fix(notify): be compatible with member's permission changes

every user can create, modify and delete their own receiver info
2026-06-05 02:32:27 +08:00 · 2021-01-29 20:03:03 +08:00
parent 47d38a253a
commit 4e199b84eb
5 changed files with 39 additions and 26 deletions
--- a/cmd/climc/shell/notifyv2/config.go
+++ b/cmd/climc/shell/notifyv2/config.go
@@ -111,7 +111,7 @@ func init() {
 	}
 	R(&ConfigGetTypesOptions{}, "notify-config-get-types", "Get all Config types", func(s *mcclient.ClientSession, args *ConfigGetTypesOptions) error {
 		param := jsonutils.Marshal(args)
-		result, err := modules.NotifyConfig.PerformClassAction(s, "get-types", param)
+		result, err := modules.NotifyReceiver.PerformClassAction(s, "get-types", param)
 		if err != nil {
 			return err
 		}
--- a/pkg/cloudcommon/notifyclient/notify.go
+++ b/pkg/cloudcommon/notifyclient/notify.go
@@ -514,7 +514,7 @@ func notifyRobot(ctx context.Context, robot string, recipientId []string, isGrou
 	s := auth.GetAdminSession(ctx, consts.GetRegion(), "")
 	params := jsonutils.NewDict()
 	params.Set("robot", jsonutils.NewString(robot))
-	result, err := modules.NotifyConfig.PerformClassAction(s, "get-types", params)
+	result, err := modules.NotifyReceiver.PerformClassAction(s, "get-types", params)
 	if err != nil {
 		return err
 	}
--- a/pkg/notify/models/config.go
+++ b/pkg/notify/models/config.go
@@ -160,10 +160,6 @@ func (c *SConfig) StartRepullSubcontactTask(ctx context.Context, userCred mcclie
 	return nil
 }

-func (cm *SConfigManager) AllowPerformGetTypes(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) bool {
-	return true
-}
-
 func (cm *SConfigManager) filterContactType(cTypes []string, robot string) []string {
 	var judge func(string) bool
 	ret := make([]string, 0, len(cTypes)/2)
@@ -189,16 +185,6 @@ func (cm *SConfigManager) filterContactType(cTypes []string, robot string) []str
 	return ret
 }

-func (cm *SConfigManager) PerformGetTypes(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.ConfigManagerGetTypesInput) (api.ConfigManagerGetTypesOutput, error) {
-	output := api.ConfigManagerGetTypesOutput{}
-	allContactType, err := cm.allContactType()
-	if err != nil {
-		return output, err
-	}
-	output.Types = sortContactType(cm.filterContactType(allContactType, input.Robot))
-	return output, nil
-}
-
 var sortedCTypes = []string{
 	api.WEBCONSOLE, api.EMAIL, api.MOBILE, api.DINGTALK, api.FEISHU, api.WORKWX, api.DINGTALK_ROBOT, api.FEISHU_ROBOT, api.WORKWX_ROBOT,
 }
@@ -407,7 +393,7 @@ func (self *SConfigManager) InitializeData() error {
 }

 func (cm *SConfigManager) ResourceScope() rbacutils.TRbacScope {
-	return rbacutils.ScopeUser
+	return rbacutils.ScopeSystem
 }

 func (cm *SConfigManager) AllowCreateItem(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, data jsonutils.JSONObject) bool {
--- a/pkg/notify/models/receiver.go
+++ b/pkg/notify/models/receiver.go
@@ -592,6 +592,20 @@ func (rm *SReceiverManager) ListItemFilter(ctx context.Context, q *sqlchemy.SQue
 	return q, nil
 }

+func (r *SReceiverManager) AllowPerformGetTypes(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject) bool {
+	return true
+}
+
+func (cm *SReceiverManager) PerformGetTypes(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, input api.ConfigManagerGetTypesInput) (api.ConfigManagerGetTypesOutput, error) {
+	output := api.ConfigManagerGetTypesOutput{}
+	allContactType, err := ConfigManager.allContactType()
+	if err != nil {
+		return output, err
+	}
+	output.Types = sortContactType(ConfigManager.filterContactType(allContactType, input.Robot))
+	return output, nil
+}
+
 func (rm *SReceiverManager) FetchCustomizeColumns(ctx context.Context, userCred mcclient.TokenCredential, query jsonutils.JSONObject, objs []interface{}, fields stringutils2.SSortedStrings, isList bool) []api.ReceiverDetails {
 	sRows := rm.SStatusStandaloneResourceBaseManager.FetchCustomizeColumns(ctx, userCred, query, objs, fields, isList)
 	dRows := rm.SDomainizedResourceBaseManager.FetchCustomizeColumns(ctx, userCred, query, objs, fields, isList)
--- a/pkg/notify/policy/defaults.go
+++ b/pkg/notify/policy/defaults.go
@@ -21,11 +21,12 @@ import (
 )

 const (
-	PolicyActionGet    = common_policy.PolicyActionGet
-	PolicyActionList   = common_policy.PolicyActionList
-	PolicyActionCreate = common_policy.PolicyActionCreate
-	PolicyActionUpdate = common_policy.PolicyActionUpdate
-	PolicyActionDelete = common_policy.PolicyActionDelete
+	PolicyActionPerform = common_policy.PolicyActionPerform
+	PolicyActionGet     = common_policy.PolicyActionGet
+	PolicyActionList    = common_policy.PolicyActionList
+	PolicyActionCreate  = common_policy.PolicyActionCreate
+	PolicyActionUpdate  = common_policy.PolicyActionUpdate
+	PolicyActionDelete  = common_policy.PolicyActionDelete
 )

 var (
@@ -36,28 +37,40 @@ var (
 			Rules: []rbacutils.SRbacRule{
 				{
 					Service:  api.SERVICE_TYPE,
-					Resource: "contacts",
+					Resource: "receivers",
+					Action:   PolicyActionGet,
+					Result:   rbacutils.Allow,
+				},
+				{
+					Service:  api.SERVICE_TYPE,
+					Resource: "receivers",
 					Action:   PolicyActionList,
 					Result:   rbacutils.Allow,
 				},
 				{
 					Service:  api.SERVICE_TYPE,
-					Resource: "contacts",
+					Resource: "receivers",
 					Action:   PolicyActionCreate,
 					Result:   rbacutils.Allow,
 				},
 				{
 					Service:  api.SERVICE_TYPE,
-					Resource: "contacts",
+					Resource: "receivers",
 					Action:   PolicyActionUpdate,
 					Result:   rbacutils.Allow,
 				},
 				{
 					Service:  api.SERVICE_TYPE,
-					Resource: "contacts",
+					Resource: "receivers",
 					Action:   PolicyActionDelete,
 					Result:   rbacutils.Allow,
 				},
+				{
+					Service:  api.SERVICE_TYPE,
+					Resource: "receivers",
+					Action:   PolicyActionPerform,
+					Result:   rbacutils.Allow,
+				},
 			},
 		},
 	}