|
7 | 7 | @desc: |
8 | 8 | """ |
9 | 9 | import re |
| 10 | +from itertools import product |
10 | 11 |
|
11 | 12 | from django.db import transaction |
12 | 13 | from django.db.models import Q, QuerySet |
@@ -185,21 +186,7 @@ def save(self, instance, with_valid=True): |
185 | 186 | source="LOCAL", |
186 | 187 | is_active=True |
187 | 188 | ) |
188 | | - # 企业版本 增加用户的角色设置 参数是 role_id [workspace_id] |
189 | | - workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping") |
190 | | - if workspace_user_role_mapping_model: |
191 | | - # 获取当前用户的角色设置 |
192 | | - role_setting = instance.get('role_setting') |
193 | | - # role_setting 的数据类型是{"role_id": [workspace_id1, workspace_id2]} |
194 | | - # 如果是系统层级的 workspace_id 是 SYSTEM 或者是NONE |
195 | | - for role_id, workspace_ids in role_setting.items(): |
196 | | - for workspace_id in workspace_ids: |
197 | | - # 创建用户角色映射关系 |
198 | | - workspace_user_role_mapping_model.objects.create( |
199 | | - user_id=user.id, |
200 | | - role_id=role_id, |
201 | | - workspace_id=workspace_id |
202 | | - ) |
| 189 | + update_user_role(instance, user) |
203 | 190 | user.save() |
204 | 191 | return UserInstanceSerializer(user).data |
205 | 192 |
|
@@ -314,20 +301,7 @@ def edit(self, instance, with_valid=True): |
314 | 301 | user = User.objects.filter(id=self.data.get('id')).first() |
315 | 302 | self._check_admin_modification(user, instance) |
316 | 303 | self._update_user_fields(user, instance) |
317 | | - workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping") |
318 | | - if workspace_user_role_mapping_model: |
319 | | - # 获取当前用户的角色设置 |
320 | | - role_setting = instance.get('role_setting') |
321 | | - # 全部删除重新添加 |
322 | | - workspace_user_role_mapping_model.objects.filter(user_id=user.id).delete() |
323 | | - for role_id, workspace_ids in role_setting.items(): |
324 | | - for workspace_id in workspace_ids: |
325 | | - # 创建用户角色映射关系 |
326 | | - workspace_user_role_mapping_model.objects.create( |
327 | | - user_id=user.id, |
328 | | - role_id=role_id, |
329 | | - workspace_id=workspace_id |
330 | | - ) |
| 304 | + update_user_role(instance, user) |
331 | 305 | user.save() |
332 | 306 | return UserInstanceSerializer(user).data |
333 | 307 |
|
@@ -398,3 +372,30 @@ def get_user_list(self, workspace_id): |
398 | 372 |
|
399 | 373 | users = User.objects.filter(id__in=user_ids).values('id', 'nick_name') |
400 | 374 | return list(users) |
| 375 | + |
| 376 | +def update_user_role(instance, user): |
| 377 | + workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping") |
| 378 | + role_setting_model = DatabaseModelManage.get_model("role_model") |
| 379 | + if workspace_user_role_mapping_model: |
| 380 | + role_setting = instance.get('role_setting') |
| 381 | + workspace_user_role_mapping_model.objects.filter(user_id=user.id).delete() |
| 382 | + relations = set() |
| 383 | + for item in role_setting: |
| 384 | + for role_id, workspace_ids in item.items(): |
| 385 | + relations.update(set(product([role_id], workspace_ids))) |
| 386 | + |
| 387 | + role_ids = {role_id for item in role_setting for role_id in item} |
| 388 | + role_ids_is_system = role_setting_model.objects.filter(id__in=role_ids, |
| 389 | + type='SYSTEM_ADMIN').values_list( |
| 390 | + 'id', flat=True) |
| 391 | + if role_ids_is_system: |
| 392 | + relations = {(role_id, 'SYSTEM') if role_id in role_ids_is_system else (role_id, workspace_id) |
| 393 | + for role_id, workspace_id in relations} |
| 394 | + for role_id, workspace_id in relations: |
| 395 | + workspace_user_role_mapping_model.objects.create( |
| 396 | + id=uuid.uuid7(), |
| 397 | + role_id=role_id, |
| 398 | + workspace_id=workspace_id, |
| 399 | + user_id=user.id |
| 400 | + ) |
| 401 | + |
0 commit comments