perf: 优化会话 api

2023-10-07 14:47:17 +08:00 · 2023-10-07 14:47:17 +08:00 · f206d963a0
parent 42b4e7697d
commit f206d963a0
4 changed files with 14 additions and 10 deletions
--- a/apps/locale/zh/LC_MESSAGES/django.mo
+++ b/apps/locale/zh/LC_MESSAGES/django.mo
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:096cdc44514bd9f43b5e0062d878625c220ed7826a57a27968db3cb97e7eb011
-size 132403
+oid sha256:e8df7ef115d111ee9a176fac269a41a87d6b9a76a521e0206fe29591ab16da69
+size 132482
--- a/apps/terminal/api/session/session.py
+++ b/apps/terminal/api/session/session.py
@ -92,7 +92,12 @@ class SessionViewSet(RecordViewLogMixin, OrgBulkModelViewSet):
    rbac_perms = {
        'download': ['terminal.download_sessionreplay'],
    }
-    permission_classes = [RBACPermission | IsSessionAssignee]
+    permission_classes = [RBACPermission]
+
+    def get_permissions(self):
+        if self.action == 'retrieve':
+            self.permission_classes = [RBACPermission | IsSessionAssignee]
+        return super().get_permissions()

    @staticmethod
    def prepare_offline_file(session, local_path):
--- a/apps/terminal/api/session/task.py
+++ b/apps/terminal/api/session/task.py
@ -50,14 +50,13 @@ class TaskViewSet(JMSBulkModelViewSet):
        serializer.is_valid(raise_exception=True)
        session_id = serializer.validated_data['session_id']
        task_name = serializer.validated_data['task_name']
-        session_ids = [session_id, ]
        user_id = request.user.id
-        for session_id in session_ids:
-            if not is_session_approver(session_id, user_id):
-                return Response({}, status=status.HTTP_403_FORBIDDEN)
-        with tmp_to_root_org():
-            validated_session = create_sessions_tasks(session_ids, request.user, task_name=task_name)

+        if not is_session_approver(session_id, user_id):
+            return Response({}, status=status.HTTP_403_FORBIDDEN)
+
+        with tmp_to_root_org():
+            validated_session = create_sessions_tasks([session_id], request.user, task_name=task_name)
        return Response({"ok": validated_session})


--- a/apps/terminal/permissions.py
+++ b/apps/terminal/permissions.py
@ -9,7 +9,7 @@ __all__ = ['IsSessionAssignee']

 class IsSessionAssignee(permissions.IsAuthenticated):
    def has_permission(self, request, view):
-        return False
+        return True

    def has_object_permission(self, request, view, obj):
        try: