fix: ftp日志清理bug

apps/applications/models/application.py

@@ -7,6 +7,7 @@ from django.utils.translation import ugettext_lazy as _
 from orgs.mixins.models import OrgModelMixin
 from common.mixins import CommonModelMixin
 from common.tree import TreeNode
+from common.utils import is_uuid
 from assets.models import Asset, SystemUser
 
 from ..utils import KubernetesTree
@@ -254,12 +255,12 @@ class Application(CommonModelMixin, OrgModelMixin, ApplicationTreeNodeMixin):
             'parameters': parameters
         }
 
-    def get_remote_app_asset(self):
+    def get_remote_app_asset(self, raise_exception=True):
         asset_id = self.attrs.get('asset')
-        if not asset_id:
+        if is_uuid(asset_id):
+            return Asset.objects.filter(id=asset_id).first()
+        if raise_exception:
             raise ValueError("Remote App not has asset attr")
-        asset = Asset.objects.filter(id=asset_id).first()
-        return asset
 
 
 class ApplicationUser(SystemUser):

apps/assets/api/system_user.py

@@ -114,7 +114,7 @@ class SystemUserTempAuthInfoApi(generics.CreateAPIView):
 
         with tmp_to_root_org():
             instance = get_object_or_404(SystemUser, pk=pk)
-            instance.set_temp_auth(instance_id, self.request.user, data)
+            instance.set_temp_auth(instance_id, self.request.user.id, data)
         return Response(serializer.data, status=201)
 
 

apps/assets/models/cmd_filter.py

@@ -186,13 +186,15 @@ class CommandFilterRule(OrgModelMixin):
         return ticket
 
     @classmethod
-    def get_queryset(cls, user_id=None, user_group_id=None, system_user_id=None, asset_id=None, application_id=None):
+    def get_queryset(cls, user_id=None, user_group_id=None, system_user_id=None,
+                     asset_id=None, application_id=None, org_id=None):
         user_groups = []
         user = get_object_or_none(User, pk=user_id)
         if user:
             user_groups.extend(list(user.groups.all()))
         user_group = get_object_or_none(UserGroup, pk=user_group_id)
         if user_group:
+            org_id = user_group.org_id
             user_groups.append(user_group)
         system_user = get_object_or_none(SystemUser, pk=system_user_id)
         asset = get_object_or_none(Asset, pk=asset_id)
@@ -203,13 +205,18 @@ class CommandFilterRule(OrgModelMixin):
         if user_groups:
             q |= Q(user_groups__in=set(user_groups))
         if system_user:
+            org_id = system_user.org_id
             q |= Q(system_users=system_user)
         if asset:
+            org_id = asset.org_id
             q |= Q(assets=asset)
         if application:
+            org_id = application.org_id
             q |= Q(applications=application)
         if q:
             cmd_filters = CommandFilter.objects.filter(q).filter(is_active=True)
+            if org_id:
+                cmd_filters = cmd_filters.filter(org_id=org_id)
             rule_ids = cmd_filters.values_list('rules', flat=True)
             rules = cls.objects.filter(id__in=rule_ids)
         else:

apps/assets/models/user.py

@@ -133,6 +133,14 @@ class AuthMixin:
             self.password = password
 
     def load_app_more_auth(self, app_id=None, username=None, user_id=None):
+        from applications.models import Application
+        app = get_object_or_none(Application, pk=app_id)
+        if app and app.category_remote_app:
+            # Remote app
+            self._load_remoteapp_more_auth(app, username, user_id)
+            return
+
+        # Other app
         self._clean_auth_info_if_manual_login_mode()
         # 加载临时认证信息
         if self.login_mode == self.LOGIN_MANUAL:
@@ -148,6 +156,11 @@ class AuthMixin:
                 _username = username
             self.username = _username
 
+    def _load_remoteapp_more_auth(self, app, username, user_id):
+        asset = app.get_remote_app_asset(raise_exception=False)
+        if asset:
+            self.load_asset_more_auth(asset_id=asset.id, username=username, user_id=user_id)
+
     def load_asset_special_auth(self, asset, username=''):
         """
         AuthBook 的数据状态

apps/assets/serializers/node.py

@@ -5,7 +5,6 @@ from django.utils.translation import ugettext as _
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
 from ..models import Asset, Node
 
-
 __all__ = [
     'NodeSerializer', "NodeAddChildrenSerializer",
     "NodeAssetsSerializer", "NodeTaskSerializer",
@@ -45,7 +44,6 @@ class NodeSerializer(BulkOrgResourceModelSerializer):
 
     def create(self, validated_data):
         full_value = validated_data.get('full_value')
-        value = validated_data.get('value')
 
         # 直接多层级创建
         if full_value:
@@ -53,7 +51,8 @@ class NodeSerializer(BulkOrgResourceModelSerializer):
         # 根据 value 在 root 下创建
         else:
             key = Node.org_root().get_next_child_key()
-            node = Node.objects.create(key=key, value=value)
+            validated_data['key'] = key
+            node = Node.objects.create(**validated_data)
         return node
 
 

apps/audits/tasks.py

@@ -7,7 +7,7 @@ from celery import shared_task
 from ops.celery.decorator import (
     register_as_period_task
 )
-from .models import UserLoginLog, OperateLog
+from .models import UserLoginLog, OperateLog, FTPLog
 from common.utils import get_log_keep_day
 
 
@@ -29,7 +29,7 @@ def clean_ftp_log_period():
     now = timezone.now()
     days = get_log_keep_day('FTP_LOG_KEEP_DAYS')
     expired_day = now - datetime.timedelta(days=days)
-    OperateLog.objects.filter(datetime__lt=expired_day).delete()
+    FTPLog.objects.filter(datetime__lt=expired_day).delete()
 
 
 @register_as_period_task(interval=3600*24)

apps/orgs/api.py

@@ -2,8 +2,6 @@
 #
 
 from django.utils.translation import ugettext as _
-from rest_framework import status
-from rest_framework.views import Response
 from rest_framework_bulk import BulkModelViewSet
 from rest_framework.generics import RetrieveAPIView
 from rest_framework.exceptions import PermissionDenied

apps/orgs/models.py

@@ -25,7 +25,9 @@ class Organization(models.Model):
     created_by = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Created by'))
     date_created = models.DateTimeField(auto_now_add=True, null=True, blank=True, verbose_name=_('Date created'))
     comment = models.TextField(default='', blank=True, verbose_name=_('Comment'))
-    members = models.ManyToManyField('users.User', related_name='orgs', through='orgs.OrganizationMember', through_fields=('org', 'user'))
+    members = models.ManyToManyField(
+        'users.User', related_name='orgs', through='orgs.OrganizationMember', through_fields=('org', 'user')
+    )
 
     ROOT_ID = '00000000-0000-0000-0000-000000000000'
     ROOT_NAME = _('GLOBAL')
@@ -142,7 +144,7 @@ class Organization(models.Model):
     @classmethod
     def get_user_orgs_by_role(cls, user, role):
         if not isinstance(role, (tuple, list)):
-            role = (role, )
+            role = (role,)
 
         return cls.objects.filter(
             m2m_org_members__role__in=role,
@@ -248,6 +250,16 @@ class Organization(models.Model):
         })
         return node
 
+    def delete_related_models(self):
+        from orgs.utils import tmp_to_root_org
+        from tickets.models import TicketFlow
+        with tmp_to_root_org():
+            TicketFlow.objects.filter(org_id=self.id).delete()
+
+    def delete(self, *args, **kwargs):
+        self.delete_related_models()
+        return super().delete(*args, **kwargs)
+
 
 def _convert_to_uuid_set(users):
     rst = set()
@@ -429,8 +441,12 @@ class OrganizationMember(models.Model):
     """
 
     id = models.UUIDField(default=uuid.uuid4, primary_key=True)
-    org = models.ForeignKey(Organization, related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('Organization'))
-    user = models.ForeignKey('users.User', related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('User'))
+    org = models.ForeignKey(
+        Organization, related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('Organization')
+    )
+    user = models.ForeignKey(
+        'users.User', related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('User')
+    )
     role = models.CharField(max_length=16, choices=ROLE.choices, default=ROLE.USER, verbose_name=_("Role"))
     date_created = models.DateTimeField(auto_now_add=True, verbose_name=_("Date created"))
     date_updated = models.DateTimeField(auto_now=True, verbose_name=_("Date updated"))

apps/orgs/signals_handler/common.py

@@ -14,6 +14,7 @@ from orgs.models import Organization, OrganizationMember
 from orgs.hands import set_current_org, Node, get_current_org
 from perms.models import (AssetPermission, ApplicationPermission)
 from users.models import UserGroup, User
+from assets.models import SystemUser
 from common.const.signals import PRE_REMOVE, POST_REMOVE
 from common.decorator import on_transaction_commit
 from common.signals import django_ready
@@ -136,7 +137,7 @@ def _clear_users_from_org(org, users):
     if not users:
         return
 
-    models = (AssetPermission, ApplicationPermission, UserGroup)
+    models = (AssetPermission, ApplicationPermission, UserGroup, SystemUser)
 
     for m in models:
         _remove_users(m, users, org)

apps/perms/serializers/application/permission.py

@@ -5,7 +5,7 @@ from rest_framework import serializers
 from django.utils.translation import ugettext_lazy as _
 
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
-from perms.models import ApplicationPermission
+from perms.models import ApplicationPermission, Action
 from ..base import ActionsField, BasePermissionSerializer
 
 __all__ = [

apps/perms/serializers/base.py

@@ -1,6 +1,7 @@
 from rest_framework import serializers
 from perms.models import Action
 from orgs.mixins.serializers import BulkOrgResourceModelSerializer
+from rest_framework.fields import empty
 
 __all__ = ['ActionsDisplayField', 'ActionsField', 'BasePermissionSerializer']
 
@@ -10,6 +11,12 @@ class ActionsField(serializers.MultipleChoiceField):
         kwargs['choices'] = Action.CHOICES
         super().__init__(*args, **kwargs)
 
+    def run_validation(self, data=empty):
+        data = super(ActionsField, self).run_validation(data)
+        if isinstance(data, list):
+            data = Action.choices_to_value(value=data)
+        return data
+
     def to_representation(self, value):
         return Action.value_to_choices(value)
 

apps/settings/models.py

@@ -168,6 +168,7 @@ class Setting(models.Model):
         # 刷新 settings
         for key, value in openid_config.items():
             setattr(settings, key, value)
+            self.__class__.update_or_create(key, value, encrypted=False, category=self.category)
 
     @classmethod
     def refresh_AUTH_RADIUS(cls):