[Bugfix] 修复组织管理员无法查看用户授权的bug

pull/1819/head
ibuler 2018-09-13 11:17:55 +08:00
parent ab848afdb9
commit b54afbe7bb
1 changed files with 39 additions and 5 deletions

View File

@ -6,13 +6,14 @@ from rest_framework.views import APIView, Response
from rest_framework.generics import ListAPIView, get_object_or_404, RetrieveUpdateAPIView from rest_framework.generics import ListAPIView, get_object_or_404, RetrieveUpdateAPIView
from rest_framework import viewsets from rest_framework import viewsets
from common.utils import set_or_append_attr_bulk, get_object_or_none from common.utils import set_or_append_attr_bulk
from common.permissions import IsValidUser, IsOrgAdmin, IsOrgAdminOrAppUser from common.permissions import IsValidUser, IsOrgAdmin, IsOrgAdminOrAppUser
from orgs.mixins import RootOrgViewMixin from orgs.mixins import RootOrgViewMixin
from .utils import AssetPermissionUtil from .utils import AssetPermissionUtil
from .models import AssetPermission from .models import AssetPermission
from .hands import AssetGrantedSerializer, User, UserGroup, Asset, Node, \ from .hands import AssetGrantedSerializer, User, UserGroup, Asset, Node, \
NodeGrantedSerializer, SystemUser, NodeSerializer NodeGrantedSerializer, SystemUser, NodeSerializer
from orgs.utils import set_to_root_org
from . import serializers from . import serializers
@ -55,13 +56,19 @@ class AssetPermissionViewSet(viewsets.ModelViewSet):
return permissions return permissions
class UserGrantedAssetsApi(RootOrgViewMixin, ListAPIView): class UserGrantedAssetsApi(ListAPIView):
""" """
用户授权的所有资产 用户授权的所有资产
""" """
permission_classes = (IsOrgAdminOrAppUser,) permission_classes = (IsOrgAdminOrAppUser,)
serializer_class = AssetGrantedSerializer serializer_class = AssetGrantedSerializer
def dispatch(self, request, *args, **kwargs):
if request.user.is_superuser or request.user.is_app or \
self.kwargs.get('pk') is None:
set_to_root_org()
return super().dispatch(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):
user_id = self.kwargs.get('pk', '') user_id = self.kwargs.get('pk', '')
queryset = [] queryset = []
@ -84,10 +91,19 @@ class UserGrantedAssetsApi(RootOrgViewMixin, ListAPIView):
return super().get_permissions() return super().get_permissions()
class UserGrantedNodesApi(RootOrgViewMixin, ListAPIView): class UserGrantedNodesApi(ListAPIView):
"""
查询用户授权的所有节点的API, 如果是超级用户或者是 app切换到root org
"""
permission_classes = (IsOrgAdmin,) permission_classes = (IsOrgAdmin,)
serializer_class = NodeSerializer serializer_class = NodeSerializer
def dispatch(self, request, *args, **kwargs):
if request.user.is_superuser or request.user.is_app or \
self.kwargs.get('pk') is None:
set_to_root_org()
return super().dispatch(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):
user_id = self.kwargs.get('pk', '') user_id = self.kwargs.get('pk', '')
if user_id: if user_id:
@ -104,10 +120,19 @@ class UserGrantedNodesApi(RootOrgViewMixin, ListAPIView):
return super().get_permissions() return super().get_permissions()
class UserGrantedNodesWithAssetsApi(RootOrgViewMixin, ListAPIView): class UserGrantedNodesWithAssetsApi(ListAPIView):
"""
用户授权的节点并带着节点下资产的api
"""
permission_classes = (IsOrgAdminOrAppUser,) permission_classes = (IsOrgAdminOrAppUser,)
serializer_class = NodeGrantedSerializer serializer_class = NodeGrantedSerializer
def dispatch(self, request, *args, **kwargs):
if request.user.is_superuser or request.user.is_app or \
self.kwargs.get('pk') is None:
set_to_root_org()
return super().dispatch(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):
user_id = self.kwargs.get('pk', '') user_id = self.kwargs.get('pk', '')
queryset = [] queryset = []
@ -133,10 +158,19 @@ class UserGrantedNodesWithAssetsApi(RootOrgViewMixin, ListAPIView):
return super().get_permissions() return super().get_permissions()
class UserGrantedNodeAssetsApi(RootOrgViewMixin, ListAPIView): class UserGrantedNodeAssetsApi(ListAPIView):
"""
查询用户授权的节点下的资产的api, 与上面api不同的是只返回某个节点下的资产
"""
permission_classes = (IsOrgAdminOrAppUser,) permission_classes = (IsOrgAdminOrAppUser,)
serializer_class = AssetGrantedSerializer serializer_class = AssetGrantedSerializer
def dispatch(self, request, *args, **kwargs):
if request.user.is_superuser or request.user.is_app or \
self.kwargs.get('pk') is None:
set_to_root_org()
return super().dispatch(request, *args, **kwargs)
def get_queryset(self): def get_queryset(self):
user_id = self.kwargs.get('pk', '') user_id = self.kwargs.get('pk', '')
node_id = self.kwargs.get('node_id') node_id = self.kwargs.get('node_id')