fix: System common user permission by role
This commit is contained in:
parent
d93b47d6f5
commit
97269d5445
@ -48,7 +48,11 @@ def exist_permissions_by_view_permission(user_role: List[RoleConstants],
|
|||||||
:param permission: 所属权限
|
:param permission: 所属权限
|
||||||
:return: 是否存在 True False
|
:return: 是否存在 True False
|
||||||
"""
|
"""
|
||||||
role_ok = any(list(map(lambda ur: permission.roleList.__contains__(ur), user_role)))
|
|
||||||
|
role_list = [user_r(request, kwargs) if callable(user_r) else user_r for user_r in
|
||||||
|
permission.roleList]
|
||||||
|
role_ok = any(list(map(lambda up: role_list.__contains__(up),
|
||||||
|
role_list)))
|
||||||
permission_list = [user_p(request, kwargs) if callable(user_p) else user_p for user_p in
|
permission_list = [user_p(request, kwargs) if callable(user_p) else user_p for user_p in
|
||||||
permission.permissionList
|
permission.permissionList
|
||||||
]
|
]
|
||||||
|
|||||||
@ -396,7 +396,9 @@ class Permission:
|
|||||||
return Permission(group, operate)
|
return Permission(group, operate)
|
||||||
|
|
||||||
def __str__(self):
|
def __str__(self):
|
||||||
return self.group.value + ":" + self.operate.value + (
|
|
||||||
|
return self.group.value + (
|
||||||
|
(":" + self.operate.value) if self.operate.value else '') + (
|
||||||
(":" + self.resource_path) if self.resource_path is not None else '')
|
(":" + self.resource_path) if self.resource_path is not None else '')
|
||||||
|
|
||||||
def __eq__(self, other):
|
def __eq__(self, other):
|
||||||
@ -1326,12 +1328,12 @@ class PermissionConstants(Enum):
|
|||||||
def get_workspace_model_permission(self):
|
def get_workspace_model_permission(self):
|
||||||
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,
|
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,
|
||||||
resource_path=
|
resource_path=
|
||||||
f"/WORKSPACE/{kwargs.get('workspace_id')}/MODEL/{kwargs.get('knowledge_id')}")
|
f"/WORKSPACE/{kwargs.get('workspace_id')}/MODEL/{kwargs.get('model_id')}")
|
||||||
|
|
||||||
def get_workspace_tool_permission(self):
|
def get_workspace_tool_permission(self):
|
||||||
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,
|
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,
|
||||||
resource_path=
|
resource_path=
|
||||||
f"/WORKSPACE/{kwargs.get('workspace_id')}/TOOL/{kwargs.get('knowledge_id')}")
|
f"/WORKSPACE/{kwargs.get('workspace_id')}/TOOL/{kwargs.get('tool_id')}")
|
||||||
|
|
||||||
def get_workspace_permission(self):
|
def get_workspace_permission(self):
|
||||||
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,
|
return lambda r, kwargs: Permission(group=self.value.group, operate=self.value.operate,
|
||||||
|
|||||||
@ -104,8 +104,10 @@ class ToolView(APIView):
|
|||||||
tags=[_('Tool')] # type: ignore
|
tags=[_('Tool')] # type: ignore
|
||||||
)
|
)
|
||||||
@has_permissions(
|
@has_permissions(
|
||||||
PermissionConstants.TOOL_EDIT.get_workspace_permission(),PermissionConstants.TOOL_EDIT.get_workspace_permission_workspace_manage_role(),
|
PermissionConstants.TOOL_EDIT.get_workspace_permission(),
|
||||||
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(), ViewPermission([RoleConstants.USER.get_workspace_role()],
|
PermissionConstants.TOOL_EDIT.get_workspace_permission_workspace_manage_role(),
|
||||||
|
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
|
||||||
|
ViewPermission([RoleConstants.USER.get_workspace_role()],
|
||||||
[PermissionConstants.TOOL.get_workspace_tool_permission()],
|
[PermissionConstants.TOOL.get_workspace_tool_permission()],
|
||||||
CompareConstants.AND),
|
CompareConstants.AND),
|
||||||
)
|
)
|
||||||
@ -261,7 +263,8 @@ class ToolView(APIView):
|
|||||||
@has_permissions(
|
@has_permissions(
|
||||||
PermissionConstants.TOOL_CREATE.get_workspace_permission(),
|
PermissionConstants.TOOL_CREATE.get_workspace_permission(),
|
||||||
PermissionConstants.TOOL_EDIT.get_workspace_permission(),
|
PermissionConstants.TOOL_EDIT.get_workspace_permission(),
|
||||||
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(), RoleConstants.USER.get_workspace_role()
|
RoleConstants.WORKSPACE_MANAGE.get_workspace_role(),
|
||||||
|
RoleConstants.USER.get_workspace_role()
|
||||||
)
|
)
|
||||||
def post(self, request: Request, workspace_id: str):
|
def post(self, request: Request, workspace_id: str):
|
||||||
return result.success(ToolSerializer.Pylint(
|
return result.success(ToolSerializer.Pylint(
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user