UnisKB/apps/system_manage/views/user_resource_permission.py

# coding=utf-8
"""
    @project: MaxKB
    @Author：虎虎
    @file： workspace_user_resource_permission.py
    @date：2025/4/28 16:38
    @desc:
"""
from django.db.models import QuerySet
from django.utils.translation import gettext_lazy as _
from drf_spectacular.utils import extend_schema
from rest_framework.request import Request
from rest_framework.views import APIView

from common import result
from common.auth import TokenAuth
from common.auth.authentication import has_permissions
from common.constants.permission_constants import PermissionConstants, RoleConstants
from common.log.log import log
from common.result import DefaultResultSerializer
from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI
from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
from users.models import User


def get_user_operation_object(user_id):
    user_model = QuerySet(model=User).filter(id=user_id).first()
    if user_model is not None:
        return {
            "name": user_model.username
        }
    return {}


class WorkSpaceUserResourcePermissionView(APIView):
    authentication_classes = [TokenAuth]

    @extend_schema(
        methods=['GET'],
        description=_('Obtain resource authorization list'),
        operation_id=_('Obtain resource authorization list'),  # type: ignore
        parameters=UserResourcePermissionAPI.get_parameters(),
        responses=UserResourcePermissionAPI.get_response(),
        tags=[_('Resources authorization')]  # type: ignore
    )
    @has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_READ.get_workspace_permission(),
                     RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
    def get(self, request: Request, workspace_id: str, user_id: str):
        return result.success(UserResourcePermissionSerializer(
            data={'workspace_id': workspace_id, 'user_id': user_id}
        ).list(request.user))

    @extend_schema(
        methods=['PUT'],
        description=_('Modify the resource authorization list'),
        operation_id=_('Modify the resource authorization list'),  # type: ignore
        parameters=UserResourcePermissionAPI.get_parameters(),
        request=EditUserResourcePermissionAPI.get_request(),
        responses=DefaultResultSerializer(),
        tags=[_('Resources authorization')]  # type: ignore
    )
    @log(menu='System', operate='Modify the resource authorization list',
         get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))
         )
    @has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_EDIT.get_workspace_permission(),
                     RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
    def put(self, request: Request, workspace_id: str, user_id: str):
        return result.success(UserResourcePermissionSerializer(
            data={'workspace_id': workspace_id, 'user_id': user_id}
        ).edit(request.data, request.user))
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								# coding=utf-8
 								"""
 								    @project: MaxKB
 								    @Author：虎虎
 								    @file： workspace_user_resource_permission.py
 								    @date：2025/4/28 16:38
 								    @desc:
 								"""
-												feat: System operate log

											
										
										
											2025-06-05 06:08:24 +00:00
+								from django.db.models import QuerySet
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								from django.utils.translation import gettext_lazy as _
 								from drf_spectacular.utils import extend_schema
 								from rest_framework.request import Request
 								from rest_framework.views import APIView
 								from common import result
 								from common.auth import TokenAuth
 								from common.auth.authentication import has_permissions
-												fix: permission role (#3295)


											
										
										
											2025-06-18 09:07:38 +00:00
+								from common.constants.permission_constants import PermissionConstants, RoleConstants
-												feat: System operate log

											
										
										
											2025-06-05 06:08:24 +00:00
+								from common.log.log import log
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								from common.result import DefaultResultSerializer
 								from system_manage.api.user_resource_permission import UserResourcePermissionAPI, EditUserResourcePermissionAPI
 								from system_manage.serializers.user_resource_permission import UserResourcePermissionSerializer
-												feat: System operate log

											
										
										
											2025-06-05 06:08:24 +00:00
+								from users.models import User
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
-												feat: System operate log

											
										
										
											2025-06-05 06:08:24 +00:00
+								def get_user_operation_object(user_id):
 								    user_model = QuerySet(model=User).filter(id=user_id).first()
 								    if user_model is not None:
 								        return {
 								            "name": user_model.username
 								        }
 								    return {}
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
-												fix: permission role (#3295)


											
										
										
											2025-06-18 09:07:38 +00:00
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								class WorkSpaceUserResourcePermissionView(APIView):
 								    authentication_classes = [TokenAuth]
 								    @extend_schema(
 								        methods=['GET'],
 								        description=_('Obtain resource authorization list'),
-												fix: add type ignore comments for operation_id and tags in various API schemas

											
										
										
											2025-05-09 03:29:05 +00:00
+								        operation_id=_('Obtain resource authorization list'),  # type: ignore
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								        parameters=UserResourcePermissionAPI.get_parameters(),
 								        responses=UserResourcePermissionAPI.get_response(),
-												fix: add type ignore comments for operation_id and tags in various API schemas

											
										
										
											2025-05-09 03:29:05 +00:00
+								        tags=[_('Resources authorization')]  # type: ignore
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								    )
-												fix: permission role (#3295)


											
										
										
											2025-06-18 09:07:38 +00:00
+								    @has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_READ.get_workspace_permission(),
 								                     RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
-												feat: Resources authorization (#3183)


											
										
										
											2025-06-04 05:05:39 +00:00
+								    def get(self, request: Request, workspace_id: str, user_id: str):
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								        return result.success(UserResourcePermissionSerializer(
-												feat: Resources authorization (#3183)


											
										
										
											2025-06-04 05:05:39 +00:00
+								            data={'workspace_id': workspace_id, 'user_id': user_id}
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								        ).list(request.user))
 								    @extend_schema(
 								        methods=['PUT'],
 								        description=_('Modify the resource authorization list'),
-												fix: add type ignore comments for operation_id and tags in various API schemas

											
										
										
											2025-05-09 03:29:05 +00:00
+								        operation_id=_('Modify the resource authorization list'),  # type: ignore
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								        parameters=UserResourcePermissionAPI.get_parameters(),
 								        request=EditUserResourcePermissionAPI.get_request(),
 								        responses=DefaultResultSerializer(),
-												fix: add type ignore comments for operation_id and tags in various API schemas

											
										
										
											2025-05-09 03:29:05 +00:00
+								        tags=[_('Resources authorization')]  # type: ignore
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								    )
-												feat: System operate log

											
										
										
											2025-06-05 06:08:24 +00:00
+								    @log(menu='System', operate='Modify the resource authorization list',
 								         get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id'))
 								         )
-												fix: permission role (#3295)


											
										
										
											2025-06-18 09:07:38 +00:00
+								    @has_permissions(PermissionConstants.WORKSPACE_USER_RESOURCE_PERMISSION_EDIT.get_workspace_permission(),
 								                     RoleConstants.ADMIN, RoleConstants.WORKSPACE_MANAGE.get_workspace_role())
-												feat: Resources authorization (#3183)


											
										
										
											2025-06-04 05:05:39 +00:00
+								    def put(self, request: Request, workspace_id: str, user_id: str):
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								        return result.success(UserResourcePermissionSerializer(
-												feat: Resources authorization (#3183)


											
										
										
											2025-06-04 05:05:39 +00:00
+								            data={'workspace_id': workspace_id, 'user_id': user_id}
-												feat: Resources authorization (#3039)

 
											
										
										
											2025-05-06 10:35:11 +00:00
+								        ).edit(request.data, request.user))