From 72247d1df33a78efa94ddb6157d7341b1fc8d85c Mon Sep 17 00:00:00 2001
From: "Jiangjie.Bai" <bugatti_it@163.com>
Date: Mon, 14 Mar 2022 20:31:05 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E6=89=B9=E9=87=8F?=
 =?UTF-8?q?=E5=91=BD=E4=BB=A4=E6=9D=83=E9=99=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/ops/api/command.py | 13 ++++---------
 apps/rbac/tree.py       |  3 ++-
 2 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/apps/ops/api/command.py b/apps/ops/api/command.py
index f9a82a767..2b7e5fda9 100644
--- a/apps/ops/api/command.py
+++ b/apps/ops/api/command.py
@@ -10,6 +10,7 @@ from django.conf import settings
 from assets.models import Asset, Node
 from orgs.mixins.api import RootOrgViewMixin
 from common.permissions import IsValidUser
+from rbac.permissions import RBACPermission
 from ..models import CommandExecution
 from ..serializers import CommandExecutionSerializer
 from ..tasks import run_command_execution
@@ -17,12 +18,10 @@ from ..tasks import run_command_execution
 
 class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet):
     serializer_class = CommandExecutionSerializer
-    permission_classes = (IsValidUser,)
+    permission_classes = (RBACPermission,)
 
     def get_queryset(self):
-        return CommandExecution.objects.filter(
-            user_id=str(self.request.user.id)
-        )
+        return CommandExecution.objects.filter(user_id=str(self.request.user.id))
 
     def check_hosts(self, serializer):
         data = serializer.validated_data
@@ -36,11 +35,7 @@ class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet):
         )
 
         permed_assets = set()
-        permed_assets.update(
-            Asset.objects.filter(
-                id__in=[a.id for a in assets]
-            ).filter(q).distinct()
-        )
+        permed_assets.update(Asset.objects.filter(id__in=[a.id for a in assets]).filter(q).distinct())
         node_keys = Node.objects.filter(q).distinct().values_list('key', flat=True)
 
         nodes_assets_q = Q()
diff --git a/apps/rbac/tree.py b/apps/rbac/tree.py
index dbd78beb4..eec2e627a 100644
--- a/apps/rbac/tree.py
+++ b/apps/rbac/tree.py
@@ -90,7 +90,8 @@ special_pid_mapper = {
     'perms.connect_myassets': 'my_assets',
     'perms.view_myapps': 'my_apps',
     'perms.connect_myapps': 'my_apps',
-    'ops.commandexecution': 'view_workspace',
+    'ops.add_commandexecution': 'view_workspace',
+    'ops.view_commandexecution': 'audits',
     "perms.view_mykubernetsapp": "my_apps",
     "perms.connect_mykubernetsapp": "my_apps",
     "perms.view_myremoteapp": "my_apps",