[Abandon] ...

apps/assets/models/tree.py

 # -*- coding: utf-8 -*-
 #
+import uuid
 
 from django.db import models
 from django.utils.translation import ugettext_lazy as _
@@ -9,34 +10,35 @@ __all__ = ['Node']
 
 
 class Node(models.Model):
-    id = models.CharField(primary_key=True, max_length=64)  # '1:1:1:1'
-    name = models.CharField(max_length=128, unique=True, verbose_name=_("Name"))
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
+    key = models.CharField(unique=True, max_length=64, verbose_name=_("Key"))  # '1:1:1:1'
+    value = models.CharField(max_length=128, unique=True, verbose_name=_("Value"))
     child_mark = models.IntegerField(default=0)
     date_create = models.DateTimeField(auto_now_add=True)
 
     def __str__(self):
-        return self.name
+        return self.value
 
     @property
     def level(self):
-        return len(self.id.split(':'))
+        return len(self.key.split(':'))
 
-    def get_next_child_id(self):
+    def get_next_child_key(self):
         mark = self.child_mark
         self.child_mark += 1
         self.save()
-        return "{}:{}".format(self.id, mark)
+        return "{}:{}".format(self.key, mark)
 
-    def create_child(self, name):
-        child_id = self.get_next_child_id()
-        child = self.__class__.objects.create(id=child_id, name=name)
+    def create_child(self, value):
+        child_key = self.get_next_child_key()
+        child = self.__class__.objects.create(key=child_key, value=value)
         return child
 
     def get_children(self):
-        return self.__class__.objects.filter(id__regex=r'{}:[0-9]+$'.format(self.id))
+        return self.__class__.objects.filter(key__regex=r'{}:[0-9]+$'.format(self.key))
 
     def get_all_children(self):
-        return self.__class__.objects.filter(id__startswith='{}:'.format(self.id))
+        return self.__class__.objects.filter(key__startswith='{}:'.format(self.key))
 
     def get_assets(self):
         from .asset import Asset
@@ -53,6 +55,6 @@ class Node(models.Model):
     @classmethod
     def root(cls):
         obj, created = cls.objects.get_or_create(
-            id='0', defaults={"id": '0', 'name': "ROOT"}
+            key='0', defaults={"key": '0', 'value': "ROOT"}
         )
         return obj

apps/assets/serializers.py

@@ -323,19 +323,19 @@ class NodeSerializer(serializers.ModelSerializer):
 
     class Meta:
         model = Node
-        fields = ['id', 'name', 'parent']
+        fields = ['id', 'key', 'value', 'parent']
         list_serializer_class = BulkListSerializer
 
     @staticmethod
     def get_parent(obj):
-        if obj.id == "0":
+        if obj.key == "0":
             return "#"
-        if not obj.id.startswith("0"):
+        if not obj.key.startswith("0"):
             return "0"
-        return ":".join(obj.id.split(":")[:-1])
+        return ":".join(obj.key.split(":")[:-1])
 
     def get_fields(self):
         fields = super().get_fields()
-        field = fields["id"]
+        field = fields["key"]
         field.required = False
         return fields

apps/assets/templates/assets/label_list.html

@@ -38,7 +38,8 @@ function initTable() {
                 var update_btn = '<a href="{% url "assets:label-update" pk=DEFAULT_PK %}" class="btn btn-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
                 var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-delete" data-uid="{{ DEFAULT_PK }}">{% trans "Delete" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
                 $(td).html(update_btn + del_btn)
-             }}],
+             }}
+        ],
         ajax_url: '{% url "api-assets:label-list" %}?sort=name',
         columns: [
             {data: "id"}, {data: "name" }, {data: "value" },

apps/assets/templates/assets/tree.html

@@ -229,7 +229,7 @@
 		if (!parentNode){
 		    return
         }
-        var url = "{% url 'api-assets:node-children' pk='0:0' %}".replace("0:0", parentNode.id );
+        var url = "{% url 'api-assets:node-children' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", parentNode.id );
         $.post(url,  {}, function (data, status){
             if (status === "success") {
                 var newNode = { name:data["name"], id:data["id"],  pId: parentNode.id };
@@ -263,9 +263,8 @@
 	}
 
 	function onRenameNode(event, treeId, treeNode, isCancel){
-        console.log(treeNode);
-        var url = "{% url 'api-assets:node-detail' pk='0:0' %}".replace("0:0", treeNode.id);
-        var data = {"name": treeNode.name};
+        var url = "{% url 'api-assets:node-detail' pk=DEFAULT_PK %}".replace("{{ DEFAULT_PK }}", treeNode.id);
+        var data = {"value": treeNode.name};
         if (isCancel){
             return
         }
@@ -282,8 +281,6 @@
 		if (!current_node){
 		    return
         }
-        console.log("Edit tree");
-		console.log(current_node);
         zTree.editName(current_node);
     }
 
@@ -310,9 +307,10 @@
         $.get("{% url 'api-assets:node-list' %}", function(data, status){
             $.each(data, function (index, value) {
                 value["pId"] = value["parent"];
-                if (value["id"] === "0") {
+                if (value["key"] === "0") {
                     value["open"] = true;
                 }
+                value["name"] = value["value"]
             });
             zNodes = data;
             $.fn.zTree.init($("#assetTree"), setting, zNodes);

apps/assets/urls/api_urls.py

@@ -43,7 +43,7 @@ urlpatterns = [
         api.SystemUserPushApi.as_view(), name='system-user-push'),
     url(r'^v1/system-user/(?P<pk>[0-9a-zA-Z\-]{36})/connective/$',
         api.SystemUserTestConnectiveApi.as_view(), name='system-user-connective'),
-    url(r'^v1/nodes/(?P<pk>[0-9:]+)/children/$', api.NodeChildrenApi.as_view(), name='node-children'),
+    url(r'^v1/nodes/(?P<pk>[0-9a-zA-Z\-]{36})/children/$', api.NodeChildrenApi.as_view(), name='node-children'),
 ]
 
 urlpatterns += router.urls

apps/common/fields.py

@@ -6,6 +6,7 @@ from django import forms
 from django.utils import six
 from django.core.exceptions import ValidationError
 from django.utils.translation import ugettext as _
+from rest_framework import serializers
 
 
 class DictField(forms.Field):
@@ -36,3 +37,9 @@ class DictField(forms.Field):
         # Sometimes data or initial may be a string equivalent of a boolean
         # so we should run it through to_python first to get a boolean value
         return self.to_python(initial) != self.to_python(data)
+
+
+class StringIDField(serializers.Field):
+    def to_representation(self, value):
+        return {"pk": value.pk, "name": value.__str__()}
+

apps/perms/api.py

@@ -11,7 +11,7 @@ from users.permissions import IsValidUser, IsSuperUser, IsAppUser, IsSuperUserOr
 from .utils import get_user_granted_assets, get_user_granted_asset_groups, \
     get_user_asset_permissions, get_user_group_asset_permissions, \
     get_user_group_granted_assets, get_user_group_granted_asset_groups
-from .models import AssetPermission
+from .models import AssetPermission, NodePermission
 from .hands import AssetGrantedSerializer, User, UserGroup, AssetGroup, Asset, \
     AssetGroup, AssetGroupGrantedSerializer, SystemUser, MyAssetGroupGrantedSerializer
 from . import serializers
@@ -21,28 +21,33 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
     """
     资产授权列表的增删改查api
     """
-    queryset = AssetPermission.objects.all()
-    serializer_class = serializers.AssetPermissionSerializer
+    queryset = NodePermission.objects.all()
+    serializer_class = serializers.AssetPermissionCreateUpdateSerializer
     permission_classes = (IsSuperUser,)
 
-    def get_queryset(self):
-        queryset = super(AssetPermissionViewSet, self).get_queryset()
-        user_id = self.request.query_params.get('user', '')
-        user_group_id = self.request.query_params.get('user_group', '')
-
-        if user_id and user_id.isdigit():
-            user = get_object_or_404(User, id=int(user_id))
-            queryset = get_user_asset_permissions(user)
-
-        if user_group_id:
-            user_group = get_object_or_404(UserGroup, id=user_group_id)
-            queryset = get_user_group_asset_permissions(user_group)
-        return queryset
-
     def get_serializer_class(self):
-        if getattr(self, 'user_id', ''):
-            return serializers.UserAssetPermissionSerializer
-        return serializers.AssetPermissionSerializer
+        if self.action in ("list", 'retrieve'):
+            return serializers.AssetPermissionListSerializer
+        return self.serializer_class
+
+    # def get_queryset(self):
+    #     queryset = super(AssetPermissionViewSet, self).get_queryset()
+    #     user_id = self.request.query_params.get('user', '')
+    #     user_group_id = self.request.query_params.get('user_group', '')
+    #
+    #     if user_id and user_id.isdigit():
+    #         user = get_object_or_404(User, id=int(user_id))
+    #         queryset = get_user_asset_permissions(user)
+    #
+    #     if user_group_id:
+    #         user_group = get_object_or_404(UserGroup, id=user_group_id)
+    #         queryset = get_user_group_asset_permissions(user_group)
+    #     return queryset
+
+    # def get_serializer_class(self):
+    #     if getattr(self, 'user_id', ''):
+    #         return serializers.UserAssetPermissionCreateUpdateSerializer
+    #     return serializers.AssetPermissionCreateUpdateSerializer
 
 
 class AssetPermissionRemoveUserApi(RetrieveUpdateAPIView):

apps/perms/forms.py

@@ -4,94 +4,28 @@ from __future__ import absolute_import, unicode_literals
 from django import forms
 from django.utils.translation import ugettext_lazy as _
 
-# from .hands import User, UserGroup, Asset, AssetGroup, SystemUser
-from .models import AssetPermission
-from users.models import User
+from .models import NodePermission
 
 
 class AssetPermissionForm(forms.ModelForm):
-    users = forms.ModelMultipleChoiceField(
-        queryset=User.objects.exclude(role=User.ROLE_APP),
-        widget=forms.SelectMultiple(
-            attrs={'class': 'select2', 'data-placeholder': _('Select users')},
-        ),
-        label=_("User"),
-        required=False,
-    )
 
     class Meta:
-        model = AssetPermission
+        model = NodePermission
         fields = [
-            'name', 'users', 'user_groups', 'assets', 'asset_groups',
-            'system_users', 'is_active', 'date_expired', 'comment',
+            'node', 'user_group', 'system_user', 'is_active',
+            'date_expired', 'comment'
         ]
         widgets = {
-            'user_groups': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select user groups')}),
-            'assets': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select assets')}),
-            'asset_groups': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select asset groups')}),
-            'system_users': forms.SelectMultiple(
-                attrs={'class': 'select2',
-                       'data-placeholder': _('Select system users')}),
+            'node': forms.Select(
+                attrs={'class': 'select2', 'data-placeholder': _("Node")}
+            ),
+            'user_group': forms.Select(
+                attrs={'class': 'select2', 'data-placeholder': _("User group")}
+            ),
+            'system_user': forms.Select(
+                attrs={'class': 'select2', 'data-placeholder': _('System user')}
+            ),
         }
-        help_texts = {
-            'name': '* required',
-            'system_users': '* required',
-        }
-
-    def clean_user_groups(self):
-        users = self.cleaned_data.get('users')
-        user_groups = self.cleaned_data.get('user_groups')
-
-        if not users and not user_groups:
-            raise forms.ValidationError(_("User or group at least one required"))
-        return self.cleaned_data["user_groups"]
-
-    def clean_asset_groups(self):
-        assets = self.cleaned_data.get('assets')
-        asset_groups = self.cleaned_data.get('asset_groups')
-
-        if not assets and not asset_groups:
-            raise forms.ValidationError(_("Asset or group at least one required"))
-
-        return self.cleaned_data["asset_groups"]
-
-    def clean_system_users(self):
-        from assets.utils import check_assets_have_system_user
-
-        errors = []
-        assets = self.cleaned_data['assets']
-        asset_groups = self.cleaned_data.get('asset_groups')
-        system_users = self.cleaned_data.get('system_users')
-
-        if not asset_groups and not assets:
-            return self.cleaned_data.get("system_users")
-
-        error_data = check_assets_have_system_user(assets, system_users)
-        if error_data:
-            for asset, system_users in error_data.items():
-                msg = _("Asset {} of cluster {} not have [{}] system users, please check \n")
-                error = forms.ValidationError(msg.format(
-                        asset.hostname,
-                        asset.cluster.name,
-                        ", ".join(system_user.name for system_user in system_users)
-                ))
-                errors.append(error)
 
-        for group in asset_groups:
-            msg = _("Asset {}(group {}) of cluster {} not have [{}] system users, please check \n")
-            assets = group.assets.all()
-            error_data = check_assets_have_system_user(assets, system_users)
-            for asset, system_users in error_data.items():
-                errors.append(msg.format(
-                    asset.hostname, group.name, asset.cluster.name,
-                    ", ".join(system_user.name for system_user in system_users)
-                ))
-        if errors:
-            raise forms.ValidationError(errors)
-        return self.cleaned_data['system_users']
+    def clean_system_user(self):
+        return self.cleaned_data['system_user']

apps/perms/models.py

@@ -70,6 +70,7 @@ class AssetPermission(models.Model):
 
 
 class NodePermission(models.Model):
+    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
     node = models.ForeignKey('assets.Node', on_delete=models.CASCADE, verbose_name=_("Node"))
     user_group = models.ForeignKey('users.UserGroup', on_delete=models.CASCADE, verbose_name=_("User group"))
     system_user = models.ForeignKey('assets.SystemUser', on_delete=models.CASCADE, verbose_name=_("System user"))

apps/perms/serializers.py

@@ -4,40 +4,27 @@
 from django.utils.translation import ugettext_lazy as _
 from rest_framework import serializers
 from common.utils import get_object_or_none
-from .models import AssetPermission
-from .hands import User
+from common.fields import StringIDField
+from .models import AssetPermission, NodePermission
 
 
-class AssetPermissionSerializer(serializers.ModelSerializer):
-    assets_ = serializers.SerializerMethodField()
-    asset_groups_ = serializers.SerializerMethodField()
-    users_ = serializers.SerializerMethodField()
-    user_groups_ = serializers.SerializerMethodField()
-    system_users_ = serializers.SerializerMethodField()
-
+class AssetPermissionCreateUpdateSerializer(serializers.ModelSerializer):
     class Meta:
-        model = AssetPermission
-        fields = '__all__'
-
-    @staticmethod
-    def get_assets_(obj):
-        return [asset.hostname for asset in obj.assets.all()]
-
-    @staticmethod
-    def get_asset_groups_(obj):
-        return [group.name for group in obj.asset_groups.all()]
+        model = NodePermission
+        fields = [
+            'node', 'user_group', 'system_user',
+            'is_active', 'date_expired'
+        ]
 
-    @staticmethod
-    def get_users_(obj):
-        return [user.username for user in obj.users.all()]
 
-    @staticmethod
-    def get_user_groups_(obj):
-        return [group.name for group in obj.user_groups.all()]
+class AssetPermissionListSerializer(serializers.ModelSerializer):
+    node = StringIDField(read_only=True)
+    user_group = StringIDField(read_only=True)
+    system_user = StringIDField(read_only=True)
 
-    @staticmethod
-    def get_system_users_(obj):
-        return [user.username for user in obj.system_users.all()]
+    class Meta:
+        model = NodePermission
+        fields = '__all__'
 
 
 class AssetPermissionUpdateUserSerializer(serializers.ModelSerializer):
@@ -54,7 +41,7 @@ class AssetPermissionUpdateAssetSerializer(serializers.ModelSerializer):
         fields = ['id', 'assets']
 
 
-class UserAssetPermissionSerializer(AssetPermissionSerializer):
+class UserAssetPermissionCreateUpdateSerializer(AssetPermissionCreateUpdateSerializer):
     is_inherited = serializers.SerializerMethodField()
 
     @staticmethod

apps/perms/templates/perms/asset_permission_create_update.html

@@ -30,17 +30,10 @@
                     <div class="ibox-content">
                         <form method="post" class="form-horizontal" action="" >
                             {% csrf_token %}
-                            <h3>{% trans 'Name' %}</h3>
-                            {% bootstrap_field form.name layout="horizontal" %}
-                            <div class="hr-line-dashed"></div>
-                            <h3>{% trans 'User' %}</h3>
-                            {% bootstrap_field form.users layout="horizontal" %}
-                            {% bootstrap_field form.user_groups layout="horizontal" %}
-                            <div class="hr-line-dashed"></div>
-                            <h3>{% trans 'Asset' %}</h3>
-                            {% bootstrap_field form.assets layout="horizontal" %}
-                            {% bootstrap_field form.asset_groups layout="horizontal" %}
-                            {% bootstrap_field form.system_users layout="horizontal" %}
+                            <h3>{% trans 'Basic' %}</h3>
+                            {% bootstrap_field form.node layout="horizontal" %}
+                            {% bootstrap_field form.user_group layout="horizontal" %}
+                            {% bootstrap_field form.system_user layout="horizontal" %}
                             <div class="hr-line-dashed"></div>
                             <h3>{% trans 'Other' %}</h3>
                             <div class="form-group">
@@ -59,7 +52,7 @@
                                     </div>
                                     <span class="help-block ">{{ form.date_expired.errors }}</span>
                                 </div>
-                             </div>
+                            </div>
                             {% bootstrap_field form.comment layout="horizontal" %}
 
                             <div class="form-group">

apps/perms/templates/perms/asset_permission_list.html

@@ -6,7 +6,6 @@
 
 {% block help_message %}
     <div class="alert alert-info help-message">
-    提前规划好集群中的系统用户，授权时选择的资产(组内资产)必须存在该系统用户，否则可能无法成功登录
     </div>
 {% endblock %}
 
@@ -20,15 +19,13 @@
     <thead>
     <tr>
       <th class="text-center">
-          <input type="checkbox" id="check_all" class="ipt_check_all" >
+            <input type="checkbox" id="check_all" class="ipt_check_all" >
       </th>
-      <th class="text-center">{% trans 'Name' %}</th>
-      <th class="text-center">{% trans 'User' %}</th>
+      <th class="text-center">{% trans 'Node' %}</th>
       <th class="text-center">{% trans 'User group' %}</th>
-      <th class="text-center">{% trans 'Asset' %}</th>
-      <th class="text-center">{% trans 'Asset group' %}</th>
       <th class="text-center">{% trans 'System user' %}</th>
-      <th class="text-center">{% trans 'Is valid' %}</th>
+      <th class="text-center">{% trans 'Is active' %}</th>
+      <th class="text-center">{% trans 'Date expired' %}</th>
       <th class="text-center">{% trans 'Action' %}</th>
     </tr>
     </thead>
@@ -43,38 +40,27 @@ function initTable() {
     var options = {
         ele: $('#permission_list_table'),
         columnDefs: [
-            {targets: 1, createdCell: function (td, cellData, rowData) {
-                var detail_btn = '<a href="{% url "perms:asset-permission-detail" pk=DEFAULT_PK %}">' + cellData + '</a>';
-                $(td).html(detail_btn.replace('{{ DEFAULT_PK }}', rowData.id));
+            {targets: 1, createdCell: function (td, cellData) {
+                var html = '<a href="">' + cellData.name + '</a>';
+                $(td).html(html)
             }},
             {targets: 2, createdCell: function (td, cellData) {
-                var html = createPopover(cellData);
-                $(td).html(html);
+                var html = '<a href="">' + cellData.name + '</a>';
+                $(td).html(html)
             }},
             {targets: 3, createdCell: function (td, cellData) {
-                var html = createPopover(cellData);
-                $(td).html(html);
+                var html = '<a href="">' + cellData.name + '</a>';
+                $(td).html(html)
             }},
             {targets: 4, createdCell: function (td, cellData) {
-                var html = createPopover(cellData);
-                $(td).html(html);
-            }},
-            {targets: 5, createdCell: function (td, cellData) {
-                var html = createPopover(cellData);
-                $(td).html(html);
-            }},
-            {targets: 6, createdCell: function (td, cellData) {
-                var html = createPopover(cellData);
-                $(td).html(html);
-            }},
-            {targets: 7, createdCell: function (td, cellData) {
                 if (!cellData) {
 					$(td).html('<i class="fa fa-times text-danger"></i>')
 				} else {
 					$(td).html('<i class="fa fa-check text-navy"></i>')
 				}
             }},
-            {targets: 8, createdCell: function (td, cellData, rowData) {
+
+            {targets: 6, createdCell: function (td, cellData, rowData) {
                 var update_btn = '<a href="{% url "perms:asset-permission-update" pk=DEFAULT_PK %}" class="btn btn-xs m-l-xs btn-info">{% trans "Update" %}</a>'.replace('{{ DEFAULT_PK }}', cellData);
                 var del_btn = '<a class="btn btn-xs btn-danger m-l-xs btn-del" data-uid="{{ DEFAULT_PK }}" data-name="99991938">{% trans "Delete" %}</a>'
                     .replace('{{ DEFAULT_PK }}', cellData)
@@ -85,16 +71,12 @@ function initTable() {
         ],
         ajax_url: '{% url "api-perms:asset-permission-list" %}',
         columns: [
-            {data: "id" }, {data: "name"}, {data: "users_" }, {data: "user_groups_" }, {data: "assets_" },
-            {data: "asset_groups_"}, {data: "system_users_"}, {data: "is_active"},  {data: "id" }
+            {data: "id"}, {data: "node"}, {data: "user_group" }, {data: "system_user"},
+            {data: "is_active"}, {data: "date_expired"}, {data: "id"}
         ],
         op_html: $('#actions').html()
     };
-    jumpserver.initDataTable(options).on('daw', function () {
-        $('[data-toggle="popover"]').popover({
-            html: true
-        });
-    });
+    jumpserver.initDataTable(options)
 }
 
 $(document).ready(function(){

apps/perms/views.py

@@ -5,21 +5,20 @@ from __future__ import unicode_literals, absolute_import
 from django.utils.translation import ugettext as _
 from django.conf import settings
 from django.views.generic import ListView, CreateView, UpdateView
-from django.views.generic.edit import DeleteView, FormView
+from django.views.generic.edit import DeleteView
 from django.urls import reverse_lazy
 from django.contrib.messages.views import SuccessMessageMixin
 from django.views.generic.detail import DetailView, SingleObjectMixin
-from django.contrib import messages
 
 from common.const import create_success_msg, update_success_msg
 from .hands import AdminUserRequiredMixin, User, UserGroup, SystemUser, \
     Asset, AssetGroup
-from .models import AssetPermission
+from .models import AssetPermission, NodePermission
 from .forms import AssetPermissionForm
 
 
 class AssetPermissionListView(AdminUserRequiredMixin, ListView):
-    model = AssetPermission
+    model = NodePermission
     context_object_name = 'asset_permission_list'
     template_name = 'perms/asset_permission_list.html'
 
@@ -32,12 +31,11 @@ class AssetPermissionListView(AdminUserRequiredMixin, ListView):
         return super().get_context_data(**kwargs)
 
 
-class AssetPermissionCreateView(AdminUserRequiredMixin, SuccessMessageMixin, CreateView):
-    model = AssetPermission
+class AssetPermissionCreateView(AdminUserRequiredMixin, CreateView):
+    model = NodePermission
     form_class = AssetPermissionForm
     template_name = 'perms/asset_permission_create_update.html'
     success_url = reverse_lazy('perms:asset-permission-list')
-    success_message = create_success_msg
 
     def get_context_data(self, **kwargs):
         context = {
@@ -48,12 +46,11 @@ class AssetPermissionCreateView(AdminUserRequiredMixin, SuccessMessageMixin, Cre
         return super().get_context_data(**kwargs)
 
 
-class AssetPermissionUpdateView(AdminUserRequiredMixin, SuccessMessageMixin, UpdateView):
-    model = AssetPermission
+class AssetPermissionUpdateView(AdminUserRequiredMixin, UpdateView):
+    model = NodePermission
     form_class = AssetPermissionForm
     template_name = 'perms/asset_permission_create_update.html'
     success_url = reverse_lazy("perms:asset-permission-list")
-    success_message = update_success_msg
 
     def get_context_data(self, **kwargs):
         context = {