Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
l y
Jumpserver
Commits
5f370c1c
Commit
5f370c1c
authored
3 years ago
by
Jiangjie.Bai
Committed by
老广
3 years ago
Browse files
Options
Download
Email Patches
Plain Diff
perf: 优化内置系统用户角色权限
parent
f026b86a
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
apps/authentication/api/access_key.py
+2
-2
apps/authentication/api/access_key.py
apps/authentication/api/temp_token.py
+5
-2
apps/authentication/api/temp_token.py
apps/common/validators.py
+1
-1
apps/common/validators.py
apps/rbac/builtin.py
+2
-1
apps/rbac/builtin.py
apps/rbac/const.py
+1
-0
apps/rbac/const.py
with
11 additions
and
6 deletions
+11
-6
apps/authentication/api/access_key.py
+
2
-
2
View file @
5f370c1c
...
...
@@ -2,14 +2,14 @@
#
from
rest_framework.viewsets
import
ModelViewSet
from
common.permissions
import
IsValidUser
from
..
import
serializers
from
rbac.permissions
import
RBACPermission
class
AccessKeyViewSet
(
ModelViewSet
):
serializer_class
=
serializers
.
AccessKeySerializer
search_fields
=
[
'^id'
,
'^secret'
]
permission_classes
=
[
RBACPermission
]
def
get_queryset
(
self
):
return
self
.
request
.
user
.
access_keys
.
all
()
...
...
This diff is collapsed.
Click to expand it.
apps/authentication/api/temp_token.py
+
5
-
2
View file @
5f370c1c
...
...
@@ -3,15 +3,18 @@ from rest_framework.response import Response
from
rest_framework.decorators
import
action
from
common.drf.api
import
JMSModelViewSet
from
common.permissions
import
IsValidUser
from
..models
import
TempToken
from
..serializers
import
TempTokenSerializer
from
rbac.permissions
import
RBACPermission
class
TempTokenViewSet
(
JMSModelViewSet
):
serializer_class
=
TempTokenSerializer
permission_classes
=
[
IsValidUser
]
permission_classes
=
[
RBACPermission
]
http_method_names
=
[
'post'
,
'get'
,
'options'
,
'patch'
]
rbac_perms
=
{
'expire'
:
'authentication.change_temptoken'
,
}
def
get_queryset
(
self
):
username
=
self
.
request
.
user
.
username
...
...
This diff is collapsed.
Click to expand it.
apps/common/validators.py
+
1
-
1
View file @
5f370c1c
...
...
@@ -42,7 +42,7 @@ class NoSpecialChars:
class
PhoneValidator
:
pattern
=
re
.
compile
(
r
"^1[356789]\d{9}$"
)
pattern
=
re
.
compile
(
r
"^1[3
4
56789]\d{9}$"
)
message
=
_
(
'The mobile phone number format is incorrect'
)
def
__call__
(
self
,
value
):
...
...
This diff is collapsed.
Click to expand it.
apps/rbac/builtin.py
+
2
-
1
View file @
5f370c1c
...
...
@@ -4,7 +4,8 @@ from .const import Scope, system_exclude_permissions, org_exclude_permissions
system_user_perms
=
(
(
'authentication'
,
'connectiontoken'
,
'add'
,
'connectiontoken'
),
(
'authentication'
,
'temptoken'
,
'add'
,
'temptoken'
),
(
'authentication'
,
'temptoken'
,
'add,change,view'
,
'temptoken'
),
(
'authentication'
,
'accesskey'
,
'*'
,
'*'
),
(
'tickets'
,
'ticket'
,
'view'
,
'ticket'
),
(
'orgs'
,
'organization'
,
'view'
,
'rootorg'
),
)
...
...
This diff is collapsed.
Click to expand it.
apps/rbac/const.py
+
1
-
0
View file @
5f370c1c
...
...
@@ -25,6 +25,7 @@ exclude_permissions = (
(
'authentication'
,
'connectiontoken'
,
'change,delete'
,
'connectiontoken'
),
(
'authentication'
,
'ssotoken'
,
'*'
,
'*'
),
(
'authentication'
,
'superconnectiontoken'
,
'change,delete'
,
'superconnectiontoken'
),
(
'authentication'
,
'temptoken'
,
'delete'
,
'temptoken'
),
(
'users'
,
'userpasswordhistory'
,
'*'
,
'*'
),
(
'applications'
,
'applicationuser'
,
'*'
,
'*'
),
(
'applications'
,
'historicalaccount'
,
'*'
,
'*'
),
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
