zcdsj
/
cma_search
mirror of https://e.coding.net/ctcdevteam/cma_search.git
5
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

组长权限控制

This commit is contained in:
caoqianming 2021-05-13 09:35:14 +08:00
parent a360299bc2
commit b977024972
2 changed files with 17 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
server/apps/quality/permission.py
View File

@ -3,16 +3,13 @@ from .models import *
class IsSubInspectTaskLeader(RbacPermission):
def has_object_permission(self, request, view, obj):
print(obj, request.user.name)
if InspectTeam.objects.filter(subtask=obj.subtask, type='组长').first().member == request.user:
# 如果是组长
return True
return False
class IsInspectRecordChecker(RbacPermission):
def has_object_permission(self, request, view, obj):
print(2, obj, request.user.name)
if obj.checker == request.user or obj.checker == None:
return True
return False

23
server/apps/quality/views.py
View File

@ -206,13 +206,18 @@ class InspectDeptViewSet(OptimizationMixin, ListModelMixin, RetrieveModelMixin,
InspectRecord.objects.bulk_create(records)
return Response(status=status.HTTP_201_CREATED)
@action(methods=['put'], detail=True, perms_map = {'put':'inspectrecord_update'},
permission_classes=[IsAdminUser|IsSubInspectTaskLeader])
@action(methods=['put'], detail=True, perms_map = {'put':'inspectrecord_update'})
def start(self, request, *args, **kwargs):
"""
对该组织开始检查
"""
obj = self.get_object()
if request.user == InspectTeam.objects.get(subtask=obj.subtask, type='组长').member:
pass
else:
raise PermissionDenied
if obj.state == '待检查':
obj.state = '检查中'
obj.start_date = timezone.now().date()
@ -220,13 +225,18 @@ class InspectDeptViewSet(OptimizationMixin, ListModelMixin, RetrieveModelMixin,
return Response(InspectDeptSerializer(instance=obj).data, status=status.HTTP_200_OK)
return Response('状态错误', status=status.HTTP_400_BAD_REQUEST)
@action(methods=['put'], detail=True, perms_map = {'put':'inspectrecord_update'},
permission_classes=[IsAdminUser|IsSubInspectTaskLeader])
@action(methods=['put'], detail=True, perms_map = {'put':'inspectrecord_update'})
def up(self, request, *args, **kwargs):
"""
组长对该组织检查结果提交
"""
obj = self.get_object()
if request.user == InspectTeam.objects.get(subtask=obj.subtask, type='组长').member:
pass
else:
raise PermissionDenied
if obj.state == '检查中':
if InspectRecord.objects.filter(checked=False, subtask=obj.subtask, dept=obj.dept).exists():
return Response('存在未完成检查记录', status=status.HTTP_400_BAD_REQUEST)
@ -297,8 +307,7 @@ class InspectRecordViewSet(OptimizationMixin, PageOrNot, ModelViewSet):
InspectRecord.objects.filter(item__in=items, subtask=subtask, checker__isnull=True, checked= False).update(checker=checker)
return Response(status=status.HTTP_200_OK)
@action(methods=['put'], detail=True, perms_map = {'put':'inspectrecord_update'},
permission_classes=[IsAdminUser|IsInspectRecordChecker|IsSubInspectTaskLeader])
@action(methods=['put'], detail=True, perms_map = {'put':'inspectrecord_update'})
def check(self, request, *args, **kwargs):
"""
提交单条记录检查结果
@ -306,6 +315,8 @@ class InspectRecordViewSet(OptimizationMixin, PageOrNot, ModelViewSet):
instance = self.get_object()
leader = InspectTeam.objects.get(subtask=instance.subtask, type='组长').member
if request.user == instance.checker or request.user == None or request.user == leader:
pass
else:
raise PermissionDenied
if instance.subtask.state == '执行中':
serializer = InspectRecordCheckSerializer(instance, data=request.data)