From d906df5b005095dd591cc768f0b3059e68470746 Mon Sep 17 00:00:00 2001 From: BaiJiangJie <32935519+BaiJiangJie@users.noreply.github.com> Date: Tue, 21 May 2019 16:27:01 +0800 Subject: [PATCH] =?UTF-8?q?[Update]=20=E6=8A=BD=E8=B1=A1BasePermission=20(?= =?UTF-8?q?#2710)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [Update] AssetPermission/RemoteAppPermission抽象BasePermission * [Update] Perms模块添加迁移文件 * [Update] Perms删除多余迁移文件 * [Update] Perms重新生成RemoteAppPermission迁移文件 --- ...520_1904.py => 0005_auto_20190521_1619.py} | 22 ++++-- apps/perms/models/asset_permission.py | 61 +-------------- apps/perms/models/base.py | 74 +++++++++++++++++++ apps/perms/models/remote_app_permission.py | 60 ++------------- apps/perms/views/asset_permission.py | 4 +- apps/perms/views/remote_app_permission.py | 4 +- 6 files changed, 103 insertions(+), 122 deletions(-) rename apps/perms/migrations/{0005_auto_20190520_1904.py => 0005_auto_20190521_1619.py} (73%) create mode 100644 apps/perms/models/base.py diff --git a/apps/perms/migrations/0005_auto_20190520_1904.py b/apps/perms/migrations/0005_auto_20190521_1619.py similarity index 73% rename from apps/perms/migrations/0005_auto_20190520_1904.py rename to apps/perms/migrations/0005_auto_20190521_1619.py index 48c579201..f000b8685 100644 --- a/apps/perms/migrations/0005_auto_20190520_1904.py +++ b/apps/perms/migrations/0005_auto_20190521_1619.py @@ -1,4 +1,4 @@ -# Generated by Django 2.1.7 on 2019-05-20 11:04 +# Generated by Django 2.1.7 on 2019-05-21 08:19 import common.utils.django from django.conf import settings @@ -10,9 +10,9 @@ import uuid class Migration(migrations.Migration): dependencies = [ - migrations.swappable_dependency(settings.AUTH_USER_MODEL), - ('applications', '0001_initial'), ('users', '0019_auto_20190304_1459'), + ('applications', '0001_initial'), + migrations.swappable_dependency(settings.AUTH_USER_MODEL), ('perms', '0004_assetpermission_actions'), ] @@ -29,15 +29,25 @@ class Migration(migrations.Migration): ('created_by', models.CharField(blank=True, max_length=128, verbose_name='Created by')), ('date_created', models.DateTimeField(auto_now_add=True, verbose_name='Date created')), ('comment', models.TextField(blank=True, verbose_name='Comment')), - ('remote_apps', models.ManyToManyField(blank=True, related_name='remote_app_permissions', to='applications.RemoteApp', verbose_name='RemoteApp')), - ('user_groups', models.ManyToManyField(blank=True, related_name='remote_app_permissions', to='users.UserGroup', verbose_name='User group')), - ('users', models.ManyToManyField(blank=True, related_name='remote_app_permissions', to=settings.AUTH_USER_MODEL, verbose_name='User')), + ('remote_apps', models.ManyToManyField(blank=True, related_name='granted_by_permissions', to='applications.RemoteApp', verbose_name='RemoteApp')), + ('user_groups', models.ManyToManyField(blank=True, to='users.UserGroup', verbose_name='User group')), + ('users', models.ManyToManyField(blank=True, to=settings.AUTH_USER_MODEL, verbose_name='User')), ], options={ 'verbose_name': 'RemoteApp permission', 'ordering': ('name',), }, ), + migrations.AlterField( + model_name='assetpermission', + name='user_groups', + field=models.ManyToManyField(blank=True, to='users.UserGroup', verbose_name='User group'), + ), + migrations.AlterField( + model_name='assetpermission', + name='users', + field=models.ManyToManyField(blank=True, to=settings.AUTH_USER_MODEL, verbose_name='User'), + ), migrations.AlterUniqueTogether( name='remoteapppermission', unique_together={('org_id', 'name')}, diff --git a/apps/perms/models/asset_permission.py b/apps/perms/models/asset_permission.py index ca917d69d..9091ce3f0 100644 --- a/apps/perms/models/asset_permission.py +++ b/apps/perms/models/asset_permission.py @@ -2,12 +2,12 @@ import uuid from django.db import models from django.utils.translation import ugettext_lazy as _ -from django.utils import timezone from common.utils import date_expired_default, set_or_append_attr_bulk -from orgs.mixins import OrgModelMixin, OrgManager +from orgs.mixins import OrgModelMixin -from perms.const import PERMS_ACTION_NAME_CHOICES, PERMS_ACTION_NAME_ALL +from ..const import PERMS_ACTION_NAME_CHOICES, PERMS_ACTION_NAME_ALL +from .base import BasePermission __all__ = [ @@ -33,69 +33,16 @@ class Action(models.Model): return cls.objects.get(name=PERMS_ACTION_NAME_ALL) -class AssetPermissionQuerySet(models.QuerySet): - def active(self): - return self.filter(is_active=True) - - def valid(self): - return self.active().filter(date_start__lt=timezone.now())\ - .filter(date_expired__gt=timezone.now()) - - -class AssetPermissionManager(OrgManager): - def valid(self): - return self.get_queryset().valid() - - -class AssetPermission(OrgModelMixin): - id = models.UUIDField(default=uuid.uuid4, primary_key=True) - name = models.CharField(max_length=128, verbose_name=_('Name')) - users = models.ManyToManyField('users.User', related_name='asset_permissions', blank=True, verbose_name=_("User")) - user_groups = models.ManyToManyField('users.UserGroup', related_name='asset_permissions', blank=True, verbose_name=_("User group")) +class AssetPermission(OrgModelMixin, BasePermission): assets = models.ManyToManyField('assets.Asset', related_name='granted_by_permissions', blank=True, verbose_name=_("Asset")) nodes = models.ManyToManyField('assets.Node', related_name='granted_by_permissions', blank=True, verbose_name=_("Nodes")) system_users = models.ManyToManyField('assets.SystemUser', related_name='granted_by_permissions', verbose_name=_("System user")) actions = models.ManyToManyField('Action', related_name='permissions', blank=True, verbose_name=_('Action')) - is_active = models.BooleanField(default=True, verbose_name=_('Active')) - date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start")) - date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired')) - created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by')) - date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created')) - comment = models.TextField(verbose_name=_('Comment'), blank=True) - - objects = AssetPermissionManager.from_queryset(AssetPermissionQuerySet)() class Meta: unique_together = [('org_id', 'name')] verbose_name = _("Asset permission") - def __str__(self): - return self.name - - @property - def id_str(self): - return str(self.id) - - @property - def is_expired(self): - if self.date_expired > timezone.now() > self.date_start: - return False - return True - - @property - def is_valid(self): - if not self.is_expired and self.is_active: - return True - return False - - def get_all_users(self): - users = set(self.users.all()) - for group in self.user_groups.all(): - _users = group.users.all() - set_or_append_attr_bulk(_users, 'inherit', group.name) - users.update(set(_users)) - return users - def get_all_assets(self): assets = set(self.assets.all()) for node in self.nodes.all(): diff --git a/apps/perms/models/base.py b/apps/perms/models/base.py new file mode 100644 index 000000000..4665bcd2a --- /dev/null +++ b/apps/perms/models/base.py @@ -0,0 +1,74 @@ +# coding: utf-8 +# + +import uuid +from django.utils.translation import ugettext_lazy as _ +from django.db import models +from django.utils import timezone + +from common.utils import date_expired_default, set_or_append_attr_bulk +from orgs.mixins import OrgManager + + +__all__ = [ + 'BasePermission', +] + + +class BasePermissionQuerySet(models.QuerySet): + def active(self): + return self.filter(is_active=True) + + def valid(self): + return self.active().filter(date_start__lt=timezone.now()) \ + .filter(date_expired__gt=timezone.now()) + + +class BasePermissionManager(OrgManager): + def valid(self): + return self.get_queryset().valid() + + +class BasePermission(models.Model): + id = models.UUIDField(default=uuid.uuid4, primary_key=True) + name = models.CharField(max_length=128, verbose_name=_('Name')) + users = models.ManyToManyField('users.User', blank=True, verbose_name=_("User")) + user_groups = models.ManyToManyField('users.UserGroup', blank=True, verbose_name=_("User group")) + is_active = models.BooleanField(default=True, verbose_name=_('Active')) + date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start")) + date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired')) + created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by')) + date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created')) + comment = models.TextField(verbose_name=_('Comment'), blank=True) + + objects = BasePermissionManager.from_queryset(BasePermissionQuerySet)() + + class Meta: + abstract = True + + def __str__(self): + return self.name + + @property + def id_str(self): + return str(self.id) + + @property + def is_expired(self): + if self.date_expired > timezone.now() > self.date_start: + return False + return True + + @property + def is_valid(self): + if not self.is_expired and self.is_active: + return True + return False + + def get_all_users(self): + users = set(self.users.all()) + for group in self.user_groups.all(): + _users = group.users.all() + set_or_append_attr_bulk(_users, 'inherit', group.name) + users.update(set(_users)) + return users diff --git a/apps/perms/models/remote_app_permission.py b/apps/perms/models/remote_app_permission.py index 7b29c8d20..b705a2ab3 100644 --- a/apps/perms/models/remote_app_permission.py +++ b/apps/perms/models/remote_app_permission.py @@ -1,75 +1,25 @@ # coding: utf-8 # -import uuid from django.db import models -from django.utils import timezone from django.utils.translation import ugettext_lazy as _ -from orgs.mixins import OrgModelMixin, OrgManager -from common.utils import date_expired_default, set_or_append_attr_bulk +from orgs.mixins import OrgModelMixin + +from .base import BasePermission __all__ = [ 'RemoteAppPermission', ] -class RemoteAppPermissionQuerySet(models.QuerySet): - def active(self): - return self.filter(is_active=True) - - def valid(self): - return self.active().filter(date_start__lt=timezone.now())\ - .filter(date_expired__gt=timezone.now()) - - -class RemoteAppPermissionManager(OrgManager): - def valid(self): - return self.get_queryset().valid() - - -class RemoteAppPermission(OrgModelMixin): - id = models.UUIDField(default=uuid.uuid4, primary_key=True) - name = models.CharField(max_length=128, verbose_name=_('Name')) - users = models.ManyToManyField('users.User', related_name='remote_app_permissions', blank=True, verbose_name=_("User")) - user_groups = models.ManyToManyField('users.UserGroup', related_name='remote_app_permissions', blank=True, verbose_name=_("User group")) - remote_apps = models.ManyToManyField('applications.RemoteApp', related_name='remote_app_permissions', blank=True, verbose_name=_("RemoteApp")) - is_active = models.BooleanField(default=True, verbose_name=_('Active')) - date_start = models.DateTimeField(default=timezone.now, db_index=True, verbose_name=_("Date start")) - date_expired = models.DateTimeField(default=date_expired_default, db_index=True, verbose_name=_('Date expired')) - created_by = models.CharField(max_length=128, blank=True, verbose_name=_('Created by')) - date_created = models.DateTimeField(auto_now_add=True, verbose_name=_('Date created')) - comment = models.TextField(verbose_name=_('Comment'), blank=True) - - objects = RemoteAppPermissionManager.from_queryset(RemoteAppPermissionQuerySet)() +class RemoteAppPermission(OrgModelMixin, BasePermission): + remote_apps = models.ManyToManyField('applications.RemoteApp', related_name='granted_by_permissions', blank=True, verbose_name=_("RemoteApp")) class Meta: unique_together = [('org_id', 'name')] verbose_name = _('RemoteApp permission') ordering = ('name',) - def __str__(self): - return self.name - - @property - def is_expired(self): - if self.date_expired > timezone.now() > self.date_start: - return False - return True - - @property - def is_valid(self): - if not self.is_expired and self.is_active: - return True - return False - - def get_all_users(self): - users = set(self.users.all()) - for group in self.user_groups.all(): - _users = group.users.all() - set_or_append_attr_bulk(_users, 'inherit', group.name) - users.update(set(_users)) - return users - def get_all_remote_apps(self): return set(self.remote_apps.all()) diff --git a/apps/perms/views/asset_permission.py b/apps/perms/views/asset_permission.py index fc16b70a9..e85acaf39 100644 --- a/apps/perms/views/asset_permission.py +++ b/apps/perms/views/asset_permission.py @@ -130,10 +130,10 @@ class AssetPermissionUserView(AdminUserRequiredMixin, 'app': _('Perms'), 'action': _('Asset permission user list'), 'users_remain': current_org.get_org_users().exclude( - asset_permissions=self.object + assetpermission=self.object ), 'user_groups_remain': UserGroup.objects.exclude( - asset_permissions=self.object + assetpermission=self.object ) } kwargs.update(context) diff --git a/apps/perms/views/remote_app_permission.py b/apps/perms/views/remote_app_permission.py index f4da75ffe..2e3db2f17 100644 --- a/apps/perms/views/remote_app_permission.py +++ b/apps/perms/views/remote_app_permission.py @@ -102,10 +102,10 @@ class RemoteAppPermissionUserView(AdminUserRequiredMixin, 'app': _('Perms'), 'action': _('RemoteApp permission user list'), 'users_remain': current_org.get_org_users().exclude( - remote_app_permissions=self.object + remoteapppermissions=self.object ), 'user_groups_remain': UserGroup.objects.exclude( - remote_app_permissions=self.object + remoteapppermissions=self.object ) } kwargs.update(context)