Skip to content

Commit

Permalink
fix: 添加项目查看鉴权 --story=121224121 (#7656)
Browse files Browse the repository at this point in the history 
* fix: 添加项目查看鉴权 --story=121224121

* fix: 修改鉴权方式 --story=121224121

* fix: 修改拉取方法 --story=121224121

* fix: 修改方法名称 --story=121224121

* fix: 添加遗漏方法 --story=121224121
  • Loading branch information
@guohelu
guohelu authored Dec 26, 2024
1 parent 58b16b0 commit bea1f39
Showing 1 changed file with 26 additions and 5 deletions.
31 changes: 26 additions & 5 deletions gcloud/core/apis/drf/viewsets/common_template.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@
class CommonTemplatePermission(IamPermission):
actions = {
"list": IamPermissionInfo(pass_all=True),
"list_for_periodic_task": IamPermissionInfo(pass_all=True),
"list_with_top_collection": IamPermissionInfo(pass_all=True),
"retrieve": IamPermissionInfo(
IAMMeta.COMMON_FLOW_VIEW_ACTION, res_factory.resources_for_common_flow_obj, HAS_OBJECT_PERMISSION
Expand Down Expand Up @@ -95,18 +96,35 @@ class CommonTemplateViewSet(GcloudModelViewSet):
IAMMeta.COMMON_FLOW_VIEW_ACTION,
IAMMeta.COMMON_FLOW_EDIT_ACTION,
IAMMeta.COMMON_FLOW_DELETE_ACTION,
IAMMeta.COMMON_FLOW_CREATE_PERIODIC_TASK_ACTION,
],
)
filterset_class = CommonTemplateFilter
permission_classes = [permissions.IsAuthenticated, CommonTemplatePermission]
ordering = ["-id"]

def get_serializer_class(self):
if self.action in ["list", "list_with_top_collection"]:
if self.action in ["list", "list_with_top_collection", "list_for_periodic_task"]:
return CommonTemplateListSerializer
return CommonTemplateSerializer

@swagger_auto_schema(method="GET", operation_summary="带有创建周期任务权限指定的流程列表")
@action(methods=["GET"], detail=False)
def list_for_periodic_task(self, request, *args, **kwargs):
queryset = self.filter_queryset(self.get_queryset())
page = self.paginate_queryset(queryset)
serializer = self.get_serializer(page if page is not None else queryset, many=True)
# 注入权限
data = self.injection_auth_actions(request, serializer.data, serializer.instance)
# 注入公共流程新建周期任务权限
create_periodic_task_action = Action(IAMMeta.COMMON_FLOW_CREATE_PERIODIC_TASK_ACTION)
templates = self._inject_project_based_task_create_action(
request, [template["id"] for template in data], create_periodic_task_action
)
for obj in data:
if obj["id"] in templates:
obj["auth_actions"].append(IAMMeta.COMMON_FLOW_CREATE_PERIODIC_TASK_ACTION)
return self.get_paginated_response(data) if page is not None else Response(data)

@swagger_auto_schema(
method="GET", operation_summary="带收藏指定的流程列表", responses={200: TopCollectionCommonTemplateSerializer}
)
Expand Down Expand Up @@ -134,7 +152,10 @@ def list_with_top_collection(self, request, *args, **kwargs):
data = self.injection_auth_actions(request, serializer.data, serializer.instance)

# 注入公共流程新建任务权限
templates = self._inject_project_based_task_create_action(request, [template["id"] for template in data])
create_task_action = Action(IAMMeta.COMMON_FLOW_CREATE_TASK_ACTION)
templates = self._inject_project_based_task_create_action(
request, [template["id"] for template in data], create_task_action
)

for obj in data:
obj["is_collected"] = 1 if obj["id"] in collection_template_ids else 0
Expand All @@ -144,7 +165,7 @@ def list_with_top_collection(self, request, *args, **kwargs):
return self.get_paginated_response(data) if page is not None else Response(data)

@staticmethod
def _inject_project_based_task_create_action(request, common_template_ids):
def _inject_project_based_task_create_action(request, common_template_ids, common_flow_action):
project_id = request.query_params.get("project__id")
if not project_id:
return []
Expand All @@ -162,7 +183,7 @@ def _inject_project_based_task_create_action(request, common_template_ids):
Request(
system=system,
subject=Subject("user", request.user.username),
action=Action(IAMMeta.COMMON_FLOW_CREATE_TASK_ACTION),
action=common_flow_action,
resources=resource,
environment=None,
)
Expand Down

0 comments on commit bea1f39

Please sign in to comment.