fix: 修复可以删除已关联用户角色的问题

pull/7754/head
Jiangjie.Bai 2022-03-07 15:03:57 +08:00 committed by Jiangjie.Bai
parent a1c1b128e9
commit 615929dd43
3 changed files with 10 additions and 7 deletions

View File

@ -30,6 +30,9 @@ class RoleViewSet(JMSModelViewSet):
if instance.builtin: if instance.builtin:
error = _("Internal role, can't be destroy") error = _("Internal role, can't be destroy")
raise PermissionDenied(error) raise PermissionDenied(error)
if instance.users.count() >= 1:
error = _("The role has been bound to users, can't be destroy")
raise PermissionDenied(error)
return super().perform_destroy(instance) return super().perform_destroy(instance)
def perform_update(self, serializer): def perform_update(self, serializer):

View File

@ -44,11 +44,8 @@ class SystemRoleBindingViewSet(RoleBindingViewSet):
role_qs = self.model.objects.filter(user=user) role_qs = self.model.objects.filter(user=user)
if role_qs.count() == 1: if role_qs.count() == 1:
msg = _('{} at least one system role').format(user) msg = _('{} at least one system role').format(user)
raise JMSException( raise JMSException(code='system_role_delete_error', detail=msg)
code='system_role_delete_error', return super().perform_destroy(instance)
detail=msg
)
super().perform_destroy(instance)
class OrgRoleBindingViewSet(RoleBindingViewSet): class OrgRoleBindingViewSet(RoleBindingViewSet):

View File

@ -9,11 +9,14 @@ app_name = 'rbac'
router = BulkRouter() router = BulkRouter()
router.register(r'roles', api.RoleViewSet, 'role') router.register(r'roles', api.RoleViewSet, 'role')
router.register(r'system-roles', api.SystemRoleViewSet, 'system-role')
router.register(r'org-roles', api.OrgRoleViewSet, 'org-role')
router.register(r'role-bindings', api.RoleBindingViewSet, 'role-binding') router.register(r'role-bindings', api.RoleBindingViewSet, 'role-binding')
router.register(r'system-roles', api.SystemRoleViewSet, 'system-role')
router.register(r'system-role-bindings', api.SystemRoleBindingViewSet, 'system-role-binding') router.register(r'system-role-bindings', api.SystemRoleBindingViewSet, 'system-role-binding')
router.register(r'org-roles', api.OrgRoleViewSet, 'org-role')
router.register(r'org-role-bindings', api.OrgRoleBindingViewSet, 'org-role-binding') router.register(r'org-role-bindings', api.OrgRoleBindingViewSet, 'org-role-binding')
router.register(r'permissions', api.PermissionViewSet, 'permission') router.register(r'permissions', api.PermissionViewSet, 'permission')
system_role_router = routers.NestedDefaultRouter(router, r'system-roles', lookup='system_role') system_role_router = routers.NestedDefaultRouter(router, r'system-roles', lookup='system_role')