def delete(self): args = batch_delete_role_parser.parse_args() error_roles = [] for role_id in args.role_ids: try: role_id = int(role_id) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"角色Id必须为整数 - %s" % role_id}) role = Role.query.filter_by(id=role_id).first() if role is None: continue # 判断是否有用户关联 if UsersRoles.query.filter_by(role_id=role_id).count() > 0: error_roles.append(u"角色: %s 有用户关联不能删除" % role.name) continue g.db.delete(role) if len(args.role_ids): g.db.commit() if len(error_roles): return http_responses.HTTP_400_BAD_REQUEST( msg={"error": "\n".join(error_roles)}) return http_responses.HTTP_200_OK(msg="Delete success")
def put(self, role_id): role = Role.get_object(id=role_id) args = role_parser.parse_args() role.update(**args) g.db.commit() return http_responses.HTTP_200_OK(msg="Modify success")
def post(self): args = login_parser.parse_args() _user = User.get_object(username=args.username) if not _user.verify_password(args.password): return http_responses.HTTP_400_BAD_REQUEST(msg={"error": u"密码错误"}) token = _user.generate_auth_token() g.user = _user # 设置用户权限到缓存 # if not hasattr(g, "identity"): _permissions = cache_user_privileges(token) permissions = set() for per in _permissions: permissions.add(".".join([per.name, per.needs.name])) return http_responses.HTTP_200_OK( msg={ "message": "Login success", "username": _user.username, "nickname": _user.nickname, "id": _user.id, "is_superuser": _user.is_superuser, "permissions": list(permissions), "token": token })
def put(self, user_id): _user = User.get_object(id=user_id) args = user_modify_parser.parse_args() _user.username = args.username if args.nickname is not None: _user.nickname = args.nickname if args.email is not None: _user.email = args.email g.db.commit() return http_responses.HTTP_200_OK(msg=u"修改用户信息成功")
def get(self, role_id): role = Role.get_object(id=role_id) user_roles = UsersRoles.query.filter_by(role_id=role_id).all() users = [user_role.user.to_dict() for user_role in user_roles] return http_responses.HTTP_200_OK(msg={ "role": role.name, "users": users })
def get(self, user_id): user = User.get_object(id=user_id) user_roles = UsersRoles.query.filter_by(user_id=user_id).all() roles = [user_role.role.to_dict() for user_role in user_roles] return http_responses.HTTP_200_OK(msg={ "user": user.username, "roles": roles })
def get(self): users = User.query.filter_by(is_superuser=0).all() user_list = [] for user in users: user_roles = UsersRoles.query.filter_by(user_id=user.id).all() role_str = ';'.join( [user_role.role.name for user_role in user_roles]) user = user.to_dict() user["role"] = role_str user_list.append(user) return http_responses.HTTP_200_OK(msg={"users": user_list})
def post(self): args = role_parser.parse_args() _role = Role.query.filter_by(name=args.name).first() if _role: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"角色已存在 - %s" % args.name}) role = Role(**args) g.db.add(role) g.db.commit() return http_responses.HTTP_200_OK()
def get(self, role_id): role = Role.get_object(id=role_id) role_permissions = RolesPermissions.query.filter_by( role_id=role_id).all() role_permissions = [ _role_per.permission.to_dict() for _role_per in role_permissions ] return http_responses.HTTP_200_OK(msg={ "role": role.name, "permissions": role_permissions })
def delete(self, role_id): args = role_permissions_parser.parse_args() for per_id in args.permission_ids: try: per_id = int(per_id) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"权限Id必须为整数"}) role_permission = RolesPermissions.query.filter_by( role_id=role_id, permission_id=per_id) if role_permission: g.db.delete(role_permission) if len(args.permission_ids): g.db.commit() return http_responses.HTTP_200_OK(msg="delete success")
def delete(self, user_id): args = user_roles_parser.parse_args() for role_id in args.role_ids: try: role_id = int(role_id) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"角色Id必须为整数"}) user_role = UsersRoles.query.filter_by(user_id=user_id, role_id=role_id).first() if user_role: g.db.delete(user_role) if len(args.role_ids): g.db.commit() return http_responses.HTTP_200_OK()
def delete(self): args = batch_delete_user_parser.parse_args() error_users = [] for user_id in args.user_ids: try: user_id = int(user_id) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"用户Id必须为整数"}) user = User.query.filter_by(id=user_id).first() if user is None: continue g.db.delete(user) if len(args.user_ids): g.db.commit() if len(error_users): return http_responses.HTTP_400_BAD_REQUEST( msg={"error": "\n".join(error_users)}) return http_responses.HTTP_200_OK(msg="Delete success")
def post(self, user_id): args = user_roles_parser.parse_args() user = User.get_object(id=user_id) for role_id in args.role_ids: try: role_id = int(role_id) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"角色Id必须为整数"}) if UsersRoles.query.filter_by(user_id=user_id, role_id=role_id).first(): continue role = Role.get_object(id=role_id) user_role = UsersRoles(user, role) g.db.add(user_role) if len(args.role_ids): g.db.commit() return http_responses.HTTP_200_OK()
def post(self, role_id): args = role_permissions_parser.parse_args() role = Role.get_object(id=role_id) for permission_id in args.permission_ids: try: p_id = int(permission_id) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"权限id'%s'必须为整数" % permission_id}) if RolesPermissions.query.filter_by(role_id=role_id, permission_id=p_id).first(): continue permission_obj = Permission.get_object(id=p_id) role_permission = RolesPermissions(role, permission_obj) g.db.add(role_permission) if len(args.permission_ids): g.db.commit() return http_responses.HTTP_200_OK()
def put(self, user_id): args = user_roles_parser.parse_args() user = User.get_object(id=user_id) all_user_roles = UsersRoles.query.filter_by(user_id=user_id).all() if args.role_ids: all_role_ids = set( [user_role.role.id for user_role in all_user_roles]) try: new_role_ids = set([int(role_id) for role_id in args.role_ids]) except ValueError: return http_responses.HTTP_400_BAD_REQUEST( msg={"error": u"角色id必须为整数"}) add_role_ids = new_role_ids - all_role_ids delete_role_ids = all_role_ids - new_role_ids # 删除角色 for role_id in delete_role_ids: g.db.delete( filter(lambda x: x.role_id == role_id, all_user_roles)[0]) # 新增角色 for role_id in add_role_ids: role = Role.query.filter_by(id=role_id).first() if role is None: continue user_role = UsersRoles(user=user, role=role) g.db.add(user_role) else: for user_role in all_user_roles: g.db.delete(user_role) g.db.commit() return http_responses.HTTP_200_OK(msg="Update role permission success")
def put(self, role_id): args = role_permissions_parser.parse_args() role = Role.get_object(id=role_id) all_role_permissions = RolesPermissions.query.filter_by( role_id=role_id).all() if args.permission_ids: all_permission_ids = set( [role_per.permission.id for role_per in all_role_permissions]) new_permission_ids = set(args.permission_ids) add_permission_ids = new_permission_ids - all_permission_ids delete_permission_ids = all_permission_ids - new_permission_ids # 删除权限 for per_id in delete_permission_ids: g.db.delete( filter(lambda x: x.permission_id == per_id, all_role_permissions)[0]) # 新增权限 for per_id in add_permission_ids: permission = Permission.query.filter_by(id=per_id).first() if permission is None: continue role_permission = RolesPermissions(role=role, permission=permission) g.db.add(role_permission) else: for role_per in all_role_permissions: g.db.delete(role_per) g.db.commit() return http_responses.HTTP_200_OK(msg="Update role permission success")
def delete(self, role_id, permission_id): role_permission = RolesPermissions.get_object( role_id=role_id, permission_id=permission_id) g.db.delete(role_permission) g.db.commit() return http_responses.HTTP_200_OK()
def delete(self, user_id): _user = User.get_object(id=user_id) g.db.delete(_user) g.db.commit() return http_responses.HTTP_200_OK()
def delete(self, user_id, role_id): user_role = UsersRoles.get_object(user_id=user_id, role_id=role_id) g.db.delete(user_role) g.db.commit() return http_responses.HTTP_200_OK()
def get(self, role_id): role = Role.get_object(id=role_id) return http_responses.HTTP_200_OK(msg={"role": role.to_dict()})
def get(self): permissions = Permission.query.all() permissions = [permission.to_dict() for permission in permissions] permissions = sorted(permissions, key=lambda item: item["target"]) return http_responses.HTTP_200_OK(msg={"permissions": permissions})
def get(self): roles = Role.query.all() roles = [role.to_dict() for role in roles] return http_responses.HTTP_200_OK(msg={"roles": roles})
def get(self): return http_responses.HTTP_200_OK()