mirror of
https://github.com/jumpserver/jumpserver.git
synced 2026-01-17 07:58:52 +00:00
e1919d0a62
- 更改了资产表单,影响
- 资产创建和更新
- 增加了资产平台数据库,影响
- 平台创建更新和删除
- 更改了资产的platform字段,又一个字符字段,改为一个外键,影响
- 资产创建和更新
- 资产连接 [windows,linux]
- 测试连接等ansible任务
- 自动化云导入
- 更改了资产的序列化器,影响
- 资产创建更新列表
- 统一了树列表基础模板,影响
- 资产列表页,权限列表页,vault页,资产收集页
- 统一了导入导出组件,影响
- 资产导入导出
- 用户导入导出
- 用户组导入导出
- 系统用户导入导出
- 管理用户导入导出
- vault导出导出
- 收集用户列表导入导出
- 修改用户更新密码信号,影响
- 修改用户密码产生的改密日志
- 新增Model instance序列化工具函数,影响
- 操作日志生成
- 修改api mixin,新增 serializer_classes字段,serializer_classes = {"default": "", "display": "", "list": .., "other_action": ""}, 根据用户请求的方式返回不同的serializer_class,影响
- 用户的viewset
- 资产权限的viewset
- 统一系统配置中的tab切换
- 统一没有nav的页面,影响
- 重置密码
- 忘记密码
- 重置中设置密码
- 独立的message页面
- 修改用户组列表页,不再返还用户组下的用户,仅有数量
- 组织的一些方法变为layzproperty,避免重复计算
- 修改用户组详情页,影响
- 用户组增加删除用户
133 lines
4.3 KiB
Python
133 lines
4.3 KiB
Python
# -*- coding: utf-8 -*-
|
|
#
|
|
|
|
import random
|
|
|
|
from rest_framework.response import Response
|
|
from rest_framework.viewsets import ModelViewSet
|
|
from rest_framework.generics import RetrieveAPIView
|
|
from django.shortcuts import get_object_or_404
|
|
|
|
from common.utils import get_logger, get_object_or_none
|
|
from common.permissions import IsOrgAdmin, IsOrgAdminOrAppUser, IsSuperUser
|
|
from orgs.mixins.api import OrgBulkModelViewSet
|
|
from orgs.mixins import generics
|
|
from ..models import Asset, Node, Platform
|
|
from .. import serializers
|
|
from ..tasks import (
|
|
update_asset_hardware_info_manual, test_asset_connectivity_manual
|
|
)
|
|
from ..filters import AssetByNodeFilterBackend, LabelFilterBackend
|
|
|
|
|
|
logger = get_logger(__file__)
|
|
__all__ = [
|
|
'AssetViewSet', 'AssetPlatformRetrieveApi',
|
|
'AssetRefreshHardwareApi', 'AssetAdminUserTestApi',
|
|
'AssetGatewayApi', 'AssetPlatformViewSet',
|
|
]
|
|
|
|
|
|
class AssetViewSet(OrgBulkModelViewSet):
|
|
"""
|
|
API endpoint that allows Asset to be viewed or edited.
|
|
"""
|
|
model = Asset
|
|
filter_fields = ("hostname", "ip", "systemuser__id", "admin_user__id")
|
|
search_fields = ("hostname", "ip")
|
|
ordering_fields = ("hostname", "ip", "port", "cpu_cores")
|
|
serializer_class = serializers.AssetSerializer
|
|
permission_classes = (IsOrgAdminOrAppUser,)
|
|
extra_filter_backends = [AssetByNodeFilterBackend, LabelFilterBackend]
|
|
|
|
def set_assets_node(self, assets):
|
|
if not isinstance(assets, list):
|
|
assets = [assets]
|
|
node_id = self.request.query_params.get('node_id')
|
|
if not node_id:
|
|
return
|
|
node = get_object_or_none(Node, pk=node_id)
|
|
if not node:
|
|
return
|
|
node.assets.add(*assets)
|
|
|
|
def perform_create(self, serializer):
|
|
assets = serializer.save()
|
|
self.set_assets_node(assets)
|
|
|
|
|
|
class AssetPlatformRetrieveApi(RetrieveAPIView):
|
|
queryset = Platform.objects.all()
|
|
permission_classes = (IsOrgAdminOrAppUser,)
|
|
serializer_class = serializers.PlatformSerializer
|
|
|
|
def get_object(self):
|
|
asset_pk = self.kwargs.get('pk')
|
|
asset = get_object_or_404(Asset, pk=asset_pk)
|
|
return asset.platform
|
|
|
|
|
|
class AssetPlatformViewSet(ModelViewSet):
|
|
queryset = Platform.objects.all()
|
|
permission_classes = (IsSuperUser,)
|
|
serializer_class = serializers.PlatformSerializer
|
|
filterset_fields = ['name', 'base']
|
|
search_fields = ['name']
|
|
|
|
def check_object_permissions(self, request, obj):
|
|
if request.method.lower() in ['delete', 'put', 'patch'] and \
|
|
obj.internal:
|
|
self.permission_denied(
|
|
request, message={"detail": "Internal platform"}
|
|
)
|
|
|
|
return super().check_object_permissions(request, obj)
|
|
|
|
|
|
class AssetRefreshHardwareApi(generics.RetrieveAPIView):
|
|
"""
|
|
Refresh asset hardware info
|
|
"""
|
|
model = Asset
|
|
serializer_class = serializers.AssetSerializer
|
|
permission_classes = (IsOrgAdmin,)
|
|
|
|
def retrieve(self, request, *args, **kwargs):
|
|
asset_id = kwargs.get('pk')
|
|
asset = get_object_or_404(Asset, pk=asset_id)
|
|
task = update_asset_hardware_info_manual.delay(asset)
|
|
return Response({"task": task.id})
|
|
|
|
|
|
class AssetAdminUserTestApi(generics.RetrieveAPIView):
|
|
"""
|
|
Test asset admin user assets_connectivity
|
|
"""
|
|
model = Asset
|
|
permission_classes = (IsOrgAdmin,)
|
|
serializer_class = serializers.TaskIDSerializer
|
|
|
|
def retrieve(self, request, *args, **kwargs):
|
|
asset_id = kwargs.get('pk')
|
|
asset = get_object_or_404(Asset, pk=asset_id)
|
|
task = test_asset_connectivity_manual.delay(asset)
|
|
return Response({"task": task.id})
|
|
|
|
|
|
class AssetGatewayApi(generics.RetrieveAPIView):
|
|
permission_classes = (IsOrgAdminOrAppUser,)
|
|
serializer_class = serializers.GatewayWithAuthSerializer
|
|
model = Asset
|
|
|
|
def retrieve(self, request, *args, **kwargs):
|
|
asset_id = kwargs.get('pk')
|
|
asset = get_object_or_404(Asset, pk=asset_id)
|
|
|
|
if asset.domain and \
|
|
asset.domain.gateways.filter(protocol='ssh').exists():
|
|
gateway = random.choice(asset.domain.gateways.filter(protocol='ssh'))
|
|
serializer = serializers.GatewayWithAuthSerializer(instance=gateway)
|
|
return Response(serializer.data)
|
|
else:
|
|
return Response({"msg": "Not have gateway"}, status=404)
|