数据权限

2021-05-28 13:41:20 +08:00 · 2021-05-28 13:41:20 +08:00 · fa9cb62683
commit fa9cb62683
parent b84b6281fb
3 changed files with 25 additions and 11 deletions
--- a/api/api_v1/endpoints/authority.py
+++ b/api/api_v1/endpoints/authority.py
@ -127,7 +127,7 @@ async def add_role(request: Request,
                                        {'$set': {'api_name': api_dict.get(obj)}})

    # 管理员默认拥有该角色 方便从db中读出
-    await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, '*', '*',
+    await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, role_dom, '*',
                                role_name=data_in.role_name,
                                game=role_dom)

--- a/api/api_v1/endpoints/data_auth.py
+++ b/api/api_v1/endpoints/data_auth.py
@ -61,6 +61,7 @@ async def all_event(request: Request,
 async def data_authority(request: Request,
                         game: str,
                         db: AsyncIOMotorDatabase = Depends(get_database),
+                         rdb: RedisDrive = Depends(get_redis_pool),
                         ck: CKDrive = Depends(get_ck_db),
                         current_user: schemas.UserDB = Depends(deps.get_current_user)
                         ) -> schemas.Msg:
@ -86,20 +87,31 @@ async def my_event(request: Request,
                   ) -> schemas.Msg:
    """获取自己的事件权限"""

-    # data_auth_id = await crud.authority.get_data_auth_id(db, game, request.user.username)
-    data_auth_id = await crud.authority.get_data_auth_id(db, game, 'wuhao')
-    my_data_auth = await crud.data_auth.get(db, ObjectId(data_auth_id))
-
    all_filed = await rdb.get(f'{game}_event')
    all_filed = json.loads(all_filed)
    data_attr = await crud.data_attr.find_many(db, game=game, cat='event')
    data_attr = {item['name']: item for item in data_attr}

-    if not my_data_auth:
-        return schemas.Msg(code=0, msg='ok', data=[])
-    key_prefix = f'{game}_event_'
+    data_auth_id = await crud.authority.get_data_auth_id(db, game, request.user.username)
+
+
+    if data_auth_id:
+        # 所有数据权限
+        if data_auth_id == '*':
+            my_data_auth = await ck.distinct(game, 'event', '#event_name')
+
+        else:
+            # 设置了数据权限
+            my_data_auth = await crud.data_auth.get(db, ObjectId(data_auth_id))
+            my_data_auth = my_data_auth['data']
+
+        if not my_data_auth:
+            return schemas.Msg(code=0, msg='ok', data=[])
+        key_prefix = f'{game}_event_'
+        event_dict = await rdb.smembers_keys(*my_data_auth, prefix=key_prefix)
+    else:
+        event_dict = {}

-    event_dict = await rdb.smembers_keys(*my_data_auth['data'], prefix=key_prefix)
    event = []

    group_by = [{
--- a/crud/crud_authority.py
+++ b/crud/crud_authority.py
@ -75,8 +75,10 @@ class CRUDAuthority(CRUDBase):
        return await self.distinct(db, 'v0', {'ptype': 'g'})

    async def get_data_auth_id(self, db, game, username):
-        res = await self.find_one(db, {'ptype': 'g', 'v0': username, 'v2': game}, {'_id': 0, 'data_auth_id': 1})
-        return res.get('data_auth_id')
+        res = await self.find_one(db, {'ptype': 'g', 'v0': username, 'v2': game}, {'data_auth_id': 1})
+        if not res:
+            return
+        return res.get('data_auth_id', '*')

    async def create_index(self, db: AsyncIOMotorDatabase):
        await db[self.coll_name].create_index(