From fa9cb62683b8aa8bd0ad43c485eef29a252e171d Mon Sep 17 00:00:00 2001 From: wuaho Date: Fri, 28 May 2021 13:41:20 +0800 Subject: [PATCH] =?UTF-8?q?=E6=95=B0=E6=8D=AE=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/api_v1/endpoints/authority.py | 2 +- api/api_v1/endpoints/data_auth.py | 28 ++++++++++++++++++++-------- crud/crud_authority.py | 6 ++++-- 3 files changed, 25 insertions(+), 11 deletions(-) diff --git a/api/api_v1/endpoints/authority.py b/api/api_v1/endpoints/authority.py index 3990d7a..d0011d3 100644 --- a/api/api_v1/endpoints/authority.py +++ b/api/api_v1/endpoints/authority.py @@ -127,7 +127,7 @@ async def add_role(request: Request, {'$set': {'api_name': api_dict.get(obj)}}) # 管理员默认拥有该角色 方便从db中读出 - await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, '*', '*', + await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, role_dom, '*', role_name=data_in.role_name, game=role_dom) diff --git a/api/api_v1/endpoints/data_auth.py b/api/api_v1/endpoints/data_auth.py index 2aaeb28..e6fe954 100644 --- a/api/api_v1/endpoints/data_auth.py +++ b/api/api_v1/endpoints/data_auth.py @@ -61,6 +61,7 @@ async def all_event(request: Request, async def data_authority(request: Request, game: str, db: AsyncIOMotorDatabase = Depends(get_database), + rdb: RedisDrive = Depends(get_redis_pool), ck: CKDrive = Depends(get_ck_db), current_user: schemas.UserDB = Depends(deps.get_current_user) ) -> schemas.Msg: @@ -86,20 +87,31 @@ async def my_event(request: Request, ) -> schemas.Msg: """获取自己的事件权限""" - # data_auth_id = await crud.authority.get_data_auth_id(db, game, request.user.username) - data_auth_id = await crud.authority.get_data_auth_id(db, game, 'wuhao') - my_data_auth = await crud.data_auth.get(db, ObjectId(data_auth_id)) - all_filed = await rdb.get(f'{game}_event') all_filed = json.loads(all_filed) data_attr = await crud.data_attr.find_many(db, game=game, cat='event') data_attr = {item['name']: item for item in data_attr} - if not my_data_auth: - return schemas.Msg(code=0, msg='ok', data=[]) - key_prefix = f'{game}_event_' + data_auth_id = await crud.authority.get_data_auth_id(db, game, request.user.username) + + + if data_auth_id: + # 所有数据权限 + if data_auth_id == '*': + my_data_auth = await ck.distinct(game, 'event', '#event_name') + + else: + # 设置了数据权限 + my_data_auth = await crud.data_auth.get(db, ObjectId(data_auth_id)) + my_data_auth = my_data_auth['data'] + + if not my_data_auth: + return schemas.Msg(code=0, msg='ok', data=[]) + key_prefix = f'{game}_event_' + event_dict = await rdb.smembers_keys(*my_data_auth, prefix=key_prefix) + else: + event_dict = {} - event_dict = await rdb.smembers_keys(*my_data_auth['data'], prefix=key_prefix) event = [] group_by = [{ diff --git a/crud/crud_authority.py b/crud/crud_authority.py index 2d1c51e..69d48c9 100644 --- a/crud/crud_authority.py +++ b/crud/crud_authority.py @@ -75,8 +75,10 @@ class CRUDAuthority(CRUDBase): return await self.distinct(db, 'v0', {'ptype': 'g'}) async def get_data_auth_id(self, db, game, username): - res = await self.find_one(db, {'ptype': 'g', 'v0': username, 'v2': game}, {'_id': 0, 'data_auth_id': 1}) - return res.get('data_auth_id') + res = await self.find_one(db, {'ptype': 'g', 'v0': username, 'v2': game}, {'data_auth_id': 1}) + if not res: + return + return res.get('data_auth_id', '*') async def create_index(self, db: AsyncIOMotorDatabase): await db[self.coll_name].create_index(