python/fastapi-admin
1
0
Fork 0
mirror of https://github.com/fastapi-admin/fastapi-admin.git synced 2025-08-26 02:39:01 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix permissions

Browse Source
This commit is contained in:
long2ice
2020-04-21 18:16:27 +08:00
parent ccfd27ab1d
commit f592a4288e
2 changed files with 13 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
fastapi_admin/__init__.py
View File

@ -1,3 +1,3 @@
from . import routes
__version__ = '0.2.0'
__version__ = '0.2.1'

16
fastapi_admin/routes/site.py
View File

@ -27,12 +27,20 @@ async def site(
if app.permission and not user.is_superuser:
site_ = deepcopy(site_)
await user.fetch_related('roles')
for menu in filter(lambda x: (x.url and 'rest' in x.url) or x.children, site_.menus):
filter_menus = filter(lambda x: (x.url and 'rest' in x.url) or x.children, site_.menus)
hide_menus = []
for menu in filter_menus:
has_permission = False
if not has_permission:
for role in user.roles:
if await role.permissions.filter(model=menu.name):
for role in user.roles:
if not has_permission:
model = menu.url.split('/')[-1]
permission = await role.permissions.filter(model=model)
if permission:
has_permission = True
if not has_permission:
hide_menus.append(menu.url)
for menu in app.site.menus:
if menu.url in hide_menus:
site_.menus.remove(menu)
return site_.dict(by_alias=True, exclude_unset=True)