async def del_authority(
authority_info: AuthCreate
):
e = get_casbin()
res = e.remove_policy(authority_info.authority_id, authority_info.path, authority_info.method)
if res:
return response_code.resp_200()
else:
return response_code.resp_4001(message="删除失败,权限不存在")
def init_casbin():
"""
初始化casbin的基本API数据
把 api_v1_router 分组的所有路由都添加到 casbin里面
:return:
"""
e = get_casbin()
for route in api_v1_router.routes:
if route.name == "登录":
# 登录不验证权限
continue
for method in route.methods:
# 添加casbin规则
e.add_policy("999", route.path, method)
def check_authority(request: Request,
token: Optional[str] = Depends(check_jwt_token)):
"""
权限验证 依赖于 JWT token
:param request:
:param token:
:return:
"""
authority_id = token.get("authority_id")
path = request.url.path
method = request.method
e = sys_casbin.get_casbin()
if not e.enforce(str(authority_id), path, method):
# 注意 字段类型都是字符串
# 根据token中的 authority_id 请求路径 方法 判断路径
raise custom_exc.AuthenticationError()
async def del_authority(*, authority_in: AuthCreate,
response: Response) -> Any:
"""
删除访问权限 \n
authorityid: 权限id \n
path: url 路径 \n
method: 请求方法 \n
return: 状态码, 提示信息
"""
e = get_casbin()
res = e.remove_policy(authority_in.authorityid, authority_in.path,
authority_in.method)
if res:
response.status_code = status.HTTP_200_OK
return response_code.resp_ok(message="权限删除成功")
else:
response.status_code = status.HTTP_401_UNAUTHORIZED
return response_code.resp_error(message="删除失败,权限不存在")
async def add_authority(*, authority_in: AuthCreate,
response: Response) -> Any:
"""
添加访问权限 \n
authorityid: 权限id \n
path: url 路径 \n
method: 请求方法 \n
return: 状态码, 提示信息
"""
e = get_casbin()
res = e.add_policy(authority_in.authorityid, authority_in.path,
authority_in.method)
if res:
response.status_code = status.HTTP_200_OK
return response_code.resp_ok(message="权限添加成功")
else:
response.status_code = status.HTTP_400_BAD_REQUEST
return response_code.resp_error(message="添加失败,权限已存在")