async def get_all_form(request: Request, form_id: int, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): form = delete_form_by_id(session=session, form_id=form_id) session.commit() return success_response(to_FormDetailSerializer(form))
async def get_constants(): data = { 'sex': SEX_MAP, 'permission_type': PERMISSION_TYPE_MAP, 'health_code': HealthCode_Map } return success_response(data)
async def permission_list(request: Request, page_info: PageInfo = Depends(PageInfo_), user: UserDB = Depends(get_user), session: Session = Depends(get_session)): pagination = Pagination(session.query(PermissionDB), page_info=page_info) data = [PermissionSerializer.from_orm(m).dict() for m in pagination.items] paginate_info = make_paginate_info(pagination, request) return success_response(data, paginate_info)
async def del_permission_(permission_id: int, user: UserDB = Depends(get_user), session: Session = Depends(get_session)): permission = get_permission_by_id(session, permission_id) if permission is None: return error_response(NotFound()) session.delete(permission) session.commit() return success_response(PermissionSerializer.from_orm(permission).dict())
async def update_me_(user_data: UserUpdateSerializer, user: UserDB = Depends(get_user), session: Session = Depends(get_session)): user.sex = user_data.sex user.phone = user_data.phone user.address = user_data.address user.nation = user_data.nation user.birthday = user_data.birthday session.add(user) session.commit() return success_response(to_UserDetailSerializer(user))
async def get_all_form(request: Request, page_info: PageInfo = Depends(PageInfo_), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): query = session.query(FormDB) paginate = Pagination(query, page_info=page_info) paginate_info = make_paginate_info(paginate, request) data = [to_FormDetailSerializer(form) for form in paginate.items] return success_response(data, paginate_info)
async def manage_reset_password(op_user_id_list: List[int] = Body(...), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): op_user_line = get_users_by_id_list(session, op_user_id_list) for op_user in op_user_line: if not has_permission_manage_user(manager, op_user): return error_response(PermissionError()) op_user.generate_password_hash('123456789') session.commit() return success_response({'count': len(op_user_line)})
async def my_roles(user_id: int, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): has_permission, user_ids = has_permission_manage_user_ids( session, manager, [user_id]) if not has_permission and not user_id == manager.id: return error_response(PermissionError()) role_list = get_role_by_user_id(session, user_id) data = [RoleSerializer.from_orm(role).dict() for role in role_list] return success_response(data)
async def read_op_user_(op_user_id: int, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): op_user = get_user_by_id(session, op_user_id) if op_user is None: return error_response(NotFound("没找到该用户~")) if not has_permission_manage_user(manager, op_user): return error_response(PermissionError()) return success_response(to_UserDetailSerializer(op_user))
async def psot_permission_to_role_(role_id: int, permission_ids: List[int] = Body(...), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) add_permission_to_role(session, permission_ids, role_id) session.commit() return success_response()
async def login_(login_data: LoginSerializer, session: Session = Depends(get_session)): logger.info(f"phone number: {login_data.phone} login") user = get_user_by_phone_number(session=session, phone_number=login_data.phone) logger.info(f'get user: {user}') if user is None or not user.is_right_password(login_data.password): return error_response(WrongPassword()) data = to_UserDetailSerializer(user) user_token = encode_token(user.id).decode() data['user_token'] = user_token response = success_response(data) response.set_cookie('user-token', user_token) return response
async def del_role(role_id: int, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) # todo: 这里按道理要递归删除,但是还没做 session.delete(role) session.query(User2RoleDB).filter( User2RoleDB.role_id == role_id).delete(False) session.commit() return success_response(RoleSerializer.from_orm(role).dict())
async def search_user_ids(sex: int = Query(None, ge=1, le=2), keyword: str = None, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): query = session.query(UserDB.id) if sex: query = query.filter(UserDB.sex == sex) if keyword: query = query.filter(UserDB.name.ilike(f'%{keyword}%')) data = [int(i[0]) for i in query.all()] return success_response(data)
async def del_permission_to_role(role_id: int, permission_ids: List[int], manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) session.query(Permission2RoleDB). \ filter(Permission2RoleDB.role_id == role_id). \ filter(Permission2RoleDB.permission_id.in_(permission_ids)).delete(False) session.commit() return success_response()
async def role_user_list(request: Request, role_id: int, page_info: PageInfo = Depends(PageInfo_), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) pagination = get_users_by_role_id(session, role_id, page_info) data = [BaseUserSerializer.from_orm(u).dict() for u in pagination.items] paginate_info = make_paginate_info(pagination, request) return success_response(data, paginate_info)
async def update_role_(role_id: int, data: RoleSerializer, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) role.name = data.name if session.query(RoleDB).filter(RoleDB.name == data.name).first() != None: return error_response(InvalidParamError("角色名重复!")) session.add(role) session.commit() return success_response(RoleSerializer.from_orm(role).dict())
async def update_op_user_(op_user_id: int, user_data: ManagerUpdateUserSerializer, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): op_user = get_user_by_id(session, op_user_id) if not has_permission_manage_user(manager, op_user): return error_response(PermissionError()) op_user.sex = user_data.sex op_user.phone = user_data.phone op_user.address = user_data.address op_user.nation = user_data.nation op_user.birthday = user_data.birthday op_user.name = user_data.name session.commit() return success_response(to_UserDetailSerializer(op_user))
async def add_user_to_role(role_id: int, user_ids: List[int] = Body(...), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) has_permission, user_ids = has_permission_manage_user_ids( session, manager, user_ids) if not has_permission: return error_response(PermissionError()) session.add_all( tuple(User2RoleDB(user_id=i, role_id=role_id) for i in user_ids)) update_user_identity(session, user_ids, UserIdentity.ADMIN) session.commit() return success_response()
async def del_user_to_role(role_id: int, user_ids: List[int], manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role, err = _check_group_exist_and_permission(session, manager, role_id) if err is not None: return error_response(err) has_permission, user_ids = has_permission_manage_user_ids( session, manager, user_ids) if not has_permission: return error_response(PermissionError()) session.query(User2RoleDB).filter( User2RoleDB.role_id == role_id, User2RoleDB.user_id.in_(user_ids)).delete(False) cancel_user_as_admin_if_no_role(session, user_ids) session.commit() return success_response()
async def search_user_(request: Request, page_info: PageInfo = Depends(PageInfo_), search_condition: CommonlyUsedUserSearch = Depends( CommonlyUsedUserSearch_), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): query = session.query(UserDB).join(User2RoleDB, User2RoleDB.user_id == UserDB.id) query, error = common_user_search_with_permission_check( manager, query, session, search_condition) if error: return error_response(error) paginate = Pagination(query, page_info=page_info) paginate_info = make_paginate_info(paginate, request) data = [ BaseUserSerializer.from_orm(op_user).dict() for op_user in paginate.items ] return success_response(data, paginate_info)
async def role_list(request: Request, page_info: PageInfo = Depends(PageInfo_), manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): """ role接口仅对外提供: 1. user查看自己能看到的role 2. user查看以上role内的user 3. user将自己能管理的user,加到自己能看到的role 4. user将自己能管理的user,从自己能看到的role中删除 \f """ if len(manager.role_set) == 0 and not manager.is_superuser: return empty_paginate_response() pagination = get_role_under_user(session, manager, page_info=page_info) data = [RoleSerializer.from_orm(m).dict() for m in pagination.items] paginate_info = make_paginate_info(pagination, request) return success_response(data, paginate_info)
async def read_user_by_id_(user_id: int = Depends(get_user_id), session: Session = Depends(get_session)): delete_user_by_id(session=session, user_id=user_id) session.commit() return success_response()
async def register(user_data: CreateUser, session: Session = Depends(get_session)): user = add_user(session, user_data) session.commit() return success_response(to_UserDetailSerializer(user))
async def manager_create_user(user_data: ManagerCreateUser, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): user = add_user(session, user_data) session.commit() return success_response(to_UserDetailSerializer(user))
async def create_form(data: FormUpdateSerializer, session: Session = Depends(get_session)): update_form_by_phone(session=session, data=data) session.commit() return success_response()
async def create_form(form_data: FormSerializer, session: Session = Depends(get_session)): form = add_form(session=session, form_data=form_data) session.commit() return success_response(to_FormDetailSerializer(form))
async def add_permission_(data: PermissionSerializer, user: UserDB = Depends(get_user), session: Session = Depends(get_session)): permission = add_permission(session, data) session.commit() return success_response(PermissionSerializer.from_orm(permission).dict())
async def reset_password(pw: str = Body(...), user: UserDB = Depends(get_user), session: Session = Depends(get_session)): user.generate_password_hash(pw) session.add(user) session.commit() return success_response(BaseUserSerializer.from_orm(user).dict())
async def add_role_(data: RoleSerializer, manager: UserDB = Depends(get_user), session: Session = Depends(get_session)): role = add_role(session, data) session.commit() return success_response(RoleSerializer.from_orm(role).dict())
async def read_self_(user: UserDB = Depends(get_user), session: Session = Depends(get_session)): return success_response(to_UserDetailSerializer(user))