- - {{ log.content_type }}: {{ log.contents }}
+
@@ -176,8 +176,8 @@
正在创建
filters: {
group: null,
},
- account_pks: [],
- accountlog: undefined,
+ account_pks: {},
+ accountlog: {},
},
created() {
this.refresh();
@@ -204,11 +204,9 @@ 正在创建
},
open(obj) {
this.opened = {...obj};
- this.account_pks = [];
- this.accountlog = undefined;
axios.post('/account/', {method: 'account_pk', user: obj.pk})
.then(({data: {value}}) => {
- this.account_pks = value;
+ this.$set(this.account_pks, obj.pk, value)
})
.catch(({response: {data: {error}}}) => {
alert(error && error.message);
@@ -229,9 +227,10 @@ 正在创建
});
},
get_accountlog() {
- axios.post('/account/', {method: 'accountlog', user: this.opened.pk})
+ const pk = this.opened.pk;
+ axios.post('/account/', {method: 'accountlog', user: pk})
.then(({data: {value}}) => {
- this.accountlog = value;
+ this.$set(this.accountlog, pk, value);
})
.catch(({response: {data: {error}}}) => {
alert(error && error.message);
diff --git a/frontend/views.py b/frontend/views.py
index f3d1412..197387b 100644
--- a/frontend/views.py
+++ b/frontend/views.py
@@ -272,21 +272,20 @@ def post(self, request):
body = json.loads(request.body)
method = body['method']
user_pk = body['user']
+ # Check permission
+ try:
+ context = Context.from_request(request)
+ target_user = User.get(context, user_pk)
+ User.test_permission(context, 'user.full', 'user.view', f'user.view_{target_user.group}')
+ except PermissionRequired as e:
+ j = e.json
+ j['message'] = '您目前没有权限查看此项'
+ return JsonResponse({'error': j}, status=400)
+
accounts = Account.objects.filter(user__pk=user_pk)
if method == "account_pk":
return JsonResponse({'value': [i.pk for i in accounts]})
elif method == "accountlog":
- # Check permission
- try:
- context = Context.from_request(request)
- if request.user.pk is None:
- raise PermissionRequired()
- target_user = User.get(context, user_pk)
- User.test_permission(context, 'user.full', 'user.view', f'user.view_{target_user.group}')
- except PermissionRequired as e:
- j = e.json
- j['message'] = '您目前没有权限查看此项'
- return JsonResponse({'error': j}, status=400)
logs = list(AccountLog.objects.filter(account__in=accounts).values('content_type', 'contents'))
return JsonResponse({'value': logs})