fix: 修复relation_systemuser_perm问题

pull/7753/head
feng626 2022-03-07 14:12:32 +08:00 committed by Jiangjie.Bai
parent fa2c70c6be
commit a1c1b128e9
5 changed files with 18 additions and 9 deletions

View File

@ -138,7 +138,9 @@ class AssetTaskCreateApi(AssetsTaskMixin, generics.CreateAPIView):
def check_permissions(self, request): def check_permissions(self, request):
action = request.data.get('action') action = request.data.get('action')
action_perm_require = { action_perm_require = {
'refresh': 'assets.refresh_assethardwareinfo',
'push_system_user': 'assets.push_assetsystemuser', 'push_system_user': 'assets.push_assetsystemuser',
'test': 'assets.test_assetconnectivity',
'test_system_user': 'assets.test_assetconnectivity' 'test_system_user': 'assets.test_assetconnectivity'
} }
perm_required = action_perm_require.get(action) perm_required = action_perm_require.get(action)

View File

@ -64,7 +64,7 @@ class RelationMixin:
class BaseRelationViewSet(RelationMixin, OrgBulkModelViewSet): class BaseRelationViewSet(RelationMixin, OrgBulkModelViewSet):
pass perm_model = models.SystemUser
class SystemUserAssetRelationViewSet(BaseRelationViewSet): class SystemUserAssetRelationViewSet(BaseRelationViewSet):
@ -136,4 +136,3 @@ class SystemUserUserRelationViewSet(BaseRelationViewSet):
) )
) )
return queryset return queryset

View File

@ -12,7 +12,7 @@ class Migration(migrations.Migration):
operations = [ operations = [
migrations.AlterModelOptions( migrations.AlterModelOptions(
name='asset', name='asset',
options={'ordering': ['hostname'], 'permissions': [('test_assetconnectivity', 'Can test asset connectivity'), ('push_assetsystemuser', 'Can push system user to asset'), ('match_asset', 'Can match asset')], 'verbose_name': 'Asset'}, options={'ordering': ['hostname'], 'permissions': [('refresh_assethardwareinfo', 'Can refresh asset hardware info'), ('test_assetconnectivity', 'Can test asset connectivity'), ('push_assetsystemuser', 'Can push system user to asset'), ('match_asset', 'Can match asset')], 'verbose_name': 'Asset'},
), ),
migrations.AlterModelOptions( migrations.AlterModelOptions(
name='node', name='node',

View File

@ -355,6 +355,7 @@ class Asset(AbsConnectivity, AbsHardwareInfo, ProtocolsMixin, NodesRelationMixin
verbose_name = _("Asset") verbose_name = _("Asset")
ordering = ["hostname", ] ordering = ["hostname", ]
permissions = [ permissions = [
('refresh_assethardwareinfo', _('Can refresh asset hardware info')),
('test_assetconnectivity', _('Can test asset connectivity')), ('test_assetconnectivity', _('Can test asset connectivity')),
('push_assetsystemuser', _('Can push system user to asset')), ('push_assetsystemuser', _('Can push system user to asset')),
('match_asset', _('Can match asset')), ('match_asset', _('Can match asset')),

View File

@ -26,6 +26,7 @@ class RBACPermission(permissions.DjangoModelPermissions):
('PATCH', '%(app_label)s.change_%(model_name)s'), ('PATCH', '%(app_label)s.change_%(model_name)s'),
('DELETE', '%(app_label)s.delete_%(model_name)s'), ('DELETE', '%(app_label)s.delete_%(model_name)s'),
) )
# rbac_perms = ((), ()) # rbac_perms = ((), ())
# def get_rbac_perms(): # def get_rbac_perms():
# return {} # return {}
@ -77,6 +78,17 @@ class RBACPermission(permissions.DjangoModelPermissions):
perms = action_perms_map[action] perms = action_perms_map[action]
return perms return perms
def get_model_cls(self, view):
if hasattr(view, 'perm_model'):
return getattr(view, 'perm_model')
try:
queryset = self._queryset(view)
model_cls = queryset.model
except AssertionError:
model_cls = None
return model_cls
def get_require_perms(self, request, view): def get_require_perms(self, request, view):
""" """
获取 request, view 需要的 perms 获取 request, view 需要的 perms
@ -84,12 +96,8 @@ class RBACPermission(permissions.DjangoModelPermissions):
:param view: :param view:
:return: :return:
""" """
try:
queryset = self._queryset(view)
model_cls = queryset.model
except AssertionError:
model_cls = None
model_cls = self.get_model_cls(view)
action = getattr(view, 'action', None) action = getattr(view, 'action', None)
if not action: if not action:
action = request.method action = request.method
@ -116,4 +124,3 @@ class RBACPermission(permissions.DjangoModelPermissions):
has = request.user.has_perms(perms) has = request.user.has_perms(perms)
logger.debug('View require perms: {}, result: {}'.format(perms, has)) logger.debug('View require perms: {}, result: {}'.format(perms, has))
return has return has