From e6cd1260455456d0ca247eca8fd7db0229e6ff3c Mon Sep 17 00:00:00 2001 From: ibuler Date: Thu, 4 Jun 2020 14:55:33 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E4=BF=AE=E6=94=B9api=E7=9A=84=E6=9D=83?= =?UTF-8?q?=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/jumpserver/api.py | 4 ++-- apps/terminal/api/session.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/apps/jumpserver/api.py b/apps/jumpserver/api.py index 716e625b0..9558a92df 100644 --- a/apps/jumpserver/api.py +++ b/apps/jumpserver/api.py @@ -10,7 +10,7 @@ from users.models import User from assets.models import Asset from terminal.models import Session from orgs.utils import current_org -from common.permissions import IsOrgAdmin +from common.permissions import IsOrgAdmin, IsOrgAuditor from common.utils import lazyproperty __all__ = ['IndexApi'] @@ -224,7 +224,7 @@ class TotalCountMixin: class IndexApi(TotalCountMixin, DatesLoginMetricMixin, APIView): - permission_classes = (IsOrgAdmin,) + permission_classes = (IsOrgAdmin | IsOrgAuditor,) http_method_names = ['get'] def get(self, request, *args, **kwargs): diff --git a/apps/terminal/api/session.py b/apps/terminal/api/session.py index 8cbf4daa8..a8ed747c2 100644 --- a/apps/terminal/api/session.py +++ b/apps/terminal/api/session.py @@ -59,7 +59,7 @@ class SessionViewSet(OrgBulkModelViewSet): return super().perform_create(serializer) def get_permissions(self): - if self.request.method.lower() in ['get']: + if self.request.method.lower() in ['get', 'options']: self.permission_classes = (IsOrgAdminOrAppUser | IsOrgAuditor, ) return super().get_permissions()