Skip to content

Commit 9ea37a4

Browse files
zhanweizhang7zhanweizhang7
committed
feat:Multiple permission filtering function
1 parent 581143c commit 9ea37a4

8 files changed

+60
-35
lines changed

apps/system_manage/api/user_resource_permission.py

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,7 @@ def get_parameters():
6666
description="权限",
6767
type=OpenApiTypes.STR,
6868
location='query',
69+
many=True,
6970
required=False
7071
),
7172
]
@@ -167,6 +168,7 @@ def get_parameters():
167168
description="权限",
168169
type=OpenApiTypes.STR,
169170
location='query',
171+
many=True,
170172
required=False
171173
),
172174
]
@@ -226,6 +228,7 @@ def get_parameters():
226228
description="权限",
227229
type=OpenApiTypes.STR,
228230
location='query',
231+
many=True,
229232
required=False
230233
),
231234
]
@@ -298,6 +301,7 @@ def get_parameters():
298301
description="权限",
299302
type=OpenApiTypes.STR,
300303
location='query',
304+
many=True,
301305
required=False
302306
),
303307
]

apps/system_manage/serializers/user_resource_permission.py

Lines changed: 47 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@
1111

1212
from django.core.cache import cache
1313
from django.db import models
14-
from django.db.models import QuerySet
14+
from django.db.models import QuerySet, Q
1515
from django.utils.translation import gettext_lazy as _
1616
from rest_framework import serializers
1717

@@ -24,14 +24,12 @@
2424
from common.db.sql_execute import select_list
2525
from common.exception.app_exception import AppApiException
2626
from common.utils.common import get_file_content
27-
from common.utils.split_model import group_by
2827
from knowledge.models import Knowledge
2928
from maxkb.conf import PROJECT_DIR
3029
from maxkb.settings import edition
3130
from models_provider.models import Model
32-
from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
31+
from system_manage.models import WorkspaceUserResourcePermission
3332
from tools.models import Tool
34-
from users.models import User
3533
from users.serializers.user import is_workspace_manage
3634

3735

@@ -94,11 +92,14 @@ def is_valid(self, *, auth_target_type=None, workspace_id=None, raise_exception=
9492
'APPLICATION': 'get_application_user_resource_permission.sql'
9593
}
9694

95+
9796
class UserResourcePermissionUserListRequest(serializers.Serializer):
9897
name = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('resource name'))
99-
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True,choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
98+
permission = serializers.MultipleChoiceField(required=False, allow_null=True, allow_blank=True,
99+
choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
100100
label=_('permission'))
101101

102+
102103
class UserResourcePermissionSerializer(serializers.Serializer):
103104
workspace_id = serializers.CharField(required=True, label=_('workspace id'))
104105
user_id = serializers.CharField(required=True, label=_('user id'))
@@ -112,13 +113,20 @@ def get_queryset(self, instance):
112113
}))
113114
name = instance.get('name')
114115
permission = instance.get('permission')
116+
query_p_list = [None if p == "NOT_AUTH" else p for p in permission]
115117

116118
if name:
117119
resource_query_set = resource_query_set.filter(name__contains=name)
118120
if permission:
119-
resource_query_set = resource_query_set.filter(
120-
permission=None if instance.get('permission') == 'NOT_AUTH' else instance.get('permission'))
121-
121+
if all([p is None for p in query_p_list]):
122+
resource_query_set = resource_query_set.filter(permission=None)
123+
else:
124+
if any([p is None for p in query_p_list]):
125+
resource_query_set = resource_query_set.filter(
126+
Q(permission__in=query_p_list) | Q(permission=None))
127+
else:
128+
resource_query_set = resource_query_set.filter(
129+
permission__in=query_p_list)
122130
return {
123131
'query_set': QuerySet(m_map.get(self.data.get('auth_target_type'))).filter(
124132
workspace_id=self.data.get('workspace_id')),
@@ -218,35 +226,37 @@ def list(self, instance, user, with_valid=True):
218226
os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', sql_map.get(self.data.get('auth_target_type')))))
219227

220228
return [{**user_resource_permission}
221-
for user_resource_permission in user_resource_permission_list]
222-
229+
for user_resource_permission in user_resource_permission_list]
223230

224-
def page(self, instance, current_page: int, page_size: int,user, with_valid=True):
231+
def page(self, instance, current_page: int, page_size: int, user, with_valid=True):
225232
if with_valid:
226233
self.is_valid(raise_exception=True)
227234
UserResourcePermissionUserListRequest(data=instance).is_valid(raise_exception=True)
228235
workspace_id = self.data.get("workspace_id")
229236
user_id = self.data.get("user_id")
230237
# 用户对应的资源权限分页列表
231-
user_resource_permission_page_list = native_page_search(current_page,page_size,self.get_queryset(instance),get_file_content(
232-
os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', sql_map.get(self.data.get('auth_target_type')))
233-
))
238+
user_resource_permission_page_list = native_page_search(current_page, page_size, self.get_queryset(instance),
239+
get_file_content(
240+
os.path.join(PROJECT_DIR, "apps", "system_manage",
241+
'sql', sql_map.get(
242+
self.data.get('auth_target_type')))
243+
))
234244

235245
return user_resource_permission_page_list
236246

237-
238247
def edit(self, instance, user, with_valid=True):
239248
if with_valid:
240249
self.is_valid(raise_exception=True)
241-
UpdateUserResourcePermissionRequest(data={'user_resource_permission_list':instance}).is_valid(raise_exception=True,
242-
auth_target_type=self.data.get(
243-
'auth_target_type'),
244-
workspace_id=self.data.get('workspace_id'))
250+
UpdateUserResourcePermissionRequest(data={'user_resource_permission_list': instance}).is_valid(
251+
raise_exception=True,
252+
auth_target_type=self.data.get(
253+
'auth_target_type'),
254+
workspace_id=self.data.get('workspace_id'))
245255
workspace_id = self.data.get("workspace_id")
246256
user_id = self.data.get("user_id")
247257
update_list = []
248258
save_list = []
249-
targets = [ item['target_id'] for item in instance ]
259+
targets = [item['target_id'] for item in instance]
250260
QuerySet(WorkspaceUserResourcePermission).filter(
251261
workspace_id=workspace_id,
252262
user_id=user_id,
@@ -286,14 +296,15 @@ def edit(self, instance, user, with_valid=True):
286296
class ResourceUserPermissionUserListRequest(serializers.Serializer):
287297
nick_name = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id'))
288298
username = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id'))
289-
permission = serializers.ChoiceField(required=False, allow_null=True, allow_blank=True, choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
290-
label=_('permission'))
299+
permission = serializers.MultipleChoiceField(required=False, allow_null=True, allow_blank=True,
300+
choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
301+
label=_('permission'))
291302

292303

293304
class ResourceUserPermissionEditRequest(serializers.Serializer):
294305
user_id = serializers.CharField(required=True, label=_('workspace id'))
295306
permission = serializers.ChoiceField(required=True, choices=['NOT_AUTH', 'MANAGE', 'VIEW', 'ROLE'],
296-
label=_('permission'))
307+
label=_('permission'))
297308

298309

299310
permission_map = {
@@ -315,11 +326,13 @@ def get_queryset(self, instance):
315326
user_query_set = QuerySet(model=get_dynamics_model({
316327
'nick_name': models.CharField(),
317328
'username': models.CharField(),
318-
"permission": models.CharField(),
329+
"permission": models.CharField()
319330
}))
320331
nick_name = instance.get('nick_name')
321332
username = instance.get('username')
322333
permission = instance.get('permission')
334+
query_p_list = [None if p == "NOT_AUTH" else p for p in permission]
335+
323336
workspace_user_resource_permission_query_set = QuerySet(WorkspaceUserResourcePermission).filter(
324337
workspace_id=self.data.get('workspace_id'),
325338
auth_target_type=self.data.get('auth_target_type'),
@@ -329,8 +342,16 @@ def get_queryset(self, instance):
329342
if username:
330343
user_query_set = user_query_set.filter(username__contains=username)
331344
if permission:
332-
user_query_set = user_query_set.filter(
333-
permission=None if instance.get('permission') == 'NOT_AUTH' else instance.get('permission'))
345+
if all([p is None for p in query_p_list]):
346+
user_query_set = user_query_set.filter(
347+
permission=None)
348+
else:
349+
if any([p is None for p in query_p_list]):
350+
user_query_set = user_query_set.filter(
351+
Q(permission__in=query_p_list) | Q(permission=None))
352+
else:
353+
user_query_set = user_query_set.filter(
354+
permission__in=query_p_list)
334355

335356
return {
336357
'workspace_user_resource_permission_query_set': workspace_user_resource_permission_query_set,

apps/system_manage/sql/get_application_user_resource_permission.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ LEFT JOIN (
2828
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
2929
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
3030
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
31-
ELSE 'NOT_AUTH'
31+
ELSE null
3232
END AS permission
3333
FROM
3434
workspace_user_resource_permission

apps/system_manage/sql/get_knowledge_user_resource_permission.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ LEFT JOIN (
2828
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
2929
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
3030
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
31-
ELSE 'NOT_AUTH'
31+
ELSE null
3232
END AS permission
3333
FROM
3434
workspace_user_resource_permission

apps/system_manage/sql/get_model_user_resource_permission.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ LEFT JOIN (
2828
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
2929
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
3030
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
31-
ELSE 'NOT_AUTH'
31+
ELSE null
3232
END AS permission
3333
FROM
3434
workspace_user_resource_permission

apps/system_manage/sql/get_resource_user_permission_detail.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ LEFT JOIN (
1919
and 'MANAGE'= any(permission_list) then 'MANAGE'
2020
when auth_type = 'RESOURCE_PERMISSION_GROUP'
2121
and 'VIEW' = any( permission_list) then 'VIEW'
22-
else 'NOT_AUTH'
22+
else null
2323
end) as "permission"
2424
FROM
2525
workspace_user_resource_permission

apps/system_manage/sql/get_tool_user_resource_permission.sql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,7 @@ LEFT JOIN (
2828
AND 'MANAGE' = ANY(permission_list) THEN 'MANAGE'
2929
WHEN auth_type = 'RESOURCE_PERMISSION_GROUP'
3030
AND 'VIEW' = ANY(permission_list) THEN 'VIEW'
31-
ELSE 'NOT_AUTH'
31+
ELSE null
3232
END AS permission
3333
FROM
3434
workspace_user_resource_permission

apps/system_manage/views/user_resource_permission.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -53,7 +53,7 @@ def get(self, request: Request, workspace_id: str, user_id: str, resource: str):
5353
return result.success(UserResourcePermissionSerializer(
5454
data={'workspace_id': workspace_id, 'user_id': user_id, 'auth_target_type': resource}
5555
).list({'name': request.query_params.get('name'),
56-
'permission': request.query_params.get('permission')}, request.user))
56+
'permission': request.query_params.getlist('permission')}, request.user))
5757

5858
@extend_schema(
5959
methods=['PUT'],
@@ -94,7 +94,7 @@ def get(self, request: Request, workspace_id: str, user_id: str, resource: str,
9494
return result.success(UserResourcePermissionSerializer(
9595
data={'workspace_id': workspace_id, 'user_id': user_id, 'auth_target_type': resource}
9696
).page({'name': request.query_params.get('name'),
97-
'permission': request.query_params.get('permission')}, current_page, page_size, request.user))
97+
'permission': request.query_params.getlist('permission')}, current_page, page_size, request.user))
9898

9999

100100
class WorkspaceResourceUserPermissionView(APIView):
@@ -114,7 +114,7 @@ def get(self, request: Request, workspace_id: str, target: str, resource: str):
114114
data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource,
115115
}).list(
116116
{'username': request.query_params.get("username"), 'nick_name': request.query_params.get("nick_name"),
117-
'permission': request.query_params.get("permission")
117+
'permission': request.query_params.getlist("permission")
118118
}))
119119

120120
@extend_schema(
@@ -150,5 +150,5 @@ def get(self, request: Request, workspace_id: str, target: str, resource: str, c
150150
data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource, }
151151
).page({'username': request.query_params.get("username"),
152152
'nick_name': request.query_params.get("nick_name"),
153-
'permission': request.query_params.get("permission")}, current_page, page_size,
153+
'permission': request.query_params.getlist("permission")}, current_page, page_size,
154154
))

0 commit comments

Comments
 (0)