github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity

fix: user is common user

pull/8029/head
feng626 2022-04-02 15:51:23 +08:00 committed by 老广
parent a936092020
commit 2cb08b4785
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/ops/api/command.py
View File

@ -59,7 +59,7 @@ class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet):
raise ValidationError({"hosts": msg})
def check_permissions(self, request):
if not settings.SECURITY_COMMAND_EXECUTION and request.user.is_common_user:
if not settings.SECURITY_COMMAND_EXECUTION:
return self.permission_denied(request, "Command execution disabled")
return super().check_permissions(request)

8
apps/rbac/builtin.py
View File

@ -29,7 +29,6 @@ auditor_perms = user_perms + (
('ops', 'commandexecution', 'view', 'commandexecution')
)
app_exclude_perms = [
('users', 'user', 'add,delete', 'user'),
('orgs', 'org', 'add,delete,change', 'org'),
@ -59,7 +58,8 @@ class PredefineRole:
from rbac.models import Role
return Role.objects.get(id=self.id)
def _get_defaults(self):
@property
def default_perms(self):
from rbac.models import Permission
q = Permission.get_define_permissions_q(self.perms)
permissions = Permission.get_permissions(self.scope)
@ -72,6 +72,10 @@ class PredefineRole:
permissions = permissions.exclude(q)
perms = permissions.values_list('id', flat=True)
return perms
def _get_defaults(self):
perms = self.default_perms
defaults = {
'id': self.id, 'name': self.name, 'scope': self.scope,
'builtin': True, 'permissions': perms