Esempio n. 1
0
 def __permArr(self, perm: str):
     permAll = {}
     arr = [] if not perm else Util.Explode(' ', perm)
     for val in arr:
         s = Util.Explode(':', val)
         permAll[s[0]] = int(s[1])
     return permAll
Esempio n. 2
0
 def Perm(token: str):
     permAll = {}
     # Token
     tData = Safety.Decode(token)
     if not tData: return permAll
     # 权限
     redis = Redis()
     permStr = redis.Get(Env.api_token_prefix + '_perm_' + tData['uid'])
     redis.Close()
     # 拆分
     arr = [] if not permStr else Util.Explode(' ', permStr)
     for val in arr:
         s = Util.Explode(':', val)
         permAll[s[0]] = int(s[1])
     return permAll
Esempio n. 3
0
 def Base64(params={}):
     # 参数
     param = Util.ArrayMerge(
         {
             'path': 'upload/',  #上传目录
             'base64': '',  #文件内容
             'filename': '',  #文件名
             'ext': 'png',  #后缀
         },
         params)
     # 内容
     base64 = param['base64']
     # 否有类型
     ct = Util.Explode(',', param['base64'])
     if len(ct) > 1:
         param['ext'] = Base64.GetExt(ct[0])
         base64 = ct[1]
     # 创建目录
     FileEo.Root = Env.root_dir
     if not FileEo.Mkdir(param['path']):
         print('[Upload] Mkdir:', '创建目录失败!')
         return ''
     # 文件名
     filename = Upload.GetFileName(
     ) + '.' + param['ext'] if not param['filename'] else param['filename']
     if not FileEo.Writer(param['path'] + filename, Base64.Decode(base64)):
         print('[Upload] Writer:', '保存文件失败!')
         return ''
     return filename
Esempio n. 4
0
 def Verify(token: str, urlPerm: str):
     # Token
     if token == '': return 'Token不能为空!'
     tData = Safety.Decode(token)
     if not tData: return 'Token验证失败!'
     # 是否过期
     uid = str(tData['uid'])
     redis = Redis()
     time = redis.Ttl(Env.api_token_prefix + '_token_' + uid)
     redis.Close()
     if time < 1: return 'Token已过期!'
     # 续期
     if Env.api_token_auto:
         redis = Redis()
         redis.Expire(Env.api_token_prefix + '_token_' + uid,
                      Env.api_token_time)
         redis.Expire(Env.api_token_prefix + '_perm_' + uid,
                      Env.api_token_time)
         redis.Close()
     # URL权限
     if urlPerm == '': return ''
     arr = Util.Explode('/', urlPerm)
     action = arr[-1:][0]
     controller = Util.Implode('/', arr[:-1])
     # 菜单
     menu = ApiMenu()
     menu.Columns('id', 'action')
     menu.Where('controller=%s', controller)
     menuData = menu.FindFirst()
     if not menuData: return '菜单验证无效!'
     # 验证-菜单
     id = str(menuData['id'])
     permData = ApiToken.Perm(token)
     if id not in permData.keys(): return '无权访问菜单!'
     # 验证-动作
     actionVal = permData[id]
     permArr = Util.JsonDecode(menuData['action'])
     permVal = 0
     for val in permArr:
         if action == val['action']:
             permVal = int(val['perm'])
             break
     if actionVal & permVal == 0: return '无权访问动作!'
     return ''