fix: 修复 token 直连的问题

2025-09-24 04:50:30 +00:00 · 2025-03-21 19:08:21 +08:00
parent a03a11efa4
commit e3ba468004
4 changed files with 52 additions and 16 deletions
--- a/apps/authentication/models/connection_token.py
+++ b/apps/authentication/models/connection_token.py
@@ -5,8 +5,10 @@ from datetime import timedelta
 from django.conf import settings
 from django.core.cache import cache
 from django.db import models
+from django.shortcuts import get_object_or_404
 from django.utils import timezone
 from django.utils.translation import gettext_lazy as _
+from django.forms.models import model_to_dict
 from rest_framework.exceptions import PermissionDenied

 from accounts.models import VirtualAccount
@@ -71,9 +73,19 @@ class ConnectionToken(JMSOrgBaseModel):
        verbose_name = _('Connection token')

    def save(self, *args, **kwargs):
-        self.type = self._meta.model._type
+        self.type = self._type
        return super().save(*args, **kwargs)

+    @classmethod
+    def get_typed_connection_token(cls, token_id):
+        token = get_object_or_404(cls, id=token_id)
+
+        if token.type == ConnectionTokenType.ADMIN.value:
+            token = AdminConnectionToken.objects.get(id=token_id)
+        else:
+            token = ConnectionToken.objects.get(id=token_id)
+        return token
+
    @property
    def is_expired(self):
        return self.date_expired < timezone.now()
@@ -112,13 +124,16 @@ class ConnectionToken(JMSOrgBaseModel):
        self.date_expired = date_expired_default()
        self.save()

-    @lazyproperty
-    def permed_account(self):
+    def get_permed_account(self):
        from perms.utils import PermAssetDetailUtil
        permed_account = PermAssetDetailUtil(self.user, self.asset) \
            .validate_permission(self.account, self.protocol)
        return permed_account

+    @lazyproperty
+    def permed_account(self):
+        return self.get_permed_account()
+
    @lazyproperty
    def actions(self):
        return self.permed_account.actions
@@ -148,7 +163,8 @@ class ConnectionToken(JMSOrgBaseModel):
        if timezone.now() - self.date_created < timedelta(seconds=60):
            return True, None

-        if not self.permed_account or not self.permed_account.actions:
+        permed_account = self.get_permed_account()
+        if not permed_account or not permed_account.actions:
            msg = 'user `{}` not has asset `{}` permission for login `{}`'.format(
                self.user, self.asset, self.account
            )
@@ -317,4 +333,12 @@ class AdminConnectionToken(ConnectionToken):
        return (timezone.now() + timezone.timedelta(days=365)).timestamp()

    def is_valid(self):
-        return True
+        return super().is_valid()
+
+    def get_permed_account(self):
+        account = self.asset.accounts.filter(name=self.account).first()
+        if not account:
+            return None
+        account.actions = ActionChoices.all()
+        account.date_expired = timezone.now() + timezone.timedelta(days=5)
+        return account