[Bugfix] 修复以下bug

- 删除用户报错，上次更新带来的
- 管理员用户页面会看到所有主机的，而不是授权给自己的
- 授权详情页面 资产显示无效

apps/assets/api.py

@@ -40,15 +40,10 @@ class AssetViewSet(IDInFilterMixin, BulkModelViewSet):
     """
     queryset = Asset.objects.all()
     serializer_class = serializers.AssetSerializer
-    permission_classes = (IsValidUser,)
+    permission_classes = (IsSuperUserOrAppUser,)
 
     def get_queryset(self):
-        if self.request.user.is_superuser or self.request.user.is_app:
         queryset = super().get_queryset()
-        else:
-            assets_granted = get_user_granted_assets(self.request.user)
-            queryset = self.queryset.filter(id__in=[asset.id for asset in assets_granted])
-
         cluster_id = self.request.query_params.get('cluster_id')
         asset_group_id = self.request.query_params.get('asset_group_id')
         admin_user_id = self.request.query_params.get('admin_user_id')
@@ -70,6 +65,19 @@ class AssetViewSet(IDInFilterMixin, BulkModelViewSet):
         return queryset
 
 
+class UserAssetListView(generics.ListAPIView):
+    queryset = Asset.objects.all()
+    serializer_class = serializers.AssetSerializer
+    permission_classes = (IsValidUser,)
+
+    def get_queryset(self):
+        assets_granted = get_user_granted_assets(self.request.user)
+        queryset = self.queryset.filter(
+            id__in=[asset.id for asset in assets_granted]
+        )
+        return queryset
+
+
 class AssetGroupViewSet(IDInFilterMixin, BulkModelViewSet):
     """
     Asset group api set, for add,delete,update,list,retrieve resource

apps/assets/templates/assets/admin_user_detail.html

@@ -133,7 +133,6 @@ function bindToCluster(clusters) {
         $('.select2-selection__rendered').empty();
         $('#cluster_selected').val('');
         $.map(jumpserver.cluster_selected, function(cluster_name, index) {
-            console.log(index);
             $('#opt_' + index).remove();
             // change tr html of user groups.
             $('#table-clusters tbody').append(

apps/assets/templates/assets/asset_group_detail.html

@@ -223,7 +223,6 @@ $(document).ready(function () {
 	});
 	var delete_asset_id = $(this).data('aid');
 	assets.remove(delete_asset_id);
-	console.log(assets);
 	var data = {"assets": assets};
 	leaveGroup($this, name, the_url, data);
 })

apps/assets/templates/assets/asset_group_list.html

@@ -75,8 +75,6 @@ $(document).ready(function(){
         return false;
     }
     var the_url = '{% url "api-assets:asset-group-list" %}';
-    console.log(plain_id_list);
-    console.log(the_url);
     function doDelete() {
         swal({
             title: "{% trans 'Are you sure?' %}",

apps/assets/templates/assets/user_asset_list.html

@@ -42,7 +42,6 @@ function initTable() {
         columnDefs: [
             {targets: 1, createdCell: function (td, cellData, rowData) {
                 {% url 'assets:asset-detail' pk=DEFAULT_PK as the_url  %}
-                console.log('{{ the_url }}');
                 var detail_btn = '<a href="{{ the_url }}">' + cellData + '</a>';
                 $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
             }},
@@ -67,7 +66,7 @@ function initTable() {
                 $(td).html(conn_btn)
             }}
         ],
-        ajax_url: '{% url "api-assets:asset-list" %}',
+        ajax_url: '{% url "api-assets:user-asset-list" %}',
         columns: [
             {data: "id"}, {data: "hostname" }, {data: "ip" }, {data: "port" },
             {data: "get_type_display" }, {data: "get_env_display"}, {data: "hardware_info"},

apps/assets/urls/api_urls.py

@@ -21,6 +21,8 @@ urlpatterns = [
         api.AssetRefreshHardwareApi.as_view(), name='asset-refresh'),
     url(r'^v1/assets/(?P<pk>[0-9a-zA-Z\-]{36})/alive/$',
         api.AssetAdminUserTestApi.as_view(), name='asset-alive-test'),
+    url(r'^v1/assets/user-assets/$',
+        api.UserAssetListView.as_view(), name='user-asset-list'),
     # update the asset group, which add or delete the asset to the group
     url(r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$',
         api.GroupUpdateAssetsApi.as_view(), name='group-update-assets'),

apps/perms/templates/perms/asset_permission_asset.html

@@ -53,8 +53,6 @@
                                             <tr>
                                                 <th>{% trans 'Hostname' %}</th>
                                                 <th>{% trans 'IP' %}</th>
-                                                <th>{% trans 'Port' %}</th>
-                                                <th>{% trans 'Is valid' %}</th>
                                                 <th></th>
                                             </tr>
                                         </thead>
@@ -63,15 +61,6 @@
                                             <tr>
                                                 <td>{{ asset.hostname }}</td>
                                                 <td>{{ asset.ip }}</td>
-                                                <td>{{ user.port }}</td>
-                                                <td>
-                                                    {% if asset.is_active %}
-                                                    <i class="fa fa-times text-danger"></i>
-                                                    {% else %}
-                                                    <i class="fa fa-check text-navy"></i>
-                                                    {% endif %}
-                                                </td>
-
                                                 <td>
                                                     <button title="{{ asset.inherit_from_asset_groups }}" data-gid="{{ asset.id }}" class="btn btn-danger btn-xs btn-remove-asset {% if asset.is_inherit_from_asset_groups %} disabled {% endif %}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
                                                 </td>

apps/perms/templates/perms/asset_permission_detail.html

@@ -113,7 +113,7 @@
                                     <table class="table">
                                         <tbody>
                                         <tr class="no-borders-tr">
-                                            <td width="50%">Active:</td>
+                                            <td width="50%">{% trans 'Active' %} :</td>
                                             <td><span style="float: right">
                                                 <div class="switch">
                                                     <div class="onoffswitch">
@@ -139,8 +139,8 @@
                                     <table class="table" id="system-user-table">
                                         <tbody>
                                         <form>
-                                            <tr>
-                                                <td colspan="2" class="no-borders">
+                                            <tr class="no-borders-tr">
+                                                <td colspan="2">
                                                     <select data-placeholder="{% trans 'Select system users' %}" class="select2" style="width: 100%" multiple="" tabindex="4">
                                                         {% for system_user in system_users_remain %}
                                                         <option value="{{ system_user.id }}" id="opt_{{ system_user.id }}">{{ system_user.name }}</option>
@@ -148,15 +148,15 @@
                                                     </select>
                                                 </td>
                                             </tr>
-                                            <tr>
-                                                <td colspan="2" class="no-borders">
+                                            <tr class="no-borders-tr">
+                                                <td colspan="2">
                                                     <button type="button" class="btn btn-info btn-small" id="btn-add-system-user">{% trans 'Add' %}</button>
                                                 </td>
                                             </tr>
                                         </form>
 
                                         {% for system_user in system_users %}
-                                        <tr>
+                                        <tr {% if forloop.counter == 1 %} class="no-borders-tr" {% endif %} >
                                           <td ><b class="bdg-system-user" data-uid={{ system_user.id }}>{{ system_user.name }}</b></td>
                                           <td>
                                               <button class="btn btn-danger btn-xs btn-remove-user" data-uid="{{ system_user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>

apps/perms/templates/perms/asset_permission_user.html

@@ -53,8 +53,6 @@
                                             <tr>
                                                 <th>{% trans 'Name' %}</th>
                                                 <th>{% trans 'Username' %}</th>
-                                                <th>{% trans 'Email' %}</th>
-                                                <th>{% trans 'Is valid' %}</th>
                                                 <th></th>
                                             </tr>
                                         </thead>
@@ -63,15 +61,6 @@
                                             <tr>
                                                 <td>{{ user.name }}</td>
                                                 <td>{{ user.username }}</td>
-                                                <td>{{ user.email }}</td>
-                                                <td>
-                                                    {% if user.is_expired and user.is_active %}
-                                                    <i class="fa fa-times text-danger"></i>
-                                                    {% else %}
-                                                    <i class="fa fa-check text-navy"></i>
-                                                    {% endif %}
-                                                </td>
-
                                                 <td>
                                                     <button class="btn btn-danger btn-xs btn-remove-user {% if user.is_inherit_from_user_groups %} disabled {% endif %}" data-gid="{{ user.id }}" type="button" style="float: right;"><i class="fa fa-minus"></i></button>
                                                 </td>
@@ -231,7 +220,6 @@ $(document).ready(function () {
     $.map(jumpserver.users_selected, function(value, index) {
         users_id.push(index);
     });
-    console.log(users_id);
     addUsers(users_id);
 }).on('click', '.btn-remove-user', function () {
     var user_id = $(this).data("gid");

apps/static/js/jumpserver.js

@@ -61,7 +61,6 @@ function GetTableDataBox() {
             id_list.push(i);
          }
         }
-    console.log(id_list);
     for (i in id_list) {
         console.log(tabProduct);
         tableData.push(GetRowData(tabProduct.rows[id_list[i]]));
@@ -358,7 +357,6 @@ function setCookie(key, value) {
     var expires = new Date();
     expires.setTime(expires.getTime() + (24 * 60 * 60 * 1000));
     document.cookie = key + '=' + value + ';expires=' + expires.toUTCString() + ';path=/';
-    console.log("Cookie: " + document.cookie)
 }
 
 

apps/templates/_user_profile.html

@@ -28,7 +28,6 @@ $(document).ready(function () {
 .on('click', '#switch_user', function () {
     var cookieName = "IN_ADMIN_PAGE";
     setTimeout(function () {
-        console.log("Set to No");
         delCookie(cookieName);
         setCookie(cookieName, "No");
         window.location = "/"

apps/terminal/templates/terminal/terminal_list.html

@@ -136,7 +136,6 @@ $(document).ready(function(){
 }).on('click', '.btn-connect', function () {
     var $this = $(this);
     var id = $this.data('id');
-    console.log(id)
 })
 </script>
 {% endblock %}

apps/users/forms.py

@@ -184,12 +184,14 @@ class UserBulkUpdateForm(forms.ModelForm):
 class UserGroupForm(forms.ModelForm):
     users = forms.ModelMultipleChoiceField(
         queryset=User.objects.all(),
+        label=_("User"),
         widget=forms.SelectMultiple(
             attrs={
                 'class': 'select2',
                 'data-placeholder': _('Select users')
             }
-        )
+        ),
+        required=False,
     )
 
     def __init__(self, **kwargs):

apps/users/templates/users/user_group_detail.html

@@ -171,7 +171,6 @@ $(document).ready(function () {
     var users = $('.bdg_user').map(function() {
         return $(this).data('uid');
     }).get();
-    console.log(users);
     updateGroupMember(users)
 }).on('click', '#btn_add_user', function() {
     if (Object.keys(jumpserver.users_selected).length === 0) {

apps/users/templates/users/user_list.html

@@ -223,7 +223,7 @@ $(document).ready(function(){
     var $this = $(this);
     var name = $this.data('name');
     var uid = $this.data('uid');
-    var the_url = '{% url "api-users:user-detail" pk="{{ DEFAULT_PK }}" %}'.replace("{{ DEFAULT_PK }}", uid);
+    var the_url = '{% url "api-users:user-detail" pk=DEFAULT_PK %}'.replace("{{ DEFAULT_PK }}", uid);
     objectDelete($this, name, the_url);
 })
 </script>

apps/users/views/group.py

@@ -39,7 +39,9 @@ class UserGroupCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateVie
     form_class = forms.UserGroupForm
     template_name = 'users/user_group_create_update.html'
     success_url = reverse_lazy('users:user-group-list')
-    success_message = '<a href={url}> {name} </a> was created successfully'
+    success_message = _(
+        'User group <a href={url}> {name} </a> was created successfully'
+    )
 
     def get_context_data(self, **kwargs):
         context = {