From 50443de888b4fa7ba80a040e07f6eb98c8119172 Mon Sep 17 00:00:00 2001 From: BaiJiangJie Date: Thu, 20 Jun 2019 11:25:35 +0800 Subject: [PATCH] =?UTF-8?q?[Bugfix]=20=E4=BF=AE=E5=A4=8D=E6=99=AE=E9=80=9A?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E8=A2=AB=E6=8E=88=E6=9D=83=E7=9A=84RemoteApp?= =?UTF-8?q?=E5=88=97=E8=A1=A8=E5=8A=A0=E8=BD=BD=E4=B8=BA=E7=A9=BA=E7=9A=84?= =?UTF-8?q?bug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/perms/api/user_group_permission.py | 7 ------- apps/perms/api/user_permission.py | 11 +++++++---- apps/perms/mixins.py | 17 ++++++++++++++++- 3 files changed, 23 insertions(+), 12 deletions(-) diff --git a/apps/perms/api/user_group_permission.py b/apps/perms/api/user_group_permission.py index 159f76a39..841a82096 100644 --- a/apps/perms/api/user_group_permission.py +++ b/apps/perms/api/user_group_permission.py @@ -93,19 +93,12 @@ class UserGroupGrantedNodesWithAssetsAsTreeApi(ListAPIView): show_assets = True system_user_id = None - def change_org_if_need(self): - if self.request.user.is_superuser or \ - self.request.user.is_app or \ - self.kwargs.get('pk') is None: - set_to_root_org() - def get(self, request, *args, **kwargs): self.show_assets = request.query_params.get('show_assets', '1') == '1' self.system_user_id = request.query_params.get('system_user') return super().get(request, *args, **kwargs) def get_queryset(self): - self.change_org_if_need() user_group_id = self.kwargs.get('pk', '') queryset = [] group = get_object_or_404(UserGroup, id=user_group_id) diff --git a/apps/perms/api/user_permission.py b/apps/perms/api/user_permission.py index b4f8fc07e..c4e86f4bd 100644 --- a/apps/perms/api/user_permission.py +++ b/apps/perms/api/user_permission.py @@ -25,7 +25,9 @@ from ..hands import ( NodeSerializer, RemoteAppSerializer, ) from .. import serializers, const -from ..mixins import AssetsFilterMixin, RemoteAppFilterMixin +from ..mixins import ( + AssetsFilterMixin, RemoteAppFilterMixin, ChangeOrgIfNeedMixin +) from ..models import Action logger = get_logger(__name__) @@ -460,7 +462,7 @@ class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, APIView): # RemoteApp permission -class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView): +class UserGrantedRemoteAppsApi(ChangeOrgIfNeedMixin, RemoteAppFilterMixin, ListAPIView): permission_classes = (IsOrgAdminOrAppUser,) serializer_class = RemoteAppSerializer pagination_class = LimitOffsetPagination @@ -485,7 +487,7 @@ class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView): return super().get_permissions() -class UserGrantedRemoteAppsAsTreeApi(ListAPIView): +class UserGrantedRemoteAppsAsTreeApi(ChangeOrgIfNeedMixin, ListAPIView): serializer_class = TreeNodeSerializer permission_classes = (IsOrgAdminOrAppUser,) @@ -517,10 +519,11 @@ class UserGrantedRemoteAppsAsTreeApi(ListAPIView): return super().get_permissions() -class ValidateUserRemoteAppPermissionApi(APIView): +class ValidateUserRemoteAppPermissionApi(ChangeOrgIfNeedMixin, APIView): permission_classes = (IsOrgAdminOrAppUser,) def get(self, request, *args, **kwargs): + self.change_org_if_need(request, kwargs) user_id = request.query_params.get('user_id', '') remote_app_id = request.query_params.get('remote_app_id', '') user = get_object_or_404(User, id=user_id) diff --git a/apps/perms/mixins.py b/apps/perms/mixins.py index f302285a6..f1d7fac1e 100644 --- a/apps/perms/mixins.py +++ b/apps/perms/mixins.py @@ -1,9 +1,10 @@ # ~*~ coding: utf-8 ~*~ # +from orgs.utils import set_to_root_org __all__ = [ - 'AssetsFilterMixin', 'RemoteAppFilterMixin', + 'AssetsFilterMixin', 'RemoteAppFilterMixin', 'ChangeOrgIfNeedMixin', ] @@ -100,3 +101,17 @@ class RemoteAppFilterMixin(object): queryset, key=lambda x: getattr(x, order_by), reverse=reverse ) return queryset + + +class ChangeOrgIfNeedMixin(object): + + @staticmethod + def change_org_if_need(request, kwargs): + if request.user.is_authenticated and request.user.is_superuser \ + or request.user.is_app \ + or kwargs.get('pk') is None: + set_to_root_org() + + def get(self, request, *args, **kwargs): + self.change_org_if_need(request, kwargs) + return super().get(request, *args, **kwargs)