[Update] 控制组织管理员不允许更新、删除超级用户；修复ViewSet API批量更新的bug (#2629)

* [Update] 控制组织管理员不允许编辑（更新、删除）超级用户 - 待续（控制批量更新API） * [Update] 修改方法名称 * [Update] 控制组织管理员不允许批量更新包含超级用户的用户列表 * [Bugfix] 修复所有ViewSet API进行批量更新时rest_framework_bulk库内部的bug * [Update] 修改 OpenID Middleware 日志输出模式 info => debug
2025-08-31 23:20:37 +00:00 · 2019-04-25 10:11:50 +08:00
parent aabcf7f31c
commit caa5060ecd
16 changed files with 181 additions and 22 deletions
--- a/apps/authentication/backends/openid/middleware.py
+++ b/apps/authentication/backends/openid/middleware.py
@@ -23,15 +23,15 @@ class OpenIDAuthenticationMiddleware(MiddlewareMixin):
    def process_request(self, request):
        # Don't need openid auth if AUTH_OPENID is False
        if not settings.AUTH_OPENID:
-            logger.info("Not settings.AUTH_OPENID")
+            logger.debug("Not settings.AUTH_OPENID")
            return
        # Don't need check single logout if user not authenticated
        if not request.user.is_authenticated:
-            logger.info("User is not authenticated")
+            logger.debug("User is not authenticated")
            return
        elif not request.session[BACKEND_SESSION_KEY].endswith(
                BACKEND_OPENID_AUTH_CODE):
-            logger.info("BACKEND_SESSION_KEY is not BACKEND_OPENID_AUTH_CODE")
+            logger.debug("BACKEND_SESSION_KEY is not BACKEND_OPENID_AUTH_CODE")
            return

        # Check openid user single logout or not with access_token
@@ -40,7 +40,6 @@ class OpenIDAuthenticationMiddleware(MiddlewareMixin):
            client.openid_connect_client.userinfo(
                token=request.session.get(OIDT_ACCESS_TOKEN)
            )
-
        except Exception as e:
            logout(request)
            logger.error(e)