Skip to content

Tag System #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
bestony wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Tag System #19

bestony wants to merge 8 commits into from

Conversation

@bestony
Copy link
Collaborator

@bestony bestony commented Dec 25, 2025

#11

@github-actions
Copy link

github-actions bot commented Dec 25, 2025

  • labels/models.py:99-135 访问控制完全忽略了 is_public 标志,只允许所有者或授权用户访问。即便创建/编辑页面提示“公开标签可被其他用户查看和使用”,公开标签仍然对非所有者不可见/不可用,功能与文案不符。建议在 has_access 中对 is_public 进行放行(至少允许 required_level=="view"/"use")。
  • labels/models.py:112-135 组织标签/组织授权的判定依赖 user.is_org_adminuser.get_organization_ids,但项目中并未实现这两个方法(全局搜索为空)。结果是:组织拥有的标签在权限检查时永远不会被识别为可管理/可用,授予组织的权限也永远不会生效。需要改为使用现有的组织成员关系模型(如 OrganizationMembership)计算管理员和所属组织列表,或实现对应的用户方法。

@github-actions
Copy link

github-actions bot commented Dec 25, 2025

  • labels/models.py:105-142accounts/views.py:1611-1637:is_public 字段在访问控制和列表中完全未被使用。用户勾选“公开标签可被其他用户查看和使用”,但逻辑仍只允许拥有者/显式授权用户访问,其他人看不到也无法使用这些“公开”标签。建议在 has_access / 列表查询中放通公开标签,或调整文案避免误导。
  • labels/models.py:118-141:组织相关权限永远判定为 False。这里依赖 user.is_org_admin / user.get_organization_ids,但 accounts.User 未提供这些方法,导致组织拥有的标签或授予组织的权限无法被任何成员识别和使用,组织层级的授权功能事实上不可用。建议改为通过 OrganizationMembership 查询用户的组织及管理员身份,或在 User 上补充相应方法。

测试缺口:新增标签/权限核心流程未见自动化测试覆盖(创建、公开可见性、组织授权、权限授予/撤销)。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bestony