rbac permission bug

apps/system/serializers.py

@@ -277,6 +277,11 @@ class UserPostSerializer(CustomModelSerializer):
         model = UserPost
         fields = '__all__'
 
+class UserPostCreateSerializer(CustomModelSerializer):
+    class Meta:
+        model = UserPost
+        exclude = EXCLUDE_FIELDS_BASE
+
 
 class UserInfoSerializer(CustomModelSerializer):
     posts_ = UserPostSerializer(source='post', read_only=True)

apps/system/views.py

@@ -29,7 +29,7 @@ from .serializers import (DeptCreateUpdateSerializer, DeptSerializer, DictCreate
                           FileSerializer, PermissionCreateUpdateSerializer, PermissionSerializer, PostCreateUpdateSerializer, PostSerializer,
                           PTaskCreateUpdateSerializer, PTaskResultSerializer,
                           PTaskSerializer, RoleCreateUpdateSerializer, RoleSerializer,
-                          UserCreateSerializer, UserListSerializer,
+                          UserCreateSerializer, UserListSerializer, UserPostCreateSerializer,
                           UserPostSerializer, UserUpdateSerializer)
 
 logger = logging.getLogger('log')
@@ -253,6 +253,7 @@ class UserPostViewSet(CreateModelMixin, DestroyModelMixin, ListModelMixin, Custo
     perms_map = {'get': '*', 'post': 'user_update', 'delete': 'user_update'}
     queryset = UserPost.objects.select_related('user', 'post', 'dept').all()
     serializer_class = UserPostSerializer
+    create_serializer_class = UserPostCreateSerializer
     filterset_fields = ['user', 'post', 'dept']
 
     def perform_create(self, serializer):

apps/utils/permission.py

@@ -47,7 +47,7 @@ class RbacPermission(BasePermission):
             return False
         user_perms_map = cache.get('perms_' + request.user.id, None)
         if user_perms_map is None:
-            user_perms_map = get_user_perms_map(self.request.user)
+            user_perms_map = get_user_perms_map(request.user)
         if isinstance(user_perms_map, dict):
             if 'superuser' in user_perms_map:
                 return True