hygc/hts-code-query-system-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 修复数据权限异常

Browse Source
This commit is contained in:
皓月归尘 2025-03-01 22:49:35 +08:00
parent 3d7021dc6b
commit 21c87d49d7
4 changed files with 20 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
api/code.py
View File

@ -485,6 +485,8 @@ async def get_code_log_list(request: Request,
else: else:
if department_id: if department_id:
filterArgs['operator__department__id'] = department_id filterArgs['operator__department__id'] = department_id
else:
filterArgs['operator__department__id'] = current_user.get("department_id")
count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count() count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count()
data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").offset( data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").offset(
(page - 1) * pageSize).limit(pageSize).values( (page - 1) * pageSize).limit(pageSize).values(
@ -545,6 +547,8 @@ async def get_code_log_list(request: Request,
else: else:
if department_id: if department_id:
filterArgs['operator__department__id'] = department_id filterArgs['operator__department__id'] = department_id
else:
filterArgs['operator__department__id'] = current_user.get("department_id")
count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count() count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count()
data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").values( data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").values(
id="id", id="id",
@ -757,6 +761,8 @@ async def feedback_list(request: Request,
else: else:
if department_id: if department_id:
filterArgs['user__department__id'] = department_id filterArgs['user__department__id'] = department_id
else:
filterArgs['user__department__id'] = current_user.get("department_id")
if status is not None: if status is not None:
filterArgs['status'] = int(status) filterArgs['status'] = int(status)
@ -913,6 +919,8 @@ async def get_code_import_list(
else: else:
if department_id: if department_id:
filterArgs['user__department__id'] = department_id filterArgs['user__department__id'] = department_id
else:
filterArgs['user__department__id'] = current_user.get("department_id")
if status is not None: if status is not None:
filterArgs['status'] = int(status) filterArgs['status'] = int(status)

8
api/department.py
View File

@ -79,8 +79,9 @@ async def delete_department_list(request: Request, params: DeleteListParams,
if department := await Department.get_or_none(id=item, del_flag=1): if department := await Department.get_or_none(id=item, del_flag=1):
if item in sub_departments: if item in sub_departments:
await delete_department_recursive(department_id=department.id) await delete_department_recursive(department_id=department.id)
if await request.app.state.redis.get(f'{RedisKeyConfig.USER_INFO.key}:*'): userInfos = await request.app.state.redis.keys(f'{RedisKeyConfig.USER_INFO.key}*')
await request.app.state.redis.delete(f'{RedisKeyConfig.USER_INFO.key}:*') if userInfos:
await request.app.state.redis.delete(*userInfos)
return Response.success(msg="删除成功!") return Response.success(msg="删除成功!")
@ -116,6 +117,9 @@ async def update_department(request: Request, params: AddDepartmentParams, id: s
department.sort = params.sort department.sort = params.sort
department.status = params.status department.status = params.status
await department.save() await department.save()
userInfos = await request.app.state.redis.keys(f'{RedisKeyConfig.USER_INFO.key}*')
if userInfos:
await request.app.state.redis.delete(*userInfos)
return Response.success(msg="修改成功!") return Response.success(msg="修改成功!")
else: else:
return Response.error(msg="修改失败,部门不存在!") return Response.error(msg="修改失败,部门不存在!")

2
api/log.py
View File

@ -67,6 +67,8 @@ async def get_login_log(request: Request,
filter(lambda x: x["user_id"] == user_id, jsonable_encoder(online_user_list))) filter(lambda x: x["user_id"] == user_id, jsonable_encoder(online_user_list)))
if department_id: if department_id:
filterArgs['user__department__id'] = department_id filterArgs['user__department__id'] = department_id
else:
filterArgs["user__department__id"] = current_user.get("department_id")
result = await LoginLog.filter(**filterArgs, user__del_flag=1, del_flag=1).offset( result = await LoginLog.filter(**filterArgs, user__del_flag=1, del_flag=1).offset(
(page - 1) * pageSize).limit(pageSize).values( (page - 1) * pageSize).limit(pageSize).values(
id="id", id="id",

4
api/role.py
View File

@ -197,9 +197,13 @@ async def get_role_list(
if await hasAuth(request, "role:btn:admin"): if await hasAuth(request, "role:btn:admin"):
if not department_id: if not department_id:
filterArgs["department__id__in"] = current_user.get("sub_departments") filterArgs["department__id__in"] = current_user.get("sub_departments")
else:
filterArgs["department__id"] = current_user.get("department_id")
else: else:
if department_id: if department_id:
filterArgs["department__id"] = department_id filterArgs["department__id"] = department_id
else:
filterArgs["department__id"] = current_user.get("department_id")
total = await Role.filter(**filterArgs, del_flag=1).count() total = await Role.filter(**filterArgs, del_flag=1).count()
data = await Role.filter(**filterArgs, del_flag=1).offset( data = await Role.filter(**filterArgs, del_flag=1).offset(
(page - 1) * pageSize).limit( (page - 1) * pageSize).limit(