def get_profile(_id):
user = User()
record = user.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040
}), 404
record = record.to_dict()
relation = TeamUser.find_one({'user_id': _id})
if relation:
team = Team.find_by_id(relation.get('team_id'))
record['team'] = team
else:
record['team'] = None
record.pop('password')
setting = db.collection('setting').find_one({})
options = {
'slack': True,
'sms': True,
'wechat': True,
'smtp': True,
}
if setting:
slack = setting.get('slack') or {}
sms = setting.get('nexmo') or {}
wechat = setting.get('wechat') or {}
smtp = setting.get('smtp') or {}
options['slack'] = bool(slack.get('enable'))
options['sms'] = bool(sms.get('enable'))
options['wechat'] = bool(wechat.get('enable'))
options['smtp'] = bool(smtp.get('enable'))
record['setting'] = options
return jsonify({
'message': 'ok',
'code': 0,
'data': record,
})
def delete_team(_id):
is_admin = login_user.get('is_admin')
if not is_admin:
return jsonify({
'message': 'admin required',
'code': 104033,
}), 403
record = Team.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
update = {
'$set': {
'status': -1,
'delete_at': time.time(),
}
}
condition = {'_id': record['_id']}
Team.update_one(condition, update=update)
members = TeamMember.find({'team_id': _id})
for member in members:
where = {'_id': member['_id']}
TeamMember.delete_one(where)
team_roles = TeamRole.find(condition)
for item in team_roles:
where = {'_id': item['_id']}
TeamRole.delete_one(where)
return jsonify({
'message': 'ok',
'code': 0,
})
def get_team_info(_id):
record = Team.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
roles = Team().get_roles(_id)
roles = list(roles)
permissions = []
if roles:
role_ids = map(lambda i: str(i['_id']), roles)
where = {
'role_id': {
'$in': list(role_ids),
}
}
records = db.collection('role_menus').find(where)
records = list(records)
ids = list(map(lambda i: i['m_id'], records))
permissions = Menu.find_by_ids(ids)
members = db.collection('team_members').find({'team_id': _id},
projection=['user_id'])
record['members'] = list(map(lambda i: i['user_id'], members))
return jsonify({
'message': 'ok',
'code': 0,
'data': {
'team': record,
'roles': list(roles),
# 'permissions': permissions,
}
})
def update_team(_id):
payload = request.get_json()
if not payload:
return jsonify({'message': 'invalid params', 'code': 104000}), 400
is_admin = login_user.get('is_admin')
owner_id = login_user.get('user_id')
record = Team.find_by_id(_id)
if not record:
return jsonify({
'message': 'record not found',
'code': 104040,
}), 404
if not is_admin and owner_id not in record.get('master'):
return jsonify({'message': 'bad permission', 'code': 104038}), 403
name = payload.get('name')
description = payload.get('description')
parent = payload.get('parent')
role_ids = payload.get('role') or []
members = payload.get('members') or []
master = payload.get('master') or [login_user.get('username')]
if name and name != record.get('name'):
check = Team.find_one({'name': name})
if check:
return jsonify({'message': 'name existed', 'code': 104001}), 400
update = {
'$set': {
'name': name,
'description': description,
'master': master,
'parent': parent,
'updated_at': time.time(),
},
}
where = {'_id': record['_id']}
team = Team()
team.update_one(where, update=update)
team.add_member(_id, members, owner_id=owner_id)
for role_id in role_ids:
team_role = {
'$set': {
'team_id': _id,
'role_id': role_id,
'created_at': time.time()
}
}
where = {
'team_id': _id,
'role_id': role_id,
}
db.collection('team_roles').update_one(where, team_role, upsert=True)
return jsonify({
'message': 'ok',
'code': 0,
})
def add_user():
payload = request.get_json()
if not payload:
return jsonify({
'message': 'invalid params',
'code': 104000
}), 400
current_user = login_user.get('username')
is_admin = login_user.get('is_admin')
username = payload.get('username')
nickname = payload.get('nickname')
email = payload.get('email')
phone = payload.get('phone')
role_ids = payload.get('role_ids')
team_id = payload.get('team_id')
address = payload.get('address')
password = payload.get('password')
if not username or not email:
return jsonify({
'message': 'miss required params',
'code': 104001,
}), 400
if not is_admin:
if team_id:
team = Team.find_by_id(team_id)
if not team or current_user not in team.get('master'):
return jsonify({
'message': 'permission deny',
'code': 104031
}), 403
else:
return jsonify({
'message': 'permission deny',
'code': 104032,
}), 403
where = {
'$or': [
{'username': username},
{'email': email},
]
}
existed = User.find_one(where)
if existed:
return jsonify({
'message': 'username or email existed',
'code': 104030
}), 400
password = password or gen_password()
encrypt_pwd = generate_password_hash(password)
user_info = {
'username': username,
'nickname': nickname,
'password': encrypt_pwd,
'email': email,
'phone': phone,
'active': 0,
'address': address,
'created_at': time.time(),
'add_by': login_user.get('username'),
}
result = User.insert_one(user_info)
user_id = str(result.inserted_id)
if role_ids:
role_ids = role_ids if type(role_ids) == list else [role_ids]
roles = Role.find_by_ids(role_ids)
if roles:
for item in roles:
data = {
'role_id': str(item['_id']),
'user_id': user_id,
'add_by': login_user.get('username'),
'created_at': time.time(),
}
db.collection('user_roles').insert_one(data)
if team_id:
Team().add_member(team_id=team_id, members=[user_id], owner_id=login_user.get('user_id'))
notify = SMTP()
text = '''
<p>Dear user:</p>
<p>Your eclogue account is active~!</p>
<p>username: {}</p>
<p>password: {} </p>
'''
text = text.format(username, password)
notify.send(text, to=email, subject='', subtype='html')
return jsonify({
'message': 'ok',
'code': 0,
'data': password
})