From 1f4fdc13aa603b7e671e90afd4d010be39f1b78d Mon Sep 17 00:00:00 2001 From: Bai Date: Tue, 14 Feb 2023 17:51:22 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E4=B8=80=E4=BA=9B=20c?= =?UTF-8?q?onnection-token=20rbac=20=E6=9D=83=E9=99=90=E6=8E=A7=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/authentication/api/connection_token.py | 2 +- apps/rbac/builtin.py | 3 +-- apps/rbac/const.py | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/apps/authentication/api/connection_token.py b/apps/authentication/api/connection_token.py index b0d4238a0..ca6e2f642 100644 --- a/apps/authentication/api/connection_token.py +++ b/apps/authentication/api/connection_token.py @@ -218,7 +218,7 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView 'list': 'authentication.view_connectiontoken', 'retrieve': 'authentication.view_connectiontoken', 'create': 'authentication.add_connectiontoken', - 'expire': 'authentication.add_connectiontoken', + 'expire': 'authentication.change_connectiontoken', 'get_rdp_file': 'authentication.add_connectiontoken', 'get_client_protocol_url': 'authentication.add_connectiontoken', } diff --git a/apps/rbac/builtin.py b/apps/rbac/builtin.py index ef8de353d..4e5ffb0a6 100644 --- a/apps/rbac/builtin.py +++ b/apps/rbac/builtin.py @@ -18,11 +18,10 @@ user_perms = ( ('assets', 'asset', 'match', 'asset'), ('assets', 'systemuser', 'match', 'systemuser'), ('assets', 'node', 'match', 'node'), - ('applications', 'application', 'match', 'application'), ) system_user_perms = ( - ('authentication', 'connectiontoken', 'add,view', 'connectiontoken'), + ('authentication', 'connectiontoken', 'add,change,view', 'connectiontoken'), ('authentication', 'temptoken', 'add,change,view', 'temptoken'), ('authentication', 'accesskey', '*', '*'), ('tickets', 'ticket', 'view', 'ticket'), diff --git a/apps/rbac/const.py b/apps/rbac/const.py index bd3fd38ee..558a4a26e 100644 --- a/apps/rbac/const.py +++ b/apps/rbac/const.py @@ -22,7 +22,7 @@ exclude_permissions = ( ('common', 'setting', '*', '*'), ('authentication', 'privatetoken', '*', '*'), - ('authentication', 'connectiontoken', 'change,delete', 'connectiontoken'), + ('authentication', 'connectiontoken', 'delete', 'connectiontoken'), ('authentication', 'ssotoken', '*', '*'), ('authentication', 'superconnectiontoken', 'change,delete', 'superconnectiontoken'), ('authentication', 'temptoken', 'delete', 'temptoken'),