perf: 工作台支持 root

2022-07-07 16:21:39 +08:00 · 2022-07-07 16:21:39 +08:00 · f0fbc73f73
parent ce2f6fdc84
commit f0fbc73f73
3 changed files with 3 additions and 4 deletions
--- a/apps/rbac/builtin.py
+++ b/apps/rbac/builtin.py
@ -6,7 +6,6 @@ _view_root_perms = (
    ('orgs', 'organization', 'view', 'rootorg'),
 )

-# 工作台也区分组织后再考虑
 user_perms = (
    ('rbac', 'menupermission', 'view', 'workbench'),
    ('rbac', 'menupermission', 'view', 'webterminal'),
@ -25,7 +24,7 @@ system_user_perms = (
    ('authentication', 'temptoken', 'add,change,view', 'temptoken'),
    ('authentication', 'accesskey', '*', '*'),
    ('tickets', 'ticket', 'view', 'ticket'),
-) + user_perms
+) + user_perms + _view_root_perms

 _auditor_perms = (
    ('rbac', 'menupermission', 'view', 'audit'),
--- a/apps/rbac/models/rolebinding.py
+++ b/apps/rbac/models/rolebinding.py
@ -127,7 +127,7 @@ class RoleBinding(JMSModel):
            orgs = all_orgs.filter(id__in=org_ids)

        # 全局组织
-        if orgs and perm != 'rbac.view_workbench' and user.has_perm('orgs.view_rootorg'):
+        if orgs and user.has_perm('orgs.view_rootorg'):
            orgs = [Organization.root(), *list(orgs)]
        return orgs

--- a/apps/users/api/user.py
+++ b/apps/users/api/user.py
@ -33,7 +33,7 @@ __all__ = [

 class UserViewSet(CommonApiMixin, UserQuerysetMixin, SuggestionMixin, BulkModelViewSet):
    filterset_class = UserFilter
-    search_fields = ('username', 'email', 'name', 'id', 'source', 'role', 'is_active')
+    search_fields = ('username', 'email', 'name')
    serializer_classes = {
        'default': UserSerializer,
        'suggestion': MiniUserSerializer,