[Update] 用户授权相关API，如果需要切换到root org (#2803)

* [Update] 用户授权相关API，如果需要切换到root org * [Update] 优化小问题
2025-10-29 12:51:46 +00:00 · 2019-06-17 19:27:02 +08:00
parent 795807ddbe
commit c71f417ebf
4 changed files with 26 additions and 14 deletions
--- a/apps/perms/api/user_permission.py
+++ b/apps/perms/api/user_permission.py
@@ -25,7 +25,9 @@ from ..hands import (
    NodeSerializer, RemoteAppSerializer,
 )
 from .. import serializers, const
-from ..mixins import AssetsFilterMixin, RemoteAppFilterMixin
+from ..mixins import (
+    AssetsFilterMixin, RemoteAppFilterMixin, ChangeOrgIfNeedMixin
+)
 from ..models import Action

 logger = get_logger(__name__)
@@ -459,7 +461,7 @@ class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, APIView):

 # RemoteApp permission

-class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
+class UserGrantedRemoteAppsApi(ChangeOrgIfNeedMixin, RemoteAppFilterMixin, ListAPIView):
    permission_classes = (IsOrgAdminOrAppUser,)
    serializer_class = RemoteAppSerializer
    pagination_class = LimitOffsetPagination
@@ -484,7 +486,7 @@ class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
        return super().get_permissions()


-class UserGrantedRemoteAppsAsTreeApi(ListAPIView):
+class UserGrantedRemoteAppsAsTreeApi(ChangeOrgIfNeedMixin, ListAPIView):
    serializer_class = TreeNodeSerializer
    permission_classes = (IsOrgAdminOrAppUser,)

@@ -516,10 +518,11 @@ class UserGrantedRemoteAppsAsTreeApi(ListAPIView):
        return super().get_permissions()


-class ValidateUserRemoteAppPermissionApi(APIView):
+class ValidateUserRemoteAppPermissionApi(ChangeOrgIfNeedMixin, APIView):
    permission_classes = (IsOrgAdminOrAppUser,)

    def get(self, request, *args, **kwargs):
+        self.change_org_if_need(request, kwargs)
        user_id = request.query_params.get('user_id', '')
        remote_app_id = request.query_params.get('remote_app_id', '')
        user = get_object_or_404(User, id=user_id)
@@ -529,5 +532,4 @@ class ValidateUserRemoteAppPermissionApi(APIView):
        remote_apps = util.get_remote_apps()
        if remote_app not in remote_apps:
            return Response({'msg': False}, status=403)
-
        return Response({'msg': True}, status=200)