From 542eb25e7be1b783f28e1cf1dec7d926caced417 Mon Sep 17 00:00:00 2001 From: fit2bot <68588906+fit2bot@users.noreply.github.com> Date: Wed, 3 Feb 2021 12:01:18 +0800 Subject: [PATCH] =?UTF-8?q?fix(perms):=20=E4=BF=AE=E5=A4=8D=E6=9D=83?= =?UTF-8?q?=E9=99=90=E6=A0=A1=E9=AA=8C=E6=97=B6=E7=9A=84=E7=BB=84=E7=BB=87?= =?UTF-8?q?=E5=88=87=E6=8D=A2=E9=97=AE=E9=A2=98=20(#5546)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix(perms): 修复权限校验时的组织切换问题 * fix(perms): 修复获取actions的切换组织问题 * perf: 继续添加 application 的验证组织 Co-authored-by: ibuler --- apps/perms/api/application/user_permission/common.py | 3 +++ apps/perms/api/asset/user_permission/common.py | 2 ++ 2 files changed, 5 insertions(+) diff --git a/apps/perms/api/application/user_permission/common.py b/apps/perms/api/application/user_permission/common.py index a147a45ce..428f6bdc9 100644 --- a/apps/perms/api/application/user_permission/common.py +++ b/apps/perms/api/application/user_permission/common.py @@ -2,11 +2,13 @@ # import uuid from django.shortcuts import get_object_or_404 +from django.utils.decorators import method_decorator from rest_framework.views import APIView, Response from rest_framework.generics import ( ListAPIView, get_object_or_404 ) +from orgs.utils import tmp_to_root_org from applications.models import Application from perms.utils.application.permission import ( get_application_system_users_id @@ -49,6 +51,7 @@ class MyGrantedApplicationSystemUsersApi(ForUserMixin, GrantedApplicationSystemU pass +@method_decorator(tmp_to_root_org(), name='get') class ValidateUserApplicationPermissionApi(APIView): permission_classes = (IsOrgAdminOrAppUser,) diff --git a/apps/perms/api/asset/user_permission/common.py b/apps/perms/api/asset/user_permission/common.py index 89df323cc..8746beb2a 100644 --- a/apps/perms/api/asset/user_permission/common.py +++ b/apps/perms/api/asset/user_permission/common.py @@ -30,6 +30,7 @@ __all__ = [ ] +@method_decorator(tmp_to_root_org(), name='get') class GetUserAssetPermissionActionsApi(RetrieveAPIView): permission_classes = (IsOrgAdminOrAppUser,) serializer_class = serializers.ActionsSerializer @@ -57,6 +58,7 @@ class GetUserAssetPermissionActionsApi(RetrieveAPIView): return {"actions": actions} +@method_decorator(tmp_to_root_org(), name='get') class ValidateUserAssetPermissionApi(APIView): permission_classes = (IsOrgAdminOrAppUser,)