[Bugfix] 修复普通用户被授权的RemoteApp列表加载为空的bug

50443de8 · BaiJiangJie · 41a5a691 · 50443de8 · 50443de8 · 50443de8
Commit 50443de8 authored Jun 20, 2019 by BaiJiangJie
Hide whitespace changes
Inline Side-by-side

Showing with 23 additions and 12 deletions

user_group_permission.py apps/perms/api/user_group_permission.py +0 -7

user_permission.py apps/perms/api/user_permission.py +7 -4

mixins.py apps/perms/mixins.py +16 -1

No files found.
--- a/apps/perms/api/user_group_permission.py
+++ b/apps/perms/api/user_group_permission.py
@@ -93,19 +93,12 @@ class UserGroupGrantedNodesWithAssetsAsTreeApi(ListAPIView):
    show_assets = True
    system_user_id = None

-    def change_org_if_need(self):
-        if self.request.user.is_superuser or \
-                self.request.user.is_app or \
-                self.kwargs.get('pk') is None:
-            set_to_root_org()
-
    def get(self, request, *args, **kwargs):
        self.show_assets = request.query_params.get('show_assets', '1') == '1'
        self.system_user_id = request.query_params.get('system_user')
        return super().get(request, *args, **kwargs)

    def get_queryset(self):
-        self.change_org_if_need()
        user_group_id = self.kwargs.get('pk', '')
        queryset = []
        group = get_object_or_404(UserGroup, id=user_group_id)

--- a/apps/perms/api/user_permission.py
+++ b/apps/perms/api/user_permission.py
@@ -25,7 +25,9 @@ from ..hands import (
    NodeSerializer, RemoteAppSerializer,
 )
 from .. import serializers, const
-from ..mixins import AssetsFilterMixin, RemoteAppFilterMixin
+from ..mixins import (
+    AssetsFilterMixin, RemoteAppFilterMixin, ChangeOrgIfNeedMixin
+)
 from ..models import Action

 logger = get_logger(__name__)
@@ -460,7 +462,7 @@ class GetUserAssetPermissionActionsApi(UserPermissionCacheMixin, APIView):

 # RemoteApp permission

-class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
+class UserGrantedRemoteAppsApi(ChangeOrgIfNeedMixin, RemoteAppFilterMixin, ListAPIView):
    permission_classes = (IsOrgAdminOrAppUser,)
    serializer_class = RemoteAppSerializer
    pagination_class = LimitOffsetPagination
@@ -485,7 +487,7 @@ class UserGrantedRemoteAppsApi(RemoteAppFilterMixin, ListAPIView):
        return super().get_permissions()


-class UserGrantedRemoteAppsAsTreeApi(ListAPIView):
+class UserGrantedRemoteAppsAsTreeApi(ChangeOrgIfNeedMixin, ListAPIView):
    serializer_class = TreeNodeSerializer
    permission_classes = (IsOrgAdminOrAppUser,)

@@ -517,10 +519,11 @@ class UserGrantedRemoteAppsAsTreeApi(ListAPIView):
        return super().get_permissions()


-class ValidateUserRemoteAppPermissionApi(APIView):
+class ValidateUserRemoteAppPermissionApi(ChangeOrgIfNeedMixin, APIView):
    permission_classes = (IsOrgAdminOrAppUser,)

    def get(self, request, *args, **kwargs):
+        self.change_org_if_need(request, kwargs)
        user_id = request.query_params.get('user_id', '')
        remote_app_id = request.query_params.get('remote_app_id', '')
        user = get_object_or_404(User, id=user_id)

--- a/apps/perms/mixins.py
+++ b/apps/perms/mixins.py
 # ~*~ coding: utf-8 ~*~
 #

+from orgs.utils import set_to_root_org

 __all__ = [
-    'AssetsFilterMixin', 'RemoteAppFilterMixin',
+    'AssetsFilterMixin', 'RemoteAppFilterMixin', 'ChangeOrgIfNeedMixin',
 ]


@@ -100,3 +101,17 @@ class RemoteAppFilterMixin(object):
            queryset, key=lambda x: getattr(x, order_by), reverse=reverse
        )
        return queryset
+
+
+class ChangeOrgIfNeedMixin(object):
+
+    @staticmethod
+    def change_org_if_need(request, kwargs):
+        if request.user.is_authenticated and request.user.is_superuser \
+                or request.user.is_app \
+                or kwargs.get('pk') is None:
+            set_to_root_org()
+
+    def get(self, request, *args, **kwargs):
+        self.change_org_if_need(request, kwargs)
+        return super().get(request, *args, **kwargs)