chore(passport): add user organizations

duanhongyi · duanhongyi · commit ff8f9db5f9b7 · 2025-05-27T13:22:39.000+08:00
diff --git a/rootfs/api/models.py b/rootfs/api/models.py
@@ -8,6 +8,17 @@
 class User(AbstractUser):
     email = models.EmailField(_('email address'), unique=True)
 
+    @property
+    def organizations(self) -> list[str]:
+        results = []
+        if self.is_superuser:
+            results.append("admin")
+        if self.is_staff:
+            results.append("staff")
+        if self.is_active:
+            results.append(self.username)
+        return results
+
 
 class Application(AbstractApplication):
 
diff --git a/rootfs/api/oauth2_validators.py b/rootfs/api/oauth2_validators.py
@@ -16,4 +16,5 @@ def get_additional_claims(self, request):
         claims["is_staff"] = request.user.is_staff
         claims["is_active"] = request.user.is_active
         claims["is_superuser"] = request.user.is_superuser
+        claims["organizations"] = request.user.organizations
         return claims
diff --git a/rootfs/api/serializers.py b/rootfs/api/serializers.py
@@ -18,9 +18,9 @@ class UserSerializer(serializers.ModelSerializer):
     class Meta:
         model = User
         fields = ('id', 'username', 'email', 'first_name', 'last_name',
-                  'is_staff', 'is_active', 'is_superuser')
+                  'is_staff', 'is_active', 'is_superuser', "organizations")
         read_only_fields = ('id', 'username', 'is_staff', 'is_active',
-                            'is_superuser')
+                            'is_superuser', "organizations")
 
 
 class UserEmailSerializer(serializers.ModelSerializer):
