mirror of
https://github.com/jumpserver/jumpserver.git
synced 2025-12-16 17:12:53 +00:00
Compare commits
6 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
fef3211252 | ||
|
|
1627fae941 | ||
|
|
f95efc2274 | ||
|
bca4b5191e | ||
|
|
997850fa61 | ||
|
8d9221ea3d |
@@ -114,7 +114,7 @@ class SystemUserTempAuthInfoApi(generics.CreateAPIView):
|
|||||||
|
|
||||||
with tmp_to_root_org():
|
with tmp_to_root_org():
|
||||||
instance = get_object_or_404(SystemUser, pk=pk)
|
instance = get_object_or_404(SystemUser, pk=pk)
|
||||||
instance.set_temp_auth(instance_id, self.request.user, data)
|
instance.set_temp_auth(instance_id, self.request.user.id, data)
|
||||||
return Response(serializer.data, status=201)
|
return Response(serializer.data, status=201)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -186,13 +186,15 @@ class CommandFilterRule(OrgModelMixin):
|
|||||||
return ticket
|
return ticket
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def get_queryset(cls, user_id=None, user_group_id=None, system_user_id=None, asset_id=None, application_id=None):
|
def get_queryset(cls, user_id=None, user_group_id=None, system_user_id=None,
|
||||||
|
asset_id=None, application_id=None, org_id=None):
|
||||||
user_groups = []
|
user_groups = []
|
||||||
user = get_object_or_none(User, pk=user_id)
|
user = get_object_or_none(User, pk=user_id)
|
||||||
if user:
|
if user:
|
||||||
user_groups.extend(list(user.groups.all()))
|
user_groups.extend(list(user.groups.all()))
|
||||||
user_group = get_object_or_none(UserGroup, pk=user_group_id)
|
user_group = get_object_or_none(UserGroup, pk=user_group_id)
|
||||||
if user_group:
|
if user_group:
|
||||||
|
org_id = user_group.org_id
|
||||||
user_groups.append(user_group)
|
user_groups.append(user_group)
|
||||||
system_user = get_object_or_none(SystemUser, pk=system_user_id)
|
system_user = get_object_or_none(SystemUser, pk=system_user_id)
|
||||||
asset = get_object_or_none(Asset, pk=asset_id)
|
asset = get_object_or_none(Asset, pk=asset_id)
|
||||||
@@ -203,13 +205,18 @@ class CommandFilterRule(OrgModelMixin):
|
|||||||
if user_groups:
|
if user_groups:
|
||||||
q |= Q(user_groups__in=set(user_groups))
|
q |= Q(user_groups__in=set(user_groups))
|
||||||
if system_user:
|
if system_user:
|
||||||
|
org_id = system_user.org_id
|
||||||
q |= Q(system_users=system_user)
|
q |= Q(system_users=system_user)
|
||||||
if asset:
|
if asset:
|
||||||
|
org_id = asset.org_id
|
||||||
q |= Q(assets=asset)
|
q |= Q(assets=asset)
|
||||||
if application:
|
if application:
|
||||||
|
org_id = application.org_id
|
||||||
q |= Q(applications=application)
|
q |= Q(applications=application)
|
||||||
if q:
|
if q:
|
||||||
cmd_filters = CommandFilter.objects.filter(q).filter(is_active=True)
|
cmd_filters = CommandFilter.objects.filter(q).filter(is_active=True)
|
||||||
|
if org_id:
|
||||||
|
cmd_filters = cmd_filters.filter(org_id=org_id)
|
||||||
rule_ids = cmd_filters.values_list('rules', flat=True)
|
rule_ids = cmd_filters.values_list('rules', flat=True)
|
||||||
rules = cls.objects.filter(id__in=rule_ids)
|
rules = cls.objects.filter(id__in=rule_ids)
|
||||||
else:
|
else:
|
||||||
|
|||||||
@@ -5,7 +5,6 @@ from django.utils.translation import ugettext as _
|
|||||||
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
|
from orgs.mixins.serializers import BulkOrgResourceModelSerializer
|
||||||
from ..models import Asset, Node
|
from ..models import Asset, Node
|
||||||
|
|
||||||
|
|
||||||
__all__ = [
|
__all__ = [
|
||||||
'NodeSerializer', "NodeAddChildrenSerializer",
|
'NodeSerializer', "NodeAddChildrenSerializer",
|
||||||
"NodeAssetsSerializer", "NodeTaskSerializer",
|
"NodeAssetsSerializer", "NodeTaskSerializer",
|
||||||
@@ -45,7 +44,6 @@ class NodeSerializer(BulkOrgResourceModelSerializer):
|
|||||||
|
|
||||||
def create(self, validated_data):
|
def create(self, validated_data):
|
||||||
full_value = validated_data.get('full_value')
|
full_value = validated_data.get('full_value')
|
||||||
value = validated_data.get('value')
|
|
||||||
|
|
||||||
# 直接多层级创建
|
# 直接多层级创建
|
||||||
if full_value:
|
if full_value:
|
||||||
@@ -53,7 +51,8 @@ class NodeSerializer(BulkOrgResourceModelSerializer):
|
|||||||
# 根据 value 在 root 下创建
|
# 根据 value 在 root 下创建
|
||||||
else:
|
else:
|
||||||
key = Node.org_root().get_next_child_key()
|
key = Node.org_root().get_next_child_key()
|
||||||
node = Node.objects.create(key=key, value=value)
|
validated_data['key'] = key
|
||||||
|
node = Node.objects.create(**validated_data)
|
||||||
return node
|
return node
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -2,8 +2,6 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
from django.utils.translation import ugettext as _
|
from django.utils.translation import ugettext as _
|
||||||
from rest_framework import status
|
|
||||||
from rest_framework.views import Response
|
|
||||||
from rest_framework_bulk import BulkModelViewSet
|
from rest_framework_bulk import BulkModelViewSet
|
||||||
from rest_framework.generics import RetrieveAPIView
|
from rest_framework.generics import RetrieveAPIView
|
||||||
from rest_framework.exceptions import PermissionDenied
|
from rest_framework.exceptions import PermissionDenied
|
||||||
|
|||||||
@@ -25,7 +25,9 @@ class Organization(models.Model):
|
|||||||
created_by = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Created by'))
|
created_by = models.CharField(max_length=32, null=True, blank=True, verbose_name=_('Created by'))
|
||||||
date_created = models.DateTimeField(auto_now_add=True, null=True, blank=True, verbose_name=_('Date created'))
|
date_created = models.DateTimeField(auto_now_add=True, null=True, blank=True, verbose_name=_('Date created'))
|
||||||
comment = models.TextField(default='', blank=True, verbose_name=_('Comment'))
|
comment = models.TextField(default='', blank=True, verbose_name=_('Comment'))
|
||||||
members = models.ManyToManyField('users.User', related_name='orgs', through='orgs.OrganizationMember', through_fields=('org', 'user'))
|
members = models.ManyToManyField(
|
||||||
|
'users.User', related_name='orgs', through='orgs.OrganizationMember', through_fields=('org', 'user')
|
||||||
|
)
|
||||||
|
|
||||||
ROOT_ID = '00000000-0000-0000-0000-000000000000'
|
ROOT_ID = '00000000-0000-0000-0000-000000000000'
|
||||||
ROOT_NAME = _('GLOBAL')
|
ROOT_NAME = _('GLOBAL')
|
||||||
@@ -142,7 +144,7 @@ class Organization(models.Model):
|
|||||||
@classmethod
|
@classmethod
|
||||||
def get_user_orgs_by_role(cls, user, role):
|
def get_user_orgs_by_role(cls, user, role):
|
||||||
if not isinstance(role, (tuple, list)):
|
if not isinstance(role, (tuple, list)):
|
||||||
role = (role, )
|
role = (role,)
|
||||||
|
|
||||||
return cls.objects.filter(
|
return cls.objects.filter(
|
||||||
m2m_org_members__role__in=role,
|
m2m_org_members__role__in=role,
|
||||||
@@ -248,6 +250,16 @@ class Organization(models.Model):
|
|||||||
})
|
})
|
||||||
return node
|
return node
|
||||||
|
|
||||||
|
def delete_related_models(self):
|
||||||
|
from orgs.utils import tmp_to_root_org
|
||||||
|
from tickets.models import TicketFlow
|
||||||
|
with tmp_to_root_org():
|
||||||
|
TicketFlow.objects.filter(org_id=self.id).delete()
|
||||||
|
|
||||||
|
def delete(self, *args, **kwargs):
|
||||||
|
self.delete_related_models()
|
||||||
|
return super().delete(*args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
def _convert_to_uuid_set(users):
|
def _convert_to_uuid_set(users):
|
||||||
rst = set()
|
rst = set()
|
||||||
@@ -429,8 +441,12 @@ class OrganizationMember(models.Model):
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
id = models.UUIDField(default=uuid.uuid4, primary_key=True)
|
||||||
org = models.ForeignKey(Organization, related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('Organization'))
|
org = models.ForeignKey(
|
||||||
user = models.ForeignKey('users.User', related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('User'))
|
Organization, related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('Organization')
|
||||||
|
)
|
||||||
|
user = models.ForeignKey(
|
||||||
|
'users.User', related_name='m2m_org_members', on_delete=models.CASCADE, verbose_name=_('User')
|
||||||
|
)
|
||||||
role = models.CharField(max_length=16, choices=ROLE.choices, default=ROLE.USER, verbose_name=_("Role"))
|
role = models.CharField(max_length=16, choices=ROLE.choices, default=ROLE.USER, verbose_name=_("Role"))
|
||||||
date_created = models.DateTimeField(auto_now_add=True, verbose_name=_("Date created"))
|
date_created = models.DateTimeField(auto_now_add=True, verbose_name=_("Date created"))
|
||||||
date_updated = models.DateTimeField(auto_now=True, verbose_name=_("Date updated"))
|
date_updated = models.DateTimeField(auto_now=True, verbose_name=_("Date updated"))
|
||||||
|
|||||||
@@ -168,6 +168,7 @@ class Setting(models.Model):
|
|||||||
# 刷新 settings
|
# 刷新 settings
|
||||||
for key, value in openid_config.items():
|
for key, value in openid_config.items():
|
||||||
setattr(settings, key, value)
|
setattr(settings, key, value)
|
||||||
|
self.__class__.update_or_create(key, value, encrypted=False, category=self.category)
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def refresh_AUTH_RADIUS(cls):
|
def refresh_AUTH_RADIUS(cls):
|
||||||
|
|||||||
Reference in New Issue
Block a user