perf: 修改perm判断逻辑

2022-03-08 18:04:17 +08:00 · 2022-03-08 18:04:17 +08:00 · 1cca9c10fb
parent c4a6715eb8
commit 1cca9c10fb
2 changed files with 4 additions and 10 deletions
--- a/apps/rbac/backends.py
+++ b/apps/rbac/backends.py
@ -18,7 +18,10 @@ class RBACBackend(JMSBaseAuthBackend):
    def has_perm(self, user_obj, perm, obj=None):
        if not user_obj.is_active:
            raise PermissionDenied()
-        has_perm = perm in user_obj.perms
+        if perm == '*':
+            return True
+        perm_set = set(i.strip() for i in perm.split('|'))
+        has_perm = bool(perm_set & set(user_obj.perms))
        if not has_perm:
            raise PermissionDenied()
        return has_perm
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@ -806,15 +806,6 @@ class User(AuthMixin, TokenMixin, RoleMixin, MFAMixin, AbstractUser):
            return True
        return False

-    def has_perms(self, perm_list, obj=None):
-        """
-        Return True if the user has each of the specified permissions. If
-        object is passed, check if the user has all required perms for it.
-        """
-        if '*' in perm_list:
-            return True
-        return all(any(self.has_perm(perm, obj) for perm in perms.split(' | ')) for perms in perm_list)
-

 class UserPasswordHistory(models.Model):
    id = models.UUIDField(default=uuid.uuid4, primary_key=True)