github
/
jumpserver
mirror of https://github.com/jumpserver/jumpserver
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

fix: 修复过滤用户组织角色不生效的问题

pull/12938/head
Bai 8 months ago committed by Bryan
parent
3b8aab8c25
commit
d78d55091c
1 changed files with 14 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      apps/users/filters.py

29
apps/users/filters.py
Unescape View File

@ -3,8 +3,9 @@ from django_filters import rest_framework as filters
from common.drf.filters import BaseFilterSet
from common.utils import is_uuid
from rbac.models import Role
from rbac.models import Role, OrgRoleBinding, SystemRoleBinding
from users.models.user import User
from orgs.utils import current_org
class UserFilter(BaseFilterSet):
@ -25,7 +26,7 @@ class UserFilter(BaseFilterSet):
)
@staticmethod
def get_role(value):
def _get_role(value):
from rbac.builtin import BuiltinRole
roles = BuiltinRole.get_roles()
for role in roles.values():
@ -37,22 +38,20 @@ class UserFilter(BaseFilterSet):
else:
return Role.objects.filter(name=value).first()
def filter_system_roles(self, queryset, name, value):
role = self.get_role(value)
def _filter_roles(self, queryset, value, scope):
role = self._get_role(value)
if not role:
return queryset.none()
queryset = queryset.prefetch_related('role_bindings') \
.filter(role_bindings__role_id=role.id) \
.filter(role_bindings__role__scope='system') \
.distinct()
rb_model = SystemRoleBinding if scope == Role.Scope.system.value else OrgRoleBinding
user_ids = rb_model.objects.filter(role_id=role.id).values_list('user_id', flat=True)
queryset = queryset.filter(id__in=user_ids).distinct()
return queryset
def filter_system_roles(self, queryset, name, value):
queryset = self._filter_roles(queryset=queryset, value=value, scope=Role.Scope.system.value)
return queryset
def filter_org_roles(self, queryset, name, value):
role = self.get_role(value)
if not role:
return queryset.none()
queryset = queryset.prefetch_related('role_bindings') \
.filter(role_bindings__role_id=role.id) \
.filter(role_bindings__role__scope='org') \
.distinct()
queryset = self._filter_roles(queryset=queryset, value=value, scope=Role.Scope.org.value)
return queryset

Write Preview
Loading…
Cancel
Save