zcdsj
/
factory
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: mio和mioitem的权限控制

This commit is contained in:
caoqianming 2023-10-11 16:27:44 +08:00
parent 1cc632b35b
commit 56ed286eaf
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/inm/views.py
View File

@ -13,6 +13,7 @@ from apps.inm.serializers import (
from apps.utils.viewsets import CustomGenericViewSet, CustomModelViewSet from apps.utils.viewsets import CustomGenericViewSet, CustomModelViewSet
from apps.inm.services import InmService from apps.inm.services import InmService
from apps.utils.mixins import BulkCreateModelMixin, BulkDestroyModelMixin, BulkUpdateModelMixin from apps.utils.mixins import BulkCreateModelMixin, BulkDestroyModelMixin, BulkUpdateModelMixin
from apps.utils.permission import has_perm
# Create your views here. # Create your views here.
@ -112,11 +113,14 @@ class MIOViewSet(ListModelMixin, BulkCreateModelMixin, BulkUpdateModelMixin, Des
出入库记录 出入库记录
""" """
perms_map = {'get': '*', 'post': 'mio.create',
'put': 'mio.update', 'delete': 'mio.delete'}
queryset = MIO.objects.all() queryset = MIO.objects.all()
select_related_fields = ['create_by', 'belong_dept', 'do_user', select_related_fields = ['create_by', 'belong_dept', 'do_user',
'submit_user', 'supplier', 'order', 'customer', 'pu_order'] 'submit_user', 'supplier', 'order', 'customer', 'pu_order']
serializer_class = MIOListSerializer serializer_class = MIOListSerializer
filterset_fields = ['state', 'type', 'pu_order', 'order'] filterset_fields = ['state', 'type', 'pu_order', 'order']
data_filter = True
def get_serializer(self, *args, **kwargs): def get_serializer(self, *args, **kwargs):
if self.action in ['create', 'update', 'partial_update']: if self.action in ['create', 'update', 'partial_update']:
@ -172,4 +176,6 @@ class MIOItemViewSet(ListModelMixin, BulkCreateModelMixin, BulkDestroyModelMixin
def perform_destroy(self, instance): def perform_destroy(self, instance):
if instance.state != MIO.MIO_CREATE: if instance.state != MIO.MIO_CREATE:
raise ParseError('出入库记录非创建中不可删除') raise ParseError('出入库记录非创建中不可删除')
if has_perm(self.request.user, ['mio.update']) is False and instance.mio.create_by != self.request.user:
raise PermissionDenied('无权限删除')
return super().perform_destroy(instance) return super().perform_destroy(instance)

6
apps/utils/viewsets.py
View File

@ -92,6 +92,7 @@ class CustomGenericViewSet(MyLoggingMixin, GenericViewSet):
queryset = queryset.select_related(*self.select_related_fields) queryset = queryset.select_related(*self.select_related_fields)
if self.prefetch_related_fields: if self.prefetch_related_fields:
queryset = queryset.prefetch_related(*self.prefetch_related_fields) queryset = queryset.prefetch_related(*self.prefetch_related_fields)
self.filter_customer(queryset)
if self.data_filter: if self.data_filter:
user = self.request.user user = self.request.user
if user.is_superuser: if user.is_superuser:
@ -128,6 +129,11 @@ class CustomGenericViewSet(MyLoggingMixin, GenericViewSet):
return queryset.none() return queryset.none()
return queryset return queryset
def filter_custom(self, queryset):
"""自定义过滤逻辑需要的时候可重写
"""
pass
def filter_s_a_b(self, queryset, dept): def filter_s_a_b(self, queryset, dept):
"""过滤同级及以下, 可重写 """过滤同级及以下, 可重写
""" """