15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-26 01:33:05 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

rafactor: User resource permission read and edit

This commit is contained in:
zhangzhanwei 2025-08-13 10:09:42 +08:00 committed by zhanweizhang7
parent 5c0735109a
commit 5061708c1f
9 changed files with 374 additions and 131 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

133
apps/system_manage/api/user_resource_permission.py
View File

@ -12,15 +12,29 @@ from rest_framework import serializers
from django.utils.translation import gettext_lazy as _
from common.mixins.api_mixin import APIMixin
from common.result import ResultSerializer, ResultPageSerializer
from system_manage.serializers.user_resource_permission import UserResourcePermissionResponse, \
UpdateUserResourcePermissionRequest, ResourceUserPermissionEditRequest
from common.result import ResultSerializer, ResultPageSerializer, PageDataResponse
from system_manage.serializers.user_resource_permission import ResourceUserPermissionEditRequest, UpdateTeamMemberItemPermissionSerializer
class APIUserResourcePermissionResponse(ResultSerializer):
class UserResourcePermissionResponse0(serializers.Serializer):
id = serializers.UUIDField(required=True, label="主键id")
name = serializers.CharField(required=True, label="资源名称")
auth_target_type = serializers.CharField(required=True, label="授权资源")
user_id = serializers.UUIDField(required=True, label="用户id")
icon = serializers.CharField(required=True, label="资源图标")
auth_type = serializers.CharField(required=True, label="授权类型")
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True,
choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
label=_('permission'))
class NewAPIUserResourcePermissionResponse(ResultSerializer):
def get_data(self):
return UserResourcePermissionResponse(many=True)
return UserResourcePermissionResponse0(many=True)
class NewAPIUserResourcePermissionPageResponse(ResultPageSerializer):
def get_data(self):
return UserResourcePermissionResponse0(many=True)
class UserResourcePermissionAPI(APIMixin):
@staticmethod
@ -40,17 +54,61 @@ class UserResourcePermissionAPI(APIMixin):
location='path',
required=True,
),
OpenApiParameter(
name="name",
description="名称",
type=OpenApiTypes.STR,
location='query',
required=False
),
OpenApiParameter(
name="permission",
description="权限",
type=OpenApiTypes.STR,
location='query',
required=False
),
]
@staticmethod
def get_response():
return APIUserResourcePermissionResponse
return NewAPIUserResourcePermissionResponse
class EditUserResourcePermissionAPI(APIMixin):
@staticmethod
def get_parameters():
return [
OpenApiParameter(
name="workspace_id",
description="工作空间id",
type=OpenApiTypes.STR,
location='path',
required=True,
),
OpenApiParameter(
name="user_id",
description="用户id",
type=OpenApiTypes.STR,
location='path',
required=True,
),
OpenApiParameter(
name="resource",
description="资源类型",
type=OpenApiTypes.STR,
location='path',
required=True
),
]
@staticmethod
def get_request():
return UpdateUserResourcePermissionRequest()
return UpdateTeamMemberItemPermissionSerializer(many=True)
@staticmethod
def get_response():
return NewAPIUserResourcePermissionResponse
class ResourceUserPermissionResponse(serializers.Serializer):
@ -117,10 +175,69 @@ class ResourceUserPermissionAPI(APIMixin):
def get_response():
return APIResourceUserPermissionResponse
class UserResourcePermissionPageAPI(APIMixin):
@staticmethod
def get_parameters():
return [
OpenApiParameter(
name="workspace_id",
description="工作空间id",
type=OpenApiTypes.STR,
location='path',
required=True
),
OpenApiParameter(
name="user_id",
description="用户id",
type=OpenApiTypes.STR,
location='path',
required=True
),
OpenApiParameter(
name="resource",
description="资源类型",
type=OpenApiTypes.STR,
location='path',
required=True
),
OpenApiParameter(
name="current_page",
description=_("Current page"),
type=OpenApiTypes.INT,
location='path',
required=True,
),
OpenApiParameter(
name="page_size",
description=_("Page size"),
type=OpenApiTypes.INT,
location='path',
required=True,
),
OpenApiParameter(
name="name",
description="资源名称",
type=OpenApiTypes.STR,
location='query',
required=False
),
OpenApiParameter(
name="permission",
description="权限",
type=OpenApiTypes.STR,
location='query',
required=False
),
]
@staticmethod
def get_response():
return NewAPIUserResourcePermissionPageResponse
class APIResourceUserPermissionPageResponse(ResultPageSerializer):
def get_data(self):
return ResourceUserPermissionResponse(many=True)
return PageDataResponse(ResourceUserPermissionResponse(many=True))
class ResourceUserPermissionPageAPI(APIMixin):

113
apps/system_manage/serializers/user_resource_permission.py
View File

@ -44,10 +44,13 @@ class PermissionSerializer(serializers.Serializer):
class UserResourcePermissionItemResponse(serializers.Serializer):
id = serializers.UUIDField(required=True, label="主键id")
name = serializers.CharField(required=True, label="资源名称")
auth_target_type = serializers.ChoiceField(required=True, choices=AuthTargetType.choices, label="授权资源")
auth_target_type = serializers.CharField(required=True, label="授权资源")
user_id = serializers.UUIDField(required=True, label="用户id")
auth_type = serializers.ChoiceField(required=True, choices=ResourceAuthType.choices, label="授权类型")
permission = PermissionSerializer()
icon = serializers.CharField(required=True, label="资源图标")
auth_type = serializers.CharField(required=True, label="授权类型")
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True,
choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
label=_('permission'))
class UserResourcePermissionResponse(serializers.Serializer):
@ -56,8 +59,9 @@ class UserResourcePermissionResponse(serializers.Serializer):
class UpdateTeamMemberItemPermissionSerializer(serializers.Serializer):
target_id = serializers.CharField(required=True, label=_('target id'))
auth_type = serializers.ChoiceField(required=True, choices=ResourceAuthType.choices, label="授权类型")
permission = PermissionSerializer(required=True, many=False)
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True,
choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
label=_('permission'))
class UpdateUserResourcePermissionRequest(serializers.Serializer):
@ -90,19 +94,38 @@ sql_map = {
'APPLICATION': 'get_application_user_resource_permission.sql'
}
class UserResourcePermissionUserListRequest(serializers.Serializer):
name = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('resource name'))
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True,choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
label=_('permission'))
class UserResourcePermissionSerializer(serializers.Serializer):
workspace_id = serializers.CharField(required=True, label=_('workspace id'))
user_id = serializers.CharField(required=True, label=_('user id'))
auth_target_type = serializers.CharField(required=True, label=_('resource'))
def get_queryset(self):
def get_queryset(self, instance):
resource_query_set = QuerySet(
model=get_dynamics_model({
'name': models.CharField(),
"permission": models.CharField(),
}))
name = instance.get('name')
permission = instance.get('permission')
if name:
resource_query_set = resource_query_set.filter(name__contains=name)
if permission:
resource_query_set = resource_query_set.filter(
permission=None if instance.get('permission') == 'NOT_AUTH' else instance.get('permission'))
return {
'query_set': QuerySet(m_map.get(self.data.get('auth_target_type'))).filter(
workspace_id=self.data.get('workspace_id')),
'workspace_user_resource_permission_query_set': QuerySet(WorkspaceUserResourcePermission).filter(
workspace_id=self.data.get('workspace_id'), user=self.data.get('user_id'),
auth_target_type=self.data.get('auth_target_type'))
auth_target_type=self.data.get('auth_target_type')),
'resource_query_set': resource_query_set
}
def is_auth(self, resource_id: str):
@ -184,44 +207,38 @@ class UserResourcePermissionSerializer(serializers.Serializer):
cache.delete(key, version=version)
return True
def list(self, user, with_valid=True):
def list(self, instance, user, with_valid=True):
if with_valid:
self.is_valid(raise_exception=True)
UserResourcePermissionUserListRequest(data=instance).is_valid(raise_exception=True)
workspace_id = self.data.get("workspace_id")
user_id = self.data.get("user_id")
# 用户权限列表
user_resource_permission_list = native_search(self.get_queryset(), get_file_content(
user_resource_permission_list = native_search(self.get_queryset(instance), get_file_content(
os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', sql_map.get(self.data.get('auth_target_type')))))
workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping")
workspace_model = DatabaseModelManage.get_model("workspace_model")
if workspace_user_role_mapping_model and workspace_model:
workspace_user_role_mapping_list = QuerySet(workspace_user_role_mapping_model).filter(user_id=user_id,
workspace_id=workspace_id)
else:
workspace_user_role_mapping_list = get_default_workspace_user_role_mapping_list([user.role])
is_workspace_manage = any(
[workspace_user_role_mapping for workspace_user_role_mapping in workspace_user_role_mapping_list if
workspace_user_role_mapping.role_id == RoleConstants.WORKSPACE_MANAGE.value])
# 如果当前用户是当前工作空间管理员那么就拥有所有权限
if is_workspace_manage:
user_resource_permission_list = list(
map(lambda row: {**row,
'permission': {ResourcePermission.VIEW.value: True,
ResourcePermission.MANAGE.value: True,
ResourcePermissionRole.ROLE.value: True}},
user_resource_permission_list))
return group_by([{**user_resource_permission, 'permission': {
permission: True if user_resource_permission.get('permission_list').__contains__(permission) else False for
permission in
[ResourcePermission.VIEW.value, ResourcePermission.MANAGE.value,
ResourcePermissionRole.ROLE.value]}}
for user_resource_permission in user_resource_permission_list],
key=lambda item: item.get('auth_target_type'))
return [{**user_resource_permission}
for user_resource_permission in user_resource_permission_list]
def page(self, instance, current_page: int, page_size: int,user, with_valid=True):
if with_valid:
self.is_valid(raise_exception=True)
UserResourcePermissionUserListRequest(data=instance).is_valid(raise_exception=True)
workspace_id = self.data.get("workspace_id")
user_id = self.data.get("user_id")
# 用户对应的资源权限分页列表
user_resource_permission_page_list = native_page_search(current_page,page_size,self.get_queryset(instance),get_file_content(
os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', sql_map.get(self.data.get('auth_target_type')))
))
return user_resource_permission_page_list
def edit(self, instance, user, with_valid=True):
if with_valid:
self.is_valid(raise_exception=True)
UpdateUserResourcePermissionRequest(data=instance).is_valid(raise_exception=True,
UpdateUserResourcePermissionRequest(data={'user_resource_permission_list':instance}).is_valid(raise_exception=True,
auth_target_type=self.data.get(
'auth_target_type'),
workspace_id=self.data.get('workspace_id'))
@ -229,11 +246,17 @@ class UserResourcePermissionSerializer(serializers.Serializer):
user_id = self.data.get("user_id")
update_list = []
save_list = []
user_resource_permission_list = instance.get('user_resource_permission_list')
targets = [ item['target_id'] for item in instance ]
QuerySet(WorkspaceUserResourcePermission).filter(
workspace_id=workspace_id, user_id=user_id, auth_target_type=self.data.get('auth_target_type')).delete()
workspace_id=workspace_id,
user_id=user_id,
auth_target_type=self.data.get('auth_target_type'),
target__in=targets
).delete()
workspace_user_resource_permission_exist_list = []
for user_resource_permission in user_resource_permission_list:
for user_resource_permission in instance:
permission = user_resource_permission['permission']
auth_type, permission_list = permission_map[permission]
exist_list = [user_resource_permission_exist for user_resource_permission_exist in
workspace_user_resource_permission_exist_list if
user_resource_permission.get('target_id') == str(user_resource_permission_exist.target)]
@ -245,14 +268,10 @@ class UserResourcePermissionSerializer(serializers.Serializer):
else:
save_list.append(WorkspaceUserResourcePermission(target=user_resource_permission.get('target_id'),
auth_target_type=self.data.get('auth_target_type'),
permission_list=[key for key in
user_resource_permission.get(
'permission').keys() if
user_resource_permission.get(
'permission').get(key)],
permission_list=permission_list,
workspace_id=workspace_id,
user_id=user_id,
auth_type=user_resource_permission.get('auth_type')))
auth_type=auth_type))
# 批量更新
QuerySet(WorkspaceUserResourcePermission).bulk_update(update_list, ['permission_list', 'auth_type']) if len(
update_list) > 0 else None
@ -261,13 +280,13 @@ class UserResourcePermissionSerializer(serializers.Serializer):
version = Cache_Version.PERMISSION_LIST.get_version()
key = Cache_Version.PERMISSION_LIST.get_key(user_id=user_id)
cache.delete(key, version=version)
return True
return instance
class ResourceUserPermissionUserListRequest(serializers.Serializer):
nick_name = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id'))
username = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id'))
permission = serializers.ChoiceField(required=True, choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True, choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
label=_('permission'))
@ -381,4 +400,4 @@ class ResourceUserPermissionSerializer(serializers.Serializer):
for user_id in users_id:
key = Cache_Version.PERMISSION_LIST.get_key(user_id=user_id)
cache.delete(key, version=version)
return True
return instance

55
apps/system_manage/sql/get_application_user_resource_permission.sql
View File

@ -1,17 +1,38 @@
SELECT app_or_knowledge.*,
COALESCE(workspace_user_resource_permission.permission_list,'{}')::varchar[] as permission_list,
COALESCE(workspace_user_resource_permission.auth_type,'ROLE') as auth_type
FROM (SELECT "id",
"name",
'APPLICATION' AS "auth_target_type",
user_id,
workspace_id,
icon,
folder_id
FROM application
${query_set}
) app_or_knowledge
LEFT JOIN (SELECT *
FROM workspace_user_resource_permission
${workspace_user_resource_permission_query_set}) workspace_user_resource_permission
ON workspace_user_resource_permission.target = app_or_knowledge."id";
SELECT
app_or_knowledge.*,
CASE
WHEN
wurp."permission" is null then 'NOT_AUTH'
ELSE wurp."permission"
END
FROM (
SELECT
"id",
"name",
'APPLICATION' AS "auth_target_type",
user_id,
workspace_id,
icon,
folder_id
FROM
application
${query_set}
) app_or_knowledge
LEFT JOIN (
SELECT
target,
CASE
WHEN auth_type = 'ROLE'
AND 'ROLE' = ANY(permission_list) THEN 'ROLE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
ELSE 'NOT_AUTH'
END AS permission
FROM
workspace_user_resource_permission
${workspace_user_resource_permission_query_set}
) wurp
ON wurp.target = app_or_knowledge."id"
${resource_query_set}

55
apps/system_manage/sql/get_knowledge_user_resource_permission.sql
View File

@ -1,17 +1,38 @@
SELECT app_or_knowledge.*,
COALESCE(workspace_user_resource_permission.permission_list,'{}')::varchar[] as permission_list,
COALESCE(workspace_user_resource_permission.auth_type,'ROLE') as auth_type
FROM (SELECT "id",
"name",
'KNOWLEDGE' AS "auth_target_type",
user_id,
workspace_id,
"type"::varchar AS "icon",
folder_id
FROM knowledge
${query_set}
) app_or_knowledge
LEFT JOIN (SELECT *
FROM workspace_user_resource_permission
${workspace_user_resource_permission_query_set}) workspace_user_resource_permission
ON workspace_user_resource_permission.target = app_or_knowledge."id";
SELECT
app_or_knowledge.*,
CASE
WHEN
wurp."permission" is null then 'NOT_AUTH'
ELSE wurp."permission"
END
FROM (
SELECT
"id",
"name",
'KNOWLEDGE' AS "auth_target_type",
user_id,
workspace_id,
"type"::varchar AS "icon",
folder_id
FROM
knowledge
${query_set}
) app_or_knowledge
LEFT JOIN (
SELECT
target,
CASE
WHEN auth_type = 'ROLE'
AND 'ROLE' = ANY(permission_list) THEN 'ROLE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
ELSE 'NOT_AUTH'
END AS permission
FROM
workspace_user_resource_permission
${workspace_user_resource_permission_query_set}
) wurp
ON wurp.target = app_or_knowledge."id"
${resource_query_set}

55
apps/system_manage/sql/get_model_user_resource_permission.sql
View File

@ -1,17 +1,38 @@
SELECT app_or_knowledge.*,
COALESCE(workspace_user_resource_permission.permission_list,'{}')::varchar[] as permission_list,
COALESCE(workspace_user_resource_permission.auth_type,'ROLE') as auth_type
FROM (SELECT "id",
"name",
'MODEL' AS "auth_target_type",
user_id,
workspace_id,
provider as icon,
'default' as folder_id
FROM model
${query_set}
) app_or_knowledge
LEFT JOIN (SELECT *
FROM workspace_user_resource_permission
${workspace_user_resource_permission_query_set}) workspace_user_resource_permission
ON workspace_user_resource_permission.target = app_or_knowledge."id";
SELECT
app_or_knowledge.*,
CASE
WHEN
wurp."permission" is null then 'NOT_AUTH'
ELSE wurp."permission"
END
FROM (
SELECT
"id",
"name",
'MODEL' AS "auth_target_type",
user_id,
workspace_id,
provider as icon,
'default' as folder_id
FROM
model
${query_set}
) app_or_knowledge
LEFT JOIN (
SELECT
target,
CASE
WHEN auth_type = 'ROLE'
AND 'ROLE' = ANY(permission_list) THEN 'ROLE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
ELSE 'NOT_AUTH'
END AS permission
FROM
workspace_user_resource_permission
${workspace_user_resource_permission_query_set}
) wurp
ON wurp.target = app_or_knowledge."id"
${resource_query_set}

2
apps/system_manage/sql/get_resource_user_permission_detail.sql
View File

@ -19,7 +19,7 @@ LEFT JOIN (
and 'MANAGE'= any(permission_list) then 'MANAGE'
when auth_type = 'RESOURCE_PERMISSION_GROUP'
and 'VIEW' = any( permission_list) then 'VIEW'
else 'NO_AUTH'
else 'NOT_AUTH'
end) as "permission"
FROM
workspace_user_resource_permission

56
apps/system_manage/sql/get_tool_user_resource_permission.sql
View File

@ -1,17 +1,39 @@
SELECT app_or_knowledge.*,
COALESCE(workspace_user_resource_permission.permission_list,'{}')::varchar[] as permission_list,
COALESCE(workspace_user_resource_permission.auth_type,'ROLE') as auth_type
FROM (SELECT "id",
"name",
'TOOL' AS "auth_target_type",
user_id,
workspace_id,
icon,
folder_id
FROM tool
${query_set}
) app_or_knowledge
LEFT JOIN (SELECT *
FROM workspace_user_resource_permission
${workspace_user_resource_permission_query_set}) workspace_user_resource_permission
ON workspace_user_resource_permission.target = app_or_knowledge."id";
SELECT
app_or_knowledge.*,
CASE
WHEN
wurp."permission" is null then 'NOT_AUTH'
ELSE wurp."permission"
END
FROM (
SELECT
"id",
"name",
'TOOL' AS "auth_target_type",
user_id,
workspace_id,
icon,
folder_id
FROM
tool
${query_set}
) app_or_knowledge
LEFT JOIN (
SELECT
target,
CASE
WHEN auth_type = 'ROLE'
AND 'ROLE' = ANY(permission_list) THEN 'ROLE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
ELSE 'NOT_AUTH'
END AS permission
FROM
workspace_user_resource_permission
${workspace_user_resource_permission_query_set}
) wurp
ON wurp.target = app_or_knowledge."id"
${resource_query_set}

1
apps/system_manage/urls.py
View File

@ -6,6 +6,7 @@ app_name = "system_manage"
# @formatter:off
urlpatterns = [
path('workspace/<str:workspace_id>/user_resource_permission/user/<str:user_id>/resource/<str:resource>', views.WorkSpaceUserResourcePermissionView.as_view()),
path('workspace/<str:workspace_id>/user_resource_permission/user/<str:user_id>/resource/<str:resource>/<int:current_page>/<int:page_size>', views.WorkSpaceUserResourcePermissionView.Page.as_view()),
path('workspace/<str:workspace_id>/resource_user_permission/resource/<str:target>/resource/<str:resource>', views.WorkspaceResourceUserPermissionView.as_view()),
path('workspace/<str:workspace_id>/resource_user_permission/resource/<str:target>/resource/<str:resource>/<int:current_page>/<int:page_size>', views.WorkspaceResourceUserPermissionView.Page.as_view()),
path('email_setting', views.SystemSetting.Email.as_view()),

35
apps/system_manage/views/user_resource_permission.py
View File

@ -17,9 +17,9 @@ from common.auth import TokenAuth
from common.auth.authentication import has_permissions
from common.constants.permission_constants import PermissionConstants, RoleConstants, Permission, Group, Operate
from common.log.log import log
from common.result import DefaultResultSerializer
from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI, \
ResourceUserPermissionAPI, ResourceUserPermissionPageAPI, ResourceUserPermissionEditAPI
ResourceUserPermissionAPI, ResourceUserPermissionPageAPI, ResourceUserPermissionEditAPI, \
UserResourcePermissionPageAPI
from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer, \
ResourceUserPermissionSerializer
from users.models import User
@ -52,15 +52,16 @@ class WorkSpaceUserResourcePermissionView(APIView):
def get(self, request: Request, workspace_id: str, user_id: str, resource: str):
return result.success(UserResourcePermissionSerializer(
data={'workspace_id': workspace_id, 'user_id': user_id, 'auth_target_type': resource}
).list(request.user))
).list({'name': request.query_params.get('name'),
'permission': request.query_params.get('permission')}, request.user))
@extend_schema(
methods=['PUT'],
description=_('Modify the resource authorization list'),
operation_id=_('Modify the resource authorization list'), # type: ignore
parameters=UserResourcePermissionAPI.get_parameters(),
parameters=EditUserResourcePermissionAPI.get_parameters(),
request=EditUserResourcePermissionAPI.get_request(),
responses=DefaultResultSerializer(),
responses=EditUserResourcePermissionAPI.get_response(),
tags=[_('Resources authorization')] # type: ignore
)
@log(menu='System', operate='Modify the resource authorization list',
@ -75,6 +76,26 @@ class WorkSpaceUserResourcePermissionView(APIView):
data={'workspace_id': workspace_id, 'user_id': user_id, 'auth_target_type': resource}
).edit(request.data, request.user))
class Page(APIView):
authentication_classes = [TokenAuth]
@extend_schema(
methods=['GET'],
description=_('Obtain resource authorization list by page'),
summary=_('Obtain resource authorization list by page'),
operation_id=_('Obtain resource authorization list by page'), # type: ignore
request=None,
parameters=UserResourcePermissionPageAPI.get_parameters(),
responses=UserResourcePermissionPageAPI.get_response(),
tags=[_('Resources authorization')] # type: ignore
)
def get(self, request: Request, workspace_id: str, user_id: str, resource: str, current_page: str,
page_size: str):
return result.success(UserResourcePermissionSerializer(
data={'workspace_id': workspace_id, 'user_id': user_id, 'auth_target_type': resource}
).page({'name': request.query_params.get('name'),
'permission': request.query_params.get('permission')}, current_page, page_size, request.user))
class WorkspaceResourceUserPermissionView(APIView):
authentication_classes = [TokenAuth]
@ -107,7 +128,6 @@ class WorkspaceResourceUserPermissionView(APIView):
tags=[_('Resources authorization')] # type: ignore
)
def put(self, request: Request, workspace_id: str, target: str, resource: str):
return result.success(ResourceUserPermissionSerializer(
data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource, })
.edit(instance=request.data))
@ -129,5 +149,6 @@ class WorkspaceResourceUserPermissionView(APIView):
return result.success(ResourceUserPermissionSerializer(
data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource, }
).page({'username': request.query_params.get("username"),
'nick_name': request.query_params.get("nick_name"), 'permission': request.query_params.get("permission")}, current_page, page_size,
'nick_name': request.query_params.get("nick_name"),
'permission': request.query_params.get("permission")}, current_page, page_size,
))