From cca49fa9cdc696c09bd67628413681fa1fe5b016 Mon Sep 17 00:00:00 2001
From: "Jiangjie.Bai" <bugatti_it@163.com>
Date: Mon, 14 Mar 2022 16:43:44 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E6=8E=88=E6=9D=83?=
 =?UTF-8?q?=E6=A0=91=E6=98=BE=E7=A4=BA?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/applications/migrations/0017_auto_20220217_2135.py | 2 +-
 apps/applications/models/account.py                     | 2 +-
 apps/rbac/const.py                                      | 2 ++
 apps/rbac/models/permission.py                          | 4 ++++
 apps/rbac/tree.py                                       | 8 +++++---
 5 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/apps/applications/migrations/0017_auto_20220217_2135.py b/apps/applications/migrations/0017_auto_20220217_2135.py
index 4807b570d..fd6bbeaa8 100644
--- a/apps/applications/migrations/0017_auto_20220217_2135.py
+++ b/apps/applications/migrations/0017_auto_20220217_2135.py
@@ -12,7 +12,7 @@ class Migration(migrations.Migration):
     operations = [
         migrations.AlterModelOptions(
             name='account',
-            options={'permissions': [('view_applicationaccountsecret', 'Can view application account secret'), ('change_appplicationaccountsecret', 'Can view application account secret')], 'verbose_name': 'Application account'},
+            options={'permissions': [('view_applicationaccountsecret', 'Can view application account secret'), ('change_appplicationaccountsecret', 'Can change application account secret')], 'verbose_name': 'Application account'},
         ),
         migrations.AlterModelOptions(
             name='applicationuser',
diff --git a/apps/applications/models/account.py b/apps/applications/models/account.py
index eac7b99ef..627dec91a 100644
--- a/apps/applications/models/account.py
+++ b/apps/applications/models/account.py
@@ -24,7 +24,7 @@ class Account(BaseUser):
         unique_together = [('username', 'app', 'systemuser')]
         permissions = [
             ('view_applicationaccountsecret', _('Can view application account secret')),
-            ('change_appplicationaccountsecret', _('Can view application account secret')),
+            ('change_appplicationaccountsecret', _('Can change application account secret')),
         ]
 
     def __init__(self, *args, **kwargs):
diff --git a/apps/rbac/const.py b/apps/rbac/const.py
index 1d4fe7d41..6679490c9 100644
--- a/apps/rbac/const.py
+++ b/apps/rbac/const.py
@@ -30,6 +30,7 @@ exclude_permissions = (
     ('users', 'userpasswordhistory', '*', '*'),
     ('applications', 'applicationuser', '*', '*'),
     ('applications', 'historicalaccount', '*', '*'),
+    ('applications', 'account', 'add,change', 'account'),
     ('assets', 'adminuser', '*', '*'),
     ('assets', 'assetgroup', '*', '*'),
     ('assets', 'cluster', '*', '*'),
@@ -38,6 +39,7 @@ exclude_permissions = (
     ('assets', 'assetuser', '*', '*'),
     ('assets', 'gathereduser', 'add,delete,change', 'gathereduser'),
     ('assets', 'accountbackupplanexecution', 'delete,change', 'accountbackupplanexecution'),
+    ('assets', 'authbook', 'add', 'authbook'),
     ('perms', 'databaseapppermission', '*', '*'),
     ('perms', 'k8sapppermission', '*', '*'),
     ('perms', 'remoteapppermission', '*', '*'),
diff --git a/apps/rbac/models/permission.py b/apps/rbac/models/permission.py
index a93c7535c..a4ea91b15 100644
--- a/apps/rbac/models/permission.py
+++ b/apps/rbac/models/permission.py
@@ -14,6 +14,10 @@ class ContentType(DjangoContentType):
     class Meta:
         proxy = True
 
+    @property
+    def app_model(self):
+        return '%s.%s' % (self.app_label, self.model)
+
 
 class Permission(DjangoPermission):
     """ 权限类 """
diff --git a/apps/rbac/tree.py b/apps/rbac/tree.py
index 68fb3fddc..1e6c69f66 100644
--- a/apps/rbac/tree.py
+++ b/apps/rbac/tree.py
@@ -263,6 +263,7 @@ class PermissionTreeUtil:
 
     @staticmethod
     def _get_permission_name(p, content_types_name_mapper):
+        p: Permission
         code_name = p.codename
         action_mapper = {
             'add': ugettext('Create'),
@@ -285,8 +286,9 @@ class PermissionTreeUtil:
             name = action_mapper['delete']
             ct = code_name.replace('delete_', '')
 
-        if ct in content_types_name_mapper:
-            name += content_types_name_mapper[ct]
+        app_model = '%s.%s' % (p.content_type.app_label, ct)
+        if app_model in content_types_name_mapper:
+            name += content_types_name_mapper[app_model]
         else:
             name = gettext(p.name)
             name = name.replace('Can ', '').replace('可以', '')
@@ -296,7 +298,7 @@ class PermissionTreeUtil:
         permissions_id = self.permissions.values_list('id', flat=True)
         nodes = []
         content_types = ContentType.objects.all()
-        content_types_name_mapper = {ct.model: ct.name for ct in content_types}
+        content_types_name_mapper = {ct.app_model: ct.name for ct in content_types}
 
         for p in self.all_permissions:
             model_id = f'{p.app}.{p.model}'