Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
J
jumpserver
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
ops
jumpserver
Commits
8afd5ef9
Commit
8afd5ef9
authored
7 years ago
by
ibuler
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[Merge] 修改一下bug
parent
2f395794
master
auditor_jym
audits
dev
dev_beta
dev_beta_db
gengmei
node_service
password
rbac
test
v52
wph
1.5.2
1.5.1
1.5.0
1.4.10
1.4.9
1.4.8
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.1
v1.4.10
v1.4.7
v1.4.4
No related merge requests found
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
36 additions
and
37 deletions
+36
-37
urls.py
apps/jumpserver/urls.py
+14
-17
views.py
apps/jumpserver/views.py
+1
-1
mixins.py
apps/orgs/mixins.py
+9
-2
api.py
apps/perms/api.py
+5
-7
forms.py
apps/perms/forms.py
+1
-2
models.py
apps/perms/models.py
+4
-1
asset_permission_list.html
apps/perms/templates/perms/asset_permission_list.html
+0
-2
views.py
apps/perms/views.py
+2
-5
No files found.
apps/jumpserver/urls.py
View file @
8afd5ef9
...
@@ -31,7 +31,7 @@ schema_view = get_schema_view(
...
@@ -31,7 +31,7 @@ schema_view = get_schema_view(
public
=
True
,
public
=
True
,
permission_classes
=
(
permissions
.
AllowAny
,),
permission_classes
=
(
permissions
.
AllowAny
,),
)
)
api_url_pattern
=
re
.
compile
(
r'^/api/(?P<
app>\w+)/(?P<version
>\w+)/(?P<extra>.*)$'
)
api_url_pattern
=
re
.
compile
(
r'^/api/(?P<
version>\w+)/(?P<app
>\w+)/(?P<extra>.*)$'
)
class
HttpResponseTemporaryRedirect
(
HttpResponse
):
class
HttpResponseTemporaryRedirect
(
HttpResponse
):
...
@@ -43,12 +43,12 @@ class HttpResponseTemporaryRedirect(HttpResponse):
...
@@ -43,12 +43,12 @@ class HttpResponseTemporaryRedirect(HttpResponse):
@csrf_exempt
@csrf_exempt
def
redirect_
old_
format_api
(
request
,
*
args
,
**
kwargs
):
def
redirect_format_api
(
request
,
*
args
,
**
kwargs
):
path
,
query
=
request
.
path
,
request
.
GET
.
urlencode
()
path
,
query
=
request
.
path
,
request
.
GET
.
urlencode
()
matched
=
api_url_pattern
.
match
(
path
)
matched
=
api_url_pattern
.
match
(
path
)
if
matched
:
if
matched
:
app
,
version
,
extra
=
matched
.
groups
()
version
,
app
,
extra
=
matched
.
groups
()
path
=
'/api/{
version}/{app
}/{extra}?{query}'
.
format
(
**
{
path
=
'/api/{
app}/{version
}/{extra}?{query}'
.
format
(
**
{
"app"
:
app
,
"version"
:
version
,
"extra"
:
extra
,
"app"
:
app
,
"version"
:
version
,
"extra"
:
extra
,
"query"
:
query
"query"
:
query
})
})
...
@@ -58,14 +58,14 @@ def redirect_old_format_api(request, *args, **kwargs):
...
@@ -58,14 +58,14 @@ def redirect_old_format_api(request, *args, **kwargs):
v1_api_patterns
=
[
v1_api_patterns
=
[
url
(
r'^users/'
,
include
(
'users.urls.api_urls'
,
namespace
=
'api-users'
)),
url
(
r'^users/
v1/
'
,
include
(
'users.urls.api_urls'
,
namespace
=
'api-users'
)),
url
(
r'^assets/'
,
include
(
'assets.urls.api_urls'
,
namespace
=
'api-assets'
)),
url
(
r'^assets/
v1/
'
,
include
(
'assets.urls.api_urls'
,
namespace
=
'api-assets'
)),
url
(
r'^perms/'
,
include
(
'perms.urls.api_urls'
,
namespace
=
'api-perms'
)),
url
(
r'^perms/
v1/
'
,
include
(
'perms.urls.api_urls'
,
namespace
=
'api-perms'
)),
url
(
r'^terminal/'
,
include
(
'terminal.urls.api_urls'
,
namespace
=
'api-terminal'
)),
url
(
r'^terminal/
v1/
'
,
include
(
'terminal.urls.api_urls'
,
namespace
=
'api-terminal'
)),
url
(
r'^ops/'
,
include
(
'ops.urls.api_urls'
,
namespace
=
'api-ops'
)),
url
(
r'^ops/
v1/
'
,
include
(
'ops.urls.api_urls'
,
namespace
=
'api-ops'
)),
url
(
r'^audits/'
,
include
(
'audits.urls.api_urls'
,
namespace
=
'api-audits'
)),
url
(
r'^audits/
v1/
'
,
include
(
'audits.urls.api_urls'
,
namespace
=
'api-audits'
)),
url
(
r'^orgs/'
,
include
(
'orgs.urls.api_urls'
,
namespace
=
'api-orgs'
)),
url
(
r'^orgs/
v1/
'
,
include
(
'orgs.urls.api_urls'
,
namespace
=
'api-orgs'
)),
url
(
r'^common/'
,
include
(
'common.urls.api_urls'
,
namespace
=
'api-common'
)),
url
(
r'^common/
v1/
'
,
include
(
'common.urls.api_urls'
,
namespace
=
'api-common'
)),
]
]
app_view_patterns
=
[
app_view_patterns
=
[
...
@@ -84,17 +84,14 @@ urlpatterns = [
...
@@ -84,17 +84,14 @@ urlpatterns = [
url
(
r'^luna/'
,
LunaView
.
as_view
(),
name
=
'luna-error'
),
url
(
r'^luna/'
,
LunaView
.
as_view
(),
name
=
'luna-error'
),
url
(
r'^settings/'
,
include
(
'common.urls.view_urls'
,
namespace
=
'settings'
)),
url
(
r'^settings/'
,
include
(
'common.urls.view_urls'
,
namespace
=
'settings'
)),
url
(
r'^common/'
,
include
(
'common.urls.view_urls'
,
namespace
=
'common'
)),
url
(
r'^common/'
,
include
(
'common.urls.view_urls'
,
namespace
=
'common'
)),
url
(
r'^api/v1/
'
,
include
(
v1_api_patterns
)
),
url
(
r'^api/v1/
.*'
,
redirect_format_api
),
url
(
r'^api/
(?P<app>.*)/v1/.*'
,
redirect_old_format_api
),
url
(
r'^api/
'
,
include
(
v1_api_patterns
)
),
# Api url view map
# Api url view map
# External apps url
# External apps url
url
(
r'^captcha/'
,
include
(
'captcha.urls'
)),
url
(
r'^captcha/'
,
include
(
'captcha.urls'
)),
]
]
urlpatterns
+=
app_view_patterns
urlpatterns
+=
app_view_patterns
# urlpatterns = wrapper_patterns_with_org(urlpatterns)
urlpatterns
+=
static
(
settings
.
MEDIA_URL
,
document_root
=
settings
.
MEDIA_ROOT
)
\
urlpatterns
+=
static
(
settings
.
MEDIA_URL
,
document_root
=
settings
.
MEDIA_ROOT
)
\
+
static
(
settings
.
STATIC_URL
,
document_root
=
settings
.
STATIC_ROOT
)
+
static
(
settings
.
STATIC_URL
,
document_root
=
settings
.
STATIC_ROOT
)
...
...
This diff is collapsed.
Click to expand it.
apps/jumpserver/views.py
View file @
8afd5ef9
...
@@ -22,7 +22,7 @@ class IndexView(AdminUserRequiredMixin, TemplateView):
...
@@ -22,7 +22,7 @@ class IndexView(AdminUserRequiredMixin, TemplateView):
session_month_dates_archive
=
[]
session_month_dates_archive
=
[]
def
dispatch
(
self
,
request
,
*
args
,
**
kwargs
):
def
dispatch
(
self
,
request
,
*
args
,
**
kwargs
):
if
not
request
.
user
.
is_org_admin
:
if
not
request
.
user
.
is_
authenticated
or
not
request
.
user
.
is_
org_admin
:
return
redirect
(
'assets:user-asset-list'
)
return
redirect
(
'assets:user-asset-list'
)
return
super
(
IndexView
,
self
)
.
dispatch
(
request
,
*
args
,
**
kwargs
)
return
super
(
IndexView
,
self
)
.
dispatch
(
request
,
*
args
,
**
kwargs
)
...
...
This diff is collapsed.
Click to expand it.
apps/orgs/mixins.py
View file @
8afd5ef9
...
@@ -10,14 +10,15 @@ from django.forms import ModelForm
...
@@ -10,14 +10,15 @@ from django.forms import ModelForm
from
django.http.response
import
HttpResponseForbidden
from
django.http.response
import
HttpResponseForbidden
from
common.utils
import
get_logger
from
common.utils
import
get_logger
from
.utils
import
current_org
,
set_current_org
from
.utils
import
current_org
,
set_current_org
,
set_to_root_org
from
.models
import
Organization
from
.models
import
Organization
logger
=
get_logger
(
__file__
)
logger
=
get_logger
(
__file__
)
tl
=
local
()
tl
=
local
()
__all__
=
[
__all__
=
[
'OrgManager'
,
'OrgViewGenericMixin'
,
'OrgModelMixin'
,
'OrgModelForm'
'OrgManager'
,
'OrgViewGenericMixin'
,
'OrgModelMixin'
,
'OrgModelForm'
,
'RootOrgViewMixin'
,
]
]
...
@@ -85,6 +86,12 @@ class OrgViewGenericMixin:
...
@@ -85,6 +86,12 @@ class OrgViewGenericMixin:
return
super
()
.
dispatch
(
request
,
*
args
,
**
kwargs
)
return
super
()
.
dispatch
(
request
,
*
args
,
**
kwargs
)
class
RootOrgViewMixin
:
def
dispatch
(
self
,
request
,
*
args
,
**
kwargs
):
set_to_root_org
()
return
super
()
.
dispatch
(
request
,
*
args
,
**
kwargs
)
class
OrgModelForm
(
ModelForm
):
class
OrgModelForm
(
ModelForm
):
def
__init__
(
self
,
*
args
,
**
kwargs
):
def
__init__
(
self
,
*
args
,
**
kwargs
):
super
()
.
__init__
(
*
args
,
**
kwargs
)
super
()
.
__init__
(
*
args
,
**
kwargs
)
...
...
This diff is collapsed.
Click to expand it.
apps/perms/api.py
View file @
8afd5ef9
...
@@ -9,6 +9,7 @@ from rest_framework.pagination import LimitOffsetPagination
...
@@ -9,6 +9,7 @@ from rest_framework.pagination import LimitOffsetPagination
from
common.utils
import
set_or_append_attr_bulk
,
get_object_or_none
from
common.utils
import
set_or_append_attr_bulk
,
get_object_or_none
from
common.permissions
import
IsValidUser
,
IsOrgAdmin
,
IsOrgAdminOrAppUser
from
common.permissions
import
IsValidUser
,
IsOrgAdmin
,
IsOrgAdminOrAppUser
from
orgs.mixins
import
RootOrgViewMixin
from
.utils
import
AssetPermissionUtil
from
.utils
import
AssetPermissionUtil
from
.models
import
AssetPermission
from
.models
import
AssetPermission
from
.hands
import
AssetGrantedSerializer
,
User
,
UserGroup
,
Asset
,
Node
,
\
from
.hands
import
AssetGrantedSerializer
,
User
,
UserGroup
,
Asset
,
Node
,
\
...
@@ -86,7 +87,7 @@ class UserGrantedAssetsApi(ListAPIView):
...
@@ -86,7 +87,7 @@ class UserGrantedAssetsApi(ListAPIView):
return
super
()
.
get_permissions
()
return
super
()
.
get_permissions
()
class
UserGrantedNodesApi
(
ListAPIView
):
class
UserGrantedNodesApi
(
RootOrgViewMixin
,
ListAPIView
):
permission_classes
=
(
IsOrgAdmin
,)
permission_classes
=
(
IsOrgAdmin
,)
serializer_class
=
NodeSerializer
serializer_class
=
NodeSerializer
...
@@ -101,13 +102,12 @@ class UserGrantedNodesApi(ListAPIView):
...
@@ -101,13 +102,12 @@ class UserGrantedNodesApi(ListAPIView):
return
nodes
.
keys
()
return
nodes
.
keys
()
def
get_permissions
(
self
):
def
get_permissions
(
self
):
set_current_org
(
Organization
.
root
())
if
self
.
kwargs
.
get
(
'pk'
)
is
None
:
if
self
.
kwargs
.
get
(
'pk'
)
is
None
:
self
.
permission_classes
=
(
IsValidUser
,)
self
.
permission_classes
=
(
IsValidUser
,)
return
super
()
.
get_permissions
()
return
super
()
.
get_permissions
()
class
UserGrantedNodesWithAssetsApi
(
ListAPIView
):
class
UserGrantedNodesWithAssetsApi
(
RootOrgViewMixin
,
ListAPIView
):
permission_classes
=
(
IsOrgAdminOrAppUser
,)
permission_classes
=
(
IsOrgAdminOrAppUser
,)
serializer_class
=
NodeGrantedSerializer
serializer_class
=
NodeGrantedSerializer
...
@@ -131,13 +131,12 @@ class UserGrantedNodesWithAssetsApi(ListAPIView):
...
@@ -131,13 +131,12 @@ class UserGrantedNodesWithAssetsApi(ListAPIView):
return
queryset
return
queryset
def
get_permissions
(
self
):
def
get_permissions
(
self
):
set_current_org
(
Organization
.
root
())
if
self
.
kwargs
.
get
(
'pk'
)
is
None
:
if
self
.
kwargs
.
get
(
'pk'
)
is
None
:
self
.
permission_classes
=
(
IsValidUser
,)
self
.
permission_classes
=
(
IsValidUser
,)
return
super
()
.
get_permissions
()
return
super
()
.
get_permissions
()
class
UserGrantedNodeAssetsApi
(
ListAPIView
):
class
UserGrantedNodeAssetsApi
(
RootOrgViewMixin
,
ListAPIView
):
permission_classes
=
(
IsOrgAdminOrAppUser
,)
permission_classes
=
(
IsOrgAdminOrAppUser
,)
serializer_class
=
AssetGrantedSerializer
serializer_class
=
AssetGrantedSerializer
...
@@ -158,7 +157,6 @@ class UserGrantedNodeAssetsApi(ListAPIView):
...
@@ -158,7 +157,6 @@ class UserGrantedNodeAssetsApi(ListAPIView):
return
assets
return
assets
def
get_permissions
(
self
):
def
get_permissions
(
self
):
set_current_org
(
Organization
.
root
())
if
self
.
kwargs
.
get
(
'pk'
)
is
None
:
if
self
.
kwargs
.
get
(
'pk'
)
is
None
:
self
.
permission_classes
=
(
IsValidUser
,)
self
.
permission_classes
=
(
IsValidUser
,)
return
super
()
.
get_permissions
()
return
super
()
.
get_permissions
()
...
@@ -241,7 +239,7 @@ class UserGroupGrantedNodeAssetsApi(ListAPIView):
...
@@ -241,7 +239,7 @@ class UserGroupGrantedNodeAssetsApi(ListAPIView):
return
assets
return
assets
class
ValidateUserAssetPermissionView
(
APIView
):
class
ValidateUserAssetPermissionView
(
RootOrgViewMixin
,
APIView
):
permission_classes
=
(
IsOrgAdminOrAppUser
,)
permission_classes
=
(
IsOrgAdminOrAppUser
,)
@staticmethod
@staticmethod
...
...
This diff is collapsed.
Click to expand it.
apps/perms/forms.py
View file @
8afd5ef9
...
@@ -29,8 +29,7 @@ class AssetPermissionForm(OrgModelForm):
...
@@ -29,8 +29,7 @@ class AssetPermissionForm(OrgModelForm):
return
return
users_field
=
self
.
fields
.
get
(
'users'
)
users_field
=
self
.
fields
.
get
(
'users'
)
if
hasattr
(
users_field
,
'queryset'
):
if
hasattr
(
users_field
,
'queryset'
):
# users_field.queryset = User.objects.filter(orgs=current_org)
users_field
.
queryset
=
current_org
.
get_org_users
()
users_field
.
queryset
=
current_org
.
get_org_users
()
.
exclude
(
role
=
User
.
ROLE_APP
)
class
Meta
:
class
Meta
:
model
=
AssetPermission
model
=
AssetPermission
...
...
This diff is collapsed.
Click to expand it.
apps/perms/models.py
View file @
8afd5ef9
...
@@ -25,7 +25,7 @@ class AssetPermissionManager(OrgManager):
...
@@ -25,7 +25,7 @@ class AssetPermissionManager(OrgManager):
class
AssetPermission
(
OrgModelMixin
):
class
AssetPermission
(
OrgModelMixin
):
id
=
models
.
UUIDField
(
default
=
uuid
.
uuid4
,
primary_key
=
True
)
id
=
models
.
UUIDField
(
default
=
uuid
.
uuid4
,
primary_key
=
True
)
name
=
models
.
CharField
(
max_length
=
128
,
unique
=
True
,
verbose_name
=
_
(
'Name'
))
name
=
models
.
CharField
(
max_length
=
128
,
verbose_name
=
_
(
'Name'
))
users
=
models
.
ManyToManyField
(
'users.User'
,
related_name
=
'asset_permissions'
,
blank
=
True
,
verbose_name
=
_
(
"User"
))
users
=
models
.
ManyToManyField
(
'users.User'
,
related_name
=
'asset_permissions'
,
blank
=
True
,
verbose_name
=
_
(
"User"
))
user_groups
=
models
.
ManyToManyField
(
'users.UserGroup'
,
related_name
=
'asset_permissions'
,
blank
=
True
,
verbose_name
=
_
(
"User group"
))
user_groups
=
models
.
ManyToManyField
(
'users.UserGroup'
,
related_name
=
'asset_permissions'
,
blank
=
True
,
verbose_name
=
_
(
"User group"
))
assets
=
models
.
ManyToManyField
(
'assets.Asset'
,
related_name
=
'granted_by_permissions'
,
blank
=
True
,
verbose_name
=
_
(
"Asset"
))
assets
=
models
.
ManyToManyField
(
'assets.Asset'
,
related_name
=
'granted_by_permissions'
,
blank
=
True
,
verbose_name
=
_
(
"Asset"
))
...
@@ -40,6 +40,9 @@ class AssetPermission(OrgModelMixin):
...
@@ -40,6 +40,9 @@ class AssetPermission(OrgModelMixin):
objects
=
AssetPermissionManager
.
from_queryset
(
AssetPermissionQuerySet
)()
objects
=
AssetPermissionManager
.
from_queryset
(
AssetPermissionQuerySet
)()
class
Meta
:
unique_together
=
[(
'org_id'
,
'name'
)]
def
__str__
(
self
):
def
__str__
(
self
):
return
self
.
name
return
self
.
name
...
...
This diff is collapsed.
Click to expand it.
apps/perms/templates/perms/asset_permission_list.html
View file @
8afd5ef9
...
@@ -250,12 +250,10 @@ function initTree() {
...
@@ -250,12 +250,10 @@ function initTree() {
value
[
"iconSkin"
]
=
value
[
"is_node"
]
?
null
:
'file'
;
value
[
"iconSkin"
]
=
value
[
"is_node"
]
?
null
:
'file'
;
});
});
zNodes
=
data
;
zNodes
=
data
;
{
#
$
.
fn
.
zTree
.
init
(
$
(
"#assetTree"
),
setting
);
#
}
$
.
fn
.
zTree
.
init
(
$
(
"#assetTree"
),
setting
,
zNodes
);
$
.
fn
.
zTree
.
init
(
$
(
"#assetTree"
),
setting
,
zNodes
);
zTree
=
$
.
fn
.
zTree
.
getZTreeObj
(
"assetTree"
);
zTree
=
$
.
fn
.
zTree
.
getZTreeObj
(
"assetTree"
);
var
root
=
zTree
.
getNodes
()[
0
];
var
root
=
zTree
.
getNodes
()[
0
];
zTree
.
expandNode
(
root
);
zTree
.
expandNode
(
root
);
{
#
selectQueryNode
();
#
}
});
});
}
}
...
...
This diff is collapsed.
Click to expand it.
apps/perms/views.py
View file @
8afd5ef9
...
@@ -3,7 +3,7 @@
...
@@ -3,7 +3,7 @@
from
__future__
import
unicode_literals
,
absolute_import
from
__future__
import
unicode_literals
,
absolute_import
from
django.utils.translation
import
ugettext
as
_
from
django.utils.translation
import
ugettext
as
_
from
django.views.generic
import
ListView
,
CreateView
,
UpdateView
,
DetailView
from
django.views.generic
import
ListView
,
CreateView
,
UpdateView
,
DetailView
,
TemplateView
from
django.views.generic.edit
import
DeleteView
,
SingleObjectMixin
from
django.views.generic.edit
import
DeleteView
,
SingleObjectMixin
from
django.urls
import
reverse_lazy
from
django.urls
import
reverse_lazy
from
django.conf
import
settings
from
django.conf
import
settings
...
@@ -15,11 +15,8 @@ from .models import AssetPermission
...
@@ -15,11 +15,8 @@ from .models import AssetPermission
from
.forms
import
AssetPermissionForm
from
.forms
import
AssetPermissionForm
class
AssetPermissionListView
(
AdminUserRequiredMixin
,
ListView
):
class
AssetPermissionListView
(
AdminUserRequiredMixin
,
TemplateView
):
model
=
AssetPermission
template_name
=
'perms/asset_permission_list.html'
template_name
=
'perms/asset_permission_list.html'
paginate_by
=
settings
.
DISPLAY_PER_PAGE
user
=
user_group
=
asset
=
node
=
system_user
=
q
=
""
def
get_context_data
(
self
,
**
kwargs
):
def
get_context_data
(
self
,
**
kwargs
):
context
=
{
context
=
{
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment