From aaeef83d385a4ac81f3d20410f2c2bb46963d8dd Mon Sep 17 00:00:00 2001
From: fit2bot <68588906+fit2bot@users.noreply.github.com>
Date: Thu, 23 Feb 2023 11:27:03 +0800
Subject: [PATCH] perf: history account secret (#9711)

Co-authored-by: feng <1304903146@qq.com>
---
 apps/accounts/api/account/account.py | 8 +++-----
 apps/rbac/const.py                   | 2 ++
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/apps/accounts/api/account/account.py b/apps/accounts/api/account/account.py
index 73540126b..64dc745f8 100644
--- a/apps/accounts/api/account/account.py
+++ b/apps/accounts/api/account/account.py
@@ -7,18 +7,16 @@ from accounts import serializers
 from accounts.filters import AccountFilterSet
 from accounts.models import Account
 from assets.models import Asset
-from authentication.const import ConfirmType
-from common.permissions import UserConfirmation
+from common.permissions import UserConfirmation, ConfirmType
 from common.views.mixins import RecordViewLogMixin
 from orgs.mixins.api import OrgBulkModelViewSet
+from rbac.permissions import RBACPermission
 
 __all__ = [
     'AccountViewSet', 'AccountSecretsViewSet',
     'AccountHistoriesSecretAPI'
 ]
 
-from rbac.permissions import RBACPermission
-
 
 class AccountViewSet(OrgBulkModelViewSet):
     model = Account
@@ -71,7 +69,7 @@ class AccountHistoriesSecretAPI(RecordViewLogMixin, ListAPIView):
     http_method_names = ['get', 'options']
     permission_classes = [RBACPermission, UserConfirmation.require(ConfirmType.MFA)]
     rbac_perms = {
-        'list': 'accounts.view_accountsecret',
+        'GET': 'accounts.view_accountsecret',
     }
 
     def get_object(self):
diff --git a/apps/rbac/const.py b/apps/rbac/const.py
index 2092cd9ff..eeb09b46e 100644
--- a/apps/rbac/const.py
+++ b/apps/rbac/const.py
@@ -61,6 +61,8 @@ exclude_permissions = (
     ('accounts', 'accountbackupexecution', 'delete,change', 'accountbackupexecution'),
     ('accounts', 'changesecretrecord', 'add,delete,change', 'changesecretrecord'),
     ('accounts', 'account', 'change', 'accountsecret'),
+    ('accounts', 'account', 'view', 'historyaccount'),
+    ('accounts', 'account', 'view', 'historyaccountsecret'),
 
     ('perms', 'userassetgrantedtreenoderelation', '*', '*'),
     ('perms', 'permedaccount', '*', '*'),