admin/django-vue3-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

!88 优化列权限逻辑

Browse Source 
Merge pull request !88 from 木子-李/20241226-fieldpermission
This commit is contained in:
dvadmin
2024-12-29 09:28:59 +00:00
committed by Gitee
parent 15c87ddd26 792a22e606
commit 2a0de4f0d3
3 changed files with 38 additions and 73 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
backend/application/settings.py
View File

@@ -404,7 +404,7 @@ PLUGINS_URL_PATTERNS = []
# ********** 一键导入插件配置开始 ********** # ********** 一键导入插件配置开始 **********
# 例如: # 例如:
# from dvadmin_upgrade_center.settings import * # 升级中心 # from dvadmin_upgrade_center.settings import * # 升级中心
from dvadmin3_celery.settings import * # celery 异步任务 # from dvadmin3_celery.settings import * # celery 异步任务
# from dvadmin_third.settings import * # 第三方用户管理 # from dvadmin_third.settings import * # 第三方用户管理
# from dvadmin_ak_sk.settings import * # 秘钥管理管理 # from dvadmin_ak_sk.settings import * # 秘钥管理管理
# from dvadmin_tenants.settings import * # 租户管理 # from dvadmin_tenants.settings import * # 租户管理

72
backend/dvadmin/utils/field_permission.py
View File

@@ -1,14 +1,25 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from itertools import groupby
from django.db.models import F from django.db.models import F
from rest_framework.decorators import action from rest_framework.decorators import action
from rest_framework.permissions import IsAuthenticated from rest_framework.permissions import IsAuthenticated
from dvadmin.system.models import FieldPermission, MenuField from dvadmin.system.models import FieldPermission, MenuField
from dvadmin.utils.json_response import DetailResponse from dvadmin.utils.json_response import DetailResponse
from dvadmin.utils.models import get_custom_app_models
def merge_permission(data):
"""
合并权限
"""
result = {}
for item in data:
field_name = item.pop('field_name')
if field_name not in result:
result[field_name] = item
else:
for key, value in item.items():
result[field_name][key] = result[field_name][key] or value
return result
class FieldPermissionMixin: class FieldPermissionMixin:
@@ -17,55 +28,16 @@ class FieldPermissionMixin:
""" """
获取字段权限 获取字段权限
""" """
finded = False model = self.serializer_class.Meta.model.__name__
for model in get_custom_app_models():
if model['object'] is self.serializer_class.Meta.model:
finded = True
break
if finded:
break
if finded is False:
return []
user = request.user user = request.user
# 创建一个默认字典来存储最终的结果
if user.is_superuser == 1: if user.is_superuser == 1:
data = MenuField.objects.filter( model=model['model']).values('field_name') data = MenuField.objects.filter(model=model).values('field_name')
for item in data: result = {item['field_name']: {"is_create": True, "is_query": True, "is_update": True} for item in data}
item['is_create'] = True
item['is_query'] = True
item['is_update'] = True
else: else:
roles = request.user.role.values_list('id', flat=True) roles = request.user.role.values_list('id', flat=True)
data = FieldPermission.objects.filter( data = FieldPermission.objects.filter(
field__model=model['model'],role__in=roles field__model=model, role__in=roles
).values('is_create', 'is_query', 'is_update', field_name=F('field__field_name')) ).values('is_create', 'is_query', 'is_update', field_name=F('field__field_name'))
result = merge_permission(data)
""" return DetailResponse(data=result)
合并权限
这段代码首先根据 field_name 对列表进行排序,
然后使用 groupby 按 field_name 进行分组。
对于每个组,它创建一个新的字典 merged
并遍历组中的每个字典将布尔值字段使用逻辑或or操作符进行合并如果 merged 中还没有该字段,则默认为 False
其他字段(如 field_name则直接取组的关键字即 key
"""
# 使用field_name对列表进行分组, # groupby 需要先对列表进行排序,因为它只能对连续相同的元素进行分组。
grouped = groupby(sorted(list(data), key=lambda x: x['field_name']), key=lambda x: x['field_name'])
data = []
# 遍历分组,合并权限
for key, group in grouped:
# 初始化一个空字典来存储合并后的结果
merged = {}
for item in group:
# 合并权限, True值优先
merged['is_create'] = merged.get('is_create', False) or item['is_create']
merged['is_query'] = merged.get('is_query', False) or item['is_query']
merged['is_update'] = merged.get('is_update', False) or item['is_update']
merged['field_name'] = key
data.append(merged)
return DetailResponse(data=data)

25
web/src/utils/columnPermission.ts
View File

@@ -1,3 +1,4 @@
import XEUtils from 'xe-utils';
import {useColumnPermission} from '/@/stores/columnPermission'; import {useColumnPermission} from '/@/stores/columnPermission';
type permissionType = 'is_create' | 'is_query' | 'is_update'; type permissionType = 'is_create' | 'is_query' | 'is_update';
@@ -23,25 +24,17 @@ export const handleColumnPermission = async (func: Function, crudOptions: any,ex
} }
const columns = crudOptions.columns; const columns = crudOptions.columns;
const excludeColumns = ['checked','_index','id', 'create_datetime', 'update_datetime'].concat(excludeColumn) const excludeColumns = ['checked','_index','id', 'create_datetime', 'update_datetime'].concat(excludeColumn)
for (let col in columns) { XEUtils.eachTree(columns, (item, key) => {
for (let item of res.data) { if (!excludeColumns.includes(String(key)) && key in res.data) {
if (excludeColumns.includes(item.field_name)) {
continue
} else if(item.field_name === col) {
// 如果列表不可见,则禁止在列设置中选择 // 如果列表不可见,则禁止在列设置中选择
// 只有列表不可见,才修改列配置,这样才不影响默认的配置 // 只有列表不可见,才修改列配置,这样才不影响默认的配置
if(!item['is_query']){ if (!res.data[key]['is_query']) {
columns[col].column.show = false item.column.show = false;
columns[col].column.columnSetDisabled = true item.column.columnSetDisabled = true;
}
columns[col].addForm = {
show: item['is_create']
}
columns[col].editForm = {
show: item['is_update']
}
}
} }
item.addForm = { show: res.data[key]['is_create'] };
item.editForm = { show: res.data[key]['is_update'] };
} }
});
return crudOptions return crudOptions
} }