7x31
/
cmdb
mirror of https://github.com/veops/cmdb.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix: permission management

This commit is contained in:
pycook 2020-03-13 10:30:21 +08:00
parent e720b7af66
commit 2cce2d5cf2
4 changed files with 21 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@ -55,7 +55,7 @@ There are various ways of installing CMDB.
- cache: redis - cache: redis
- python: python2.7, >=python3.6 - python: python2.7, >=python3.6
### install ### Install
- Start mysql, redis - Start mysql, redis
- Create mysql database: cmdb - Create mysql database: cmdb
- Pull code - Pull code
@ -101,6 +101,14 @@ There are various ways of installing CMDB.
- start API: ```make api``` - start API: ```make api```
- start UI: ```make ui``` - start UI: ```make ui```
- start worker: ```make worker``` - start worker: ```make worker```
## Contributing
1. Fork it
1. Create your feature branch (`git checkout -b my-feature`)
1. Commit your changes (`git commit -am 'Add some feature'`)
1. Push to the branch (`git push origin my-feature`)
1. Create new Pull Request
## DEMO ## DEMO

3
cmdb-api/api/lib/perm/acl/resource.py
View File

@ -68,6 +68,9 @@ class ResourceTypeCRUD(object):
def delete(cls, rt_id): def delete(cls, rt_id):
rt = ResourceType.get_by_id(rt_id) or abort(404, "ResourceType <{0}> is not found".format(rt_id)) rt = ResourceType.get_by_id(rt_id) or abort(404, "ResourceType <{0}> is not found".format(rt_id))
if Resource.get_by(resource_type_id=rt_id):
return abort(400, "At least one instance of this type exists and cannot be deleted")
cls.update_perms(rt_id, [], rt.app_id) cls.update_perms(rt_id, [], rt.app_id)
rt.soft_delete() rt.soft_delete()

9
cmdb-api/api/lib/perm/acl/role.py
View File

@ -47,7 +47,7 @@ class RoleRelationCRUD(object):
def get_child_ids(rid): def get_child_ids(rid):
res = RoleRelation.get_by(parent_id=rid, to_dict=False) res = RoleRelation.get_by(parent_id=rid, to_dict=False)
return [i.parent_id for i in res] return [i.child_id for i in res]
@classmethod @classmethod
def recursive_parent_ids(cls, rid): def recursive_parent_ids(cls, rid):
@ -77,10 +77,13 @@ class RoleRelationCRUD(object):
return all_child_ids return all_child_ids
@staticmethod @classmethod
def add(parent_id, child_id): def add(cls, parent_id, child_id):
RoleRelation.get_by(parent_id=parent_id, child_id=child_id) and abort(400, "It's already existed") RoleRelation.get_by(parent_id=parent_id, child_id=child_id) and abort(400, "It's already existed")
if parent_id in cls.recursive_child_ids(child_id):
return abort(400, "Circulation inheritance!!!")
RoleRelationCache.clean(parent_id) RoleRelationCache.clean(parent_id)
RoleRelationCache.clean(child_id) RoleRelationCache.clean(child_id)

3
cmdb-api/api/lib/perm/acl/user.py
View File

@ -75,6 +75,9 @@ class UserCRUD(object):
@classmethod @classmethod
def delete(cls, uid): def delete(cls, uid):
if uid == g.user.uid:
return abort(400, "You cannot delete yourself")
user = User.get_by(uid=uid, to_dict=False, first=True) or abort(404, "User <{0}> does not exist".format(uid)) user = User.get_by(uid=uid, to_dict=False, first=True) or abort(404, "User <{0}> does not exist".format(uid))
UserCache.clean(user) UserCache.clean(user)