diff --git a/apps/application/serializers/application.py b/apps/application/serializers/application.py index a16a3e925..fe513a1b4 100644 --- a/apps/application/serializers/application.py +++ b/apps/application/serializers/application.py @@ -298,15 +298,12 @@ class Query(serializers.Serializer): folder_query_set = QuerySet(ApplicationFolder) application_query_set = QuerySet(Application) workspace_id = self.data.get('workspace_id') - user_id = instance.get('user_id') + user_id = self.data.get('user_id') desc = instance.get('desc') name = instance.get('name') if workspace_id is not None: folder_query_set = folder_query_set.filter(workspace_id=workspace_id) application_query_set = application_query_set.filter(workspace_id=workspace_id) - if user_id is not None: - folder_query_set = folder_query_set.filter(user_id=user_id) - application_query_set = application_query_set.filter(user_id=user_id) folder_id = instance.get('folder_id') if folder_id is not None: folder_query_set = folder_query_set.filter(parent=folder_id) @@ -319,12 +316,15 @@ class Query(serializers.Serializer): application_query_set = application_query_set.filter(desc__contains=desc) application_custom_sql_query_set = application_query_set application_query_set = application_query_set.order_by("-update_time") + workspace_user_role_mapping_model = DatabaseModelManage.get_model('workspace_user_role_mapping') return { 'folder_query_set': folder_query_set, 'application_query_set': application_query_set, 'application_custom_sql': application_custom_sql_query_set } if workspace_manage else {'folder_query_set': folder_query_set, - 'application_query_set': application_query_set} + 'application_query_set': application_query_set, + 'user_query_set': QuerySet(workspace_user_role_mapping_model).filter( + user_id=user_id, workspace_id=workspace_id)} @staticmethod def is_x_pack_ee(): diff --git a/apps/application/sql/list_application_user_ee.sql b/apps/application/sql/list_application_user_ee.sql index 7023c385e..37db11c09 100644 --- a/apps/application/sql/list_application_user_ee.sql +++ b/apps/application/sql/list_application_user_ee.sql @@ -12,15 +12,17 @@ from (select application."id"::text, application."create_time", application."update_time" from application left join "user" on user_id = "user".id - where application."id" in (select target + where "application".id in (select target from workspace_user_resource_permission where auth_target_type = 'APPLICATION' and case when auth_type = 'ROLE' then - 'APPLICATION_READ' in (select permission_id - from role_permission - where role_id in (select role_id - from user_role_relation)) + 'APPLICATION:READ' in (select (case when user_role_relation.role_id = any (array ['USER']) THEN 'APPLICATION:READ' else role_permission.permission_id END) + from role_permission role_permission + right join user_role_relation user_role_relation + on user_role_relation.role_id=role_permission.role_id + ${user_query_set}) + else 'VIEW' = any (permission_list) end)