Esempio n. 1
0
        def decorated(*args, **kwargs):
            has_permissions = current_user.has_permissions(self.permissions)

            if has_permissions:
                return fn(*args, **kwargs)
            else:
                abort(403)
Esempio n. 2
0
        def decorated(*args, **kwargs):
            has_permissions = current_user.has_permissions(self.permissions)

            if has_permissions:
                return fn(*args, **kwargs)
            else:
                abort(403)
Esempio n. 3
0
def badge_photo(id):
    # Allow current user to see their own photo; otherwise need view-photo.
    if current_user.person_id == id:
        pass
    elif not current_user.has_permissions(set('view-photo')):
        abort(403)
    dir_path = current_app.config['BADGE_FOLDER']
    fn = '%d.jpeg' % id
    return send_from_directory(dir_path, fn, as_attachment=False)
Esempio n. 4
0
 def __call__(self):
     return self.permissions <= current_user.has_permissions()
Esempio n. 5
0
 def __call__(self):
     return self.permissions <= current_user.has_permissions()
Esempio n. 6
0
    def get(self, pk=None):
        result = None
        with thrift_client('eus') as eus:
            if pk is None:
                # 2 是客服人员-.-
                all_permissions = current_user.has_permissions(
                    'walle_all_user_manage', True)
                parial_permissions = current_user.has_permissions(
                    'walle_partial_user_manage', True)
                user_ids = None
                if not all_permissions:
                    user_ids = eus.get_managed_user_ids(current_user.id)
                    if parial_permissions and len(user_ids):
                        pass
                    else:
                        user_ids = [current_user.id]
                query_kwargs = {
                    'limit': 1000,
                    'offset': 0,
                    'keyword': None,
                    'is_active': None,
                    'is_super_admin': None,
                    'group_ids': None,
                    'category': 2,
                    'mobile': None,
                    'email': None,
                    'name': None,
                    'region_ids': None,
                    'region_group_ids': None,
                    'city_ids': None,
                    'user_ids': user_ids,
                }
                _result = zeus_query('eus', 'walle_get_user_list',
                                     thirdparty_svc.eus.TUserQuery,
                                     **query_kwargs)
                _result = json.loads(_result)
                users = _result['list']

                dop_users = eus.mget_dop_user([user['id'] for user in users])

                # dop_users = eus.mget_dop_user(range(0,500))
                dop_users = any_to_raw(dop_users)

                # user_ids = [dop_user['user_id'] for dop_user in dop_users]
                # _result = zeus_query('eus','walle_get_user_list',eus_thrift.TUserQuery,user_ids=user_ids)
                # _result = json.loads(_result)
                # users = _result['list']

                user_id_name_map = {
                    user['id']: user['username']
                    for user in users
                }
                for dop_user in dop_users:
                    dop_user['username'] = user_id_name_map[
                        dop_user['user_id']]
                result = dop_users
                # mongo update allow_order_audit
                _dop_users = mongo.dop_user.find()
                _dop_users_map = {doc['user_id']: doc for doc in _dop_users}
                for dop_user in dop_users:
                    _dop_user = _dop_users_map.get(dop_user['user_id'], {})
                    dop_user['allow_order_audit'] = _dop_user.get(
                        'allow_order_audit', False)
        return result
Esempio n. 7
0
    def get(self, pk=None):
        result = None
        with thrift_client('eus') as eus:
            if pk is None:
                # 2 是客服人员-.-
                all_permissions = current_user.has_permissions(
                    'walle_all_user_manage', True)
                parial_permissions = current_user.has_permissions(
                    'walle_partial_user_manage', True)
                user_ids = None
                if not all_permissions:
                    user_ids = eus.get_managed_user_ids(current_user.id)
                    if parial_permissions and len(user_ids):
                        pass
                    else:
                        user_ids = [current_user.id]
                query_kwargs = {
                    'limit': 1000,
                    'offset': 0,
                    'keyword': None,

                    'is_active': None,
                    'is_super_admin': None,
                    'group_ids': None,
                    'category': 2,
                    'mobile': None,
                    'email': None,
                    'name': None,

                    'region_ids': None,
                    'region_group_ids': None,
                    'city_ids': None,
                    'user_ids': user_ids,
                }
                _result = zeus_query('eus', 'walle_get_user_list',
                                     thirdparty_svc.eus.TUserQuery, **query_kwargs)
                _result = json.loads(_result)
                users = _result['list']

                dop_users = eus.mget_dop_user([user['id'] for user in users])

                # dop_users = eus.mget_dop_user(range(0,500))
                dop_users = any_to_raw(dop_users)

                # user_ids = [dop_user['user_id'] for dop_user in dop_users]
                # _result = zeus_query('eus','walle_get_user_list',eus_thrift.TUserQuery,user_ids=user_ids)
                # _result = json.loads(_result)
                # users = _result['list']

                user_id_name_map = {user['id']: user['username'] for user in
                                    users}
                for dop_user in dop_users:
                    dop_user['username'] = user_id_name_map[dop_user['user_id']]
                result = dop_users
                # mongo update allow_order_audit
                _dop_users = mongo.dop_user.find()
                _dop_users_map = {doc['user_id']: doc for doc in _dop_users}
                for dop_user in dop_users:
                    _dop_user = _dop_users_map.get(dop_user['user_id'], {})
                    dop_user['allow_order_audit'] = _dop_user.get(
                        'allow_order_audit', False)
        return result
Esempio n. 8
0
 def decorated_function(*args, **kwargs):
     if not current_user.has_permissions(p):
         abort(HTTP_FORBIDDEN)
     return f(*args, **kwargs)