fix: Resource authorization

Author: zhanweizhang7

apps/system_manage/api/user_resource_permission.py

@@ -297,7 +297,7 @@ def get_parameters():
                 required=False
             ),
             OpenApiParameter(
-                name="permission",
+                name="permission[]",
                 description="权限",
                 type=OpenApiTypes.STR,
                 location='query',

apps/system_manage/serializers/user_resource_permission.py

@@ -96,8 +96,8 @@ def is_valid(self, *, auth_target_type=None, workspace_id=None, raise_exception=
 class UserResourcePermissionUserListRequest(serializers.Serializer):
     name = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('resource name'))
     permission = serializers.MultipleChoiceField(required=False, allow_null=True, allow_blank=True,
-                                         choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
-                                         label=_('permission'))
+                                                 choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
+                                                 label=_('permission'))
 
 
 class UserResourcePermissionSerializer(serializers.Serializer):
@@ -304,7 +304,7 @@ class ResourceUserPermissionUserListRequest(serializers.Serializer):
 class ResourceUserPermissionEditRequest(serializers.Serializer):
     user_id = serializers.CharField(required=True, label=_('workspace id'))
     permission = serializers.ChoiceField(required=True, choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
-                                                 label=_('permission'))
+                                         label=_('permission'))
 
 
 permission_map = {
@@ -326,7 +326,8 @@ def get_queryset(self, instance):
         user_query_set = QuerySet(model=get_dynamics_model({
             'nick_name': models.CharField(),
             'username': models.CharField(),
-            "permission": models.CharField()
+            "permission": models.CharField(),
+            "id": models.UUIDField(),
         }))
         nick_name = instance.get('nick_name')
         username = instance.get('username')
@@ -352,6 +353,11 @@ def get_queryset(self, instance):
                 else:
                     user_query_set = user_query_set.filter(
                         permission__in=query_p_list)
+        workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping")
+        if workspace_user_role_mapping_model:
+            user_query_set=user_query_set.filter(
+                id__in=QuerySet(workspace_user_role_mapping_model).filter(
+                    workspace_id=self.data.get('workspace_id')).values("user_id"))
 
         return {
             'workspace_user_resource_permission_query_set': workspace_user_resource_permission_query_set,

apps/system_manage/views/user_resource_permission.py

@@ -197,5 +197,5 @@ def get(self, request: Request, workspace_id: str, target: str, resource: str, c
                 data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource, }
             ).page({'username': request.query_params.get("username"),
                     'nick_name': request.query_params.get("nick_name"),
-                    'permission': request.query_params.getlist("permission")}, current_page, page_size,
+                    'permission': request.query_params.getlist("permission[]")}, current_page, page_size,
                    ))