async def del_user(permission_id: int, userinfo: dict = Depends(tool.get_userinfo_from_token)):
"""
删除权限\n
:param permission_id:\n
:param userinfo:\n
:return:
"""
# 鉴权
tool.check_operation_permission(userinfo['id'], PERMISSION_PERMISSION_DEL)
conn = db_engine.connect()
try:
# 查找权限
permission_sql = t_permission.select().where(t_permission.c.id == permission_id).limit(1).with_for_update()
conn.execute(permission_sql).fetchone()
# 修改权限状态为无效(软删除)
update_permission_sql = t_permission.update().where(and_(
t_permission.c.id == permission_id,
t_permission.c.sub_status != TABLE_SUB_STATUS_INVALID_DEL,
)).values({
'status': TABLE_STATUS_INVALID,
'sub_status': TABLE_SUB_STATUS_INVALID_DEL
})
conn.execute(update_permission_sql)
return ItemOutOperateSuccess()
except:
raise MyException(status_code=HTTP_500_INTERNAL_SERVER_ERROR, detail=ItemOutOperateFailed(code=HTTP_500_INTERNAL_SERVER_ERROR, msg='inter server error'))
finally:
conn.close()
async def edit_menu(menu_id: int, item_in: ItemInEditMenu, userinfo: dict = Depends(tool.get_userinfo_from_token)):
"""
修改菜单\n
:param menu_id:\n
:param item_in:\n
:param userinfo:\n
:return:
"""
# 鉴权
tool.check_operation_permission(userinfo['id'], PERMISSION_MENU_EDIT)
conn = db_engine.connect()
trans = conn.begin()
try:
# 查找菜单
menu_sql = t_menu.select().where(t_menu.c.id == menu_id).limit(1).with_for_update()
menu_obj = conn.execute(menu_sql).fetchone()
if not menu_obj:
raise MyException(status_code=HTTP_404_NOT_FOUND, detail={'code': HTTP_404_NOT_FOUND, 'msg': 'menu not exists'})
# 修改菜单
# 过滤掉空字段
item_dict = dict((k, v) for k, v in item_in.dict().items() if v is not None)
item_dict['editor'] = userinfo['name']
update_menu_sql = t_menu.update().where(t_menu.c.id == menu_id).values(item_dict)
conn.execute(update_menu_sql)
permission_dict = {}
if item_in.name and menu_obj.name != item_in.name:
permission_dict['name'] = '{}菜单访问'.format(item_in.name)
permission_dict['intro'] = '[{}菜单访问]权限'.format(item_in.name)
if item_in.code and menu_obj.code != item_in.code:
permission_dict['code'] = 'PERMISSION_{}_QUERY'.format(item_in.code)
if permission_dict:
# 因修改菜单而导致权限名称无法人眼识别,故同步修改权限
# 从菜单-权限绑定关系中,获取权限信息
menu_permission_sql = t_menu_permission.select().where(t_menu_permission.c.menu_id == menu_id).limit(1)
menu_permission_obj = conn.execute(menu_permission_sql).fetchone()
permission_dict['editor'] = userinfo['name']
permission_sql = t_permission.update().where(t_permission.c.id == menu_permission_obj.permission_id).values(permission_dict)
conn.execute(permission_sql)
# 提交事务
trans.commit()
return ItemOutOperateSuccess()
except MyException as mex:
raise mex
except:
trans.rollback()
raise MyException(status_code=HTTP_500_INTERNAL_SERVER_ERROR, detail=ItemOutOperateFailed(code=HTTP_500_INTERNAL_SERVER_ERROR, msg='inter server error'))
finally:
conn.close()
async def edit_permission(permission_id: int, item_in: ItemInEditPermission, userinfo: dict = Depends(tool.get_userinfo_from_token)):
"""
修改权限\n
:param permission_id:\n
:param item_in:\n
:param userinfo:\n
:return:
"""
# 鉴权
tool.check_operation_permission(userinfo['id'], PERMISSION_PERMISSION_EDIT)
conn = db_engine.connect()
try:
# 查找权限
permission_sql = t_permission.select().where(t_permission.c.id == permission_id).limit(1).with_for_update()
permission_obj = conn.execute(permission_sql).fetchone()
if not permission_obj:
raise MyException(status_code=HTTP_404_NOT_FOUND, detail={'code': HTTP_404_NOT_FOUND, 'msg': 'permission not exists'})
# 修改权限
data = {
'editor': userinfo['name']
}
if item_in.pid:
data['pid'] = item_in.pid
if item_in.name:
data['name'] = item_in.name
if item_in.intro:
data['intro'] = item_in.intro
update_permission_sql = t_permission.update().where(t_permission.c.id == permission_id).values(data)
conn.execute(update_permission_sql)
return ItemOutOperateSuccess()
except MyException as mex:
raise mex
except:
raise MyException(status_code=HTTP_500_INTERNAL_SERVER_ERROR, detail=ItemOutOperateFailed(code=HTTP_500_INTERNAL_SERVER_ERROR, msg='inter server error'))
finally:
conn.close()