Skip to content

Commit f7a0ee6

Browse files
shaohuzhang1shaohuzhang1
authored
fix: permission role (#3295)
1 parent c17dfed commit f7a0ee6

File tree

2 files changed

+10
-2
lines changed

2 files changed

+10
-2
lines changed

apps/common/constants/permission_constants.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -516,6 +516,10 @@ class PermissionConstants(Enum):
516516
group=Group.WORKSPACE_USER_RESOURCE_PERMISSION, operate=Operate.READ,
517517
role_list=[RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE]
518518
)
519+
WORKSPACE_USER_RESOURCE_PERMISSION_EDIT = Permission(
520+
group=Group.WORKSPACE_USER_RESOURCE_PERMISSION, operate=Operate.EDIT,
521+
role_list=[RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE]
522+
)
519523
EMAIL_SETTING_READ = Permission(
520524
group=Group.EMAIL_SETTING, operate=Operate.READ, role_list=[RoleConstants.ADMIN],
521525
parent_group=[SystemGroup.SYSTEM_SETTING]

apps/system_manage/views/user_resource_permission.py

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
from common import result
1616
from common.auth import TokenAuth
1717
from common.auth.authentication import has_permissions
18-
from common.constants.permission_constants import PermissionConstants
18+
from common.constants.permission_constants import PermissionConstants, RoleConstants
1919
from common.log.log import log
2020
from common.result import DefaultResultSerializer
2121
from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI
@@ -31,6 +31,7 @@ def get_user_operation_object(user_id):
3131
}
3232
return {}
3333

34+
3435
class WorkSpaceUserResourcePermissionView(APIView):
3536
authentication_classes = [TokenAuth]
3637

@@ -42,7 +43,8 @@ class WorkSpaceUserResourcePermissionView(APIView):
4243
responses=UserResourcePermissionAPI.get_response(),
4344
tags=[_('Resources authorization')] # type: ignore
4445
)
45-
@has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_READ.get_workspace_permission())
46+
@has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_READ.get_workspace_permission(),
47+
RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
4648
def get(self, request: Request, workspace_id: str, user_id: str):
4749
return result.success(UserResourcePermissionSerializer(
4850
data={'workspace_id': workspace_id, 'user_id': user_id}
@@ -60,6 +62,8 @@ def get(self, request: Request, workspace_id: str, user_id: str):
6062
@log(menu='System', operate='Modify the resource authorization list',
6163
get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))
6264
)
65+
@has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_EDIT.get_workspace_permission(),
66+
RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
6367
def put(self, request: Request, workspace_id: str, user_id: str):
6468
return result.success(UserResourcePermissionSerializer(
6569
data={'workspace_id': workspace_id, 'user_id': user_id}

0 commit comments

Comments
 (0)