相关方data filter
This commit is contained in:
曹前明
parent
f0ee937af7
commit
d7cdca48a6
|
|
@ -27,6 +27,7 @@ class RpartyViewSet(CustomModelViewSet):
|
|||
update_serializer_class = RpartyCreateUpdateSerializer
|
||||
serializer_class = RpartySerializer
|
||||
select_related_fields = ['admin', 'belong_dept']
|
||||
data_filter = True
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
|
|
@ -80,6 +81,8 @@ class RfileViewSet(ListModelMixin, CustomGenericViewSet):
|
|||
list_serializer_class = RfileListSerializer
|
||||
filterset_fields = ['file_cate']
|
||||
ordering = ['file_cate__sort', 'file_cate__create_time']
|
||||
data_filter = True
|
||||
data_filter_field = 'rparty__dept'
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
|
|
@ -90,13 +93,16 @@ class RfileViewSet(ListModelMixin, CustomGenericViewSet):
|
|||
|
||||
|
||||
class RemployeeViewSet(CustomModelViewSet):
|
||||
perms_map = {'get': 'remployee.view', 'post': 'remployee.create', 'put': 'remployee.update', 'delete': 'remployee.update'}
|
||||
perms_map = {'get': 'remployee.view', 'post': 'remployee.create',
|
||||
'put': 'remployee.update', 'delete': 'remployee.update'}
|
||||
queryset = Remployee.objects.all()
|
||||
create_serializer_class = RemployeeCreateSerializer
|
||||
update_serializer_class = RemployeeUpdateSerializer
|
||||
serializer_class = RemployeeSerializer
|
||||
search_fields = ['name', 'phone', 'id_number']
|
||||
filterset_fields = ['rparty']
|
||||
data_filter = True
|
||||
data_filter_field = 'rparty__dept'
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
|
|
@ -128,12 +134,15 @@ class RemployeeViewSet(CustomModelViewSet):
|
|||
|
||||
|
||||
class RcertificateViewSet(CustomModelViewSet):
|
||||
perms_map = {'get': 'rcetificate.view', 'post': 'rcetificate.create', 'put': 'rcetificate.update', 'delete': 'rcetificate.update'}
|
||||
perms_map = {'get': 'rcertificate.view', 'post': 'rcertificate.create',
|
||||
'put': 'rcertificate.update', 'delete': 'rcertificate.update'}
|
||||
queryset = Rcertificate.objects.all()
|
||||
create_serializer_class = RcertificateCreateUpdateSerializer
|
||||
update_serializer_class = RcertificateCreateUpdateSerializer
|
||||
serializer_class = RcertificateSerializer
|
||||
filterset_fields = ['remployee', 'remployee__rparty']
|
||||
data_filter = True
|
||||
data_filter_field = 'remployee__rparty__dept'
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
|
|
@ -151,6 +160,8 @@ class RpjViewSet(CustomModelViewSet):
|
|||
select_related_fields = ['rparty', 'belong_dept', 'ticket', 'ticket__state']
|
||||
search_fields = ['name']
|
||||
filterset_class = RpjFilterSet
|
||||
data_filter = True
|
||||
data_filter_field = 'rparty__dept'
|
||||
|
||||
def get_queryset(self):
|
||||
queryset = super().get_queryset()
|
||||
|
|
@ -173,7 +184,7 @@ class RpjViewSet(CustomModelViewSet):
|
|||
# 同步创建需要提交的资料
|
||||
for i in Dictionary.objects.filter(type__code='rparty_file_cate').order_by('sort'):
|
||||
Rpjfile.objects.create(rpj=ins, file_cate=i)
|
||||
return Response(status=201, data = {'id': ins.id})
|
||||
return Response(status=201, data={'id': ins.id})
|
||||
|
||||
def update(self, request, *args, **kwargs):
|
||||
obj = self.get_object()
|
||||
|
|
|
|||
|
|
@ -36,6 +36,7 @@ class CustomGenericViewSet(MyLoggingMixin, GenericViewSet):
|
|||
prefetch_related_fields = []
|
||||
permission_classes = [IsAuthenticated & RbacPermission]
|
||||
data_filter = False # 数据权限过滤是否开启(需要RbacPermission)
|
||||
data_filter_field = 'belong_dept'
|
||||
|
||||
def get_serializer_class(self):
|
||||
action_serializer_name = f"{self.action}_serializer_class"
|
||||
|
|
@ -60,44 +61,71 @@ class CustomGenericViewSet(MyLoggingMixin, GenericViewSet):
|
|||
if self.data_filter:
|
||||
if self.request.user.is_superuser:
|
||||
return queryset
|
||||
if hasattr(queryset.model, 'belong_dept'):
|
||||
user = self.request.user
|
||||
user_perms_map = cache.get('perms_' + user.id, None)
|
||||
if user_perms_map is None:
|
||||
user_perms_map = get_user_perms_map(self.request.user)
|
||||
if isinstance(user_perms_map, dict):
|
||||
if hasattr(self, 'perms_map'):
|
||||
perms_map = self.perms_map
|
||||
action_str = perms_map.get(self.request._request.method.lower(), None)
|
||||
if '*' in perms_map:
|
||||
return queryset
|
||||
elif action_str == '*':
|
||||
return queryset
|
||||
elif action_str in user_perms_map:
|
||||
new_queryset = queryset.none()
|
||||
for dept_id, data_range in user_perms_map[action_str].items():
|
||||
dept = Dept.objects.get(id=dept_id)
|
||||
if data_range == DataFilter.ALL:
|
||||
return queryset
|
||||
elif data_range == DataFilter.SAMELEVE_AND_BELOW:
|
||||
if dept.parent:
|
||||
belong_depts = get_child_queryset2(dept.parent)
|
||||
else:
|
||||
belong_depts = get_child_queryset2(dept)
|
||||
queryset = queryset.filter(belong_dept__in=belong_depts)
|
||||
elif data_range == DataFilter.THISLEVEL_AND_BELOW:
|
||||
belong_depts = get_child_queryset2(dept)
|
||||
queryset = queryset.filter(belong_dept__in=belong_depts)
|
||||
elif data_range == DataFilter.THISLEVEL:
|
||||
queryset = queryset.filter(belong_dept=dept)
|
||||
elif data_range == DataFilter.MYSELF:
|
||||
queryset = queryset.filter(create_by=user)
|
||||
new_queryset = new_queryset | queryset
|
||||
return new_queryset
|
||||
else:
|
||||
return queryset.none()
|
||||
# if hasattr(queryset.model, 'belong_dept'):
|
||||
user = self.request.user
|
||||
user_perms_map = cache.get('perms_' + user.id, None)
|
||||
if user_perms_map is None:
|
||||
user_perms_map = get_user_perms_map(self.request.user)
|
||||
if isinstance(user_perms_map, dict):
|
||||
if hasattr(self, 'perms_map'):
|
||||
perms_map = self.perms_map
|
||||
action_str = perms_map.get(self.request._request.method.lower(), None)
|
||||
if '*' in perms_map:
|
||||
return queryset
|
||||
elif action_str == '*':
|
||||
return queryset
|
||||
elif action_str in user_perms_map:
|
||||
new_queryset = queryset.none()
|
||||
for dept_id, data_range in user_perms_map[action_str].items():
|
||||
dept = Dept.objects.get(id=dept_id)
|
||||
if data_range == DataFilter.ALL:
|
||||
return queryset
|
||||
elif data_range == DataFilter.SAMELEVE_AND_BELOW:
|
||||
queryset = self.filter_s_a_b(queryset, dept)
|
||||
elif data_range == DataFilter.THISLEVEL_AND_BELOW:
|
||||
queryset = self.filter_t_a_b(queryset, dept)
|
||||
elif data_range == DataFilter.THISLEVEL:
|
||||
queryset = self.filter_t(queryset, dept)
|
||||
elif data_range == DataFilter.MYSELF:
|
||||
queryset = queryset.filter(create_by=user)
|
||||
new_queryset = new_queryset | queryset
|
||||
return new_queryset
|
||||
else:
|
||||
return queryset.none()
|
||||
return queryset
|
||||
|
||||
def filter_s_a_b(self, queryset, dept):
|
||||
"""过滤同级及以下, 可重写
|
||||
"""
|
||||
if hasattr(queryset.model, 'belong_dept'):
|
||||
if dept.parent:
|
||||
belong_depts = get_child_queryset2(dept.parent)
|
||||
else:
|
||||
belong_depts = get_child_queryset2(dept)
|
||||
whereis = {self.data_filter_field + '__in': belong_depts}
|
||||
queryset = queryset.filter(**whereis)
|
||||
return queryset
|
||||
return queryset.filter(create_by=self.request.user)
|
||||
|
||||
def filter_t_a_b(self, queryset, dept):
|
||||
"""过滤本级及以下, 可重写
|
||||
"""
|
||||
if hasattr(queryset.model, 'belong_dept'):
|
||||
belong_depts = get_child_queryset2(dept)
|
||||
whereis = {self.data_filter_field + '__in': belong_depts}
|
||||
queryset = queryset.filter(**whereis)
|
||||
return queryset
|
||||
return queryset.filter(create_by=self.request.user)
|
||||
|
||||
def filter_t(self, queryset, dept):
|
||||
"""过滤本级, 可重写
|
||||
"""
|
||||
if hasattr(queryset.model, 'belong_dept'):
|
||||
whereis = {self.data_filter_field: dept}
|
||||
queryset = queryset.filter(whereis)
|
||||
return queryset
|
||||
return queryset.filter(create_by=self.request.user)
|
||||
|
||||
|
||||
class CustomModelViewSet(CreateModelMixin, UpdateModelMixin, ListModelMixin,
|
||||
RetrieveModelMixin, DestroyModelMixin, CustomGenericViewSet):
|
||||
|
|
|
|||
Loading…
Reference in New Issue