Skip to content

Commit 87de043

Browse files
shaohuzhang1shaohuzhang1
authored
fix: The workspace administrator has incorrect data permissions (#6164)
1 parent 132eeea commit 87de043

1 file changed

Lines changed: 13 additions & 6 deletions

File tree

apps/users/serializers/user.py

Lines changed: 13 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -81,19 +81,26 @@ def is_workspace_manage(user_id: str, workspace_id: str):
8181
role__type=RoleConstants.WORKSPACE_MANAGE.value.__str__()).exists()
8282
return QuerySet(User).filter(id=user_id, role=RoleConstants.ADMIN.value.__str__()).exists()
8383

84+
8485
def is_workspace_manage_permission_read(user_id: str, workspace_id: str, permission_id):
8586
workspace_user_role_mapping_model = DatabaseModelManage.get_model("workspace_user_role_mapping")
8687
role_permission_mapping_model = DatabaseModelManage.get_model("role_permission_mapping_model")
8788
is_x_pack_ee = workspace_user_role_mapping_model is not None and role_permission_mapping_model is not None
8889
if is_x_pack_ee:
8990
has_permission = QuerySet(role_permission_mapping_model).filter(
90-
role__userrolerelation__user_id=user_id,
91-
role__userrolerelation__workspace_id=workspace_id,
92-
permission_id=permission_id,
93-
role__type=RoleConstants.WORKSPACE_MANAGE.value.__str__()
91+
Q(role__userrolerelation__user_id=user_id,
92+
role__userrolerelation__workspace_id=workspace_id,
93+
permission_id=permission_id,
94+
role__type=RoleConstants.WORKSPACE_MANAGE.value.__str__()) |
95+
Q(role__userrolerelation__user_id=user_id,
96+
role__userrolerelation__workspace_id=workspace_id,
97+
role__id=RoleConstants.WORKSPACE_MANAGE.value.__str__()
98+
)
9499
).exists()
95100
return has_permission
96101
return True
102+
103+
97104
def get_workspace_list_by_user(user_id):
98105
get_workspace_list = DatabaseModelManage.get_model('get_workspace_list_by_user')
99106
license_is_valid = DatabaseModelManage.get_model('license_is_valid') or (lambda: False)
@@ -1179,9 +1186,9 @@ def switch(self):
11791186
self.is_valid(raise_exception=True)
11801187
language = self.data.get('language')
11811188
support_language_list = CONFIG.get_languages()
1182-
#这个是一个list 完事是对象 key是语言的key value是语言的value 我只需要提取语言的key就行
1189+
# 这个是一个list 完事是对象 key是语言的key value是语言的value 我只需要提取语言的key就行
11831190
support_keys = [lang[0] for lang in support_language_list]
11841191
# support_language_list = ['zh-CN', 'zh-Hant', 'en-US'] en_US,ja,zh_CN,zh_Hant
11851192
if not support_keys.__contains__(language):
11861193
raise AppApiException(500, _('language only support:') + ','.join(support_keys))
1187-
QuerySet(User).filter(id=self.data.get('user_id')).update(language=language)
1194+
QuerySet(User).filter(id=self.data.get('user_id')).update(language=language)

0 commit comments

Comments
 (0)