diff --git a/apps/homepage/serializers/homepage.py b/apps/homepage/serializers/homepage.py index 38cfff534ae..4a415790ed9 100644 --- a/apps/homepage/serializers/homepage.py +++ b/apps/homepage/serializers/homepage.py @@ -15,6 +15,7 @@ from django.db.models import QuerySet, Count, Q, UUIDField, Sum, F, BigIntegerField, Value, ExpressionWrapper, \ IntegerField, Window from django.db.models.functions import Cast, Coalesce, RowNumber +from django.forms import CharField from django.http import HttpResponse from django.utils import timezone from django.utils.translation import gettext_lazy as _, gettext @@ -57,7 +58,10 @@ def has_all_permission(auth, permission, workspace_id): or has_extends_workspace_manage_permission(auth, permission, workspace_id) - or hasPermission(auth, permission)) + or hasPermission(auth, + permission) + or RoleConstants.USER.name + f':/WORKSPACE/{workspace_id}' in auth.role_list + or RoleConstants.WORKSPACE_MANAGE.name + f':/WORKSPACE/{workspace_id}' in auth.role_list) def is_workspace_manage(auth, workspace_id): @@ -125,7 +129,7 @@ def aggregation(self, auth, with_valid=True): user_id=user_id, auth_target_type="APPLICATION", permission_list__overlap=permission_list - ) + ).exclude(target='default') .annotate( target_uuid=Cast( "target", @@ -184,7 +188,7 @@ def aggregation(self, auth, with_valid=True): user_id=user_id, auth_target_type="APPLICATION", permission_list__overlap=permission_list - ) + ).exclude(target='default') .annotate( target_uuid=Cast( "target", @@ -348,7 +352,7 @@ def _apply_permission_filter(self, queryset, auth, workspace_id, user_id): user_id=user_id, auth_target_type="APPLICATION", permission_list__overlap=permission_list, - ) + ).exclude(target='default') .annotate(target_uuid=Cast("target", output_field=UUIDField())) .values_list("target_uuid", flat=True) ) @@ -421,7 +425,7 @@ def get_queryset(self, auth): user_id=user_id, auth_target_type="APPLICATION", permission_list__overlap=permission_list, - ) + ).exclude(target='default') .annotate( target_uuid=Cast("target", output_field=UUIDField()) ) @@ -563,7 +567,7 @@ def get_queryset(self, auth): user_id=user_id, auth_target_type="APPLICATION", permission_list__overlap=permission_list - ) + ).exclude(target='default') .annotate(target_uuid=Cast("target", output_field=UUIDField())) .values_list("target_uuid", flat=True) ) @@ -751,7 +755,7 @@ def get_aggregation_query_set(self, auth): user_id=user_id, auth_target_type="APPLICATION", permission_list__overlap=permission_list - ).annotate(target_uuid=Cast("target", output_field=UUIDField())) + ).exclude(target='default').annotate(target_uuid=Cast("target", output_field=UUIDField())) .values_list("target_uuid", flat=True)) def aggregation(self, auth, with_valid=True): @@ -790,7 +794,7 @@ def get_aggregation_query_set(self, auth): user_id=user_id, auth_target_type="KNOWLEDGE", permission_list__overlap=permission_list - ).annotate( + ).exclude(target='default').annotate( target_uuid=Cast("target", output_field=UUIDField())) .values_list("target_uuid", flat=True)) @@ -839,7 +843,8 @@ def get_aggregation_query_set(self, auth): user_id=user_id, auth_target_type="TOOL", permission_list__overlap=permission_list - ).annotate( + ) + .exclude(target='default').annotate( target_uuid=Cast("target", output_field=UUIDField())) .values_list("target_uuid", flat=True)) @@ -885,7 +890,7 @@ def get_aggregation_query_set(self, auth): user_id=user_id, auth_target_type="MODEL", permission_list__overlap=permission_list - ).annotate( + ).exclude(target='default').annotate( target_uuid=Cast("target", output_field=UUIDField())) .values_list("target_uuid", flat=True))