zhuchaowe/maxkb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Permission update

Browse Source
This commit is contained in:
zhangzhanwei 2025-06-18 15:07:59 +08:00 committed by zhanweizhang7
parent c056cd85ac
commit 4eb594598c
3 changed files with 13 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/application/views/application.py
View File

@ -187,7 +187,7 @@ class ApplicationAPI(APIView):
tags=[_('Application')] # type: ignore tags=[_('Application')] # type: ignore
) )
@has_permissions(PermissionConstants.WORKSPACE_READ.get_workspace_application_permission(), @has_permissions(PermissionConstants.WORKSPACE_READ.get_workspace_application_permission(),
RoleConstants.WORKSPACE_MANAGE.get_workspace_role()) RoleConstants.WORKSPACE_MANAGE.get_workspace_role(), RoleConstants.ADMIN)
def get(self, request: Request, workspace_id: str, application_id: str): def get(self, request: Request, workspace_id: str, application_id: str):
return result.success(ApplicationOperateSerializer( return result.success(ApplicationOperateSerializer(
data={'application_id': application_id, 'user_id': request.user.id}).one()) data={'application_id': application_id, 'user_id': request.user.id}).one())

9
apps/system_manage/views/email_setting.py
View File

@ -7,13 +7,12 @@
@desc: @desc:
""" """
from drf_spectacular.utils import extend_schema from drf_spectacular.utils import extend_schema
from networkx.algorithms.traversal import dfs_successors
from rest_framework.request import Request from rest_framework.request import Request
from rest_framework.views import APIView from rest_framework.views import APIView
from common.auth import TokenAuth from common.auth import TokenAuth
from common.auth.authentication import has_permissions from common.auth.authentication import has_permissions
from common.constants.permission_constants import PermissionConstants from common.constants.permission_constants import PermissionConstants, RoleConstants
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@ -56,7 +55,7 @@ class SystemSetting(APIView):
tags=[_('Email Settings')]) # type: ignore tags=[_('Email Settings')]) # type: ignore
@log(menu='Email settings', operate='Create or update email settings', @log(menu='Email settings', operate='Create or update email settings',
get_details=get_email_details) get_details=get_email_details)
@has_permissions(PermissionConstants.EMAIL_SETTING_EDIT) @has_permissions(PermissionConstants.EMAIL_SETTING_EDIT, RoleConstants.ADMIN)
def put(self, request: Request): def put(self, request: Request):
return result.success( return result.success(
EmailSettingSerializer.Create( EmailSettingSerializer.Create(
@ -70,7 +69,7 @@ class SystemSetting(APIView):
responses=DefaultModelResponse.get_response(), responses=DefaultModelResponse.get_response(),
tags=[_('Email Settings')] # type: ignore tags=[_('Email Settings')] # type: ignore
) )
@has_permissions(PermissionConstants.EMAIL_SETTING_EDIT) @has_permissions(PermissionConstants.EMAIL_SETTING_EDIT, RoleConstants.ADMIN)
@log(menu='Email settings', operate='Test email settings', @log(menu='Email settings', operate='Test email settings',
get_details=get_email_details get_details=get_email_details
) )
@ -85,7 +84,7 @@ class SystemSetting(APIView):
operation_id=_('Get email settings'), # type: ignore operation_id=_('Get email settings'), # type: ignore
responses=DefaultModelResponse.get_response(), responses=DefaultModelResponse.get_response(),
tags=[_('Email Settings')]) # type: ignore tags=[_('Email Settings')]) # type: ignore
@has_permissions(PermissionConstants.EMAIL_SETTING_READ) @has_permissions(PermissionConstants.EMAIL_SETTING_READ, RoleConstants.ADMIN)
def get(self, request: Request): def get(self, request: Request):
return result.success( return result.success(
EmailSettingSerializer.one()) EmailSettingSerializer.one())

16
apps/users/views/user.py
View File

@ -76,7 +76,7 @@ class TestPermissionsUserView(APIView):
operation_id="测试", operation_id="测试",
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
responses=UserProfileAPI.get_response()) responses=UserProfileAPI.get_response())
@has_permissions(PermissionConstants.USER_EDIT) @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
def get(self, request: Request): def get(self, request: Request):
return result.success(UserProfileSerializer().profile(request.user, request.auth)) return result.success(UserProfileSerializer().profile(request.user, request.auth))
@ -108,7 +108,7 @@ class TestWorkspacePermissionUserView(APIView):
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
responses=UserProfileAPI.get_response(), responses=UserProfileAPI.get_response(),
parameters=TestWorkspacePermissionUserApi.get_parameters()) parameters=TestWorkspacePermissionUserApi.get_parameters())
@has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission()) @has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission(), RoleConstants.ADMIN)
def get(self, request: Request, workspace_id): def get(self, request: Request, workspace_id):
return result.success(UserProfileSerializer().profile(request.user, request.auth)) return result.success(UserProfileSerializer().profile(request.user, request.auth))
@ -179,7 +179,7 @@ class UserManage(APIView):
operation_id=_("Get default password"), # type: ignore operation_id=_("Get default password"), # type: ignore
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
responses=UserPasswordResponse.get_response()) responses=UserPasswordResponse.get_response())
@has_permissions(PermissionConstants.USER_CREATE) @has_permissions(PermissionConstants.USER_CREATE, RoleConstants.ADMIN)
def get(self, request: Request): def get(self, request: Request):
return result.success(data={'password': default_password}) return result.success(data={'password': default_password})
@ -193,7 +193,7 @@ class UserManage(APIView):
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
parameters=DeleteUserApi.get_parameters(), parameters=DeleteUserApi.get_parameters(),
responses=DefaultModelResponse.get_response()) responses=DefaultModelResponse.get_response())
@has_permissions(PermissionConstants.USER_DELETE) @has_permissions(PermissionConstants.USER_DELETE, RoleConstants.ADMIN)
@log(menu='User management', operate='Delete user', @log(menu='User management', operate='Delete user',
get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))) get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')))
def delete(self, request: Request, user_id): def delete(self, request: Request, user_id):
@ -206,7 +206,7 @@ class UserManage(APIView):
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
request=DeleteUserApi.get_parameters(), request=DeleteUserApi.get_parameters(),
responses=UserProfileAPI.get_response()) responses=UserProfileAPI.get_response())
@has_permissions(PermissionConstants.USER_READ) @has_permissions(PermissionConstants.USER_READ,RoleConstants.ADMIN)
def get(self, request: Request, user_id): def get(self, request: Request, user_id):
return result.success(UserManageSerializer.Operate(data={'id': user_id}).one(with_valid=True)) return result.success(UserManageSerializer.Operate(data={'id': user_id}).one(with_valid=True))
@ -218,7 +218,7 @@ class UserManage(APIView):
parameters=DeleteUserApi.get_parameters(), parameters=DeleteUserApi.get_parameters(),
request=EditUserApi.get_request(), request=EditUserApi.get_request(),
responses=UserProfileAPI.get_response()) responses=UserProfileAPI.get_response())
@has_permissions(PermissionConstants.USER_EDIT) @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
@log(menu='User management', operate='Update user information', @log(menu='User management', operate='Update user information',
get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))) get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')))
def put(self, request: Request, user_id): def put(self, request: Request, user_id):
@ -235,7 +235,7 @@ class UserManage(APIView):
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
request=DeleteUserApi.get_request(), request=DeleteUserApi.get_request(),
responses=DefaultModelResponse.get_response()) responses=DefaultModelResponse.get_response())
@has_permissions(PermissionConstants.USER_DELETE) @has_permissions(PermissionConstants.USER_DELETE, RoleConstants.ADMIN)
@log(menu='User management', operate='Batch delete user', @log(menu='User management', operate='Batch delete user',
get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))) get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')))
def post(self, request: Request): def post(self, request: Request):
@ -269,7 +269,7 @@ class UserManage(APIView):
tags=[_("User Management")], # type: ignore tags=[_("User Management")], # type: ignore
parameters=UserPageApi.get_parameters(), parameters=UserPageApi.get_parameters(),
responses=UserPageApi.get_response()) responses=UserPageApi.get_response())
@has_permissions(PermissionConstants.USER_READ) @has_permissions(PermissionConstants.USER_READ,RoleConstants.ADMIN)
def get(self, request: Request, current_page, page_size): def get(self, request: Request, current_page, page_size):
d = UserManageSerializer.Query( d = UserManageSerializer.Query(
data={'email_or_username': request.query_params.get('email_or_username', None), data={'email_or_username': request.query_params.get('email_or_username', None),