catch abort exception when getting relation views

2019-12-13 09:59:38 +08:00 · 2019-12-13 09:59:38 +08:00 · ccf1d1c09a
parent 13e9a0b7bd
commit ccf1d1c09a
4 changed files with 30 additions and 13 deletions
--- a/api/commands/click_cmdb.py
+++ b/api/commands/click_cmdb.py
@ -6,7 +6,6 @@ import json
 import click
 from flask import current_app
 from flask.cli import with_appcontext
-from werkzeug.exceptions import BadRequest

 import api.lib.cmdb.ci
 from api.extensions import db
@ -17,6 +16,7 @@ from api.lib.cmdb.const import REDIS_PREFIX_CI_RELATION
 from api.lib.cmdb.const import ResourceTypeEnum
 from api.lib.cmdb.const import RoleEnum
 from api.lib.cmdb.const import ValueTypeEnum
+from api.lib.exception import AbortException
 from api.lib.perm.acl.acl import ACLManager
 from api.lib.perm.acl.cache import AppCache
 from api.lib.perm.acl.resource import ResourceCRUD
@ -96,17 +96,17 @@ def init_acl():
    for resource_type in ResourceTypeEnum.all():
        try:
            ResourceTypeCRUD.add(app_id, resource_type, '', PermEnum.all())
-        except BadRequest:
+        except AbortException:
            pass

    # 2. add role
    try:
        RoleCRUD.add_role(RoleEnum.CONFIG, app_id, True)
-    except BadRequest:
+    except AbortException:
        pass
    try:
        RoleCRUD.add_role(RoleEnum.CMDB_READ_ALL, app_id, False)
-    except BadRequest:
+    except AbortException:
        pass

    # 3. add resource and grant
@ -115,7 +115,7 @@ def init_acl():
    for ci_type in ci_types:
        try:
            ResourceCRUD.add(ci_type.name, type_id, app_id)
-        except BadRequest:
+        except AbortException:
            pass

        ACLManager().grant_resource_to_role(ci_type.name,
@ -128,7 +128,7 @@ def init_acl():
    for view in relation_views:
        try:
            ResourceCRUD.add(view.name, type_id, app_id)
-        except BadRequest:
+        except AbortException:
            pass

        ACLManager().grant_resource_to_role(view.name,
--- a/api/lib/cmdb/preference.py
+++ b/api/lib/cmdb/preference.py
@ -15,13 +15,14 @@ from api.lib.cmdb.attribute import AttributeManager
 from api.lib.cmdb.cache import AttributeCache
 from api.lib.cmdb.cache import CITypeAttributeCache
 from api.lib.cmdb.cache import CITypeCache
+from api.lib.cmdb.const import ResourceTypeEnum, RoleEnum, PermEnum
+from api.lib.exception import AbortException
+from api.lib.perm.acl.acl import ACLManager
 from api.models.cmdb import CITypeAttribute
 from api.models.cmdb import CITypeRelation
 from api.models.cmdb import PreferenceRelationView
 from api.models.cmdb import PreferenceShowAttributes
 from api.models.cmdb import PreferenceTreeView
-from api.lib.perm.acl.acl import ACLManager
-from api.lib.cmdb.const import ResourceTypeEnum, RoleEnum, PermEnum


 class PreferenceManager(object):
@ -118,11 +119,19 @@ class PreferenceManager(object):

    @staticmethod
    def get_relation_view():
-        views = PreferenceRelationView.get_by(to_dict=True)
+        _views = PreferenceRelationView.get_by(to_dict=True)
+        views = []
        if current_app.config.get("USE_ACL"):
-            views = [i for i in views if ACLManager().has_permission(i.get('name'),
-                                                                     ResourceTypeEnum.RELATION_VIEW,
-                                                                     PermEnum.READ)]
+            for i in _views:
+                try:
+                    if ACLManager().has_permission(i.get('name'),
+                                                   ResourceTypeEnum.RELATION_VIEW,
+                                                   PermEnum.READ):
+                        views.append(i)
+                except AbortException:
+                    pass
+        else:
+            views = _views

        view2cr_ids = dict()
        result = dict()
@ -175,6 +184,7 @@ class PreferenceManager(object):
            return abort(400, "Node must be selected")

        existed = PreferenceRelationView.get_by(name=name, to_dict=False, first=True)
+        current_app.logger.debug(existed)
        if existed is None:
            PreferenceRelationView.create(name=name, cr_ids=json.dumps(cr_ids))

--- a/api/lib/exception.py
+++ b/api/lib/exception.py
@ -1,5 +1,11 @@
 # -*- coding:utf-8 -*-


+from werkzeug.exceptions import NotFound, Forbidden, BadRequest
+
+
 class CommitException(Exception):
    pass
+
+
+AbortException = (NotFound, Forbidden, BadRequest)
--- a/api/lib/perm/acl/cache.py
+++ b/api/lib/perm/acl/cache.py
@ -1,6 +1,7 @@
 # -*- coding:utf-8 -*-

 from api.extensions import cache
+from api.extensions import db
 from api.models.acl import App
 from api.models.acl import Permission
 from api.models.acl import Role
@ -139,7 +140,7 @@ class RoleRelationCache(object):
    @classmethod
    def rebuild(cls, rid):
        cls.clean(rid)
-
+        db.session.close()
        cls.get_parent_ids(rid)
        cls.get_child_ids(rid)
        cls.get_resources(rid)