From 65d2045751d13316c055c370bc1df4d3d70246c7 Mon Sep 17 00:00:00 2001
From: wxg0103 <727495428@qq.com>
Date: Mon, 14 Jul 2025 14:39:05 +0800
Subject: [PATCH] refactor: enhance role_setting validation in user role
 assignment logic

---
 apps/users/serializers/user.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/apps/users/serializers/user.py b/apps/users/serializers/user.py
index 44022b085..2d3454e22 100644
--- a/apps/users/serializers/user.py
+++ b/apps/users/serializers/user.py
@@ -570,7 +570,9 @@ def update_user_role(instance, user, user_id=None):
         is_admin = workspace_user_role_mapping_model.objects.filter(user_id=user_id,
                                                                     role_id=RoleConstants.ADMIN.name).exists()
         role_setting = instance.get('role_setting')
-        if not role_setting:
+        if not role_setting or (len(role_setting) == 1
+                                and role_setting[0].get('role_id') == ''
+                                and len(role_setting[0].get('workspace_ids', [])) == 0):
             return
         if str(user.id) == 'f0dd8f71-e4ee-11ee-8c84-a8a1595801ab':
             # 需要判断当前角色的权限 不能删除系统管理员 空间管理员 普通管理员等角色