Skip to content

Commit 7430cab

Browse files
fit2cloud-chenywfit2cloud-chenyw
committed
perf: Config user api
1 parent 42cacff commit 7430cab

File tree

2 files changed

+13
-7
lines changed

2 files changed

+13
-7
lines changed

backend/apps/system/api/workspace.py

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
from typing import Optional
2-
from fastapi import APIRouter, Query
2+
from fastapi import APIRouter, HTTPException, Query
33
from sqlmodel import exists, or_, select
44
from apps.system.models.system_model import UserWsModel, WorkspaceBase, WorkspaceEditor, WorkspaceModel
55
from apps.system.models.user import UserModel
@@ -105,11 +105,14 @@ async def pager(
105105

106106

107107
@router.post("/uws")
108-
async def create(session: SessionDep, creator: UserWsDTO):
108+
async def create(session: SessionDep, current_user: CurrentUser, creator: UserWsDTO):
109+
if not current_user.isAdmin and current_user.weight == 0:
110+
raise HTTPException("no permission to execute")
111+
oid: int = creator.oid if current_user.isAdmin else current_user.oid
109112
# 判断uid_list以及oid合法性
110113
db_model_list = [
111114
UserWsModel.model_validate({
112-
"oid": creator.oid,
115+
"oid": oid,
113116
"uid": uid,
114117
"weight": creator.weight
115118
})
@@ -133,10 +136,13 @@ async def edit(session: SessionDep, editor: UserWsEditor):
133136
session.commit()
134137

135138
@router.delete("/uws")
136-
async def delete(session: SessionDep, dto: UserWsBase):
137-
db_model_list: list[UserWsModel] = session.exec(select(UserWsModel).where(UserWsModel.uid.in_(dto.uid_list), UserWsModel.oid == dto.oid)).all()
139+
async def delete(session: SessionDep, current_user: CurrentUser, dto: UserWsBase):
140+
if not current_user.isAdmin and current_user.weight == 0:
141+
raise HTTPException("no permission to execute")
142+
oid: int = dto.oid if current_user.isAdmin else current_user.oid
143+
db_model_list: list[UserWsModel] = session.exec(select(UserWsModel).where(UserWsModel.uid.in_(dto.uid_list), UserWsModel.oid == oid)).all()
138144
if not db_model_list:
139-
raise ValueError(f"UserWsModel not found")
145+
raise HTTPException(f"UserWsModel not found")
140146
for db_model in db_model_list:
141147
session.delete(db_model)
142148
session.commit()

backend/apps/system/schemas/system_schema.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ class PwdEditor(BaseModel):
4848

4949
class UserWsBase(BaseModel):
5050
uid_list: list[int]
51-
oid: int
51+
oid: Optional[int] = None
5252
class UserWsDTO(UserWsBase):
5353
weight: int = 0
5454

0 commit comments

Comments
 (0)