Merge pull request #2991 from jumpserver/dev

Dev

apps/jumpserver/conf.py

@@ -378,6 +378,7 @@ defaults = {
     'LOGIN_LOG_KEEP_DAYS': 90,
     'ASSETS_PERM_CACHE_TIME': 3600*24,
     'SECURITY_MFA_VERIFY_TTL': 3600,
+    'ASSETS_PERM_CACHE_ENABLE': False,
 }
 
 

apps/jumpserver/settings.py

@@ -610,6 +610,7 @@ EMAIL_SUFFIX = CONFIG.EMAIL_SUFFIX
 LOGIN_LOG_KEEP_DAYS = CONFIG.LOGIN_LOG_KEEP_DAYS
 
 # User or user group permission cache time, default 3600 seconds
+ASSETS_PERM_CACHE_ENABLE = CONFIG.ASSETS_PERM_CACHE_ENABLE
 ASSETS_PERM_CACHE_TIME = CONFIG.ASSETS_PERM_CACHE_TIME
 
 # Asset user auth external backend, default AuthBook backend

apps/perms/api/mixin.py

@@ -28,6 +28,8 @@ def get_etag(request, *args, **kwargs):
     cache_policy = request.GET.get("cache_policy")
     if cache_policy != '1':
         return None
+    if not UserPermissionCacheMixin.CACHE_ENABLE:
+        return None
     view = request.parser_context.get("view")
     if not view:
         return None
@@ -38,6 +40,7 @@ def get_etag(request, *args, **kwargs):
 class UserPermissionCacheMixin:
     cache_policy = '0'
     RESP_CACHE_KEY = '_PERMISSION_RESPONSE_CACHE_V2_{}'
+    CACHE_ENABLE = settings.ASSETS_PERM_CACHE_ENABLE
     CACHE_TIME = settings.ASSETS_PERM_CACHE_TIME
     _object = None
 
@@ -111,7 +114,10 @@ class UserPermissionCacheMixin:
 
     @method_decorator(condition(etag_func=get_etag))
     def get(self, request, *args, **kwargs):
-        self.cache_policy = request.GET.get('cache_policy', '0')
+        if not self.CACHE_ENABLE:
+            self.cache_policy = '0'
+        else:
+            self.cache_policy = request.GET.get('cache_policy', '0')
 
         obj = self._get_object()
         if obj is None: