fix: 修复获取令牌信息的remote app资产信息 (#8619)

* fix: 修复连接令牌只获取自己的令牌信息；修复连接令牌系统用户角色权限问题（普通用户看不到）； * fix: 修复获取令牌信息的remote app资产信息 * fix: 修复获取用户个人信息时使用连接令牌 * fix: 修复获取profile时的连接令牌问题 * fix: 修复连接令牌问题 * fix: 修复连接令牌问题 Co-authored-by: Jiangjie.Bai <bugatti_it@163.com>
2025-09-22 11:58:29 +00:00 · 2022-07-19 15:57:02 +08:00
parent 585ddeb25b
commit cc2b858769
6 changed files with 33 additions and 6 deletions
--- a/apps/authentication/api/connection_token.py
+++ b/apps/authentication/api/connection_token.py
@@ -231,7 +231,9 @@ class ConnectionTokenViewSet(ConnectionTokenMixin, RootOrgViewMixin, JMSModelVie
        'get_rdp_file': 'authentication.add_connectiontoken',
        'get_client_protocol_url': 'authentication.add_connectiontoken',
    }
-    queryset = ConnectionToken.objects.all()
+
+    def get_queryset(self):
+        return ConnectionToken.objects.filter(user=self.request.user)

    def create_connection_token(self):
        data = self.request.query_params if self.request.method == 'GET' else self.request.data
--- a/apps/authentication/models.py
+++ b/apps/authentication/models.py
@@ -228,6 +228,13 @@ class ConnectionToken(OrgModelMixin, models.JMSModel):
            return {}
        return self.application.get_rdp_remote_app_setting()

+    @lazyproperty
+    def asset_or_remote_app_asset(self):
+        if self.asset:
+            return self.asset
+        if self.application and self.application.category_remote_app:
+            return self.application.get_remote_app_asset()
+
    @lazyproperty
    def cmd_filter_rules(self):
        from assets.models import CommandFilterRule
--- a/apps/authentication/serializers/connection_token.py
+++ b/apps/authentication/serializers/connection_token.py
@@ -177,7 +177,7 @@ class ConnectionTokenCmdFilterRuleSerializer(serializers.ModelSerializer):

 class ConnectionTokenSecretSerializer(OrgResourceModelSerializerMixin):
    user = ConnectionTokenUserSerializer(read_only=True)
-    asset = ConnectionTokenAssetSerializer(read_only=True)
+    asset = ConnectionTokenAssetSerializer(read_only=True, source='asset_or_remote_app_asset')
    application = ConnectionTokenApplicationSerializer(read_only=True)
    remote_app = ConnectionTokenRemoteAppSerializer(read_only=True)
    system_user = ConnectionTokenSystemUserSerializer(read_only=True)