upgrade flask to 2.3.2 and replace g.user with current_user

2025-08-07 17:07:46 +08:00 · 2023-08-06 19:12:44 +08:00
parent 9d421993a0
commit 934d00e87d
23 changed files with 130 additions and 149 deletions
--- a/cmdb-api/api/views/acl/resources.py
+++ b/cmdb-api/api/views/acl/resources.py
@@ -2,6 +2,7 @@

 from flask import g
 from flask import request
+from flask_login import current_user

 from api.lib.decorator import args_required
 from api.lib.decorator import args_validate
@@ -103,8 +104,8 @@ class ResourceView(APIView):
        type_id = request.values.get('type_id')
        app_id = request.values.get('app_id')
        uid = request.values.get('uid')
-        if not uid and hasattr(g, "user") and hasattr(g.user, "uid"):
-            uid = g.user.uid
+        if not uid and hasattr(g, "user") and hasattr(current_user, "uid"):
+            uid = current_user.uid

        resource = ResourceCRUD.add(name, type_id, app_id, uid)

--- a/cmdb-api/api/views/acl/role.py
+++ b/cmdb-api/api/views/acl/role.py
@@ -2,8 +2,8 @@

 from flask import abort
 from flask import current_app
-from flask import g
 from flask import request
+from flask_login import current_user

 from api.lib.decorator import args_required
 from api.lib.decorator import args_validate
@@ -31,12 +31,9 @@ class RoleView(APIView):
        page_size = get_page_size(request.values.get("page_size"))
        q = request.values.get('q')
        app_id = request.values.get('app_id')
-        is_all = request.values.get('is_all', True)
-        is_all = True if is_all in current_app.config.get("BOOL_TRUE") else False
-        user_role = request.values.get('user_role', True)
-        user_only = request.values.get('user_only', False)
-        user_role = True if user_role in current_app.config.get("BOOL_TRUE") else False
-        user_only = True if user_only in current_app.config.get("BOOL_TRUE") else False
+        is_all = request.values.get('is_all', True) in current_app.config.get("BOOL_TRUE")
+        user_role = request.values.get('user_role', True) in current_app.config.get("BOOL_TRUE")
+        user_only = request.values.get('user_only', False) in current_app.config.get("BOOL_TRUE")

        numfound, roles = RoleCRUD.search(q, app_id, page, page_size, user_role, is_all, user_only)

@@ -160,8 +157,8 @@ class RoleHasPermissionView(APIView):
    @auth_with_app_token
    def get(self):
        if not request.values.get('rid'):
-            role = RoleCache.get_by_name(None, g.user.username)
-            role or abort(404, ErrFormat.role_not_found.format(g.user.username))
+            role = RoleCache.get_by_name(None, current_user.username)
+            role or abort(404, ErrFormat.role_not_found.format(current_user.username))
        else:
            role = RoleCache.get(int(request.values.get('rid')))

--- a/cmdb-api/api/views/acl/user.py
+++ b/cmdb-api/api/views/acl/user.py
@@ -13,7 +13,6 @@ from api.lib.decorator import args_required
 from api.lib.decorator import args_validate
 from api.lib.perm.acl.acl import ACLManager
 from api.lib.perm.acl.acl import role_required
-from api.lib.perm.acl.audit import AuditCRUD, AuditOperateType
 from api.lib.perm.acl.cache import AppCache
 from api.lib.perm.acl.cache import UserCache
 from api.lib.perm.acl.resp_format import ErrFormat
@@ -116,7 +115,7 @@ class UserView(APIView):

    @role_required("acl_admin")
    def delete(self, uid):
-        if g.user.uid == uid:
+        if current_user.uid == uid:
            return abort(400, ErrFormat.invalid_operation)
        UserCRUD.delete(uid)

@@ -163,7 +162,7 @@ class UserResetPasswordView(APIView):
                return abort(403, ErrFormat.invalid_request)

        elif hasattr(g, 'user'):
-            if g.user.username != request.values['username']:
+            if current_user.username != request.values['username']:
                return abort(403, ErrFormat.invalid_request)

        else:
--- a/cmdb-api/api/views/cmdb/auto_discovery.py
+++ b/cmdb-api/api/views/cmdb/auto_discovery.py
@@ -5,8 +5,8 @@ from io import BytesIO

 from flask import abort
 from flask import current_app
-from flask import g
 from flask import request
+from flask_login import current_user

 from api.lib.cmdb.auto_discovery.auto_discovery import AutoDiscoveryCICRUD
 from api.lib.cmdb.auto_discovery.auto_discovery import AutoDiscoveryCITypeCRUD
@@ -119,7 +119,7 @@ class AutoDiscoveryCITypeView(APIView):
        _, res = AutoDiscoveryCITypeCRUD.search(page=1, page_size=100000, type_id=type_id, **request.values)
        for i in res:
            if isinstance(i.get("extra_option"), dict) and i['extra_option'].get('secret'):
-                if not (g.user.username == "cmdb_agent" or g.user.uid == i['uid']):
+                if not (current_user.username == "cmdb_agent" or current_user.uid == i['uid']):
                    i['extra_option'].pop('secret', None)
                else:
                    i['extra_option']['secret'] = AESCrypto.decrypt(i['extra_option']['secret'])
@@ -213,7 +213,7 @@ class AutoDiscoveryRuleSyncView(APIView):
    url_prefix = ("/adt/sync",)

    def get(self):
-        if g.user.username not in ("cmdb_agent", "worker", "admin"):
+        if current_user.username not in ("cmdb_agent", "worker", "admin"):
            return abort(403)

        oneagent_name = request.values.get('oneagent_name')