mirror of
https://github.com/jumpserver/jumpserver.git
synced 2026-02-21 14:32:45 +00:00
e259d2a9e9
* feat: 添加 RBAC 应用模块 * feat: 添加 RBAC Model、API * feat: 添加 RBAC Model、API 2 * feat: 添加 RBAC Model、API 3 * feat: 添加 RBAC Model、API 4 * feat: RBAC * feat: RBAC * feat: RBAC * feat: RBAC * feat: RBAC * feat: RBAC 整理权限位 * feat: RBAC 整理权限位2 * feat: RBAC 整理权限位2 * feat: RBAC 整理权限位 * feat: RBAC 添加默认角色 * feat: RBAC 添加迁移文件;迁移用户角色->用户角色绑定 * feat: RBAC 添加迁移文件;迁移用户角色->用户角色绑定 * feat: RBAC 修改用户模块API * feat: RBAC 添加组织模块迁移文件 & 修改组织模块API * feat: RBAC 添加组织模块迁移文件 & 修改组织模块API * feat: RBAC 修改用户角色属性的使用 * feat: RBAC No.1 * xxx * perf: 暂存 * perf: ... * perf(rbac): 添加 perms 到 profile serializer 中 * stash * perf: 使用init * perf: 修改migrations * perf: rbac * stash * stash * pref: 修改rbac * stash it * stash: 先去修复其他bug * perf: 修改 role 添加 users * pref: 修改 RBAC Model * feat: 添加权限的 tree api * stash: 暂存一下 * stash: 暂存一下 * perf: 修改 model verbose name * feat: 添加model各种 verbose name * perf: 生成 migrations * perf: 优化权限位 * perf: 添加迁移脚本 * feat: 添加组织角色迁移 * perf: 添加迁移脚本 * stash * perf: 添加migrateion * perf: 暂存一下 * perf: 修改rbac * perf: stash it * fix: 迁移冲突 * fix: 迁移冲突 * perf: 暂存一下 * perf: 修改 rbac 逻辑 * stash: 暂存一下 * perf: 修改内置角色 * perf: 解决 root 组织的问题 * perf: stash it * perf: 优化 rbac * perf: 优化 rolebinding 处理 * perf: 完成用户离开组织的问题 * perf: 暂存一下 * perf: 修改翻译 * perf: 去掉了 IsSuperUser * perf: IsAppUser 去掉完成 * perf: 修改 connection token 的权限 * perf: 去掉导入的问题 * perf: perms define 格式,修改 app 用户 的全新啊 * perf: 修改 permission * perf: 去掉一些 org admin * perf: 去掉部分 org admin * perf: 再去掉点 org admin role * perf: 再去掉部分 org admin * perf: user 角色搜索 * perf: 去掉很多 js * perf: 添加权限位 * perf: 修改权限 * perf: 去掉一个 todo * merge: with dev * fix: 修复冲突 Co-authored-by: Bai <bugatti_it@163.com> Co-authored-by: Michael Bai <baijiangjie@gmail.com> Co-authored-by: ibuler <ibuler@qq.com>
108 lines
3.9 KiB
Python
108 lines
3.9 KiB
Python
from django.db.models.signals import post_save, pre_delete, pre_save, post_delete
|
|
from django.dispatch import receiver
|
|
|
|
from orgs.models import Organization
|
|
from assets.models import Node
|
|
from perms.models import (AssetPermission, ApplicationPermission)
|
|
from users.models import UserGroup, User
|
|
from applications.models import Application
|
|
from terminal.models import Session
|
|
from assets.models import Asset, SystemUser, Domain, Gateway
|
|
from orgs.caches import OrgResourceStatisticsCache
|
|
|
|
|
|
def refresh_user_amount_on_user_create_or_delete(user_id):
|
|
orgs = Organization.objects.filter(m2m_org_members__user_id=user_id).distinct()
|
|
for org in orgs:
|
|
org_cache = OrgResourceStatisticsCache(org)
|
|
org_cache.expire('users_amount')
|
|
OrgResourceStatisticsCache(Organization.root()).expire('users_amount')
|
|
|
|
|
|
@receiver(post_save, sender=User)
|
|
def on_user_create_refresh_cache(sender, instance, created, **kwargs):
|
|
if created:
|
|
refresh_user_amount_on_user_create_or_delete(instance.id)
|
|
|
|
|
|
@receiver(pre_delete, sender=User)
|
|
def on_user_delete_refresh_cache(sender, instance, **kwargs):
|
|
refresh_user_amount_on_user_create_or_delete(instance.id)
|
|
|
|
|
|
# @receiver(m2m_changed, sender=OrganizationMember)
|
|
# def on_org_user_changed_refresh_cache(sender, action, instance, reverse, pk_set, **kwargs):
|
|
# if not action.startswith(POST_PREFIX):
|
|
# return
|
|
#
|
|
# if reverse:
|
|
# orgs = Organization.objects.filter(id__in=pk_set)
|
|
# else:
|
|
# orgs = [instance]
|
|
#
|
|
# for org in orgs:
|
|
# org_cache = OrgResourceStatisticsCache(org)
|
|
# org_cache.expire('users_amount')
|
|
# OrgResourceStatisticsCache(Organization.root()).expire('users_amount')
|
|
|
|
|
|
class OrgResourceStatisticsRefreshUtil:
|
|
model_cache_field_mapper = {
|
|
ApplicationPermission: ['app_perms_amount'],
|
|
AssetPermission: ['asset_perms_amount'],
|
|
Application: ['applications_amount'],
|
|
Gateway: ['gateways_amount'],
|
|
Domain: ['domains_amount'],
|
|
SystemUser: ['system_users_amount', 'admin_users_amount'],
|
|
Node: ['nodes_amount'],
|
|
Asset: ['assets_amount'],
|
|
UserGroup: ['groups_amount'],
|
|
}
|
|
|
|
@classmethod
|
|
def refresh_if_need(cls, instance):
|
|
cache_field_name = cls.model_cache_field_mapper.get(type(instance))
|
|
if cache_field_name:
|
|
org_cache = OrgResourceStatisticsCache(instance.org)
|
|
org_cache.expire(*cache_field_name)
|
|
OrgResourceStatisticsCache(Organization.root()).expire(*cache_field_name)
|
|
|
|
|
|
@receiver(post_save)
|
|
def on_post_save_refresh_org_resource_statistics_cache(sender, instance, created, **kwargs):
|
|
if created:
|
|
OrgResourceStatisticsRefreshUtil.refresh_if_need(instance)
|
|
|
|
|
|
@receiver(post_delete)
|
|
def on_post_delete_refresh_org_resource_statistics_cache(sender, instance, **kwargs):
|
|
OrgResourceStatisticsRefreshUtil.refresh_if_need(instance)
|
|
|
|
|
|
def _refresh_session_org_resource_statistics_cache(instance: Session):
|
|
cache_field_name = ['total_count_online_users', 'total_count_online_sessions']
|
|
|
|
org_cache = OrgResourceStatisticsCache(instance.org)
|
|
org_cache.expire(*cache_field_name)
|
|
OrgResourceStatisticsCache(Organization.root()).expire(*cache_field_name)
|
|
|
|
|
|
@receiver(pre_save, sender=Session)
|
|
def on_session_pre_save(sender, instance: Session, **kwargs):
|
|
old = Session.objects.filter(id=instance.id).values_list('is_finished', flat=True)
|
|
if old:
|
|
instance._signal_old_is_finished = old[0]
|
|
else:
|
|
instance._signal_old_is_finished = None
|
|
|
|
|
|
@receiver(post_save, sender=Session)
|
|
def on_session_changed_refresh_org_resource_statistics_cache(sender, instance, created, **kwargs):
|
|
if created or instance.is_finished != instance._signal_old_is_finished:
|
|
_refresh_session_org_resource_statistics_cache(instance)
|
|
|
|
|
|
@receiver(post_delete, sender=Session)
|
|
def on_session_deleted_refresh_org_resource_statistics_cache(sender, instance, **kwargs):
|
|
_refresh_session_org_resource_statistics_cache(instance)
|