perf: update get permed account

2025-03-21 19:21:33 +08:00 · 2025-03-21 19:21:33 +08:00 · 23f6a8e1f4
parent 2a9cb3a09a
commit 23f6a8e1f4
2 changed files with 12 additions and 17 deletions
--- a/apps/authentication/api/connection_token.py
+++ b/apps/authentication/api/connection_token.py
@ -443,8 +443,7 @@ class ConnectionTokenViewSet(AuthFaceMixin, ExtraActionApiMixin, RootOrgViewMixi

    @staticmethod
    def get_permed_account(user, asset, account_name, protocol):
-        from perms.utils.asset_perm import PermAssetDetailUtil
-        return PermAssetDetailUtil(user, asset).validate_permission(account_name, protocol)
+        return ConnectionToken.get_user_permed_account(user, asset, account_name, protocol)

    def _validate_perm(self, user, asset, account_name, protocol):
        account = self.get_permed_account(user, asset, account_name, protocol)
@ -683,13 +682,4 @@ class AdminConnectionTokenViewSet(ConnectionTokenViewSet):
        return AdminConnectionToken.objects.all().filter(user=self.request.user)

    def get_permed_account(self, user, asset, account_name, protocol):
-        """
-        管理员 token 可以访问所有资产的账号
-        """
-        with tmp_to_org(asset.org):
-            account = asset.accounts.all().active().filter(name=account_name).first()
-            if not account:
-                return None
-            account.actions = ActionChoices.all()
-            account.date_expired = timezone.now() + timezone.timedelta(days=365)
-            return account
+        return AdminConnectionToken.get_user_permed_account(user, asset, account_name, protocol)
--- a/apps/authentication/models/connection_token.py
+++ b/apps/authentication/models/connection_token.py
@ -124,12 +124,16 @@ class ConnectionToken(JMSOrgBaseModel):
        self.date_expired = date_expired_default()
        self.save()

-    def get_permed_account(self):
+    @classmethod
+    def get_user_permed_account(cls, user, asset, account_name, protocol):
        from perms.utils import PermAssetDetailUtil
-        permed_account = PermAssetDetailUtil(self.user, self.asset) \
-            .validate_permission(self.account, self.protocol)
+        permed_account = PermAssetDetailUtil(user, asset) \
+            .validate_permission(account_name, protocol)
        return permed_account

+    def get_permed_account(self):
+        return self.get_user_permed_account(self.user, self.asset, self.account, self.protocol)
+
    @lazyproperty
    def permed_account(self):
        return self.get_permed_account()
@ -335,8 +339,9 @@ class AdminConnectionToken(ConnectionToken):
    def is_valid(self):
        return super().is_valid()

-    def get_permed_account(self):
-        account = self.asset.accounts.filter(name=self.account).first()
+    @classmethod
+    def get_user_permed_account(cls, user, asset, account_name, protocol):
+        account = asset.accounts.filter(name=cls.account).first()
        if not account:
            return None
        account.actions = ActionChoices.all()