From d14010d4fa5f9714fe8cb55ef66b8441d6d25c3a Mon Sep 17 00:00:00 2001 From: Aaron3S Date: Wed, 22 Feb 2023 20:04:00 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E6=B7=BB=E5=8A=A0=20api=20permission=5F?= =?UTF-8?q?classes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/ops/api/adhoc.py | 3 ++- apps/ops/api/job.py | 5 +++-- apps/ops/api/playbook.py | 12 +++++++++--- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/apps/ops/api/adhoc.py b/apps/ops/api/adhoc.py index d7759d88e..9be055101 100644 --- a/apps/ops/api/adhoc.py +++ b/apps/ops/api/adhoc.py @@ -1,5 +1,6 @@ # -*- coding: utf-8 -*- from orgs.mixins.api import OrgBulkModelViewSet +from rbac.permissions import RBACPermission from ..models import AdHoc from ..serializers import ( AdHocSerializer @@ -12,7 +13,7 @@ __all__ = [ class AdHocViewSet(OrgBulkModelViewSet): serializer_class = AdHocSerializer - permission_classes = () + permission_classes = (RBACPermission,) search_fields = ('name', 'comment') model = AdHoc diff --git a/apps/ops/api/job.py b/apps/ops/api/job.py index 67447def8..280ab5b98 100644 --- a/apps/ops/api/job.py +++ b/apps/ops/api/job.py @@ -17,6 +17,7 @@ from ops.variables import JMS_JOB_VARIABLE_HELP from orgs.mixins.api import OrgBulkModelViewSet from orgs.utils import tmp_to_org, get_current_org from accounts.models import Account +from rbac.permissions import RBACPermission def set_task_to_serializer_data(serializer, task): @@ -27,7 +28,7 @@ def set_task_to_serializer_data(serializer, task): class JobViewSet(OrgBulkModelViewSet): serializer_class = JobSerializer - permission_classes = () + permission_classes = (RBACPermission,) search_fields = ('name', 'comment') model = Job @@ -69,7 +70,7 @@ class JobViewSet(OrgBulkModelViewSet): class JobExecutionViewSet(OrgBulkModelViewSet): serializer_class = JobExecutionSerializer http_method_names = ('get', 'post', 'head', 'options',) - permission_classes = () + permission_classes = (RBACPermission,) model = JobExecution search_fields = ('material',) diff --git a/apps/ops/api/playbook.py b/apps/ops/api/playbook.py index b3c1fe564..dce2e18d9 100644 --- a/apps/ops/api/playbook.py +++ b/apps/ops/api/playbook.py @@ -8,6 +8,7 @@ from rest_framework import status from common.exceptions import JMSException from orgs.mixins.api import OrgBulkModelViewSet +from rbac.permissions import RBACPermission from ..exception import PlaybookNoValidEntry from ..models import Playbook from ..serializers.playbook import PlaybookSerializer @@ -26,7 +27,7 @@ def unzip_playbook(src, dist): class PlaybookViewSet(OrgBulkModelViewSet): serializer_class = PlaybookSerializer - permission_classes = () + permission_classes = (RBACPermission,) model = Playbook search_fields = ('name', 'comment') @@ -58,8 +59,13 @@ class PlaybookViewSet(OrgBulkModelViewSet): class PlaybookFileBrowserAPIView(APIView): rbac_perms = () - permission_classes = () - + permission_classes = (RBACPermission,) + rbac_perms = { + 'GET': 'ops.change_playbooks', + 'POST': 'ops.change_playbooks', + 'DELETE': 'ops.change_playbooks', + 'PATCH': 'ops.change_playbooks', + } protected_files = ['root', 'main.yml'] def get(self, request, **kwargs):