fix: 【权限】有应用管理权限，启用停用apikey、删除apikey提示没有权限

2025-12-26 01:33:05 +00:00 · 2024-02-29 16:14:07 +08:00 · 2024-02-29 16:14:07 +08:00 · 911f00737a
parent 739fc9808c
commit 911f00737a
2 changed files with 9 additions and 5 deletions
--- a/apps/application/views/application_views.py
+++ b/apps/application/views/application_views.py
@ -68,7 +68,7 @@ class Application(APIView):
                             )
        @has_permissions(ViewPermission(
            [RoleConstants.ADMIN, RoleConstants.USER],
-            [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.MANAGE,
+            [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.USE,
                                            dynamic_tag=keywords.get('application_id'))],
            compare=CompareConstants.AND))
        def get(self, request: Request, application_id: str):
@ -88,8 +88,7 @@ class Application(APIView):
                [RoleConstants.ADMIN, RoleConstants.USER],
                [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.MANAGE,
                                                dynamic_tag=keywords.get('application_id'))],
-                compare=CompareConstants.AND), lambda r, k: Permission(group=Group.APPLICATION, operate=Operate.DELETE,
-                                                                       dynamic_tag=k.get('application_id')),
+                compare=CompareConstants.AND), PermissionConstants.APPLICATION_EDIT,
                compare=CompareConstants.AND)
            def put(self, request: Request, application_id: str, api_key_id: str):
                return result.success(
@ -106,8 +105,7 @@ class Application(APIView):
                [RoleConstants.ADMIN, RoleConstants.USER],
                [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.MANAGE,
                                                dynamic_tag=keywords.get('application_id'))],
-                compare=CompareConstants.AND), lambda r, k: Permission(group=Group.APPLICATION, operate=Operate.DELETE,
-                                                                       dynamic_tag=k.get('application_id')),
+                compare=CompareConstants.AND), PermissionConstants.APPLICATION_DELETE,
                compare=CompareConstants.AND)
            def delete(self, request: Request, application_id: str, api_key_id: str):
                return result.success(
--- a/apps/common/constants/permission_constants.py
+++ b/apps/common/constants/permission_constants.py
@ -108,6 +108,12 @@ class PermissionConstants(Enum):
    APPLICATION_CREATE = Permission(group=Group.APPLICATION, operate=Operate.CREATE,
                                    roles=[RoleConstants.ADMIN, RoleConstants.USER])

+    APPLICATION_DELETE = Permission(group=Group.APPLICATION, operate=Operate.DELETE,
+                                    roles=[RoleConstants.ADMIN, RoleConstants.USER])
+
+    APPLICATION_EDIT = Permission(group=Group.APPLICATION, operate=Operate.EDIT,
+                                  roles=[RoleConstants.ADMIN, RoleConstants.USER])
+
    SETTING_READ = Permission(group=Group.SETTING, operate=Operate.READ,
                              roles=[RoleConstants.ADMIN, RoleConstants.USER])