fix: 修复setting perm

2022-03-14 15:45:51 +08:00 · 2022-03-14 15:45:51 +08:00 · a7cc457f54
parent 567c1b0124
commit a7cc457f54
1 changed files with 25 additions and 25 deletions
--- a/apps/settings/api/settings.py
+++ b/apps/settings/api/settings.py
@ -42,28 +42,27 @@ class SettingsApi(generics.RetrieveUpdateAPIView):
    }

    rbac_category_permissions = {
-        # 'all': 'view_setting',
-        'basic': 'view_setting',
-        'terminal': 'change_terminal',
-        'security': 'change_security',
-        'ldap': 'change_auth',
-        'email': 'change_email',
-        'email_content': 'change_email',
-        'wecom': 'change_auth',
-        'dingtalk': 'change_auth',
-        'feishu': 'change_auth',
-        'auth': 'change_auth',
-        'oidc': 'change_auth',
-        'keycloak': 'change_auth',
-        'radius': 'change_auth',
-        'cas': 'change_auth',
-        'sso': 'change_auth',
-        'saml2': 'change_auth',
-        'clean': 'change_clean',
-        'other': 'change_other',
-        'sms': 'change_sms',
-        'alibaba': 'change_sms',
-        'tencent': 'change_sms',
+        'basic': 'settings.view_setting',
+        'terminal': 'settings.change_terminal',
+        'security': 'settings.change_security',
+        'ldap': 'settings.change_auth',
+        'email': 'settings.change_email',
+        'email_content': 'settings.change_email',
+        'wecom': 'settings.change_auth',
+        'dingtalk': 'settings.change_auth',
+        'feishu': 'settings.change_auth',
+        'auth': 'settings.change_auth',
+        'oidc': 'settings.change_auth',
+        'keycloak': 'settings.change_auth',
+        'radius': 'settings.change_auth',
+        'cas': 'settings.change_auth',
+        'sso': 'settings.change_auth',
+        'saml2': 'settings.change_auth',
+        'clean': 'settings.change_clean',
+        'other': 'settings.change_other',
+        'sms': 'settings.change_sms',
+        'alibaba': 'settings.change_sms',
+        'tencent': 'settings.change_sms',
    }

    def get_queryset(self):
@ -71,10 +70,11 @@ class SettingsApi(generics.RetrieveUpdateAPIView):

    def check_permissions(self, request):
        category = request.query_params.get('category', 'basic')
-        require_perm = self.rbac_category_permissions.get(category)
-        if not request.user.has_perm(require_perm):
+        perm_required = self.rbac_category_permissions.get(category)
+        has = self.request.user.has_perm(perm_required)
+
+        if not has:
            self.permission_denied(request)
-        return super().check_permissions(request)

    def get_serializer_class(self):
        category = self.request.query_params.get('category', 'basic')