From e44a3d7e4b76e7649701b423d95c83fffbac3770 Mon Sep 17 00:00:00 2001 From: caoqianming Date: Fri, 25 Feb 2022 17:00:35 +0800 Subject: [PATCH] =?UTF-8?q?=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C=E9=80=BB?= =?UTF-8?q?=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- hb_server/apps/system/permission.py | 27 +++++++++++++-------------- 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/hb_server/apps/system/permission.py b/hb_server/apps/system/permission.py index bcb94ac..7b218d3 100644 --- a/hb_server/apps/system/permission.py +++ b/hb_server/apps/system/permission.py @@ -8,6 +8,7 @@ def get_permission_list(user): """ 获取权限列表,可用redis存取 """ + perms_list = ['visitor'] if user.is_superuser: perms_list = ['admin'] else: @@ -43,21 +44,19 @@ class RbacPermission(BasePermission): perms = cache.get(request.user.username + '__perms') if not perms: perms = get_permission_list(request.user) - if perms: - if 'admin' in perms: - return True - elif not hasattr(view, 'perms_map'): - return True - else: - perms_map = view.perms_map - _method = request._request.method.lower() - if perms_map: - for key in perms_map: - if key == _method or key == '*': - if perms_map[key] in perms or perms_map[key] == '*': - return True - return False + + if 'admin' in perms: + return True + elif not hasattr(view, 'perms_map'): + return True else: + perms_map = view.perms_map + _method = request._request.method.lower() + if perms_map: + for key in perms_map: + if key == _method or key == '*': + if perms_map[key] in perms or perms_map[key] == '*': + return True return False def has_object_permission(self, request, view, obj):