import pymongo from fastapi import APIRouter, Depends, Request from motor.motor_asyncio import AsyncIOMotorDatabase import crud, schemas from core.config import settings from core.security import get_password_hash from db import get_database from api import deps from utils import casbin_enforcer router = APIRouter() @router.get("/api_list") async def api_list(request: Request, current_user: schemas.UserDB = Depends(deps.get_current_user)) -> schemas.Msg: """api 列表""" app = request.app data = {} for r in app.routes: title = r.tags[0] if hasattr(r, 'description') else None if not title: continue data.setdefault(title, {'list': []}) path = r.path name = r.description if hasattr(r, 'description') else r.name data[title]['list'].append({'api': path, 'title': name}) res = [{'title': k, 'list': v['list']} for k, v in data.items()] return schemas.Msg(code=0, msg='ok', data=res) @router.post("/add_role") async def add_role(request: Request, data_in: schemas.CasbinRoleCreate, game: str = Depends(deps.get_game_project), db: AsyncIOMotorDatabase = Depends(get_database), current_user: schemas.UserDB = Depends(deps.get_current_user) ) -> schemas.Msg: """创建角色""" role_dom = game api_dict = dict() for r in request.app.routes: api_dict[r.path] = r.description if hasattr(r, 'description') else r.name # 角色有的接口权限 for obj in data_in.role_api: casbin_enforcer.add_policy(data_in.role_name, role_dom, obj, '*') await crud.authority.create(db, 'p', data_in.role_name, role_dom, obj, '*', api_name=api_dict.get(obj)) # 管理员默认拥有该角色 方便从db中读出 await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, '*', '*', role_name=data_in.role_name, game=role_dom) return schemas.Msg(code=0, msg='ok') @router.post("/add_sys_role") async def add_sys_role(request: Request, data_in: schemas.CasbinRoleCreate, game: str = Depends(deps.get_game_project), db: AsyncIOMotorDatabase = Depends(get_database), current_user: schemas.UserDB = Depends(deps.get_current_user) ) -> schemas.Msg: """创建系统角色""" api_dict = dict() for r in request.app.routes: api_dict[r.path] = r.description if hasattr(r, 'description') else r.name # 角色有的接口权限 for obj in data_in.role_api: casbin_enforcer.add_policy(data_in.role_name, '*', obj, '*') await crud.authority.create(db, 'p', data_in.role_name, '*', obj, '*', api_name=api_dict.get(obj)) # 管理员默认拥有该角色 方便从db中读出 await crud.authority.create(db, 'g', settings.SUPERUSER_NAME, data_in.role_name, role_name=data_in.role_name, game='*') return schemas.Msg(code=0, msg='ok') @router.post("/add_account") async def add_account(request: Request, data_in: schemas.AccountsCreate, game: str = Depends(deps.get_game_project), db: AsyncIOMotorDatabase = Depends(get_database), current_user: schemas.UserDB = Depends(deps.get_current_user) ) -> schemas.Msg: """创建账号 并设置角色""" for item in data_in.accounts: account = schemas.UserCreate(name=item.username, password=settings.DEFAULT_PASSWORD) try: await crud.user.create(db, account) except pymongo.errors.DuplicateKeyError: return schemas.Msg(code=-1, msg='用户名已存在') casbin_enforcer.add_grouping_policy(item.username, item.role_name, game) await crud.authority.create(db, 'g', item.username, item.role_name, game) return schemas.Msg(code=0, msg='ok') @router.get("/data_authority") async def data_authority(request: Request, db: AsyncIOMotorDatabase = Depends(get_database), game: str = Depends(deps.get_game_project), current_user: schemas.UserDB = Depends(deps.get_current_user) ) -> schemas.Msg: """获取数据权限""" # todo 这是假数据 data = [{'title': '全部事件', 'check_event_num': 100, 'total_event_num': 100, 'update_time': '2021-05-12 18:49:19'}] return schemas.Msg(code=0, msg='ok', data=data) @router.get("/all_role") async def all_role(request: Request, db: AsyncIOMotorDatabase = Depends(get_database), game: str = Depends(deps.get_game_project), current_user: schemas.UserDB = Depends(deps.get_current_user) ) -> schemas.Msg: """获取所有角色""" """获取域内所有角色""" roles = await crud.authority.find_many(db, role_name={'$exists': 1}, game=game) dom_data = [{'role': item['v1'], 'name': item['role_name']} for item in roles] for item in dom_data: q = await crud.authority.get_role_dom_authority(db, item['role'], game) item['authority'] = q # 获取系统角色 roles = await crud.authority.find_many(db, role_name={'$exists': 1}, game='*') sys_data = [{'role': item['v1'], 'name': item['role_name']} for item in roles] for item in sys_data: q = await crud.authority.get_role_dom_authority(db, item['role'], dom='*') item['authority'] = q data = { 'dom_role': dom_data, 'sys_role': sys_data } return schemas.Msg(code=0, msg='ok', data=data) # @router.get("/all_role") # async def all_role(request: Request, # db: AsyncIOMotorDatabase = Depends(get_database), # current_user: schemas.UserDB = Depends(deps.get_current_user) # ) -> schemas.Msg: # """获取所有角色 和 角色权限""" # routes = {} # for item in request.app.routes: # routes[item.path] = item.description if hasattr(item, 'description') else item.name # roles = casbin_enforcer.get_all_roles() # permissions = {} # for role in roles: # for _, path, _ in casbin_enforcer.get_permissions_for_user(role): # permissions.setdefault(role, []) # if path == '*': # permissions[role].clear() # # permissions[role] = [{ # 'path': k, # 'name': v # } for k, v in routes.items()] # break # # if path in routes: # permissions[role].append( # { # 'path': path, # 'name': routes[path] # } # ) # # return schemas.Msg(code=0, msg='ok', data={'roles': roles, 'permissions': permissions}) # @router.post("/set_role") # async def set_role(request: Request, # data_id: schemas.AccountSetRole, # db: AsyncIOMotorDatabase = Depends(get_database), # current_user: schemas.UserDB = Depends(deps.get_current_user) # ) -> schemas.Msg: # """设置账号角色""" # casbin_enforcer.delete_user(data_id.name) # casbin_enforcer.add_role_for_user(data_id.name, data_id.role_name) # await crud.authority.update_one(db, {'ptype': 'g', 'v0': data_id.name}, dict(v1=data_id.role_name)) # # return schemas.Msg(code=0, msg='ok') # @router.get("/delete_user") # async def delete_user(request: Request, # data_id: schemas.AccountDeleteUser, # db: AsyncIOMotorDatabase = Depends(get_database), # current_user: schemas.UserDB = Depends(deps.get_current_user) # ) -> schemas.Msg: # pass # return schemas.Msg(code=0, msg='暂时没有')