TanWenyan/leaudit-platform-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: restrict area bypass to super_admin only

Browse Source 
Previously provincial_admin also skipped entry module area
filtering, making areas configuration meaningless for them.
Now only super_admin bypasses — provincial_admin and below
must match their area against the module's areas list.
This commit is contained in:
wren
2026-04-30 10:58:37 +08:00
parent 33255e823f
commit c16bb841de
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
fastapi_modules/fastapi_leaudit/services/impl/homeServiceImpl.py
+1 -1
View File
@@ -36,7 +36,7 @@ class HomeServiceImpl(IHomeService):
SELECT
u.id,
COALESCE(u.area, '') AS area,
COALESCE(bool_or(r.role_key IN ('super_admin', 'provincial_admin')), FALSE) AS bypass_area
COALESCE(bool_or(r.role_key = 'super_admin'), FALSE) AS bypass_area
FROM sso_users u
LEFT JOIN user_role ur ON ur.user_id = u.id
LEFT JOIN roles r ON r.id = ur.role_id