perf: 修改系统用户

apps/assets/api/__init__.py

@@ -1,9 +1,7 @@
 from .mixin import *
-from .admin_user import *
 from .asset import *
 from .label import *
 from .system_user import *
-from .system_user_relation import *
 from .accounts import *
 from .node import *
 from .domain import *

apps/assets/api/admin_user.py

@@ -1,30 +0,0 @@
-from django.db.models import Count
-
-from orgs.mixins.api import OrgBulkModelViewSet
-from common.utils import get_logger
-from ..models import SystemUser
-from .. import serializers
-from rbac.permissions import RBACPermission
-
-
-logger = get_logger(__file__)
-__all__ = ['AdminUserViewSet']
-
-
-# 兼容一下老的 api
-class AdminUserViewSet(OrgBulkModelViewSet):
-    """
-    Admin user api set, for add,delete,update,list,retrieve resource
-    """
-    model = SystemUser
-    filterset_fields = ("name", "username")
-    search_fields = filterset_fields
-    serializer_class = serializers.AdminUserSerializer
-    permission_classes = (RBACPermission,)
-    ordering_fields = ('name',)
-    ordering = ('name', )
-
-    def get_queryset(self):
-        queryset = super().get_queryset().filter(type=SystemUser.Type.admin)
-        queryset = queryset.annotate(assets_amount=Count('assets'))
-        return queryset

apps/assets/api/asset.py

@@ -42,7 +42,6 @@ class AssetViewSet(SuggestionMixin, FilterAssetByNodeMixin, OrgBulkModelViewSet)
     filterset_fields = {
         'hostname': ['exact'],
         'ip': ['exact'],
-        'system_users__id': ['exact'],
         'platform__base': ['exact'],
         'is_active': ['exact'],
         'protocols': ['exact', 'icontains']

apps/assets/api/system_user.py

@@ -5,23 +5,17 @@ from rest_framework.decorators import action
 from rest_framework.viewsets import GenericViewSet
 
 from common.utils import get_logger, get_object_or_none
-from common.permissions import IsValidUser
 from common.mixins.api import SuggestionMixin
 from orgs.mixins.api import OrgBulkModelViewSet
 from orgs.mixins import generics
-from orgs.utils import tmp_to_root_org
 from ..models import SystemUser, CommandFilterRule, Account
 from .. import serializers
-from ..tasks import (
-    push_system_user_to_assets_manual, test_system_user_connectivity_manual,
-    push_system_user_to_assets
-)
 
 logger = get_logger(__file__)
 __all__ = [
-    'SystemUserViewSet', 'SystemUserAuthInfoApi', 'SystemUserAssetAuthInfoApi',
-    'SystemUserCommandFilterRuleListApi', 'SystemUserTaskApi', 'SystemUserAssetsListView',
-    'SystemUserTempAuthInfoApi', 'SystemUserAppAuthInfoApi', 'SystemUserAssetAccountApi',
+    'SystemUserViewSet', 'SystemUserAuthInfoApi',
+    'SystemUserCommandFilterRuleListApi',
+    'SystemUserAssetAccountApi',
     'SystemUserAssetAccountSecretApi',
 ]
 
@@ -35,7 +29,6 @@ class SystemUserViewSet(SuggestionMixin, OrgBulkModelViewSet):
         'name': ['exact'],
         'username': ['exact'],
         'protocol': ['exact', 'in'],
-        'type': ['exact', 'in'],
     }
     search_fields = filterset_fields
     serializer_class = serializers.SystemUserSerializer
@@ -154,116 +147,6 @@ class SystemUserAuthInfoApi(generics.RetrieveUpdateDestroyAPIView):
         return Response(status=204)
 
 
-class SystemUserTempAuthInfoApi(generics.CreateAPIView):
-    model = SystemUser
-    permission_classes = (IsValidUser,)
-    serializer_class = serializers.SystemUserTempAuthSerializer
-
-    def create(self, request, *args, **kwargs):
-        serializer = super().get_serializer(data=request.data)
-        serializer.is_valid(raise_exception=True)
-
-        pk = kwargs.get('pk')
-        data = serializer.validated_data
-        asset_or_app_id = data.get('instance_id')
-
-        with tmp_to_root_org():
-            instance = get_object_or_404(SystemUser, pk=pk)
-            instance.set_temp_auth(asset_or_app_id, self.request.user.id, data)
-        return Response(serializer.data, status=201)
-
-
-class SystemUserAssetAuthInfoApi(generics.RetrieveAPIView):
-    """
-    Get system user with asset auth info
-    """
-    model = SystemUser
-    serializer_class = serializers.SystemUserWithAuthInfoSerializer
-
-    def get_object(self):
-        instance = super().get_object()
-        asset_id = self.kwargs.get('asset_id')
-        user_id = self.request.query_params.get("user_id")
-        username = self.request.query_params.get("username")
-        instance.load_asset_more_auth(asset_id, username, user_id)
-        return instance
-
-
-class SystemUserAppAuthInfoApi(generics.RetrieveAPIView):
-    """
-    Get system user with asset auth info
-    """
-    model = SystemUser
-    serializer_class = serializers.SystemUserWithAuthInfoSerializer
-    rbac_perms = {
-        'retrieve': 'assets.view_systemusersecret',
-    }
-
-    def get_object(self):
-        instance = super().get_object()
-        app_id = self.kwargs.get('app_id')
-        user_id = self.request.query_params.get("user_id")
-        username = self.request.query_params.get("username")
-        instance.load_app_more_auth(app_id, username, user_id)
-        return instance
-
-
-class SystemUserTaskApi(generics.CreateAPIView):
-    serializer_class = serializers.SystemUserTaskSerializer
-
-    def do_push(self, system_user, asset_ids=None):
-        if asset_ids is None:
-            task = push_system_user_to_assets_manual.delay(system_user)
-        else:
-            username = self.request.query_params.get('username')
-            task = push_system_user_to_assets.delay(
-                system_user.id, asset_ids, username=username
-            )
-        return task
-
-    @staticmethod
-    def do_test(system_user, asset_ids):
-        task = test_system_user_connectivity_manual.delay(system_user, asset_ids)
-        return task
-
-    def get_object(self):
-        pk = self.kwargs.get('pk')
-        return get_object_or_404(SystemUser, pk=pk)
-
-    def check_permissions(self, request):
-        action = request.data.get('action')
-        action_perm_require = {
-            'push': 'assets.push_assetsystemuser',
-            'test': 'assets.test_assetconnectivity'
-        }
-        perm_required = action_perm_require.get(action)
-        has = self.request.user.has_perm(perm_required)
-
-        if not has:
-            self.permission_denied(request)
-
-    def perform_create(self, serializer):
-        action = serializer.validated_data["action"]
-        asset = serializer.validated_data.get('asset')
-
-        if asset:
-            assets = [asset]
-        else:
-            assets = serializer.validated_data.get('assets') or []
-
-        asset_ids = [asset.id for asset in assets]
-        asset_ids = asset_ids if asset_ids else None
-
-        system_user = self.get_object()
-        if action == 'push':
-            task = self.do_push(system_user, asset_ids)
-        else:
-            task = self.do_test(system_user, asset_ids)
-        data = getattr(serializer, '_data', {})
-        data["task"] = task.id
-        setattr(serializer, '_data', data)
-
-
 class SystemUserCommandFilterRuleListApi(generics.ListAPIView):
     rbac_perms = {
         'list': 'assets.view_commandfilterule'
@@ -291,19 +174,3 @@ class SystemUserCommandFilterRuleListApi(generics.ListAPIView):
         )
         return rules
 
-
-class SystemUserAssetsListView(generics.ListAPIView):
-    serializer_class = serializers.AssetSimpleSerializer
-    filterset_fields = ("hostname", "ip")
-    search_fields = filterset_fields
-    rbac_perms = {
-        'list': 'assets.view_asset'
-    }
-
-    def get_object(self):
-        pk = self.kwargs.get('pk')
-        return get_object_or_404(SystemUser, pk=pk)
-
-    def get_queryset(self):
-        system_user = self.get_object()
-        return system_user.get_all_assets()

apps/assets/api/system_user_relation.py

@@ -1,138 +0,0 @@
-# -*- coding: utf-8 -*-
-#
-from collections import defaultdict
-from django.db.models import F, Value, Model
-from django.db.models.signals import m2m_changed
-from django.db.models.functions import Concat
-
-from common.utils import get_logger
-from orgs.mixins.api import OrgBulkModelViewSet
-from orgs.utils import current_org
-from .. import models, serializers
-
-__all__ = [
-    'SystemUserAssetRelationViewSet', 'SystemUserNodeRelationViewSet',
-    'SystemUserUserRelationViewSet', 'BaseRelationViewSet',
-]
-
-logger = get_logger(__name__)
-
-
-class RelationMixin:
-    model: Model
-
-    def get_queryset(self):
-        queryset = self.model.objects.all()
-        if not current_org.is_root():
-            org_id = current_org.org_id()
-            queryset = queryset.filter(systemuser__org_id=org_id)
-
-        queryset = queryset.annotate(systemuser_display=Concat(
-            F('systemuser__name'), Value('('),
-            F('systemuser__username'), Value(')')
-        ))
-        return queryset
-
-    def send_post_add_signal(self, instance):
-        if not isinstance(instance, list):
-            instance = [instance]
-
-        system_users_objects_map = defaultdict(list)
-        model, object_field = self.get_objects_attr()
-
-        for i in instance:
-            _id = getattr(i, object_field).id
-            system_users_objects_map[i.systemuser].append(_id)
-
-        sender = self.get_sender()
-        for system_user, object_ids in system_users_objects_map.items():
-            logger.debug('System user relation changed, send m2m_changed signals')
-            m2m_changed.send(
-                sender=sender, instance=system_user, action='post_add',
-                reverse=False, model=model, pk_set=set(object_ids)
-            )
-
-    def get_sender(self):
-        return self.model
-
-    def get_objects_attr(self):
-        return models.Asset, 'asset'
-
-    def perform_create(self, serializer):
-        instance = serializer.save()
-        self.send_post_add_signal(instance)
-
-
-class BaseRelationViewSet(RelationMixin, OrgBulkModelViewSet):
-    perm_model = models.SystemUser
-
-
-class SystemUserAssetRelationViewSet(BaseRelationViewSet):
-    serializer_class = serializers.SystemUserAssetRelationSerializer
-    model = models.SystemUser.assets.through
-    filterset_fields = [
-        'id', 'asset', 'systemuser',
-    ]
-    search_fields = [
-        "id", "asset__hostname", "asset__ip",
-        "systemuser__name", "systemuser__username",
-    ]
-
-    def get_objects_attr(self):
-        return models.Asset, 'asset'
-
-    def get_queryset(self):
-        queryset = super().get_queryset()
-        queryset = queryset.annotate(
-            asset_display=Concat(
-                F('asset__hostname'), Value('('),
-                F('asset__ip'), Value(')')
-            )
-        )
-        return queryset
-
-
-class SystemUserNodeRelationViewSet(BaseRelationViewSet):
-    serializer_class = serializers.SystemUserNodeRelationSerializer
-    model = models.SystemUser.nodes.through
-    filterset_fields = [
-        'id', 'node', 'systemuser',
-    ]
-    search_fields = [
-        "node__value", "systemuser__name", "systemuser__username"
-    ]
-
-    def get_objects_attr(self):
-        return models.Node, 'node'
-
-    def get_queryset(self):
-        queryset = super().get_queryset()
-        queryset = queryset \
-            .annotate(node_key=F('node__key'))
-        return queryset
-
-
-class SystemUserUserRelationViewSet(BaseRelationViewSet):
-    serializer_class = serializers.SystemUserUserRelationSerializer
-    model = models.SystemUser.users.through
-    filterset_fields = [
-        'id', 'user', 'systemuser',
-    ]
-    search_fields = [
-        "user__username", "user__name",
-        "systemuser__name", "systemuser__username",
-    ]
-
-    def get_objects_attr(self):
-        from users.models import User
-        return User, 'user'
-
-    def get_queryset(self):
-        queryset = super().get_queryset()
-        queryset = queryset.annotate(
-            user_display=Concat(
-                F('user__name'), Value('('),
-                F('user__username'), Value(')')
-            )
-        )
-        return queryset