fix: 修复获取远程应用认证信息问题

apps/applications/models/application.py

@@ -7,6 +7,7 @@ from django.utils.translation import ugettext_lazy as _
 from orgs.mixins.models import OrgModelMixin
 from common.mixins import CommonModelMixin
 from common.tree import TreeNode
+from common.utils import is_uuid
 from assets.models import Asset, SystemUser
 
 from ..utils import KubernetesTree
@@ -254,12 +255,12 @@ class Application(CommonModelMixin, OrgModelMixin, ApplicationTreeNodeMixin):
             'parameters': parameters
         }
 
-    def get_remote_app_asset(self):
+    def get_remote_app_asset(self, raise_exception=True):
         asset_id = self.attrs.get('asset')
-        if not asset_id:
+        if is_uuid(asset_id):
+            return Asset.objects.filter(id=asset_id).first()
+        if raise_exception:
             raise ValueError("Remote App not has asset attr")
-        asset = Asset.objects.filter(id=asset_id).first()
-        return asset
 
 
 class ApplicationUser(SystemUser):

apps/assets/models/user.py

@@ -133,6 +133,14 @@ class AuthMixin:
             self.password = password
 
     def load_app_more_auth(self, app_id=None, username=None, user_id=None):
+        from applications.models import Application
+        app = get_object_or_none(Application, pk=app_id)
+        if app and app.category_remote_app:
+            # Remote app
+            self._load_remoteapp_more_auth(app, username, user_id)
+            return
+
+        # Other app
         self._clean_auth_info_if_manual_login_mode()
         # 加载临时认证信息
         if self.login_mode == self.LOGIN_MANUAL:
@@ -148,6 +156,11 @@ class AuthMixin:
                 _username = username
             self.username = _username
 
+    def _load_remoteapp_more_auth(self, app, username, user_id):
+        asset = app.get_remote_app_asset(raise_exception=False)
+        if asset:
+            self.load_asset_more_auth(asset_id=asset.id, username=username, user_id=user_id)
+
     def load_asset_special_auth(self, asset, username=''):
         """
         AuthBook 的数据状态

apps/orgs/signals_handler/common.py

@@ -14,6 +14,7 @@ from orgs.models import Organization, OrganizationMember
 from orgs.hands import set_current_org, Node, get_current_org
 from perms.models import (AssetPermission, ApplicationPermission)
 from users.models import UserGroup, User
+from assets.models import SystemUser
 from common.const.signals import PRE_REMOVE, POST_REMOVE
 from common.decorator import on_transaction_commit
 from common.signals import django_ready
@@ -136,7 +137,7 @@ def _clear_users_from_org(org, users):
     if not users:
         return
 
-    models = (AssetPermission, ApplicationPermission, UserGroup)
+    models = (AssetPermission, ApplicationPermission, UserGroup, SystemUser)
 
     for m in models:
         _remove_users(m, users, org)

apps/perms/serializers/application/permission.py

@@ -5,7 +5,7 @@ from rest_framework import serializers
 from django.utils.translation import ugettext_lazy as _
 
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
-from perms.models import ApplicationPermission
+from perms.models import ApplicationPermission, Action
 from ..base import ActionsField, BasePermissionSerializer
 
 __all__ = [

apps/perms/serializers/base.py

@@ -1,6 +1,7 @@
 from rest_framework import serializers
 from perms.models import Action
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
+from rest_framework.fields import empty
 
 __all__ = ['ActionsDisplayField', 'ActionsField', 'BasePermissionSerializer']
 
@@ -10,6 +11,12 @@ class ActionsField(serializers.MultipleChoiceField):
         kwargs['choices'] = Action.CHOICES
         super().__init__(*args, **kwargs)
 
+    def run_validation(self, data=empty):
+        data = super(ActionsField, self).run_validation(data)
+        if isinstance(data, list):
+            data = Action.choices_to_value(value=data)
+        return data
+
     def to_representation(self, value):
         return Action.value_to_choices(value)