[Bugfix] 解决Node.root() 死循环，移动AdminRequired到permission中 (#1571)

2208d6d5 · 老广 · GitHub · e3aa18ff · 2208d6d5 · 2208d6d5
Unverified Commit 2208d6d5 authored Jul 20, 2018 by 老广 Committed by GitHub Jul 20, 2018
23 changed files
--- a/apps/assets/hands.py
+++ b/apps/assets/hands.py
@@ -11,6 +11,6 @@
 """


-from common.mixins import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from common.permissions import IsAppUser, IsSuperUser, IsValidUser, IsSuperUserOrAppUser
 from users.models import User, UserGroup
--- a/apps/assets/models/node.py
+++ b/apps/assets/models/node.py
@@ -7,7 +7,7 @@ from django.db.models import Q
 from django.utils.translation import ugettext_lazy as _

 from orgs.mixins import OrgModelMixin
-from orgs.utils import current_org, set_current_org
+from orgs.utils import current_org, set_current_org, get_current_org
 from orgs.models import Organization

 __all__ = ['Node']
@@ -169,13 +169,15 @@ class Node(OrgModelMixin):

    @classmethod
    def create_root_node(cls):
+        # 如果使用current_org 在set_current_org时会死循环
+        _current_org = get_current_org()
        with transaction.atomic():
            set_current_org(Organization.root())
            org_nodes_roots = cls.objects.filter(key__regex=r'^[0-9]+$')
            org_nodes_roots_keys = org_nodes_roots.values_list('key', flat=True)
            max_value = max([int(k) for k in org_nodes_roots_keys]) if org_nodes_roots_keys else 0
-            set_current_org(current_org)
-            root = cls.objects.create(key=max_value+1, value=current_org.name)
+            set_current_org(_current_org)
+            root = cls.objects.create(key=str(max_value+1), value=_current_org.name)
            return root

    @classmethod

--- a/apps/assets/views/admin_user.py
+++ b/apps/assets/views/admin_user.py
@@ -11,7 +11,7 @@ from django.views.generic.detail import DetailView, SingleObjectMixin
 from common.const import create_success_msg, update_success_msg
 from .. import forms
 from ..models import AdminUser, Node
-from ..hands import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin

 __all__ = [
    'AdminUserCreateView', 'AdminUserDetailView',

--- a/apps/assets/views/asset.py
+++ b/apps/assets/views/asset.py
@@ -29,7 +29,7 @@ from common.utils import get_object_or_none, get_logger, is_uuid
 from common.const import create_success_msg, update_success_msg
 from .. import forms
 from ..models import Asset, AdminUser, SystemUser, Label, Node, Domain
-from ..hands import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin


 __all__ = [

--- a/apps/assets/views/domain.py
+++ b/apps/assets/views/domain.py
@@ -7,7 +7,7 @@ from django.views.generic.detail import SingleObjectMixin
 from django.utils.translation import ugettext_lazy as _
 from django.urls import reverse_lazy, reverse

-from common.mixins import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from common.const import create_success_msg, update_success_msg
 from common.utils import get_object_or_none
 from ..models import Domain, Gateway

--- a/apps/assets/views/label.py
+++ b/apps/assets/views/label.py
@@ -6,7 +6,7 @@ from django.views.generic import TemplateView, CreateView, \
 from django.utils.translation import ugettext_lazy as _
 from django.urls import reverse_lazy

-from common.mixins import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from common.const import create_success_msg, update_success_msg
 from ..models import Label
 from ..forms import LabelForm

--- a/apps/assets/views/system_user.py
+++ b/apps/assets/views/system_user.py
@@ -10,7 +10,7 @@ from django.views.generic.detail import DetailView
 from common.const import create_success_msg, update_success_msg
 from ..forms import SystemUserForm
 from ..models import SystemUser, Node
-from ..hands import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin


 __all__ = [

--- a/apps/audits/views.py
+++ b/apps/audits/views.py
@@ -2,7 +2,8 @@ from django.conf import settings
 from django.views.generic import ListView
 from django.utils.translation import ugettext as _

-from common.mixins import AdminUserRequiredMixin, DatetimeSearchMixin
+from common.mixins import DatetimeSearchMixin
+from common.permissions import AdminUserRequiredMixin

 from .models import FTPLog


--- a/apps/common/mixins.py
+++ b/apps/common/mixins.py
@@ -4,7 +4,7 @@ from django.db import models
 from django.http import JsonResponse
 from django.utils import timezone
 from django.utils.translation import ugettext_lazy as _
-from django.contrib.auth.mixins import UserPassesTestMixin
+


 class NoDeleteQuerySet(models.query.QuerySet):
@@ -116,11 +116,4 @@ class DatetimeSearchMixin:
        return super().get(request, *args, **kwargs)


-class AdminUserRequiredMixin(UserPassesTestMixin):
-    def test_func(self):
-        if not self.request.user.is_authenticated:
-            return False
-        elif not self.request.user:
-            self.raise_exception = True
-            return False
-        return True
+
--- a/apps/common/permissions.py
+++ b/apps/common/permissions.py
@@ -2,6 +2,9 @@
 #

 from rest_framework import permissions
+from django.contrib.auth.mixins import UserPassesTestMixin
+
+from orgs.utils import current_org


 class IsValidUser(permissions.IsAuthenticated, permissions.BasePermission):
@@ -50,3 +53,13 @@ class IsCurrentUserOrReadOnly(permissions.BasePermission):
        if request.method in permissions.SAFE_METHODS:
            return True
        return obj == request.user
+
+
+class AdminUserRequiredMixin(UserPassesTestMixin):
+    def test_func(self):
+        if not self.request.user.is_authenticated:
+            return False
+        elif not self.request.user:
+            self.raise_exception = True
+            return False
+        return True
--- a/apps/common/views.py
+++ b/apps/common/views.py
@@ -8,7 +8,7 @@ from django.conf import settings

 from .forms import EmailSettingForm, LDAPSettingForm, BasicSettingForm, \
    TerminalSettingForm, SecuritySettingForm
-from .mixins import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from .signals import ldap_auth_enable



--- a/apps/ops/hands.py
+++ b/apps/ops/hands.py
 # ~*~ coding: utf-8 ~*~

 from users.permissions import IsSuperUser
-from users.utils import AdminUserRequiredMixin
\ No newline at end of file
+from common.permissions import AdminUserRequiredMixin
\ No newline at end of file
--- a/apps/ops/views.py
+++ b/apps/ops/views.py
@@ -6,7 +6,7 @@ from django.views.generic import ListView, DetailView, TemplateView

 from common.mixins import DatetimeSearchMixin
 from .models import Task, AdHoc, AdHocRunHistory, CeleryTask
-from .hands import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin


 class TaskListView(AdminUserRequiredMixin, DatetimeSearchMixin, ListView):

--- a/apps/orgs/utils.py
+++ b/apps/orgs/utils.py
@@ -20,19 +20,6 @@ def get_org_from_request(request):
    return org


-def get_current_request():
-    return getattr(_thread_locals, 'request', None)
-
-
-def get_current_org():
-    org = getattr(_thread_locals, 'current_org', None)
-    return org
-
-
-def get_current_user():
-    return getattr(_thread_locals, 'user', None)
-
-
 def set_current_org(org):
    setattr(_thread_locals, 'current_org', org)

@@ -46,10 +33,13 @@ def set_to_root_org():


 def _find(attr):
-    if hasattr(_thread_locals, attr):
-        return getattr(_thread_locals, attr)
-    return None
+    return getattr(_thread_locals, attr, None)


-current_org = LocalProxy(get_current_org)
+def get_current_org():
+    return _find('current_org')
+

+current_org = LocalProxy(partial(_find, 'current_org'))
+current_user = LocalProxy(partial(_find, 'current_user'))
+current_request = LocalProxy(partial(_find, 'current_request'))
--- a/apps/perms/hands.py
+++ b/apps/perms/hands.py
 # ~*~ coding: utf-8 ~*~
 #

-from users.utils import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from users.models import User, UserGroup
 from assets.models import Asset, SystemUser, Node
 from assets.serializers import AssetGrantedSerializer, NodeGrantedSerializer, NodeSerializer

--- a/apps/perms/views.py
+++ b/apps/perms/views.py
@@ -8,7 +8,7 @@ from django.views.generic.edit import DeleteView, SingleObjectMixin
 from django.urls import reverse_lazy
 from django.conf import settings

-from common.mixins import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from .hands import Node, Asset, SystemUser, User, UserGroup
 from .models import AssetPermission
 from .forms import AssetPermissionForm

--- a/apps/terminal/hands.py
+++ b/apps/terminal/hands.py
@@ -4,4 +4,4 @@
 from users.models import User
 from users.permissions import IsSuperUserOrAppUser, IsAppUser, \
    IsSuperUserOrAppUserOrUserReadonly
-from users.utils import AdminUserRequiredMixin
\ No newline at end of file
+from common.permissions import AdminUserRequiredMixin
\ No newline at end of file
--- a/apps/terminal/views/command.py
+++ b/apps/terminal/views/command.py
@@ -6,7 +6,8 @@ from django.conf import settings
 from django.utils import timezone
 from django.utils.translation import ugettext as _

-from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin
+from common.mixins import DatetimeSearchMixin
+from common.permissions import AdminUserRequiredMixin
 from ..models import Command
 from .. import utils
 from ..backends import get_multi_command_storage

--- a/apps/terminal/views/session.py
+++ b/apps/terminal/views/session.py
@@ -7,7 +7,7 @@ from django.utils.translation import ugettext as _
 from django.utils import timezone
 from django.conf import settings

-from users.utils import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from common.mixins import DatetimeSearchMixin
 from ..models import Session, Command, Terminal
 from ..backends import get_multi_command_storage

--- a/apps/terminal/views/terminal.py
+++ b/apps/terminal/views/terminal.py
@@ -10,7 +10,7 @@ from django.urls import reverse_lazy, reverse
 from common.mixins import JSONResponseMixin
 from ..models import Terminal
 from ..forms import TerminalForm
-from ..hands import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin


 __all__ = [

--- a/apps/users/views/group.py
+++ b/apps/users/views/group.py
@@ -13,7 +13,7 @@ from common.utils import get_logger
 from common.const import create_success_msg, update_success_msg
 from orgs.mixins import OrgViewGenericMixin
 from ..models import User, UserGroup
-from ..utils import AdminUserRequiredMixin
+from common.permissions import AdminUserRequiredMixin
 from .. import forms

 __all__ = ['UserGroupListView', 'UserGroupCreateView', 'UserGroupDetailView',

--- a/apps/users/views/login.py
+++ b/apps/users/views/login.py
@@ -22,7 +22,8 @@ from formtools.wizard.views import SessionWizardView
 from django.conf import settings

 from common.utils import get_object_or_none
-from common.mixins import DatetimeSearchMixin, AdminUserRequiredMixin
+from common.mixins import DatetimeSearchMixin
+from common.permissions import AdminUserRequiredMixin
 from orgs.utils import current_org
 from ..models import User, LoginLog
 from ..utils import send_reset_password_mail, check_otp_code, get_login_ip, \

--- a/apps/users/views/user.py
+++ b/apps/users/views/user.py
@@ -34,9 +34,10 @@ from common.const import create_success_msg, update_success_msg
 from common.mixins import JSONResponseMixin
 from common.utils import get_logger, get_object_or_none, is_uuid, ssh_key_gen
 from common.models import Setting
+from common.permissions import AdminUserRequiredMixin
 from .. import forms
 from ..models import User, UserGroup
-from ..utils import AdminUserRequiredMixin, generate_otp_uri, check_otp_code, get_user_or_tmp_user, get_password_check_rules, check_password_rules
+from ..utils import generate_otp_uri, check_otp_code, get_user_or_tmp_user, get_password_check_rules, check_password_rules
 from ..signals import post_user_create
 from ..tasks import write_login_log_async