update acl

api/lib/cmdb/history.py

@@ -7,7 +7,7 @@ from flask import g
 from api.extensions import db
 from api.lib.cmdb.cache import AttributeCache
 from api.lib.cmdb.cache import RelationTypeCache
-from api.models.account import UserCache
+from api.lib.perm.acl.cache import UserCache
 from api.models.cmdb import Attribute
 from api.models.cmdb import AttributeHistory
 from api.models.cmdb import CIRelationHistory

api/lib/perm/acl/cache.py

@@ -3,6 +3,39 @@
 from api.extensions import cache
 from api.models.acl import Permission
 from api.models.acl import Role
+from api.models.acl import User
+
+
+class UserCache(object):
+    PREFIX_ID = "User::uid::{0}"
+    PREFIX_NAME = "User::username::{0}"
+    PREFIX_NICK = "User::nickname::{0}"
+
+    @classmethod
+    def get(cls, key):
+        user = cache.get(cls.PREFIX_ID.format(key)) or \
+               cache.get(cls.PREFIX_NAME.format(key)) or \
+               cache.get(cls.PREFIX_NICK.format(key))
+        if not user:
+            user = User.query.get(key) or \
+                   User.query.get_by_username(key) or \
+                   User.query.get_by_nickname(key)
+        if user:
+            cls.set(user)
+
+        return user
+
+    @classmethod
+    def set(cls, user):
+        cache.set(cls.PREFIX_ID.format(user.uid), user)
+        cache.set(cls.PREFIX_NAME.format(user.username), user)
+        cache.set(cls.PREFIX_NICK.format(user.nickname), user)
+
+    @classmethod
+    def clean(cls, user):
+        cache.delete(cls.PREFIX_ID.format(user.uid))
+        cache.delete(cls.PREFIX_NAME.format(user.username))
+        cache.delete(cls.PREFIX_NICK.format(user.nickname))
 
 
 class RoleCache(object):

api/lib/perm/acl/role.py

@@ -18,13 +18,21 @@ from api.tasks.acl import role_rebuild
 
 class RoleRelationCRUD(object):
     @staticmethod
-    def get_parents(rids):
-        rids = [rids] if isinstance(rids, six.integer_types) else rids
+    def get_parents(rids=None, uids=None):
+        rid2uid = dict()
+        if uids is not None:
+            uids = [uids] if isinstance(uids, six.integer_types) else uids
+            rids = db.session.query(Role).filter(Role.deleted.is_(False)).filter(Role.uid.in_(uids))
+            rid2uid = {i.rid: i.uid for i in rids}
+            rids = [i.rid for i in rids]
+        else:
+            rids = [rids] if isinstance(rids, six.integer_types) else rids
+
         res = db.session.query(RoleRelation).filter(
             RoleRelation.child_id.in_(rids)).filter(RoleRelation.deleted.is_(False))
         id2parents = {}
         for i in res:
-            id2parents.setdefault(i.child_id, []).append(RoleCache.get(i.parent_id).to_dict())
+            id2parents.setdefault(rid2uid.get(i.child_id, i.child_id), []).append(RoleCache.get(i.parent_id).to_dict())
 
         return id2parents
 

api/lib/perm/acl/user.py

@@ -0,0 +1,45 @@
+# -*- coding:utf-8 -*-
+
+
+from flask import abort
+
+from api.extensions import db
+from api.lib.perm.acl.cache import UserCache
+from api.models.acl import User
+
+
+class UserCRUD(object):
+    @staticmethod
+    def search(q, page=1, page_size=None):
+        query = db.session.query(User).filter(User.deleted.is_(False))
+        if q:
+            query = query.filter(User.username.ilike('%{0}%'.format(q)))
+
+        numfound = query.count()
+
+        return numfound, query.offset((page - 1) * page_size).limit(page_size)
+
+    @staticmethod
+    def add(**kwargs):
+        existed = User.get_by(username=kwargs['username'], email=kwargs['email'])
+        existed and abort(400, "User <{0}> is already existed".format(kwargs['username']))
+
+        kwargs['nickname'] = kwargs['username'] if not kwargs.get('nickname') else kwargs['nickname']
+        kwargs['block'] = 0
+        return User.create(**kwargs)
+
+    @staticmethod
+    def update(rid, **kwargs):
+        user = User.get_by_id(rid) or abort(404, "User <{0}> does not exist".format(rid))
+
+        UserCache.clean(rid)
+
+        return user.update(**kwargs)
+
+    @classmethod
+    def delete(cls, uid):
+        user = User.get_by_id(uid) or abort(404, "User <{0}> does not exist".format(uid))
+
+        UserCache.clean(user)
+
+        user.soft_delete()

api/lib/perm/auth.py

@@ -13,8 +13,8 @@ from flask import request
 from flask import session
 from flask_login import login_user
 
-from api.models.account import User
-from api.models.account import UserCache
+from api.models.acl import User
+from api.lib.perm.acl.cache import UserCache
 
 
 def _auth_with_key():