Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
62c114d9
Unverified
Commit
62c114d9
authored
May 25, 2018
by
老广
Committed by
GitHub
May 25, 2018
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #1362 from jumpserver/dev
修改树形结构
parents
8470dce8
22a84d57
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
69 additions
and
37 deletions
+69
-37
node.py
apps/assets/models/node.py
+27
-14
settings.py
apps/jumpserver/settings.py
+5
-1
api.py
apps/perms/api.py
+1
-1
utils.py
apps/perms/utils.py
+31
-16
requirements.txt
requirements/requirements.txt
+5
-5
No files found.
apps/assets/models/node.py
View file @
62c114d9
...
...
@@ -65,15 +65,25 @@ class Node(models.Model):
key__regex
=
r'^{}:[0-9]+$'
.
format
(
self
.
key
)
)
def
get_children_with_self
(
self
):
return
self
.
__class__
.
objects
.
filter
(
key__regex
=
r'^{0}$|^{0}:[0-9]+$'
.
format
(
self
.
key
)
)
def
get_all_children
(
self
):
return
self
.
__class__
.
objects
.
filter
(
key__startswith
=
'{}:'
.
format
(
self
.
key
)
)
def
get_all_children_with_self
(
self
):
return
self
.
__class__
.
objects
.
filter
(
key__regex
=
r'^{0}$|^{0}:'
.
format
(
self
.
key
)
)
def
get_family
(
self
):
children
=
list
(
self
.
get_all_children
())
children
.
append
(
self
)
return
children
ancestor
=
self
.
ancestor
children
=
self
.
get_all_children
(
)
return
[
*
tuple
(
ancestor
),
self
,
*
tuple
(
children
)]
def
get_assets
(
self
):
from
.asset
import
Asset
...
...
@@ -88,7 +98,7 @@ class Node(models.Model):
if
self
.
is_root
():
assets
=
Asset
.
objects
.
all
()
else
:
nodes
=
self
.
get_
family
()
nodes
=
self
.
get_
all_children_with_self
()
assets
=
Asset
.
objects
.
filter
(
nodes__in
=
nodes
)
.
distinct
()
return
assets
...
...
@@ -108,18 +118,15 @@ class Node(models.Model):
@property
def
parent
(
self
):
if
self
.
key
==
"0"
:
return
self
.
__class__
.
root
()
elif
not
self
.
key
.
startswith
(
"0"
):
if
self
.
key
==
"0"
or
not
self
.
key
.
startswith
(
"0"
):
return
self
.
__class__
.
root
()
parent_key
=
":"
.
join
(
self
.
key
.
split
(
":"
)[:
-
1
])
try
:
parent
=
self
.
__class__
.
objects
.
get
(
key
=
parent_key
)
return
parent
except
Node
.
DoesNotExist
:
return
self
.
__class__
.
root
()
else
:
return
parent
@parent.setter
def
parent
(
self
,
parent
):
...
...
@@ -127,14 +134,20 @@ class Node(models.Model):
@property
def
ancestor
(
self
):
if
self
.
parent
==
self
.
__class__
.
root
():
_key
=
self
.
key
.
split
(
':'
)
ancestor_keys
=
[]
if
self
.
is_root
():
return
[
self
.
__class__
.
root
()]
else
:
return
[
self
.
parent
,
*
tuple
(
self
.
parent
.
ancestor
)]
for
i
in
range
(
len
(
_key
)
-
1
):
_key
.
pop
()
ancestor_keys
.
append
(
':'
.
join
(
_key
))
return
self
.
__class__
.
objects
.
filter
(
key__in
=
ancestor_keys
)
@property
def
ancestor_with_
node
(
self
):
ancestor
=
self
.
ancestor
def
ancestor_with_
self
(
self
):
ancestor
=
list
(
self
.
ancestor
)
ancestor
.
insert
(
0
,
self
)
return
ancestor
...
...
apps/jumpserver/settings.py
View file @
62c114d9
...
...
@@ -229,7 +229,11 @@ LOGGING = {
'django_auth_ldap'
:
{
'handlers'
:
[
'console'
,
'ansible_logs'
],
'level'
:
"INFO"
,
}
},
# 'django.db': {
# 'handlers': ['console', 'file'],
# 'level': 'DEBUG'
# }
}
}
...
...
apps/perms/api.py
View file @
62c114d9
...
...
@@ -41,7 +41,7 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
asset
=
get_object_or_404
(
Asset
,
pk
=
asset_id
)
permissions
=
set
(
queryset
.
filter
(
assets
=
asset
))
for
node
in
asset
.
nodes
.
all
():
inherit_nodes
.
update
(
set
(
node
.
ancestor_with_
node
))
inherit_nodes
.
update
(
set
(
node
.
ancestor_with_
self
))
elif
node_id
:
node
=
get_object_or_404
(
Node
,
pk
=
node_id
)
permissions
=
set
(
queryset
.
filter
(
nodes
=
node
))
...
...
apps/perms/utils.py
View file @
62c114d9
...
...
@@ -8,10 +8,35 @@ import copy
from
common.utils
import
set_or_append_attr_bulk
,
get_logger
from
.models
import
AssetPermission
from
.hands
import
Node
logger
=
get_logger
(
__file__
)
class
Tree
:
def
__init__
(
self
):
self
.
__all_nodes
=
list
(
Node
.
objects
.
all
())
self
.
nodes
=
defaultdict
(
dict
)
self
.
root
=
Node
.
root
()
def
add_node
(
self
,
node
):
if
node
in
self
.
nodes
:
return
else
:
self
.
nodes
[
node
]
=
defaultdict
(
set
)
if
node
.
key
==
self
.
root
.
key
:
return
parent_key
=
':'
.
join
(
node
.
key
.
split
(
':'
)[:
-
1
])
for
n
in
self
.
__all_nodes
:
if
n
.
key
==
parent_key
:
self
.
add_node
(
n
)
break
def
add_nodes
(
self
,
nodes
):
for
node
in
nodes
:
self
.
add_node
(
node
)
class
AssetPermissionUtil
:
@staticmethod
def
get_user_permissions
(
user
):
...
...
@@ -181,25 +206,15 @@ class AssetPermissionUtil:
:param user:
:return: {node: {asset: set(su1, su2)}}
"""
from
assets.models
import
Node
unnode
=
Node
(
value
=
'Unnode'
)
nodes
=
defaultdict
(
dict
)
for
_node
in
cls
.
get_user_nodes
(
user
):
children
=
_node
.
get_family
()
for
node
in
children
:
nodes
[
node
]
=
defaultdict
(
set
)
nodes
[
unnode
]
=
defaultdict
(
set
)
tree
=
Tree
()
_assets
=
cls
.
get_user_assets
(
user
)
for
asset
,
_system_users
in
_assets
.
items
():
_nodes
=
asset
.
get_nodes
()
in_node
=
False
tree
.
add_nodes
(
_nodes
)
for
node
in
_nodes
:
if
node
in
nodes
:
in_node
=
True
nodes
[
node
][
asset
]
.
update
(
_system_users
)
if
not
in_node
:
nodes
[
unnode
][
asset
]
.
update
(
_system_users
)
return
nodes
tree
.
nodes
[
node
][
asset
]
.
update
(
_system_users
)
return
tree
.
nodes
@classmethod
def
get_system_user_assets
(
cls
,
system_user
):
...
...
@@ -254,7 +269,7 @@ class NodePermissionUtil:
nodes
=
copy
.
deepcopy
(
nodes_directed
)
for
node
,
system_users
in
nodes_directed
.
items
():
for
child
in
node
.
get_
family
():
for
child
in
node
.
get_
all_children_with_self
():
nodes
[
child
]
.
update
(
system_users
)
return
nodes
...
...
requirements/requirements.txt
View file @
62c114d9
...
...
@@ -3,10 +3,10 @@ ansible==2.4.2.0
asn1crypto==0.24.0
bcrypt==3.1.4
billiard==3.5.0.3
boto3==1.6.
4
botocore==1.9.
4
boto3==1.6.
5
botocore==1.9.
5
celery==4.1.0
certifi==201
7.11.5
certifi==201
8.1.18
cffi==1.11.2
chardet==3.0.4
configparser==3.5.0
...
...
@@ -31,7 +31,7 @@ ecdsa==0.13
elasticsearch==6.1.1
enum-compat==0.0.2
ephem==3.7.6.0
eventlet==0.2
1.0
eventlet==0.2
2.1
ForgeryPy==0.1
greenlet==0.4.12
gunicorn==19.7.1
...
...
@@ -57,7 +57,7 @@ pyotp==2.2.6
PyNaCl==1.2.1
python-dateutil==2.6.1
python-gssapi==0.6.4
pytz==201
7
.3
pytz==201
8
.3
PyYAML==3.12
redis==2.10.6
requests==2.18.4
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment