def get_json_by_id(): user_id = request.args.get('userid') project_id = request.args.get('project_id') if not project_id: project_id = request.headers.get('projectid') data = UserBusiness.query_json_by_id_and_project(user_id, project_id) return json_detail_render(0, data)
def _(*args, **kwargs): if g.istrpc == 1: return func(*args, **kwargs) if g.is_admin == 1: return func(*args, **kwargs) # 项目外需要owner权限的在premission中@owner_required roles = [] if not g.projectid: raise OperationPermissionDeniedException roles_row = UserBusiness.query_json_by_id_and_project( g.userid, g.projectid) roles_list = roles_row[0]['role'] if roles_row else [] for i in roles_list: roles.append(i['name']) if _is_owneristrator(roles): return func(*args, **kwargs) abilities = AuthBusiness.query_ability_by_role_name(roles) if _has_ability(ability, abilities): return func(*args, **kwargs) raise OperationPermissionDeniedException
def isappera_admin(): user_id = request.args.get('user_id') project_id = request.args.get('project_id') owner_list = UserBusiness.owner_project_list() isappear = 1 if user_id: roles_row = UserBusiness.query_json_by_id_and_project(user_id, project_id) roles_list = roles_row[0]['role'] if roles_row else [] roles = [i['name'] for i in roles_list] if g.is_admin or (roles and 'owner' in roles and owner_list and int(project_id) in owner_list): isappear = 0 data = [{'isappear': isappear}] return json_detail_render(0, data)
def user_detail_handler(user_id): """ @api {get} /v1/user/{user_id} 查询 用户信息根据用户id @apiName GetUserInfoById @apiGroup 用户 @apiDescription 查询 用户信息根据用户id @apiSuccess {list} role 用户权限列表 @apiSuccessExample {json} Success-Response: HTTP/1.1 200 OK { "code": 0, "data": [ { "nickname": "张宇", "picture": "https://p.qlogo.cn/bizmail/WRZVs2uMphoxc2918UvZzL31u6A9ibTNuqnIibzJ4GxjWIVVDxHvUGuA/0", "role": [ { "comment": "超级管理员", "id": 1, "name": "admin" } ], "userid": 96, "username": "******", "userweight": 1 } ], "message": "ok" } """ project_id = request.args.get('project_id') if not project_id: project_id = request.headers.get('projectid') if not project_id: data = UserBusiness.query_json_by_id(user_id) else: data = UserBusiness.query_json_by_id_and_project(user_id, project_id) if len(data) == 0: return json_detail_render(101, data) return json_detail_render(0, data)
def required_no_dec(ability=None): if g.istrpc == 1: return 1 if g.is_admin == 1: return 1 roles = [] if not g.projectid: raise PermissionDeniedException roles_row = UserBusiness.query_json_by_id_and_project( g.userid, g.projectid) roles_list = roles_row[0]['role'] if roles_row else [] for i in roles_list: roles.append(i['name']) if is_owneristrator(roles): return 1 abilities = AuthBusiness.query_ability_by_role_name(roles) if has_ability(ability, abilities): return 1 return 0