Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
53e97dac
Commit
53e97dac
authored
8 years ago
by
ibuler
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
stash it
parent
f278b735
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
186 additions
and
74 deletions
+186
-74
api.py
apps/perms/api.py
+34
-1
models.py
apps/perms/models.py
+7
-7
serializers.py
apps/perms/serializers.py
+30
-0
asset_permission_list.html
apps/perms/templates/perms/asset_permission_list.html
+108
-61
urls.py
apps/perms/urls.py
+4
-0
views.py
apps/perms/views.py
+0
-1
backends.py
apps/users/backends.py
+1
-2
forms.py
apps/users/forms.py
+2
-2
No files found.
apps/perms/api.py
View file @
53e97dac
...
@@ -2,8 +2,17 @@
...
@@ -2,8 +2,17 @@
#
#
from
rest_framework.views
import
APIView
,
Response
from
rest_framework.views
import
APIView
,
Response
from
users.backends
import
IsValidUser
from
rest_framework.generics
import
ListCreateAPIView
from
users.backends
import
IsValidUser
,
IsSuperUser
from
.utils
import
get_user_granted_assets
,
get_user_granted_asset_groups
from
.utils
import
get_user_granted_assets
,
get_user_granted_asset_groups
from
.models
import
AssetPermission
from
.
import
serializers
class
AssetPermissionListCreateApi
(
ListCreateAPIView
):
queryset
=
AssetPermission
.
objects
.
all
()
serializer_class
=
serializers
.
AssetPermissionSerializer
permission_classes
=
(
IsSuperUser
,)
class
UserAssetsGrantedApi
(
APIView
):
class
UserAssetsGrantedApi
(
APIView
):
...
@@ -34,3 +43,26 @@ class UserAssetsGrantedApi(APIView):
...
@@ -34,3 +43,26 @@ class UserAssetsGrantedApi(APIView):
return
Response
(
assets_json
,
status
=
200
)
return
Response
(
assets_json
,
status
=
200
)
class
UserAssetsGroupsGrantedApi
(
APIView
):
permission_classes
=
(
IsValidUser
,)
def
get
(
self
,
request
,
*
args
,
**
kwargs
):
asset_groups
=
{}
user
=
request
.
user
if
user
:
assets
=
get_user_granted_assets
(
user
)
for
asset
in
assets
:
for
asset_group
in
asset
.
groups
.
all
():
if
asset_group
.
id
in
asset_groups
:
asset_groups
[
asset_group
.
id
][
'asset_num'
]
+=
1
else
:
asset_groups
[
asset_group
.
id
]
=
{
'id'
:
asset_group
.
id
,
'name'
:
asset_group
.
name
,
'asset_num'
:
1
}
asset_groups_json
=
asset_groups
.
values
()
return
Response
(
asset_groups_json
,
status
=
200
)
\ No newline at end of file
This diff is collapsed.
Click to expand it.
apps/perms/models.py
View file @
53e97dac
...
@@ -11,19 +11,19 @@ from common.utils import date_expired_default, combine_seq
...
@@ -11,19 +11,19 @@ from common.utils import date_expired_default, combine_seq
class
AssetPermission
(
models
.
Model
):
class
AssetPermission
(
models
.
Model
):
PRIVATE_FOR_CHOICE
=
(
#
PRIVATE_FOR_CHOICE = (
(
'N'
,
'None'
),
#
('N', 'None'),
(
'U'
,
'user'
),
#
('U', 'user'),
(
'G'
,
'user group'
),
#
('G', 'user group'),
)
#
)
name
=
models
.
CharField
(
max_length
=
128
,
unique
=
True
,
verbose_name
=
_
(
'Name'
))
name
=
models
.
CharField
(
max_length
=
128
,
unique
=
True
,
verbose_name
=
_
(
'Name'
))
users
=
models
.
ManyToManyField
(
User
,
related_name
=
'asset_permissions'
,
blank
=
True
)
users
=
models
.
ManyToManyField
(
User
,
related_name
=
'asset_permissions'
,
blank
=
True
)
user_groups
=
models
.
ManyToManyField
(
UserGroup
,
related_name
=
'asset_permissions'
,
blank
=
True
)
user_groups
=
models
.
ManyToManyField
(
UserGroup
,
related_name
=
'asset_permissions'
,
blank
=
True
)
assets
=
models
.
ManyToManyField
(
Asset
,
related_name
=
'granted_by_permissions'
,
blank
=
True
)
assets
=
models
.
ManyToManyField
(
Asset
,
related_name
=
'granted_by_permissions'
,
blank
=
True
)
asset_groups
=
models
.
ManyToManyField
(
AssetGroup
,
related_name
=
'granted_by_permissions'
,
blank
=
True
)
asset_groups
=
models
.
ManyToManyField
(
AssetGroup
,
related_name
=
'granted_by_permissions'
,
blank
=
True
)
system_users
=
models
.
ManyToManyField
(
SystemUser
,
related_name
=
'granted_by_permissions'
)
system_users
=
models
.
ManyToManyField
(
SystemUser
,
related_name
=
'granted_by_permissions'
)
private_for
=
models
.
CharField
(
choices
=
PRIVATE_FOR_CHOICE
,
max_length
=
1
,
default
=
'N'
,
blank
=
True
,
#
private_for = models.CharField(choices=PRIVATE_FOR_CHOICE, max_length=1, default='N', blank=True,
verbose_name
=
_
(
'Private for'
))
#
verbose_name=_('Private for'))
is_active
=
models
.
BooleanField
(
default
=
True
,
verbose_name
=
_
(
'Active'
))
is_active
=
models
.
BooleanField
(
default
=
True
,
verbose_name
=
_
(
'Active'
))
date_expired
=
models
.
DateTimeField
(
default
=
date_expired_default
,
verbose_name
=
_
(
'Date expired'
))
date_expired
=
models
.
DateTimeField
(
default
=
date_expired_default
,
verbose_name
=
_
(
'Date expired'
))
created_by
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
verbose_name
=
_
(
'Created by'
))
created_by
=
models
.
CharField
(
max_length
=
128
,
blank
=
True
,
verbose_name
=
_
(
'Created by'
))
...
...
This diff is collapsed.
Click to expand it.
apps/perms/serializers.py
View file @
53e97dac
# -*- coding: utf-8 -*-
# -*- coding: utf-8 -*-
#
#
from
rest_framework
import
serializers
from
.models
import
AssetPermission
class
AssetPermissionSerializer
(
serializers
.
ModelSerializer
):
# users_amount = serializers.SerializerMethodField()
# user_groups_amount = serializers.SerializerMethodField()
# assets_amount = serializers.SerializerMethodField()
# asset_groups_amount = serializers.SerializerMethodField()
class
Meta
:
model
=
AssetPermission
fields
=
[
'id'
,
'name'
,
'users'
,
'user_groups'
,
'assets'
,
'asset_groups'
,
'system_users'
,
'is_active'
,
'comment'
,
'date_expired'
]
# @staticmethod
# def get_users_amount(obj):
# return obj.users.count()
#
# @staticmethod
# def get_user_groups_amount(obj):
# return obj.user_groups.count()
#
# @staticmethod
# def get_assets_amount(obj):
# return obj.assets.count()
#
# @staticmethod
# def get_asset_groups_amount(obj):
# return obj.asset_groups.count()
This diff is collapsed.
Click to expand it.
apps/perms/templates/perms/asset_permission_list.html
View file @
53e97dac
{% extends '_base_list.html' %}
{% extends '_base_list.html' %}
{% load i18n %}
{% load i18n %}
{% load static %}
{% load common_tags %}
{% load common_tags %}
{% block content_left_head %}
{% block custom_head_css_js %}
<a
href=
"{% url 'perms:asset-permission-create' %}"
class=
"btn btn-sm btn-primary "
>
{% trans "Create permission" %}
</a>
{{ block.super }}
{% endblock %}
<style>
div
.dataTables_wrapper
div
.dataTables_filter
,
.dataTables_length
{
float
:
right
!important
;
}
{% block table_head %}
div
.dataTables_wrapper
div
.dataTables_filter
{
<th
class=
"text-center"
>
margin-left
:
15px
;
<input
type=
"checkbox"
id=
"check_all"
onclick=
"checkAll('check_all', 'checked')"
>
}
</th>
</style>
<th
class=
"text-center"
><a
href=
"{% url 'perms:asset-permission-list' %}?sort=name"
>
{% trans 'Name' %}
</a></th>
<th
class=
"text-center"
>
{% trans 'User count' %}
</th>
<th
class=
"text-center"
>
{% trans 'User group count' %}
</th>
<th
class=
"text-center"
>
{% trans 'Asset count' %}
</th>
<th
class=
"text-center"
>
{% trans 'Asset group count' %}
</th>
<th
class=
"text-center"
>
{% trans 'System user count' %}
</th>
<th
class=
"text-center"
><a
href=
"{% url 'users:user-list' %}?sort=date_expired"
>
{% trans 'Is valid' %}
</a></th>
<th
class=
"text-center"
></th>
{% endblock %}
{% endblock %}
{% block table_search %}{% endblock %}
{% block table_body %}
{% block table_container %}
{% for asset_permission in asset_permission_list %}
<div
class=
"uc pull-left m-l-5 m-r-5"
>
<tr
class=
"gradeX"
>
<a
href=
"{% url 'perms:asset-permission-create' %}"
class=
"btn btn-sm btn-primary "
>
{% trans "Create permission" %}
</a>
<td
class=
"text-center"
>
</div>
<input
type=
"checkbox"
name=
"checked"
value=
"{{ asset_permission.id }}"
>
<table
class=
"table table-striped table-bordered table-hover "
id=
"asset-permission-list-table"
>
</td>
<thead>
<td
class=
"text-center"
>
<tr>
<a
href=
"{% url 'perms:asset-permission-detail' pk=asset_permission.id %}"
>
<th
class=
"text-center"
>
{{ asset_permission.name }}
<div
class=
"checkbox checkbox-default"
>
</a>
<input
type=
"checkbox"
class=
"ipt_check_all"
>
</td>
</div>
<td
class=
"text-center"
>
{{ asset_permission.users.count}}
</td>
</th>
<td
class=
"text-center"
>
{{ asset_permission.user_groups.count}}
</td>
<th
class=
"text-center"
>
{% trans 'Name' %}
</th>
<td
class=
"text-center"
>
{{ asset_permission.assets.count }}
</td>
<th
class=
"text-center"
>
{% trans 'User' %}
</th>
<td
class=
"text-center"
>
{{ asset_permission.asset_groups.count }}
</td>
<th
class=
"text-center"
>
{% trans 'User group' %}
</th>
<td
class=
"text-center"
>
{{ asset_permission.system_users.count }}
</td>
<th
class=
"text-center"
>
{% trans 'Asset' %}
</th>
<td
class=
"text-center"
>
<th
class=
"text-center"
>
{% trans 'Asset group' %}
</th>
{% if asset_permission.is_valid %}
<th
class=
"text-center"
>
{% trans 'System user' %}
</th>
<i
class=
"fa fa-check text-navy"
></i>
<th
class=
"text-center"
><a
href=
"{% url 'users:user-list' %}?sort=date_expired"
>
{% trans 'Is valid' %}
</a></th>
{% else %}
<th
class=
"text-center"
>
{% trans 'Action' %}
</th>
<i
class=
"fa fa-times text-danger"
></i>
</tr>
{% endif %}
</thead>
</td>
</table>
<td
class=
"text-center"
>
<a
href=
"{% url 'perms:asset-permission-update' pk=asset_permission.id %}"
class=
"btn btn-xs btn-info"
>
{% trans 'Update' %}
</a>
<a
href=
"{% url 'perms:asset-permission-delete' pk=asset_permission.id %}"
class=
"btn btn-xs btn-danger del"
>
{% trans 'Delete' %}
</a>
</td>
</tr>
{% endfor %}
{% endblock %}
{% endblock %}
{% block content_bottom_left %}
{% block custom_foot_js %}
<form
id=
""
method=
"get"
action=
""
class=
" mail-search"
>
<script>
<div
class=
"input-group"
>
<select
class=
"form-control m-b"
style=
"width: auto"
>
function
assetPermissionTableDraw
(
url
)
{
<option>
{% trans 'Delete selected' %}
</option>
var
options
=
{
<option>
{% trans 'Update selected' %}
</option>
ele
:
$
(
'#asset-permission-list-table'
),
<option>
{% trans 'Deactive selected' %}
</option>
buttons
:
[],
<option>
{% trans 'Export selected' %}
</option>
columnDefs
:
[
</select>
{
targets
:
1
,
createdCell
:
function
(
td
,
cellData
,
rowData
)
{
var
detail_btn
=
'<a href="{% url "perms:asset-permission-detail" pk=99991937 %}">'
+
cellData
+
'</a>'
;
$
(
td
).
html
(
detail_btn
.
replace
(
'99991937'
,
rowData
.
id
));
}},
{
targets
:
2
,
createdCell
:
function
(
td
,
cellData
)
{
if
(
cellData
)
{
$
(
td
).
html
(
cellData
.
length
)
}
}},
{
targets
:
3
,
createdCell
:
function
(
td
,
cellData
)
{
if
(
cellData
)
{
$
(
td
).
html
(
cellData
.
length
)
}
}},
{
targets
:
4
,
createdCell
:
function
(
td
,
cellData
)
{
if
(
cellData
)
{
$
(
td
).
html
(
cellData
.
length
)
}
}},
{
targets
:
5
,
createdCell
:
function
(
td
,
cellData
)
{
if
(
cellData
)
{
$
(
td
).
html
(
cellData
.
length
)
}
}},
{
targets
:
6
,
createdCell
:
function
(
td
,
cellData
)
{
if
(
cellData
)
{
$
(
td
).
html
(
cellData
.
length
)
}
}},
{
targets
:
7
,
createdCell
:
function
(
td
,
cellData
)
{
if
(
!
cellData
)
{
$
(
td
).
html
(
'<i class="fa fa-times text-danger"></i>'
)
}
else
{
$
(
td
).
html
(
'<i class="fa fa-check text-navy"></i>'
)
}
}},
{
targets
:
8
,
createdCell
:
function
(
td
,
cellData
,
rowData
)
{
var
detail_btn
=
'<a href="{% url "audits:proxy-log-detail" pk=99991937 %}" class="btn btn-xs btn-info">{% trans "Detail" %}</a>'
.
replace
(
'99991937'
,
cellData
);
var
delete_btn
=
'<a class="btn btn-xs btn-danger m-l-xs btn_delete" data-uid="99991937" data-name="99991938">{% trans "Delete" %}</a>'
.
replace
(
'99991937'
,
cellData
)
.
replace
(
'99991938'
,
rowData
.
name
);
$
(
td
).
html
(
detail_btn
+
delete_btn
)
}}
],
ajax_url
:
url
,
columns
:
[{
data
:
function
(){
return
""
}},
{
data
:
"name"
},
{
data
:
"users"
},
{
data
:
"user_groups"
},
{
data
:
"assets"
},
{
data
:
'asset_groups'
},
{
data
:
"system_users"
},
{
data
:
"is_active"
},
{
data
:
'id'
}],
op_html
:
$
(
'#actions'
).
html
()
};
jumpserver
.
initDataTable
(
options
);
}
<div
class=
"input-group-btn pull-left"
style=
"padding-left: 5px;"
>
function
searchAssetPermission
()
{
<button
id=
'search_btn'
type=
"submit"
style=
"height: 32px;"
class=
"btn btn-sm btn-primary"
>
var
value
=
$
(
'.dataTables_filter input'
).
val
();
{% trans 'Submit' %}
assetPermissionTableDraw
()
</button>
}
</div>
</div>
$
(
document
).
ready
(
function
(){
</form>
assetPermissionTableDraw
(
'{% url "perms:asset-permission-list-create-api" %}'
);
}).
on
(
'keyup'
,
'.dataTables_filter input'
,
function
()
{
searchAssetPermission
()
})
</script>
{% endblock %}
{% endblock %}
This diff is collapsed.
Click to expand it.
apps/perms/urls.py
View file @
53e97dac
...
@@ -22,7 +22,11 @@ urlpatterns = [
...
@@ -22,7 +22,11 @@ urlpatterns = [
]
]
urlpatterns
+=
[
urlpatterns
+=
[
url
(
r'^v1/asset-permission/$'
,
api
.
AssetPermissionListCreateApi
.
as_view
(),
name
=
'asset-permission-list-create-api'
),
url
(
r'^v1/user/assets/granted/$'
,
api
.
UserAssetsGrantedApi
.
as_view
(),
url
(
r'^v1/user/assets/granted/$'
,
api
.
UserAssetsGrantedApi
.
as_view
(),
name
=
'user-assets-granted'
),
name
=
'user-assets-granted'
),
url
(
r'^v1/user/asset-groups/granted/$'
,
api
.
UserAssetsGroupsGrantedApi
.
as_view
(),
name
=
'user-asset-groups-granted'
),
]
]
This diff is collapsed.
Click to expand it.
apps/perms/views.py
View file @
53e97dac
...
@@ -34,7 +34,6 @@ class AssetPermissionListView(AdminUserRequiredMixin, ListView):
...
@@ -34,7 +34,6 @@ class AssetPermissionListView(AdminUserRequiredMixin, ListView):
return
super
(
AssetPermissionListView
,
self
)
.
get_context_data
(
**
kwargs
)
return
super
(
AssetPermissionListView
,
self
)
.
get_context_data
(
**
kwargs
)
def
get_queryset
(
self
):
def
get_queryset
(
self
):
# Todo: Default order by lose asset connection num
self
.
queryset
=
super
(
AssetPermissionListView
,
self
)
.
get_queryset
()
self
.
queryset
=
super
(
AssetPermissionListView
,
self
)
.
get_queryset
()
self
.
keyword
=
keyword
=
self
.
request
.
GET
.
get
(
'keyword'
,
''
)
self
.
keyword
=
keyword
=
self
.
request
.
GET
.
get
(
'keyword'
,
''
)
self
.
sort
=
sort
=
self
.
request
.
GET
.
get
(
'sort'
,
'-date_created'
)
self
.
sort
=
sort
=
self
.
request
.
GET
.
get
(
'sort'
,
'-date_created'
)
...
...
This diff is collapsed.
Click to expand it.
apps/users/backends.py
View file @
53e97dac
...
@@ -81,8 +81,7 @@ class AccessTokenAuthentication(authentication.BaseAuthentication):
...
@@ -81,8 +81,7 @@ class AccessTokenAuthentication(authentication.BaseAuthentication):
user
=
get_object_or_none
(
User
,
id
=
user_id
)
user
=
get_object_or_none
(
User
,
id
=
user_id
)
if
not
user
:
if
not
user
:
msg
=
_
(
'Invalid token'
)
return
None
raise
exceptions
.
AuthenticationFailed
(
msg
)
remote_addr
=
request
.
META
.
get
(
'REMOTE_ADDR'
,
''
)
remote_addr
=
request
.
META
.
get
(
'REMOTE_ADDR'
,
''
)
remote_addr
=
base64
.
b16encode
(
remote_addr
)
.
replace
(
'='
,
''
)
remote_addr
=
base64
.
b16encode
(
remote_addr
)
.
replace
(
'='
,
''
)
...
...
This diff is collapsed.
Click to expand it.
apps/users/forms.py
View file @
53e97dac
...
@@ -108,7 +108,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
...
@@ -108,7 +108,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
def
save
(
self
,
commit
=
True
):
def
save
(
self
,
commit
=
True
):
self
.
instance
=
super
(
UserPrivateAssetPermissionForm
,
self
)
.
save
(
commit
=
commit
)
self
.
instance
=
super
(
UserPrivateAssetPermissionForm
,
self
)
.
save
(
commit
=
commit
)
self
.
instance
.
private_for
=
'U'
#
self.instance.private_for = 'U'
self
.
instance
.
users
=
[
self
.
user
]
self
.
instance
.
users
=
[
self
.
user
]
self
.
instance
.
save
()
self
.
instance
.
save
()
return
self
.
instance
return
self
.
instance
...
@@ -116,7 +116,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
...
@@ -116,7 +116,7 @@ class UserPrivateAssetPermissionForm(forms.ModelForm):
class
Meta
:
class
Meta
:
model
=
AssetPermission
model
=
AssetPermission
fields
=
[
fields
=
[
'assets'
,
'asset_groups'
,
'system_users'
,
'
private_for'
,
'
name'
,
'assets'
,
'asset_groups'
,
'system_users'
,
'name'
,
]
]
widgets
=
{
widgets
=
{
'assets'
:
forms
.
SelectMultiple
(
attrs
=
{
'class'
:
'select2'
,
'assets'
:
forms
.
SelectMultiple
(
attrs
=
{
'class'
:
'select2'
,
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment