fix(perms): 修复权限校验时的组织切换问题 (#5546)

* fix(perms): 修复权限校验时的组织切换问题 * fix(perms): 修复获取actions的切换组织问题 * perf: 继续添加 application 的验证组织 Co-authored-by: ibuler <ibuler@qq.com>
4 years ago · 542eb25e7b
2 changed files with 5 additions and 0 deletions
--- a/apps/perms/api/application/user_permission/common.py
+++ b/apps/perms/api/application/user_permission/common.py
@ -2,11 +2,13 @@
 #
 import uuid
 from django.shortcuts import get_object_or_404
+from django.utils.decorators import method_decorator
 from rest_framework.views import APIView, Response
 from rest_framework.generics import (
    ListAPIView, get_object_or_404
 )

+from orgs.utils import tmp_to_root_org
 from applications.models import Application
 from perms.utils.application.permission import (
    get_application_system_users_id
@ -49,6 +51,7 @@ class MyGrantedApplicationSystemUsersApi(ForUserMixin, GrantedApplicationSystemU
    pass


+@method_decorator(tmp_to_root_org(), name='get')
 class ValidateUserApplicationPermissionApi(APIView):
    permission_classes = (IsOrgAdminOrAppUser,)

--- a/apps/perms/api/asset/user_permission/common.py
+++ b/apps/perms/api/asset/user_permission/common.py
@ -30,6 +30,7 @@ __all__ = [
 ]


+@method_decorator(tmp_to_root_org(), name='get')
 class GetUserAssetPermissionActionsApi(RetrieveAPIView):
    permission_classes = (IsOrgAdminOrAppUser,)
    serializer_class = serializers.ActionsSerializer
@ -57,6 +58,7 @@ class GetUserAssetPermissionActionsApi(RetrieveAPIView):
        return {"actions": actions}


+@method_decorator(tmp_to_root_org(), name='get')
 class ValidateUserAssetPermissionApi(APIView):
    permission_classes = (IsOrgAdminOrAppUser,)