fix: delete user role

veops · Oct 9, 2023 · 4097d60 · 4097d60
1 parent e6dd465
commit 4097d60
Showing 1 changed file with 13 additions and 10 deletions.
diff --git a/acl-api/api/lib/perm/acl/role.py b/acl-api/api/lib/perm/acl/role.py
@@ -213,7 +213,6 @@ class RoleCRUD(object):
 
     @staticmethod
     def search(q, app_id, page=1, page_size=None, user_role=True, is_all=False, user_only=False):
-
         if user_only:  # only user role
             query = db.session.query(Role).filter(Role.deleted.is_(False)).filter(Role.uid.isnot(None))
 
@@ -271,6 +270,13 @@ def update_role(rid, **kwargs):
         RoleCache.clean(rid)
 
         role = role.update(**kwargs)
+
+        if origin['uid'] and kwargs.get('name') and kwargs.get('name') != origin['name']:
+            from api.models.acl import User
+            user = User.get_by(uid=origin['uid'], first=True, to_dict=False)
+            if user:
+                user.update(username=kwargs['name'])
+
         AuditCRUD.add_role_log(role.app_id, AuditOperateType.update,
                                AuditScope.role, role.id, origin, role.to_dict(), {},
                                )
@@ -289,12 +295,11 @@ def delete_role(cls, rid, force=False):
         from api.lib.perm.acl.acl import is_admin
 
         role = Role.get_by_id(rid) or abort(404, ErrFormat.role_not_found.format("rid={}".format(rid)))
-
-        not force and role.uid and abort(400, ErrFormat.user_role_delete_invalid)
-
         if not role.app_id and not is_admin():
             return abort(403, ErrFormat.admin_required)
 
+        not force and role.uid and abort(400, ErrFormat.user_role_delete_invalid)
+
         origin = role.to_dict()
 
         child_ids = []
@@ -303,20 +308,18 @@ def delete_role(cls, rid, force=False):
 
         for i in RoleRelation.get_by(parent_id=rid, to_dict=False):
             child_ids.append(i.child_id)
-            i.soft_delete(commit=False)
+            i.soft_delete()
 
         for i in RoleRelation.get_by(child_id=rid, to_dict=False):
             parent_ids.append(i.parent_id)
-            i.soft_delete(commit=False)
+            i.soft_delete()
 
         role_permissions = []
         for i in RolePermission.get_by(rid=rid, to_dict=False):
             role_permissions.append(i.to_dict())
-            i.soft_delete(commit=False)
-
-        role.soft_delete(commit=False)
+            i.soft_delete()
 
-        db.session.commit()
+        role.soft_delete()
 
         role_rebuild.apply_async(args=(recursive_child_ids, role.app_id), queue=ACL_QUEUE)