mirror of https://github.com/jumpserver/jumpserver
fix: 修复setting perm
feng626
Jiangjie.Bai
parent
567c1b0124
commit
a7cc457f54
|
|
@ -42,28 +42,27 @@ class SettingsApi(generics.RetrieveUpdateAPIView):
|
||||||
}
|
}
|
||||||
|
|
||||||
rbac_category_permissions = {
|
rbac_category_permissions = {
|
||||||
# 'all': 'view_setting',
|
'basic': 'settings.view_setting',
|
||||||
'basic': 'view_setting',
|
'terminal': 'settings.change_terminal',
|
||||||
'terminal': 'change_terminal',
|
'security': 'settings.change_security',
|
||||||
'security': 'change_security',
|
'ldap': 'settings.change_auth',
|
||||||
'ldap': 'change_auth',
|
'email': 'settings.change_email',
|
||||||
'email': 'change_email',
|
'email_content': 'settings.change_email',
|
||||||
'email_content': 'change_email',
|
'wecom': 'settings.change_auth',
|
||||||
'wecom': 'change_auth',
|
'dingtalk': 'settings.change_auth',
|
||||||
'dingtalk': 'change_auth',
|
'feishu': 'settings.change_auth',
|
||||||
'feishu': 'change_auth',
|
'auth': 'settings.change_auth',
|
||||||
'auth': 'change_auth',
|
'oidc': 'settings.change_auth',
|
||||||
'oidc': 'change_auth',
|
'keycloak': 'settings.change_auth',
|
||||||
'keycloak': 'change_auth',
|
'radius': 'settings.change_auth',
|
||||||
'radius': 'change_auth',
|
'cas': 'settings.change_auth',
|
||||||
'cas': 'change_auth',
|
'sso': 'settings.change_auth',
|
||||||
'sso': 'change_auth',
|
'saml2': 'settings.change_auth',
|
||||||
'saml2': 'change_auth',
|
'clean': 'settings.change_clean',
|
||||||
'clean': 'change_clean',
|
'other': 'settings.change_other',
|
||||||
'other': 'change_other',
|
'sms': 'settings.change_sms',
|
||||||
'sms': 'change_sms',
|
'alibaba': 'settings.change_sms',
|
||||||
'alibaba': 'change_sms',
|
'tencent': 'settings.change_sms',
|
||||||
'tencent': 'change_sms',
|
|
||||||
}
|
}
|
||||||
|
|
||||||
def get_queryset(self):
|
def get_queryset(self):
|
||||||
|
|
@ -71,10 +70,11 @@ class SettingsApi(generics.RetrieveUpdateAPIView):
|
||||||
|
|
||||||
def check_permissions(self, request):
|
def check_permissions(self, request):
|
||||||
category = request.query_params.get('category', 'basic')
|
category = request.query_params.get('category', 'basic')
|
||||||
require_perm = self.rbac_category_permissions.get(category)
|
perm_required = self.rbac_category_permissions.get(category)
|
||||||
if not request.user.has_perm(require_perm):
|
has = self.request.user.has_perm(perm_required)
|
||||||
|
|
||||||
|
if not has:
|
||||||
self.permission_denied(request)
|
self.permission_denied(request)
|
||||||
return super().check_permissions(request)
|
|
||||||
|
|
||||||
def get_serializer_class(self):
|
def get_serializer_class(self):
|
||||||
category = self.request.query_params.get('category', 'basic')
|
category = self.request.query_params.get('category', 'basic')
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue