From 8431e9a87e356cf7d61bf04f5d2cbef705b6705d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=8C=BF=E5=B0=8F=E5=A4=A9?= <1638245306@qq.com> Date: Tue, 7 Feb 2023 23:47:53 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8A=9F=E8=83=BD=E5=8F=98=E5=8C=96:=20?= =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90=E5=AE=8C?= =?UTF-8?q?=E6=88=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- backend/dvadmin/system/tests.py | 1 + backend/dvadmin/system/views/area.py | 2 +- backend/dvadmin/system/views/dept.py | 4 ++-- backend/dvadmin/system/views/dictionary.py | 2 +- backend/dvadmin/system/views/login_log.py | 2 +- backend/dvadmin/system/views/menu.py | 2 +- backend/dvadmin/system/views/menu_button.py | 2 +- backend/dvadmin/system/views/message_center.py | 2 +- .../views/role_menu_button_permission.py | 4 ++-- backend/dvadmin/utils/filters.py | 18 +++++++++++++----- backend/dvadmin/utils/viewset.py | 4 ++-- 11 files changed, 26 insertions(+), 17 deletions(-) diff --git a/backend/dvadmin/system/tests.py b/backend/dvadmin/system/tests.py index e69de29..2e9cb5f 100644 --- a/backend/dvadmin/system/tests.py +++ b/backend/dvadmin/system/tests.py @@ -0,0 +1 @@ +from django.test import TestCase diff --git a/backend/dvadmin/system/views/area.py b/backend/dvadmin/system/views/area.py index cc4a4a0..78fc391 100644 --- a/backend/dvadmin/system/views/area.py +++ b/backend/dvadmin/system/views/area.py @@ -44,4 +44,4 @@ class AreaViewSet(CustomModelViewSet): """ queryset = Area.objects.all() serializer_class = AreaSerializer - extra_filter_backends = [] + extra_filter_class = [] diff --git a/backend/dvadmin/system/views/dept.py b/backend/dvadmin/system/views/dept.py index 18c5324..df3cc10 100644 --- a/backend/dvadmin/system/views/dept.py +++ b/backend/dvadmin/system/views/dept.py @@ -134,7 +134,7 @@ class DeptViewSet(CustomModelViewSet): update_serializer_class = DeptCreateUpdateSerializer filter_fields = ['name', 'id', 'parent'] search_fields = [] - # extra_filter_backends = [] + # extra_filter_class = [] import_serializer_class = DeptImportSerializer import_field_dict = { "name": "部门名称", @@ -182,7 +182,7 @@ class DeptViewSet(CustomModelViewSet): return DetailResponse(data=queryset, msg="获取成功") - @action(methods=["GET"], detail=False, permission_classes=[AnonymousUserPermission]) + @action(methods=["GET"], detail=False, permission_classes=[AnonymousUserPermission],extra_filter_class=[]) def all_dept(self, request, *args, **kwargs): queryset = self.filter_queryset(self.get_queryset()) data = queryset.filter(status=True).order_by('sort').values('name', 'id', 'parent') diff --git a/backend/dvadmin/system/views/dictionary.py b/backend/dvadmin/system/views/dictionary.py index 1cb49e7..af0fd8b 100644 --- a/backend/dvadmin/system/views/dictionary.py +++ b/backend/dvadmin/system/views/dictionary.py @@ -92,7 +92,7 @@ class DictionaryViewSet(CustomModelViewSet): """ queryset = Dictionary.objects.all() serializer_class = DictionarySerializer - extra_filter_backends = [] + extra_filter_class = [] search_fields = ['label'] diff --git a/backend/dvadmin/system/views/login_log.py b/backend/dvadmin/system/views/login_log.py index 4dc3617..d362cea 100644 --- a/backend/dvadmin/system/views/login_log.py +++ b/backend/dvadmin/system/views/login_log.py @@ -33,4 +33,4 @@ class LoginLogViewSet(CustomModelViewSet): """ queryset = LoginLog.objects.all() serializer_class = LoginLogSerializer - extra_filter_backends = [] + extra_filter_class = [] diff --git a/backend/dvadmin/system/views/menu.py b/backend/dvadmin/system/views/menu.py index 576fd76..65ef7df 100644 --- a/backend/dvadmin/system/views/menu.py +++ b/backend/dvadmin/system/views/menu.py @@ -165,7 +165,7 @@ class MenuViewSet(CustomModelViewSet): update_serializer_class = MenuCreateSerializer search_fields = ['name', 'status'] filter_fields = ['parent', 'name', 'status', 'is_link', 'visible', 'cache', 'is_catalog'] - # extra_filter_backends = [] + # extra_filter_class = [] @action(methods=['GET'], detail=False, permission_classes=[]) def web_router(self, request): diff --git a/backend/dvadmin/system/views/menu_button.py b/backend/dvadmin/system/views/menu_button.py index 1f79dc1..8c9e668 100644 --- a/backend/dvadmin/system/views/menu_button.py +++ b/backend/dvadmin/system/views/menu_button.py @@ -56,4 +56,4 @@ class MenuButtonViewSet(CustomModelViewSet): serializer_class = MenuButtonSerializer create_serializer_class = MenuButtonCreateUpdateSerializer update_serializer_class = MenuButtonCreateUpdateSerializer - extra_filter_backends = [] + extra_filter_class = [] diff --git a/backend/dvadmin/system/views/message_center.py b/backend/dvadmin/system/views/message_center.py index 072db85..eeed516 100644 --- a/backend/dvadmin/system/views/message_center.py +++ b/backend/dvadmin/system/views/message_center.py @@ -160,7 +160,7 @@ class MessageCenterViewSet(CustomModelViewSet): queryset = MessageCenter.objects.order_by('create_datetime') serializer_class = MessageCenterSerializer create_serializer_class = MessageCenterCreateSerializer - extra_filter_backends = [] + extra_filter_class = [] def get_queryset(self): if self.action == 'list': diff --git a/backend/dvadmin/system/views/role_menu_button_permission.py b/backend/dvadmin/system/views/role_menu_button_permission.py index abed463..3416ac0 100644 --- a/backend/dvadmin/system/views/role_menu_button_permission.py +++ b/backend/dvadmin/system/views/role_menu_button_permission.py @@ -61,7 +61,7 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet): serializer_class = RoleMenuButtonPermissionSerializer create_serializer_class = RoleMenuButtonPermissionCreateUpdateSerializer update_serializer_class = RoleMenuButtonPermissionCreateUpdateSerializer - extra_filter_backends = [] + extra_filter_class = [] @action(methods=['GET'], detail=False, permission_classes=[IsAuthenticated]) def role_get_menu(self, request): @@ -191,7 +191,7 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet): role_id = params.get('role', None) if role_id is None: return ErrorResponse(msg="未获取到参数") - queryset = RoleMenuButtonPermission.objects.filter(role=role_id,menu=menu_id).values( + queryset = RoleMenuButtonPermission.objects.filter(role=role_id,menu_button__menu=menu_id).values( 'data_range', 'menu_button' ) diff --git a/backend/dvadmin/utils/filters.py b/backend/dvadmin/utils/filters.py index d0a4c87..21f23b4 100644 --- a/backend/dvadmin/utils/filters.py +++ b/backend/dvadmin/utils/filters.py @@ -85,8 +85,6 @@ class DataLevelPermissionsFilter(BaseFilterBackend): 判断是否为超级管理员: 如果不是超级管理员,则进入下一步权限判断 """ - print(api) - print(RoleMenuButtonPermission.objects.filter(menu_button__api__iregex=api,menu_button__method=method)) if request.user.is_superuser == 0: # 0. 获取用户的部门id,没有部门则返回空 user_dept_id = getattr(request.user, "dept_id", None) @@ -107,11 +105,21 @@ class DataLevelPermissionsFilter(BaseFilterBackend): # (2, "本部门数据权限"), # (3, "全部数据权限"), # (4, "自定数据权限") - role_list = request.user.role.filter(status=1).values("admin", "data_range") + replace_str = re.compile('\d') + re_api = replace_str.sub('{id}', api) + role_id_list = request.user.role.values_list('id', flat=True) + role_permission_list=RoleMenuButtonPermission.objects.filter( + role__in=role_id_list, + role__status=1, + menu_button__api=re_api, + menu_button__method=method).values( + 'data_range', + role_admin=F('role__admin') + ) dataScope_list = [] # 权限范围列表 - for ele in role_list: + for ele in role_permission_list: # 判断用户是否为超级管理员角色/如果拥有[全部数据权限]则返回所有数据 - if 3 == ele.get("data_range") or ele.get("admin") == True: + if 3 == ele.get("data_range") or ele.get("role_admin") == True: return queryset dataScope_list.append(ele.get("data_range")) dataScope_list = list(set(dataScope_list)) diff --git a/backend/dvadmin/utils/viewset.py b/backend/dvadmin/utils/viewset.py index 0d6daa0..3831635 100644 --- a/backend/dvadmin/utils/viewset.py +++ b/backend/dvadmin/utils/viewset.py @@ -37,13 +37,13 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi update_serializer_class = None filter_fields = '__all__' search_fields = () - extra_filter_backends = [DataLevelPermissionsFilter] + extra_filter_class = [DataLevelPermissionsFilter] permission_classes = [CustomPermission] import_field_dict = {} export_field_label = {} def filter_queryset(self, queryset): - for backend in set(set(self.filter_backends) | set(self.extra_filter_backends or [])): + for backend in set(set(self.filter_backends) | set(self.extra_filter_class or [])): queryset = backend().filter_queryset(self.request, queryset, self) return queryset