예제 #1
0
def get_user_info(_id):
    user = User()
    record = user.find_by_id(_id)
    if not record:
        return jsonify({
            'message': 'record not found',
            'code': 104040
        }), 404
    relation = TeamUser().collection.find_one({'user_id': _id})
    team = Team().find_by_id(relation.get('team_id'))
    record['team'] = team
    record.pop('password')
    permissions, roles = user.get_permissions(_id)
    hosts = user.get_hosts(_id)

    return jsonify({
        'message': 'ok',
        'code': 0,
        'data': {
            'user': record,
            'roles': roles,
            'permissions': permissions,
            'hosts': hosts,
        }
    })
예제 #2
0
def get_claims():
    try:
        authorization = request.headers.get('Authorization', None)
        if not authorization:
            return 0

        parts = authorization.split()
        if len(parts) < 2 or parts[0] != 'Bearer':
            return 0

        token = parts[1]
        claims = jws.verify(token)
        url_rule = str(request.url_rule)
        if config.api.get('force_check_binding'):
            found = _force_check_menu_apis(url_rule)
            if not found:
                return -1

        if claims is False:
            return 0

        if claims.get('is_admin'):
            return claims

        method = request.method.lower()
        if url_rule in routes.get('Default'):
            return claims

        username = claims.get('username')
        user_id = claims.get('user_id')
        user = User()
        if not user_id:
            user_info = User.find_one({'username': username})
            user_id = str(user_info['_id'])

        menus, roles = user.get_permissions(user_id)
        if not menus:
            return -1

        is_allow = -1
        for menu in menus:
            apis = menu.get('apis')
            actions = menu.get('actions')
            if not apis:
                continue

            if url_rule in apis and method in actions:
                is_allow = 1
                break

        return claims if is_allow == 1 else is_allow
    except JWTError:
        return False
예제 #3
0
    def get_menus():
        query = request.args
        user_id = login_user.get('user_id')
        is_admin = login_user.get('is_admin')
        name = query.get('name')
        route = query.get('route')
        status = query.get('status')
        where = {'status': {'$ne': -1}}
        if name:
            where['name'] = name

        if route:
            where['route'] = route

        if status is not None and int(status) >= 0:
            where['status'] = int(status)

        # is_admin = False
        if not is_admin:
            user = User()
            permissions = user.get_permissions(user_id, filter=where)
            menus = permissions[0]
        else:

            def add_actions(item):
                item['actions'] = ['get', 'post', 'delete', 'put', 'patch']

                return item

            if query and int(query.get('all')):
                where = {'status': {'$ne': -1}}

            menus = db.collection('menus').find(where).sort('id', 1)
            menus = map(add_actions, menus)

        return jsonify({'message': 'ok', 'code': 0, 'data': list(menus)})