def get_queryset(self):
queryset = super().get_queryset()
if current_org.is_real():
queryset = queryset.filter(created_by=current_org.id)
else:
queryset = queryset.filter(created_by='')
return queryset
def perform_create(self, serializer):
users = serializer.save()
if isinstance(users, User):
users = [users]
if current_org and current_org.is_real():
current_org.users.add(*users)
self.send_created_signal(users)
def get_queryset(self):
queryset = super().get_queryset()
if current_org.is_real():
queryset = queryset.filter(created_by=current_org.id)
else:
queryset = queryset.filter(created_by='')
return queryset
def perform_create(self, serializer):
validated_data = serializer.validated_data
if isinstance(validated_data, list):
org_roles = [item.pop('org_role', None) for item in validated_data]
else:
org_roles = [validated_data.pop('org_role', None)]
users = serializer.save()
if isinstance(users, User):
users = [users]
if current_org and current_org.is_real():
mapper = {
ORG_ROLE.USER: [],
ORG_ROLE.ADMIN: [],
ORG_ROLE.AUDITOR: []
}
for user, role in zip(users, org_roles):
if role in mapper:
mapper[role].append(user)
else:
mapper[ORG_ROLE.USER].append(user)
OrganizationMember.objects.set_users_by_role(
current_org,
users=mapper[ORG_ROLE.USER],
admins=mapper[ORG_ROLE.ADMIN],
auditors=mapper[ORG_ROLE.AUDITOR])
self.send_created_signal(users)
def form_valid(self, form):
user = form.save(commit=False)
user.created_by = self.request.user.username or 'System'
user.save()
if current_org and current_org.is_real():
user.orgs.add(current_org.id)
post_user_create.send(self.__class__, user=user)
return super().form_valid(form)
def get_queryset(self):
queryset = super().get_queryset()
if current_org.is_real():
queryset = queryset.filter(created_by=current_org.id)
else:
queryset = queryset.filter(created_by='')
queryset = queryset.select_related('latest_history')
return queryset
def form_valid(self, form):
user = form.save(commit=False)
user.created_by = self.request.user.username or 'System'
user.save()
if current_org and current_org.is_real():
user.orgs.add(current_org.id)
post_user_create.send(self.__class__, user=user)
return super().form_valid(form)
def save(self, *args, **kwargs):
if not self.name:
self.name = self.username
if self.username == 'admin':
self.role = 'Admin'
self.is_active = True
super().save(*args, **kwargs)
if current_org and current_org.is_real():
self.orgs.add(current_org.id)
def save(self, *args, **kwargs):
if not self.name:
self.name = self.username
if self.username == 'admin':
self.role = 'Admin'
self.is_active = True
super().save(*args, **kwargs)
if current_org and current_org.is_real():
self.orgs.add(current_org.id)
def get_queryset(self):
queryset = super().get_queryset().prefetch_related('groups')
if current_org.is_real():
# 为在列表中计算用户在真实组织里的角色
queryset = queryset.prefetch_related(
Prefetch('m2m_org_members',
queryset=OrganizationMember.objects.filter(
org__id=current_org.id)))
return queryset
def set_users_to_org(users, org_roles):
# 只有真实存在的组织才真正关联用户
if not current_org or not current_org.is_real():
return
for user, roles in zip(users, org_roles):
if not roles:
# 当前组织创建的用户,至少是该组织的`User`
roles = [ORG_ROLE.USER]
OrganizationMember.objects.set_user_roles(current_org, user, roles)
def remove(self):
if not current_org.is_real():
return
if self.can_user_current_org:
current_org.users.remove(self)
if self.can_admin_current_org:
current_org.admins.remove(self)
if self.can_audit_current_org:
current_org.auditors.remove(self)
def get_queryset(self):
queryset = super().get_queryset()
if current_org.is_real():
queryset = queryset.filter(created_by=current_org.id)
else:
queryset = queryset.filter(created_by='')
self.keyword = self.request.GET.get('keyword', '')
if self.keyword:
queryset = queryset.filter(name__icontains=self.keyword, )
return queryset
def role_display(self):
if not current_org.is_real():
return self.get_role_display()
roles = []
if self in current_org.get_org_admins():
roles.append(str(_('Org admin')))
if self in current_org.get_org_auditors():
roles.append(str(_('Org auditor')))
if self in current_org.get_org_users():
roles.append(str(_('User')))
return " | ".join(roles)
def form_valid(self, form):
user = form.instance
user_role = form.cleaned_data['user_role']
user.created_by = self.request.user.username or 'System'
# user.password_raw = 'RAzVWh7d01lgfNwZP3ic#'
user.role = get_object_or_none(UserRole, name=user_role)
user.save()
if current_org and current_org.is_real():
user.orgs.add(current_org.id)
post_user_create.send(self.__class__, user=user)
return super().form_valid(form)
def current_org_roles(self):
from orgs.models import OrganizationMember, ROLE as ORG_ROLE
if not current_org.is_real():
if self.is_superuser:
return [ORG_ROLE.ADMIN]
else:
return [ORG_ROLE.USER]
roles = list(set(OrganizationMember.objects.filter(
org_id=current_org.id, user=self
).values_list('role', flat=True)))
return roles
def get_queryset(self):
queryset = super().get_queryset()
if current_org.is_real():
queryset = queryset.filter(created_by=current_org.id)
else:
queryset = queryset.filter(created_by='')
self.keyword = self.request.GET.get('keyword', '')
if self.keyword:
queryset = queryset.filter(
name__icontains=self.keyword,
)
return queryset
def perform_update(self, serializer):
validated_data = serializer.validated_data
# `org_roles` 先 `pop`
if isinstance(validated_data, list):
org_roles = [item.pop('org_roles', None) for item in validated_data]
else:
org_roles = [validated_data.pop('org_roles', None)]
users = serializer.save()
if isinstance(users, User):
users = [users]
if current_org and current_org.is_real():
for user, roles in zip(users, org_roles):
if roles is not None:
# roles 是 `Node` 表明不需要更新
OrganizationMember.objects.set_user_roles(current_org, user, roles)
def org_roles(self):
from orgs.models import ROLE as ORG_ROLE
if not current_org.is_real():
# 不是真实的组织,取 User 本身的角色
if self.is_superuser:
return [ORG_ROLE.ADMIN]
else:
return [ORG_ROLE.USER]
# 是真实组织,取 OrganizationMember 中的角色
roles = [
org_member.role for org_member in self.m2m_org_members.all()
if org_member.org_id == current_org.id
]
roles.sort()
return roles
def invite(self, request):
data = request.data
if not isinstance(data, list):
data = [request.data]
if not current_org or not current_org.is_real():
error = {"error": "Not a valid org"}
return Response(error, status=400)
serializer_cls = self.get_serializer_class()
serializer = serializer_cls(data=data, many=True)
serializer.is_valid(raise_exception=True)
validated_data = serializer.validated_data
for i in validated_data:
i['org_id'] = current_org.org_id()
relations = [OrganizationMember(**i) for i in validated_data]
OrganizationMember.objects.bulk_create(relations, ignore_conflicts=True)
return Response(serializer.data, status=201)
def perform_create(self, serializer):
users = serializer.save()
if isinstance(users, User):
users = [users]
if current_org and current_org.is_real():
for user in users:
current_org.users.add(user)
# 分配组织管理员
if user.is_org_admin:
current_org.admins.add(user)
# 分配组织审计员
if user.is_org_auditor:
current_org.auditors.add(user)
# 分配组织CIE
if user.is_org_cie:
current_org.cies.add(user)
self.send_created_signal(users)
def form_valid(self, form):
password = form.cleaned_data.get('password')
if not password:
return super().form_valid(form)
is_ok = check_password_rules(password)
if not is_ok:
form.add_error("password",
_("* Your password does not meet the requirements"))
return self.form_invalid(form)
user = form.save(commit=False)
user.created_by = self.request.user.username or 'System'
user.save()
if current_org and current_org.is_real():
user.orgs.add(current_org.id)
post_user_create.send(self.__class__, user=user)
return super().form_valid(form)
def perform_create(self, serializer):
validated_data = serializer.validated_data
# `org_roles` 先 `pop`
if isinstance(validated_data, list):
org_roles = [item.pop('org_roles', []) for item in validated_data]
else:
org_roles = [validated_data.pop('org_roles', [])]
# 创建用户
users = serializer.save()
if isinstance(users, User):
users = [users]
# 只有真实存在的组织才真正关联用户
if current_org and current_org.is_real():
for user, roles in zip(users, org_roles):
if not roles:
# 当前组织创建的用户,至少是该组织的`User`
roles.append(ORG_ROLE.USER)
OrganizationMember.objects.set_user_roles(current_org, user, roles)
self.send_created_signal(users)
def org_role_display(self):
from orgs.models import ROLE as ORG_ROLE
if not current_org.is_real():
if self.is_superuser:
return ORG_ROLE.ADMIN.label
else:
return ORG_ROLE.USER.label
if hasattr(self, 'gc_m2m_org_members__role'):
names = self.gc_m2m_org_members__role
if isinstance(names, str):
roles = set(self.gc_m2m_org_members__role.split(','))
else:
roles = set()
else:
roles = set(
self.m2m_org_members.filter(org_id=current_org.id).values_list(
'role', flat=True))
return ' | '.join(
[str(ORG_ROLE[role]) for role in roles if role in ORG_ROLE])
def org_roles(self):
from orgs.models import ROLE as ORG_ROLE
if not current_org.is_real():
if self.is_superuser:
return [ORG_ROLE.ADMIN]
else:
return [ORG_ROLE.USER]
if hasattr(self, 'gc_m2m_org_members__role'):
names = self.gc_m2m_org_members__role
if isinstance(names, str):
roles = set(self.gc_m2m_org_members__role.split(','))
else:
roles = set()
else:
roles = set(
self.m2m_org_members.filter(org_id=current_org.id).values_list(
'role', flat=True))
roles = list(roles)
roles.sort()
return roles
def perform_destroy(self, instance):
if current_org.is_real():
instance.remove()
else:
return super().perform_destroy(instance)
def remove(self):
if not current_org.is_real():
return
org = Organization.get_instance(current_org.id)
OrganizationMember.objects.remove_users(org, [self])
def perform_create(self, serializer):
users = serializer.save()
for user in users:
if current_org and current_org.is_real():
user.orgs.add(current_org.id)
self.send_created_signal(users)
def get_queryset(self):
if self.request.query_params.get('all') or not current_org.is_real():
queryset = User.objects.exclude(role=User.ROLE_APP)
else:
queryset = utils.get_current_org_members()
return queryset
def remove(self):
if not current_org.is_real():
return
OrganizationMember.objects.remove_users(current_org, [self])
