diff --git a/backend/dvadmin/utils/viewset.py b/backend/dvadmin/utils/viewset.py index 6b5cfcb..42948b1 100644 --- a/backend/dvadmin/utils/viewset.py +++ b/backend/dvadmin/utils/viewset.py @@ -70,13 +70,13 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi # 全部以可见字段为准 can_see = self.get_menu_field(serializer_class) # 排除掉序列化器级的字段(排除字段权限中未授权的字段) - if not self.request.user.is_superuser: - exclude_set = set(serializer_class._declared_fields.keys()) - set(can_see) - for field in exclude_set: - serializer_class._declared_fields.pop(field) - meta = copy.deepcopy(serializer_class.Meta) - meta.fields = list(can_see) - serializer_class.Meta = meta + # if not self.request.user.is_superuser: + # exclude_set = set(serializer_class._declared_fields.keys()) - set(can_see) + # for field in exclude_set: + # serializer_class._declared_fields.pop(field) + # meta = copy.deepcopy(serializer_class.Meta) + # meta.fields = list(can_see) + # serializer_class.Meta = meta # 在分页器中使用 self.request.permission_fields = can_see if isinstance(self.request.data, list): @@ -87,16 +87,17 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi def get_menu_field(self, serializer_class): """获取字段权限""" - finded = False - for model in get_custom_app_models(): - if model['object'] is serializer_class.Meta.model: - finded = True - break - if finded is False: + + if not any(model['object'] is serializer_class.Meta.model for model in get_custom_app_models()): return [] - roles = self.request.user.role.values_list('id', flat=True) - return FieldPermission.objects.filter(is_query=True, role__in=roles, field__model=model['model']).values_list( - 'field__field_name', flat=True) + + # 匿名用户没有角色 + ret = FieldPermission.objects.filter(field__model=serializer_class.Meta.model.__name__) + if hasattr(self.request.user, 'role'): + roles = self.request.user.role.values_list('id', flat=True) + ret = ret.filter(is_query=True, role__in=roles) + + return ret.values_list('field__field_name', flat=True) def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data, request=request) diff --git a/web/src/views/system/downloadCenter/crud.tsx b/web/src/views/system/downloadCenter/crud.tsx index 79639c0..af839cf 100644 --- a/web/src/views/system/downloadCenter/crud.tsx +++ b/web/src/views/system/downloadCenter/crud.tsx @@ -2,7 +2,8 @@ import { CrudOptions, AddReq, DelReq, EditReq, dict, CrudExpose, compute } from import * as api from './api'; import { dictionary } from '/@/utils/dictionary'; import { successMessage } from '../../../utils/message'; -import { auth } from '/@/utils/authFunction' +import { auth } from '/@/utils/authFunction'; +import { getBaseURL } from '/@/utils/baseUrl'; interface CreateCrudOptionsTypes { output: any; @@ -27,7 +28,6 @@ export const createCrudOptions = function ({ crudExpose }: { crudExpose: CrudExp //权限判定 - // @ts-ignore // @ts-ignore return { crudOptions: { @@ -72,7 +72,7 @@ export const createCrudOptions = function ({ crudExpose }: { crudExpose: CrudExp show: compute(ctx => ctx.row.task_status === 2), text: '下载文件', type: 'warning', - click: (ctx) => window.open(ctx.row.url, '_blank') + click: (ctx) => window.open(getBaseURL(ctx.row.url), '_blank') } }, }, diff --git a/web/src/views/system/fileList/crud.tsx b/web/src/views/system/fileList/crud.tsx index 83b8d08..a766df6 100644 --- a/web/src/views/system/fileList/crud.tsx +++ b/web/src/views/system/fileList/crud.tsx @@ -11,6 +11,7 @@ import { dict } from '@fast-crud/fast-crud'; import fileSelector from '/@/components/fileSelector/index.vue'; +import { getBaseURL } from '/@/utils/baseUrl'; export const createCrudOptions = function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet { const pageRequest = async (query: UserPageQuery) => { @@ -146,6 +147,11 @@ export const createCrudOptions = function ({ crudExpose, context }: CreateCrudOp }, column: { minWidth: 360, + component: { + async buildUrl(value: any) { + return getBaseURL(value); + } + } }, }, md5sum: {