fix: 修复普通用户也能获取下属部门的数据
This commit is contained in:
10
api/role.py
10
api/role.py
@@ -10,7 +10,7 @@ from typing import Optional
|
||||
from fastapi import APIRouter, Depends, Path, Query, Request
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
from annotation.auth import Auth
|
||||
from annotation.auth import Auth, hasAuth
|
||||
from annotation.log import Log
|
||||
from config.constant import BusinessType, RedisKeyConfig
|
||||
from controller.login import LoginController
|
||||
@@ -194,8 +194,12 @@ async def get_role_list(
|
||||
"status": status
|
||||
}.items() if v
|
||||
}
|
||||
if not department_id:
|
||||
filterArgs["department__id__in"] = current_user.get("sub_departments")
|
||||
if await hasAuth(request, "role:btn:admin"):
|
||||
if not department_id:
|
||||
filterArgs["department__id__in"] = current_user.get("sub_departments")
|
||||
else:
|
||||
if department_id:
|
||||
filterArgs["department__id"] = department_id
|
||||
total = await Role.filter(**filterArgs, del_flag=1).count()
|
||||
data = await Role.filter(**filterArgs, del_flag=1).offset(
|
||||
(page - 1) * pageSize).limit(
|
||||
|
||||
Reference in New Issue
Block a user