-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[SaaS] 管理后台 -- 全局用户组管理 #751
Comments
【排期】 |
【排期】 |
思路
GroupViewSet
from backend.apps.group.views import GroupViewSet
class GroupViewSet(GroupViewSet): # 继承/apps/group下的GroupViewSet
def get_queryset(self):
return Group.objects.all()
def list(self, request, *args, **kwargs):
return super().list(request, *args, **kwargs)
def retrieve(self, request, *args, **kwargs):
return super().retrieve(request, *args, **kwargs)
@view_audit_decorator(GroupDeleteAuditProvider)
def destroy(self, request, *args, **kwargs):
return super().destroy(request, *args, **kwargs) GroupMemberViewSet
from backend.apps.group.views import GroupMemberViewSet
class GroupMemberViewSet(GroupMemberViewSet): # 继承/apps/group下的GroupMemberViewSet
def list(self, request, *args, **kwargs):
group = get_object_or_404(self.queryset, pk=kwargs["id"])
# 校验权限 (去除这部分校验)
#checker = RoleObjectRelationChecker(request.role)
#if not checker.check_group(group):
# raise error_codes.FORBIDDEN.format(message=_("用户组({})不在当前用户身份可访问的范围内").format(group.id), replace=True)
if request.query_params.get("keyword"):
slz = SearchMemberSLZ(data=request.query_params)
slz.is_valid(raise_exception=True)
keyword = slz.validated_data["keyword"].lower()
group_members = self.biz.search_member_by_keyword(group.id, keyword)
return Response({"results": [one.dict() for one in group_members]})
pagination = LimitOffsetPagination()
limit = pagination.get_limit(request)
offset = pagination.get_offset(request)
count, group_members = self.biz.list_paging_group_member(group.id, limit, offset)
return Response({"count": count, "results": [one.dict() for one in group_members]})
def create(self, request, *args, **kwargs):
serializer = GroupAddMemberSLZ(data=request.data)
serializer.is_valid(raise_exception=True)
group = self.get_object()
data = serializer.validated_data
members_data = data["members"]
expired_at = data["expired_at"]
# 成员Dict结构转换为Subject结构,并去重
members = list(set(parse_obj_as(List[Subject], members_data)))
# 检测成员是否满足管理的授权范围
# self.group_check_biz.check_role_subject_scope(request.role, members) 【不做该部分检测】
self.group_check_biz.check_member_count(group.id, len(members))
permission_logger.info("group %s add members %s by user %s", group.id, members, request.user.username)
# 添加成员
self.biz.add_members(group.id, members, expired_at)
# 写入审计上下文
audit_context_setter(group=group, members=[m.dict() for m in members])
return Response({}, status=status.HTTP_201_CREATED)
@view_audit_decorator(GroupMemberDeleteAuditProvider)
def destroy(self, request, *args, **kwargs):
return super().destroy(request, *args, **kwargs) |
def list(self, request, *args, **kwargs):
return super().list(request, *args, **kwargs)
|
梳理下现有的用户组管理功能
The text was updated successfully, but these errors were encountered: