def is_user_root(user_id):
"""
查看一个user是否root用户
:param user_id:
:return:
"""
user = UserModelDao.find_by_user_id(user_id)
if not (user and user.group_id == 3):
return False
return True
def get_user_name_from_id(user_id):
"""
由id得name
:param user_id:
:return:
"""
user = UserModelDao.find_by_user_id(user_id)
if not (user and user.user_name):
return None
return user.user_name
def _handle(*k, **v):
token = request.headers.get('token')
user_id = dao.get_user_id_from_token(token)
user = UserModelDao.find_by_user_id(user_id)
if not (user and user.group_id): # 不存在
return json.dumps(response[20201])
url = request.path
print(url)
if not GroupPowerModelDao.check_group_permission(user.group_id, url):
return json.dumps(response[20203]) # 无权限
return func(*k, **v)
def check_user_able_access_url(user_id, url):
"""
判断用户是否可以访问某url
:param user_id: 用户id
:param url: api地址
:return:
"""
# 检查用户所属用户组
user = UserModelDao.find_by_user_id(user_id)
if not (user and user.group_id):
return False
# # 检查用户组是否存在
# if not UserGroupModelDao.find_by_id(user.group_id):
# return False
# 检查权限
return GroupPowerModelDao.check_group_permission(user.group_id, url)