def get_current_roles(): username = login_user.get('username') is_admin = login_user.get('is_admin') role = Role() if is_admin: roles = role.collection.find({}) return jsonify({ 'message': 'ok', 'code': 0, 'data': list(roles), }) user = User() user_info = user.collection.find_one({'username': username}) where = { 'user_id': str(user_info['_id']), } roles = db.collection('user_roles').find(where) roles = list(roles) data = [] if roles: role_ids = map(lambda i: i['role_id'], roles) data = role.find_by_ids(list(role_ids)) return jsonify({ 'message': 'ok', 'code': 0, 'data': data, })
def bind_role(user_id): payload = request.get_json() if not payload: return jsonify({'message': 'invalid params', 'code': 104030}), 400 role_ids = payload.get('role_ids') if not role_ids or type(role_ids) != list: return jsonify({'message': 'invalid params', 'code': 104031}), 400 user = User() user_info = user.find_by_id(user_id) if not user_info: return jsonify({'message': 'record not found', 'code': 104040}), 404 roles = Role().find_by_ids(role_ids) if not roles: return jsonify({'message': 'invalid param', 'code': 104031}), 400 for role in roles: data = { 'user_id': user_id, 'role_id': str(role['_id']), } where = data.copy() data['created_at'] = time.time() data['add_by'] = login_user.get('username') db.collection('user_roles').update_one(where, {'$set': data}, upsert=True) return jsonify({ 'message': 'ok', 'code': 0, })
def get_roles(self, team_id): team_roles = self.db.collection('team_roles').find({'team_id': team_id}) team_roles = list(team_roles) if not team_roles: return team_roles role_ids = map(lambda i: i['role_id'], team_roles) role_ids = list(role_ids) return Role.find_by_ids(role_ids)
def get_permissions(self, user_id, filter=None): """ get user permissions :param user_id: user id :return: list """ user = self.find_by_id(user_id) if not user: return [] relate_team = Model.build_model('team_members').find( {'user_id': user_id}) relate_team = list(relate_team) team_ids = list(map(lambda i: i.get('team_id'), relate_team)) role_ids = [] menus = [] if team_ids: team_roles = Model.build_model('team_roles').find( {'team_id': { '$in': team_ids }}) for item in team_roles: role_ids.append(item.get('role_id')) roles = db.collection('user_roles').find({'user_id': user_id}) roles = list(roles) if roles: ids = map(lambda i: i['role_id'], roles) role_ids += list(ids) if role_ids: where = {'role_id': {'$in': role_ids}} records = db.collection('role_menus').find(where).sort('id', 1) for record in records: where = filter or {} where['_id'] = ObjectId(record['m_id']) item = Menu.find_one(where) if not item or item.get( 'mpid') == '-1' or item.get('status') < 1: continue item['actions'] = record.get('actions', ['get']) menus.append(item) roles = Role().find_by_ids(role_ids) return menus, roles
def add_team(): payload = request.get_json() if not payload: return jsonify({'message': 'invalid params', 'code': 104000}), 400 is_admin = login_user.get('is_admin') if not is_admin: return jsonify({'message': 'admin required', 'code': 104039}), 403 name = payload.get('name') description = payload.get('description') parent = payload.get('parent') role_ids = payload.get('role_ids') members = payload.get('members') or [] master = payload.get('master') or [login_user.get('username')] record = Team.find_one({'name': name}) if record: return jsonify({'message': 'name existed', 'code': 104001}), 400 if role_ids: role_record = Role.find_by_ids(role_ids) if not role_record: return jsonify({'message': 'role not found', 'code': 104041}), 404 data = { 'name': name, 'description': description, 'master': master, 'parent': parent, 'add_by': login_user.get('username'), 'created_at': time.time(), } result = Team.insert_one(data) team_id = str(result.inserted_id) data['_id'] = team_id logger.info('add team', extra={'record': data}) if not role_ids: role = { 'name': name, 'type': 'team', 'role': 'owner', 'add_by': login_user.get('username'), 'created_at': time.time(), } result = Role.insert_one(role) role['_id'] = result.inserted_id role['team_id'] = data['_id'] role_ids = [str(role['_id'])] # team_role = { # 'role_id': result.inserted_id, # 'team_id': role['team_id'], # 'add_by': login_user.get('username'), # 'created_at': time.time(), # } # Model.build_model('team_roles').insert_one(team_role) for role_id in role_ids: team_role = { '$set': { 'team_id': team_id, 'role_id': role_id, 'created_at': time.time() } } where = { 'team_id': team_id, 'role_id': role_id, } db.collection('team_roles').update_one(where, team_role, upsert=True) Team().add_member(team_id, members, owner_id=login_user.get('user_id')) return jsonify({ 'message': 'ok', 'code': 0, })
def add_user(): payload = request.get_json() if not payload: return jsonify({ 'message': 'invalid params', 'code': 104000 }), 400 current_user = login_user.get('username') is_admin = login_user.get('is_admin') username = payload.get('username') nickname = payload.get('nickname') email = payload.get('email') phone = payload.get('phone') role_ids = payload.get('role_ids') team_id = payload.get('team_id') address = payload.get('address') password = payload.get('password') if not username or not email: return jsonify({ 'message': 'miss required params', 'code': 104001, }), 400 if not is_admin: if team_id: team = Team.find_by_id(team_id) if not team or current_user not in team.get('master'): return jsonify({ 'message': 'permission deny', 'code': 104031 }), 403 else: return jsonify({ 'message': 'permission deny', 'code': 104032, }), 403 where = { '$or': [ {'username': username}, {'email': email}, ] } existed = User.find_one(where) if existed: return jsonify({ 'message': 'username or email existed', 'code': 104030 }), 400 password = password or gen_password() encrypt_pwd = generate_password_hash(password) user_info = { 'username': username, 'nickname': nickname, 'password': encrypt_pwd, 'email': email, 'phone': phone, 'active': 0, 'address': address, 'created_at': time.time(), 'add_by': login_user.get('username'), } result = User.insert_one(user_info) user_id = str(result.inserted_id) if role_ids: role_ids = role_ids if type(role_ids) == list else [role_ids] roles = Role.find_by_ids(role_ids) if roles: for item in roles: data = { 'role_id': str(item['_id']), 'user_id': user_id, 'add_by': login_user.get('username'), 'created_at': time.time(), } db.collection('user_roles').insert_one(data) if team_id: Team().add_member(team_id=team_id, members=[user_id], owner_id=login_user.get('user_id')) notify = SMTP() text = ''' <p>Dear user:</p> <p>Your eclogue account is active~!</p> <p>username: {}</p> <p>password: {} </p> ''' text = text.format(username, password) notify.send(text, to=email, subject='', subtype='html') return jsonify({ 'message': 'ok', 'code': 0, 'data': password })
def add_role(): payload = request.get_json() if not payload: return jsonify({ 'message': 'invalid params', 'code': 104000 }), 400 name = payload.get('name') tag = payload.get('tag') role_type = payload.get('type') parent = payload.get('parent', None) alias = payload.get('alias') menus = payload.get('menus') actions = payload.get('actions') or [] if not tag or not name: return jsonify({ 'message': 'invalid params', 'code': 104000, }), 400 role = Role() record = role.collection.find_one({'name': name}) if record: return jsonify({ 'message': 'name existed', 'code': 104001 }), 400 # roles = ['admin', 'master', 'owner', 'member', 'guest'] # if tag not in roles: # return jsonify({ # 'message': 'invalid param role', # 'code': 104000, # }), 400 data = { 'name': name, 'alias': alias, 'type': role_type, 'tag': tag, 'actions': actions, 'parent': parent, 'created_at': time.time() } if parent: check = role.find_by_id(parent) if not check: return jsonify({ 'message': 'invalid param', 'code': 104001 }), 400 result = role.collection.insert_one(data) role_id = result.inserted_id if menus and type(menus) == list: data = [] # menus = Menu().find_by_ids(menus) menus = Menu().collection.find({}) if menus: for item in menus: data.append({ 'role_id': str(role_id), 'm_id': str(item['_id']), 'created_at': time.time(), 'add_by': login_user.get('username'), }) db.collection('role_menus').insert_many(data) return jsonify({ 'message': 'ok', 'code': 0, })
def add_role(): payload = request.get_json() if not payload: return jsonify({'message': 'invalid params', 'code': 104000}), 400 name = payload.get('name') description = payload.get('description') tags = payload.get('tags') role_type = payload.get('type') parent = payload.get('parent', None) alias = payload.get('alias') menus = payload.get('permissions') if not name: return jsonify({ 'message': 'invalid params', 'code': 104000, }), 400 role = Role() record = role.collection.find_one({'name': name}) if record: return jsonify({'message': 'name existed', 'code': 104001}), 400 data = { 'name': name, 'alias': alias, 'type': role_type, 'tags': tags, 'description': description, 'parent': parent, 'created_at': time.time() } if parent: check = role.find_by_id(parent) if not check: return jsonify({'message': 'invalid param', 'code': 104001}), 400 result = role.collection.insert_one(data) role_id = result.inserted_id if role_type == 'team': team_existed = Team.find_one({'name': name}) if team_existed: return jsonify({'message': 'team existed', 'code': 104005}), 400 team = { 'name': name, 'description': 'team of role {}'.format(name), 'add_by': login_user.get('username'), 'master': [login_user.get('username')], 'created_at': time.time() } result = Team.insert_one(team) team_role = { 'team_id': str(result.inserted_id), 'role_id': str(role_id), 'add_by': login_user.get('username'), 'created_at': time.time() } Team.build_model('team_roles').insert_one(team_role) if menus and type(menus) == dict: model = Menu() data = [] methods = { 'read': ['option', 'get'], 'edit': ['post', 'put', 'patch'], 'delete': ['delete'] } for _id, actions in menus.items(): record = model.find_by_id(_id) if not record: continue action_list = [] for action in actions: if not methods.get(action): continue action_list.extend(methods.get(action)) data.append({ 'role_id': str(role_id), 'm_id': _id, 'actions': action_list, 'created_at': time.time(), 'add_by': login_user.get('username'), }) db.collection('role_menus').insert_many(data) return jsonify({ 'message': 'ok', 'code': 0, })
def update_role(_id): payload = request.get_json() if not payload: return jsonify({'message': 'invalid params', 'code': 104000}), 400 record = Role().find_by_id(_id) if not record: return jsonify({'message': 'record not found', 'code': 104040}), 404 role_id = record.get('_id') name = payload.get('name') description = payload.get('description') tags = payload.get('tags') role_type = payload.get('type') parent = payload.get('parent', None) alias = payload.get('alias') menus = payload.get('permissions') data = { 'name': name, 'alias': alias, 'type': role_type, 'tags': tags, 'parent': parent, 'description': description, } update = {'$set': data} db.collection('roles').update_one({'_id': record['_id']}, update=update) if menus is not None and type(menus) == dict: model = Menu() methods = { 'read': ['option', 'get'], 'edit': ['post', 'put', 'patch'], 'delete': ['delete'] } # 先删除原先的关联 db.collection('role_menus').delete_many({'role_id': str(role_id)}) for _id, actions in menus.items(): record = model.find_by_id(_id) if not record: continue action_list = [] for action in actions: if not methods.get(action): continue action_list.extend(methods.get(action)) data = { 'role_id': str(role_id), 'm_id': _id, 'actions': action_list, 'created_at': time.time(), 'add_by': login_user.get('username'), } db.collection('role_menus').insert_one(data) # where = { # 'role_id': str(role_id), # 'm_id': _id, # } # check = db.collection('role_menus').find_one(where) # if not check: # data['created_at'] = time.time(), # data['add_by'] = login_user.get('username'), # db.collection('role_menus').insert_one(data) # else: # db.collection('role_menus').update_one(where, update={'$set': data}) return jsonify({ 'message': 'ok', 'code': 0, })
def get_roles(): query = request.args page = int(query.get('page', 1)) size = int(query.get('size', 50)) offset = (page - 1) * size name = query.get('name') role_type = query.get('type') start = query.get('start') end = query.get('end') user = User() username = login_user.get('username') is_admin = login_user.get('is_admin') data = [] total = 0 role = Role() where = {'status': {'$ne': -1}} if name: where['name'] = {'$regex': name} if role_type: where['type'] = role_type date = [] if start: date.append({ 'created_at': { '$gte': int(time.mktime(time.strptime(start, '%Y-%m-%d'))) } }) if end: date.append({ 'created_at': { '$lte': int(time.mktime(time.strptime(end, '%Y-%m-%d'))) } }) if not is_admin: user_info = user.collection.find_one({'username': username}) where = { 'user_id': str(user_info['_id']), } roles = db.collection('user_roles').find(where) roles = list(roles) if roles: role_ids = map(lambda i: ObjectId(i['role_id']), roles) where['_id'] = { '$in': list(role_ids), } cursor = role.collection.find(where, skip=offset, limit=size) total = cursor.count() data = list(cursor) else: cursor = role.collection.find(where, skip=offset, limit=size) total = cursor.count() data = list(cursor) return jsonify({ 'message': 'ok', 'code': 0, 'data': { 'page': page, 'pageSize': size, 'total': total, 'list': data, }, })