def _authenticate(self):
method = self.request.method
token_instance = Token()
if method == "POST":
the_post = Post()
the_header = Headers()
user_id = the_post.get_user_id(self)
user_id = user_id if user_id else the_header.get_user_id(self)
token = the_post.get_token(self)
token = token if token else the_header.get_token(self)
token_from_db = token_instance.get(user_id)
if token_from_db and token_from_db.token == token:
result = func(self)
else:
return self.write(
OHHOOperation.dict2json(Result.result_not_login()))
elif method == "GET":
the_get = Get()
the_header = Headers()
user_id = the_get.get_user_id(self)
user_id = user_id if user_id else the_header.get_user_id(self)
token = the_get.get_token(self)
token = token if token else the_header.get_token(self)
token_from_db = token_instance.get(user_id)
if token_from_db and token_from_db.token == token:
result = func(self)
else:
return self.write(
OHHOOperation.dict2json(Result.result_not_login()))
else:
result = func(self)
return result
def _permission(self):
username = self.current_user
if not username:
return self.write(
OHHOOperation.dict2json(Result.result_not_login()))
else:
class_name = self.__class__.__name__
if class_name.endswith("AddHandler"):
the_type = "AddHandler"
elif class_name.endswith("ListHandler"):
the_type = "ListHandler"
elif class_name.endswith("DetailHandler"):
the_type = "DetailHandler"
elif class_name.endswith("DeleteHandler"):
the_type = "DeleteHandler"
else:
the_type = ""
if the_type:
the_type_length = len(the_type)
name = class_name[:-the_type_length]
permission_instance = OHHOPermission()
page = permission_instance.get_or_create_page_from_permission(
name)
flag = True
permission = permission_instance.get_the_page_permission_from_permission(
username, page)
OHHOLog.print_log(username)
OHHOLog.print_log(page.id)
OHHOLog.print_log(permission)
print(permission)
if the_type == "AddHandler":
if permission["insert"]:
pass
else:
flag = False
elif the_type == "ListHandler":
if permission["select"]:
pass
else:
flag = False
elif the_type == "DetailHandler":
if permission["update"]:
pass
else:
flag = False
elif the_type == "DeleteHandler":
if permission["delete"]:
pass
else:
flag = False
else:
flag = False
if not flag:
result = Result.result_no_permission()
return self.redirect("/backstage/no/permission/?code=" +
str(result.get("code", 0)) +
"&data=" +
str(result.get("detail", "")))
result = func(self)
return result
