def password_modify(_id):
user = get_user_by_id(_id)
if not user:
raise UserError(message="The user is not existed!")
check_password(user, request.json.get('password'))
modify_user(user, new_password=request.json.get('new_password'))
def modify_role(_id, group_id, **kwargs):
name = kwargs.get('name')
menu = kwargs.get('menu')
state = kwargs.get('state')
permissions = kwargs.get('permissions')
r = db.session.query(Role).get({'id': _id})
if not r:
r = Role()
if name and r.name != name:
r1 = db.session.query(Role).filter(Role.name == name,
Role.group_id == group_id,
Role.state == 1).first()
if r1:
raise UserError(message='此角色已存在!')
r.name = name
r.menu = menu
r.group_id = group_id
r.state = state or r.state
db.session.add(r)
db.session.commit()
rbac.remove_filtered_policy(0, str(r.id))
for item in permissions:
rbac.add_policy(str(r.id), item.get('path'), item.get('method'))
return r
def modify_user(user, **kwargs):
name = kwargs.get("name")
if name and name != user.name: # name用于登陆,必须唯一
if username_is_existed(name):
raise UserError(message="The username is existed!")
user.name = name.strip()
if kwargs.get("phone"):
user.phone = kwargs.get("phone").strip()
new_password = kwargs.get("new_password")
if new_password:
user.password = generate_password_hash(b64_decode(new_password))
if kwargs.get("email"):
user.email = kwargs.get("email").strip()
if kwargs.get('state'):
user.state = kwargs.get('state')
if kwargs.get('role_id'):
user.role_id = kwargs.get('role_id')
db.session.add(user)
db.session.commit()
return user
def user_login(user, password=None):
"""
sys login internal can set password=None
"""
if password:
ret = check_password_hash(user.password, b64_decode(password))
if not ret:
raise UserError(message='Password error!')
o = Group.get(user.group_id)
if not o:
raise UserError(message='Account error!')
r = Role.get(user.role_id)
return jwt_encode({
'user_id': user.id,
'user_name': user.name,
'role_id': user.role_id,
'group_id': user.group_id,
'role_name': r and r.name
})
def user_modify(_id):
if not _id:
raise ArgumentError
user = get_user_by_id(_id)
if not user:
raise UserError(message="The user is not existed!")
modify_user(user,
name=request.json.get('name'),
email=request.json.get('email'),
phone=request.json.get('phone'),
role_id=request.json.get('role_id'))
def code_verify():
name = request.json.get("name", "")
email = request.json.get("email", "")
code = request.json.get("code")
new_password = request.json.get("new_password")
if not name or not email or not code or not new_password:
raise ArgumentError
check_code(email=email, code=code)
user = get_user_by_name(name)
if not user:
raise UserError(message="Can't find this user")
modify_user(user, new_password=new_password)
user_login(user)
def subaccount_add():
name = request.json.get("name")
password = request.json.get("password")
role_id = request.json.get("role_id")
if not name or not password or not role_id:
raise ArgumentError
user = get_user_by_name(name)
if user:
raise UserError(message="The user is registed")
create_user(name=name,
email=request.json.get("email"),
phone=request.json.get("phone"),
password=password,
role_id=role_id,
group_id=current_identity.get("group_id"))
def regist():
name = request.json.get("name")
phone = request.json.get("phone")
email = request.json.get("email")
password = request.json.get("password")
if not name or not password:
raise ArgumentError(message="Please input name or password")
user = get_user_by_name(name)
if user:
raise UserError(message="This user is registed")
group = modify_group(name=name, kind=GROUP_KIND_PERSONAL)
if not group:
raise DataError(message="Group create fail")
user = create_user(name=name,
email=email,
phone=phone,
password=password,
role_id=ROLE_ADMIN_ID,
group_id=group.id)
return {"id": user.id, "name": user.name}
def create_user(**kwargs):
name = kwargs.get("name")
password = kwargs.get("password")
group_id = kwargs.get('group_id')
role_id = kwargs.get('role_id')
if not name or not password or not group_id or not role_id:
raise ArgumentError
if username_is_existed(name):
raise UserError(message="The user is existed!")
c = User(state=STATE_VALID)
c.name = name.strip()
c.role_id = role_id
c.group_id = group_id
c.password = generate_password_hash(b64_decode(password))
if kwargs.get("phone"):
c.phone = kwargs.get("phone")
if kwargs.get("email"):
c.email = kwargs.get("email")
db.session.add(c)
db.session.commit()
return c