def get_queryset(self): queryset = super().get_queryset() if current_org.is_real(): queryset = queryset.filter(created_by=current_org.id) else: queryset = queryset.filter(created_by='') return queryset
def perform_create(self, serializer): users = serializer.save() if isinstance(users, User): users = [users] if current_org and current_org.is_real(): current_org.users.add(*users) self.send_created_signal(users)
def get_queryset(self): queryset = super().get_queryset() if current_org.is_real(): queryset = queryset.filter(created_by=current_org.id) else: queryset = queryset.filter(created_by='') return queryset
def perform_create(self, serializer): validated_data = serializer.validated_data if isinstance(validated_data, list): org_roles = [item.pop('org_role', None) for item in validated_data] else: org_roles = [validated_data.pop('org_role', None)] users = serializer.save() if isinstance(users, User): users = [users] if current_org and current_org.is_real(): mapper = { ORG_ROLE.USER: [], ORG_ROLE.ADMIN: [], ORG_ROLE.AUDITOR: [] } for user, role in zip(users, org_roles): if role in mapper: mapper[role].append(user) else: mapper[ORG_ROLE.USER].append(user) OrganizationMember.objects.set_users_by_role( current_org, users=mapper[ORG_ROLE.USER], admins=mapper[ORG_ROLE.ADMIN], auditors=mapper[ORG_ROLE.AUDITOR]) self.send_created_signal(users)
def form_valid(self, form): user = form.save(commit=False) user.created_by = self.request.user.username or 'System' user.save() if current_org and current_org.is_real(): user.orgs.add(current_org.id) post_user_create.send(self.__class__, user=user) return super().form_valid(form)
def get_queryset(self): queryset = super().get_queryset() if current_org.is_real(): queryset = queryset.filter(created_by=current_org.id) else: queryset = queryset.filter(created_by='') queryset = queryset.select_related('latest_history') return queryset
def form_valid(self, form): user = form.save(commit=False) user.created_by = self.request.user.username or 'System' user.save() if current_org and current_org.is_real(): user.orgs.add(current_org.id) post_user_create.send(self.__class__, user=user) return super().form_valid(form)
def save(self, *args, **kwargs): if not self.name: self.name = self.username if self.username == 'admin': self.role = 'Admin' self.is_active = True super().save(*args, **kwargs) if current_org and current_org.is_real(): self.orgs.add(current_org.id)
def save(self, *args, **kwargs): if not self.name: self.name = self.username if self.username == 'admin': self.role = 'Admin' self.is_active = True super().save(*args, **kwargs) if current_org and current_org.is_real(): self.orgs.add(current_org.id)
def get_queryset(self): queryset = super().get_queryset().prefetch_related('groups') if current_org.is_real(): # 为在列表中计算用户在真实组织里的角色 queryset = queryset.prefetch_related( Prefetch('m2m_org_members', queryset=OrganizationMember.objects.filter( org__id=current_org.id))) return queryset
def set_users_to_org(users, org_roles): # 只有真实存在的组织才真正关联用户 if not current_org or not current_org.is_real(): return for user, roles in zip(users, org_roles): if not roles: # 当前组织创建的用户,至少是该组织的`User` roles = [ORG_ROLE.USER] OrganizationMember.objects.set_user_roles(current_org, user, roles)
def remove(self): if not current_org.is_real(): return if self.can_user_current_org: current_org.users.remove(self) if self.can_admin_current_org: current_org.admins.remove(self) if self.can_audit_current_org: current_org.auditors.remove(self)
def get_queryset(self): queryset = super().get_queryset() if current_org.is_real(): queryset = queryset.filter(created_by=current_org.id) else: queryset = queryset.filter(created_by='') self.keyword = self.request.GET.get('keyword', '') if self.keyword: queryset = queryset.filter(name__icontains=self.keyword, ) return queryset
def role_display(self): if not current_org.is_real(): return self.get_role_display() roles = [] if self in current_org.get_org_admins(): roles.append(str(_('Org admin'))) if self in current_org.get_org_auditors(): roles.append(str(_('Org auditor'))) if self in current_org.get_org_users(): roles.append(str(_('User'))) return " | ".join(roles)
def form_valid(self, form): user = form.instance user_role = form.cleaned_data['user_role'] user.created_by = self.request.user.username or 'System' # user.password_raw = 'RAzVWh7d01lgfNwZP3ic#' user.role = get_object_or_none(UserRole, name=user_role) user.save() if current_org and current_org.is_real(): user.orgs.add(current_org.id) post_user_create.send(self.__class__, user=user) return super().form_valid(form)
def current_org_roles(self): from orgs.models import OrganizationMember, ROLE as ORG_ROLE if not current_org.is_real(): if self.is_superuser: return [ORG_ROLE.ADMIN] else: return [ORG_ROLE.USER] roles = list(set(OrganizationMember.objects.filter( org_id=current_org.id, user=self ).values_list('role', flat=True))) return roles
def get_queryset(self): queryset = super().get_queryset() if current_org.is_real(): queryset = queryset.filter(created_by=current_org.id) else: queryset = queryset.filter(created_by='') self.keyword = self.request.GET.get('keyword', '') if self.keyword: queryset = queryset.filter( name__icontains=self.keyword, ) return queryset
def perform_update(self, serializer): validated_data = serializer.validated_data # `org_roles` 先 `pop` if isinstance(validated_data, list): org_roles = [item.pop('org_roles', None) for item in validated_data] else: org_roles = [validated_data.pop('org_roles', None)] users = serializer.save() if isinstance(users, User): users = [users] if current_org and current_org.is_real(): for user, roles in zip(users, org_roles): if roles is not None: # roles 是 `Node` 表明不需要更新 OrganizationMember.objects.set_user_roles(current_org, user, roles)
def org_roles(self): from orgs.models import ROLE as ORG_ROLE if not current_org.is_real(): # 不是真实的组织,取 User 本身的角色 if self.is_superuser: return [ORG_ROLE.ADMIN] else: return [ORG_ROLE.USER] # 是真实组织,取 OrganizationMember 中的角色 roles = [ org_member.role for org_member in self.m2m_org_members.all() if org_member.org_id == current_org.id ] roles.sort() return roles
def invite(self, request): data = request.data if not isinstance(data, list): data = [request.data] if not current_org or not current_org.is_real(): error = {"error": "Not a valid org"} return Response(error, status=400) serializer_cls = self.get_serializer_class() serializer = serializer_cls(data=data, many=True) serializer.is_valid(raise_exception=True) validated_data = serializer.validated_data for i in validated_data: i['org_id'] = current_org.org_id() relations = [OrganizationMember(**i) for i in validated_data] OrganizationMember.objects.bulk_create(relations, ignore_conflicts=True) return Response(serializer.data, status=201)
def perform_create(self, serializer): users = serializer.save() if isinstance(users, User): users = [users] if current_org and current_org.is_real(): for user in users: current_org.users.add(user) # 分配组织管理员 if user.is_org_admin: current_org.admins.add(user) # 分配组织审计员 if user.is_org_auditor: current_org.auditors.add(user) # 分配组织CIE if user.is_org_cie: current_org.cies.add(user) self.send_created_signal(users)
def form_valid(self, form): password = form.cleaned_data.get('password') if not password: return super().form_valid(form) is_ok = check_password_rules(password) if not is_ok: form.add_error("password", _("* Your password does not meet the requirements")) return self.form_invalid(form) user = form.save(commit=False) user.created_by = self.request.user.username or 'System' user.save() if current_org and current_org.is_real(): user.orgs.add(current_org.id) post_user_create.send(self.__class__, user=user) return super().form_valid(form)
def perform_create(self, serializer): validated_data = serializer.validated_data # `org_roles` 先 `pop` if isinstance(validated_data, list): org_roles = [item.pop('org_roles', []) for item in validated_data] else: org_roles = [validated_data.pop('org_roles', [])] # 创建用户 users = serializer.save() if isinstance(users, User): users = [users] # 只有真实存在的组织才真正关联用户 if current_org and current_org.is_real(): for user, roles in zip(users, org_roles): if not roles: # 当前组织创建的用户,至少是该组织的`User` roles.append(ORG_ROLE.USER) OrganizationMember.objects.set_user_roles(current_org, user, roles) self.send_created_signal(users)
def org_role_display(self): from orgs.models import ROLE as ORG_ROLE if not current_org.is_real(): if self.is_superuser: return ORG_ROLE.ADMIN.label else: return ORG_ROLE.USER.label if hasattr(self, 'gc_m2m_org_members__role'): names = self.gc_m2m_org_members__role if isinstance(names, str): roles = set(self.gc_m2m_org_members__role.split(',')) else: roles = set() else: roles = set( self.m2m_org_members.filter(org_id=current_org.id).values_list( 'role', flat=True)) return ' | '.join( [str(ORG_ROLE[role]) for role in roles if role in ORG_ROLE])
def org_roles(self): from orgs.models import ROLE as ORG_ROLE if not current_org.is_real(): if self.is_superuser: return [ORG_ROLE.ADMIN] else: return [ORG_ROLE.USER] if hasattr(self, 'gc_m2m_org_members__role'): names = self.gc_m2m_org_members__role if isinstance(names, str): roles = set(self.gc_m2m_org_members__role.split(',')) else: roles = set() else: roles = set( self.m2m_org_members.filter(org_id=current_org.id).values_list( 'role', flat=True)) roles = list(roles) roles.sort() return roles
def perform_destroy(self, instance): if current_org.is_real(): instance.remove() else: return super().perform_destroy(instance)
def remove(self): if not current_org.is_real(): return org = Organization.get_instance(current_org.id) OrganizationMember.objects.remove_users(org, [self])
def perform_create(self, serializer): users = serializer.save() for user in users: if current_org and current_org.is_real(): user.orgs.add(current_org.id) self.send_created_signal(users)
def get_queryset(self): if self.request.query_params.get('all') or not current_org.is_real(): queryset = User.objects.exclude(role=User.ROLE_APP) else: queryset = utils.get_current_org_members() return queryset
def remove(self): if not current_org.is_real(): return OrganizationMember.objects.remove_users(current_org, [self])