refactor: 重构权限管理

1.更新字段管理

backend/dvadmin/utils/field_permission.py

@@ -1,8 +1,9 @@
 # -*- coding: utf-8 -*-
+from django.db.models import F
 from rest_framework.decorators import action
 from rest_framework.permissions import IsAuthenticated
 
-from dvadmin.system.models import Columns
+from dvadmin.system.models import FieldPermission, MenuField
 from dvadmin.utils.json_response import DetailResponse
 from dvadmin.utils.models import get_custom_app_models
 
@@ -23,16 +24,17 @@ class FieldPermissionMixin:
                 break
         if finded is False:
             return []
-        roles = request.user.role.values_list('id', flat=True)
+        print(266666,model)
         user = request.user
         if user.is_superuser==1:
-            data = Columns.objects.filter(app=model['app'], model=model['model']).values('field_name', 'is_create', 'is_query', 'is_update')
+            data = MenuField.objects.filter( model=model['model']).values('field_name')
             for item in data:
                 item['is_create'] = True
                 item['is_query'] = True
                 item['is_update'] = True
         else:
-            data= Columns.objects.filter(
-                app=model['app'], model=model['model'],role__in=roles
-            ).values('field_name', 'is_create', 'is_query', 'is_update')
+            roles = request.user.role.values_list('id', flat=True)
+            data= FieldPermission.objects.filter(
+                 field__model=model['model'],role__in=roles
+            ).values( 'is_create', 'is_query', 'is_update',field_name=F('field__field_name'))
         return DetailResponse(data=data)

backend/dvadmin/utils/filters.py

@@ -121,13 +121,12 @@ class DataLevelPermissionsFilter(BaseFilterBackend):
             role__status=1,
             menu_button__api=re_api,
             menu_button__method=method).values(
-            'data_range',
-            role_admin=F('role__admin')
+            'data_range'
         )
         dataScope_list = []  # 权限范围列表
         for ele in role_permission_list:
                 # 判断用户是否为超级管理员角色/如果拥有[全部数据权限]则返回所有数据
-            if ele.get("data_range") == 3 or ele.get("role_admin") == True:
+            if ele.get("data_range") == 3:
                 return queryset
             dataScope_list.append(ele.get("data_range"))
         dataScope_list = list(set(dataScope_list))

backend/dvadmin/utils/models.py

@@ -136,10 +136,11 @@ def get_model_from_app(app_name):
 
 
 def get_custom_app_models(app_name=None):
-    """获取所有项目写的app里的models"""
+    """获取所有项目下的app里的models"""
     if app_name:
         return get_model_from_app(app_name)
     res = []
     for app in settings.CUSTOM_APPS:
+        # print(222,get_model_from_app(app))
         res.append(get_model_from_app(app))
     return res

backend/dvadmin/utils/pagination.py

@@ -79,6 +79,5 @@ class CustomPagination(PageNumberPagination):
             ('total', total),
             ('is_next', is_next),
             ('is_previous', is_previous),
-            ('data', data),
-            ('permission', self.request.permission_fields)
+            ('data', data)
         ]))

backend/dvadmin/utils/viewset.py

@@ -17,7 +17,7 @@ from dvadmin.utils.import_export_mixin import ExportSerializerMixin, ImportSeria
 from dvadmin.utils.json_response import SuccessResponse, ErrorResponse, DetailResponse
 from dvadmin.utils.permission import CustomPermission
 from dvadmin.utils.models import get_custom_app_models
-from dvadmin.system.models import Columns
+from dvadmin.system.models import FieldPermission, MenuField
 from django_restql.mixins import QueryArgumentsMixin
 
 
@@ -64,7 +64,7 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi
         serializer_class = self.get_serializer_class()
         kwargs.setdefault('context', self.get_serializer_context())
         # 全部以可见字段为准
-        can_see = self.get_column_permission(serializer_class)
+        can_see = self.get_menu_field(serializer_class)
         # 排除掉序列化器级的字段
         # sub_set = set(serializer_class._declared_fields.keys()) - set(can_see)
         # for field in sub_set:
@@ -79,8 +79,8 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi
         else:
             return serializer_class(*args, **kwargs)
 
-    def get_column_permission(self, serializer_class):
-        """获取列权限"""
+    def get_menu_field(self, serializer_class):
+        """获取字段权限"""
         finded = False
         for app in get_custom_app_models():
             for model in app:
@@ -91,9 +91,8 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi
                 break
         if finded is False:
             return []
-        return Columns.objects.filter(
-            app=model['app'], model=model['model']
-        ).values('field_name', 'is_create', 'is_query', 'is_update')
+        return MenuField.objects.filter(model=model['model']
+        ).values('field_name', 'title')
 
     def create(self, request, *args, **kwargs):
         serializer = self.get_serializer(data=request.data, request=request)