示例#1
0
def is_in_auth_scope(group_id, endpoint):
    meta = current_app.config['EP_META'].get(endpoint)
    allowed = False
    if meta:
        allowed = AuthModel.get(group_id=group_id,
                                auth=meta.auth,
                                module=meta.module)
    return True if allowed else False
示例#2
0
def update_auth_list():
    '''添加多个权限(到某个权限组)'''
    validator = AuthsValidator().validate_for_api()
    auth_list = [get_ep_name(id) for id in validator.auth_ids.data]
    group_id = validator.group_id.data

    for auth in auth_list:
        one = AuthModel.get(group_id=group_id, auth=auth)
        if not one:
            meta = find_auth_module(auth)
            AuthModel.create(group_id=group_id,
                             auth=meta.auth,
                             module=meta.module)
    return Success(error_code=1)
示例#3
0
 def append_auth_list(group_id, auth_ids=[]):
     '''
     :param group_id: 权限组id
     :param auth_ids: 权限id数组
     :return:
     '''
     auth_name_list = [get_ep_name(id) for id in auth_ids]
     with db.auto_commit():
         for name in auth_name_list:
             one = Auth.get(group_id=group_id, name=name)
             if not one:
                 meta = find_auth_module(name)
                 Auth.create(group_id=group_id,
                             name=meta.name,
                             module=meta.module,
                             commit=False)
示例#4
0
 def put(self, id):
     args = self.reqparse.parse_args()
     auth = Auth.get(id)
     if auth and (not auth.is_delete) and auth.update(**args):
         return 'update %s success' % auth.email, 202
     return ' %s not found' % auth.email, 404
示例#5
0
 def delete(self, id):
     auth = Auth.get(id)
     if auth and (not auth.is_delete):
         auth.remove()
         return "Delete success", 204
     return "Not Found", 404
示例#6
0
 def get(self, id):
     auth = Auth.get(id)
     if auth and (not auth.is_delete):
         return marshal(auth, auth_fields), 201
     return "Not Found"