zhuchaowe/maxkb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: permission role (#3295)

Browse Source
This commit is contained in:
shaohuzhang1 2025-06-18 17:07:38 +08:00 committed by GitHub
parent c17dfeda28
commit f7a0ee6184
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/common/constants/permission_constants.py
View File

@ -516,6 +516,10 @@ class PermissionConstants(Enum):
group=Group.WORKSPACE_USER_RESOURCE_PERMISSION, operate=Operate.READ, group=Group.WORKSPACE_USER_RESOURCE_PERMISSION, operate=Operate.READ,
role_list=[RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE] role_list=[RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE]
) )
WORKSPACE_USER_RESOURCE_PERMISSION_EDIT = Permission(
group=Group.WORKSPACE_USER_RESOURCE_PERMISSION, operate=Operate.EDIT,
role_list=[RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE]
)
EMAIL_SETTING_READ = Permission( EMAIL_SETTING_READ = Permission(
group=Group.EMAIL_SETTING, operate=Operate.READ, role_list=[RoleConstants.ADMIN], group=Group.EMAIL_SETTING, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
parent_group=[SystemGroup.SYSTEM_SETTING] parent_group=[SystemGroup.SYSTEM_SETTING]

8
apps/system_manage/views/user_resource_permission.py
View File

@ -15,7 +15,7 @@ from rest_framework.views import APIView
from common import result from common import result
from common.auth import TokenAuth from common.auth import TokenAuth
from common.auth.authentication import has_permissions from common.auth.authentication import has_permissions
from common.constants.permission_constants import PermissionConstants from common.constants.permission_constants import PermissionConstants, RoleConstants
from common.log.log import log from common.log.log import log
from common.result import DefaultResultSerializer from common.result import DefaultResultSerializer
from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI
@ -31,6 +31,7 @@ def get_user_operation_object(user_id):
} }
return {} return {}
class WorkSpaceUserResourcePermissionView(APIView): class WorkSpaceUserResourcePermissionView(APIView):
authentication_classes = [TokenAuth] authentication_classes = [TokenAuth]
@ -42,7 +43,8 @@ class WorkSpaceUserResourcePermissionView(APIView):
responses=UserResourcePermissionAPI.get_response(), responses=UserResourcePermissionAPI.get_response(),
tags=[_('Resources authorization')] # type: ignore tags=[_('Resources authorization')] # type: ignore
) )
@has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_READ.get_workspace_permission()) @has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_READ.get_workspace_permission(),
RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
def get(self, request: Request, workspace_id: str, user_id: str): def get(self, request: Request, workspace_id: str, user_id: str):
return result.success(UserResourcePermissionSerializer( return result.success(UserResourcePermissionSerializer(
data={'workspace_id': workspace_id, 'user_id': user_id} data={'workspace_id': workspace_id, 'user_id': user_id}
@ -60,6 +62,8 @@ class WorkSpaceUserResourcePermissionView(APIView):
@log(menu='System', operate='Modify the resource authorization list', @log(menu='System', operate='Modify the resource authorization list',
get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')) get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))
) )
@has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_EDIT.get_workspace_permission(),
RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
def put(self, request: Request, workspace_id: str, user_id: str): def put(self, request: Request, workspace_id: str, user_id: str):
return result.success(UserResourcePermissionSerializer( return result.success(UserResourcePermissionSerializer(
data={'workspace_id': workspace_id, 'user_id': user_id} data={'workspace_id': workspace_id, 'user_id': user_id}