async def read_op_user_(op_user_id: int,
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
op_user = get_user_by_id(session, op_user_id)
if op_user is None:
return error_response(NotFound("没找到该用户~"))
if not has_permission_manage_user(manager, op_user):
return error_response(PermissionError())
return success_response(to_UserDetailSerializer(op_user))
def exception_handler(e):
from apps.a_common.response import error_response
e = try_get_my_error(e)
if not isinstance(e, AppError) or e.code == ER.NOT_DEFINED.code:
title = '【新错误发生】' + '错误类型' + str(type(e)) + '|请尽快处理。'
content = "错误概述:\n" + str(e.args) + '\n\n错误栈:\n' + _get_error_stack(e)
task = BackgroundTask(send_email, title=title, content=content)
return error_response(code=ER.NOT_DEFINED.code,
detail="服务错误,请联系我们",
task=task)
return error_response(error=e, fields=e.fields)
async def update_role_(role_id: int,
data: RoleSerializer,
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
role.name = data.name
if session.query(RoleDB).filter(RoleDB.name == data.name).first() != None:
return error_response(InvalidParamError("角色名重复!"))
session.add(role)
session.commit()
return success_response(RoleSerializer.from_orm(role).dict())
async def add_user_to_role(role_id: int,
user_ids: List[int] = Body(...),
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
has_permission, user_ids = has_permission_manage_user_ids(
session, manager, user_ids)
if not has_permission:
return error_response(PermissionError())
session.add_all(
tuple(User2RoleDB(user_id=i, role_id=role_id) for i in user_ids))
update_user_identity(session, user_ids, UserIdentity.ADMIN)
session.commit()
return success_response()
async def del_permission_(permission_id: int,
user: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
permission = get_permission_by_id(session, permission_id)
if permission is None:
return error_response(NotFound())
session.delete(permission)
session.commit()
return success_response(PermissionSerializer.from_orm(permission).dict())
async def del_user_to_role(role_id: int,
user_ids: List[int],
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
has_permission, user_ids = has_permission_manage_user_ids(
session, manager, user_ids)
if not has_permission:
return error_response(PermissionError())
session.query(User2RoleDB).filter(
User2RoleDB.role_id == role_id,
User2RoleDB.user_id.in_(user_ids)).delete(False)
cancel_user_as_admin_if_no_role(session, user_ids)
session.commit()
return success_response()
async def my_roles(user_id: int,
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
has_permission, user_ids = has_permission_manage_user_ids(
session, manager, [user_id])
if not has_permission and not user_id == manager.id:
return error_response(PermissionError())
role_list = get_role_by_user_id(session, user_id)
data = [RoleSerializer.from_orm(role).dict() for role in role_list]
return success_response(data)
async def manage_reset_password(op_user_id_list: List[int] = Body(...),
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
op_user_line = get_users_by_id_list(session, op_user_id_list)
for op_user in op_user_line:
if not has_permission_manage_user(manager, op_user):
return error_response(PermissionError())
op_user.generate_password_hash('123456789')
session.commit()
return success_response({'count': len(op_user_line)})
async def psot_permission_to_role_(role_id: int,
permission_ids: List[int] = Body(...),
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
add_permission_to_role(session, permission_ids, role_id)
session.commit()
return success_response()
async def del_role(role_id: int,
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
# todo: 这里按道理要递归删除,但是还没做
session.delete(role)
session.query(User2RoleDB).filter(
User2RoleDB.role_id == role_id).delete(False)
session.commit()
return success_response(RoleSerializer.from_orm(role).dict())
async def login_(login_data: LoginSerializer, session: Session = Depends(get_session)):
logger.info(f"phone number: {login_data.phone} login")
user = get_user_by_phone_number(session=session, phone_number=login_data.phone)
logger.info(f'get user: {user}')
if user is None or not user.is_right_password(login_data.password):
return error_response(WrongPassword())
data = to_UserDetailSerializer(user)
user_token = encode_token(user.id).decode()
data['user_token'] = user_token
response = success_response(data)
response.set_cookie('user-token', user_token)
return response
async def role_user_list(request: Request,
role_id: int,
page_info: PageInfo = Depends(PageInfo_),
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
pagination = get_users_by_role_id(session, role_id, page_info)
data = [BaseUserSerializer.from_orm(u).dict() for u in pagination.items]
paginate_info = make_paginate_info(pagination, request)
return success_response(data, paginate_info)
async def del_permission_to_role(role_id: int,
permission_ids: List[int],
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
role, err = _check_group_exist_and_permission(session, manager, role_id)
if err is not None:
return error_response(err)
session.query(Permission2RoleDB). \
filter(Permission2RoleDB.role_id == role_id). \
filter(Permission2RoleDB.permission_id.in_(permission_ids)).delete(False)
session.commit()
return success_response()
async def update_op_user_(op_user_id: int,
user_data: ManagerUpdateUserSerializer,
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
op_user = get_user_by_id(session, op_user_id)
if not has_permission_manage_user(manager, op_user):
return error_response(PermissionError())
op_user.sex = user_data.sex
op_user.phone = user_data.phone
op_user.address = user_data.address
op_user.nation = user_data.nation
op_user.birthday = user_data.birthday
op_user.name = user_data.name
session.commit()
return success_response(to_UserDetailSerializer(op_user))
async def search_user_(request: Request,
page_info: PageInfo = Depends(PageInfo_),
search_condition: CommonlyUsedUserSearch = Depends(
CommonlyUsedUserSearch_),
manager: UserDB = Depends(get_user),
session: Session = Depends(get_session)):
query = session.query(UserDB).join(User2RoleDB,
User2RoleDB.user_id == UserDB.id)
query, error = common_user_search_with_permission_check(
manager, query, session, search_condition)
if error:
return error_response(error)
paginate = Pagination(query, page_info=page_info)
paginate_info = make_paginate_info(paginate, request)
data = [
BaseUserSerializer.from_orm(op_user).dict()
for op_user in paginate.items
]
return success_response(data, paginate_info)
async def get_file(file_path: str):
if not os.path.exists(file_path):
return error_response(NotFound())
return FileResponse(path=file_path,
filename=get_filename_without_uuid_prefix(file_path))
