def find_project(): """ 获取项目基本信息 :return: """ project_id = request.args['id'] project_data = db.find_project(project_id) if project_data is None: return jsonify({'msg': 'no found'}), 404 del project_data['_id'] del project_data['apis'] creator_id = project_data['creator'] creator_data = db.find_user_by_id(creator_id) project_data['creatorAccount'] = creator_data['account'] project_data['creatorName'] = creator_data['name'] i = 0 for member in project_data['members']: member_id = member['userId'] member_data = db.find_user_by_id(member_id) project_data['members'][i]['userAccount'] = member_data['account'] project_data['members'][i]['userName'] = member_data['name'] i = i + 1 return jsonify(project_data), 200
def new_api(): """ 新建接口 :return: """ # 检测参数是否合法 check = check_new_api_param(request.json) if check[0] is False: return jsonify({'msg': check[1]}), 406 # 检查项目id是否存在 project_data = db.find_project(request.json['projectId']) if project_data is None: return jsonify({'msg': '项目id不存在'}, 406) # 检查用户是否是项目成员并拥有权限 user_id = session['user_id'] if check_member_rw_permission(user_id, request.json['projectId']) is False: return jsonify({'msg': 'no permission'}), 403 # 参数合法则新建API api_id = db.create_api(user_id, request.json) api_id = str(api_id) # 将api添加到项目中 db.add_project_api(request.json['projectId'], request.json['group'], api_id, request.json['name']) return jsonify({'msg': 'ok', 'apiId': api_id}), 200
def update_member_permission(): """ 修改项目成员权限 :return: """ project_id = request.json['projectId'] account = request.json['account'] # 检查项目id合法性 project_data = db.find_project(project_id) if project_data is None: return jsonify({"msg": "client error"}), 405 # 检查发起修改者是否是项目组长 if session['user_id'] != project_data['creator']: return jsonify({"msg": "client error"}), 405 # 检查用户账号合法性 user_data = db.find_user(account) if user_data is None: return jsonify({"msg": "client error"}), 405 user_id = str(user_data['_id']) # 检查该用户是否属于该项目 is_member = False for member in project_data['members']: if user_id == member['userId']: is_member = True if is_member == False: return jsonify({"msg": "client error"}), 405 # 数据都合法,开始进行修改 db.update_member_permission( project_id, user_id, request.json['permission'] ) return jsonify({"msg": "ok"}), 200
def new_project_member(): """ 添加项目成员 :return: """ request_data = request.json # 首先查找项目是否存在 project_data = db.find_project(request_data['projectId']) if project_data is None: return jsonify({"msg": "用户账号或项目不存在"}), 404 # 再检查用户账号是否存在 user_data = db.find_user(request_data['account']) if user_data is None: return jsonify({"msg": "用户账号或项目不存在"}), 404 # 检查账号是否已在项目成员中 user_id = str(user_data['_id']) if user_id == project_data['creator']: return jsonify({"msg": "不能重复加入"}), 409 for member in project_data['members']: if user_id == member['userId']: return jsonify({"msg": "不能重复加入"}), 409 # 添加数据 db.add_project_member( request_data['projectId'], str(user_id), request_data['permission'] ) return jsonify({"msg": "ok"}), 200
def delete_api(): api_id = request.args['id'] # 先查找该api数据 api_data = db.find_api(api_id) if api_data is None: return jsonify({'msg': 'api id not found'}), 404 # 查找对应的项目数据 project_data = db.find_project(api_data['projectId']) # 检测该用户是否是项目成员并有修改权限 user_id = session['user_id'] if check_member_rw_permission(user_id, api_data['projectId']) is False: return jsonify({'msg': 'no permission'}), 403 # 删除api db.delete_api(api_id) db.delete_project_api(str(project_data['_id']), api_id) db.delete_api_history(api_id) return jsonify({'msg': 'ok'}), 200
def check_member(user_id: str, project_id: str) -> bool: """ 检查用户是否是项目成员 :param user_id: 用户的id :param project_id: 项目的id :return: 如果是则返回True """ is_member = False project_data = db.find_project(project_id) if project_data['creator'] == user_id: is_member = True else: for member in project_data['members']: if member['userId'] == user_id: is_member = True break return is_member
def new_project_api_group(): """ 新建api分组 :return: """ project_id = request.json['projectId'] group_name = request.json['groupName'] # 先检查项目是否存在 project_data = db.find_project(project_id) if project_data is None: return jsonify({'msg': 'not found'}), 404 # 再检查该分组名是否已存在 for api in project_data['apis']: if api['groupName'] == group_name: return jsonify({'msg': '该分组名已存在'}), 409 # 一切正常,新建分组名 db.add_project_api_group_name(project_id, group_name) return jsonify({'msg': 'ok'}), 200
def check_member_rw_permission(user_id: str, project_id: str) -> bool: """ 检测用户是否是项目成员且有读写权限 :param user_id: 用户的id :param project_id: 项目的id :return: 拥有权限则返回True """ project_data = db.find_project(project_id) if project_data['creator'] == user_id: return True else: for member in project_data['members']: if member['userId'] == user_id: if member['permission'] == 1: return True else: return False return False
def find_api(): """ 根据id查询api :return: """ api_id = request.args['id'] # 查找该api信息 api_data = db.find_api(api_id) if api_data is None: return jsonify({"msg": "api id not found"}), 404 # 查找该api所属的项目信息 project_id = api_data['projectId'] project_data = db.find_project(project_id) if project_data is None: return jsonify({"msg": "project not found"}), 404 # 验证该用户是否是该项目成员 is_member = check_member(session['user_id'], project_id) if is_member is True: del api_data['_id'] return jsonify(api_data), 200 else: return jsonify({'msg': 'no permission'}), 407
def delete_member(): """ 删除项目成员 :return: """ user_id = session['user_id'] project_id = request.json['projectId'] member_account = request.json['account'] # 检查项目是否存在 project_data = db.find_project(project_id) if project_data is None: return jsonify({'msg': '用户账号或项目不存在,或用户不是项目成员'}), 404 # 检查发起者是否是项目组长 if user_id != project_data['creator']: return jsonify({'msg': 'no permission'}), 403 # 删除成员 member_data = db.find_user(member_account) if member_data is None: return jsonify({'msg': '用户账号或项目不存在,或用户不是项目成员'}), 404 member_id = str(member_data['_id']) db.delete_project_member(project_id, member_id) return jsonify({'msg': 'ok'}), 200
def find_project_apis(): """ 获取项目的api信息 :return: """ project_id = request.args['id'] project_data = db.find_project(project_id) if project_data is None: return jsonify({'msg': 'id not found'}), 404 # 验证该用户是否是该项目成员 is_member = False user_id = session['user_id'] if project_data['creator'] == user_id: is_member = True else: for member in project_data['members']: if member['userId'] == user_id: is_member = True break if is_member is True: return jsonify(project_data['apis']), 200 else: return jsonify({'msg': 'no permission'}), 407