feat: authentication demo

2025-12-26 01:33:05 +00:00 · 2025-04-17 10:35:02 +08:00 · 2025-04-17 10:35:02 +08:00 · 3351968969
parent 5f902ef5de
commit 3351968969
3 changed files with 37 additions and 2 deletions
--- a/apps/users/api/user.py
+++ b/apps/users/api/user.py
@ -6,6 +6,9 @@
    @date：2025/4/14 19:23
    @desc:
 """
+from drf_spectacular.types import OpenApiTypes
+from drf_spectacular.utils import OpenApiParameter
+
 from common.mixins.api_mixin import APIMixin
 from common.result import ResultSerializer
 from users.serializers.user import UserProfileResponse
@ -21,3 +24,19 @@ class UserProfileAPI(APIMixin):
    @staticmethod
    def get_response():
        return ApiUserProfileResponse
+
+
+class TestWorkspacePermissionUserApi(APIMixin):
+    @staticmethod
+    def get_parameters():
+        return [OpenApiParameter(
+            # 参数的名称是done
+            name="workspace_id",
+            # 对参数的备注
+            description="工作空间id",
+            # 指定参数的类型
+            type=OpenApiTypes.STR,
+            location=OpenApiParameter.PATH,
+            # 指定必须给
+            required=True,
+        )]
--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@ -6,5 +6,7 @@ app_name = "user"
 urlpatterns = [
    path('user/login', views.LoginView.as_view(), name='login'),
    path('user/profile', views.UserProfileView.as_view(), name="user_profile"),
-    path('user/test', views.TestPermissionsUserView.as_view(), name="test")
+    path('user/test', views.TestPermissionsUserView.as_view(), name="test"),
+    path('user/<str:workspace_id>', views.TestWorkspacePermissionUserView.as_view(),
+         name="test_workspace_id_permission")
 ]
--- a/apps/users/views/user.py
+++ b/apps/users/views/user.py
@ -15,7 +15,7 @@ from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
 from common.constants.permission_constants import PermissionConstants
 from common.result import result
-from users.api.user import UserProfileAPI
+from users.api.user import UserProfileAPI, TestWorkspacePermissionUserApi
 from users.serializers.user import UserProfileSerializer


@ -42,3 +42,17 @@ class TestPermissionsUserView(APIView):
    @has_permissions(PermissionConstants.USER_EDIT)
    def get(self, request: Request):
        return result.success(UserProfileSerializer().profile(request.user))
+
+
+class TestWorkspacePermissionUserView(APIView):
+    authentication_classes = [TokenAuth]
+
+    @extend_schema(methods=['GET'],
+                   description="针对工作空间下权限校验",
+                   operation_id="针对工作空间下权限校验",
+                   tags=[_("User management")],
+                   responses=UserProfileAPI.get_response(),
+                   parameters=TestWorkspacePermissionUserApi.get_parameters())
+    @has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission())
+    def get(self, request: Request, workspace_id):
+        return result.success(UserProfileSerializer().profile(request.user))