From 33519689692b37cba2eaf65d24a061c8a62df193 Mon Sep 17 00:00:00 2001
From: shaohuzhang1 <shaohu.zhang@fit2cloud.com>
Date: Thu, 17 Apr 2025 10:35:02 +0800
Subject: [PATCH] feat: authentication demo

---
 apps/users/api/user.py   | 19 +++++++++++++++++++
 apps/users/urls.py       |  4 +++-
 apps/users/views/user.py | 16 +++++++++++++++-
 3 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/apps/users/api/user.py b/apps/users/api/user.py
index 6350669ab..57e87d5fd 100644
--- a/apps/users/api/user.py
+++ b/apps/users/api/user.py
@@ -6,6 +6,9 @@
     @date：2025/4/14 19:23
     @desc:
 """
+from drf_spectacular.types import OpenApiTypes
+from drf_spectacular.utils import OpenApiParameter
+
 from common.mixins.api_mixin import APIMixin
 from common.result import ResultSerializer
 from users.serializers.user import UserProfileResponse
@@ -21,3 +24,19 @@ class UserProfileAPI(APIMixin):
     @staticmethod
     def get_response():
         return ApiUserProfileResponse
+
+
+class TestWorkspacePermissionUserApi(APIMixin):
+    @staticmethod
+    def get_parameters():
+        return [OpenApiParameter(
+            # 参数的名称是done
+            name="workspace_id",
+            # 对参数的备注
+            description="工作空间id",
+            # 指定参数的类型
+            type=OpenApiTypes.STR,
+            location=OpenApiParameter.PATH,
+            # 指定必须给
+            required=True,
+        )]
diff --git a/apps/users/urls.py b/apps/users/urls.py
index 26721abe8..47972927c 100644
--- a/apps/users/urls.py
+++ b/apps/users/urls.py
@@ -6,5 +6,7 @@ app_name = "user"
 urlpatterns = [
     path('user/login', views.LoginView.as_view(), name='login'),
     path('user/profile', views.UserProfileView.as_view(), name="user_profile"),
-    path('user/test', views.TestPermissionsUserView.as_view(), name="test")
+    path('user/test', views.TestPermissionsUserView.as_view(), name="test"),
+    path('user/<str:workspace_id>', views.TestWorkspacePermissionUserView.as_view(),
+         name="test_workspace_id_permission")
 ]
diff --git a/apps/users/views/user.py b/apps/users/views/user.py
index 711b6310d..5eb885584 100644
--- a/apps/users/views/user.py
+++ b/apps/users/views/user.py
@@ -15,7 +15,7 @@ from common.auth import TokenAuth
 from common.auth.authentication import has_permissions
 from common.constants.permission_constants import PermissionConstants
 from common.result import result
-from users.api.user import UserProfileAPI
+from users.api.user import UserProfileAPI, TestWorkspacePermissionUserApi
 from users.serializers.user import UserProfileSerializer
 
 
@@ -42,3 +42,17 @@ class TestPermissionsUserView(APIView):
     @has_permissions(PermissionConstants.USER_EDIT)
     def get(self, request: Request):
         return result.success(UserProfileSerializer().profile(request.user))
+
+
+class TestWorkspacePermissionUserView(APIView):
+    authentication_classes = [TokenAuth]
+
+    @extend_schema(methods=['GET'],
+                   description="针对工作空间下权限校验",
+                   operation_id="针对工作空间下权限校验",
+                   tags=[_("User management")],
+                   responses=UserProfileAPI.get_response(),
+                   parameters=TestWorkspacePermissionUserApi.get_parameters())
+    @has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission())
+    def get(self, request: Request, workspace_id):
+        return result.success(UserProfileSerializer().profile(request.user))