From e838d974c36800e9290241582947bae46db4d495 Mon Sep 17 00:00:00 2001 From: Michael Bai Date: Wed, 24 Nov 2021 18:13:19 +0800 Subject: [PATCH 1/2] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=E6=A0=B9=E6=8D=AE?= =?UTF-8?q?=E8=8A=82=E7=82=B9/=E8=B5=84=E4=BA=A7=E6=9F=A5=E8=AF=A2?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E6=97=B6=E6=8A=A5=E9=94=99=E7=9A=84=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/filters.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/perms/filters.py b/apps/perms/filters.py index f56927436..c3a5a4b16 100644 --- a/apps/perms/filters.py +++ b/apps/perms/filters.py @@ -143,7 +143,7 @@ class AssetPermissionFilter(PermissionBaseFilter): if not _nodes: return queryset.none() - node = _nodes.get() + node = _nodes.first() if not is_query_all: queryset = queryset.filter(nodes=node) @@ -170,7 +170,7 @@ class AssetPermissionFilter(PermissionBaseFilter): return queryset if not assets: return queryset.none() - asset = assets.get() + asset = assets.first() if not is_query_all: queryset = queryset.filter(assets=asset) From 5ace5a752e0ea63f563822f1733d3d8a28152359 Mon Sep 17 00:00:00 2001 From: ibuler Date: Wed, 24 Nov 2021 17:25:10 +0800 Subject: [PATCH 2/2] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8D=20cas/oidc=20?= =?UTF-8?q?=E7=99=BB=E5=BD=95=20MFA=20=E4=BA=A7=E7=94=9F=E7=9A=84bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit perf: 优化更严谨 --- apps/authentication/middleware.py | 7 +++++-- apps/authentication/mixins.py | 2 -- apps/authentication/signals_handlers.py | 1 - 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/authentication/middleware.py b/apps/authentication/middleware.py index 9a5e4e793..ff050f815 100644 --- a/apps/authentication/middleware.py +++ b/apps/authentication/middleware.py @@ -7,8 +7,11 @@ class MFAMiddleware: def __call__(self, request): response = self.get_response(request) - if request.path.find('/auth/login/otp/') > -1: - return response + + white_urls = ['login/mfa', 'mfa/select', 'jsi18n/', '/static/'] + for url in white_urls: + if request.path.find(url) > -1: + return response if request.session.get('auth_mfa_required'): return redirect('authentication:login-mfa') return response diff --git a/apps/authentication/mixins.py b/apps/authentication/mixins.py index 7491b3b9e..88437dd16 100644 --- a/apps/authentication/mixins.py +++ b/apps/authentication/mixins.py @@ -417,12 +417,10 @@ class AuthACLMixin: self.request.session["auth_confirm"] = "1" return elif ticket.state_reject: - self.clean_mfa_mark() raise errors.LoginConfirmOtherError( ticket.id, ticket.get_state_display() ) elif ticket.state_close: - self.clean_mfa_mark() raise errors.LoginConfirmOtherError( ticket.id, ticket.get_state_display() ) diff --git a/apps/authentication/signals_handlers.py b/apps/authentication/signals_handlers.py index d895c8498..942739531 100644 --- a/apps/authentication/signals_handlers.py +++ b/apps/authentication/signals_handlers.py @@ -7,7 +7,6 @@ from django.dispatch import receiver from django_cas_ng.signals import cas_user_authenticated from jms_oidc_rp.signals import openid_user_login_failed, openid_user_login_success - from .signals import post_auth_success, post_auth_failed