrantedAssetsMixin,
|
||||||
RoleUserMixin,
|
AssetRoleUserMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class UserDirectGrantedAssetsAsTreeForAdminApi(UserDirectGrantedAssetsQuerysetMixin,
|
class UserDirectGrantedAssetsAsTreeForAdminApi(UserDirectGrantedAssetsQuerysetMixin,
|
||||||
RoleAdminMixin,
|
AssetRoleAdminMixin,
|
||||||
AssetsTreeFormatMixin,
|
AssetsTreeFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyUngroupAssetsAsTreeApi(UserDirectGrantedAssetsQuerysetMixin,
|
class MyUngroupAssetsAsTreeApi(UserDirectGrantedAssetsQuerysetMixin,
|
||||||
RoleUserMixin,
|
AssetRoleUserMixin,
|
||||||
AssetsTreeFormatMixin,
|
AssetsTreeFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
@ -65,34 +65,34 @@ class MyUngroupAssetsAsTreeApi(UserDirectGrantedAssetsQuerysetMixin,
|
|||||||
|
|
||||||
|
|
||||||
class UserAllGrantedAssetsApi(UserAllGrantedAssetsQuerysetMixin,
|
class UserAllGrantedAssetsApi(UserAllGrantedAssetsQuerysetMixin,
|
||||||
RoleAdminMixin,
|
AssetRoleAdminMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyAllGrantedAssetsApi(UserAllGrantedAssetsQuerysetMixin,
|
class MyAllGrantedAssetsApi(UserAllGrantedAssetsQuerysetMixin,
|
||||||
RoleUserMixin,
|
AssetRoleUserMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyAllAssetsAsTreeApi(UserAllGrantedAssetsQuerysetMixin,
|
class MyAllAssetsAsTreeApi(UserAllGrantedAssetsQuerysetMixin,
|
||||||
RoleUserMixin,
|
AssetRoleUserMixin,
|
||||||
AssetsTreeFormatMixin,
|
AssetsTreeFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class UserGrantedNodeAssetsForAdminApi(RoleAdminMixin,
|
class UserGrantedNodeAssetsForAdminApi(AssetRoleAdminMixin,
|
||||||
UserGrantedNodeAssetsMixin,
|
UserGrantedNodeAssetsMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedNodeAssetsApi(RoleUserMixin,
|
class MyGrantedNodeAssetsApi(AssetRoleUserMixin,
|
||||||
UserGrantedNodeAssetsMixin,
|
UserGrantedNodeAssetsMixin,
|
||||||
AssetsSerializerFormatMixin,
|
AssetsSerializerFormatMixin,
|
||||||
ListAPIView):
|
ListAPIView):
|
||||||
|
|||||||
@ -9,7 +9,7 @@ from rest_framework.request import Request
|
|||||||
|
|
||||||
from assets.api.mixin import SerializeToTreeNodeMixin
|
from assets.api.mixin import SerializeToTreeNodeMixin
|
||||||
from common.utils import get_logger
|
from common.utils import get_logger
|
||||||
from .mixin import RoleAdminMixin, RoleUserMixin
|
from .mixin import AssetRoleAdminMixin, AssetRoleUserMixin
|
||||||
from perms.hands import User
|
from perms.hands import User
|
||||||
from perms import serializers
|
from perms import serializers
|
||||||
|
|
||||||
@ -100,33 +100,33 @@ class UserGrantedNodesMixin:
|
|||||||
|
|
||||||
# ------------------------------------------
|
# ------------------------------------------
|
||||||
# 最终的 api
|
# 最终的 api
|
||||||
class UserGrantedNodeChildrenForAdminApi(RoleAdminMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenApi):
|
class UserGrantedNodeChildrenForAdminApi(AssetRoleAdminMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedNodeChildrenApi(RoleUserMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenApi):
|
class MyGrantedNodeChildrenApi(AssetRoleUserMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class UserGrantedNodeChildrenAsTreeForAdminApi(RoleAdminMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenAsTreeApi):
|
class UserGrantedNodeChildrenAsTreeForAdminApi(AssetRoleAdminMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenAsTreeApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedNodeChildrenAsTreeApi(RoleUserMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenAsTreeApi):
|
class MyGrantedNodeChildrenAsTreeApi(AssetRoleUserMixin, UserGrantedNodeChildrenMixin, BaseNodeChildrenAsTreeApi):
|
||||||
def get_permissions(self):
|
def get_permissions(self):
|
||||||
permissions = super().get_permissions()
|
permissions = super().get_permissions()
|
||||||
return permissions
|
return permissions
|
||||||
|
|
||||||
|
|
||||||
class UserGrantedNodesForAdminApi(RoleAdminMixin, UserGrantedNodesMixin, BaseGrantedNodeApi):
|
class UserGrantedNodesForAdminApi(AssetRoleAdminMixin, UserGrantedNodesMixin, BaseGrantedNodeApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedNodesApi(RoleUserMixin, UserGrantedNodesMixin, BaseGrantedNodeApi):
|
class MyGrantedNodesApi(AssetRoleUserMixin, UserGrantedNodesMixin, BaseGrantedNodeApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedNodesAsTreeApi(RoleUserMixin, UserGrantedNodesMixin, BaseGrantedNodeAsTreeApi):
|
class MyGrantedNodesAsTreeApi(AssetRoleUserMixin, UserGrantedNodesMixin, BaseGrantedNodeAsTreeApi):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
# ------------------------------------------
|
# ------------------------------------------
|
||||||
|
|||||||
@ -10,7 +10,7 @@ from common.utils.common import timeit
|
|||||||
from orgs.utils import tmp_to_root_org
|
from orgs.utils import tmp_to_root_org
|
||||||
from common.permissions import IsValidUser
|
from common.permissions import IsValidUser
|
||||||
from common.utils import get_logger, get_object_or_none
|
from common.utils import get_logger, get_object_or_none
|
||||||
from .mixin import RoleUserMixin, RoleAdminMixin
|
from .mixin import AssetRoleUserMixin, AssetRoleAdminMixin
|
||||||
from perms.utils.asset.user_permission import (
|
from perms.utils.asset.user_permission import (
|
||||||
UserGrantedTreeBuildUtils, get_user_all_asset_perm_ids,
|
UserGrantedTreeBuildUtils, get_user_all_asset_perm_ids,
|
||||||
UserGrantedNodesQueryUtils, UserGrantedAssetsQueryUtils,
|
UserGrantedNodesQueryUtils, UserGrantedAssetsQueryUtils,
|
||||||
@ -146,9 +146,9 @@ class GrantedNodeChildrenWithAssetsAsTreeApiMixin(SerializeToTreeNodeMixin,
|
|||||||
return Response(data=[*tree_nodes, *tree_assets])
|
return Response(data=[*tree_nodes, *tree_assets])
|
||||||
|
|
||||||
|
|
||||||
class UserGrantedNodeChildrenWithAssetsAsTreeApi(RoleAdminMixin, GrantedNodeChildrenWithAssetsAsTreeApiMixin):
|
class UserGrantedNodeChildrenWithAssetsAsTreeApi(AssetRoleAdminMixin, GrantedNodeChildrenWithAssetsAsTreeApiMixin):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
class MyGrantedNodeChildrenWithAssetsAsTreeApi(RoleUserMixin, GrantedNodeChildrenWithAssetsAsTreeApiMixin):
|
class MyGrantedNodeChildrenWithAssetsAsTreeApi(AssetRoleUserMixin, GrantedNodeChildrenWithAssetsAsTreeApiMixin):
|
||||||
pass
|
pass
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user