refactor: enhance role management by adding user-specific role filtering and permissions checks

2025-12-26 01:33:05 +00:00 · 2025-07-10 17:49:07 +08:00 · 2025-07-10 17:49:07 +08:00 · d94972bc9c
parent 17e1cbcf48
commit d94972bc9c
2 changed files with 2 additions and 1 deletions
--- a/apps/chat/serializers/chat_authentication.py
+++ b/apps/chat/serializers/chat_authentication.py
@ -86,7 +86,7 @@ class ApplicationProfileSerializer(serializers.Serializer):
            'user_id': 'user_id', 'model_id': 'model_id', 'knowledge_setting': 'knowledge_setting',
            'model_setting': 'model_setting', 'model_params_setting': 'model_params_setting',
            'tts_model_params_setting': 'tts_model_params_setting',
-            'problem_optimization': 'problem_optimization', 'icon': 'icon', 'work_flow': 'work_flow',
+            'problem_optimization': 'problem_optimization', 'work_flow': 'work_flow',
            'problem_optimization_prompt': 'problem_optimization_prompt', 'tts_model_id': 'tts_model_id',
            'stt_model_id': 'stt_model_id', 'tts_model_enable': 'tts_model_enable',
            'stt_model_enable': 'stt_model_enable', 'tts_type': 'tts_type',
--- a/apps/users/views/user.py
+++ b/apps/users/views/user.py
@ -290,6 +290,7 @@ class RePasswordView(APIView):
    @log(menu='User management', operate='Change password',
         get_operation_object=lambda r, k: {'name': r.user.username},
         get_details=get_re_password_details)
+    @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
    def post(self, request: Request):
        serializer_obj = RePasswordSerializer(data=request.data)
        return result.success(serializer_obj.reset_password(request.user.id))