def create(self, request, *args, **kwargs): # pylint: disable=unused-argument ''' 添加子组,从无到有 [POST] ''' parent_group = self.get_object() group_data = request.data uid = group_data.get('uid', '') if 'manager_group' in group_data: if parent_group.uid == 'manager': if not group_data.get('name', ''): name = "".join( random.choice(string.ascii_lowercase) for _ in range(8)) group_data.update(name=name) else: group_data.pop('manager_group') if not uid: name = group_data.get('name') if not name: raise ValidationError({'name': ['this field is required']}) uid = gen_uid(name=name, cls=Group) group_data['uid'] = uid cli = CLI() group_data.update(parent_uid=self.kwargs['uid']) child_group = cli.create_group(group_data) cli.add_group_to_group(child_group, parent_group) if parent_group.uid == 'intra': self._auto_create_manager_group(request, child_group) transaction.on_commit( lambda: WebhookManager.group_created(child_group)) return Response(GroupDetailSerializer(child_group).data, status=status.HTTP_201_CREATED)
def _auto_create_manager_group(request, app): ''' 当创建应用时,自动创建子管理员组 成员只有创建者一人,节点管理范围为空,人员管理范围仅自己,应用管理范围仅此一个应用 ''' cli = CLI() data = { 'uid': gen_uid(name=uuid_utils.uuid4().hex[:6], cls=Group), 'name': f'管理应用{app.name}', 'manager_group': { 'apps': [app.uid], 'users': [request.user.username], 'scope_subject': 2, } } manager_group = cli.create_group(data) parent, _ = Group.valid_objects.get_or_create(uid='manager') cli.add_group_to_group(manager_group, parent) cli.add_users_to_group([request.user], manager_group)
def _auto_create_manager_group(request, child_group): ''' 当创建大类时,自动创建子管理员组 成员只有创建者一人,节点范围仅此大类,人员管理范围仅自己,应用管理范围为空 ''' cli = CLI() data = { 'uid': gen_uid(name=uuid_utils.uuid4().hex[:6], cls=Group), 'name': f'管理分组{child_group.name}', 'manager_group': { 'nodes': [child_group.node_uid], 'users': [request.user.username], 'scope_subject': 2, }, } manager_group = cli.create_group(data) parent, _ = Group.valid_objects.get_or_create(uid='manager') cli.add_group_to_group(manager_group, parent) cli.add_users_to_group([request.user], manager_group)