feat: 优化部门权限

2024-08-29 09:04:13 +08:00
parent 47b0ee7fe7
commit 233774a981
2 changed files with 36 additions and 7 deletions
--- a/backend/dvadmin/utils/permission.py
+++ b/backend/dvadmin/utils/permission.py
@@ -44,6 +44,35 @@ class AnonymousUserPermission(BasePermission):
        return True


+class SuperuserPermission(BasePermission):
+    """
+    超级管理员权限类
+    """
+
+    def has_permission(self, request, view):
+        if isinstance(request.user, AnonymousUser):
+            return False
+        # 判断是否是超级管理员
+        if request.user.is_superuser:
+            return True
+
+
+class AdminPermission(BasePermission):
+    """
+    普通管理员权限类
+    """
+
+    def has_permission(self, request, view):
+        if isinstance(request.user, AnonymousUser):
+            return False
+        # 判断是否是超级管理员
+        is_superuser = request.user.is_superuser
+        # 判断是否是管理员角色
+        is_admin = request.user.role.values_list('admin', flat=True)
+        if is_superuser or True in is_admin:
+            return True
+
+
 def ReUUID(api):
    """
    将接口的uuid替换掉
@@ -81,8 +110,9 @@ class CustomPermission(BasePermission):
            # ********#
            if not hasattr(request.user, "role"):
                return False
-            role_id_list = request.user.role.values_list('id',flat=True)
-            userApiList = RoleMenuButtonPermission.objects.filter(role__in=role_id_list).values(permission__api=F('menu_button__api'), permission__method=F('menu_button__method'))  # 获取当前用户的角色拥有的所有接口
+            role_id_list = request.user.role.values_list('id', flat=True)
+            userApiList = RoleMenuButtonPermission.objects.filter(role__in=role_id_list).values(
+                permission__api=F('menu_button__api'), permission__method=F('menu_button__method'))  # 获取当前用户的角色拥有的所有接口
            ApiList = [
                str(item.get('permission__api').replace('{id}', '([a-zA-Z0-9-]+)')) + ":" + str(
                    item.get('permission__method')) + '$' for item in userApiList if item.get('permission__api')]
--- a/backend/dvadmin/utils/serializers.py
+++ b/backend/dvadmin/utils/serializers.py
@@ -26,7 +26,6 @@ class CustomModelSerializer(DynamicFieldsMixin, ModelSerializer):
    # 修改人的审计字段名称, 默认modifier, 继承使用时可自定义覆盖
    modifier_field_id = "modifier"
    modifier_name = serializers.SerializerMethodField(read_only=True)
-    dept_belong_id = serializers.IntegerField(required=False, allow_null=True)

    def get_modifier_name(self, instance):
        if not hasattr(instance, "modifier"):
@@ -52,7 +51,7 @@ class CustomModelSerializer(DynamicFieldsMixin, ModelSerializer):
        format="%Y-%m-%d %H:%M:%S", required=False, read_only=True
    )
    update_datetime = serializers.DateTimeField(
-        format="%Y-%m-%d %H:%M:%S", required=False
+        format="%Y-%m-%d %H:%M:%S", required=False, read_only=True
    )

    def __init__(self, instance=None, data=empty, request=None, **kwargs):
@@ -71,11 +70,11 @@ class CustomModelSerializer(DynamicFieldsMixin, ModelSerializer):
                    validated_data[self.creator_field_id] = self.request.user

                if (
-                    self.dept_belong_id_field_name in self.fields.fields
-                    and validated_data.get(self.dept_belong_id_field_name, None) is None
+                        self.dept_belong_id_field_name in self.fields.fields
+                        and validated_data.get(self.dept_belong_id_field_name, None) is None
                ):
                    validated_data[self.dept_belong_id_field_name] = getattr(
-                        self.request.user, "dept_id", None
+                        self.request.user, "dept_id", validated_data.get(self.dept_belong_id_field_name, None)
                    )
        return super().create(validated_data)