fix(system): 修复权限获取 bug

- 优化权限查询逻辑，先判断菜单按钮对象是否存在 - 修复了在某些情况下可能导致权限获取失败的问题
2025-03-02 00:05:44 +08:00
parent 036d8da9b6
commit a030409c46
1 changed files with 11 additions and 8 deletions
--- a/backend/dvadmin/utils/filters.py
+++ b/backend/dvadmin/utils/filters.py
@@ -22,7 +22,7 @@ from django_filters.rest_framework import DjangoFilterBackend
 from django_filters.utils import get_model_field
 from rest_framework.filters import BaseFilterBackend
 from django_filters.conf import settings
-from dvadmin.system.models import Dept, ApiWhiteList, RoleMenuButtonPermission
+from dvadmin.system.models import Dept, ApiWhiteList, RoleMenuButtonPermission, MenuButton
 from dvadmin.utils.models import CoreModel

 class CoreModelFilterBankend(BaseFilterBackend):
@@ -149,13 +149,16 @@ class DataLevelPermissionsFilter(BaseFilterBackend):
        if _pk: # 判断是否是单例查询
            re_api = re.sub(_pk,'{id}', api)
        role_id_list = request.user.role.values_list('id', flat=True)
-        role_permission_list=RoleMenuButtonPermission.objects.filter(
-            role__in=role_id_list,
-            role__status=1,
-            menu_button__api=re_api,
-            menu_button__method=method).values(
-            'data_range'
-        )
+        # 修复权限获取bug
+        menu_button_obj = MenuButton.objects.filter(api=re_api, method=method).first()
+        role_permission_list = []
+        if menu_button_obj:
+            role_permission_list = RoleMenuButtonPermission.objects.filter(
+                role__in=role_id_list,
+                role__status=1,
+                menu_button=menu_button_obj).values(
+                'data_range'
+            )
        dataScope_list = []  # 权限范围列表
        for ele in role_permission_list:
                # 判断用户是否为超级管理员角色/如果拥有[全部数据权限]则返回所有数据