From fcd8356e9030fb39a1d625dd3d2a7974d46139bd Mon Sep 17 00:00:00 2001 From: xinwen Date: Wed, 19 Aug 2020 17:59:25 +0800 Subject: [PATCH] =?UTF-8?q?fix(users):=20=E7=BB=84=E7=BB=87=E7=AE=A1?= =?UTF-8?q?=E7=90=86=E5=91=98=EF=BC=8C=E7=A7=BB=E9=99=A4=E7=BB=84=E7=BB=87?= =?UTF-8?q?=E6=88=90=E5=91=98=E6=8A=A5=E9=94=99500=20#231?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/locale/zh/LC_MESSAGES/django.po | 81 +++++++++---------- .../migrations/0008_auto_20200819_1732.py | 18 ----- apps/orgs/models.py | 17 +++- apps/users/models/user.py | 24 +++--- apps/users/serializers/user.py | 10 +-- 5 files changed, 72 insertions(+), 78 deletions(-) delete mode 100644 apps/orgs/migrations/0008_auto_20200819_1732.py diff --git a/apps/locale/zh/LC_MESSAGES/django.po b/apps/locale/zh/LC_MESSAGES/django.po index 66fb19a2a..f0a2309ef 100644 --- a/apps/locale/zh/LC_MESSAGES/django.po +++ b/apps/locale/zh/LC_MESSAGES/django.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: JumpServer 0.3.3\n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2020-08-19 17:34+0800\n" +"POT-Creation-Date: 2020-08-19 18:10+0800\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: ibuler \n" "Language-Team: JumpServer team\n" @@ -29,7 +29,7 @@ msgstr "自定义" #: orgs/models.py:22 perms/models/base.py:48 settings/models.py:27 #: terminal/models.py:27 terminal/models.py:344 terminal/models.py:376 #: terminal/models.py:413 users/forms/profile.py:20 users/models/group.py:15 -#: users/models/user.py:495 users/templates/users/_select_user_modal.html:13 +#: users/models/user.py:491 users/templates/users/_select_user_modal.html:13 #: users/templates/users/user_asset_permission.html:37 #: users/templates/users/user_asset_permission.html:154 #: users/templates/users/user_database_app_permission.html:36 @@ -79,7 +79,7 @@ msgstr "数据库" #: assets/models/label.py:23 ops/models/adhoc.py:37 orgs/models.py:25 #: perms/models/base.py:56 settings/models.py:32 terminal/models.py:37 #: terminal/models.py:383 terminal/models.py:420 users/models/group.py:16 -#: users/models/user.py:528 users/templates/users/user_detail.html:115 +#: users/models/user.py:524 users/templates/users/user_detail.html:115 #: users/templates/users/user_granted_database_app.html:38 #: users/templates/users/user_granted_remote_app.html:37 #: users/templates/users/user_group_detail.html:62 @@ -146,8 +146,8 @@ msgstr "参数" #: assets/models/base.py:240 assets/models/cluster.py:28 #: assets/models/cmd_filter.py:26 assets/models/cmd_filter.py:60 #: assets/models/group.py:21 common/db/models.py:67 common/mixins/models.py:49 -#: orgs/models.py:23 orgs/models.py:374 perms/models/base.py:54 -#: users/models/user.py:536 users/serializers/group.py:35 +#: orgs/models.py:23 orgs/models.py:389 perms/models/base.py:54 +#: users/models/user.py:532 users/serializers/group.py:35 #: users/templates/users/user_detail.html:97 #: xpack/plugins/change_auth_plan/models.py:81 xpack/plugins/cloud/models.py:56 #: xpack/plugins/cloud/models.py:146 xpack/plugins/gathered_user/models.py:30 @@ -161,7 +161,7 @@ msgstr "创建者" #: assets/models/domain.py:23 assets/models/gathered_user.py:19 #: assets/models/group.py:22 assets/models/label.py:25 common/db/models.py:69 #: common/mixins/models.py:50 ops/models/adhoc.py:38 ops/models/command.py:27 -#: orgs/models.py:24 orgs/models.py:372 perms/models/base.py:55 +#: orgs/models.py:24 orgs/models.py:387 perms/models/base.py:55 #: users/models/group.py:18 users/templates/users/user_group_detail.html:58 #: xpack/plugins/cloud/models.py:59 xpack/plugins/cloud/models.py:149 msgid "Date created" @@ -354,7 +354,7 @@ msgstr "" #: audits/models.py:99 authentication/forms.py:11 #: authentication/templates/authentication/login.html:21 #: authentication/templates/authentication/xpack_login.html:101 -#: ops/models/adhoc.py:148 users/forms/profile.py:19 users/models/user.py:493 +#: ops/models/adhoc.py:148 users/forms/profile.py:19 users/models/user.py:489 #: users/templates/users/_select_user_modal.html:14 #: users/templates/users/user_detail.html:53 #: users/templates/users/user_list.html:15 @@ -395,7 +395,7 @@ msgstr "SSH公钥" #: assets/models/base.py:239 assets/models/gathered_user.py:20 #: common/db/models.py:70 common/mixins/models.py:51 ops/models/adhoc.py:39 -#: orgs/models.py:373 +#: orgs/models.py:388 msgid "Date updated" msgstr "更新日期" @@ -407,7 +407,7 @@ msgstr "带宽" msgid "Contact" msgstr "联系人" -#: assets/models/cluster.py:22 users/models/user.py:514 +#: assets/models/cluster.py:22 users/models/user.py:510 #: users/templates/users/user_detail.html:62 msgid "Phone" msgstr "手机" @@ -433,7 +433,7 @@ msgid "Default" msgstr "默认" #: assets/models/cluster.py:36 assets/models/label.py:14 -#: users/models/user.py:661 +#: users/models/user.py:657 msgid "System" msgstr "系统" @@ -547,7 +547,7 @@ msgstr "默认资产组" #: assets/models/label.py:15 audits/models.py:36 audits/models.py:56 #: audits/models.py:69 audits/serializers.py:77 authentication/models.py:46 -#: authentication/models.py:90 orgs/models.py:370 +#: authentication/models.py:90 orgs/models.py:16 orgs/models.py:385 #: perms/forms/asset_permission.py:83 perms/forms/database_app_permission.py:38 #: perms/forms/remote_app_permission.py:40 perms/models/base.py:49 #: templates/index.html:78 terminal/backends/command/models.py:18 @@ -555,7 +555,8 @@ msgstr "默认资产组" #: tickets/models/ticket.py:30 tickets/models/ticket.py:137 #: tickets/serializers/request_asset_perm.py:65 #: tickets/serializers/ticket.py:31 users/forms/group.py:15 -#: users/models/user.py:649 users/serializers/group.py:20 +#: users/models/user.py:158 users/models/user.py:645 +#: users/serializers/group.py:20 #: users/templates/users/user_asset_permission.html:38 #: users/templates/users/user_asset_permission.html:64 #: users/templates/users/user_database_app_permission.html:37 @@ -732,14 +733,14 @@ msgid "Backend" msgstr "后端" #: assets/serializers/asset_user.py:75 users/forms/profile.py:148 -#: users/models/user.py:525 users/templates/users/user_password_update.html:48 +#: users/models/user.py:521 users/templates/users/user_password_update.html:48 #: users/templates/users/user_profile.html:69 #: users/templates/users/user_profile_update.html:46 #: users/templates/users/user_pubkey_update.html:46 msgid "Public key" msgstr "SSH公钥" -#: assets/serializers/asset_user.py:79 users/models/user.py:522 +#: assets/serializers/asset_user.py:79 users/models/user.py:518 msgid "Private key" msgstr "ssh私钥" @@ -1024,7 +1025,7 @@ msgstr "Agent" #: audits/models.py:104 #: authentication/templates/authentication/_mfa_confirm_modal.html:14 #: authentication/templates/authentication/login_otp.html:6 -#: users/forms/profile.py:52 users/models/user.py:517 +#: users/forms/profile.py:52 users/models/user.py:513 #: users/serializers/user.py:240 users/templates/users/user_detail.html:77 #: users/templates/users/user_profile.html:87 msgid "MFA" @@ -1264,7 +1265,7 @@ msgid "Show" msgstr "显示" #: authentication/templates/authentication/_access_key_modal.html:66 -#: users/models/user.py:415 users/serializers/user.py:237 +#: users/models/user.py:411 users/serializers/user.py:237 #: users/templates/users/user_profile.html:94 #: users/templates/users/user_profile.html:163 #: users/templates/users/user_profile.html:166 @@ -1273,7 +1274,7 @@ msgid "Disable" msgstr "禁用" #: authentication/templates/authentication/_access_key_modal.html:67 -#: users/models/user.py:416 users/serializers/user.py:238 +#: users/models/user.py:412 users/serializers/user.py:238 #: users/templates/users/user_profile.html:92 #: users/templates/users/user_profile.html:170 msgid "Enable" @@ -1684,7 +1685,7 @@ msgid "The current organization cannot be deleted" msgstr "" #: orgs/mixins/models.py:56 orgs/mixins/serializers.py:25 orgs/models.py:40 -#: orgs/models.py:369 +#: orgs/models.py:384 msgid "Organization" msgstr "组织" @@ -1692,15 +1693,11 @@ msgstr "组织" msgid "Organization administrator" msgstr "组织管理员" -#: orgs/models.py:16 -msgid "Organization User" -msgstr "组织用户" - #: orgs/models.py:17 msgid "Organization auditor" msgstr "组织审计员" -#: orgs/models.py:371 users/forms/user.py:27 users/models/user.py:505 +#: orgs/models.py:386 users/forms/user.py:27 users/models/user.py:501 #: users/templates/users/_select_user_modal.html:15 #: users/templates/users/user_detail.html:73 #: users/templates/users/user_list.html:16 @@ -1725,7 +1722,7 @@ msgstr "提示:RDP 协议不支持单独控制上传或下载文件" #: perms/forms/asset_permission.py:86 perms/forms/database_app_permission.py:41 #: perms/forms/remote_app_permission.py:43 perms/models/base.py:50 #: templates/_nav.html:21 users/forms/user.py:168 users/models/group.py:31 -#: users/models/user.py:501 users/serializers/user.py:48 +#: users/models/user.py:497 users/serializers/user.py:48 #: users/templates/users/_select_user_modal.html:16 #: users/templates/users/user_asset_permission.html:39 #: users/templates/users/user_asset_permission.html:67 @@ -1792,7 +1789,7 @@ msgid "Asset permission" msgstr "资产授权" #: perms/models/base.py:53 tickets/serializers/request_asset_perm.py:31 -#: users/models/user.py:533 users/templates/users/user_detail.html:93 +#: users/models/user.py:529 users/templates/users/user_detail.html:93 #: users/templates/users/user_profile.html:120 msgid "Date expired" msgstr "失效日期" @@ -2799,7 +2796,7 @@ msgstr "确认密码" msgid "Password does not match" msgstr "密码不一致" -#: users/forms/profile.py:89 users/models/user.py:497 +#: users/forms/profile.py:89 users/models/user.py:493 #: users/templates/users/user_detail.html:57 #: users/templates/users/user_profile.html:59 msgid "Email" @@ -2840,7 +2837,7 @@ msgstr "不能和原来的密钥相同" msgid "Not a valid ssh public key" msgstr "SSH密钥不合法" -#: users/forms/user.py:31 users/models/user.py:540 +#: users/forms/user.py:31 users/models/user.py:536 #: users/templates/users/user_detail.html:89 #: users/templates/users/user_list.html:18 #: users/templates/users/user_profile.html:102 @@ -2874,47 +2871,43 @@ msgstr "设置密码" msgid "Password strategy" msgstr "密码策略" -#: users/models/user.py:156 +#: users/models/user.py:157 msgid "System administrator" msgstr "系统管理员" -#: users/models/user.py:157 -msgid "System User" -msgstr "系统用户" - -#: users/models/user.py:158 +#: users/models/user.py:159 msgid "System auditor" msgstr "系统审计员" -#: users/models/user.py:159 +#: users/models/user.py:160 msgid "Application" msgstr "应用程序" -#: users/models/user.py:417 users/templates/users/user_profile.html:90 +#: users/models/user.py:413 users/templates/users/user_profile.html:90 msgid "Force enable" msgstr "强制启用" -#: users/models/user.py:484 +#: users/models/user.py:480 msgid "Local" msgstr "数据库" -#: users/models/user.py:508 +#: users/models/user.py:504 msgid "Avatar" msgstr "头像" -#: users/models/user.py:511 users/templates/users/user_detail.html:68 +#: users/models/user.py:507 users/templates/users/user_detail.html:68 msgid "Wechat" msgstr "微信" -#: users/models/user.py:544 +#: users/models/user.py:540 msgid "Date password last updated" msgstr "最后更新密码日期" -#: users/models/user.py:657 +#: users/models/user.py:653 msgid "Administrator" msgstr "管理员" -#: users/models/user.py:660 +#: users/models/user.py:656 msgid "Administrator is the super user of system" msgstr "Administrator是初始的超级管理员" @@ -4088,6 +4081,12 @@ msgstr "企业版" msgid "Ultimate edition" msgstr "旗舰版" +#~ msgid "Organization User" +#~ msgstr "组织用户" + +#~ msgid "System User" +#~ msgstr "系统用户" + #~ msgid "Auditor" #~ msgstr "审计员" diff --git a/apps/orgs/migrations/0008_auto_20200819_1732.py b/apps/orgs/migrations/0008_auto_20200819_1732.py deleted file mode 100644 index 75a773626..000000000 --- a/apps/orgs/migrations/0008_auto_20200819_1732.py +++ /dev/null @@ -1,18 +0,0 @@ -# Generated by Django 2.2.13 on 2020-08-19 09:32 - -from django.db import migrations, models - - -class Migration(migrations.Migration): - - dependencies = [ - ('orgs', '0007_auto_20200728_1805'), - ] - - operations = [ - migrations.AlterField( - model_name='organizationmember', - name='role', - field=models.CharField(choices=[('Admin', 'Organization administrator'), ('User', 'Organization User'), ('Auditor', 'Organization auditor')], default='User', max_length=16, verbose_name='Role'), - ), - ] diff --git a/apps/orgs/models.py b/apps/orgs/models.py index 1769787a4..2c47ed756 100644 --- a/apps/orgs/models.py +++ b/apps/orgs/models.py @@ -13,7 +13,7 @@ from common.db.models import ChoiceSet class ROLE(ChoiceSet): ADMIN = choices.ADMIN, _('Organization administrator') - USER = choices.USER, _('Organization User') + USER = choices.USER, _('User') AUDITOR = choices.AUDITOR, _("Organization auditor") @@ -243,6 +243,21 @@ class UserRoleMapper(dict): class OrgMemeberManager(models.Manager): + def remove_users(self, org, users): + from users.models import User + pk_set = [] + for user in users: + if hasattr(user, 'pk'): + pk_set.append(user.pk) + else: + pk_set.append(user) + + send = partial(signals.m2m_changed.send, sender=self.model, instance=org, reverse=False, + model=User, pk_set=pk_set, using=self.db) + send(action="pre_remove") + self.filter(org_id=org.id, user_id__in=pk_set).delete() + send(action="post_remove") + def remove_users_by_role(self, org, users=None, admins=None, auditors=None): from users.models import User diff --git a/apps/users/models/user.py b/apps/users/models/user.py index 7a4dc2a4f..310084d06 100644 --- a/apps/users/models/user.py +++ b/apps/users/models/user.py @@ -18,6 +18,7 @@ from django.shortcuts import reverse from common.local import LOCAL_DYNAMIC_SETTINGS from orgs.utils import current_org +from orgs.models import OrganizationMember from common.utils import date_expired_default, get_logger, lazyproperty from common import fields from common.const import choices @@ -154,7 +155,7 @@ class AuthMixin: class RoleMixin: class ROLE(ChoiceSet): ADMIN = choices.ADMIN, _('System administrator') - USER = choices.USER, _('System User') + USER = choices.USER, _('User') AUDITOR = choices.AUDITOR, _('System auditor') APP = 'App', _('Application') @@ -189,9 +190,19 @@ class RoleMixin: return roles @lazyproperty - def org_role_display(self): + def org_roles_label_list(self): from orgs.models import ROLE as ORG_ROLE - return ' | '.join([str(ORG_ROLE[role]) for role in self.org_roles if role in ORG_ROLE]) + return [str(ORG_ROLE[role]) for role in self.org_roles if role in ORG_ROLE] + + @lazyproperty + def org_role_display(self): + return ' | '.join(self.org_roles_label_list) + + @lazyproperty + def total_role_display(self): + roles = list({self.role_display, *self.org_roles_label_list}) + roles.sort() + return ' | '.join(roles) def current_org_roles(self): from orgs.models import OrganizationMember, ROLE as ORG_ROLE @@ -320,12 +331,7 @@ class RoleMixin: def remove(self): if not current_org.is_real(): return - if self.can_user_current_org: - current_org.users.remove(self) - if self.can_admin_current_org: - current_org.admins.remove(self) - if self.can_audit_current_org: - current_org.auditors.remove(self) + OrganizationMember.objects.remove_users(current_org, [self]) class TokenMixin: diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py index 6d8caaf8a..d6968a2d8 100644 --- a/apps/users/serializers/user.py +++ b/apps/users/serializers/user.py @@ -52,7 +52,6 @@ class UserSerializer(CommonBulkSerializerMixin, serializers.ModelSerializer): can_delete = serializers.SerializerMethodField() org_roles = serializers.ListField(label=_('Organization role name'), allow_null=True, required=False, child=serializers.ChoiceField(choices=ORG_ROLE.choices)) - total_role_display = serializers.SerializerMethodField(label=_('Total role name')) key_prefix_block = "_LOGIN_BLOCK_{}" class Meta: @@ -87,6 +86,7 @@ class UserSerializer(CommonBulkSerializerMixin, serializers.ModelSerializer): 'source_display': {'label': _('Source name')}, 'org_role_display': {'label': _('Organization role name')}, 'role_display': {'label': _('Super role name')}, + 'total_role_display': {'label': _('Total role name')} } def __init__(self, *args, **kwargs): @@ -105,14 +105,6 @@ class UserSerializer(CommonBulkSerializerMixin, serializers.ModelSerializer): choices.pop(User.ROLE.AUDITOR, None) role._choices = choices - def get_total_role_display(self, instance): - role_display = instance.role_display - org_role_display = instance.org_role_display - if role_display == org_role_display: - return role_display - else: - return f'{role_display} | {org_role_display}' - def validate_role(self, value): request = self.context.get('request') if not request.user.is_superuser and value != User.ROLE.USER: