leguadmin/xbackend
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

1

Browse Source
This commit is contained in:
wuaho 2021-08-05 21:17:27 +08:00
parent bf61a4d8d1
commit 9bbea48a7b
10 changed files with 318 additions and 301 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/api_v1/api.py
View File

@ -5,7 +5,7 @@ from .endpoints import folder
from .endpoints import space
from .endpoints import dashboard
from .endpoints import report
from .endpoints import authority
# from .endpoints import authority
from .endpoints import data_mana
from .endpoints import query
from .endpoints import xquery
@ -24,7 +24,7 @@ api_router.include_router(space.router, tags=["空间接口"], prefix='/space')
api_router.include_router(dashboard.router, tags=["看板接口"], prefix='/dashboard')
api_router.include_router(report.router, tags=["报表接口"], prefix='/report')
api_router.include_router(authority.router, tags=["权限管理接口"], prefix='/authority')
# api_router.include_router(authority.router, tags=["权限管理接口"], prefix='/authority')
api_router.include_router(data_auth.router, tags=["数据权限"], prefix='/data_auth')
api_router.include_router(data_mana.router, tags=["数据管理"], prefix='/data_mana')

17
api/api_v1/authz/authz.py
View File

@ -83,7 +83,6 @@ async def remove_policy(
@router.get("/api_list")
async def api_list(
request: Request,
game: str,
db: AsyncIOMotorDatabase = Depends(get_database),
current_user: schemas.UserDB = Depends(deps.get_current_user)):
"""
@ -92,7 +91,7 @@ async def api_list(
已经添加的api
标记 已添加的权限
"""
res = await crud.api_list.all_api(db, game)
res = await crud.api_list.all_api(db)
return schemas.Msg(code=0, msg='ok', data=res)
@ -106,7 +105,10 @@ async def add_api(
"""
添加api
"""
res = await crud.api_list.add_api(db, data_in)
try:
res = await crud.api_list.add_api(db, data_in)
except Exception as e:
return schemas.Msg(code=-1, msg='已经存在')
return schemas.Msg(code=0, msg='ok', data=res.matched_count)
@ -119,7 +121,14 @@ async def del_api(
"""
删除api
"""
# 删除规则
paths = await crud.api_list.find_ids(db, data_in.ids, {'path': 1})
for item in paths:
casbin_enforcer.remove_filtered_policy(2, item['path'])
# 删除保存的记录
res = await crud.api_list.del_api(db, data_in)
return schemas.Msg(code=0, msg='ok', data=res.deleted_count)
@ -133,7 +142,7 @@ async def edit_api(
编辑api
"""
res = await crud.api_list.edit_api(db, data_in)
return schemas.Msg(code=0, msg='ok', data=res.deleted_count)
return schemas.Msg(code=0, msg='ok', data=res.matched_count)
@router.get("/domain")

508
api/api_v1/endpoints/authority.py
View File

@ -1,264 +1,264 @@
import pymongo
from fastapi import APIRouter, Depends, Request
from motor.motor_asyncio import AsyncIOMotorDatabase
import crud, schemas
from core.config import settings
from core.security import get_password_hash
from db import get_database
from api import deps
from db.ckdb import CKDrive, get_ck_db
from utils import casbin_enforcer
router = APIRouter()
@router.get("/api_list")
async def api_list(request: Request,
current_user: schemas.UserDB = Depends(deps.get_current_user)) -> schemas.Msg:
"""api 列表"""
app = request.app
data = {}
for r in app.routes:
title = r.tags[0] if hasattr(r, 'description') else None
if not title:
continue
data.setdefault(title, {'list': []})
path = r.path
name = r.description if hasattr(r, 'description') else r.name
data[title]['list'].append({'api': path, 'title': name})
res = [{'title': k, 'list': v['list']} for k, v in data.items()]
return schemas.Msg(code=0, msg='ok', data=res)
@router.post('/set_data_auth')
async def set_data_auth(request: Request,
data_id: schemas.DataAuthSet,
game: str = Depends(deps.get_game_project),
db: AsyncIOMotorDatabase = Depends(get_database),
current_user: schemas.UserDB = Depends(deps.get_current_user)
) -> schemas.Msg:
"""设置用户数据权限"""
await crud.authority.set_data_auth(db, data_id, game=game)
return schemas.Msg(code=0, msg='ok', data=data_id)
@router.get('/get_user_data_auth')
async def get_user_data_auth(request: Request,
game: str = Depends(deps.get_game_project),
db: AsyncIOMotorDatabase = Depends(get_database),
ck: CKDrive = Depends(get_ck_db),
current_user: schemas.UserDB = Depends(deps.get_current_user)
) -> schemas.Msg:
"""获取当前用户数据权限"""
data_auth = await crud.authority.get_data_auth(db, username=request.user.name, game=game)
if not data_auth:
values = await ck.distinct(game, 'event', '#event_name')
return schemas.Msg(code=0, msg='ok', data={
'data': values,
'game': game,
'name': '全部事件'
})
data_auth_id = data_auth['data_auth_id']
data = await crud.data_auth.get(data_auth_id)
return schemas.Msg(code=0, msg='ok', data=data)
# @router.get('/get_users_data_auth')
# async def get_users_data_auth(request: Request,
# game: str = Depends(deps.get_game_project),
# db: AsyncIOMotorDatabase = Depends(get_database),
# ck: CKDrive = Depends(get_ck_db),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# """获取当前项目所有用户数据权限"""
# import pymongo
# from fastapi import APIRouter, Depends, Request
# from motor.motor_asyncio import AsyncIOMotorDatabase
# import crud, schemas
# from core.config import settings
# from core.security import get_password_hash
#
# roles = await crud.authority.find_many(db, ptype='g', v2=game)
# for item in roles:
# user = item['v0']
# data_auth = await crud.authority.get_data_auth(db, username=request.user.name, game=game)
# if not data_auth:
# values = await ck.distinct(game, 'event', '#event_name')
# return schemas.Msg(code=0, msg='ok', data={
# 'data': values,
# 'game': game,
# 'name': '全部事件'
# })
# data_auth_id = data_auth['data_auth_id']
# data = await crud.data_auth.get(data_auth_id)
# return schemas.Msg(code=0, msg='ok', data=data)
# from db import get_database
# from api import deps
# from db.ckdb import CKDrive, get_ck_db
# from utils import casbin_enforcer
#
# # data_auth = await crud.authority.get_data_auth(db, username=request.user.name, game=game)
# # if not data_auth:
# # values = await ck.distinct(game, 'event', '#event_name')
# # return schemas.Msg(code=0, msg='ok', data={
# # 'data': values,
# # 'game': game,
# # 'name': '全部事件'
# # })
# # data_auth_id = data_auth['data_auth_id']
# # data = await crud.data_auth.get(data_auth_id)
# return schemas.Msg(code=0, msg='ok')
@router.post("/add_role")
async def add_role(request: Request,
data_in: schemas.CasbinRoleCreate,
game: str = Depends(deps.get_game_project),
db: AsyncIOMotorDatabase = Depends(get_database),
current_user: schemas.UserDB = Depends(deps.get_current_user)
) -> schemas.Msg:
"""创建角色"""
# 不允许角色名和用户名一样
if await crud.user.get_by_user(db, name=data_in.role_name):
return schemas.Msg(code=-1, msg='请改个名字')
role_dom = game
api_dict = dict()
for r in request.app.routes:
api_dict[r.path] = r.description if hasattr(r, 'description') else r.name
# 角色有的接口权限
for obj in data_in.role_api:
casbin_enforcer.add_policy(data_in.role_name, role_dom, obj, '*')
await crud.authority.update_one(db, {'ptype': 'p', 'v0': data_in.role_name, 'v1': role_dom, 'v2': obj},
{'$set': {'api_name': api_dict.get(obj)}})
# 管理员默认拥有该角色 方便从db中读出
await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, role_dom, '*',
role_name=data_in.role_name,
game=role_dom)
return schemas.Msg(code=0, msg='ok')
@router.post("/add_sys_role")
async def add_sys_role(request: Request,
data_in: schemas.CasbinRoleCreate,
game: str = Depends(deps.get_game_project),
db: AsyncIOMotorDatabase = Depends(get_database),
current_user: schemas.UserDB = Depends(deps.get_current_user)
) -> schemas.Msg:
"""创建系统角色"""
api_dict = dict()
# 不允许角色名和用户名一样
if await crud.user.get_by_user(db, name=data_in.role_name):
return schemas.Msg(code=-1, msg='请改个名字')
for r in request.app.routes:
api_dict[r.path] = r.description if hasattr(r, 'description') else r.name
# 角色有的接口权限
for obj in data_in.role_api:
casbin_enforcer.add_policy(data_in.role_name, '*', obj, '*')
await crud.authority.create(db, 'p', data_in.role_name, '*', obj, '*', api_name=api_dict.get(obj))
# 管理员默认拥有该角色 方便从db中读出
await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name,
role_name=data_in.role_name,
game='*')
return schemas.Msg(code=0, msg='ok')
@router.post("/add_account")
async def add_account(request: Request,
data_in: schemas.AccountsCreate,
game: str = Depends(deps.get_game_project),
db: AsyncIOMotorDatabase = Depends(get_database),
current_user: schemas.UserDB = Depends(deps.get_current_user)
) -> schemas.Msg:
"""添加账号"""
# 用户名不能与角色名重复
roles = casbin_enforcer.get_all_roles()
accounts = {item.username for item in data_in.accounts}
# 用户名不能与已存在的重复
exists_user = await crud.user.get_all_user(db)
if accounts & set(roles) or accounts & set(exists_user):
return schemas.Msg(code=-1, msg='已存在', data=list(set(accounts) & set(roles) | accounts & set(exists_user)))
"""创建账号 并设置角色"""
for item in data_in.accounts:
account = schemas.UserCreate(name=item.username, password=settings.DEFAULT_PASSWORD)
try:
await crud.user.create(db, account)
except pymongo.errors.DuplicateKeyError:
return schemas.Msg(code=-1, msg='用户名已存在')
casbin_enforcer.add_grouping_policy(item.username, item.role_name, game)
# 设置数据权限
await crud.authority.set_data_auth(db,
schemas.DataAuthSet(username=item.username, data_auth_id=item.data_auth_id),
game)
# 添加到项目成员
await crud.project.add_members(db, schemas.ProjectMember(project_id=data_in.project_id, members=list(accounts)))
return schemas.Msg(code=0, msg='ok')
@router.get("/all_role")
async def all_role(request: Request,
db: AsyncIOMotorDatabase = Depends(get_database),
game: str = Depends(deps.get_game_project),
current_user: schemas.UserDB = Depends(deps.get_current_user)
) -> schemas.Msg:
"""获取所有角色"""
app = request.app
api_data = {}
for r in app.routes:
title = r.tags[0] if hasattr(r, 'description') else None
if not title:
continue
api_data[r.path] = {
'api': r.path,
'title': title,
'name': r.description if hasattr(r, 'description') else r.name
}
"""获取域内所有角色"""
roles = await crud.authority.find_many(db, {'role_name': {'$exists': 1}, 'game': game})
dom_data = [{'role': item['v1'], 'title': item['role_name'], 'id': str(item['_id'])} for item in roles]
for item in dom_data:
q = await crud.authority.get_role_dom_authority(db, item['role'], game, api_data)
item['authority'] = [{'title': k, 'child': v} for k, v in q.items()]
# 获取系统角色
roles = await crud.authority.find_many(db, {'role_name':{'$exists': 1}, 'game':'*'})
sys_data = [{'role': item['v1'], 'title': item['role_name'], 'id': str(item['_id'])} for item in roles]
for item in sys_data:
q = await crud.authority.get_role_dom_authority(db, item['role'], dom=game, api_data=api_data)
item['authority'] = [{'title': k, 'child': v} for k, v in q.items()]
data = {
'dom_role': dom_data,
'sys_role': sys_data
}
return schemas.Msg(code=0, msg='ok', data=data)
# @router.post("/set_role")
# async def set_role(request: Request,
# data_id: schemas.AccountSetRole,
# router = APIRouter()
#
#
# @router.get("/api_list")
# async def api_list(request: Request,
# current_user: schemas.UserDB = Depends(deps.get_current_user)) -> schemas.Msg:
# """api 列表"""
# app = request.app
# data = {}
# for r in app.routes:
# title = r.tags[0] if hasattr(r, 'description') else None
# if not title:
# continue
# data.setdefault(title, {'list': []})
# path = r.path
# name = r.description if hasattr(r, 'description') else r.name
# data[title]['list'].append({'api': path, 'title': name})
#
# res = [{'title': k, 'list': v['list']} for k, v in data.items()]
#
# return schemas.Msg(code=0, msg='ok', data=res)
#
#
# @router.post('/set_data_auth')
# async def set_data_auth(request: Request,
# data_id: schemas.DataAuthSet,
# game: str = Depends(deps.get_game_project),
# db: AsyncIOMotorDatabase = Depends(get_database),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# """设置用户数据权限"""
# await crud.authority.set_data_auth(db, data_id, game=game)
# return schemas.Msg(code=0, msg='ok', data=data_id)
#
#
# @router.get('/get_user_data_auth')
# async def get_user_data_auth(request: Request,
# game: str = Depends(deps.get_game_project),
# db: AsyncIOMotorDatabase = Depends(get_database),
# ck: CKDrive = Depends(get_ck_db),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# """获取当前用户数据权限"""
#
# data_auth = await crud.authority.get_data_auth(db, username=request.user.name, game=game)
# if not data_auth:
# values = await ck.distinct(game, 'event', '#event_name')
# return schemas.Msg(code=0, msg='ok', data={
# 'data': values,
# 'game': game,
# 'name': '全部事件'
# })
# data_auth_id = data_auth['data_auth_id']
# data = await crud.data_auth.get(data_auth_id)
# return schemas.Msg(code=0, msg='ok', data=data)
#
#
# # @router.get('/get_users_data_auth')
# # async def get_users_data_auth(request: Request,
# # game: str = Depends(deps.get_game_project),
# # db: AsyncIOMotorDatabase = Depends(get_database),
# # ck: CKDrive = Depends(get_ck_db),
# # current_user: schemas.UserDB = Depends(deps.get_current_user)
# # ) -> schemas.Msg:
# # """获取当前项目所有用户数据权限"""
# #
# # roles = await crud.authority.find_many(db, ptype='g', v2=game)
# # for item in roles:
# # user = item['v0']
# # data_auth = await crud.authority.get_data_auth(db, username=request.user.name, game=game)
# # if not data_auth:
# # values = await ck.distinct(game, 'event', '#event_name')
# # return schemas.Msg(code=0, msg='ok', data={
# # 'data': values,
# # 'game': game,
# # 'name': '全部事件'
# # })
# # data_auth_id = data_auth['data_auth_id']
# # data = await crud.data_auth.get(data_auth_id)
# # return schemas.Msg(code=0, msg='ok', data=data)
# #
# # # data_auth = await crud.authority.get_data_auth(db, username=request.user.name, game=game)
# # # if not data_auth:
# # # values = await ck.distinct(game, 'event', '#event_name')
# # # return schemas.Msg(code=0, msg='ok', data={
# # # 'data': values,
# # # 'game': game,
# # # 'name': '全部事件'
# # # })
# # # data_auth_id = data_auth['data_auth_id']
# # # data = await crud.data_auth.get(data_auth_id)
# # return schemas.Msg(code=0, msg='ok')
#
#
# @router.post("/add_role")
# async def add_role(request: Request,
# data_in: schemas.CasbinRoleCreate,
# game: str = Depends(deps.get_game_project),
# db: AsyncIOMotorDatabase = Depends(get_database),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# """设置账号角色"""
# casbin_enforcer.delete_user(data_id.name)
# casbin_enforcer.add_role_for_user(data_id.name, data_id.role_name)
# await crud.authority.update_one(db, {'ptype': 'g', 'v0': data_id.name}, dict(v1=data_id.role_name))
# """创建角色"""
#
# # 不允许角色名和用户名一样
# if await crud.user.get_by_user(db, name=data_in.role_name):
# return schemas.Msg(code=-1, msg='请改个名字')
# role_dom = game
# api_dict = dict()
# for r in request.app.routes:
# api_dict[r.path] = r.description if hasattr(r, 'description') else r.name
# # 角色有的接口权限
# for obj in data_in.role_api:
# casbin_enforcer.add_policy(data_in.role_name, role_dom, obj, '*')
# await crud.authority.update_one(db, {'ptype': 'p', 'v0': data_in.role_name, 'v1': role_dom, 'v2': obj},
# {'$set': {'api_name': api_dict.get(obj)}})
#
# # 管理员默认拥有该角色 方便从db中读出
# await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, role_dom, '*',
# role_name=data_in.role_name,
# game=role_dom)
#
# return schemas.Msg(code=0, msg='ok')
# @router.get("/delete_user")
# async def delete_user(request: Request,
# data_id: schemas.AccountDeleteUser,
#
#
# @router.post("/add_sys_role")
# async def add_sys_role(request: Request,
# data_in: schemas.CasbinRoleCreate,
# game: str = Depends(deps.get_game_project),
# db: AsyncIOMotorDatabase = Depends(get_database),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# """创建系统角色"""
# api_dict = dict()
#
# # 不允许角色名和用户名一样
# if await crud.user.get_by_user(db, name=data_in.role_name):
# return schemas.Msg(code=-1, msg='请改个名字')
#
# for r in request.app.routes:
# api_dict[r.path] = r.description if hasattr(r, 'description') else r.name
# # 角色有的接口权限
# for obj in data_in.role_api:
# casbin_enforcer.add_policy(data_in.role_name, '*', obj, '*')
# await crud.authority.create(db, 'p', data_in.role_name, '*', obj, '*', api_name=api_dict.get(obj))
#
# # 管理员默认拥有该角色 方便从db中读出
# await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name,
# role_name=data_in.role_name,
# game='*')
#
# return schemas.Msg(code=0, msg='ok')
#
#
# @router.post("/add_account")
# async def add_account(request: Request,
#
# data_in: schemas.AccountsCreate,
# game: str = Depends(deps.get_game_project),
# db: AsyncIOMotorDatabase = Depends(get_database),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# pass
# return schemas.Msg(code=0, msg='暂时没有')
# """添加账号"""
#
# # 用户名不能与角色名重复
# roles = casbin_enforcer.get_all_roles()
# accounts = {item.username for item in data_in.accounts}
# # 用户名不能与已存在的重复
# exists_user = await crud.user.get_all_user(db)
# if accounts & set(roles) or accounts & set(exists_user):
# return schemas.Msg(code=-1, msg='已存在', data=list(set(accounts) & set(roles) | accounts & set(exists_user)))
#
# """创建账号 并设置角色"""
# for item in data_in.accounts:
# account = schemas.UserCreate(name=item.username, password=settings.DEFAULT_PASSWORD)
# try:
# await crud.user.create(db, account)
# except pymongo.errors.DuplicateKeyError:
# return schemas.Msg(code=-1, msg='用户名已存在')
#
# casbin_enforcer.add_grouping_policy(item.username, item.role_name, game)
# # 设置数据权限
# await crud.authority.set_data_auth(db,
# schemas.DataAuthSet(username=item.username, data_auth_id=item.data_auth_id),
# game)
#
# # 添加到项目成员
# await crud.project.add_members(db, schemas.ProjectMember(project_id=data_in.project_id, members=list(accounts)))
#
# return schemas.Msg(code=0, msg='ok')
#
#
# @router.get("/all_role")
# async def all_role(request: Request,
# db: AsyncIOMotorDatabase = Depends(get_database),
# game: str = Depends(deps.get_game_project),
# current_user: schemas.UserDB = Depends(deps.get_current_user)
# ) -> schemas.Msg:
# """获取所有角色"""
#
# app = request.app
# api_data = {}
# for r in app.routes:
# title = r.tags[0] if hasattr(r, 'description') else None
# if not title:
# continue
# api_data[r.path] = {
# 'api': r.path,
# 'title': title,
# 'name': r.description if hasattr(r, 'description') else r.name
# }
#
# """获取域内所有角色"""
# roles = await crud.authority.find_many(db, {'role_name': {'$exists': 1}, 'game': game})
# dom_data = [{'role': item['v1'], 'title': item['role_name'], 'id': str(item['_id'])} for item in roles]
# for item in dom_data:
# q = await crud.authority.get_role_dom_authority(db, item['role'], game, api_data)
# item['authority'] = [{'title': k, 'child': v} for k, v in q.items()]
#
# # 获取系统角色
# roles = await crud.authority.find_many(db, {'role_name':{'$exists': 1}, 'game':'*'})
# sys_data = [{'role': item['v1'], 'title': item['role_name'], 'id': str(item['_id'])} for item in roles]
# for item in sys_data:
# q = await crud.authority.get_role_dom_authority(db, item['role'], dom=game, api_data=api_data)
# item['authority'] = [{'title': k, 'child': v} for k, v in q.items()]
#
# data = {
# 'dom_role': dom_data,
# 'sys_role': sys_data
# }
# return schemas.Msg(code=0, msg='ok', data=data)
#
# # @router.post("/set_role")
# # async def set_role(request: Request,
# # data_id: schemas.AccountSetRole,
# # db: AsyncIOMotorDatabase = Depends(get_database),
# # current_user: schemas.UserDB = Depends(deps.get_current_user)
# # ) -> schemas.Msg:
# # """设置账号角色"""
# # casbin_enforcer.delete_user(data_id.name)
# # casbin_enforcer.add_role_for_user(data_id.name, data_id.role_name)
# # await crud.authority.update_one(db, {'ptype': 'g', 'v0': data_id.name}, dict(v1=data_id.role_name))
# #
# # return schemas.Msg(code=0, msg='ok')
#
# # @router.get("/delete_user")
# # async def delete_user(request: Request,
# # data_id: schemas.AccountDeleteUser,
# # db: AsyncIOMotorDatabase = Depends(get_database),
# # current_user: schemas.UserDB = Depends(deps.get_current_user)
# # ) -> schemas.Msg:
# # pass
# # return schemas.Msg(code=0, msg='暂时没有')

2
api/api_v1/endpoints/data_auth.py
View File

@ -15,7 +15,7 @@ from db import get_database
from api import deps
from db.ckdb import CKDrive, get_ck_db
from db.redisdb import get_redis_pool, RedisDrive
from utils import casbin_enforcer
# from utils import casbin_enforcer
router = APIRouter()

32
api/api_v1/endpoints/project.py
View File

@ -9,7 +9,7 @@ from core.config import settings
from db import get_database
from db.ckdb import CKDrive, get_ck_db
from schemas.project import ProjectCreate
from utils import casbin_enforcer
# from utils import casbin_enforcer
router = APIRouter()
@ -47,15 +47,15 @@ async def create(
# await crud.data_auth.create(db, data_auth, data_in.game)
# 新建项目管理员权限
role_name = f'{data_in.game}_admin'
role_dom = data_in.game
casbin_enforcer.add_policy(role_name, role_dom, '*', '*')
await crud.authority.create(db, 'p', role_name, role_dom, '*', '*')
# role_name = f'{data_in.game}_admin'
# role_dom = data_in.game
# casbin_enforcer.add_policy(role_name, role_dom, '*', '*')
# await crud.authority.create(db, 'p', role_name, role_dom, '*', '*')
# 添加角色
await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, role_name, '*', '*', role_name='系统项目管理员', game='*')
# 添加数据权限
await crud.authority.set_data_auth(db, schemas.DataAuthSet(username=request.user.username, data_auth_id='*'),
game=data_in.game, v1=role_name)
# await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, role_name, '*', '*', role_name='系统项目管理员', game='*')
# # 添加数据权限
# await crud.authority.set_data_auth(db, schemas.DataAuthSet(username=request.user.username, data_auth_id='*'),
# game=data_in.game, v1=role_name)
return schemas.Msg(code=0, msg='创建成功')
@ -120,11 +120,11 @@ async def add_members(request: Request,
"""项目添加成员"""
for item in data_in.members:
casbin_enforcer.add_grouping_policy(item.username, item.role_name, game)
# 设置数据权限
await crud.authority.set_data_auth(db,
schemas.DataAuthSet(username=item.username, data_auth_id=item.data_auth_id),
game)
# casbin_enforcer.add_grouping_policy(item.username, item.role_name, game)
# # 设置数据权限
# await crud.authority.set_data_auth(db,
# schemas.DataAuthSet(username=item.username, data_auth_id=item.data_auth_id),
# game)
folder = schemas.FolderCreate(
name='未分组',
@ -196,9 +196,9 @@ async def members(request: Request,
current_user: schemas.UserDB = Depends(deps.get_current_user)
):
"""删除项目成员"""
casbin_enforcer.delete_roles_for_user_in_domain(data_in.username, data_in.role, game)
# casbin_enforcer.delete_roles_for_user_in_domain(data_in.username, data_in.role, game)
await crud.project.del_members(db, data_in)
await crud.authority.delete(db, ptype='g', v2=game, v0=data_in.username)
# await crud.authority.delete(db, ptype='g', v2=game, v0=data_in.username)
return schemas.Msg(code=0, msg='ok')

5
crud/base.py
View File

@ -40,7 +40,7 @@ class CRUDBase:
return await db[self.coll_name].delete_many(filter, collation, hint, session)
async def delete_id(self, db, *args):
return await db[self.coll_name].delete_one({'_id': {'$in': list(args)}})
return await db[self.coll_name].delete_many({'_id': {'$in': list(args)}})
async def update_one(self, db, filter, update, upsert=False):
res = await db[self.coll_name].update_one(filter, update, upsert)
@ -52,5 +52,8 @@ class CRUDBase:
async def distinct(self, db, key, filter=None):
return await db[self.coll_name].distinct(key, filter)
async def find_ids(self, db, ids, *args, **kwargs):
return await self.find_many(db, {'_id': {'$in': ids}}, *args, **kwargs)
# async def _create_index(self, db: AsyncIOMotorDatabase, *args, **kwargs):
# return await db[self.coll_name].create_index(*args, **kwargs)

8
crud/crud_api_list.py
View File

@ -15,14 +15,12 @@ class CRUDApiList(CRUDBase):
async def edit_api(self, db: AsyncIOMotorDatabase, data_in: schemas.EditApi):
where = {'_id': data_in.id}
data = {'$set': data_in.dict()}
data = {'$set': data_in.dict(exclude={'id'})}
return await self.update_one(db, where, data)
async def all_api(self, db: AsyncIOMotorDatabase, game):
where = {'game': game}
return await self.find_many(db, where)
async def all_api(self, db: AsyncIOMotorDatabase):
return await self.find_many(db)

5
middleware/casbin.py
View File

@ -1,3 +1,4 @@
from utils.casbin.enforcer import Enforcer
from fastapi import HTTPException
from starlette.authentication import BaseUser
@ -33,7 +34,7 @@ class CasbinMiddleware:
await self.app(scope, receive, send)
return
if self._enforce(scope, receive):
if await self._enforce(scope, receive):
await self.app(scope, receive, send)
return
else:
@ -45,7 +46,7 @@ class CasbinMiddleware:
await response(scope, receive, send)
return
def _enforce(self, scope: Scope, receive: Receive) -> bool:
async def _enforce(self, scope: Scope, receive: Receive) -> bool:
"""
Enforce a request

4
schemas/api_list.py
View File

@ -29,5 +29,7 @@ class DelApi(BaseModel):
ids: List[str] = Field(..., description='要删除的id')
class EditApi(ApiBase):
class EditApi(BaseModel):
id: str = Field(..., description='要编辑的id')
name: str
desc: str

34
utils/adapter.py
View File

@ -26,7 +26,7 @@ class CasbinRule:
for i, v in enumerate([self.v0, self.v1, self.v2, self.v3, self.v4, self.v5]):
if v is None:
break
continue
d['v' + str(i)] = v
return d
@ -47,20 +47,24 @@ class Adapter(persist.Adapter):
self._collection = db[collection]
@staticmethod
def format_policy(ptype, args):
def format_policy(ptype, field_values, field_index=0):
line = CasbinRule(ptype=ptype)
if len(args) > 0:
line.v0 = args[0]
if len(args) > 1:
line.v1 = args[1]
if len(args) > 2:
line.v2 = args[2]
if len(args) > 3:
line.v3 = args[3]
if len(args) > 4:
line.v4 = args[4]
if len(args) > 5:
line.v5 = args[5]
for i in range(field_index, field_index+len(field_values)):
line.__setattr__(f'v{i}', field_values[i - field_index])
# if len(args) > 0:
# line.v0 = args[0]
# if len(args) > 1:
# line.v1 = args[1]
# if len(args) > 2:
# line.v2 = args[2]
# if len(args) > 3:
# line.v3 = args[3]
# if len(args) > 4:
# line.v4 = args[4]
# if len(args) > 5:
# line.v5 = args[5]
return line
@ -132,7 +136,7 @@ class Adapter(persist.Adapter):
"""
delete policy rules for matching filters from mongodb
"""
line = self.format_policy(ptype, field_values)
line = self.format_policy(ptype, field_values, field_index)
self._collection.delete_one(line.dict())