基础数据 权限

apps/agent/views.py

@@ -11,7 +11,7 @@ from utils.exceptions import CustomError
 from .models import Agent,Store
 from .serializers import AgentSerializer,StoreSerializer
 from .filters import AgentFilter,StoreFilter
-from utils.permission import isLogin
+from utils.permission import isLogin, permission_required
 from apps.agent.serializers import AgentComboboxSerializer,StoreComboboxSerializer
 
 class AgentViewSet(CustomModelViewSet):
@@ -19,16 +19,19 @@ class AgentViewSet(CustomModelViewSet):
     queryset = Agent.objects.filter()
     serializer_class = AgentSerializer
 
+    @permission_required('agent.view_agent')
     def filter_queryset(self, queryset):
         queryset = queryset.filter()
         f = AgentFilter(self.request.GET, queryset=queryset)
         return f.qs
 
+    @permission_required('agent.add_agent')
     def perform_create(self, serializer):
         super(AgentViewSet, self).perform_create(serializer)
         instance = serializer.instance
         validated_data = serializer.validated_data
 
+    @permission_required('agent.delete_agent')
     def destroy(self, request, *args, **kwargs):
         instance = self.get_object()
         super(AgentViewSet, self).perform_destroy(instance)
@@ -39,21 +42,25 @@ class StoreViewSet(CustomModelViewSet):
     queryset = Store.objects.filter()
     serializer_class = StoreSerializer
 
+    @permission_required('agent.view_store')
     def filter_queryset(self, queryset):
         queryset = queryset.filter()
         f = StoreFilter(self.request.GET, queryset=queryset)
         return f.qs
 
+    @permission_required('agent.add_store')
     def perform_create(self, serializer):
         super(StoreViewSet, self).perform_create(serializer)
         instance = serializer.instance
         validated_data = serializer.validated_data
 
+    @permission_required('agent.delete_store')
     def destroy(self, request, *args, **kwargs):
         instance = self.get_object()
         super(StoreViewSet, self).perform_destroy(instance)
         return response_ok()
 
+    @permission_required('agent.check_store')
     @action(methods=['post'], detail=True)
     def check(self, request, pk):
         # 审核

apps/option/views.py

@@ -5,8 +5,11 @@ from .serializers import OptionSerializer
 from .filters import OptionFilter
 from apps.log.models import BizLog
 from utils import response_ok
+from utils.permission import isLogin, permission_required
 
 class DictView(APIView):
+    permission_classes = [isLogin, ]
+
     def get(self, request):
         ret = {
             'types':Option.TYPE_CHOICES,
@@ -17,11 +20,13 @@ class OptionViewSet(CustomModelViewSet):
     queryset = Option.objects.filter()
     serializer_class = OptionSerializer
 
+    @permission_required('option.browse_option')
     def filter_queryset(self, queryset):
         queryset = queryset.filter()
         f = OptionFilter(self.request.GET, queryset=queryset)
         return f.qs
 
+    @permission_required('option.add_option')
     def perform_create(self, serializer):
         super(OptionViewSet,self).perform_create(serializer)
         instance = serializer.instance
@@ -29,6 +34,7 @@ class OptionViewSet(CustomModelViewSet):
         BizLog.objects.addnew(self.request.user, BizLog.INSERT,
                               u'添加自定义项[%s]，id=%d' % (instance.name, instance.id), validated_data)
 
+    @permission_required('option.add_option')
     def perform_update(self, serializer):
         super(OptionViewSet,self).perform_update(serializer)
         instance = serializer.instance

uis/views/store/index.html

@@ -79,7 +79,7 @@
 
                     <script type="text/html" id="store-operate-bar">
                         <div class="layui-btn-group">
-                            <a class="layui-btn layui-btn-xs" lay-event="store_check"
+                            <a class="layui-btn layui-btn-xs" lay-event="store_check" data-permission="agent.check_store"
                             >审核</a>
                         </div>
                         <div class="layui-btn-group">
@@ -114,12 +114,12 @@
             , cols: [[
                 {field: 'name', title: '名称', width: 150}
                 , {field: 'address', title: '地址', width: 200}
-                , {field: 'create_user_text', title: '添加人', width: 160}
+                , {field: 'create_user_text', title: '添加人', width: 140}
                 , {field: 'create_time', title: '添加时间', width: 180}
                 , {field: 'end_date', title: '到期日期', width: 150}
                 , {field: 'notes', title: '备注', width: 200}
-                , {field: 'status_text', title: '状态', width: 150}
-                , {field: 'check_user_text', title: '审核人', width: 150}
+                , {field: 'status_text', title: '状态', width: 100}
+                , {field: 'check_user_text', title: '审核人', width: 120}
                 , {field: 'check_time', title: '审核时间', width: 180}
                 , {width: 180, align: 'center', fixed: 'right', toolbar: '#store-operate-bar'}
             ]]