Esempio n. 1
0
        def _(*args, **kwargs):
            if g.istrpc == 1:
                return func(*args, **kwargs)
            if g.is_admin == 1:
                return func(*args, **kwargs)

            roles = [
                i['name']
                for i in UserBusiness.query_json_by_id(g.userid)[0]['role']
            ]

            project = None
            if request.args and 'project_id' in request.args:
                project = request.args.get('project_id')
            if request.json and 'project_id' in request.json:
                project = request.json.get('project_id')

            project_list = UserBusiness.own_in_project()
            if project and _is_owneristrator(
                    roles) and project_list and _is_have_project(
                        int(project), project_list):
                return func(*args, **kwargs)

            abilities = AuthBusiness.query_ability_by_role_name(roles)

            if _has_ability(ability, abilities):
                return func(*args, **kwargs)
            raise OperationPermissionDeniedException
Esempio n. 2
0
def required_no_pid_no_dec(ability=None):
    if g.istrpc == 1:
        return 1
    if g.is_admin == 1:
        return 1

    roles = [
        i['name'] for i in UserBusiness.query_json_by_id(g.userid)[0]['role']
    ]

    project = None
    if request.args and 'project_id' in request.args:
        project = request.args.get('project_id')
    if request.json and 'project_id' in request.json:
        project = request.json.get('project_id')

    project_list = UserBusiness.own_in_project()
    if project and is_owneristrator(
            roles) and project_list and is_have_project(
                int(project), project_list):
        return 1

    abilities = AuthBusiness.query_ability_by_role_name(roles)

    if has_ability(ability, abilities):
        return 1
    return 0
Esempio n. 3
0
def gain_role_project():
    user_id = request.args.get('user_id')
    roles = []
    project_list = UserBusiness.owner_project_list()

    roles_list = UserBusiness.query_json_by_id(user_id)
    current_app.logger.info(roles_list)

    if len(roles_list) > 0:
        roles = roles_list[0]['role']

    data = {'role': roles, 'project': project_list}

    return json_detail_render(0, data)
Esempio n. 4
0
 def no_password_login(cls, username):
     ret = User.query.filter_by(name=username, status=User.ACTIVE).all()
     if len(ret) == 0:
         return 303, []
     userid = ret[0].id
     userdetail = UserBusiness.query_json_by_id(userid)
     projectid = UserBusiness.query_project_by_userid(userid)
     if userdetail:
         userdetail[0]['projectid'] = projectid
         token = cls.jwt_b_encode(userdetail[0]).decode('utf-8')
         data = dict(token=token)
         return 0, data
     else:
         return 413, []
Esempio n. 5
0
 def login(cls, username, password):
     ret = User.query.filter_by(
         name=username, password=parse_pwd(password),
         status=User.ACTIVE).all()
     if len(ret) == 0:
         return 303, []
     userid = ret[0].id
     userdetail = UserBusiness.query_json_by_id(userid)
     projectid = UserBusiness.query_project_by_userid(userid)
     if userdetail:
         userdetail[0]['projectid'] = projectid
         token = cls.jwt_b_encode(userdetail[0]).decode('utf-8')
         data = dict(token=token)
         try:
             res = User.query.filter(User.id == userid, User.status == User.ACTIVE).first()
             TrackUserBusiness.user_track(res)
         except Exception as e:
             current_app.logger.info(e)
         return 0, data
     else:
         return 413, []
Esempio n. 6
0
def user_detail_handler(user_id):
    """
    @api {get} /v1/user/{user_id} 查询 用户信息根据用户id
    @apiName GetUserInfoById
    @apiGroup 用户
    @apiDescription 查询 用户信息根据用户id
    @apiSuccess {list} role 用户权限列表
    @apiSuccessExample {json} Success-Response:
     HTTP/1.1 200 OK
     {
        "code": 0,
        "data": [
            {
                "nickname": "张宇",
                "picture": "https://p.qlogo.cn/bizmail/WRZVs2uMphoxc2918UvZzL31u6A9ibTNuqnIibzJ4GxjWIVVDxHvUGuA/0",
                "role": [
                    {
                        "comment": "超级管理员",
                        "id": 1,
                        "name": "admin"
                    }
                ],
                "userid": 96,
                "username": "******",
                "userweight": 1
            }
        ],
        "message": "ok"
    }
    """
    project_id = request.args.get('project_id')
    if not project_id:
        project_id = request.headers.get('projectid')
    if not project_id:
        data = UserBusiness.query_json_by_id(user_id)
    else:
        data = UserBusiness.query_json_by_id_and_project(user_id, project_id)
    if len(data) == 0:
        return json_detail_render(101, data)
    return json_detail_render(0, data)