diff --git a/spug_api/apps/account/models.py b/spug_api/apps/account/models.py index d7e3b59..0fb5b72 100644 --- a/spug_api/apps/account/models.py +++ b/spug_api/apps/account/models.py @@ -49,6 +49,22 @@ class Role(models.Model, ModelMixin): created_at = models.CharField(max_length=20, default=human_datetime) created_by = models.ForeignKey(User, on_delete=models.PROTECT, related_name='+') + @property + def permissions(self): + if self.page_perms: + data = [] + perms = json.loads(self.page_perms) + for m, v in perms.items(): + for p, d in v.items(): + data.extend(f'{m}.{p}.{x}' for x in d) + return data + else: + return [] + + @property + def deploy(self): + return json.loads(self.deploy_perms) if self.deploy_perms else {'apps': [], 'envs': []} + def to_dict(self, *args, **kwargs): tmp = super().to_dict(*args, **kwargs) tmp['page_perms'] = json.loads(self.page_perms) if self.page_perms else None diff --git a/spug_api/apps/account/views.py b/spug_api/apps/account/views.py index ac6ccee..5f7b015 100644 --- a/spug_api/apps/account/views.py +++ b/spug_api/apps/account/views.py @@ -90,6 +90,7 @@ class RoleView(View): role.page_perms = json.dumps(form.page_perms) if form.deploy_perms is not None: role.deploy_perms = json.dumps(form.deploy_perms) + role.user_set.update(token_expired=0) role.save() return json_response(error=error) @@ -126,7 +127,9 @@ def login(request): return json_response({ 'access_token': user.access_token, 'nickname': user.nickname, - 'has_real_ip': True if x_real_ip else False + 'is_supper': user.is_supper, + 'has_real_ip': True if x_real_ip else False, + 'permissions': [] if user.is_supper else user.role.permissions }) value = cache.get_or_set(form.username, 0, 86400)