105 lines
4.1 KiB
Python
105 lines
4.1 KiB
Python
|
|
# coding=utf-8
|
|||
|
|
"""
|
|||
|
|
@project: MaxKB
|
|||
|
|
@Author:TanLianWang
|
|||
|
|
@file: access_control_policy.py
|
|||
|
|
@date:2026/4/1
|
|||
|
|
@desc: 接入控制策略视图
|
|||
|
|
"""
|
|||
|
|
from drf_spectacular.utils import extend_schema
|
|||
|
|
from rest_framework.request import Request
|
|||
|
|
from rest_framework.views import APIView
|
|||
|
|
|
|||
|
|
from common.auth import TokenAuth
|
|||
|
|
from common.auth.authentication import has_permissions
|
|||
|
|
from common.constants.permission_constants import PermissionConstants, RoleConstants
|
|||
|
|
from common.log.log import log
|
|||
|
|
from common.result import result
|
|||
|
|
from system_manage.serializers.access_control_policy import (
|
|||
|
|
AccessControlPolicySerializer,
|
|||
|
|
AccessControlPolicyApplySerializer,
|
|||
|
|
AccessControlPolicyApplicationRecordSerializer,
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
|
|||
|
|
def get_access_control_policy_details(request):
|
|||
|
|
return {
|
|||
|
|
'path': request.path,
|
|||
|
|
'body': request.data,
|
|||
|
|
'query': request.query_params,
|
|||
|
|
}
|
|||
|
|
|
|||
|
|
|
|||
|
|
class AccessControlPolicyView(APIView):
|
|||
|
|
authentication_classes = [TokenAuth]
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@has_permissions(PermissionConstants.USER_READ, RoleConstants.ADMIN)
|
|||
|
|
def get(self, request: Request):
|
|||
|
|
return result.success(
|
|||
|
|
AccessControlPolicySerializer.list(
|
|||
|
|
name=request.query_params.get('name', ''),
|
|||
|
|
enabled=request.query_params.get('enabled'),
|
|||
|
|
)
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@log(menu='Policy management', operate='Create access control policy', get_details=get_access_control_policy_details)
|
|||
|
|
@has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
|
|||
|
|
def post(self, request: Request):
|
|||
|
|
return result.success(AccessControlPolicySerializer(data=request.data).save())
|
|||
|
|
|
|||
|
|
|
|||
|
|
class AccessControlPolicyDetailView(APIView):
|
|||
|
|
authentication_classes = [TokenAuth]
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@has_permissions(PermissionConstants.USER_READ, RoleConstants.ADMIN)
|
|||
|
|
def get(self, request: Request, policy_id):
|
|||
|
|
return result.success(
|
|||
|
|
AccessControlPolicySerializer.to_representation_from_instance(
|
|||
|
|
AccessControlPolicySerializer.get_one(policy_id)
|
|||
|
|
)
|
|||
|
|
)
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@log(menu='Policy management', operate='Update access control policy', get_details=get_access_control_policy_details)
|
|||
|
|
@has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
|
|||
|
|
def put(self, request: Request, policy_id):
|
|||
|
|
instance = AccessControlPolicySerializer.get_one(policy_id)
|
|||
|
|
return result.success(AccessControlPolicySerializer(instance=instance, data=request.data).save())
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@log(menu='Policy management', operate='Delete access control policy', get_details=get_access_control_policy_details)
|
|||
|
|
@has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
|
|||
|
|
def delete(self, request: Request, policy_id):
|
|||
|
|
instance = AccessControlPolicySerializer.get_one(policy_id)
|
|||
|
|
instance.delete()
|
|||
|
|
return result.success(True)
|
|||
|
|
|
|||
|
|
|
|||
|
|
class AccessControlPolicyApplyView(APIView):
|
|||
|
|
authentication_classes = [TokenAuth]
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@log(menu='Policy management', operate='Apply access control policy', get_details=get_access_control_policy_details)
|
|||
|
|
@has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
|
|||
|
|
def post(self, request: Request, policy_id):
|
|||
|
|
policy = AccessControlPolicySerializer.get_one(policy_id)
|
|||
|
|
serializer = AccessControlPolicyApplySerializer(data=request.data)
|
|||
|
|
return result.success(serializer.save(policy=policy, operator=request.user))
|
|||
|
|
|
|||
|
|
|
|||
|
|
class AccessControlPolicyApplicationRecordView(APIView):
|
|||
|
|
authentication_classes = [TokenAuth]
|
|||
|
|
|
|||
|
|
@extend_schema(tags=['Access Control Policy'])
|
|||
|
|
@has_permissions(PermissionConstants.USER_READ, RoleConstants.ADMIN)
|
|||
|
|
def get(self, request: Request):
|
|||
|
|
return result.success(
|
|||
|
|
AccessControlPolicyApplicationRecordSerializer.list(
|
|||
|
|
policy_name=request.query_params.get('policy_name', ''),
|
|||
|
|
target_name=request.query_params.get('target_name', ''),
|
|||
|
|
)
|
|||
|
|
)
|