[Bugfix] 修改普通用户获取资产详情的bug

apps/assets/api.py

@@ -38,10 +38,11 @@ class AssetViewSet(IDInFilterMixin, BulkModelViewSet):
     permission_classes = (IsValidUser,)
 
     def get_queryset(self):
-        if self.request.user.is_superuser:
+        if self.request.user.is_superuser or self.request.user.is_app:
             queryset = super().get_queryset()
         else:
-            queryset = get_user_granted_assets(self.request.user)
+            assets_granted = get_user_granted_assets(self.request.user)
+            queryset = self.queryset.filter(id__in=[asset.id for asset in assets_granted])
         cluster_id = self.request.query_params.get('cluster_id')
         asset_group_id = self.request.query_params.get('asset_group_id')
         admin_user_id = self.request.query_params.get('admin_user_id')

apps/assets/serializers.py

@@ -164,7 +164,8 @@ class AssetGrantedSerializer(serializers.ModelSerializer):
     class Meta(object):
         model = Asset
         fields = ("id", "hostname", "ip", "port", "system_users_granted",
-                  "is_inherited", "is_active", "system_users_join", "comment")
+                  "is_inherited", "is_active", "system_users_join",
+                  "platform", "comment",)
 
     @staticmethod
     def get_is_inherited(obj):

apps/perms/views.py

@@ -122,13 +122,6 @@ class AssetPermissionUpdateView(AdminUserRequiredMixin, UpdateView):
             url=url, name=self.object.name
         )
 
-    def form_valid(self, form):
-        assets = form.cleaned_data['assets']
-        asset_groups = form.cleaned_data['asset_groups']
-        system_users = form.cleaned_data['system_users']
-        associate_system_users_and_assets(system_users, assets, asset_groups)
-        return super(AssetPermissionUpdateView, self).form_valid(form)
-
 
 class AssetPermissionDetailView(AdminUserRequiredMixin, DetailView):
     template_name = 'perms/asset_permission_detail.html'