feat: update account lock logic and modify workspace ID requirements in role settings

wxg0103 · wxg0103 · commit fcaac9c11ac3 · 2025-12-26T10:35:26.000+08:00
diff --git a/apps/users/api/user.py b/apps/users/api/user.py
@@ -25,8 +25,8 @@ def get_data(self):
 class RoleSettingRequestSerializer(serializers.Serializer):
     role_id = serializers.CharField(required=True, label=_('Role ID'))
     workspace_ids = serializers.ListField(
-        child=serializers.CharField(required=True),
-        required=True,
+        child=serializers.CharField(required=False),
+        required=False,
         label=_('Workspace IDs')
     )
 
diff --git a/apps/users/serializers/login.py b/apps/users/serializers/login.py
@@ -106,7 +106,7 @@ def login(instance):
 
         if is_license_valid:
             # 检查账户是否被锁定
-            if LoginSerializer._is_account_locked(username):
+            if LoginSerializer._is_account_locked(username, failed_attempts):
                 raise AppApiException(
                     1005,
                     _("This account has been locked for %s minutes, please try again later") % lock_time
@@ -146,8 +146,10 @@ def login(instance):
         return {'token': token}
 
     @staticmethod
-    def _is_account_locked(username: str) -> bool:
+    def _is_account_locked(username: str, failed_attempts: int) -> bool:
         """检查账户是否被锁定"""
+        if failed_attempts == -1:
+            return False
         lock_cache = cache.get(system_get_key(f'system_{username}_lock'), version=system_version)
         return bool(lock_cache)
 
