[SaaS] 管理后台 -- 全局用户组管理 #751
Assignees
Labels
Layer: SaaS
bk-iam-saas/saas
Priority: Medium
Sign: help wanted
Extra attention is needed
Size: M
<=3 days
Type: Enhancement
New feature or request
Projects
Comments
zhu327
added
Type: Enhancement
|
【排期】 |
|
【排期】 |
思路
GroupViewSet
from backend.apps.group.views import GroupViewSet
class GroupViewSet(GroupViewSet): # 继承/apps/group下的GroupViewSet
def get_queryset(self):
return Group.objects.all()
def list(self, request, *args, **kwargs):
return super().list(request, *args, **kwargs)
def retrieve(self, request, *args, **kwargs):
return super().retrieve(request, *args, **kwargs)
@view_audit_decorator(GroupDeleteAuditProvider)
def destroy(self, request, *args, **kwargs):
return super().destroy(request, *args, **kwargs)GroupMemberViewSet
from backend.apps.group.views import GroupMemberViewSet
class GroupMemberViewSet(GroupMemberViewSet): # 继承/apps/group下的GroupMemberViewSet
def list(self, request, *args, **kwargs):
group = get_object_or_404(self.queryset, pk=kwargs["id"])
# 校验权限 (去除这部分校验)
#checker = RoleObjectRelationChecker(request.role)
#if not checker.check_group(group):
# raise error_codes.FORBIDDEN.format(message=_("用户组({})不在当前用户身份可访问的范围内").format(group.id), replace=True)
if request.query_params.get("keyword"):
slz = SearchMemberSLZ(data=request.query_params)
slz.is_valid(raise_exception=True)
keyword = slz.validated_data["keyword"].lower()
group_members = self.biz.search_member_by_keyword(group.id, keyword)
return Response({"results": [one.dict() for one in group_members]})
pagination = LimitOffsetPagination()
limit = pagination.get_limit(request)
offset = pagination.get_offset(request)
count, group_members = self.biz.list_paging_group_member(group.id, limit, offset)
return Response({"count": count, "results": [one.dict() for one in group_members]})
def create(self, request, *args, **kwargs):
serializer = GroupAddMemberSLZ(data=request.data)
serializer.is_valid(raise_exception=True)
group = self.get_object()
data = serializer.validated_data
members_data = data["members"]
expired_at = data["expired_at"]
# 成员Dict结构转换为Subject结构,并去重
members = list(set(parse_obj_as(List[Subject], members_data)))
# 检测成员是否满足管理的授权范围
# self.group_check_biz.check_role_subject_scope(request.role, members) 【不做该部分检测】
self.group_check_biz.check_member_count(group.id, len(members))
permission_logger.info("group %s add members %s by user %s", group.id, members, request.user.username)
# 添加成员
self.biz.add_members(group.id, members, expired_at)
# 写入审计上下文
audit_context_setter(group=group, members=[m.dict() for m in members])
return Response({}, status=status.HTTP_201_CREATED)
@view_audit_decorator(GroupMemberDeleteAuditProvider)
def destroy(self, request, *args, **kwargs):
return super().destroy(request, *args, **kwargs) |
def list(self, request, *args, **kwargs):
return super().list(request, *args, **kwargs)
|
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 4, 2022
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 4, 2022
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 4, 2022
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 4, 2022
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 4, 2022
Closed
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 5, 2022
Closed
Canway-shiisa
added a commit
to Canway-shiisa/bk-iam-saas
that referenced
this issue
Jul 5, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
梳理下现有的用户组管理功能
The text was updated successfully, but these errors were encountered: