def post(self):
from models.role import Role, RoleHasApi, RoleHasMenu
from models.menu import Menu, MenuHasApi
from app import db
try:
role_id = request.json.get('id')
if not Role.check_role(self.app_id, role_id):
return '权限错误', 400
now_menus = request.json.get('menu_ids')
old_menus = RoleHasMenu.get_menu(role_id)
need_delete = list(set(old_menus) - set(now_menus))
need_add = list(set(now_menus) - set(old_menus))
for n in need_add:
if Menu.check_menu(self.app_id, n):
m = RoleHasMenu()
m.role_id = role_id
m.menu_id = n
db.session.add(m)
# 查询menu_has_api, menu_id拥有的俄api_id,自动添加到role_has_api中
temp = MenuHasApi.get_api(n)
for x in temp:
rha = RoleHasApi()
rha.role_id = role_id
rha.api_id = x
db.session.add(rha)
for d in need_delete:
if Menu.check_menu(self.app_id, d):
m = RoleHasMenu.query.filter_by(role_id=role_id,
menu_id=d).first()
# 查询 menu_has_api, menu_id拥有的api_id,删除role_has_api
temp = MenuHasApi.get_api(m.menu_id)
for x in temp:
c = RoleHasApi.query.filter_by(role_id=role_id,
api_id=x).first()
db.session.delete(c)
db.session.delete(m)
db.session.commit()
except Exception as e:
db.session.rollback()
def post(self):
from models.menu import MenuHasApi, Menu
from models.api import Api
from models.role import RoleHasApi, RoleHasMenu
from app import db
try:
menu_id = request.json.get('id')
if not Menu.check_menu(self.app_id, menu_id):
return '权限错误', 400
now_apis = request.json.get('api_ids')
old_apis = MenuHasApi.get_api(menu_id)
need_delete = list(set(old_apis) - set(now_apis))
need_add = list(set(now_apis) - set(old_apis))
# 根据menu_id 查询roles
roles = RoleHasMenu.get_role(menu_id)
for n in need_add:
if Api.check_api(self.app_id, n):
m = MenuHasApi()
m.menu_id = menu_id
m.api_id = n
db.session.add(m)
# 将role_id,n写入role_has_api
for r in roles:
rha = RoleHasApi()
rha.role_id = r
rha.api_id = n
db.session.add(rha)
for d in need_delete:
if Api.check_api(self.app_id, d):
m = MenuHasApi.query.filter_by(menu_id=menu_id,
api_id=d).first()
# 删除role_has_api中角色对应的api
temp = RoleHasApi.query.filter(
RoleHasApi.api_id == d,
RoleHasApi.role_id.in_(roles)).all()
for t in temp:
db.session.delete(t)
db.session.delete(m)
db.session.commit()
except Exception as e:
db.session.rollback()
def get(self):
# 根据menu_id查询对应的api_id。
# 需返回已分配的,和未分配的API
from models.menu import MenuHasApi, Menu
from models.api import Api
returnObj = {}
assigned_apis = []
not_assigned_apis = []
menu_id = request.args.get('id')
if not Menu.check_menu(self.app_id, menu_id):
return '权限错误', 400
assigned_apis_in_db = MenuHasApi.query.filter_by(menu_id=menu_id).all()
all_apis_in_db = Api.query.filter_by(app_id=self.app_id).all()
assigned_api_ids = []
for a in assigned_apis_in_db:
assigned_api_ids.append(a.api_id)
assigned_apis.append({
'id': a.api_id,
'path': a.api.path,
'method': a.api.method,
'remark': a.api.remark
})
assigned_api_ids = set(assigned_api_ids)
for a in all_apis_in_db:
if a.id not in assigned_api_ids:
not_assigned_apis.append({
'id': a.id,
'path': a.path,
'method': a.method,
'remark': a.remark
})
returnObj['not_assigned_apis'] = not_assigned_apis
returnObj['assigned_apis'] = assigned_apis
return returnObj
