Partially completed backend development of permissions management

2025-08-07 21:18:13 +08:00 · 2019-11-08 17:42:13 +08:00
parent dc18e3b82f
commit 7da14f6aa0
12 changed files with 694 additions and 0 deletions
--- a/api/views/init.py
+++ b/api/views/init.py
@@ -29,3 +29,9 @@ perm_rest.add_resource(GetUserInfoView, GetUserInfoView.url_prefix)
 blueprint_cmdb_v01 = Blueprint('cmdb_api_v01', __name__, url_prefix='/api/v0.1')
 rest = Api(blueprint_cmdb_v01)
 register_resources(os.path.join(HERE, "cmdb"), rest)
+
+
+# acl
+blueprint_acl_v1 = Blueprint('cmdb_acl_v1', __name__, url_prefix='/api/v1/acl')
+rest = Api(blueprint_acl_v1)
+register_resources(os.path.join(HERE, "acl"), rest)
--- a/api/views/acl/init.py
+++ b/api/views/acl/init.py
@@ -0,0 +1,3 @@
+# -*- coding:utf-8 -*-
+
+__author__ = 'pycook'
--- a/api/views/acl/resource.py
+++ b/api/views/acl/resource.py
@@ -0,0 +1,107 @@
+# -*- coding:utf-8 -*-
+
+from flask import request
+
+from api.lib.decorator import args_required
+from api.lib.perm.acl.resource import ResourceCRUD
+from api.lib.perm.acl.resource import ResourceGroupCRUD
+from api.lib.utils import get_page
+from api.lib.utils import get_page_size
+from api.lib.utils import handle_arg_list
+from api.resource import APIView
+
+
+class ResourceView(APIView):
+    url_prefix = ("/resources", "/resources/<int:resource_id>")
+
+    @args_required('app_id')
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        app_id = request.values.get('app_id')
+
+        numfound, res = ResourceCRUD.search(q, app_id, page, page_size)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            resources=[i.to_dict() for i in res])
+
+    @args_required('name')
+    @args_required('type_id')
+    @args_required('app_id')
+    def post(self):
+        name = request.values.get('name')
+        type_id = request.values.get('type_id')
+        app_id = request.values.get('app_id')
+
+        resource = ResourceCRUD.add(name, type_id, app_id)
+
+        return self.jsonify(resource.to_dict())
+
+    @args_required('name')
+    def put(self, resource_id):
+        name = request.values.get('name')
+
+        resource = ResourceCRUD.update(resource_id, name)
+
+        return self.jsonify(resource.to_dict())
+
+    def delete(self, resource_id):
+        ResourceCRUD.delete(resource_id)
+
+        return self.jsonify(resource_id=resource_id)
+
+
+class ResourceGroupView(APIView):
+    url_prefix = ("/resource_groups", "/resource_groups/<int:group_id>")
+
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        app_id = request.values.get('app_id')
+
+        numfound, res = ResourceGroupCRUD.search(q, app_id, page, page_size)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            groups=[i.to_dict() for i in res])
+
+    @args_required('name')
+    @args_required('type_id')
+    @args_required('app_id')
+    def post(self):
+        name = request.values.get('name')
+        type_id = request.values.get('type_id')
+        app_id = request.values.get('app_id')
+
+        group = ResourceGroupCRUD.add(name, type_id, app_id)
+
+        return self.jsonify(group.to_dict())
+
+    @args_required('items')
+    def put(self, group_id):
+        items = handle_arg_list(request.values.get("items"))
+
+        ResourceGroupCRUD.update(group_id, items)
+
+        items = ResourceGroupCRUD.get_items(group_id)
+
+        return self.jsonify(items)
+
+    def delete(self, group_id):
+        ResourceGroupCRUD.delete(group_id)
+
+        return self.jsonify(group_id=group_id)
+
+
+class ResourceGroupItemsView(APIView):
+    url_prefix = "/resource_groups/<int:group_id>/items"
+
+    def get(self, group_id):
+        items = ResourceGroupCRUD.get_items(group_id)
+
+        return self.jsonify(items)
--- a/api/views/acl/role.py
+++ b/api/views/acl/role.py
@@ -0,0 +1,48 @@
+# -*- coding:utf-8 -*-
+
+from flask import request
+
+from api.lib.decorator import args_required
+from api.lib.perm.acl.role import RoleCRUD
+from api.lib.utils import get_page
+from api.lib.utils import get_page_size
+from api.resource import APIView
+
+
+class RoleView(APIView):
+    url_prefix = ("/roles", "/roles/<int:rid>")
+
+    @args_required('app_id')
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        app_id = request.values.get('app_id')
+
+        numfound, roles = RoleCRUD.search(q, app_id, page, page_size)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            roles=[i.to_dict() for i in roles])
+
+    @args_required('name')
+    @args_required('app_id')
+    def post(self):
+        name = request.values.get('name')
+        app_id = request.values.get('app_id')
+        is_app_admin = request.values.get('is_app_admin', False)
+
+        role = RoleCRUD.add_role(name, app_id, is_app_admin=is_app_admin)
+
+        return self.jsonify(role.to_dict())
+
+    def put(self, rid):
+        role = RoleCRUD.update_role(rid, **request.values)
+
+        return self.jsonify(role.to_dict())
+
+    def delete(self, rid):
+        RoleCRUD.delete_role(rid)
+
+        return self.jsonify(rid=rid)