relation view bugfix

2019-12-08 00:20:55 +08:00 · 2019-12-08 00:20:55 +08:00 · fc11c5626e
parent 5669e253a9
commit fc11c5626e
3 changed files with 15 additions and 0 deletions
--- a/api/lib/perm/acl/acl.py
+++ b/api/lib/perm/acl/acl.py
@ -9,6 +9,7 @@ from flask import session, abort
 from api.lib.cmdb.const import ResourceTypeEnum as CmdbResourceType
 from api.lib.cmdb.const import RoleEnum
 from api.lib.perm.acl.cache import AppCache
+from api.lib.perm.acl.cache import RoleCache
 from api.lib.perm.acl.cache import UserCache
 from api.lib.perm.acl.permission import PermissionCRUD
 from api.lib.perm.acl.resource import ResourceCRUD
@ -123,6 +124,10 @@ def is_app_admin():
    if RoleEnum.CONFIG in session.get("acl", {}).get("parentRoles", []):
        return True

+    for role in session.get("acl", {}).get("parentRoles", []):
+        if RoleCache.get(role).is_app_admin:
+            return True
+
    return False


--- a/api/lib/perm/acl/role.py
+++ b/api/lib/perm/acl/role.py
@ -81,6 +81,9 @@ class RoleRelationCRUD(object):
    def add(parent_id, child_id):
        RoleRelation.get_by(parent_id=parent_id, child_id=child_id) and abort(400, "It's already existed")

+        RoleRelationCache.clean(parent_id)
+        RoleRelationCache.clean(child_id)
+
        return RoleRelation.create(parent_id=parent_id, child_id=child_id)

    @classmethod
@ -91,6 +94,9 @@ class RoleRelationCRUD(object):
        for child_id in child_ids:
            role_rebuild.apply_async(args=(child_id,), queue=ACL_QUEUE)

+        RoleRelationCache.clean(existed.parent_id)
+        RoleRelationCache.clean(existed.child_id)
+
        existed.soft_delete()

    @classmethod
@ -102,6 +108,9 @@ class RoleRelationCRUD(object):
        for child_id in child_ids:
            role_rebuild.apply_async(args=(child_id,), queue=ACL_QUEUE)

+        RoleRelationCache.clean(existed.parent_id)
+        RoleRelationCache.clean(existed.child_id)
+
        existed.soft_delete()


--- a/api/views/acl/user.py
+++ b/api/views/acl/user.py
@ -20,6 +20,7 @@ class GetUserInfoView(APIView):
        name = session.get("CAS_USERNAME") or current_user.nickname
        role = dict(permissions=session.get("acl", {}).get("parentRoles", []))
        avatar = current_user.avatar
+
        return self.jsonify(result=dict(name=name,
                                        role=role,
                                        avatar=avatar))