Ejemplo n.º 1
0
 def __init__(self, cur_user):
     self._cur_user_id = cur_user.id
     if cur_user.is_admin:
         self._is_admin = True
         self._staff_qs = Staff.query()
         self._staff_id_list = [s.id for s in self._staff_qs]
     else:
         all_sub_ids = []
         role_id_list = [
             ac.access_id
             for ac in AuthAccess.query().filter(staff=cur_user,
                                                 access_type='role')
         ]  #Generator will not work, why?
         dept_id_list = (ac.access_id for ac in AuthAccess.query().filter(
             staff=cur_user, access_type='department'))
         for role_id in role_id_list:
             sub_list = role_middleware.get_all_children_ids(role_id)
             self._is_show_sub = any([
                 role.is_show_data
                 for role in Role.query().filter(id__in=sub_list)
             ][:-1])
             if sub_list and self._is_show_sub:
                 all_sub_ids.extend(sub_list)
         role_id_list = [acs.staff_id for acs in \
                             AuthAccess.query().filter(access_id__in = all_sub_ids, access_type='role')
                           ]
         dept_id_list = [acs.staff_id for acs in \
                             AuthAccess.query().filter(access_id__in = dept_id_list, access_type='department')
                           ]
         staff_id_list = list(
             set(role_id_list).intersection(set(dept_id_list)))
         staff_id_list.append(cur_user.id)
         self._staff_id_list = staff_id_list
         self._staff_qs = Staff.query().filter(id__in=staff_id_list)
Ejemplo n.º 2
0
 def search(cls, current_page, **search_info):
     """查询员工列表"""
     user_pro = search_info.pop('cur_user')
     staff_qs = user_pro._staff_qs        
     if 'keyword' in search_info:
         keyword = search_info.pop('keyword')
         staff_qs = staff_qs.filter(Q(name__contains = keyword) | \
                         Q(phone__contains = keyword))
     dept_staff_id = []                    
     role_staff_id = []
     d_flag = False
     r_flag = False
     if 'department' in search_info:
         d_flag = True
         dept_id = search_info.pop('department')
         #dept_id = [d.id for d in Department.query().filter(name__contains = dept)] #使用名称查找
         dept_staff_id = [a.staff_id for a in AuthAccess.query().filter(access_id__exact = dept_id, access_type = 'department')]
     if 'role' in search_info:
         r_flag = True
         role_id = search_info.pop('role')
         #role_id = [r.id for r in Role.query().filter(name__contains = role)] #使用名称查找
         role_staff_id = [a.staff_id for a in AuthAccess.query().filter(access_id__exact = role_id, access_type = 'role')]
     if all((d_flag, r_flag)):
         staff_id_list = list(set(role_staff_id).intersection(set(dept_staff_id)))
         staff_qs = staff_qs.filter(id__in = staff_id_list)
     elif not d_flag and not r_flag:
         pass
     else:
         staff_id_list = dept_staff_id + role_staff_id
         staff_qs = staff_qs.filter(id__in = staff_id_list)
     if 'is_working' in search_info:
         is_working = search_info.pop('is_working')
         staff_qs = staff_qs.filter(is_working = is_working)
     staff_qs = staff_qs.order_by("-entry_time")
     return Splitor(current_page, staff_qs)
Ejemplo n.º 3
0
    def is_exit(cls, access_id, access_type, staff_id):
        """此权限关系是否存在"""

        auth_access_qs = AuthAccess.query(access_id = access_id, access_type = access_type, \
                                          staff_id = staff_id)
        if auth_access_qs.count() > 0:
            return True
        return False
Ejemplo n.º 4
0
    def modify(cls, id, access_id):
        """修改员工绑定的角色或部门"""

        auth_access = AuthAccess.get_byid(id)
        if auth_access is None:
            raise BusinessError("此关系不存在")

        auth_access.update(access_id = access_id)
        return True
Ejemplo n.º 5
0
    def unbundling(cls, id):
        """删除员工关系绑定"""

        auth_access = AuthAccess.get_byid(id)
        if auth_access is None:
            raise BusinessError("此关系不存在")

        auth_access.delete()
        return True
Ejemplo n.º 6
0
    def get_rules_bystaff(cls, staff):
        """通过员工获得所有的功能"""

        rulestr = ""
        auth_access_list = AuthAccess.query(staff = staff, access_type = AccessTypes.ROLE)
        rule_list = []
        for authaccess in auth_access_list:
            role = RoleServer.get(authaccess.access_id)
            rule_list.extend(role.rule_list)
        return rule_list
Ejemplo n.º 7
0
    def get_children(cls, staff):
        """查询同部门下一级角色"""
        authaccess_list = AuthAccess.query(staff = staff)
        department_ids = []
        role_ids = []
        for access in authaccess_list:
            if access.access_type == "role":
                role_ids.extend(role_middleware.get_children_ids(access.access_id))
            else:
                department_ids.append(access.access_id)

        role_ids = list(set(role_ids))
        return role_ids, department_ids
Ejemplo n.º 8
0
 def hung_permise_bystaff(cls, staff):
     """员工对象挂载权限"""
     authaccess_list = AuthAccess.query(staff = staff)
     department_ids = []
     role_ids = []
     for access in authaccess_list:
         if access.access_type == "department":
             department_ids.append(access.access_id)
         else:
             role_ids.append(access.access_id)
     staff.role_list = role_middleware.get_list_byids(role_ids)
     staff.department_list = department_middleware.get_list_byids(department_ids)
     return staff
Ejemplo n.º 9
0
    def remove(cls, role_id):
        """删除角色"""
        access_type = "role"
        auth_access = AuthAccess.get_by_access_id(role_id, access_type)
        if auth_access.count() > 0:
            raise BusinessError("已绑定用户无法删除")

        role_children = role_middleware.get_children(role_id)
        if role_children:
            raise BusinessError("此角色存在下级无法删除")

        role = Role.get_byid(role_id)
        if role is None:
            raise BusinessError("此角色不存在")

        role.delete()
        role_middleware.force_refresh()
        return True
Ejemplo n.º 10
0
    def hung_permise_forstaffs(cls, staff_list):
        """员工列表挂载权限"""

        authaccess_list = AuthAccess.query(staff__in = staff_list)

        # 循环关系表求出角色id集合和部门id集合
        staff_mapping = {}
        department_id_list = []
        role_id_list = []
        for access in authaccess_list:
            staff = access.staff

            if staff.id not in staff_mapping:
                staff_mapping[staff.id] = {
                    'role_list': [],
                    'department_list': []
                }

            if access.access_type == "department":
                staff_mapping[staff.id]['department_list'].append(access.access_id)
                department_id_list.append(access.access_id)
            else:
                staff_mapping[staff.id]['role_list'].append(access.access_id)
                role_id_list.append(access.access_id)

        department_mapping = { department.id: department \
                    for department in department_middleware.get_list_byids(department_id_list)}

        role_mapping = { role.id: role for role in role_middleware.get_list_byids(role_id_list)}

        for staff in staff_list:
            staff_info = staff_mapping.get(staff.id)
            if staff_info is None:
                staff.department_list = []
                staff.role_list = []
            else:
                staff.department_list = [department_mapping[dep_id] \
                                         for dep_id in staff_info['department_list'] \
                                            if dep_id in department_mapping]
                staff.role_list = [role_mapping[role_id] \
                                    for role_id in staff_info['role_list'] \
                                        if role_id in role_mapping]

        return staff_list
Ejemplo n.º 11
0
    def remove(cls, department_id):
        """删除部门"""

        access_type = "department"
        auth_access = AuthAccess.get_by_access_id(department_id, access_type)
        if auth_access.count() > 0:
            raise BusinessError("已绑定用户无法删除")

        department_children = department_middleware.get_children(department_id)
        if department_children:
            raise BusinessError("此部门存在下级无法删除")

        department = Department.get_byid(department_id)
        if department is None:
            raise BusinessError("该部门不存在")

        department.delete()

        department_middleware.force_refresh()

        return True
Ejemplo n.º 12
0
 def remove(self, staff, access_type):
     """解除员工下的所有关系"""
     delete_qs = AuthAccess.query(access_type = access_type, staff = staff)
     delete_qs.delete()
Ejemplo n.º 13
0
    def generate(cls, access_id, access_type, staff):
        """添加员工权限关系"""

        auth_access = AuthAccess.create(access_id = access_id, access_type = access_type, staff = staff)
        '''
Ejemplo n.º 14
0
 def get_staffs_byauthaccess(cls, **attrs):
     staff_list = []
     authaccess_list = AuthAccess.search(**attrs)
     for authaccess in authaccess_list:
         staff_list.append(authaccess.staff)
     return  staff_list