feat: add depth validation for module creation to limit hierarchy to 3 levels

liuruibin · liuruibin · commit 21097d71642b · 2025-04-24T10:49:07.000+08:00
diff --git a/apps/modules/serializers/module.py b/apps/modules/serializers/module.py
@@ -24,6 +24,9 @@ def get_module_type(source):
         return None
 
 
+MODULE_DEPTH = 3  # Module 不能超过3层
+
+
 class ModuleSerializer(serializers.Serializer):
     id = serializers.CharField(required=True, label=_('module id'))
     name = serializers.CharField(required=True, label=_('module name'))
@@ -47,6 +50,8 @@ def insert(self, instance, with_valid=True):
             Module = get_module_type(self.data.get('source'))
             if QuerySet(Module).filter(name=name, workspace_id=workspace_id, parent_id=parent_id).exists():
                 raise serializers.ValidationError(_('Module name already exists'))
+            # Module 不能超过3层
+            self.check_depth(parent_id)
 
             module = Module(
                 id=uuid.uuid7(),
@@ -58,6 +63,27 @@ def insert(self, instance, with_valid=True):
             module.save()
             return ModuleSerializer(module).data
 
+        def check_depth(self, parent_id):
+            # Module 不能超过3层
+            Module = get_module_type(self.data.get('source'))
+
+            if parent_id != 'root':
+                # 计算当前层级
+                depth = 1  # 当前要创建的节点算一层
+                current_parent_id = parent_id
+
+                # 向上追溯父节点
+                while current_parent_id != 'root':
+                    depth += 1
+                    parent_node = QuerySet(Module).filter(id=current_parent_id).first()
+                    if parent_node is None:
+                        break
+                    current_parent_id = parent_node.parent_id
+
+                # 验证层级深度
+                if depth > MODULE_DEPTH:
+                    raise serializers.ValidationError(_('Module depth cannot exceed 3 levels'))
+
     class Operate(serializers.Serializer):
         id = serializers.CharField(required=True, label=_('module id'))
         workspace_id = serializers.CharField(required=True, allow_null=True, allow_blank=True, label=_('workspace id'))
