def user_id_auth(self):
if not current_user.is_admin:
auth = UserAuth.query.filter_by(user_id=current_user.id,
_type=UserAuthEnum.PROJECT.value,
auth_id=self.id).first()
if not auth:
raise Forbidden(msg='无操作此工程的权限')
def delete_group(bid):
form = FileType().validate_for_api()
FileManage = FileMap[form.type.data]
hasFile = FileManage.query.filter_by(folder_id=bid).first()
if hasFile:
raise Forbidden(msg='文件夹下(或文件夹下的回收站)有文件不能删除')
FileGroup.remove_group(bid)
return Success(msg='删除文件分组成功')
def delete_group(gid):
exist = manager.group_model.get(id=gid)
if not exist:
raise NotFound("分组不存在,删除失败")
guest_group = manager.group_model.get(level=GroupLevelEnum.GUEST.value)
root_group = manager.group_model.get(level=GroupLevelEnum.ROOT.value)
if gid in (guest_group.id, root_group.id):
raise Forbidden("不可删除此分组")
if manager.user_model.select_page_by_group_id(gid, root_group.id):
raise Forbidden("分组下存在用户,不可删除")
with db.auto_commit():
# 删除group id 对应的关联记录
manager.group_permission_model.query.filter_by(group_id=gid).delete(
synchronize_session=False)
# 删除group
exist.delete()
return Success("删除分组成功")
def dispatch_auth():
form = DispatchAuth()
form.validate_for_api()
one = manager.auth_model.get(group_id=form.group_id.data, auth=form.auth.data)
if one:
raise Forbidden(msg='已有权限,不可重复添加')
meta = find_auth_module(form.auth.data)
manager.auth_model.create(group_id=form.group_id.data, auth=meta.auth, module=meta.module, commit=True)
return Success(msg='添加权限成功')
def trans2active(id):
user = manager.user_model.get(id=id)
if user is None:
raise NotFound(msg='用户不存在')
if user.is_active:
raise Forbidden(msg='当前用户已处于激活状态')
with db.auto_commit():
user.active = UserActive.ACTIVE.value
return Success(msg='操作成功')
def _change_status(uid, active_or_disable='active'):
user = manager.user_model.get(id=uid)
if user is None:
raise NotFound(msg='用户不存在')
active_or_not = UserActive.NOT_ACTIVE.value \
if active_or_disable == 'active' \
else UserActive.ACTIVE.value
if active_or_disable == 'active':
if not user.is_active:
raise Forbidden(msg='当前用户已处于禁止状态')
elif active_or_disable == 'disable':
if user.is_active:
raise Forbidden(msg='当前用户已处于激活状态')
with db.auto_commit():
user.active = active_or_not
def delete_group(id):
exist = manager.group_model.get(id=id)
if not exist:
raise NotFound(msg='分组不存在,删除失败')
if manager.user_model.get(group_id=id):
raise Forbidden(msg='分组下存在用户,不可删除')
# 删除group拥有的权限
db.session.query(manager.auth_model).filter(manager.auth_model.group_id == id).delete()
exist.delete(commit=True)
return Success(msg='删除分组成功')
def register_by_mina(wx_open_id):
user = manager.user_model.query.filter_by(wx_open_id=wx_open_id).first()
if user:
raise Forbidden(msg='openid has been registered')
else:
with db.auto_commit():
user = manager.user_model()
user.wx_open_id = wx_open_id
user.username = '******' + str(manager.user_model.query.count())
db.session.add(user)
return Success()
def create_events():
form = EventsForm().validate_for_api()
event = Event.query.filter_by(group_id=form.group_id.data,
soft=False).first()
if event:
raise Forbidden(msg='当前权限组已存在推送项')
with db.auto_commit():
ev = Event()
ev.group_id = form.group_id.data
ev.message_events = ','.join(form.events.data)
return Success(msg='创建成功')
def dispatch_auth():
form = DispatchAuth().validate_for_api()
one = manager.group_permission_model.get(
group_id=form.group_id.data, permission_id=form.permission_id.data)
if one:
raise Forbidden("已有权限,不可重复添加")
manager.group_permission_model.create(
group_id=form.group_id.data,
permission_id=form.permission_id.data,
commit=True)
return Success("添加权限成功")
def create_group():
form = NewGroup().validate_for_api()
exist = manager.group_model.get(name=form.name.data)
if exist:
raise Forbidden(msg='分组已存在,不可创建同名分组')
with db.auto_commit():
group = manager.group_model.create(name=form.name.data, info=form.info.data)
db.session.flush()
for auth in form.auths.data:
meta = find_auth_module(auth)
if meta:
manager.auth_model.create(auth=meta.auth, module=meta.module, group_id=group.id)
return Success(msg='新建分组成功')
def delete_user(uid):
user = manager.user_model.get(id=uid)
if user is None:
raise NotFound("用户不存在")
groups = manager.group_model.select_by_user_id(uid)
# 超级管理员分组的用户仅有一个分组
if groups[0].level == GroupLevelEnum.ROOT.value:
raise Forbidden("无法删除此用户")
with db.auto_commit():
manager.user_group_model.query.filter_by(user_id=uid).delete(
synchronize_session=False)
user.hard_delete()
return Success("操作成功")
def create_group():
form = NewGroup().validate_for_api()
exists = manager.group_model.get(name=form.name.data)
if exists:
raise Forbidden("分组已存在,不可创建同名分组")
with db.auto_commit():
group = manager.group_model.create(
name=form.name.data,
info=form.info.data,
)
db.session.flush()
group_permission_list = list()
for permission_id in form.permission_ids.data:
gp = manager.group_permission_model()
gp.group_id = group.id
gp.permission_id = permission_id
group_permission_list.append(gp)
db.session.add_all(group_permission_list)
return Success("新建分组成功")