Skip to content

Commit

Permalink
fix(backend): 业务单据协作设置权限 #8427
Browse files Browse the repository at this point in the history
  • Loading branch information
ygcyao committed Dec 6, 2024
1 parent 83ada3e commit 3adb193
Show file tree
Hide file tree
Showing 6 changed files with 1,641 additions and 1,156 deletions.
13 changes: 13 additions & 0 deletions dbm-ui/backend/configuration/models/system.py
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,19 @@ def insert_setting_value(cls, bk_biz_id: int, key: str, value: Any, value_type:
desc=constants.BizSettingsEnum.get_choice_label(key),
)

@classmethod
def batch_insert_setting_value(cls, bk_biz_id: int, settings: [dict], user: str = "admin"):
# 遍历列表插入配置记录
for record in settings:
super().insert_setting_value(
key={"key": record["key"], "bk_biz_id": bk_biz_id},
value=record["value"],
value_type=record.get("type", "str"),
user=user,
desc=constants.BizSettingsEnum.get_choice_label(record["key"]),
)
return

@classmethod
def get_exact_hosting_biz(cls, bk_biz_id: int, cluster_type: str) -> int:
"""
Expand Down
16 changes: 14 additions & 2 deletions dbm-ui/backend/configuration/serializers.py
Original file line number Diff line number Diff line change
Expand Up @@ -53,13 +53,25 @@ class Meta:
swagger_schema_fields = {"example": BIZ_SETTINGS_DATA}


class UpdateBizSettingsSerializer(serializers.Serializer):
bk_biz_id = serializers.IntegerField(help_text=_("业务ID"))
class BizSettingSerializer(serializers.Serializer):
"""单个业务设置的序列化器"""

key = serializers.CharField(help_text=_("更新key"))
value = serializers.JSONField(help_text=_("更新value"))
value_type = serializers.CharField(help_text=_("value类型"), default="dict", required=False)


class UpdateBizSettingsSerializer(BizSettingSerializer):
bk_biz_id = serializers.IntegerField(help_text=_("业务ID"))


class BatchUpdateBizSettingsSerializer(serializers.Serializer):
"""用于批量更新业务设置的序列化器"""

bk_biz_id = serializers.IntegerField(help_text=_("业务ID"))
settings = BizSettingSerializer(many=True, help_text=_("业务设置列表"))


class ProfileSerializer(serializers.Serializer):
label = serializers.CharField(required=True, max_length=LEN_SHORT)
values = serializers.JSONField()
Expand Down
17 changes: 16 additions & 1 deletion dbm-ui/backend/configuration/views/system.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@
from backend.configuration.constants import DISK_CLASSES, SystemSettingsEnum
from backend.configuration.models.system import BizSettings, SystemSettings
from backend.configuration.serializers import (
BatchUpdateBizSettingsSerializer,
BizSettingsSerializer,
ListBizSettingsResponseSerializer,
ListBizSettingsSerializer,
Expand All @@ -31,6 +32,7 @@
from backend.flow.utils.cc_manage import CcManage
from backend.iam_app.dataclass.actions import ActionEnum
from backend.iam_app.handlers.drf_perm.base import DBManagePermission, RejectPermission, ResourceActionPermission
from backend.iam_app.handlers.drf_perm.dbconfig import BizAssistancePermission

tags = [_("系统设置")]

Expand Down Expand Up @@ -131,7 +133,9 @@ class BizSettingsViewSet(viewsets.AuditedModelViewSet):
serializer_class = BizSettingsSerializer
queryset = BizSettings.objects.all()

action_permission_map = {}
action_permission_map = {
("batch_update_settings",): [BizAssistancePermission()],
}
default_permission_class = [DBManagePermission()]

@common_swagger_auto_schema(
Expand Down Expand Up @@ -174,3 +178,14 @@ def update_settings(self, request, *args, **kwargs):
setting_data = self.params_validate(self.get_serializer_class())
BizSettings.insert_setting_value(**setting_data, user=request.user.username)
return Response()

@common_swagger_auto_schema(
operation_summary=_("批量更新业务设置列表键值"),
request_body=BatchUpdateBizSettingsSerializer(),
tags=tags,
)
@action(detail=False, methods=["POST"], serializer_class=BatchUpdateBizSettingsSerializer)
def batch_update_settings(self, request, *args, **kwargs):
setting_data = self.params_validate(self.get_serializer_class())
BizSettings.batch_insert_setting_value(**setting_data, user=request.user.username)
return Response()
10 changes: 10 additions & 0 deletions dbm-ui/backend/iam_app/dataclass/actions.py
Original file line number Diff line number Diff line change
Expand Up @@ -173,6 +173,16 @@ class ActionEnum:
group=_("业务配置"),
)

BIZ_ASSISTANCE_VARS_CONFIG = ActionMeta(
id="biz_assistance_vars_config",
name=_("业务协助设置"),
name_en="biz_assistance_vars_config",
type="edit",
related_actions=[DB_MANAGE.id],
related_resource_types=[ResourceEnum.BUSINESS],
group=_("业务配置"),
)

RESOURCE_MANAGE = ActionMeta(
id="resource_manage",
name=_("资源管理访问"),
Expand Down
30 changes: 29 additions & 1 deletion dbm-ui/backend/iam_app/handlers/drf_perm/dbconfig.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,10 @@

from typing import List

from backend.configuration.constants import BizSettingsEnum
from backend.db_meta.enums import ClusterType
from backend.iam_app.dataclass import ResourceEnum
from backend.iam_app.dataclass.actions import ActionMeta
from backend.iam_app.dataclass.actions import ActionEnum, ActionMeta
from backend.iam_app.handlers.drf_perm.base import (
BizDBTypeResourceActionPermission,
ResourceActionPermission,
Expand Down Expand Up @@ -54,3 +55,30 @@ def __init__(self, actions: List[ActionMeta] = None):
@staticmethod
def instance_dbtype_getter(request, view):
return BizDBConfigPermission.instance_dbtype_getter(request, view)


class BizAssistancePermission(ResourceActionPermission):
"""
业务单据协作相关鉴权
"""

def inst_ids_getter(self, request, view):
data = request.data
valid_keys = {BizSettingsEnum.BIZ_ASSISTANCE_VARS.value, BizSettingsEnum.BIZ_ASSISTANCE_SWITCH.value}
try:
# 检查 data["settings"] 中的任意一个字典的 "key" 是否在 valid_keys 中
if any(setting["key"] in valid_keys for setting in data.get("settings", [])):
# 如果有至少一个 key 在 valid_keys 中
self.actions = [getattr(ActionEnum, "BIZ_ASSISTANCE_VARS_CONFIG")]
else:
# 如果所有的 key 都不在 valid_keys 中
self.actions = []

self.resource_meta = ResourceEnum.BUSINESS
except AttributeError:
raise NotImplementedError

return [data["bk_biz_id"]]

def __init__(self):
super().__init__(actions=None, resource_meta=None, instance_ids_getter=self.inst_ids_getter)
Loading

0 comments on commit 3adb193

Please sign in to comment.