github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-05 09:21:02 +00:00
Code Issues Projects Releases Wiki Activity

fix(orgs): 修复访问 current org api 错误

Browse Source 
perf(users): 优化用户删除和移除行为

perf: 优化组织权限判断
This commit is contained in:
ibuler
2021-03-15 14:53:19 +08:00
committed by Jiangjie.Bai
parent 41f375a4f7
commit 7dfd0ee8fe
6 changed files with 39 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
apps/users/api/user.py
View File

@@ -2,7 +2,7 @@
from django.core.cache import cache
from django.utils.translation import ugettext as _
from rest_framework.decorators import action
from django.conf import settings
from rest_framework import generics
from rest_framework.response import Response
from rest_framework_bulk import BulkModelViewSet
@@ -88,17 +88,14 @@ class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
def get_permissions(self):
if self.action in ["retrieve", "list"]:
self.permission_classes = (IsOrgAdminOrAppUser,)
if self.request.query_params.get('all'):
if self.request.query_params.get('all'):
self.permission_classes = (IsSuperUser,)
else:
self.permission_classes = (IsOrgAdminOrAppUser,)
elif self.action in ['destroy']:
self.permission_classes = (IsSuperUser,)
return super().get_permissions()
def perform_destroy(self, instance):
if not current_org.is_root():
instance.remove()
else:
return super().perform_destroy(instance)
def perform_bulk_destroy(self, objects):
for obj in objects:
self.check_object_permissions(self.request, obj)
@@ -164,6 +161,21 @@ class UserViewSet(CommonApiMixin, UserQuerysetMixin, BulkModelViewSet):
OrganizationMember.objects.bulk_create(relations, ignore_conflicts=True)
return Response(serializer.data, status=201)
@action(methods=['post'], detail=True, permission_classes=(IsOrgAdmin,))
def remove(self, request, *args, **kwargs):
instance = self.get_object()
instance.remove()
return Response(status=204)
@action(methods=['post'], detail=False, permission_classes=(IsOrgAdmin,), url_path='remove')
def bulk_remove(self, request, *args, **kwargs):
qs = self.get_queryset()
filtered = self.filter_queryset(qs)
for instance in filtered:
instance.remove()
return Response(status=204)
class UserChangePasswordApi(UserQuerysetMixin, generics.RetrieveUpdateAPIView):
permission_classes = (IsOrgAdmin,)