From 2cb08b4785a1c249290b56905003727cf6461e77 Mon Sep 17 00:00:00 2001
From: feng626 <1304903146@qq.com>
Date: Sat, 2 Apr 2022 15:51:23 +0800
Subject: [PATCH] fix: user is common user

---
 apps/ops/api/command.py | 2 +-
 apps/rbac/builtin.py    | 8 ++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/apps/ops/api/command.py b/apps/ops/api/command.py
index 2b7e5fda9..0d513cd9e 100644
--- a/apps/ops/api/command.py
+++ b/apps/ops/api/command.py
@@ -59,7 +59,7 @@ class CommandExecutionViewSet(RootOrgViewMixin, viewsets.ModelViewSet):
             raise ValidationError({"hosts": msg})
 
     def check_permissions(self, request):
-        if not settings.SECURITY_COMMAND_EXECUTION and request.user.is_common_user:
+        if not settings.SECURITY_COMMAND_EXECUTION:
             return self.permission_denied(request, "Command execution disabled")
         return super().check_permissions(request)
 
diff --git a/apps/rbac/builtin.py b/apps/rbac/builtin.py
index a47139132..ce735ce8f 100644
--- a/apps/rbac/builtin.py
+++ b/apps/rbac/builtin.py
@@ -29,7 +29,6 @@ auditor_perms = user_perms + (
     ('ops', 'commandexecution', 'view', 'commandexecution')
 )
 
-
 app_exclude_perms = [
     ('users', 'user', 'add,delete', 'user'),
     ('orgs', 'org', 'add,delete,change', 'org'),
@@ -59,7 +58,8 @@ class PredefineRole:
         from rbac.models import Role
         return Role.objects.get(id=self.id)
 
-    def _get_defaults(self):
+    @property
+    def default_perms(self):
         from rbac.models import Permission
         q = Permission.get_define_permissions_q(self.perms)
         permissions = Permission.get_permissions(self.scope)
@@ -72,6 +72,10 @@ class PredefineRole:
             permissions = permissions.exclude(q)
 
         perms = permissions.values_list('id', flat=True)
+        return perms
+
+    def _get_defaults(self):
+        perms = self.default_perms
         defaults = {
             'id': self.id, 'name': self.name, 'scope': self.scope,
             'builtin': True, 'permissions': perms