refactor: permission

2025-12-26 10:02:46 +00:00 · 2025-06-06 17:05:25 +08:00 · 2025-06-06 17:05:25 +08:00 · 8ab4456ec3
parent 16dc78d5a4
commit 8ab4456ec3
2 changed files with 41 additions and 5 deletions
--- a/apps/application/views/application.py
+++ b/apps/application/views/application.py
@ -27,7 +27,7 @@ from common.log.log import log
 def get_application_operation_object(application_id):
    application_model = QuerySet(model=Application).filter(id=application_id).first()
    if application_model is not None:
-        return{
+        return {
            'name': application_model.name
        }
    return {}
@ -48,7 +48,7 @@ class Application(APIView):
    )
    @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission())
    @log(menu='Application', operate='Create an application',
-         get_operation_object=lambda r,k: {'name': r.data.get('name')})
+         get_operation_object=lambda r, k: {'name': r.data.get('name')})
    def post(self, request: Request, workspace_id: str):
        return result.success(
            ApplicationSerializer(data={'workspace_id': workspace_id, 'user_id': request.user.id}).insert(request.data))
@ -105,8 +105,6 @@ class Application(APIView):
                data={'user_id': request.user.id, 'workspace_id': workspace_id,
                      }).import_({'file': request.FILES.get('file')}))

-
-
    class Export(APIView):
        authentication_classes = [TokenAuth]

@ -197,7 +195,7 @@ class Application(APIView):
            tags=[_('Application')]  # type: ignore
        )
        @log(menu='Application', operate='Publishing an application',
-             get_operation_object=lambda r,k: get_application_operation_object(k.get('application_id'))
+             get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id'))
             )
        def put(self, request: Request, application_id: str):
            return result.success(
--- a/apps/common/constants/permission_constants.py
+++ b/apps/common/constants/permission_constants.py
@ -44,6 +44,7 @@ class Group(Enum):
    USER_GROUP = "USER_GROUP"
    CHAT_USER_AUTH = "CHAT_USER_AUTH"
    OTHER = "OTHER"
+    OVERVIEW = "OVERVIEW"


 class SystemGroup(Enum):
@ -225,6 +226,7 @@ Permission_Label = {
    Group.CHAT_USER.value: _("Chat User"),
    Group.USER_GROUP.value: _("User Group"),
    Group.CHAT_USER_AUTH.value: _("Chat User Auth"),
+    Group.OVERVIEW.value: _("Overview"),

 }

@ -573,6 +575,42 @@ class PermissionConstants(Enum):
                                  parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
                                  resource_permission_group_list=[ResourcePermissionGroup.VIEW],
                                  )
+    APPLICATION_OVERVIEW_READ = Permission(group=Group.OVERVIEW, operate=Operate.READ,
+                                           role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+                                           parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+                                           resource_permission_group_list=[ResourcePermissionGroup.VIEW],
+                                           )
+    APPLICATION_OVERVIEW_EMBEDDED = Permission(group=Group.OVERVIEW, operate=Operate.READ,
+                                               role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+                                               parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+                                               resource_permission_group_list=[ResourcePermissionGroup.VIEW],
+                                               label=_('Embed third party')
+                                               )
+    APPLICATION_OVERVIEW_ACCESS = Permission(group=Group.OVERVIEW, operate=Operate.READ,
+                                             role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+                                             parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+                                             resource_permission_group_list=[ResourcePermissionGroup.VIEW],
+                                             label=_('Access restrictions')
+                                             )
+    APPLICATION_OVERVIEW_DISPLAY = Permission(group=Group.OVERVIEW, operate=Operate.READ,
+                                              role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+                                              parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+                                              resource_permission_group_list=[ResourcePermissionGroup.VIEW],
+                                              label=_('Display settings')
+                                              )
+    APPLICATION_OVERVIEW_API_KEY = Permission(group=Group.OVERVIEW, operate=Operate.READ,
+                                              role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+                                              parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+                                              resource_permission_group_list=[ResourcePermissionGroup.VIEW],
+                                              label=_('API Key')
+                                              )
+    APPLICATION_OVERVIEW_PUBLIC = Permission(group=Group.OVERVIEW, operate=Operate.READ,
+                                             role_list=[RoleConstants.ADMIN, RoleConstants.USER],
+                                             parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION],
+                                             resource_permission_group_list=[ResourcePermissionGroup.VIEW],
+                                             label=_('Public settings')
+                                             )
+
    SYSTEM_API_KEY_EDIT = Permission(group=Group.OTHER, operate=Operate.EDIT,
                                     role_list=[RoleConstants.ADMIN],
                                     parent_group=[SystemGroup.OTHER],