feat: Get resource user permission detail

Author: zhanweizhang7

apps/system_manage/api/user_resource_permission.py

@@ -8,9 +8,11 @@
 """
 from drf_spectacular.types import OpenApiTypes
 from drf_spectacular.utils import OpenApiParameter
+from rest_framework import serializers
+from django.utils.translation import gettext_lazy as _
 
 from common.mixins.api_mixin import APIMixin
-from common.result import ResultSerializer
+from common.result import ResultSerializer, ResultPageSerializer
 from system_manage.serializers.user_resource_permission import UserResourcePermissionResponse, \
     UpdateUserResourcePermissionRequest
 
@@ -49,3 +51,126 @@ class EditUserResourcePermissionAPI(APIMixin):
     @staticmethod
     def get_request():
         return UpdateUserResourcePermissionRequest()
+
+
+class ResourceUserPermissionResponse(serializers.Serializer):
+    id = serializers.CharField(required=True, label=_('user id'))
+    nick_name = serializers.CharField(required=True, allow_null=True, allow_blank=True, label=_('nick_name'))
+    username = serializers.CharField(required=True, allow_null=True, allow_blank=True, label=_('username'))
+    permission = serializers.CharField(required=True, label=_('permission'))
+
+
+class APIResourceUserPermissionResponse(ResultSerializer):
+    def get_data(self):
+        return ResourceUserPermissionResponse(many=True)
+
+
+class ResourceUserPermissionAPI(APIMixin):
+    @staticmethod
+    def get_parameters():
+        return [
+            OpenApiParameter(
+                name="workspace_id",
+                description="工作空间id",
+                type=OpenApiTypes.STR,
+                location='path',
+                required=True
+            ),
+            OpenApiParameter(
+                name="target",
+                description="资源id",
+                type=OpenApiTypes.STR,
+                location='path',
+                required=True
+            ),
+            OpenApiParameter(
+                name="resource",
+                description="资源类型",
+                type=OpenApiTypes.STR,
+                location='path',
+                required=True
+            ),
+            OpenApiParameter(
+                name="username",
+                description="用户名",
+                type=OpenApiTypes.STR,
+                location='query',
+                required=False
+            ),
+            OpenApiParameter(
+                name="nick_name",
+                description="姓名",
+                type=OpenApiTypes.STR,
+                location='query',
+                required=False
+            ),
+        ]
+
+    @staticmethod
+    def get_response():
+        return APIResourceUserPermissionResponse
+
+
+class APIResourceUserPermissionPageResponse(ResultPageSerializer):
+    def get_data(self):
+        return ResourceUserPermissionResponse(many=True)
+
+
+class ResourceUserPermissionPageAPI(APIMixin):
+    @staticmethod
+    def get_parameters():
+        return [
+            OpenApiParameter(
+                name="workspace_id",
+                description="工作空间id",
+                type=OpenApiTypes.STR,
+                location='path',
+                required=True
+            ),
+            OpenApiParameter(
+                name="target",
+                description="资源id",
+                type=OpenApiTypes.STR,
+                location='path',
+                required=True
+            ),
+            OpenApiParameter(
+                name="resource",
+                description="资源类型",
+                type=OpenApiTypes.STR,
+                location='path',
+                required=True
+            ),
+            OpenApiParameter(
+                name="current_page",
+                description=_("Current page"),
+                type=OpenApiTypes.INT,
+                location='path',
+                required=True,
+            ),
+            OpenApiParameter(
+                name="page_size",
+                description=_("Page size"),
+                type=OpenApiTypes.INT,
+                location='path',
+                required=True,
+            ),
+            OpenApiParameter(
+                name="username",
+                description="用户名",
+                type=OpenApiTypes.STR,
+                location='query',
+                required=False
+            ),
+            OpenApiParameter(
+                name="nick_name",
+                description="姓名",
+                type=OpenApiTypes.STR,
+                location='query',
+                required=False
+            ),
+        ]
+
+    @staticmethod
+    def get_response():
+        return APIResourceUserPermissionPageResponse

apps/system_manage/serializers/user_resource_permission.py

@@ -19,7 +19,7 @@
 from common.constants.permission_constants import get_default_workspace_user_role_mapping_list, RoleConstants, \
     ResourcePermission, ResourcePermissionRole, ResourceAuthType
 from common.database_model_manage.database_model_manage import DatabaseModelManage
-from common.db.search import native_search
+from common.db.search import native_search, native_page_search
 from common.db.sql_execute import select_list
 from common.exception.app_exception import AppApiException
 from common.utils.common import get_file_content
@@ -30,6 +30,7 @@
 from models_provider.models import Model
 from system_manage.models import WorkspaceUserResourcePermission, AuthTargetType
 from tools.models import Tool
+from users.models import User
 from users.serializers.user import is_workspace_manage
 
 
@@ -260,3 +261,59 @@ def edit(self, instance, user, with_valid=True):
         key = Cache_Version.PERMISSION_LIST.get_key(user_id=user_id)
         cache.delete(key, version=version)
         return True
+
+
+class ResourceUserPermissionUserListRequest(serializers.Serializer):
+    nick_name = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id'))
+    username = serializers.CharField(required=False, allow_null=True, allow_blank=True, label=_('workspace id'))
+
+class ResourceUserPermissionSerializer(serializers.Serializer):
+    workspace_id = serializers.CharField(required=True, label=_('workspace id'))
+    target = serializers.CharField(required=True, label=_('resource id'))
+    auth_target_type = serializers.CharField(required=True, label=_('resource'))
+
+    def get_queryset(self, instance):
+        user_query_set = QuerySet(User)
+        nick_name = instance.get('nick_name')
+        username = instance.get('username')
+
+        if nick_name:
+            user_query_set = user_query_set.filter(nick_name__contains=nick_name)
+        if username:
+            user_query_set = user_query_set.filter(username__contains=username)
+
+        return {
+            'workspace_user_resource_permission_query_set': QuerySet(WorkspaceUserResourcePermission).filter(
+                workspace_id=self.data.get('workspace_id'),
+                auth_target_type=self.data.get('auth_target_type'),
+                target=self.data.get('target')),
+            'user_query_set': user_query_set
+        }
+
+    def list(self, instance, with_valid=True):
+        if with_valid:
+            self.is_valid(raise_exception=True)
+            ResourceUserPermissionUserListRequest(data=instance).is_valid(raise_exception=True)
+        # 资源的用户授权列表
+        resource_user_permission_list = native_search(self.get_queryset(instance), get_file_content(
+            os.path.join(PROJECT_DIR, "apps", "system_manage", 'sql', 'get_resource_user_permission_detail.sql')
+        ))
+        return resource_user_permission_list
+
+    def page(self, instance, current_page: int, page_size: int, with_valid=True):
+        if with_valid:
+            self.is_valid(raise_exception=True)
+            ResourceUserPermissionUserListRequest(data=instance).is_valid(raise_exception=True)
+        # 分页列表
+        resource_user_permission_page_list = native_page_search(current_page, page_size, self.get_queryset(instance),
+                                                                get_file_content(
+                                                                    os.path.join(PROJECT_DIR, "apps", "system_manage",
+                                                                                 'sql',
+                                                                                 'get_resource_user_permission_detail.sql')
+                                                                ))
+        return resource_user_permission_page_list
+
+    def edit(self, instance, with_valid=True):
+        if with_valid:
+            self.is_valid(raise_exception=True)
+            ResourceUserPermissionUserListRequest(data=instance).is_valid(raise_exception=True)

apps/system_manage/sql/get_resource_user_permission_detail.sql

@@ -0,0 +1,25 @@
+SELECT
+    u.id,
+    u.nick_name,
+    u.username,
+    (case
+		when wurp.auth_type = 'ROLE'
+		and  'ROLE' = any(wurp.permission_list) then 'ROLE'
+			when wurp.auth_type = 'RESOURCE_PERMISSION_GROUP'
+			and 'MANAGE'= any(wurp.permission_list)   then 'MANAGE'
+			  when wurp.auth_type = 'RESOURCE_PERMISSION_GROUP'
+			and 'VIEW' = any(wurp.permission_list) then 'VIEW'
+			else 'NOT_AUTH'
+		end) as "permission_list"
+FROM
+    public."user" u
+LEFT JOIN (
+    SELECT
+        *
+    FROM
+        workspace_user_resource_permission
+        ${workspace_user_resource_permission_query_set}
+        ) wurp
+ON
+    u.id = wurp.user_id
+${user_query_set}

apps/system_manage/urls.py

@@ -6,6 +6,8 @@
 # @formatter:off
 urlpatterns = [
     path('workspace/<str:workspace_id>/user_resource_permission/user/<str:user_id>/resource/<str:resource>', views.WorkSpaceUserResourcePermissionView.as_view()),
+    path('workspace/<str:workspace_id>/resource_user_permission/resource/<str:target>/resource/<str:resource>', views.WorkspaceResourceUserPermissionView.as_view()),
+    path('workspace/<str:workspace_id>/resource_user_permission/resource/<str:target>/resource/<str:resource>/<int:current_page>/<int:page_size>', views.WorkspaceResourceUserPermissionView.Page.as_view()),
     path('email_setting', views.SystemSetting.Email.as_view()),
     path('profile', views.SystemProfile.as_view()),
     path('valid/<str:valid_type>/<int:valid_count>', views.Valid.as_view())

apps/system_manage/views/user_resource_permission.py

@@ -18,8 +18,10 @@
 from common.constants.permission_constants import PermissionConstants, RoleConstants, Permission, Group, Operate
 from common.log.log import log
 from common.result import DefaultResultSerializer
-from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI
-from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
+from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI, \
+    ResourceUserPermissionAPI, ResourceUserPermissionPageAPI
+from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer, \
+    ResourceUserPermissionSerializer
 from users.models import User
 
 
@@ -72,3 +74,42 @@ def put(self, request: Request, workspace_id: str, user_id: str, resource: str):
         return result.success(UserResourcePermissionSerializer(
             data={'workspace_id': workspace_id, 'user_id': user_id, 'auth_target_type': resource}
         ).edit(request.data, request.user))
+
+
+class WorkspaceResourceUserPermissionView(APIView):
+    authentication_classes = [TokenAuth]
+
+    @extend_schema(
+        methods=['GET'],
+        description=_('Get user authorization status of resource'),
+        summary=_('Get user authorization status of resource'),
+        operation_id=_('Get user authorization status of resource'),  # type: ignore
+        parameters=ResourceUserPermissionAPI.get_parameters(),
+        responses=ResourceUserPermissionAPI.get_response(),
+        tags=[_('Resources authorization')]  # type: ignore
+    )
+    def get(self, request: Request, workspace_id: str, target: str, resource: str):
+        return result.success(ResourceUserPermissionSerializer(
+            data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource,
+                  }).list(
+            {'username': request.query_params.get("username"), 'nick_name': request.query_params.get("nick_name")}))
+
+    class Page(APIView):
+        authentication_classes = [TokenAuth]
+
+        @extend_schema(
+            methods=['GET'],
+            description=_('Get user authorization status of resource by page'),
+            summary=_('Get user authorization status of resource by page'),
+            operation_id=_('Get user authorization status of resource by page'),  # type: ignore
+            parameters=ResourceUserPermissionPageAPI.get_parameters(),
+            responses=ResourceUserPermissionPageAPI.get_response(),
+            tags=[_('Resources authorization')]  # type: ignore
+        )
+        def get(self, request: Request, workspace_id: str, target: str, resource: str, current_page: int,
+                page_size: int):
+            return result.success(ResourceUserPermissionSerializer(
+                data={'workspace_id': workspace_id, "target": target, 'auth_target_type': resource, }
+            ).page({'username': request.query_params.get("username"),
+                    'nick_name': request.query_params.get("nick_name")}, current_page, page_size,
+                   ))