From d03a40d04fe9b957830389eda0ddee31e479bf23 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E5=B0=8F=E6=B6=9B?= <1537080775@qq.com>
Date: Sat, 29 Jun 2024 11:46:45 +0800
Subject: [PATCH 1/2] =?UTF-8?q?feat(role=5Fmenu=5F20240628):=20=E4=BC=98?=
=?UTF-8?q?=E5=8C=96=E6=9D=83=E9=99=90=E9=85=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- 修复非管理员角色给其他角色分配权限的bug
- 修复列权限禁用判断逻辑
- 修复自定义数据权限部门判断逻辑
---
.../views/role_menu_button_permission.py | 41 ++++++++++++++-----
1 file changed, 30 insertions(+), 11 deletions(-)
diff --git a/backend/dvadmin/system/views/role_menu_button_permission.py b/backend/dvadmin/system/views/role_menu_button_permission.py
index 6be6a4714b..1965b3c937 100644
--- a/backend/dvadmin/system/views/role_menu_button_permission.py
+++ b/backend/dvadmin/system/views/role_menu_button_permission.py
@@ -198,6 +198,8 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
params = request.query_params
# 需要授权的角色信息
current_role = params.get('role', None)
+ # 当前登录用户的角色
+ role_list = request.user.role.values_list('id', flat=True)
if current_role is None:
return ErrorResponse(msg='参数错误')
is_superuser = request.user.is_superuser
@@ -243,20 +245,27 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
)
for column_item in menu_item.menufield_set.all():
+ # 需要授权角色已拥有的列权限
fieldpermission_queryset = column_item.menu_field.filter(role_id=current_role).first()
- query = fieldpermission_queryset.is_query if fieldpermission_queryset else None
- create = fieldpermission_queryset.is_create if fieldpermission_queryset else None
- update = fieldpermission_queryset.is_update if fieldpermission_queryset else None
+ is_query = fieldpermission_queryset.is_query if fieldpermission_queryset else None
+ is_create = fieldpermission_queryset.is_create if fieldpermission_queryset else None
+ is_update = fieldpermission_queryset.is_update if fieldpermission_queryset else None
+ # 当前登录用户角色可分配的列权限
+ fieldpermission_queryset_disabled = column_item.menu_field.filter(role_id__in=role_list).first()
+ disabled_query = fieldpermission_queryset_disabled.is_query if fieldpermission_queryset else None
+ disabled_create = fieldpermission_queryset_disabled.is_create if fieldpermission_queryset else None
+ disabled_update = fieldpermission_queryset_disabled.is_update if fieldpermission_queryset else None
+
dicts['columns'].append({
'id': column_item.id,
'field_name': column_item.field_name,
'title': column_item.title,
- 'is_query': query,
- 'is_create': create,
- 'is_update': update,
- 'disabled_query': False if is_superuser else not query,
- 'disabled_create': False if is_superuser else not create,
- 'disabled_update': False if is_superuser else not update,
+ 'is_query': is_query,
+ 'is_create': is_create,
+ 'is_update': is_update,
+ 'disabled_query': False if is_superuser else not disabled_query,
+ 'disabled_create': False if is_superuser else not disabled_create,
+ 'disabled_update': False if is_superuser else not disabled_update,
})
result.append(dicts)
return DetailResponse(data=result)
@@ -375,11 +384,21 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
"""
is_superuser = request.user.is_superuser
params = request.query_params
- role_id = params.get('role')
+ # 需要授权的角色信息
+ role_id = params.get('role', None)
+ # 当前登录用户的角色
+ role_list = request.user.role.values_list('id', flat=True)
+
menu_button_id = params.get('menu_button')
+ # 当前授权的角色已有的自定义部门权限
dept_checked = RoleMenuButtonPermission.objects.filter(
role_id=role_id, menu_button_id=menu_button_id
).values_list('dept', flat=True)
+ # 当前登录用户角色可以分配的自定义部门权限
+ dept_checked_disabled = RoleMenuButtonPermission.objects.filter(
+ role_id__in=role_list, menu_button_id=menu_button_id
+ ).values_list('dept', flat=True)
+
dept_list = Dept.objects.values('id', 'name', 'parent')
data = {
'depts': [],
@@ -387,7 +406,7 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
}
for dept in dept_list:
- dept["disabled"] = False if is_superuser else dept["id"] not in dept_checked
+ dept["disabled"] = False if is_superuser else dept["id"] not in dept_checked_disabled
data['depts'].append(dept)
return DetailResponse(data=data)
--
Gitee
From 453d1e38757b69c6f2d4455beed9c67bcdb0c26d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E5=B0=8F=E6=B6=9B?= <1537080775@qq.com>
Date: Sat, 29 Jun 2024 13:30:18 +0800
Subject: [PATCH 2/2] =?UTF-8?q?feat(role=5Fmenu=5F20240628):=20=E4=BC=98?=
=?UTF-8?q?=E5=8C=96=E6=9D=83=E9=99=90=E9=85=8D=E7=BD=AE?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- 优化保存菜单按钮错误bug
- 优化非管理员角色给其他角色分配列权限禁用逻辑
- 优化按钮自定义数据权限后端逻辑
---
.../views/role_menu_button_permission.py | 18 +++--------
.../components/PermissionComNew/index.vue | 32 ++++++++++++++-----
2 files changed, 29 insertions(+), 21 deletions(-)
diff --git a/backend/dvadmin/system/views/role_menu_button_permission.py b/backend/dvadmin/system/views/role_menu_button_permission.py
index 1965b3c937..e26d7effbb 100644
--- a/backend/dvadmin/system/views/role_menu_button_permission.py
+++ b/backend/dvadmin/system/views/role_menu_button_permission.py
@@ -241,9 +241,11 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
if rolemenubuttonpermission_queryset
else None,
'isCheck': bool(rolemenubuttonpermission_queryset),
+ 'dept': rolemenubuttonpermission_queryset.dept.all().values_list('id', flat=True)
+ if rolemenubuttonpermission_queryset
+ else [],
}
)
-
for column_item in menu_item.menufield_set.all():
# 需要授权角色已拥有的列权限
fieldpermission_queryset = column_item.menu_field.filter(role_id=current_role).first()
@@ -384,30 +386,20 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
"""
is_superuser = request.user.is_superuser
params = request.query_params
- # 需要授权的角色信息
- role_id = params.get('role', None)
# 当前登录用户的角色
role_list = request.user.role.values_list('id', flat=True)
menu_button_id = params.get('menu_button')
- # 当前授权的角色已有的自定义部门权限
- dept_checked = RoleMenuButtonPermission.objects.filter(
- role_id=role_id, menu_button_id=menu_button_id
- ).values_list('dept', flat=True)
# 当前登录用户角色可以分配的自定义部门权限
dept_checked_disabled = RoleMenuButtonPermission.objects.filter(
role_id__in=role_list, menu_button_id=menu_button_id
).values_list('dept', flat=True)
-
dept_list = Dept.objects.values('id', 'name', 'parent')
- data = {
- 'depts': [],
- 'dept_checked': [i for i in dept_checked if i is not None]
- }
+ data = []
for dept in dept_list:
dept["disabled"] = False if is_superuser else dept["id"] not in dept_checked_disabled
- data['depts'].append(dept)
+ data.append(dept)
return DetailResponse(data=data)
@action(methods=['get'], detail=False, permission_classes=[IsAuthenticated])
diff --git a/web/src/views/system/role/components/PermissionComNew/index.vue b/web/src/views/system/role/components/PermissionComNew/index.vue
index 31ca954143..0b1ca194b7 100644
--- a/web/src/views/system/role/components/PermissionComNew/index.vue
+++ b/web/src/views/system/role/components/PermissionComNew/index.vue
@@ -46,7 +46,8 @@
字段
-
+
{{ head.label }}
@@ -168,6 +169,10 @@ const getDataPermissionRangeLable = async () => {
dataPermissionRangeLabel.value = resRange.data;
}
+/**
+ * 获取按钮数据权限下拉选项
+ * @param btnId 按钮id
+ */
const fetchData = async (btnId: number) => {
try {
const resRange = await getDataPermissionRange({ menu_button: btnId });
@@ -197,18 +202,29 @@ const handleSettingClick = (record: MenuDataType, btn: MenuDataType['btns'][numb
fetchData(btn.id)
};
-const handleColumnChange = (val: boolean, record: MenuDataType, btnType: string) => {
+/**
+ * 设置列权限
+ * @param val 是否选中
+ * @param record 当前菜单
+ * @param btnType 按钮类型
+ * @param disabledType 禁用类型
+ */
+const handleColumnChange = (val: boolean, record: MenuDataType, btnType: string, disabledType: string) => {
for (const iterator of record.columns) {
- iterator[btnType] = val;
+ iterator[btnType] = iterator[disabledType] ? iterator[btnType] : val;
}
};
+/**
+ * 数据权限设置
+ */
const handlePermissionRangeChange = async (val: number) => {
if (val === 4) {
const res = await getDataPermissionDept({ role: props.roleId, menu_button: menuBtnCurrent.value });
- const depts = XEUtils.toArrayTree(res.data.depts, { parentKey: 'parent', strict: false });
+ const depts = XEUtils.toArrayTree(res.data, { parentKey: 'parent', strict: false });
deptData.value = depts;
- customDataPermission.value = res.data.dept_checked;
+ const btnObj = XEUtils.find(menuCurrent.value.btns, item => item.id === menuBtnCurrent.value)
+ customDataPermission.value = btnObj.dept;
}
};
@@ -255,9 +271,9 @@ const handleSavePermission = () => {
const column = reactive({
header: [
- { value: 'is_create', label: '新增可见',disabled:'disabled_create'},
- { value: 'is_update', label: '编辑可见' ,disabled:'disabled_update'},
- { value: 'is_query', label: '列表可见',disabled:'disabled_query' }
+ { value: 'is_create', label: '新增可见', disabled: 'disabled_create' },
+ { value: 'is_update', label: '编辑可见', disabled: 'disabled_update' },
+ { value: 'is_query', label: '列表可见', disabled: 'disabled_query' }
]
})
--
Gitee