jumpserver/apps/perms/api/user_permission/mixin.py

60 lines
1.7 KiB
Python
Raw Normal View History

# -*- coding: utf-8 -*-
#
2022-11-15 08:24:53 +00:00
from django.shortcuts import get_object_or_404
2023-07-24 03:52:25 +00:00
from django.utils.translation import gettext_lazy as _
2022-12-02 05:15:03 +00:00
from rest_framework.request import Request
from common.exceptions import JMSObjectDoesNotExist
2023-07-24 03:52:25 +00:00
from common.utils import is_uuid
from rbac.permissions import RBACPermission
from users.models import User
__all__ = ['SelfOrPKUserMixin']
2022-11-15 08:24:53 +00:00
class SelfOrPKUserMixin:
kwargs: dict
request: Request
permission_classes = (RBACPermission,)
2022-11-15 09:49:28 +00:00
def get_rbac_perms(self):
if self.request_user_is_self():
return self.self_rbac_perms
else:
return self.admin_rbac_perms
2022-11-15 08:24:53 +00:00
@property
def self_rbac_perms(self):
return (
('list', 'perms.view_myassets'),
('retrieve', 'perms.view_myassets'),
('get_tree', 'perms.view_myassets'),
('GET', 'perms.view_myassets'),
('OPTIONS', 'perms.view_myassets'),
2022-11-15 08:24:53 +00:00
)
@property
def admin_rbac_perms(self):
return (
('list', 'perms.view_userassets'),
('retrieve', 'perms.view_userassets'),
('get_tree', 'perms.view_userassets'),
('GET', 'perms.view_userassets'),
('OPTIONS', 'perms.view_userassets'),
2022-11-15 08:24:53 +00:00
)
2022-11-15 09:49:28 +00:00
@property
def user(self):
2022-11-15 08:24:53 +00:00
if self.request_user_is_self():
2022-11-15 09:49:28 +00:00
user = self.request.user
elif is_uuid(self.kwargs.get('user')):
user = get_object_or_404(User, pk=self.kwargs.get('user'))
elif hasattr(self, 'swagger_fake_view'):
user = self.request.user
2022-11-15 08:24:53 +00:00
else:
2022-11-15 09:49:28 +00:00
raise JMSObjectDoesNotExist(object_name=_('User'))
return user
2022-11-15 08:24:53 +00:00
def request_user_is_self(self):
return self.kwargs.get('user') in ['my', 'self']