zcdsj
/
hberp
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

权限校验逻辑

This commit is contained in:
caoqianming 2022-02-25 17:00:35 +08:00
parent bd904eaa73
commit e44a3d7e4b
1 changed files with 13 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
hb_server/apps/system/permission.py
View File

@ -8,6 +8,7 @@ def get_permission_list(user):
""" """
获取权限列表,可用redis存取 获取权限列表,可用redis存取
""" """
perms_list = ['visitor']
if user.is_superuser: if user.is_superuser:
perms_list = ['admin'] perms_list = ['admin']
else: else:
@ -43,7 +44,7 @@ class RbacPermission(BasePermission):
perms = cache.get(request.user.username + '__perms') perms = cache.get(request.user.username + '__perms')
if not perms: if not perms:
perms = get_permission_list(request.user) perms = get_permission_list(request.user)
if perms:
if 'admin' in perms: if 'admin' in perms:
return True return True
elif not hasattr(view, 'perms_map'): elif not hasattr(view, 'perms_map'):
@ -57,8 +58,6 @@ class RbacPermission(BasePermission):
if perms_map[key] in perms or perms_map[key] == '*': if perms_map[key] in perms or perms_map[key] == '*':
return True return True
return False return False
else:
return False
def has_object_permission(self, request, view, obj): def has_object_permission(self, request, view, obj):
""" """