github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

perf: 工单直接审批者访问链接无认证跳转到登录页面 (#11902)

Browse Source 
* perf: 工单直接审批者访问链接无认证跳转到登录页面

* perf: 修改重定向登录地址

* perf: 跳转字段标识更新
pull/11909/head
jiangweidong 1 year ago committed by GitHub
parent ca0dca26c7
commit 03d1a187df
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 23 deletions
Show Stats Download Patch File Download Diff File

7
apps/tickets/templates/tickets/approve_check_password.html
Unescape View File

@ -39,7 +39,6 @@
<form id="approve-form" action="" method="post" role="form" novalidate="novalidate"> <form id="approve-form" action="" method="post" role="form" novalidate="novalidate">
{% csrf_token %} {% csrf_token %}
<div class="form-group" style=""> <div class="form-group" style="">
{% if user.is_authenticated %}
<button class="btn btn-primary block full-width m-b" name="action" value="approve" <button class="btn btn-primary block full-width m-b" name="action" value="approve"
type="submit"> type="submit">
{% trans 'Approval' %} {% trans 'Approval' %}
@ -48,12 +47,6 @@
type="submit"> type="submit">
{% trans 'Reject' %} {% trans 'Reject' %}
</button> </button>
{% else %}
<a id='login_button' class="btn btn-primary block full-width m-b"
href="{{ login_url }}">
{% trans 'Go Login' %}
</a>
{% endif %}
</div> </div>
</form> </form>
</div> </div>

30
apps/tickets/views/approve.py
Unescape View File

@ -64,30 +64,28 @@ class TicketDirectApproveView(TemplateView):
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
# 放入工单信息 # 放入工单信息
token = kwargs.get('token')
content = cache.get(token, {}).get('content', [])
if self.request.user.is_authenticated:
prompt_msg = _('Click the button below to approve or reject')
else:
prompt_msg = _('After successful authentication, this ticket can be approved directly')
kwargs.update({ kwargs.update({
'content': content, 'prompt_msg': prompt_msg, 'content': kwargs['ticket_info'].get('content', []),
'login_url': '%s&next=%s' % ( 'prompt_msg': _('Click the button below to approve or reject'),
self.login_url,
reverse('tickets:direct-approve', kwargs={'token': token})
),
}) })
return super().get_context_data(**kwargs) return super().get_context_data(**kwargs)
def get(self, request, *args, **kwargs): def get(self, request, *args, **kwargs):
if not request.user.is_authenticated: if not request.user.is_authenticated:
return HttpResponse(status=401) direct_url = reverse('tickets:direct-approve', kwargs={'token': kwargs['token']})
message_data = {
token = kwargs.get('token') 'title': _('Ticket approval'),
ticket_info = cache.get(token) 'message': _('After successful authentication, this ticket can be approved directly'),
'redirect_url': f'{self.login_url}&{self.redirect_field_name}={direct_url}',
'auto_redirect': True,
}
redirect_url = FlashMessageUtil.gen_message_url(message_data)
return redirect(redirect_url)
ticket_info = cache.get(kwargs['token'])
if not ticket_info: if not ticket_info:
return self.redirect_message_response(redirect_url=self.login_url) return self.redirect_message_response(redirect_url=self.login_url)
return super().get(request, *args, **kwargs) return super().get(request, ticket_info=ticket_info, *args, **kwargs)
def post(self, request, **kwargs): def post(self, request, **kwargs):
user = request.user user = request.user

Write Preview
Loading…
Cancel
Save