def get_current_roles():
username = login_user.get('username')
is_admin = login_user.get('is_admin')
role = Role()
if is_admin:
roles = role.collection.find({})
return jsonify({
'message': 'ok',
'code': 0,
'data': list(roles),
})
user = User()
user_info = user.collection.find_one({'username': username})
where = {
'user_id': str(user_info['_id']),
}
roles = db.collection('user_roles').find(where)
roles = list(roles)
data = []
if roles:
role_ids = map(lambda i: i['role_id'], roles)
data = role.find_by_ids(list(role_ids))
return jsonify({
'message': 'ok',
'code': 0,
'data': data,
})
def bind_role(user_id):
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104030}), 400
role_ids = payload.get('role_ids')
if not role_ids or type(role_ids) != list:
return jsonify({'message': 'invalid params', 'code': 104031}), 400
user = User()
user_info = user.find_by_id(user_id)
if not user_info:
return jsonify({'message': 'record not found', 'code': 104040}), 404
roles = Role().find_by_ids(role_ids)
if not roles:
return jsonify({'message': 'invalid param', 'code': 104031}), 400
for role in roles:
data = {
'user_id': user_id,
'role_id': str(role['_id']),
}
where = data.copy()
data['created_at'] = time.time()
data['add_by'] = login_user.get('username')
db.collection('user_roles').update_one(where, {'$set': data},
upsert=True)
return jsonify({
'message': 'ok',
'code': 0,
})
def get_roles(self, team_id):
team_roles = self.db.collection('team_roles').find({'team_id': team_id})
team_roles = list(team_roles)
if not team_roles:
return team_roles
role_ids = map(lambda i: i['role_id'], team_roles)
role_ids = list(role_ids)
return Role.find_by_ids(role_ids)
def get_permissions(self, user_id, filter=None):
"""
get user permissions
:param user_id: user id
:return: list
"""
user = self.find_by_id(user_id)
if not user:
return []
relate_team = Model.build_model('team_members').find(
{'user_id': user_id})
relate_team = list(relate_team)
team_ids = list(map(lambda i: i.get('team_id'), relate_team))
role_ids = []
menus = []
if team_ids:
team_roles = Model.build_model('team_roles').find(
{'team_id': {
'$in': team_ids
}})
for item in team_roles:
role_ids.append(item.get('role_id'))
roles = db.collection('user_roles').find({'user_id': user_id})
roles = list(roles)
if roles:
ids = map(lambda i: i['role_id'], roles)
role_ids += list(ids)
if role_ids:
where = {'role_id': {'$in': role_ids}}
records = db.collection('role_menus').find(where).sort('id', 1)
for record in records:
where = filter or {}
where['_id'] = ObjectId(record['m_id'])
item = Menu.find_one(where)
if not item or item.get(
'mpid') == '-1' or item.get('status') < 1:
continue
item['actions'] = record.get('actions', ['get'])
menus.append(item)
roles = Role().find_by_ids(role_ids)
return menus, roles
def add_team():
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
is_admin = login_user.get('is_admin')
if not is_admin:
return jsonify({'message': 'admin required', 'code': 104039}), 403
name = payload.get('name')
description = payload.get('description')
parent = payload.get('parent')
role_ids = payload.get('role_ids')
members = payload.get('members') or []
master = payload.get('master') or [login_user.get('username')]
record = Team.find_one({'name': name})
if record:
return jsonify({'message': 'name existed', 'code': 104001}), 400
if role_ids:
role_record = Role.find_by_ids(role_ids)
if not role_record:
return jsonify({'message': 'role not found', 'code': 104041}), 404
data = {
'name': name,
'description': description,
'master': master,
'parent': parent,
'add_by': login_user.get('username'),
'created_at': time.time(),
}
result = Team.insert_one(data)
team_id = str(result.inserted_id)
data['_id'] = team_id
logger.info('add team', extra={'record': data})
if not role_ids:
role = {
'name': name,
'type': 'team',
'role': 'owner',
'add_by': login_user.get('username'),
'created_at': time.time(),
}
result = Role.insert_one(role)
role['_id'] = result.inserted_id
role['team_id'] = data['_id']
role_ids = [str(role['_id'])]
# team_role = {
# 'role_id': result.inserted_id,
# 'team_id': role['team_id'],
# 'add_by': login_user.get('username'),
# 'created_at': time.time(),
# }
# Model.build_model('team_roles').insert_one(team_role)
for role_id in role_ids:
team_role = {
'$set': {
'team_id': team_id,
'role_id': role_id,
'created_at': time.time()
}
}
where = {
'team_id': team_id,
'role_id': role_id,
}
db.collection('team_roles').update_one(where, team_role, upsert=True)
Team().add_member(team_id, members, owner_id=login_user.get('user_id'))
return jsonify({
'message': 'ok',
'code': 0,
})
def add_user():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000
}), 400
current_user = login_user.get('username')
is_admin = login_user.get('is_admin')
username = payload.get('username')
nickname = payload.get('nickname')
email = payload.get('email')
phone = payload.get('phone')
role_ids = payload.get('role_ids')
team_id = payload.get('team_id')
address = payload.get('address')
password = payload.get('password')
if not username or not email:
return jsonify({
'message': 'miss required params',
'code': 104001,
}), 400
if not is_admin:
if team_id:
team = Team.find_by_id(team_id)
if not team or current_user not in team.get('master'):
return jsonify({
'message': 'permission deny',
'code': 104031
}), 403
else:
return jsonify({
'message': 'permission deny',
'code': 104032,
}), 403
where = {
'$or': [
{'username': username},
{'email': email},
]
}
existed = User.find_one(where)
if existed:
return jsonify({
'message': 'username or email existed',
'code': 104030
}), 400
password = password or gen_password()
encrypt_pwd = generate_password_hash(password)
user_info = {
'username': username,
'nickname': nickname,
'password': encrypt_pwd,
'email': email,
'phone': phone,
'active': 0,
'address': address,
'created_at': time.time(),
'add_by': login_user.get('username'),
}
result = User.insert_one(user_info)
user_id = str(result.inserted_id)
if role_ids:
role_ids = role_ids if type(role_ids) == list else [role_ids]
roles = Role.find_by_ids(role_ids)
if roles:
for item in roles:
data = {
'role_id': str(item['_id']),
'user_id': user_id,
'add_by': login_user.get('username'),
'created_at': time.time(),
}
db.collection('user_roles').insert_one(data)
if team_id:
Team().add_member(team_id=team_id, members=[user_id], owner_id=login_user.get('user_id'))
notify = SMTP()
text = '''
<p>Dear user:</p>
<p>Your eclogue account is active~!</p>
<p>username: {}</p>
<p>password: {} </p>
'''
text = text.format(username, password)
notify.send(text, to=email, subject='', subtype='html')
return jsonify({
'message': 'ok',
'code': 0,
'data': password
})
def add_role():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000
}), 400
name = payload.get('name')
tag = payload.get('tag')
role_type = payload.get('type')
parent = payload.get('parent', None)
alias = payload.get('alias')
menus = payload.get('menus')
actions = payload.get('actions') or []
if not tag or not name:
return jsonify({
'message': 'invalid params',
'code': 104000,
}), 400
role = Role()
record = role.collection.find_one({'name': name})
if record:
return jsonify({
'message': 'name existed',
'code': 104001
}), 400
# roles = ['admin', 'master', 'owner', 'member', 'guest']
# if tag not in roles:
# return jsonify({
# 'message': 'invalid param role',
# 'code': 104000,
# }), 400
data = {
'name': name,
'alias': alias,
'type': role_type,
'tag': tag,
'actions': actions,
'parent': parent,
'created_at': time.time()
}
if parent:
check = role.find_by_id(parent)
if not check:
return jsonify({
'message': 'invalid param',
'code': 104001
}), 400
result = role.collection.insert_one(data)
role_id = result.inserted_id
if menus and type(menus) == list:
data = []
# menus = Menu().find_by_ids(menus)
menus = Menu().collection.find({})
if menus:
for item in menus:
data.append({
'role_id': str(role_id),
'm_id': str(item['_id']),
'created_at': time.time(),
'add_by': login_user.get('username'),
})
db.collection('role_menus').insert_many(data)
return jsonify({
'message': 'ok',
'code': 0,
})
def add_role():
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
name = payload.get('name')
description = payload.get('description')
tags = payload.get('tags')
role_type = payload.get('type')
parent = payload.get('parent', None)
alias = payload.get('alias')
menus = payload.get('permissions')
if not name:
return jsonify({
'message': 'invalid params',
'code': 104000,
}), 400
role = Role()
record = role.collection.find_one({'name': name})
if record:
return jsonify({'message': 'name existed', 'code': 104001}), 400
data = {
'name': name,
'alias': alias,
'type': role_type,
'tags': tags,
'description': description,
'parent': parent,
'created_at': time.time()
}
if parent:
check = role.find_by_id(parent)
if not check:
return jsonify({'message': 'invalid param', 'code': 104001}), 400
result = role.collection.insert_one(data)
role_id = result.inserted_id
if role_type == 'team':
team_existed = Team.find_one({'name': name})
if team_existed:
return jsonify({'message': 'team existed', 'code': 104005}), 400
team = {
'name': name,
'description': 'team of role {}'.format(name),
'add_by': login_user.get('username'),
'master': [login_user.get('username')],
'created_at': time.time()
}
result = Team.insert_one(team)
team_role = {
'team_id': str(result.inserted_id),
'role_id': str(role_id),
'add_by': login_user.get('username'),
'created_at': time.time()
}
Team.build_model('team_roles').insert_one(team_role)
if menus and type(menus) == dict:
model = Menu()
data = []
methods = {
'read': ['option', 'get'],
'edit': ['post', 'put', 'patch'],
'delete': ['delete']
}
for _id, actions in menus.items():
record = model.find_by_id(_id)
if not record:
continue
action_list = []
for action in actions:
if not methods.get(action):
continue
action_list.extend(methods.get(action))
data.append({
'role_id': str(role_id),
'm_id': _id,
'actions': action_list,
'created_at': time.time(),
'add_by': login_user.get('username'),
})
db.collection('role_menus').insert_many(data)
return jsonify({
'message': 'ok',
'code': 0,
})
def update_role(_id):
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
record = Role().find_by_id(_id)
if not record:
return jsonify({'message': 'record not found', 'code': 104040}), 404
role_id = record.get('_id')
name = payload.get('name')
description = payload.get('description')
tags = payload.get('tags')
role_type = payload.get('type')
parent = payload.get('parent', None)
alias = payload.get('alias')
menus = payload.get('permissions')
data = {
'name': name,
'alias': alias,
'type': role_type,
'tags': tags,
'parent': parent,
'description': description,
}
update = {'$set': data}
db.collection('roles').update_one({'_id': record['_id']}, update=update)
if menus is not None and type(menus) == dict:
model = Menu()
methods = {
'read': ['option', 'get'],
'edit': ['post', 'put', 'patch'],
'delete': ['delete']
}
# 先删除原先的关联
db.collection('role_menus').delete_many({'role_id': str(role_id)})
for _id, actions in menus.items():
record = model.find_by_id(_id)
if not record:
continue
action_list = []
for action in actions:
if not methods.get(action):
continue
action_list.extend(methods.get(action))
data = {
'role_id': str(role_id),
'm_id': _id,
'actions': action_list,
'created_at': time.time(),
'add_by': login_user.get('username'),
}
db.collection('role_menus').insert_one(data)
# where = {
# 'role_id': str(role_id),
# 'm_id': _id,
# }
# check = db.collection('role_menus').find_one(where)
# if not check:
# data['created_at'] = time.time(),
# data['add_by'] = login_user.get('username'),
# db.collection('role_menus').insert_one(data)
# else:
# db.collection('role_menus').update_one(where, update={'$set': data})
return jsonify({
'message': 'ok',
'code': 0,
})
def get_roles():
query = request.args
page = int(query.get('page', 1))
size = int(query.get('size', 50))
offset = (page - 1) * size
name = query.get('name')
role_type = query.get('type')
start = query.get('start')
end = query.get('end')
user = User()
username = login_user.get('username')
is_admin = login_user.get('is_admin')
data = []
total = 0
role = Role()
where = {'status': {'$ne': -1}}
if name:
where['name'] = {'$regex': name}
if role_type:
where['type'] = role_type
date = []
if start:
date.append({
'created_at': {
'$gte': int(time.mktime(time.strptime(start, '%Y-%m-%d')))
}
})
if end:
date.append({
'created_at': {
'$lte': int(time.mktime(time.strptime(end, '%Y-%m-%d')))
}
})
if not is_admin:
user_info = user.collection.find_one({'username': username})
where = {
'user_id': str(user_info['_id']),
}
roles = db.collection('user_roles').find(where)
roles = list(roles)
if roles:
role_ids = map(lambda i: ObjectId(i['role_id']), roles)
where['_id'] = {
'$in': list(role_ids),
}
cursor = role.collection.find(where, skip=offset, limit=size)
total = cursor.count()
data = list(cursor)
else:
cursor = role.collection.find(where, skip=offset, limit=size)
total = cursor.count()
data = list(cursor)
return jsonify({
'message': 'ok',
'code': 0,
'data': {
'page': page,
'pageSize': size,
'total': total,
'list': data,
},
})