From b50f1a662d615250bcb9e39ba89b6df799a9d04d Mon Sep 17 00:00:00 2001
From: fit2bot <68588906+fit2bot@users.noreply.github.com>
Date: Mon, 11 Mar 2024 15:10:51 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BC=98=E5=8C=96=E6=89=8B=E5=8A=A8?=
 =?UTF-8?q?=E8=BE=93=E5=85=A5=E7=9A=84=E8=B4=A6=E5=8F=B7username=E9=81=B5?=
 =?UTF-8?q?=E5=BE=AA=E7=99=BB=E5=BD=95=E8=B5=84=E4=BA=A7=E7=9A=84ACL?=
 =?UTF-8?q?=E6=8E=A7=E5=88=B6=20(#12774)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: feng <1304903146@qq.com>
---
 apps/authentication/api/connection_token.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/apps/authentication/api/connection_token.py b/apps/authentication/api/connection_token.py
index f76b6e037..b8690ba28 100644
--- a/apps/authentication/api/connection_token.py
+++ b/apps/authentication/api/connection_token.py
@@ -379,6 +379,7 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
 
         if account.username != AliasAccount.INPUT:
             data['input_username'] = ''
+
         ticket = self._validate_acl(user, asset, account)
         if ticket:
             data['from_ticket'] = ticket
@@ -413,7 +414,10 @@ class ConnectionTokenViewSet(ExtraActionApiMixin, RootOrgViewMixin, JMSModelView
 
     def _validate_acl(self, user, asset, account):
         from acls.models import LoginAssetACL
-        acls = LoginAssetACL.filter_queryset(user=user, asset=asset, account=account)
+        kwargs = {'user': user, 'asset': asset, 'account': account}
+        if account.username == AliasAccount.INPUT:
+            kwargs['account_username'] = self.input_username
+        acls = LoginAssetACL.filter_queryset(**kwargs)
         ip = get_request_ip_or_data(self.request)
         acl = LoginAssetACL.get_match_rule_acls(user, ip, acls)
         if not acl: