fix(backend): 业务单据协作设置权限 #8427

TencentBlueKing · Dec 5, 2024 · e25a00a · e25a00a
1 parent 83ada3e
commit e25a00a
Show file tree

Hide file tree

Showing 6 changed files with 1,644 additions and 1,156 deletions.
diff --git a/dbm-ui/backend/configuration/models/system.py b/dbm-ui/backend/configuration/models/system.py
@@ -59,6 +59,27 @@ def insert_setting_value(
             **key,
         )
 
+    @classmethod
+    def batch_insert_setting_value(cls, bk_biz_id: int, settings: [dict], user: str = "admin"):
+        """批量插入多条配置记录"""
+        for record in settings:
+            obj, created = cls.objects.get_or_create(
+                defaults={
+                    "value": record["value"],
+                    "desc": constants.BizSettingsEnum.get_choice_label(record["key"]),
+                    "updater": user,
+                    "type": record.get("type", "str"),
+                },
+                key=record["key"],
+                bk_biz_id=bk_biz_id,
+            )
+            if not created:
+                obj.value = record["value"]
+                obj.desc = constants.BizSettingsEnum.get_choice_label(record["key"])
+                obj.updater = user
+                obj.type = record.get("type", "str")
+                obj.save()
+
     class Meta:
         abstract = True
 
@@ -156,6 +177,10 @@ def insert_setting_value(cls, bk_biz_id: int, key: str, value: Any, value_type:
             desc=constants.BizSettingsEnum.get_choice_label(key),
         )
 
+    @classmethod
+    def batch_insert_setting_value(cls, bk_biz_id: int, settings: [dict], user: str = "admin"):
+        return super().batch_insert_setting_value(bk_biz_id=bk_biz_id, settings=settings, user=user)
+
     @classmethod
     def get_exact_hosting_biz(cls, bk_biz_id: int, cluster_type: str) -> int:
         """

diff --git a/dbm-ui/backend/configuration/serializers.py b/dbm-ui/backend/configuration/serializers.py
@@ -53,13 +53,25 @@ class Meta:
         swagger_schema_fields = {"example": BIZ_SETTINGS_DATA}
 
 
-class UpdateBizSettingsSerializer(serializers.Serializer):
-    bk_biz_id = serializers.IntegerField(help_text=_("业务ID"))
+class BizSettingSerializer(serializers.Serializer):
+    """单个业务设置的序列化器"""
+
     key = serializers.CharField(help_text=_("更新key"))
     value = serializers.JSONField(help_text=_("更新value"))
     value_type = serializers.CharField(help_text=_("value类型"), default="dict", required=False)
 
 
+class UpdateBizSettingsSerializer(BizSettingSerializer):
+    bk_biz_id = serializers.IntegerField(help_text=_("业务ID"))
+
+
+class BatchUpdateBizSettingsSerializer(serializers.Serializer):
+    """用于批量更新业务设置的序列化器"""
+
+    bk_biz_id = serializers.IntegerField(help_text=_("业务ID"))
+    settings = BizSettingSerializer(many=True, help_text=_("业务设置列表"))
+
+
 class ProfileSerializer(serializers.Serializer):
     label = serializers.CharField(required=True, max_length=LEN_SHORT)
     values = serializers.JSONField()

diff --git a/dbm-ui/backend/configuration/views/system.py b/dbm-ui/backend/configuration/views/system.py
@@ -20,6 +20,7 @@
 from backend.configuration.constants import DISK_CLASSES, SystemSettingsEnum
 from backend.configuration.models.system import BizSettings, SystemSettings
 from backend.configuration.serializers import (
+    BatchUpdateBizSettingsSerializer,
     BizSettingsSerializer,
     ListBizSettingsResponseSerializer,
     ListBizSettingsSerializer,
@@ -31,6 +32,7 @@
 from backend.flow.utils.cc_manage import CcManage
 from backend.iam_app.dataclass.actions import ActionEnum
 from backend.iam_app.handlers.drf_perm.base import DBManagePermission, RejectPermission, ResourceActionPermission
+from backend.iam_app.handlers.drf_perm.dbconfig import BizAssistancePermission
 
 tags = [_("系统设置")]
 
@@ -131,7 +133,9 @@ class BizSettingsViewSet(viewsets.AuditedModelViewSet):
     serializer_class = BizSettingsSerializer
     queryset = BizSettings.objects.all()
 
-    action_permission_map = {}
+    action_permission_map = {
+        ("batch_update_settings",): [BizAssistancePermission()],
+    }
     default_permission_class = [DBManagePermission()]
 
     @common_swagger_auto_schema(
@@ -174,3 +178,14 @@ def update_settings(self, request, *args, **kwargs):
         setting_data = self.params_validate(self.get_serializer_class())
         BizSettings.insert_setting_value(**setting_data, user=request.user.username)
         return Response()
+
+    @common_swagger_auto_schema(
+        operation_summary=_("批量更新业务设置列表键值"),
+        request_body=BatchUpdateBizSettingsSerializer(),
+        tags=tags,
+    )
+    @action(detail=False, methods=["POST"], serializer_class=BatchUpdateBizSettingsSerializer)
+    def batch_update_settings(self, request, *args, **kwargs):
+        setting_data = self.params_validate(self.get_serializer_class())
+        BizSettings.batch_insert_setting_value(**setting_data, user=request.user.username)
+        return Response()
diff --git a/dbm-ui/backend/iam_app/dataclass/actions.py b/dbm-ui/backend/iam_app/dataclass/actions.py
@@ -173,6 +173,16 @@ class ActionEnum:
         group=_("业务配置"),
     )
 
+    BATCH_UPDATE_SETTINGS_CONFIG = ActionMeta(
+        id="batch_update_settings_config",
+        name=_("单据协助设置"),
+        name_en="batch_update_settings_config",
+        type="edit",
+        related_actions=[DB_MANAGE.id],
+        related_resource_types=[ResourceEnum.BUSINESS],
+        group=_("业务配置"),
+    )
+
     RESOURCE_MANAGE = ActionMeta(
         id="resource_manage",
         name=_("资源管理访问"),

diff --git a/dbm-ui/backend/iam_app/handlers/drf_perm/dbconfig.py b/dbm-ui/backend/iam_app/handlers/drf_perm/dbconfig.py
@@ -13,7 +13,7 @@
 
 from backend.db_meta.enums import ClusterType
 from backend.iam_app.dataclass import ResourceEnum
-from backend.iam_app.dataclass.actions import ActionMeta
+from backend.iam_app.dataclass.actions import ActionEnum, ActionMeta
 from backend.iam_app.handlers.drf_perm.base import (
     BizDBTypeResourceActionPermission,
     ResourceActionPermission,
@@ -54,3 +54,22 @@ def __init__(self, actions: List[ActionMeta] = None):
     @staticmethod
     def instance_dbtype_getter(request, view):
         return BizDBConfigPermission.instance_dbtype_getter(request, view)
+
+
+class BizAssistancePermission(ResourceActionPermission):
+    """
+    业务单据协作相关鉴权
+    """
+
+    def inst_ids_getter(self, request, view):
+        data = request.data
+        try:
+            self.actions = [getattr(ActionEnum, f"{view.action.upper()}_config".upper())]
+            self.resource_meta = ResourceEnum.BUSINESS
+        except AttributeError:
+            raise NotImplementedError
+
+        return [data["bk_biz_id"]]
+
+    def __init__(self):
+        super().__init__(actions=None, resource_meta=None, instance_ids_getter=self.inst_ids_getter)