From 4eb594598c0bf713654a465671b6e9d7b4ff0330 Mon Sep 17 00:00:00 2001 From: zhangzhanwei Date: Wed, 18 Jun 2025 15:07:59 +0800 Subject: [PATCH] feat: Permission update --- apps/application/views/application.py | 2 +- apps/system_manage/views/email_setting.py | 9 ++++----- apps/users/views/user.py | 16 ++++++++-------- 3 files changed, 13 insertions(+), 14 deletions(-) diff --git a/apps/application/views/application.py b/apps/application/views/application.py index 828d67c4..ee8a8cd5 100644 --- a/apps/application/views/application.py +++ b/apps/application/views/application.py @@ -187,7 +187,7 @@ class ApplicationAPI(APIView): tags=[_('Application')] # type: ignore ) @has_permissions(PermissionConstants.WORKSPACE_READ.get_workspace_application_permission(), - RoleConstants.WORKSPACE_MANAGE.get_workspace_role()) + RoleConstants.WORKSPACE_MANAGE.get_workspace_role(), RoleConstants.ADMIN) def get(self, request: Request, workspace_id: str, application_id: str): return result.success(ApplicationOperateSerializer( data={'application_id': application_id, 'user_id': request.user.id}).one()) diff --git a/apps/system_manage/views/email_setting.py b/apps/system_manage/views/email_setting.py index ad11bd6b..f386bb6e 100644 --- a/apps/system_manage/views/email_setting.py +++ b/apps/system_manage/views/email_setting.py @@ -7,13 +7,12 @@ @desc: """ from drf_spectacular.utils import extend_schema -from networkx.algorithms.traversal import dfs_successors from rest_framework.request import Request from rest_framework.views import APIView from common.auth import TokenAuth from common.auth.authentication import has_permissions -from common.constants.permission_constants import PermissionConstants +from common.constants.permission_constants import PermissionConstants, RoleConstants from django.utils.translation import gettext_lazy as _ @@ -56,7 +55,7 @@ class SystemSetting(APIView): tags=[_('Email Settings')]) # type: ignore @log(menu='Email settings', operate='Create or update email settings', get_details=get_email_details) - @has_permissions(PermissionConstants.EMAIL_SETTING_EDIT) + @has_permissions(PermissionConstants.EMAIL_SETTING_EDIT, RoleConstants.ADMIN) def put(self, request: Request): return result.success( EmailSettingSerializer.Create( @@ -70,7 +69,7 @@ class SystemSetting(APIView): responses=DefaultModelResponse.get_response(), tags=[_('Email Settings')] # type: ignore ) - @has_permissions(PermissionConstants.EMAIL_SETTING_EDIT) + @has_permissions(PermissionConstants.EMAIL_SETTING_EDIT, RoleConstants.ADMIN) @log(menu='Email settings', operate='Test email settings', get_details=get_email_details ) @@ -85,7 +84,7 @@ class SystemSetting(APIView): operation_id=_('Get email settings'), # type: ignore responses=DefaultModelResponse.get_response(), tags=[_('Email Settings')]) # type: ignore - @has_permissions(PermissionConstants.EMAIL_SETTING_READ) + @has_permissions(PermissionConstants.EMAIL_SETTING_READ, RoleConstants.ADMIN) def get(self, request: Request): return result.success( EmailSettingSerializer.one()) diff --git a/apps/users/views/user.py b/apps/users/views/user.py index f99e8be4..20c7be98 100644 --- a/apps/users/views/user.py +++ b/apps/users/views/user.py @@ -76,7 +76,7 @@ class TestPermissionsUserView(APIView): operation_id="测试", tags=[_("User Management")], # type: ignore responses=UserProfileAPI.get_response()) - @has_permissions(PermissionConstants.USER_EDIT) + @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN) def get(self, request: Request): return result.success(UserProfileSerializer().profile(request.user, request.auth)) @@ -108,7 +108,7 @@ class TestWorkspacePermissionUserView(APIView): tags=[_("User Management")], # type: ignore responses=UserProfileAPI.get_response(), parameters=TestWorkspacePermissionUserApi.get_parameters()) - @has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission()) + @has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission(), RoleConstants.ADMIN) def get(self, request: Request, workspace_id): return result.success(UserProfileSerializer().profile(request.user, request.auth)) @@ -179,7 +179,7 @@ class UserManage(APIView): operation_id=_("Get default password"), # type: ignore tags=[_("User Management")], # type: ignore responses=UserPasswordResponse.get_response()) - @has_permissions(PermissionConstants.USER_CREATE) + @has_permissions(PermissionConstants.USER_CREATE, RoleConstants.ADMIN) def get(self, request: Request): return result.success(data={'password': default_password}) @@ -193,7 +193,7 @@ class UserManage(APIView): tags=[_("User Management")], # type: ignore parameters=DeleteUserApi.get_parameters(), responses=DefaultModelResponse.get_response()) - @has_permissions(PermissionConstants.USER_DELETE) + @has_permissions(PermissionConstants.USER_DELETE, RoleConstants.ADMIN) @log(menu='User management', operate='Delete user', get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))) def delete(self, request: Request, user_id): @@ -206,7 +206,7 @@ class UserManage(APIView): tags=[_("User Management")], # type: ignore request=DeleteUserApi.get_parameters(), responses=UserProfileAPI.get_response()) - @has_permissions(PermissionConstants.USER_READ) + @has_permissions(PermissionConstants.USER_READ,RoleConstants.ADMIN) def get(self, request: Request, user_id): return result.success(UserManageSerializer.Operate(data={'id': user_id}).one(with_valid=True)) @@ -218,7 +218,7 @@ class UserManage(APIView): parameters=DeleteUserApi.get_parameters(), request=EditUserApi.get_request(), responses=UserProfileAPI.get_response()) - @has_permissions(PermissionConstants.USER_EDIT) + @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN) @log(menu='User management', operate='Update user information', get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))) def put(self, request: Request, user_id): @@ -235,7 +235,7 @@ class UserManage(APIView): tags=[_("User Management")], # type: ignore request=DeleteUserApi.get_request(), responses=DefaultModelResponse.get_response()) - @has_permissions(PermissionConstants.USER_DELETE) + @has_permissions(PermissionConstants.USER_DELETE, RoleConstants.ADMIN) @log(menu='User management', operate='Batch delete user', get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))) def post(self, request: Request): @@ -269,7 +269,7 @@ class UserManage(APIView): tags=[_("User Management")], # type: ignore parameters=UserPageApi.get_parameters(), responses=UserPageApi.get_response()) - @has_permissions(PermissionConstants.USER_READ) + @has_permissions(PermissionConstants.USER_READ,RoleConstants.ADMIN) def get(self, request: Request, current_page, page_size): d = UserManageSerializer.Query( data={'email_or_username': request.query_params.get('email_or_username', None),