def GrantPermissionItem(userInfo, userId, permissionItemCode, grantPermissionId):
"""
为了提高授权的运行速度
Args:
userId (string): 员工主键
permissionItemCode (string): 权限代码
grantPermissionId (string): 权限主键
Returns:
returnValue(string): 主键
"""
returnValue = ''
resourcePermissionScopeEntity = Pipermissionscope()
resourcePermissionScopeEntity.id = uuid.uuid4()
resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id
resourcePermissionScopeEntity.resourcecategory = 'PIUSER'
resourcePermissionScopeEntity.resourceid = userId
resourcePermissionScopeEntity.targetcategory = 'PIPERMISSIONITEM'
resourcePermissionScopeEntity.targetid = grantPermissionId
resourcePermissionScopeEntity.enabled = 1
resourcePermissionScopeEntity.deletemark = 0
resourcePermissionScopeEntity.createon = datetime.datetime.now()
resourcePermissionScopeEntity.createby = userInfo.RealName
resourcePermissionScopeEntity.createuserid = userInfo.Id
resourcePermissionScopeEntity.modifiedon = resourcePermissionScopeEntity.createon
resourcePermissionScopeEntity.modifiedby = userInfo.RealName
resourcePermissionScopeEntity.modifieduserid = userInfo.Id
resourcePermissionScopeEntity.save()
returnValue = resourcePermissionScopeEntity.id
return returnValue
def GrantModule(userInfo, roleId, permissionItemCode, grantModuleId):
"""
为了提高授权的运行速度
Args:
roleId (string): 角色主键
permissionItemCode (string): 权限代码
grantModuleId (string): 模块权限主键
Returns:
returnValue(string): 主键
"""
resourcePermissionScopeEntity = Pipermissionscope()
resourcePermissionScopeEntity.id = uuid.uuid4()
resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id
resourcePermissionScopeEntity.resourceid = roleId
resourcePermissionScopeEntity.resourcecategory = 'PIROLE'
resourcePermissionScopeEntity.targetcategory = 'PIMODULE'
resourcePermissionScopeEntity.targetid = grantModuleId
resourcePermissionScopeEntity.enabled = 1
resourcePermissionScopeEntity.deletemark = 0
resourcePermissionScopeEntity.createon = datetime.datetime.now()
resourcePermissionScopeEntity.createby = userInfo.RealName
resourcePermissionScopeEntity.createuserid = userInfo.Id
resourcePermissionScopeEntity.modifiedon = resourcePermissionScopeEntity.createon
resourcePermissionScopeEntity.modifiedby = userInfo.RealName
resourcePermissionScopeEntity.modifieduserid = userInfo.Id
resourcePermissionScopeEntity.save()
return resourcePermissionScopeEntity.id
def GrantOrganize(userInfo, roleId, permissionItemCode, grantOrganizeId):
"""
为了提高授权的运行速度
Args:
roleId (string): 角色主键
permissionItemCode (string): 权限代码
grantOrganizeId (string): 权限主键
Returns:
returnValue(string): 主键
"""
returnValue = ''
try:
Pipermissionscope.objects.get(
Q(resourcecategory='PIROLE') & Q(resourceid=roleId)
& Q(targetcategory='PIORGANIZE') & Q(targetid=grantOrganizeId)
& Q(permissionid=Pipermissionitem.objects.get(
code=permissionItemCode).id))
return returnValue
except Pipermissionscope.DoesNotExist as e:
resourcePermissionScopeEntity = Pipermissionscope()
resourcePermissionScopeEntity.id = uuid.uuid4()
resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(
code=permissionItemCode).id
resourcePermissionScopeEntity.resourcecategory = 'PIROLE'
resourcePermissionScopeEntity.resourceid = roleId
resourcePermissionScopeEntity.targetcategory = 'PIORGANIZE'
resourcePermissionScopeEntity.targetid = grantOrganizeId
resourcePermissionScopeEntity.enabled = 1
resourcePermissionScopeEntity.deletemark = 0
resourcePermissionScopeEntity.createon = datetime.datetime.now()
resourcePermissionScopeEntity.createby = userInfo.RealName
resourcePermissionScopeEntity.createuserid = userInfo.Id
resourcePermissionScopeEntity.modifiedon = resourcePermissionScopeEntity.createon
resourcePermissionScopeEntity.modifiedby = userInfo.RealName
resourcePermissionScopeEntity.modifieduserid = userInfo.Id
resourcePermissionScopeEntity.save()
returnValue = resourcePermissionScopeEntity.id
if not grantOrganizeId == PermissionScope.PermissionScopeDic.get(
'No'):
Pipermissionscope.objects.filter(
Q(resourcecategory='PIROLE') & Q(resourceid=roleId)
& Q(targetcategory='PIORGANIZE')
& Q(targetid=PermissionScope.PermissionScopeDic.get('No'))
& Q(permissionid=Pipermissionitem.objects.get(
code=permissionItemCode).id)).delete()
else:
Pipermissionscope.objects.filter(
Q(resourcecategory='PIROLE') & Q(resourceid=roleId)
& Q(targetcategory='PIORGANIZE')
& Q(permissionid=Pipermissionitem.objects.get(
code=permissionItemCode).id)
& ~Q(targetid=PermissionScope.PermissionScopeDic.get('No'))
).delete()
return returnValue