github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-07-07 11:59:18 +00:00
Code Issues Projects Releases Wiki Activity

fix: check_api

Browse Source
This commit is contained in:
feng 2025-03-24 14:10:24 +08:00 committed by Bryan
parent 77d8083c00
commit f5d40a787e
2 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/common/management/commands/check_api.py
View File

@ -71,6 +71,7 @@ known_unauth_urls = [
"/api/v1/authentication/mfa/select/",
"/api/v1/authentication/mfa/send-code/",
"/api/v1/authentication/sso/login/"
"/api/v1/authentication/user-session/"
]
known_error_urls = [
@ -91,7 +92,6 @@ class Command(BaseCommand):
unauth_urls = []
error_urls = []
unformat_urls = []
for url, ourl in urls:
if '(' in url or '<' in url:
unformat_urls.append([url, ourl])

8
apps/terminal/permissions.py
View File

@ -9,7 +9,13 @@ __all__ = ['IsSessionAssignee']
class IsSessionAssignee(permissions.IsAuthenticated):
def has_permission(self, request, view):
return True
if not request.user:
return False
if request.user.is_anonymous:
return False
if view.action == 'retrieve':
return True
return False
def has_object_permission(self, request, view, obj):
try: