From 8ab4456ec3c1393369e87ef03c5fcab365cb019b Mon Sep 17 00:00:00 2001 From: wxg0103 <727495428@qq.com> Date: Fri, 6 Jun 2025 17:05:25 +0800 Subject: [PATCH] refactor: permission --- apps/application/views/application.py | 8 ++-- apps/common/constants/permission_constants.py | 38 +++++++++++++++++++ 2 files changed, 41 insertions(+), 5 deletions(-) diff --git a/apps/application/views/application.py b/apps/application/views/application.py index 158c1c005..f69cab32b 100644 --- a/apps/application/views/application.py +++ b/apps/application/views/application.py @@ -27,7 +27,7 @@ from common.log.log import log def get_application_operation_object(application_id): application_model = QuerySet(model=Application).filter(id=application_id).first() if application_model is not None: - return{ + return { 'name': application_model.name } return {} @@ -48,7 +48,7 @@ class Application(APIView): ) @has_permissions(PermissionConstants.APPLICATION_READ.get_workspace_permission()) @log(menu='Application', operate='Create an application', - get_operation_object=lambda r,k: {'name': r.data.get('name')}) + get_operation_object=lambda r, k: {'name': r.data.get('name')}) def post(self, request: Request, workspace_id: str): return result.success( ApplicationSerializer(data={'workspace_id': workspace_id, 'user_id': request.user.id}).insert(request.data)) @@ -105,8 +105,6 @@ class Application(APIView): data={'user_id': request.user.id, 'workspace_id': workspace_id, }).import_({'file': request.FILES.get('file')})) - - class Export(APIView): authentication_classes = [TokenAuth] @@ -197,7 +195,7 @@ class Application(APIView): tags=[_('Application')] # type: ignore ) @log(menu='Application', operate='Publishing an application', - get_operation_object=lambda r,k: get_application_operation_object(k.get('application_id')) + get_operation_object=lambda r, k: get_application_operation_object(k.get('application_id')) ) def put(self, request: Request, application_id: str): return result.success( diff --git a/apps/common/constants/permission_constants.py b/apps/common/constants/permission_constants.py index 1e0bfc4e1..2027a14a2 100644 --- a/apps/common/constants/permission_constants.py +++ b/apps/common/constants/permission_constants.py @@ -44,6 +44,7 @@ class Group(Enum): USER_GROUP = "USER_GROUP" CHAT_USER_AUTH = "CHAT_USER_AUTH" OTHER = "OTHER" + OVERVIEW = "OVERVIEW" class SystemGroup(Enum): @@ -225,6 +226,7 @@ Permission_Label = { Group.CHAT_USER.value: _("Chat User"), Group.USER_GROUP.value: _("User Group"), Group.CHAT_USER_AUTH.value: _("Chat User Auth"), + Group.OVERVIEW.value: _("Overview"), } @@ -573,6 +575,42 @@ class PermissionConstants(Enum): parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], resource_permission_group_list=[ResourcePermissionGroup.VIEW], ) + APPLICATION_OVERVIEW_READ = Permission(group=Group.OVERVIEW, operate=Operate.READ, + role_list=[RoleConstants.ADMIN, RoleConstants.USER], + parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], + resource_permission_group_list=[ResourcePermissionGroup.VIEW], + ) + APPLICATION_OVERVIEW_EMBEDDED = Permission(group=Group.OVERVIEW, operate=Operate.READ, + role_list=[RoleConstants.ADMIN, RoleConstants.USER], + parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], + resource_permission_group_list=[ResourcePermissionGroup.VIEW], + label=_('Embed third party') + ) + APPLICATION_OVERVIEW_ACCESS = Permission(group=Group.OVERVIEW, operate=Operate.READ, + role_list=[RoleConstants.ADMIN, RoleConstants.USER], + parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], + resource_permission_group_list=[ResourcePermissionGroup.VIEW], + label=_('Access restrictions') + ) + APPLICATION_OVERVIEW_DISPLAY = Permission(group=Group.OVERVIEW, operate=Operate.READ, + role_list=[RoleConstants.ADMIN, RoleConstants.USER], + parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], + resource_permission_group_list=[ResourcePermissionGroup.VIEW], + label=_('Display settings') + ) + APPLICATION_OVERVIEW_API_KEY = Permission(group=Group.OVERVIEW, operate=Operate.READ, + role_list=[RoleConstants.ADMIN, RoleConstants.USER], + parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], + resource_permission_group_list=[ResourcePermissionGroup.VIEW], + label=_('API Key') + ) + APPLICATION_OVERVIEW_PUBLIC = Permission(group=Group.OVERVIEW, operate=Operate.READ, + role_list=[RoleConstants.ADMIN, RoleConstants.USER], + parent_group=[WorkspaceGroup.APPLICATION, UserGroup.APPLICATION], + resource_permission_group_list=[ResourcePermissionGroup.VIEW], + label=_('Public settings') + ) + SYSTEM_API_KEY_EDIT = Permission(group=Group.OTHER, operate=Operate.EDIT, role_list=[RoleConstants.ADMIN], parent_group=[SystemGroup.OTHER],