Finish user detail

f70abec5 · ibuler · 69f2bf66 · f70abec5 · f70abec5 · f70abec5
Commit f70abec5 authored Nov 10, 2016 by ibuler
12 changed files
--- a/apps/assets/serializers.py
+++ b/apps/assets/serializers.py
@@ -6,17 +6,17 @@ from common.mixins import BulkDeleteApiMixin
 from rest_framework_bulk import BulkListSerializer, BulkSerializerMixin
-class AssetSerializer(BulkSerializerMixin, serializers.ModelSerializer):
-    class Meta(object):
-        model = Asset
-        list_serializer_class = BulkListSerializer
 class AssetGroupSerializer(serializers.ModelSerializer):
+    assets_amount = serializers.SerializerMethodField()
+    assets = serializers.PrimaryKeyRelatedField(many=True, read_only=True)
    class Meta:
        model = AssetGroup
+    @staticmethod
+    def get_assets_amount(obj):
+        return obj.assets.count()
 class AdminUserSerializer(serializers.ModelSerializer):
    class Meta:
@@ -31,6 +31,7 @@ class AdminUserSerializer(serializers.ModelSerializer):
 class SystemUserSerializer(serializers.ModelSerializer):
    class Meta:
        model = SystemUser
+        exclude = ('_password', '_private_key', '_public_key')
    def get_field_names(self, declared_fields, info):
        fields = super(SystemUserSerializer, self).get_field_names(declared_fields, info)
@@ -38,6 +39,37 @@ class SystemUserSerializer(serializers.ModelSerializer):
        return fields
+class AssetSerializer(BulkSerializerMixin, serializers.ModelSerializer):
+    system_users = SystemUserSerializer(many=True, read_only=True)
+    admin_user = AdminUserSerializer(many=False, read_only=True)
+    class Meta(object):
+        model = Asset
+        list_serializer_class = BulkListSerializer
+class AssetGrantedSerializer(serializers.ModelSerializer):
+    system_users = SystemUserSerializer(many=True, read_only=True)
+    is_inherited = serializers.SerializerMethodField()
+    system_users_join = serializers.SerializerMethodField()
+    class Meta(object):
+        model = Asset
+        fields = ("id", "hostname", "ip", "port", "system_users", "is_inherited",
+                  "is_active", "system_users_join", "comment")
+    @staticmethod
+    def get_is_inherited(obj):
+        if getattr(obj, 'inherited', ''):
+            return True
+        else:
+            return False
+    @staticmethod
+    def get_system_users_join(obj):
+        return ', '.join([system_user.username for system_user in obj.system_users.all()])
 class IDCSerializer(serializers.ModelSerializer):
    assets_amount = serializers.SerializerMethodField()

--- a/apps/jumpserver/settings.py
+++ b/apps/jumpserver/settings.py
@@ -284,6 +284,19 @@ BROKER_URL = 'redis://%(password)s%(host)s:%(port)s/3' % {
 }
 CELERY_RESULT_BACKEND = BROKER_URL
+# Cache use redis
+CACHES = {
+    'default': {
+        'BACKEND': 'redis_cache.RedisCache',
+        'LOCATION': 'redis://%(password)s%(host)s:%(port)s/4' % {
+            'password': CONFIG.REDIS_PASSWORD + '@' if CONFIG.REDIS_PASSWORD else '',
+            'host': CONFIG.REDIS_HOST or '127.0.0.1',
+            'port': CONFIG.REDIS_PORT or 6379,
+        }
+    }
+}
 # Captcha settings, more see https://django-simple-captcha.readthedocs.io/en/latest/advanced.html
 CAPTCHA_IMAGE_SIZE = (75, 33)
 CAPTCHA_FOREGROUND_COLOR = '#001100'

--- a/apps/perms/api.py
+++ b/apps/perms/api.py
@@ -2,13 +2,13 @@
 # 
 from rest_framework.views import APIView, Response
-from rest_framework.generics import ListCreateAPIView
+from rest_framework.generics import ListAPIView
 from rest_framework import viewsets
 from users.backends import IsValidUser, IsSuperUser
 from common.utils import get_object_or_none
 from .utils import get_user_granted_assets, get_user_granted_asset_groups, get_user_asset_permissions
 from .models import AssetPermission
-from .hands import User
+from .hands import AssetGrantedSerializer, User, AssetGroup, Asset, AssetGroup
 from . import serializers
@@ -21,7 +21,6 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
        queryset = super(AssetPermissionViewSet, self).get_queryset()
        user_id = self.request.query_params.get('user', '')
        if user_id and user_id.isdigit():
-            from users.models import User
            self.user_id = user_id
            user = get_object_or_none(User, id=int(user_id))
            if user:
@@ -43,12 +42,8 @@ class RevokeUserAssetPermission(APIView):
        user_id = str(request.data.get('user_id', ''))
        if permission_id and user_id and permission_id.isdigit() and user_id.isdigit():
-            permission_id = int(permission_id)
+            asset_permission = get_object_or_none(AssetPermission, id=int(permission_id))
-            user_id = int(user_id)
+            user = get_object_or_none(User, id=int(user_id))
-            asset_permission = get_object_or_none(AssetPermission, id=permission_id)
-            user = get_object_or_none(User, id=user_id)
-            print(asset_permission)
-            print(user)
            if asset_permission and user:
                asset_permission.users.remove(user)
@@ -56,33 +51,16 @@ class RevokeUserAssetPermission(APIView):
        return Response({'msg': 'failed'}, status=404)
-class UserAssetsApi(APIView):
+class UserAssetsApi(ListAPIView):
    permission_classes = (IsValidUser,)
+    serializer_class = AssetGrantedSerializer
-    def get(self, request, *args, **kwargs):
+    def get_queryset(self):
-        assets_json = []
+        user = self.request.user
-        user = request.user
        if user:
-            assets = get_user_granted_assets(user)
+            queryset = get_user_granted_assets(user)
+            return queryset
-            for asset, system_users in assets.items():
+        return []
-                assets_json.append({
-                    'id': asset.id,
-                    'hostname': asset.hostname,
-                    'ip': asset.ip,
-                    'port': asset.port,
-                    'system_users': [
-                        {
-                            'id': system_user.id,
-                            'name': system_user.name,
-                            'username': system_user.username,
-                        } for system_user in system_users
-                    ],
-                    'comment': asset.comment
-                })
-        return Response(assets_json, status=200)
 class UserAssetsGroupsApi(APIView):
@@ -97,46 +75,31 @@ class UserAssetsGroupsApi(APIView):
            for asset in assets:
                for asset_group in asset.groups.all():
                    if asset_group.id in asset_groups:
-                        asset_groups[asset_group.id]['asset_num'] += 1
+                        asset_groups[asset_group.id]['asset_amount'] += 1
                    else:
                        asset_groups[asset_group.id] = {
                            'id': asset_group.id,
                            'name': asset_group.name,
                            'comment': asset_group.comment,
-                            'asset_num': 1
+                            'asset_amount': 1
                        }
        asset_groups_json = asset_groups.values()
        return Response(asset_groups_json, status=200)
-class UserAssetsGroupAssetsApi(APIView):
+class UserAssetsGroupAssetsApi(ListAPIView):
    permission_classes = (IsValidUser,)
+    serializer_class = AssetGrantedSerializer
-    def get(self, request, *args, **kwargs):
+    def get_queryset(self):
-        # asset_group_id = request.query_params.get('asset_group_id', -1)
+        queryset = []
-        asset_group_id = kwargs.get('pk', -1)
+        asset_group_id = self.kwargs.get('pk', -1)
-        # asset_group_name = request.query_params.get('asset_group_name', '')
+        user = self.request.user
-        user = request.user
+        asset_group = get_object_or_none(AssetGroup, id=asset_group_id)
-        assets_json = []
-        if user:
+        if user and asset_group:
            assets = get_user_granted_assets(user)
-            for asset, system_users in assets.items():
+            for asset in assets:
-                for asset_group in asset.groups.all():
+                if asset_group in asset.groups.all():
-                    if str(asset_group.id) == asset_group_id: # and asset_group.name == asset_group_name:
+                    queryset.append(asset)
-                        assets_json.append({
+        return queryset
-                            'id': asset.id,
-                            'hostname': asset.hostname,
-                            'ip': asset.ip,
-                            'port': asset.port,
-                            'system_users': [
-                                {
-                                    'id': system_user.id,
-                                    'name': system_user.name,
-                                    'username': system_user.username,
-                                } for system_user in system_users
-                                ],
-                            'comment': asset.comment
-                        })
-        return Response(assets_json, status=200)
--- a/apps/perms/hands.py
+++ b/apps/perms/hands.py
@@ -4,6 +4,7 @@
 from users.utils import AdminUserRequiredMixin
 from users.models import User, UserGroup
 from assets.models import Asset, AssetGroup, SystemUser
+from assets.serializers import AssetGrantedSerializer
 def associate_system_users_with_assets(system_users, assets, asset_groups):

--- a/apps/perms/urls.py
+++ b/apps/perms/urls.py
@@ -26,11 +26,11 @@ router = routers.DefaultRouter()
 router.register('v1/asset-permissions', api.AssetPermissionViewSet, 'api-asset-permission')
 urlpatterns += [
-    url(r'^v1/user/assets/$', api.UserAssetsApi.as_view(), name='user-assets'),
+    url(r'^v1/user/assets/$', api.UserAssetsApi.as_view(), name='api-user-assets'),
    url(r'^v1/asset-permissions/user/revoke/', api.RevokeUserAssetPermission.as_view(),
        name='revoke-user-asset-permission'),
-    url(r'^v1/user/asset-groups/$', api.UserAssetsGroupsApi.as_view(), name='user-asset-groups'),
+    url(r'^v1/user/asset-groups/$', api.UserAssetsGroupsApi.as_view(), name='api-user-asset-groups'),
-    url(r'^v1/user/asset-groups/(?P<pk>[0-9]+)/assets/$', api.UserAssetsGroupAssetsApi.as_view(),
+    url(r'^v1/user/asset-group/(?P<pk>[0-9]+)/assets/$', api.UserAssetsGroupAssetsApi.as_view(),
        name='user-asset-groups-assets'),
 ]

--- a/apps/perms/utils.py
+++ b/apps/perms/utils.py
@@ -8,7 +8,7 @@ def get_user_group_granted_asset_groups(user_group):
    """Return asset groups granted of the user group
     :param user_group: Instance of :class: ``UserGroup``
-     :return: {asset_group1: {system_user1, }, asset_group2: {system_user1, system_user2]}
+     :return: {asset_group1: {system_user1, }, asset_group2: {system_user1, system_user2}}
    """
    asset_groups = {}
    asset_permissions = user_group.asset_permissions.all()
@@ -21,7 +21,6 @@ def get_user_group_granted_asset_groups(user_group):
                asset_groups[asset_group] |= set(asset_permission.system_users.all())
            else:
                asset_groups[asset_group] = set(asset_permission.system_users.all())
    return asset_groups
@@ -61,7 +60,7 @@ def get_user_granted_asset_groups_direct(user):
            if asset_group in asset_groups:
                asset_groups[asset_group] |= set(asset_permission.system_users.all())
            else:
-                setattr(asset_group, 'is_inherit_from_user_group', False)
+                setattr(asset_group, 'inherited', False)
                asset_groups[asset_group] = set(asset_permission.system_users.all())
    return asset_groups
@@ -89,7 +88,7 @@ def get_user_granted_asset_groups_inherit_from_user_groups(user):
            if asset_group in asset_groups:
                asset_groups[asset_group] |= set(asset_permission.system_users.all())
            else:
-                setattr(asset_group, 'is_inherit_from_user_group', True)
+                setattr(asset_group, 'inherited', True)
                asset_groups[asset_group] = set(asset_permission.system_users.all())
    return asset_groups
@@ -131,10 +130,8 @@ def get_user_granted_assets_direct(user):
            if asset in assets:
                assets[asset] |= set(asset_permission.system_users.all())
            else:
-                setattr(asset, 'is_inherit_from_user_groups', False)
+                setattr(asset, 'inherited', False)
-                setattr(asset, 'is_inherit_from_user_groups', False)
                assets[asset] = set(asset_permission.system_users.all())
    return assets
@@ -153,7 +150,7 @@ def get_user_granted_assets_inherit_from_user_groups(user):
            if asset in assets:
                assets[asset] |= assets_inherited[asset]
            else:
-                setattr(asset, 'is_inherit_from_user_groups', True)
+                setattr(asset, 'inherited', True)
                assets[asset] = assets_inherited[asset]
    return assets

--- a/apps/users/backends.py
+++ b/apps/users/backends.py
@@ -78,6 +78,7 @@ class AccessTokenAuthentication(authentication.BaseAuthentication):
    def authenticate_credentials(self, token, request):
        user_id = cache.get(token)
+        print('Auth id: %s' % user_id)
        user = get_object_or_none(User, id=user_id)
        if not user:
@@ -87,7 +88,6 @@ class AccessTokenAuthentication(authentication.BaseAuthentication):
        remote_addr = base64.b16encode(remote_addr).replace('=', '')
        cache.set(token, user_id, self.expiration)
        cache.set('%s_%s' % (user.id, remote_addr), token, self.expiration)
        return user, None

--- a/apps/users/templates/users/user_asset_permission.html
+++ b/apps/users/templates/users/user_asset_permission.html
@@ -28,16 +28,6 @@
                            <li>
                                <a href="{% url 'users:user-login-history' pk=user.id %}" class="text-center"><i class="fa fa-calculator-o"></i> {% trans 'Login history' %}</a>
                            </li>
-                            <form id="search_form" method="get" action="" class="pull-right mail-search">
-                            <div class="input-group">
-                                <input type="text" class="form-control input-sm" name="keyword" placeholder="Search" value="{{ keyword }}">
-                                <div class="input-group-btn">
-                                    <button id="search_btn" type="submit" class="btn btn-sm btn-primary">
-                                        搜索
-                                    </button>
-                                </div>
-                            </div>
-                            </form>
                        </ul>
                    </div>
                    <div class="tab-content">
@@ -86,38 +76,38 @@
                                    <i class="fa fa-info-circle"></i> {% trans 'Quick create permission for user' %}
                                </div>
                                <div class="panel-body">
-{#                                    <form method="post" action="{% url 'users:user-asset-permission-create' pk=user.id %}">#}
+                                    <form method="post" action="{% url 'users:user-asset-permission-create' pk=user.id %}">
-{#                                        <table class="table">#}
+                                        <table class="table">
-{#                                            <tbody>#}
+                                            <tbody>
-{#                                                {% csrf_token %}#}
+                                                {% csrf_token %}
-{#                                                <tr class="no-borders-tr">#}
+                                                <tr class="no-borders-tr">
-{#                                                    <td colspan="1" style="padding-top: 0">#}
+                                                    <td colspan="1" style="padding-top: 0">
-{#                                                        {{ form.name|bootstrap }}#}
+                                                        {{ form.name|bootstrap }}
-{#                                                    </td>#}
+                                                    </td>
-{#                                                </tr>#}
+                                                </tr>
-{#                                                <tr class="no-borders-tr">#}
+                                                <tr class="no-borders-tr">
-{#                                                    <td colspan="1" style="padding-top: 0">#}
+                                                    <td colspan="1" style="padding-top: 0">
-{#                                                        {{ form.assets|bootstrap }}#}
+                                                        {{ form.assets|bootstrap }}
-{#                                                    </td>#}
+                                                    </td>
-{#                                                </tr>#}
+                                                </tr>
-{#                                                <tr class="no-borders-tr">#}
+                                                <tr class="no-borders-tr">
-{#                                                    <td colspan="1" style="padding-top: 0">#}
+                                                    <td colspan="1" style="padding-top: 0">
-{#                                                        {{ form.asset_groups|bootstrap }}#}
+                                                        {{ form.asset_groups|bootstrap }}
-{#                                                    </td>#}
+                                                    </td>
-{#                                                </tr>#}
+                                                </tr>
-{#                                                <tr class="no-borders-tr">#}
+                                                <tr class="no-borders-tr">
-{#                                                    <td colspan="1" style="padding-top: 0">#}
+                                                    <td colspan="1" style="padding-top: 0">
-{#                                                        {{ form.system_users|bootstrap }}#}
+                                                        {{ form.system_users|bootstrap }}
-{#                                                    </td>#}
+                                                    </td>
-{#                                                </tr>#}
+                                                </tr>
-{#                                                <tr class="no-borders-tr">#}
+                                                <tr class="no-borders-tr">
-{#                                                    <td>#}
+                                                    <td>
-{#                                                        <button type="submit" class="btn btn-primary btn-sm">{% trans 'Submit' %}</button>#}
+                                                        <button type="submit" class="btn btn-primary btn-sm">{% trans 'Submit' %}</button>
-{#                                                    </td>#}
+                                                    </td>
-{#                                                </tr>#}
+                                                </tr>
-{#                                            </tbody>#}
+                                            </tbody>
-{#                                        </table>#}
+                                        </table>
-{#                                    </form>#}
+                                    </form>
                                </div>
                            </div>
                        </div>

--- a/apps/users/templates/users/user_granted_asset.html
+++ b/apps/users/templates/users/user_granted_asset.html
--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@@ -19,9 +19,9 @@ urlpatterns = [
    url(r'^user/(?P<pk>[0-9]+)$', views.UserDetailView.as_view(), name='user-detail'),
    url(r'^user/(?P<pk>[0-9]+)/asset-permission$', views.UserAssetPermissionView.as_view(),
        name='user-asset-permission'),
-    # url(r'^user/(?P<pk>[0-9]+)/asset-permission/create$', views.UserAssetPermissionCreateView.as_view(),
+    url(r'^user/(?P<pk>[0-9]+)/asset-permission/create$', views.UserAssetPermissionCreateView.as_view(),
-    #     name='user-asset-permission-create'),
+        name='user-asset-permission-create'),
-    url(r'^user/(?P<pk>[0-9]+)/granted-asset', views.UserGrantedAssetView.as_view(), name='user-granted-asset'),
+    url(r'^user/(?P<pk>[0-9]+)/assets', views.UserGrantedAssetView.as_view(), name='user-granted-asset'),
    url(r'^user/(?P<pk>[0-9]+)/login-history', views.UserDetailView.as_view(), name='user-login-history'),
    url(r'^first-login/$', views.UserFirstLoginView.as_view(), name='user-first-login'),
    url(r'^import/$', views.BulkImportUserView.as_view(), name='user-import'),

--- a/apps/users/views.py
+++ b/apps/users/views.py
@@ -341,33 +341,15 @@ class UserFirstLoginView(LoginRequiredMixin, SessionWizardView):
        return form
-class UserAssetPermissionView(AdminUserRequiredMixin, DetailView):
+class UserAssetPermissionView(AdminUserRequiredMixin, FormMixin, SingleObjectMixin, ListView):
    model = User
    template_name = 'users/user_asset_permission.html'
    context_object_name = 'user'
+    form_class = forms.UserPrivateAssetPermissionForm
-    # form_class = forms.UserPrivateAssetPermissionForm
+    def get(self, request, *args, **kwargs):
+        self.object = self.get_object(queryset=User.objects.all())
-    # def get(self, request, *args, **kwargs):
+        return super(UserAssetPermissionView, self).get(request, *args, **kwargs)
-    #     self.object = self.get_object(queryset=User.objects.all())
-    #     return super(UserAssetPermissionView, self).get(request, *args, **kwargs)
-    # def get_asset_permission_inherit_from_user_group(self):
-    #     asset_permissions = set()
-    #     user_groups = self.object.groups.all()
-    #
-    #     for user_group in user_groups:
-    #         for asset_permission in user_group.asset_permissions.all():
-    #             setattr(asset_permission, 'is_inherit_from_user_groups', True)
-    #             setattr(asset_permission, 'inherit_from_user_groups',
-    #                     getattr(asset_permission, b'inherit_from_user_groups', set()).add(user_group))
-    #             asset_permissions.add(asset_permission)
-    #     return asset_permissions
-    #
-    # def get_queryset(self):
-    #     asset_permissions = set(self.object.asset_permissions.all()) \
-    #         | self.get_asset_permission_inherit_from_user_group()
-    #     return list(asset_permissions)
    def get_context_data(self, **kwargs):
        context = {
@@ -403,31 +385,19 @@ class UserAssetPermissionCreateView(AdminUserRequiredMixin, CreateView):
        return reverse('users:user-asset-permission', kwargs={'pk': self.user_object.id})
-class UserGrantedAssetView(AdminUserRequiredMixin, SingleObjectMixin, ListView):
+class UserGrantedAssetView(AdminUserRequiredMixin, DetailView):
-    paginate_by = settings.CONFIG.DISPLAY_PER_PAGE
+    model = User
    template_name = 'users/user_granted_asset.html'
-    context_object_name = 'user_object'
+    context_object_name = 'user'
    def get(self, request, *args, **kwargs):
        self.object = self.get_object(queryset=User.objects.all())
        return super(UserGrantedAssetView, self).get(request, *args, **kwargs)
-    def get_queryset(self):
-        # Convert format from {'asset': ['system_users'], ..} to
-        #     [('asset', ['system_users']), ('asset', ['system_users']))
-        # assets_granted = [(asset, system_users) for asset, system_users in
-        #                   get_user_granted_assets(self.object).items()]
-        # return assets_granted
-        return []
    def get_context_data(self, **kwargs):
-        # asset_groups = [(asset_group, system_users) for asset_group, system_users in
-        #                 get_user_granted_asset_groups(self.object).items()]
        context = {
            'app': 'User',
            'action': 'User granted asset',
-            # 'asset_groups': asset_groups,
        }
        kwargs.update(context)
        return super(UserGrantedAssetView, self).get_context_data(**kwargs)

--- a/requirements.txt
+++ b/requirements.txt
@@ -12,3 +12,4 @@ django-formtools==1.0
 sshpubkeys==2.2.0
 djangorestframework-bulk==0.2.1
 paramiko==2.0.2
+django-redis-cache==1.7.1