From 911f00737a12d97104193371c8c0e0d132f158cc Mon Sep 17 00:00:00 2001 From: shaohuzhang1 Date: Thu, 29 Feb 2024 16:14:07 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E3=80=90=E6=9D=83=E9=99=90=E3=80=91?= =?UTF-8?q?=E6=9C=89=E5=BA=94=E7=94=A8=E7=AE=A1=E7=90=86=E6=9D=83=E9=99=90?= =?UTF-8?q?=EF=BC=8C=E5=90=AF=E7=94=A8=E5=81=9C=E7=94=A8apikey=E3=80=81?= =?UTF-8?q?=E5=88=A0=E9=99=A4apikey=E6=8F=90=E7=A4=BA=E6=B2=A1=E6=9C=89?= =?UTF-8?q?=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- apps/application/views/application_views.py | 8 +++----- apps/common/constants/permission_constants.py | 6 ++++++ 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/apps/application/views/application_views.py b/apps/application/views/application_views.py index fb234c665..7ae7e15aa 100644 --- a/apps/application/views/application_views.py +++ b/apps/application/views/application_views.py @@ -68,7 +68,7 @@ class Application(APIView): ) @has_permissions(ViewPermission( [RoleConstants.ADMIN, RoleConstants.USER], - [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.MANAGE, + [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.USE, dynamic_tag=keywords.get('application_id'))], compare=CompareConstants.AND)) def get(self, request: Request, application_id: str): @@ -88,8 +88,7 @@ class Application(APIView): [RoleConstants.ADMIN, RoleConstants.USER], [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.MANAGE, dynamic_tag=keywords.get('application_id'))], - compare=CompareConstants.AND), lambda r, k: Permission(group=Group.APPLICATION, operate=Operate.DELETE, - dynamic_tag=k.get('application_id')), + compare=CompareConstants.AND), PermissionConstants.APPLICATION_EDIT, compare=CompareConstants.AND) def put(self, request: Request, application_id: str, api_key_id: str): return result.success( @@ -106,8 +105,7 @@ class Application(APIView): [RoleConstants.ADMIN, RoleConstants.USER], [lambda r, keywords: Permission(group=Group.APPLICATION, operate=Operate.MANAGE, dynamic_tag=keywords.get('application_id'))], - compare=CompareConstants.AND), lambda r, k: Permission(group=Group.APPLICATION, operate=Operate.DELETE, - dynamic_tag=k.get('application_id')), + compare=CompareConstants.AND), PermissionConstants.APPLICATION_DELETE, compare=CompareConstants.AND) def delete(self, request: Request, application_id: str, api_key_id: str): return result.success( diff --git a/apps/common/constants/permission_constants.py b/apps/common/constants/permission_constants.py index 6e1df31d2..6f3f5c0f3 100644 --- a/apps/common/constants/permission_constants.py +++ b/apps/common/constants/permission_constants.py @@ -108,6 +108,12 @@ class PermissionConstants(Enum): APPLICATION_CREATE = Permission(group=Group.APPLICATION, operate=Operate.CREATE, roles=[RoleConstants.ADMIN, RoleConstants.USER]) + APPLICATION_DELETE = Permission(group=Group.APPLICATION, operate=Operate.DELETE, + roles=[RoleConstants.ADMIN, RoleConstants.USER]) + + APPLICATION_EDIT = Permission(group=Group.APPLICATION, operate=Operate.EDIT, + roles=[RoleConstants.ADMIN, RoleConstants.USER]) + SETTING_READ = Permission(group=Group.SETTING, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])