1.字段权限配置完成;

backend/dvadmin/system/models.py

@@ -184,6 +184,7 @@ class Columns(CoreModel):
     role = models.ForeignKey(to='Role', on_delete=models.CASCADE, verbose_name='角色', db_constraint=False)
     app = models.CharField(max_length=64, verbose_name='应用名')
     model = models.CharField(max_length=64, verbose_name='表名')
+    menu = models.ForeignKey(to='Menu', on_delete=models.CASCADE, verbose_name='菜单', db_constraint=False)
     field_name = models.CharField(max_length=64, verbose_name='模型表字段名')
     title = models.CharField(max_length=64, verbose_name='字段显示名')
     is_query = models.BooleanField(default=1, verbose_name='是否可查询')

backend/dvadmin/system/views/column.py

@@ -32,9 +32,10 @@ class ColumnViewSet(CustomModelViewSet):
         role_id = request.query_params.get('role')
         app_name = request.query_params.get('app')
         model_name = request.query_params.get('model')
-        if not role_id or not model_name or not app_name:
+        menu = request.query_params.get('menu')
+        if not role_id or not model_name or not app_name or not menu:
             return SuccessResponse([])
-        queryset = self.filter_queryset(self.get_queryset().filter(role_id=role_id, model=model_name, app=app_name))
+        queryset = self.filter_queryset(self.get_queryset().filter(role_id=role_id, model=model_name, app=app_name,menu_id=menu))
         page = self.paginate_queryset(queryset)
         if page is not None:
             serializer = self.get_serializer(page, many=True, request=request)

backend/dvadmin/system/views/role_menu_button_permission.py

@@ -11,7 +11,7 @@ from rest_framework import serializers
 from rest_framework.decorators import action
 from rest_framework.permissions import IsAuthenticated
 
-from dvadmin.system.models import RoleMenuButtonPermission, Menu, MenuButton, Dept, RoleMenuPermission
+from dvadmin.system.models import RoleMenuButtonPermission, Menu, MenuButton, Dept, RoleMenuPermission, Columns
 from dvadmin.system.views.menu import MenuSerializer
 from dvadmin.utils.json_response import DetailResponse, ErrorResponse
 from dvadmin.utils.serializers import CustomModelSerializer
@@ -71,12 +71,20 @@ class RoleButtonPermissionSerializer(CustomModelSerializer):
         model = MenuButton
         fields = ['id','name','value','isCheck','data_range']
 
+class RoleColumnsSerializer(CustomModelSerializer):
+
+    class Meta:
+        model = Columns
+        fields = "__all__"
+
+
 class RoleMenuPermissionSerializer(CustomModelSerializer):
     """
     菜单和按钮权限
     """
     isCheck = serializers.SerializerMethodField()
     btns = serializers.SerializerMethodField()
+    columns = serializers.SerializerMethodField()
 
     def get_isCheck(self, instance):
         params = self.request.query_params
@@ -90,9 +98,17 @@ class RoleMenuPermissionSerializer(CustomModelSerializer):
         serializer = RoleButtonPermissionSerializer(btn_list,many=True,request=self.request)
         return  serializer.data
 
+    def get_columns(self, instance):
+        params = self.request.query_params
+        col_list = Columns.objects.filter(role__id=params.get('role'),menu__id=instance['id'])
+        serializer = RoleColumnsSerializer(col_list,many=True,request=self.request)
+        return serializer.data
+
+
+
     class Meta:
         model = Menu
-        fields = ['id','name','isCheck','btns']
+        fields = ['id','name','isCheck','btns','columns']
 
 class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
     """
@@ -151,6 +167,8 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
                 if btn.get('isCheck'):
                     instance = RoleMenuButtonPermission.objects.create(role_id=pk, menu_button_id=btn.get('id'),data_range=btn.get('data_range'))
                     instance.dept.set(btn.get('dept',[]))
+            for col in menu.get('columns'):
+                Columns.objects.filter(id=col.get('id')).update(is_query=col.get('is_query'),is_create=col.get('is_create'),is_update=col.get('is_update'))
         return DetailResponse(msg="授权成功")
 
 

backend/dvadmin/utils/viewset.py

@@ -81,12 +81,6 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi
 
     def get_column_permission(self, serializer_class):
         """获取列权限"""
-        action_map = {
-            'list': 'is_query',
-            'retrieve': 'is_query',
-            'create': 'is_create',
-            'update': 'is_update'
-        }
         finded = False
         for app in get_custom_app_models():
             for model in app:
@@ -97,10 +91,9 @@ class CustomModelViewSet(ModelViewSet, ImportSerializerMixin, ExportSerializerMi
                 break
         if finded is False:
             return []
-        column_permission = Columns.objects.filter(app=model['app'], model=model['model'])
-        if self.action in action_map:
-            return [obj.field_name for obj in column_permission if getattr(obj, action_map[self.action])]
-        return []
+        return Columns.objects.filter(
+            app=model['app'], model=model['model']
+        ).values('field_name', 'is_create', 'is_query', 'is_update')
 
     def create(self, request, *args, **kwargs):
         serializer = self.get_serializer(data=request.data, request=request)