def decorated(*args, **kwargs):
has_permissions = current_user.has_permissions(self.permissions)
if has_permissions:
return fn(*args, **kwargs)
else:
abort(403)
def decorated(*args, **kwargs):
has_permissions = current_user.has_permissions(self.permissions)
if has_permissions:
return fn(*args, **kwargs)
else:
abort(403)
def badge_photo(id):
# Allow current user to see their own photo; otherwise need view-photo.
if current_user.person_id == id:
pass
elif not current_user.has_permissions(set('view-photo')):
abort(403)
dir_path = current_app.config['BADGE_FOLDER']
fn = '%d.jpeg' % id
return send_from_directory(dir_path, fn, as_attachment=False)
def __call__(self):
return self.permissions <= current_user.has_permissions()
def __call__(self):
return self.permissions <= current_user.has_permissions()
def get(self, pk=None):
result = None
with thrift_client('eus') as eus:
if pk is None:
# 2 是客服人员-.-
all_permissions = current_user.has_permissions(
'walle_all_user_manage', True)
parial_permissions = current_user.has_permissions(
'walle_partial_user_manage', True)
user_ids = None
if not all_permissions:
user_ids = eus.get_managed_user_ids(current_user.id)
if parial_permissions and len(user_ids):
pass
else:
user_ids = [current_user.id]
query_kwargs = {
'limit': 1000,
'offset': 0,
'keyword': None,
'is_active': None,
'is_super_admin': None,
'group_ids': None,
'category': 2,
'mobile': None,
'email': None,
'name': None,
'region_ids': None,
'region_group_ids': None,
'city_ids': None,
'user_ids': user_ids,
}
_result = zeus_query('eus', 'walle_get_user_list',
thirdparty_svc.eus.TUserQuery,
**query_kwargs)
_result = json.loads(_result)
users = _result['list']
dop_users = eus.mget_dop_user([user['id'] for user in users])
# dop_users = eus.mget_dop_user(range(0,500))
dop_users = any_to_raw(dop_users)
# user_ids = [dop_user['user_id'] for dop_user in dop_users]
# _result = zeus_query('eus','walle_get_user_list',eus_thrift.TUserQuery,user_ids=user_ids)
# _result = json.loads(_result)
# users = _result['list']
user_id_name_map = {
user['id']: user['username']
for user in users
}
for dop_user in dop_users:
dop_user['username'] = user_id_name_map[
dop_user['user_id']]
result = dop_users
# mongo update allow_order_audit
_dop_users = mongo.dop_user.find()
_dop_users_map = {doc['user_id']: doc for doc in _dop_users}
for dop_user in dop_users:
_dop_user = _dop_users_map.get(dop_user['user_id'], {})
dop_user['allow_order_audit'] = _dop_user.get(
'allow_order_audit', False)
return result
def get(self, pk=None):
result = None
with thrift_client('eus') as eus:
if pk is None:
# 2 是客服人员-.-
all_permissions = current_user.has_permissions(
'walle_all_user_manage', True)
parial_permissions = current_user.has_permissions(
'walle_partial_user_manage', True)
user_ids = None
if not all_permissions:
user_ids = eus.get_managed_user_ids(current_user.id)
if parial_permissions and len(user_ids):
pass
else:
user_ids = [current_user.id]
query_kwargs = {
'limit': 1000,
'offset': 0,
'keyword': None,
'is_active': None,
'is_super_admin': None,
'group_ids': None,
'category': 2,
'mobile': None,
'email': None,
'name': None,
'region_ids': None,
'region_group_ids': None,
'city_ids': None,
'user_ids': user_ids,
}
_result = zeus_query('eus', 'walle_get_user_list',
thirdparty_svc.eus.TUserQuery, **query_kwargs)
_result = json.loads(_result)
users = _result['list']
dop_users = eus.mget_dop_user([user['id'] for user in users])
# dop_users = eus.mget_dop_user(range(0,500))
dop_users = any_to_raw(dop_users)
# user_ids = [dop_user['user_id'] for dop_user in dop_users]
# _result = zeus_query('eus','walle_get_user_list',eus_thrift.TUserQuery,user_ids=user_ids)
# _result = json.loads(_result)
# users = _result['list']
user_id_name_map = {user['id']: user['username'] for user in
users}
for dop_user in dop_users:
dop_user['username'] = user_id_name_map[dop_user['user_id']]
result = dop_users
# mongo update allow_order_audit
_dop_users = mongo.dop_user.find()
_dop_users_map = {doc['user_id']: doc for doc in _dop_users}
for dop_user in dop_users:
_dop_user = _dop_users_map.get(dop_user['user_id'], {})
dop_user['allow_order_audit'] = _dop_user.get(
'allow_order_audit', False)
return result
def decorated_function(*args, **kwargs):
if not current_user.has_permissions(p):
abort(HTTP_FORBIDDEN)
return f(*args, **kwargs)