def GrantOrganizeModuleScope(self, organizeId, permissionItemCode, grantModuleId): """ 授予组织机构某个权限域的模块授权范围 Args: organizeId (string): 组织机构主键 permissionItemCode (string): 操作权限编号 grantModuleId (string[]): 授予模块主键 Returns: returnValue(int): 影响行数 """ returnValue = 0 resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.id = Pipermissionitem.objects.get( code=permissionItemCode).id resourcePermissionScopeEntity.resourcecategory = 'PIORGANIZE' resourcePermissionScopeEntity.resourceid = organizeId resourcePermissionScopeEntity.targetcategory = 'PIMODULE' resourcePermissionScopeEntity.targetid = grantModuleId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.save() returnValue = 1 return returnValue
def GrantOrganize(userInfo, roleId, permissionItemCode, grantOrganizeId): """ 为了提高授权的运行速度 Args: roleId (string): 角色主键 permissionItemCode (string): 权限代码 grantOrganizeId (string): 权限主键 Returns: returnValue(string): 主键 """ returnValue = '' try: Pipermissionscope.objects.get(Q(resourcecategory='PIROLE') & Q(resourceid=roleId) & Q(targetcategory='PIORGANIZE') & Q(targetid = grantOrganizeId) & Q(permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id)) return returnValue except Pipermissionscope.DoesNotExist as e: resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.id = uuid.uuid4() resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id resourcePermissionScopeEntity.resourcecategory = 'PIROLE' resourcePermissionScopeEntity.resourceid = roleId resourcePermissionScopeEntity.targetcategory = 'PIORGANIZE' resourcePermissionScopeEntity.targetid = grantOrganizeId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.createon = datetime.datetime.now() resourcePermissionScopeEntity.createby = userInfo.RealName resourcePermissionScopeEntity.createuserid = userInfo.Id resourcePermissionScopeEntity.modifiedon = resourcePermissionScopeEntity.createon resourcePermissionScopeEntity.modifiedby = userInfo.RealName resourcePermissionScopeEntity.modifieduserid = userInfo.Id resourcePermissionScopeEntity.save() returnValue = resourcePermissionScopeEntity.id if not grantOrganizeId == PermissionScope.PermissionScopeDic.get('No'): Pipermissionscope.objects.filter(Q(resourcecategory='PIROLE') & Q(resourceid=roleId) & Q(targetcategory='PIORGANIZE') & Q( targetid=PermissionScope.PermissionScopeDic.get('No')) & Q( permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id)).delete() else: Pipermissionscope.objects.filter(Q(resourcecategory='PIROLE') & Q(resourceid=roleId) & Q(targetcategory='PIORGANIZE') & Q( permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id) & ~Q(targetid = PermissionScope.PermissionScopeDic.get('No'))).delete() return returnValue
def GrantModule(userInfo, roleId, permissionItemCode, grantModuleId): """ 为了提高授权的运行速度 Args: roleId (string): 角色主键 permissionItemCode (string): 权限代码 grantModuleId (string): 模块权限主键 Returns: returnValue(string): 主键 """ resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.id = uuid.uuid4() resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id resourcePermissionScopeEntity.resourceid = roleId resourcePermissionScopeEntity.resourcecategory = 'PIROLE' resourcePermissionScopeEntity.targetcategory = 'PIMODULE' resourcePermissionScopeEntity.targetid = grantModuleId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.createon = datetime.datetime.now() resourcePermissionScopeEntity.createby = userInfo.RealName resourcePermissionScopeEntity.createuserid = userInfo.Id resourcePermissionScopeEntity.modifiedon = resourcePermissionScopeEntity.createon resourcePermissionScopeEntity.modifiedby = userInfo.RealName resourcePermissionScopeEntity.modifieduserid = userInfo.Id resourcePermissionScopeEntity.save() return resourcePermissionScopeEntity.id
def GrantPermissionScopeTarget(self, resourceCategory, resourceId, targetCategory, grantTargetId, permissionItemId): """ 授予资源的权限范围 Args: resourceCategory (string): 资源分类 resourceId (string): 资源主键 targetCategory (string): 目标类别 grantTargetId (string): 目标主键数组 permissionItemId (string): 权限主键 Returns: returnValue(int): 影响的行数 """ returnValue = 0 for id in grantTargetId: resourcePermissionScope = Pipermissionscope() resourcePermissionScope.id = uuid.uuid4() resourcePermissionScope.resourcecategory = resourceCategory resourcePermissionScope.resourceid = resourceId resourcePermissionScope.targetcategory = targetCategory resourcePermissionScope.permissionid = permissionItemId resourcePermissionScope.targetid = id resourcePermissionScope.enabled = 1 resourcePermissionScope.deletemark = 0 try: Pipermissionscope.objects.get( Q(resourceid=resourceId) & Q(resourcecategory=resourceCategory) & Q(targetcategory=targetCategory) & Q(targetid=id) & Q(permissionid=permissionItemId) & Q(enabled=1) & Q(deletemark=0)) except Pipermissionscope.DoesNotExist as e: resourcePermissionScope.save() returnValue = returnValue + 1 return returnValue
def GrantPermissionItem(userInfo, userId, permissionItemCode, grantPermissionId): """ 为了提高授权的运行速度 Args: userId (string): 员工主键 permissionItemCode (string): 权限代码 grantPermissionId (string): 权限主键 Returns: returnValue(string): 主键 """ returnValue = '' resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.id = uuid.uuid4() resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id resourcePermissionScopeEntity.resourcecategory = 'PIUSER' resourcePermissionScopeEntity.resourceid = userId resourcePermissionScopeEntity.targetcategory = 'PIPERMISSIONITEM' resourcePermissionScopeEntity.targetid = grantPermissionId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.createon = datetime.datetime.now() resourcePermissionScopeEntity.createby = userInfo.RealName resourcePermissionScopeEntity.createuserid = userInfo.Id resourcePermissionScopeEntity.modifiedon = resourcePermissionScopeEntity.createon resourcePermissionScopeEntity.modifiedby = userInfo.RealName resourcePermissionScopeEntity.modifieduserid = userInfo.Id resourcePermissionScopeEntity.save() returnValue = resourcePermissionScopeEntity.id return returnValue
def GrantRole(self, userId, permissionItemCode, grantRoleId): """ 为了提高授权的运行速度 Args: userId (string): 员工主键 permissionItemCode (string): 权限代码 grantRoleId (string): 权限主键 Returns: returnValue(string): 主键 """ returnValue = None try: returnValue = '' resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id resourcePermissionScopeEntity.id = uuid.uuid4() resourcePermissionScopeEntity.resourcecategory = 'PIUSER' resourcePermissionScopeEntity.resourceid = userId resourcePermissionScopeEntity.targetcategory = 'PIROLE' resourcePermissionScopeEntity.targetid = grantRoleId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.save() returnValue = resourcePermissionScopeEntity.id return returnValue except: return returnValue
def GrantUser(self, userId, permissionItemCode, grantUserId): """ 为了提高授权的运行速度 Args: userId (string): 员工主键 permissionItemCode (string): 权限代码 grantUserId (string): 权限主键 Returns: returnValue(string): 主键 """ returnValue = '' try: Pipermissionscope.objects.get(Q(resourcecategory='PIUSER') & Q(resourceid=userId) & Q(targetcategory='PIUSER') & Q(targetid=grantUserId) & Q(permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id)) return returnValue except Pipermissionscope.DoesNotExist as e: resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.id = uuid.uuid4() resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id resourcePermissionScopeEntity.resourcecategory = 'PIUSER' resourcePermissionScopeEntity.resourceid = userId resourcePermissionScopeEntity.targetcategory = 'PIUSER' resourcePermissionScopeEntity.targetid = grantUserId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.save() returnValue = resourcePermissionScopeEntity.id return returnValue
def GrantOrganize(self, userId, permissionItemCode, grantOrganizeId): """ 为了提高授权的运行速度 Args: userId (string): 员工主键 permissionItemCode (string): 权限代码 grantOrganizeId (string): 权限主键 Returns: returnValue(string): 主键 """ returnValue = '' try: Pipermissionscope.objects.get(Q(resourcecategory='PIUSER') & Q(resourceid=userId) & Q(targetcategory='PIORGANIZE') & Q(targetid=grantOrganizeId) & Q(permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id)) except Pipermissionscope.DoesNotExist as e: resourcePermissionScopeEntity = Pipermissionscope() resourcePermissionScopeEntity.id = uuid.uuid4() resourcePermissionScopeEntity.permissionid = Pipermissionitem.objects.get(code=permissionItemCode).id resourcePermissionScopeEntity.resourcecategory = 'PIUSER' resourcePermissionScopeEntity.resourceid = userId resourcePermissionScopeEntity.targetcategory = 'PIORGANIZE' resourcePermissionScopeEntity.targetid = grantOrganizeId resourcePermissionScopeEntity.enabled = 1 resourcePermissionScopeEntity.deletemark = 0 resourcePermissionScopeEntity.save() returnValue = resourcePermissionScopeEntity.id if grantOrganizeId != PermissionScope.PermissionScopeDic.get('No'): try: dt = Pipermissionscope.objects.get( Q(resourcecategory='PIUSER') & Q(resourceid=userId) & Q(targetcategory='PIORGANIZE') & Q( targetid=PermissionScope.PermissionScopeDic.get('No')) & Q( permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id)) dt.delete() except Pipermissionscope.DoesNotExist as e: pass else: dt = Pipermissionscope.objects.filter(Q(resourcecategory='PIUSER') & Q(resourceid=userId) & Q(targetcategory='PIORGANIZE') & Q(permissionid=Pipermissionitem.objects.get(code=permissionItemCode).id)).delete() return returnValue