mirror of https://github.com/jumpserver/jumpserver
fix(tickets): 修复申请资产工单不能关闭
parent
5a9c91d9dd
commit
11493b9f3d
|
@ -182,3 +182,9 @@ class CanUpdateDeleteUser(permissions.BasePermission):
|
||||||
if request.method in ['PUT', 'PATCH']:
|
if request.method in ['PUT', 'PATCH']:
|
||||||
return self.has_update_object_permission(request, view, obj)
|
return self.has_update_object_permission(request, view, obj)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
|
||||||
|
class IsObjectOwner(IsValidUser):
|
||||||
|
def has_object_permission(self, request, view, obj):
|
||||||
|
return (super().has_object_permission(request, view, obj) and
|
||||||
|
request.user == getattr(obj, 'user', None))
|
||||||
|
|
|
@ -8,7 +8,7 @@ from orgs.models import Organization, ROLE as ORG_ROLE
|
||||||
from users.models.user import User
|
from users.models.user import User
|
||||||
from common.const.http import POST, GET
|
from common.const.http import POST, GET
|
||||||
from common.drf.api import JMSModelViewSet
|
from common.drf.api import JMSModelViewSet
|
||||||
from common.permissions import IsValidUser
|
from common.permissions import IsValidUser, IsObjectOwner
|
||||||
from common.utils.django import get_object_or_none
|
from common.utils.django import get_object_or_none
|
||||||
from common.utils.timezone import dt_parser
|
from common.utils.timezone import dt_parser
|
||||||
from common.drf.serializers import EmptySerializer
|
from common.drf.serializers import EmptySerializer
|
||||||
|
@ -31,6 +31,7 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
|
||||||
'default': serializers.RequestAssetPermTicketSerializer,
|
'default': serializers.RequestAssetPermTicketSerializer,
|
||||||
'approve': EmptySerializer,
|
'approve': EmptySerializer,
|
||||||
'reject': EmptySerializer,
|
'reject': EmptySerializer,
|
||||||
|
'close': EmptySerializer,
|
||||||
'assignees': serializers.AssigneeSerializer,
|
'assignees': serializers.AssigneeSerializer,
|
||||||
}
|
}
|
||||||
permission_classes = (IsValidUser,)
|
permission_classes = (IsValidUser,)
|
||||||
|
@ -103,6 +104,13 @@ class RequestAssetPermTicketViewSet(JMSModelViewSet):
|
||||||
self._create_asset_permission(instance, assets, system_user)
|
self._create_asset_permission(instance, assets, system_user)
|
||||||
return Response({'detail': _('Succeed')})
|
return Response({'detail': _('Succeed')})
|
||||||
|
|
||||||
|
@action(detail=True, methods=[POST], permission_classes=[IsAssignee | IsObjectOwner])
|
||||||
|
def close(self, request, *args, **kwargs):
|
||||||
|
instance = self.get_object()
|
||||||
|
instance.status = Ticket.STATUS.CLOSED
|
||||||
|
instance.save()
|
||||||
|
return Response({'detail': _('Succeed')})
|
||||||
|
|
||||||
def _create_asset_permission(self, instance: Ticket, assets, system_user):
|
def _create_asset_permission(self, instance: Ticket, assets, system_user):
|
||||||
meta = instance.meta
|
meta = instance.meta
|
||||||
request = self.request
|
request = self.request
|
||||||
|
|
Loading…
Reference in New Issue