merge:权限判断条件

冯轩
Showing 1 changed file with 20 additions and 19 deletions
src/apps/doc/views.py
--- a/src/apps/doc/views.py
View file @d873956
+++ b/src/apps/doc/views.py
View file @d873956
@@ -1076,14 +1076,14 @@ class DocView(DocGenericView, DocHandler):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[api doc] [user_role={0} business_type={1}] '.format(user_role, business_type))
-        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
-            self.running_log.info('[api doc] [no permission]')
-            pagination = {'current': page, 'total': 0, 'page_size': page_size}
-            res = {
-            'pagination': pagination,
-            'doc_list': []
-            }
-            return response.ok(data=res)
+        if user_role is None or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+            # pagination = {'current': page, 'total': 0, 'page_size': page_size}
+            # res = {
+            # 'pagination': pagination,
+            # 'doc_list': []
+            # }
+            # return response.ok(data=res)
+            raise NoPermissionException('no permission')

        status_query = Q(status=status) if status is not None else Q()
        application_id_query = Q(application_id__contains=application_id) if application_id is not None else Q()
@@ -1255,7 +1255,7 @@ class CompareResultView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[CompareResultView] [user_role={0}] '.format(user_role))
-        if user_role or user_role == '-1' or (user_role == '1' and entity == 'HIL') or (user_role == '2' and entity == 'AFC'):
+        if user_role is None or user_role == '-1' or (user_role == '1' and entity == 'HIL') or (user_role == '2' and entity == 'AFC'):
            raise NoPermissionException('no permission')

        if is_auto == 1:
@@ -1660,13 +1660,14 @@ class AutoSettlementView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[AutoSettlementView] [user_role={0}] '.format(user_role))
-        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
-            pagination = {'current': page, 'total': 0, 'page_size': page_size}
-            res = {
-            'pagination': pagination,
-            'doc_list': []
-            }
-            return response.ok(data=res)
+        if user_role is None or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+            # pagination = {'current': page, 'total': 0, 'page_size': page_size}
+            # res = {
+            # 'pagination': pagination,
+            # 'doc_list': []
+            # }
+            # return response.ok(data=res)
+            raise NoPermissionException('no permission')

        if isinstance(auto_result, int):
            auto_result = consts.RESULT_MAP.get(auto_result)
@@ -1756,7 +1757,7 @@ class AutoSettlementExcelView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[AutoSettlementExcelView] [user_role={0}] '.format(user_role))
-        if user_role or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
+        if user_role is None or user_role == '-1' or (user_role == '1' and business_type == 'HIL') or (user_role == '2' and business_type == 'AFC'):
            raise NoPermissionException('no permission')

        if isinstance(auto_result, int):
@@ -1921,7 +1922,7 @@ class InvoiceExcelView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[InvoiceExcelView] [user_role={0}] '.format(user_role))
-        if user_role or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
+        if user_role is None or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
            raise NoPermissionException('no permission')

        url = 'http://127.0.0.1:8088/napi/invoice/downloadExcelOri'
@@ -1965,7 +1966,7 @@ class InvoiceQueryInfoView(GenericView):
        token = request.META.get("HTTP_AUTHORIZATION")
        user_role = rh.get_token(token[-11:])
        self.running_log.info('[InvoiceQueryInfoView] [user_role={0}] '.format(user_role))
-        if user_role or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
+        if user_role is None or user_role == '-1' or (user_role == '1' and application_entity == 'HIL') or (user_role == '2' and application_entity == 'AFC'):
            raise NoPermissionException('no permission')

        url = 'http://127.0.0.1:8088/napi/invoice/queryInfoOri'