class TenantViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows Tenant users to be viewed.
"""
model = TenantUser
serializer_class = TenantUserSerializer
def list(self, request, domain):
tenants = TenantUser.objects.all()
serializer = TenantUserSerializer(tenants)
return Response(serializer.data)
def retrieve(self, request, domain, pk=None):
current_tenant_user = get_current_tenant_user()
permissions = current_tenant_user.user.get_all_permissions()
if pk == 'me' or int(pk) == current_tenant_user.id:
tenant_user = current_tenant_user
else:
if not 'core.admin' in permissions:
return Response({"detail": "You don't have permission to perform this action."},
status=status.HTTP_403_FORBIDDEN)
try:
tenant_user = TenantUser.objects.get(id=pk)
except(TenantUser.DoesNotExist, Exception, ValueError):
return Response(status=status.HTTP_404_NOT_FOUND)
permissions = tenant_user.user.get_all_permissions()
serializer = TenantUserSerializer(tenant_user)
serializer.data['is_apps_admin'] = 'core.apps' in permissions
serializer.data['is_admin'] = 'core.admin' in permissions
serializer.data['is_user'] = 'core.user' in permissions
serializer.data['is_subscribed'] = 'core.active' in permissions
serializer.data['is_sales_admin'] = 'core.sales' in permissions
serializer.data['is_marketing_admin'] = 'core.marketing' in permissions
return Response(serializer.data)
答案 0 :(得分:0)
我的猜测 get_current_tenant_user 功能不会返回用户。确保用户使用 return 或 yield 语句从该功能返回。