From 701784fb5395d1a74a45b14b0ea9a07f7ca73031 Mon Sep 17 00:00:00 2001
From: caoqianming <caoqianming@foxmail.com>
Date: Tue, 8 Nov 2022 13:20:05 +0800
Subject: [PATCH] =?UTF-8?q?=E8=80=83=E8=AF=95api=E5=9F=BA=E6=9C=AC?=
 =?UTF-8?q?=E5=AE=8C=E6=88=903?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 client/.env.development               |  4 ++--
 server/apps/ability/views.py          | 22 ++--------------------
 server/apps/ability/views_qtask.py    | 22 +++-------------------
 server/apps/quality/views.py          |  2 +-
 server/apps/supervision/views.py      | 21 +--------------------
 server/apps/system/permission.py      |  2 +-
 server/apps/system/permission_data.py |  6 +++++-
 7 files changed, 15 insertions(+), 64 deletions(-)

diff --git a/client/.env.development b/client/.env.development
index aacde3e..b2cc6c5 100644
--- a/client/.env.development
+++ b/client/.env.development
@@ -3,8 +3,8 @@ ENV = 'development'
 
 # base api
 #VUE_APP_BASE_API = 'http://10.0.11.127:8000/api'
-#VUE_APP_BASE_API = 'http://127.0.0.1:8000/api'
-VUE_APP_BASE_API = 'https://testsearch.ctc.ac.cn/api'
+VUE_APP_BASE_API = 'http://127.0.0.1:2222/api'
+#VUE_APP_BASE_API = 'https://testsearch.ctc.ac.cn/api'
                      
 #VUE_APP_BASE_API = 'http://47.95.0.242:9101/api'
 
diff --git a/server/apps/ability/views.py b/server/apps/ability/views.py
index ce3ec75..16a02ee 100644
--- a/server/apps/ability/views.py
+++ b/server/apps/ability/views.py
@@ -19,6 +19,7 @@ from apps.supervision.models import Content, Record
 from apps.supervision.serializers import ContentSerializer, RecordCreateSerializer, RecordSerializer
 from apps.system.mixins import CreateUpdateCustomMixin
 from utils.queryset import get_child_queryset2
+from apps.system.permission_data import RbacFilterSet
 from django.utils import timezone
 from apps.supervision.permission import RecordPermission
 from django.utils.decorators import method_decorator
@@ -60,7 +61,7 @@ class AbilityContentViewSet(CreateUpdateCustomMixin, ModelViewSet):
     def perform_update(self, serializer):
         serializer.save(update_by = self.request.user)
 
-class AbilityRecordViewSet(PageOrNot, CreateUpdateCustomMixin, ModelViewSet):
+class AbilityRecordViewSet(RbacFilterSet, PageOrNot, CreateUpdateCustomMixin, ModelViewSet):
     perms_map = {'get': '*', 'post': '*',
                  'put': '*', 'delete': '*'}
     queryset = Record.objects.filter(content__cate=2)
@@ -70,25 +71,6 @@ class AbilityRecordViewSet(PageOrNot, CreateUpdateCustomMixin, ModelViewSet):
     ordering = ['-task', 'content__sortnum', '-create_time']
     filterset_fields = ['content','content__cate', 'belong_dept', 'state']
 
-    def get_queryset(self):
-        queryset = self.queryset
-        if hasattr(self.get_serializer_class(), 'setup_eager_loading'):
-            queryset = self.get_serializer_class().setup_eager_loading(queryset)
-        if self.request.user.is_superuser:
-            pass
-        if hasattr(queryset.model, 'belong_dept'):
-            user = self.request.user
-            roles = user.roles
-            data_range = roles.values_list('datas', flat=True)
-            if '全部' in data_range:
-                pass
-            elif '本级及以下' in data_range:
-                belong_depts = get_child_queryset2(user.dept)
-                queryset = queryset.filter(belong_dept__in = belong_depts)
-            elif '本级' in data_range:
-                queryset = queryset.filter(belong_dept = user.dept)
-        return queryset
-
     def filter_queryset(self, queryset):
         if not self.request.query_params.get('pageoff', None):
             queryset = queryset.exclude(state='待发布')
diff --git a/server/apps/ability/views_qtask.py b/server/apps/ability/views_qtask.py
index 7e29bc6..dbe800a 100644
--- a/server/apps/ability/views_qtask.py
+++ b/server/apps/ability/views_qtask.py
@@ -13,6 +13,7 @@ from rest_framework.exceptions import ParseError
 from rest_framework import serializers
 from rest_framework.exceptions import ParseError
 from utils.queryset import get_child_queryset2
+from apps.system.permission_data import RbacFilterSet
 
 
 class QualiLibViewSet(PageOrNot, ListModelMixin, GenericViewSet):
@@ -112,7 +113,7 @@ def cal_count(qtask, org):
     qorg.save()
 
 
-class QActionViewSet(PageOrNot, ListModelMixin, DestroyModelMixin, RetrieveModelMixin, GenericViewSet):
+class QActionViewSet(RbacFilterSet, PageOrNot, ListModelMixin, DestroyModelMixin, RetrieveModelMixin, GenericViewSet):
     perms_map = {'get': '*', 'delete': 'qaction_delete'}
     queryset = QAction.objects.select_related(
         'file', 'atype', 'afield', 'qtask', 'belong_dept', 'create_by')
@@ -126,24 +127,7 @@ class QActionViewSet(PageOrNot, ListModelMixin, DestroyModelMixin, RetrieveModel
             return QActionDetailSerializer
         return super().get_serializer_class()
 
-    def get_queryset(self):
-        queryset = self.queryset
-        if hasattr(self.get_serializer_class(), 'setup_eager_loading'):
-            queryset = self.get_serializer_class().setup_eager_loading(queryset)
-        if self.request.user.is_superuser:
-            pass
-        if hasattr(queryset.model, 'belong_dept'):
-            user = self.request.user
-            roles = user.roles
-            data_range = roles.values_list('datas', flat=True)
-            if '全部' in data_range:
-                pass
-            elif '本级及以下' in data_range:
-                belong_depts = get_child_queryset2(user.dept)
-                queryset = queryset.filter(belong_dept__in=belong_depts)
-            elif '本级' in data_range:
-                queryset = queryset.filter(belong_dept=user.dept)
-        return queryset
+
 
     # @action(methods=['get'], detail=False, perms_map={'get': '*'})
     # def my(self, request, *args, **kwargs):
diff --git a/server/apps/quality/views.py b/server/apps/quality/views.py
index 484e209..57f8f82 100644
--- a/server/apps/quality/views.py
+++ b/server/apps/quality/views.py
@@ -98,7 +98,7 @@ class SubtaskViewSet(PageOrNot, CreateUpdateCustomMixin, OptimizationMixin, Mode
         if has_permission('inspecttask_create', self.request.user):
             return queryset
         else:
-            return queryset.filter(team_subtask__member=self.request.user).exclude(state='待发布')
+            return queryset.filter(team_subtask__member__id=self.request.user.id).exclude(state='待发布')
 
     @action(methods=['get'], detail=False, perms_map = {'get':'*'})
     def self(self, request, *args, **kwargs):
diff --git a/server/apps/supervision/views.py b/server/apps/supervision/views.py
index 5ff50e4..c6c307a 100644
--- a/server/apps/supervision/views.py
+++ b/server/apps/supervision/views.py
@@ -209,7 +209,7 @@ from utils.queryset import get_child_queryset2
 
 from .permission import RecordPermission
 
-class RecordViewSet(PageOrNot, CreateUpdateCustomMixin, ModelViewSet):
+class RecordViewSet(RbacFilterSet, PageOrNot, CreateUpdateCustomMixin, ModelViewSet):
     perms_map = {'get': '*', 'post': 'record_create',
                  'put': 'record_update', 'delete': 'record_delete'}
     queryset = Record.objects.filter(content__cate=1)
@@ -219,25 +219,6 @@ class RecordViewSet(PageOrNot, CreateUpdateCustomMixin, ModelViewSet):
     ordering = ['-task', 'content__sortnum', '-create_time']
     filter_class = RecordFilter # 过滤类
 
-    def get_queryset(self):
-        queryset = self.queryset
-        if hasattr(self.get_serializer_class(), 'setup_eager_loading'):
-            queryset = self.get_serializer_class().setup_eager_loading(queryset)
-        if self.request.user.is_superuser:
-            pass
-        if hasattr(queryset.model, 'belong_dept'):
-            user = self.request.user
-            roles = user.roles
-            data_range = roles.values_list('datas', flat=True)
-            if '全部' in data_range:
-                pass
-            elif '本级及以下' in data_range:
-                belong_depts = get_child_queryset2(user.dept)
-                queryset = queryset.filter(belong_dept__in = belong_depts)
-            elif '本级' in data_range:
-                queryset = queryset.filter(belong_dept = user.dept)
-        return queryset
-
     def filter_queryset(self, queryset):
         if not self.request.query_params.get('pageoff', None):
             queryset = queryset.exclude(state='待发布')
diff --git a/server/apps/system/permission.py b/server/apps/system/permission.py
index 590c1f1..7fbc595 100644
--- a/server/apps/system/permission.py
+++ b/server/apps/system/permission.py
@@ -12,7 +12,7 @@ def get_permission_list(user):
         perms_list = ['admin']
     else:
         perms = Permission.objects.none()
-        roles = user.roles.all()
+        roles = user.roles.all() if hasattr(user, 'roles') else None
         if roles:
             for i in roles:
                 perms = perms | i.perms.all()
diff --git a/server/apps/system/permission_data.py b/server/apps/system/permission_data.py
index 65bf5c9..ad42ec0 100644
--- a/server/apps/system/permission_data.py
+++ b/server/apps/system/permission_data.py
@@ -34,7 +34,9 @@ class RbacFilterSet(object):
 
         if hasattr(queryset.model, 'belong_dept'):
             user = self.request.user
-            roles = user.roles
+            roles = user.roles if hasattr(user, 'roles') else []
+            if not roles:
+                return queryset.none()
             data_range = roles.values_list('datas', flat=True)
             if '全部' in data_range:
                 return queryset
@@ -57,6 +59,8 @@ class RbacFilterSet(object):
             elif '仅本人' in data_range:
                 queryset = queryset.filter(Q(create_by=user)|Q(update_by=user))
                 return queryset
+            else:
+                return queryset.none()
         return queryset