Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
3bb6e089
Commit
3bb6e089
authored
Feb 07, 2018
by
ibuler
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[Feature] 更改perms api
parent
6104acae
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
22 changed files
with
369 additions
and
404 deletions
+369
-404
__cluster.py
apps/assets/api/__cluster.py
+0
-0
__group.py
apps/assets/api/__group.py
+0
-0
__init__.py
apps/assets/api/__init__.py
+1
-4
asset.py
apps/assets/api/asset.py
+2
-8
node.py
apps/assets/api/node.py
+0
-0
hands.py
apps/assets/hands.py
+2
-1
tree.py
apps/assets/models/tree.py
+8
-4
serializers.py
apps/assets/serializers.py
+0
-345
__init__.py
apps/assets/serializers/__init__.py
+8
-0
admin_user.py
apps/assets/serializers/admin_user.py
+53
-0
asset.py
apps/assets/serializers/asset.py
+67
-0
cluster.py
apps/assets/serializers/cluster.py
+46
-0
label.py
apps/assets/serializers/label.py
+37
-0
node.py
apps/assets/serializers/node.py
+59
-0
system_user.py
apps/assets/serializers/system_user.py
+58
-0
api_urls.py
apps/assets/urls/api_urls.py
+10
-10
views_urls.py
apps/assets/urls/views_urls.py
+12
-12
__init__.py
apps/assets/views/__init__.py
+2
-3
api.py
apps/perms/api.py
+0
-0
hands.py
apps/perms/hands.py
+1
-1
api_urls.py
apps/perms/urls/api_urls.py
+3
-16
utils.py
apps/perms/utils.py
+0
-0
No files found.
apps/assets/api/cluster.py
→
apps/assets/api/
__
cluster.py
View file @
3bb6e089
File moved
apps/assets/api/group.py
→
apps/assets/api/
__
group.py
View file @
3bb6e089
File moved
apps/assets/api/__init__.py
View file @
3bb6e089
from
.admin_user
import
*
from
.asset
import
*
from
.cluster
import
*
from
.group
import
*
from
.label
import
*
from
.system_user
import
*
from
.tree
import
*
\ No newline at end of file
from
.node
import
*
apps/assets/api/asset.py
View file @
3bb6e089
...
...
@@ -12,7 +12,7 @@ from django.db.models import Q
from
common.mixins
import
IDInFilterMixin
from
common.utils
import
get_logger
from
..hands
import
IsSuperUser
,
IsValidUser
,
IsSuperUserOrAppUser
,
\
get_user_granted_assets
NodePermissionUtil
from
..models
import
Asset
,
SystemUser
,
AdminUser
,
Node
from
..
import
serializers
from
..tasks
import
update_asset_hardware_info_manual
,
\
...
...
@@ -41,16 +41,10 @@ class AssetViewSet(IDInFilterMixin, LabelFilter, BulkModelViewSet):
def
get_queryset
(
self
):
queryset
=
super
()
.
get_queryset
()
cluster_id
=
self
.
request
.
query_params
.
get
(
'cluster_id'
)
asset_group_id
=
self
.
request
.
query_params
.
get
(
'asset_group_id'
)
admin_user_id
=
self
.
request
.
query_params
.
get
(
'admin_user_id'
)
system_user_id
=
self
.
request
.
query_params
.
get
(
'system_user_id'
)
node_id
=
self
.
request
.
query_params
.
get
(
"node_id"
)
if
cluster_id
:
queryset
=
queryset
.
filter
(
cluster__id
=
cluster_id
)
if
asset_group_id
:
queryset
=
queryset
.
filter
(
groups__id
=
asset_group_id
)
if
admin_user_id
:
admin_user
=
get_object_or_404
(
AdminUser
,
id
=
admin_user_id
)
assets_direct
=
[
asset
.
id
for
asset
in
admin_user
.
asset_set
.
all
()]
...
...
@@ -72,7 +66,7 @@ class UserAssetListView(generics.ListAPIView):
permission_classes
=
(
IsValidUser
,)
def
get_queryset
(
self
):
assets_granted
=
get_user_granted_assets
(
self
.
request
.
user
)
assets_granted
=
NodePermissionUtil
.
get_user_assets
(
self
.
request
.
user
)
.
keys
(
)
queryset
=
self
.
queryset
.
filter
(
id__in
=
[
asset
.
id
for
asset
in
assets_granted
]
)
...
...
apps/assets/api/
tre
e.py
→
apps/assets/api/
nod
e.py
View file @
3bb6e089
File moved
apps/assets/hands.py
View file @
3bb6e089
...
...
@@ -14,5 +14,5 @@
from
users.utils
import
AdminUserRequiredMixin
from
users.permissions
import
IsAppUser
,
IsSuperUser
,
IsValidUser
,
IsSuperUserOrAppUser
from
users.models
import
User
,
UserGroup
from
perms.utils
import
get_user_granted_assets
from
perms.utils
import
NodePermissionUtil
from
perms.tasks
import
push_users
\ No newline at end of file
apps/assets/models/tree.py
View file @
3bb6e089
...
...
@@ -47,16 +47,20 @@ class Node(models.Model):
def
get_all_children
(
self
):
return
self
.
__class__
.
objects
.
filter
(
key__startswith
=
'{}:'
.
format
(
self
.
key
))
def
get_family
(
self
):
children
=
list
(
self
.
get_all_children
())
children
.
append
(
self
)
return
children
def
get_assets
(
self
):
from
.asset
import
Asset
children
=
self
.
get_children
()
assets
=
Asset
.
objects
.
filter
(
nodes__in
=
children
)
assets
=
Asset
.
objects
.
filter
(
nodes__id
=
self
.
id
)
return
assets
def
get_all_assets
(
self
):
from
.asset
import
Asset
children
=
self
.
get_all_children
()
assets
=
Asset
.
objects
.
filter
(
nodes__in
=
children
)
nodes
=
self
.
get_family
()
assets
=
Asset
.
objects
.
filter
(
nodes__in
=
nodes
)
return
assets
@property
...
...
apps/assets/serializers.py
deleted
100644 → 0
View file @
6104acae
# -*- coding: utf-8 -*-
from
django.core.cache
import
cache
from
rest_framework
import
serializers
from
rest_framework_bulk.serializers
import
BulkListSerializer
from
common.mixins
import
BulkSerializerMixin
from
.models
import
AssetGroup
,
Asset
,
Cluster
,
AdminUser
,
SystemUser
,
Label
,
Node
from
.const
import
ADMIN_USER_CONN_CACHE_KEY
class
AssetGroupSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
资产组序列化数据模型
"""
assets_display
=
serializers
.
SerializerMethodField
()
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
(),
required
=
False
)
class
Meta
:
model
=
AssetGroup
list_serializer_class
=
BulkListSerializer
fields
=
[
'id'
,
'name'
,
'comment'
,
'assets_display'
,
'assets'
]
@staticmethod
def
get_assets_display
(
obj
):
return
[
asset
.
hostname
for
asset
in
obj
.
assets
.
all
()]
class
AssetUpdateSystemUserSerializer
(
serializers
.
ModelSerializer
):
"""
资产更新其系统用户请求的数据结构定义
"""
system_users
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
SystemUser
.
objects
.
all
())
class
Meta
:
model
=
Asset
fields
=
[
'id'
,
'system_users'
]
class
GroupUpdateAssetsSerializer
(
serializers
.
ModelSerializer
):
"""
资产组更新需要的数据结构
"""
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
class
Meta
:
model
=
AssetGroup
fields
=
[
'id'
,
'assets'
]
class
ClusterUpdateAssetsSerializer
(
serializers
.
ModelSerializer
):
"""
集群更新资产数据结构
"""
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
class
Meta
:
model
=
Cluster
fields
=
[
'id'
,
'assets'
]
class
AdminUserSerializer
(
serializers
.
ModelSerializer
):
"""
管理用户
"""
assets_amount
=
serializers
.
SerializerMethodField
()
unreachable_amount
=
serializers
.
SerializerMethodField
()
reachable_amount
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
AdminUser
fields
=
'__all__'
@staticmethod
def
get_unreachable_amount
(
obj
):
data
=
cache
.
get
(
ADMIN_USER_CONN_CACHE_KEY
.
format
(
obj
.
name
))
if
data
:
return
len
(
data
.
get
(
'dark'
))
else
:
return
0
@staticmethod
def
get_reachable_amount
(
obj
):
data
=
cache
.
get
(
ADMIN_USER_CONN_CACHE_KEY
.
format
(
obj
.
name
))
if
data
:
return
len
(
data
.
get
(
'contacted'
))
else
:
return
0
@staticmethod
def
get_assets_amount
(
obj
):
return
obj
.
assets_amount
class
SystemUserSerializer
(
serializers
.
ModelSerializer
):
"""
系统用户
"""
unreachable_amount
=
serializers
.
SerializerMethodField
()
reachable_amount
=
serializers
.
SerializerMethodField
()
unreachable_assets
=
serializers
.
SerializerMethodField
()
reachable_assets
=
serializers
.
SerializerMethodField
()
assets_amount
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
SystemUser
exclude
=
(
'_password'
,
'_private_key'
,
'_public_key'
)
@staticmethod
def
get_unreachable_assets
(
obj
):
return
obj
.
unreachable_assets
@staticmethod
def
get_reachable_assets
(
obj
):
return
obj
.
reachable_assets
def
get_unreachable_amount
(
self
,
obj
):
return
len
(
self
.
get_unreachable_assets
(
obj
))
def
get_reachable_amount
(
self
,
obj
):
return
len
(
self
.
get_reachable_assets
(
obj
))
@staticmethod
def
get_assets_amount
(
obj
):
amount
=
0
for
cluster
in
obj
.
cluster
.
all
():
amount
+=
cluster
.
assets
.
all
()
.
count
()
return
amount
class
AdminUserUpdateClusterSerializer
(
serializers
.
ModelSerializer
):
"""
管理用户更新关联到的集群
"""
clusters
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Cluster
.
objects
.
all
())
class
Meta
:
model
=
AdminUser
fields
=
[
'id'
,
'clusters'
]
class
AssetSystemUserSerializer
(
serializers
.
ModelSerializer
):
"""
查看授权的资产系统用户的数据结构,这个和AssetSerializer不同,字段少
"""
class
Meta
:
model
=
SystemUser
fields
=
(
'id'
,
'name'
,
'username'
,
'priority'
,
'protocol'
,
'comment'
,)
class
SystemUserSimpleSerializer
(
serializers
.
ModelSerializer
):
"""
系统用户最基本信息的数据结构
"""
class
Meta
:
model
=
SystemUser
fields
=
(
'id'
,
'name'
,
'username'
)
class
AssetSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
资产的数据结构
"""
cluster_name
=
serializers
.
SerializerMethodField
()
class
Meta
(
object
):
model
=
Asset
list_serializer_class
=
BulkListSerializer
fields
=
'__all__'
validators
=
[]
# If not set to [], partial bulk update will be error
def
get_field_names
(
self
,
declared_fields
,
info
):
fields
=
super
()
.
get_field_names
(
declared_fields
,
info
)
fields
.
extend
([
'hardware_info'
,
'is_connective'
,
])
return
fields
@staticmethod
def
get_cluster_name
(
obj
):
return
obj
.
cluster
.
name
class
AssetGrantedSerializer
(
serializers
.
ModelSerializer
):
"""
被授权资产的数据结构
"""
system_users_granted
=
AssetSystemUserSerializer
(
many
=
True
,
read_only
=
True
)
is_inherited
=
serializers
.
SerializerMethodField
()
system_users_join
=
serializers
.
SerializerMethodField
()
class
Meta
(
object
):
model
=
Asset
fields
=
(
"id"
,
"hostname"
,
"ip"
,
"port"
,
"system_users_granted"
,
"is_inherited"
,
"is_active"
,
"system_users_join"
,
"os"
,
"platform"
,
"comment"
)
@staticmethod
def
get_is_inherited
(
obj
):
if
getattr
(
obj
,
'inherited'
,
''
):
return
True
else
:
return
False
@staticmethod
def
get_system_users_join
(
obj
):
return
', '
.
join
([
system_user
.
username
for
system_user
in
obj
.
system_users_granted
])
class
MyAssetGrantedSerializer
(
AssetGrantedSerializer
):
"""
普通用户获取授权的资产定义的数据结构
"""
class
Meta
(
object
):
model
=
Asset
fields
=
(
"id"
,
"hostname"
,
"system_users_granted"
,
"is_inherited"
,
"is_active"
,
"system_users_join"
,
"os"
,
"platform"
,
"comment"
,
)
class
ClusterSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
cluster
"""
assets_amount
=
serializers
.
SerializerMethodField
()
admin_user_name
=
serializers
.
SerializerMethodField
()
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
system_users
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Cluster
fields
=
'__all__'
@staticmethod
def
get_assets_amount
(
obj
):
return
obj
.
assets
.
count
()
@staticmethod
def
get_admin_user_name
(
obj
):
try
:
return
obj
.
admin_user
.
name
except
AttributeError
:
return
''
@staticmethod
def
get_system_users
(
obj
):
return
', '
.
join
(
obj
.
name
for
obj
in
obj
.
systemuser_set
.
all
())
class
AssetGroupGrantedSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
授权资产组
"""
assets_granted
=
AssetGrantedSerializer
(
many
=
True
,
read_only
=
True
)
assets_amount
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
AssetGroup
list_serializer_class
=
BulkListSerializer
fields
=
'__all__'
@staticmethod
def
get_assets_amount
(
obj
):
return
len
(
obj
.
assets_granted
)
class
MyAssetGroupGrantedSerializer
(
serializers
.
ModelSerializer
):
"""
普通用户授权资产组结构
"""
assets_granted
=
MyAssetGrantedSerializer
(
many
=
True
,
read_only
=
True
)
assets_amount
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
AssetGroup
list_serializer_class
=
BulkListSerializer
fields
=
'__all__'
@staticmethod
def
get_assets_amount
(
obj
):
return
len
(
obj
.
assets_granted
)
class
LabelSerializer
(
serializers
.
ModelSerializer
):
asset_count
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Label
fields
=
'__all__'
list_serializer_class
=
BulkListSerializer
@staticmethod
def
get_asset_count
(
obj
):
return
obj
.
assets
.
count
()
def
get_field_names
(
self
,
declared_fields
,
info
):
fields
=
super
()
.
get_field_names
(
declared_fields
,
info
)
fields
.
extend
([
'get_category_display'
])
return
fields
class
LabelDistinctSerializer
(
serializers
.
ModelSerializer
):
value
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Label
fields
=
(
"name"
,
"value"
)
@staticmethod
def
get_value
(
obj
):
labels
=
Label
.
objects
.
filter
(
name
=
obj
[
"name"
])
return
', '
.
join
([
label
.
value
for
label
in
labels
])
class
NodeSerializer
(
serializers
.
ModelSerializer
):
parent
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Node
fields
=
[
'id'
,
'key'
,
'value'
,
'parent'
]
list_serializer_class
=
BulkListSerializer
@staticmethod
def
get_parent
(
obj
):
return
obj
.
parent
.
id
def
get_fields
(
self
):
fields
=
super
()
.
get_fields
()
field
=
fields
[
"key"
]
field
.
required
=
False
return
fields
class
NodeAssetsSerializer
(
serializers
.
ModelSerializer
):
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
class
Meta
:
model
=
Node
fields
=
[
'assets'
]
apps/assets/serializers/__init__.py
0 → 100644
View file @
3bb6e089
# -*- coding: utf-8 -*-
#
from
.asset
import
*
from
.admin_user
import
*
from
.label
import
*
from
.system_user
import
*
from
.node
import
*
apps/assets/serializers/admin_user.py
0 → 100644
View file @
3bb6e089
# -*- coding: utf-8 -*-
#
from
django.core.cache
import
cache
from
rest_framework
import
serializers
from
..models
import
Cluster
,
AdminUser
from
..const
import
ADMIN_USER_CONN_CACHE_KEY
class
AdminUserSerializer
(
serializers
.
ModelSerializer
):
"""
管理用户
"""
assets_amount
=
serializers
.
SerializerMethodField
()
unreachable_amount
=
serializers
.
SerializerMethodField
()
reachable_amount
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
AdminUser
fields
=
'__all__'
@staticmethod
def
get_unreachable_amount
(
obj
):
data
=
cache
.
get
(
ADMIN_USER_CONN_CACHE_KEY
.
format
(
obj
.
name
))
if
data
:
return
len
(
data
.
get
(
'dark'
))
else
:
return
0
@staticmethod
def
get_reachable_amount
(
obj
):
data
=
cache
.
get
(
ADMIN_USER_CONN_CACHE_KEY
.
format
(
obj
.
name
))
if
data
:
return
len
(
data
.
get
(
'contacted'
))
else
:
return
0
@staticmethod
def
get_assets_amount
(
obj
):
return
obj
.
assets_amount
class
AdminUserUpdateClusterSerializer
(
serializers
.
ModelSerializer
):
"""
管理用户更新关联到的集群
"""
clusters
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Cluster
.
objects
.
all
()
)
class
Meta
:
model
=
AdminUser
fields
=
[
'id'
,
'clusters'
]
\ No newline at end of file
apps/assets/serializers/asset.py
0 → 100644
View file @
3bb6e089
# -*- coding: utf-8 -*-
#
from
rest_framework
import
serializers
from
rest_framework_bulk.serializers
import
BulkListSerializer
from
common.mixins
import
BulkSerializerMixin
from
..models
import
Asset
from
.system_user
import
AssetSystemUserSerializer
class
AssetSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
资产的数据结构
"""
cluster_name
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Asset
list_serializer_class
=
BulkListSerializer
fields
=
'__all__'
validators
=
[]
# If not set to [], partial bulk update will be error
def
get_field_names
(
self
,
declared_fields
,
info
):
fields
=
super
()
.
get_field_names
(
declared_fields
,
info
)
fields
.
extend
([
'hardware_info'
,
'is_connective'
,
])
return
fields
@staticmethod
def
get_cluster_name
(
obj
):
return
obj
.
cluster
.
name
class
AssetGrantedSerializer
(
serializers
.
ModelSerializer
):
"""
被授权资产的数据结构
"""
system_users_granted
=
AssetSystemUserSerializer
(
many
=
True
,
read_only
=
True
)
system_users_join
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Asset
fields
=
(
"id"
,
"hostname"
,
"ip"
,
"port"
,
"system_users_granted"
,
"is_active"
,
"system_users_join"
,
"os"
,
"platform"
,
"comment"
)
@staticmethod
def
get_system_users_join
(
obj
):
system_users
=
[
s
.
username
for
s
in
obj
.
system_users_granted
]
return
', '
.
join
(
system_users
)
class
MyAssetGrantedSerializer
(
AssetGrantedSerializer
):
"""
普通用户获取授权的资产定义的数据结构
"""
class
Meta
:
model
=
Asset
fields
=
(
"id"
,
"hostname"
,
"system_users_granted"
,
"is_active"
,
"system_users_join"
,
"os"
,
"platform"
,
"comment"
,
)
apps/assets/serializers/cluster.py
0 → 100644
View file @
3bb6e089
# -*- coding: utf-8 -*-
#
from
rest_framework
import
serializers
from
common.mixins
import
BulkSerializerMixin
from
..models
import
Asset
,
Cluster
class
ClusterUpdateAssetsSerializer
(
serializers
.
ModelSerializer
):
"""
集群更新资产数据结构
"""
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
class
Meta
:
model
=
Cluster
fields
=
[
'id'
,
'assets'
]
class
ClusterSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
cluster
"""
assets_amount
=
serializers
.
SerializerMethodField
()
admin_user_name
=
serializers
.
SerializerMethodField
()
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
system_users
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Cluster
fields
=
'__all__'
@staticmethod
def
get_assets_amount
(
obj
):
return
obj
.
assets
.
count
()
@staticmethod
def
get_admin_user_name
(
obj
):
try
:
return
obj
.
admin_user
.
name
except
AttributeError
:
return
''
@staticmethod
def
get_system_users
(
obj
):
return
', '
.
join
(
obj
.
name
for
obj
in
obj
.
systemuser_set
.
all
())
apps/assets/serializers/label.py
0 → 100644
View file @
3bb6e089
# -*- coding: utf-8 -*-
#
from
rest_framework
import
serializers
from
rest_framework_bulk.serializers
import
BulkListSerializer
from
..models
import
Label
class
LabelSerializer
(
serializers
.
ModelSerializer
):
asset_count
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Label
fields
=
'__all__'
list_serializer_class
=
BulkListSerializer
@staticmethod
def
get_asset_count
(
obj
):
return
obj
.
assets
.
count
()
def
get_field_names
(
self
,
declared_fields
,
info
):
fields
=
super
()
.
get_field_names
(
declared_fields
,
info
)
fields
.
extend
([
'get_category_display'
])
return
fields
class
LabelDistinctSerializer
(
serializers
.
ModelSerializer
):
value
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Label
fields
=
(
"name"
,
"value"
)
@staticmethod
def
get_value
(
obj
):
labels
=
Label
.
objects
.
filter
(
name
=
obj
[
"name"
])
return
', '
.
join
([
label
.
value
for
label
in
labels
])
apps/assets/serializers/node.py
0 → 100644
View file @
3bb6e089
# -*- coding: utf-8 -*-
from
rest_framework
import
serializers
from
rest_framework_bulk.serializers
import
BulkListSerializer
from
common.mixins
import
BulkSerializerMixin
from
..models
import
Asset
,
Node
from
.asset
import
AssetGrantedSerializer
class
NodeGrantedSerializer
(
BulkSerializerMixin
,
serializers
.
ModelSerializer
):
"""
授权资产组
"""
assets_granted
=
AssetGrantedSerializer
(
many
=
True
,
read_only
=
True
)
assets_amount
=
serializers
.
SerializerMethodField
()
parent
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Node
fields
=
[
'id'
,
'key'
,
'value'
,
'parent'
,
'assets_granted'
,
'assets_amount'
,
]
@staticmethod
def
get_assets_amount
(
obj
):
return
len
(
obj
.
assets_granted
)
@staticmethod
def
get_parent
(
obj
):
return
obj
.
parent
.
id
class
NodeSerializer
(
serializers
.
ModelSerializer
):
parent
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
Node
fields
=
[
'id'
,
'key'
,
'value'
,
'parent'
]
list_serializer_class
=
BulkListSerializer
@staticmethod
def
get_parent
(
obj
):
return
obj
.
parent
.
id
def
get_fields
(
self
):
fields
=
super
()
.
get_fields
()
field
=
fields
[
"key"
]
field
.
required
=
False
return
fields
class
NodeAssetsSerializer
(
serializers
.
ModelSerializer
):
assets
=
serializers
.
PrimaryKeyRelatedField
(
many
=
True
,
queryset
=
Asset
.
objects
.
all
())
class
Meta
:
model
=
Node
fields
=
[
'assets'
]
\ No newline at end of file
apps/assets/serializers/system_user.py
0 → 100644
View file @
3bb6e089
from
rest_framework
import
serializers
from
..models
import
SystemUser
class
SystemUserSerializer
(
serializers
.
ModelSerializer
):
"""
系统用户
"""
unreachable_amount
=
serializers
.
SerializerMethodField
()
reachable_amount
=
serializers
.
SerializerMethodField
()
unreachable_assets
=
serializers
.
SerializerMethodField
()
reachable_assets
=
serializers
.
SerializerMethodField
()
assets_amount
=
serializers
.
SerializerMethodField
()
class
Meta
:
model
=
SystemUser
exclude
=
(
'_password'
,
'_private_key'
,
'_public_key'
)
@staticmethod
def
get_unreachable_assets
(
obj
):
return
obj
.
unreachable_assets
@staticmethod
def
get_reachable_assets
(
obj
):
return
obj
.
reachable_assets
def
get_unreachable_amount
(
self
,
obj
):
return
len
(
self
.
get_unreachable_assets
(
obj
))
def
get_reachable_amount
(
self
,
obj
):
return
len
(
self
.
get_reachable_assets
(
obj
))
@staticmethod
def
get_assets_amount
(
obj
):
amount
=
0
for
cluster
in
obj
.
cluster
.
all
():
amount
+=
cluster
.
assets
.
all
()
.
count
()
return
amount
class
AssetSystemUserSerializer
(
serializers
.
ModelSerializer
):
"""
查看授权的资产系统用户的数据结构,这个和AssetSerializer不同,字段少
"""
class
Meta
:
model
=
SystemUser
fields
=
(
'id'
,
'name'
,
'username'
,
'priority'
,
'protocol'
,
'comment'
,)
class
SystemUserSimpleSerializer
(
serializers
.
ModelSerializer
):
"""
系统用户最基本信息的数据结构
"""
class
Meta
:
model
=
SystemUser
fields
=
(
'id'
,
'name'
,
'username'
)
\ No newline at end of file
apps/assets/urls/api_urls.py
View file @
3bb6e089
...
...
@@ -7,9 +7,9 @@ app_name = 'assets'
router
=
BulkRouter
()
router
.
register
(
r'v1/groups'
,
api
.
AssetGroupViewSet
,
'asset-group'
)
#
router.register(r'v1/groups', api.AssetGroupViewSet, 'asset-group')
router
.
register
(
r'v1/assets'
,
api
.
AssetViewSet
,
'asset'
)
router
.
register
(
r'v1/clusters'
,
api
.
ClusterViewSet
,
'cluster'
)
#
router.register(r'v1/clusters', api.ClusterViewSet, 'cluster')
router
.
register
(
r'v1/admin-user'
,
api
.
AdminUserViewSet
,
'admin-user'
)
router
.
register
(
r'v1/system-user'
,
api
.
SystemUserViewSet
,
'system-user'
)
router
.
register
(
r'v1/labels'
,
api
.
LabelViewSet
,
'label'
)
...
...
@@ -26,15 +26,15 @@ urlpatterns = [
url
(
r'^v1/assets/user-assets/$'
,
api
.
UserAssetListView
.
as_view
(),
name
=
'user-asset-list'
),
# update the asset group, which add or delete the asset to the group
url
(
r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$'
,
api
.
GroupUpdateAssetsApi
.
as_view
(),
name
=
'group-update-assets'
),
url
(
r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/add/$'
,
api
.
GroupAddAssetsApi
.
as_view
(),
name
=
'group-add-assets'
),
#
url(r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$',
#
api.GroupUpdateAssetsApi.as_view(), name='group-update-assets'),
#
url(r'^v1/groups/(?P<pk>[0-9a-zA-Z\-]{36})/assets/add/$',
#
api.GroupAddAssetsApi.as_view(), name='group-add-assets'),
# update the Cluster, and add or delete the assets to the Cluster
url
(
r'^v1/cluster/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$'
,
api
.
ClusterAddAssetsApi
.
as_view
(),
name
=
'cluster-add-assets'
),
url
(
r'^v1/cluster/(?P<pk>[0-9a-zA-Z\-]{36})/assets/connective/$'
,
api
.
ClusterTestAssetsAliveApi
.
as_view
(),
name
=
'cluster-test-connective'
),
#
url(r'^v1/cluster/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$',
#
api.ClusterAddAssetsApi.as_view(), name='cluster-add-assets'),
#
url(r'^v1/cluster/(?P<pk>[0-9a-zA-Z\-]{36})/assets/connective/$',
#
api.ClusterTestAssetsAliveApi.as_view(), name='cluster-test-connective'),
url
(
r'^v1/admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/clusters/$'
,
api
.
AdminUserAddClustersApi
.
as_view
(),
name
=
'admin-user-add-clusters'
),
url
(
r'^v1/admin-user/(?P<pk>[0-9a-zA-Z\-]{36})/connective/$'
,
...
...
apps/assets/urls/views_urls.py
View file @
3bb6e089
...
...
@@ -20,20 +20,20 @@ urlpatterns = [
# User asset view
url
(
r'^user-asset/$'
,
views
.
UserAssetListView
.
as_view
(),
name
=
'user-asset-list'
),
# Resource asset group url
url
(
r'^asset-group/$'
,
views
.
AssetGroupListView
.
as_view
(),
name
=
'asset-group-list'
),
url
(
r'^asset-group/create/$'
,
views
.
AssetGroupCreateView
.
as_view
(),
name
=
'asset-group-create'
),
url
(
r'^asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/$'
,
views
.
AssetGroupDetailView
.
as_view
(),
name
=
'asset-group-detail'
),
url
(
r'^asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/update/$'
,
views
.
AssetGroupUpdateView
.
as_view
(),
name
=
'asset-group-update'
),
url
(
r'^asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$'
,
views
.
AssetGroupDeleteView
.
as_view
(),
name
=
'asset-group-delete'
),
#
#
Resource asset group url
#
url(r'^asset-group/$', views.AssetGroupListView.as_view(), name='asset-group-list'),
#
url(r'^asset-group/create/$', views.AssetGroupCreateView.as_view(), name='asset-group-create'),
#
url(r'^asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/$', views.AssetGroupDetailView.as_view(), name='asset-group-detail'),
#
url(r'^asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/update/$', views.AssetGroupUpdateView.as_view(), name='asset-group-update'),
#
url(r'^asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.AssetGroupDeleteView.as_view(), name='asset-group-delete'),
# Resource cluster url
url
(
r'^cluster/$'
,
views
.
ClusterListView
.
as_view
(),
name
=
'cluster-list'
),
url
(
r'^cluster/create/$'
,
views
.
ClusterCreateView
.
as_view
(),
name
=
'cluster-create'
),
url
(
r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/$'
,
views
.
ClusterDetailView
.
as_view
(),
name
=
'cluster-detail'
),
url
(
r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/update/'
,
views
.
ClusterUpdateView
.
as_view
(),
name
=
'cluster-update'
),
url
(
r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$'
,
views
.
ClusterDeleteView
.
as_view
(),
name
=
'cluster-delete'
),
url
(
r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$'
,
views
.
ClusterAssetsView
.
as_view
(),
name
=
'cluster-assets'
),
#
url(r'^cluster/$', views.ClusterListView.as_view(), name='cluster-list'),
#
url(r'^cluster/create/$', views.ClusterCreateView.as_view(), name='cluster-create'),
#
url(r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/$', views.ClusterDetailView.as_view(), name='cluster-detail'),
#
url(r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/update/', views.ClusterUpdateView.as_view(), name='cluster-update'),
#
url(r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/delete/$', views.ClusterDeleteView.as_view(), name='cluster-delete'),
#
url(r'^cluster/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$', views.ClusterAssetsView.as_view(), name='cluster-assets'),
# Resource admin user url
url
(
r'^admin-user/$'
,
views
.
AdminUserListView
.
as_view
(),
name
=
'admin-user-list'
),
...
...
apps/assets/views/__init__.py
View file @
3bb6e089
# coding:utf-8
from
.asset
import
*
from
.group
import
*
from
.cluster
import
*
#
from .group import *
#
from .cluster import *
from
.system_user
import
*
from
.admin_user
import
*
from
.label
import
*
from
.tree
import
*
apps/perms/api.py
View file @
3bb6e089
This diff is collapsed.
Click to expand it.
apps/perms/hands.py
View file @
3bb6e089
...
...
@@ -4,7 +4,7 @@
from
users.utils
import
AdminUserRequiredMixin
from
users.models
import
User
,
UserGroup
from
assets.models
import
Asset
,
AssetGroup
,
SystemUser
,
Node
from
assets.serializers
import
AssetGrantedSerializer
,
AssetGroupGrantedSerializer
,
MyAssetGroup
GrantedSerializer
from
assets.serializers
import
AssetGrantedSerializer
,
Node
GrantedSerializer
apps/perms/urls/api_urls.py
View file @
3bb6e089
...
...
@@ -10,26 +10,13 @@ router = routers.DefaultRouter()
router
.
register
(
'v1/asset-permissions'
,
api
.
AssetPermissionViewSet
,
'asset-permission'
)
urlpatterns
=
[
# 用户可以使用自己的Token或其它认证查看自己授权的资产,资产组等
url
(
r'^v1/user/my/assets/$'
,
api
.
MyGrantedAssetsApi
.
as_view
(),
name
=
'my-assets'
),
url
(
r'^v1/user/my/asset-groups/$'
,
api
.
MyGrantedAssetGroupsApi
.
as_view
(),
name
=
'my-asset-groups'
),
url
(
r'^v1/user/my/asset-groups-assets/$'
,
api
.
MyGrantedAssetGroupsWithAssetsApi
.
as_view
(),
name
=
'my-asset-group-assets'
),
url
(
r'^v1/user/my/asset-group/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$'
,
api
.
MyAssetGroupOfAssetsApi
.
as_view
(),
name
=
'my-asset-group-of-assets'
),
# 查询某个用户授权的资产和资产组
url
(
r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$'
,
api
.
UserGrantedAssetsApi
.
as_view
(),
name
=
'user-assets'
),
url
(
r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups/$'
,
api
.
UserGrantedAssetGroupsApi
.
as_view
(),
name
=
'user-asset-groups'
),
url
(
r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups-assets/$'
,
api
.
UserGrantedAssetGroupsWithAssetsApi
.
as_view
(),
name
=
'user-asset-groups'
),
url
(
r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})?/?assets/$'
,
api
.
UserGrantedAssetsApi
.
as_view
(),
name
=
'user-assets'
),
url
(
r'^v1/user/(?P<pk>[0-9a-zA-Z\-]{36})?/?nodes/$'
,
api
.
UserGrantedNodesWithAssetsApi
.
as_view
(),
name
=
'user-nodes'
),
# 查询某个用户组授权的资产和资产组
url
(
r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/assets/$'
,
api
.
UserGroupGrantedAssetsApi
.
as_view
(),
name
=
'user-group-assets'
),
url
(
r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/asset-groups/$'
,
api
.
UserGroupGrantedAssetGroupsApi
.
as_view
(),
name
=
'user-group-asset-groups'
),
# 用户和资产授权变更
url
(
r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/user/remove/$'
,
api
.
AssetPermissionRemoveUserApi
.
as_view
(),
name
=
'asset-permission-remove-user'
),
url
(
r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/user/add/$'
,
api
.
AssetPermissionAddUserApi
.
as_view
(),
name
=
'asset-permission-add-user'
),
url
(
r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/asset/remove/$'
,
api
.
AssetPermissionRemoveAssetApi
.
as_view
(),
name
=
'asset-permission-remove-asset'
),
url
(
r'^v1/asset-permissions/(?P<pk>[0-9a-zA-Z\-]{36})/asset/add/$'
,
api
.
AssetPermissionAddAssetApi
.
as_view
(),
name
=
'asset-permission-add-asset'
),
url
(
r'^v1/user-group/(?P<pk>[0-9a-zA-Z\-]{36})/nodes/$'
,
api
.
UserGroupGrantedNodeApi
.
as_view
(),
name
=
'user-group-asset-groups'
),
# 验证用户是否有某个资产和系统用户的权限
url
(
r'v1/asset-permission/user/validate/$'
,
api
.
ValidateUserAssetPermissionView
.
as_view
(),
name
=
'validate-user-asset-permission'
),
...
...
apps/perms/utils.py
View file @
3bb6e089
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment