github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-04 08:55:40 +00:00
Code Issues Projects Releases Wiki Activity

fix: 修复 public 和 smart API 权限包含 connection token

Browse Source
This commit is contained in:
Jiangjie.Bai
2022-07-15 14:56:51 +08:00
committed by 老广
parent 93537c07a1
commit 41541a91b9
3 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
apps/settings/api/public.py
View File

@@ -3,7 +3,11 @@ from rest_framework.permissions import AllowAny, IsAuthenticated
from django.conf import settings
from jumpserver.utils import has_valid_xpack_license, get_xpack_license_info
from common.utils import get_logger, lazyproperty
from common.utils import get_logger, lazyproperty, get_object_or_none
from authentication.models import ConnectionToken
from orgs.utils import tmp_to_root_org
from common.permissions import IsValidUserOrConnectionToken
from .. import serializers
from ..utils import get_interface_setting_or_default
@@ -28,7 +32,7 @@ class OpenPublicSettingApi(generics.RetrieveAPIView):
class PublicSettingApi(OpenPublicSettingApi):
permission_classes = (IsAuthenticated,)
permission_classes = (IsValidUserOrConnectionToken,)
serializer_class = serializers.PrivateSettingSerializer
def get_object(self):