7x31/cmdb
1
0
Fork 0
mirror of https://github.com/veops/cmdb.git synced 2025-08-08 20:07:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

update acl

Browse Source
This commit is contained in:
pycook
2019-11-14 18:35:31 +08:00
parent 47c66be179
commit eaa5cb8bf1
14 changed files with 261 additions and 206 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
api/lib/perm/acl/cache.py
View File

@@ -3,6 +3,39 @@
from api.extensions import cache
from api.models.acl import Permission
from api.models.acl import Role
from api.models.acl import User
class UserCache(object):
PREFIX_ID = "User::uid::{0}"
PREFIX_NAME = "User::username::{0}"
PREFIX_NICK = "User::nickname::{0}"
@classmethod
def get(cls, key):
user = cache.get(cls.PREFIX_ID.format(key)) or \
cache.get(cls.PREFIX_NAME.format(key)) or \
cache.get(cls.PREFIX_NICK.format(key))
if not user:
user = User.query.get(key) or \
User.query.get_by_username(key) or \
User.query.get_by_nickname(key)
if user:
cls.set(user)
return user
@classmethod
def set(cls, user):
cache.set(cls.PREFIX_ID.format(user.uid), user)
cache.set(cls.PREFIX_NAME.format(user.username), user)
cache.set(cls.PREFIX_NICK.format(user.nickname), user)
@classmethod
def clean(cls, user):
cache.delete(cls.PREFIX_ID.format(user.uid))
cache.delete(cls.PREFIX_NAME.format(user.username))
cache.delete(cls.PREFIX_NICK.format(user.nickname))
class RoleCache(object):

14
api/lib/perm/acl/role.py
View File

@@ -18,13 +18,21 @@ from api.tasks.acl import role_rebuild
class RoleRelationCRUD(object):
@staticmethod
def get_parents(rids):
rids = [rids] if isinstance(rids, six.integer_types) else rids
def get_parents(rids=None, uids=None):
rid2uid = dict()
if uids is not None:
uids = [uids] if isinstance(uids, six.integer_types) else uids
rids = db.session.query(Role).filter(Role.deleted.is_(False)).filter(Role.uid.in_(uids))
rid2uid = {i.rid: i.uid for i in rids}
rids = [i.rid for i in rids]
else:
rids = [rids] if isinstance(rids, six.integer_types) else rids
res = db.session.query(RoleRelation).filter(
RoleRelation.child_id.in_(rids)).filter(RoleRelation.deleted.is_(False))
id2parents = {}
for i in res:
id2parents.setdefault(i.child_id, []).append(RoleCache.get(i.parent_id).to_dict())
id2parents.setdefault(rid2uid.get(i.child_id, i.child_id), []).append(RoleCache.get(i.parent_id).to_dict())
return id2parents

45
api/lib/perm/acl/user.py Normal file
View File

@@ -0,0 +1,45 @@
# -*- coding:utf-8 -*-
from flask import abort
from api.extensions import db
from api.lib.perm.acl.cache import UserCache
from api.models.acl import User
class UserCRUD(object):
@staticmethod
def search(q, page=1, page_size=None):
query = db.session.query(User).filter(User.deleted.is_(False))
if q:
query = query.filter(User.username.ilike('%{0}%'.format(q)))
numfound = query.count()
return numfound, query.offset((page - 1) * page_size).limit(page_size)
@staticmethod
def add(**kwargs):
existed = User.get_by(username=kwargs['username'], email=kwargs['email'])
existed and abort(400, "User <{0}> is already existed".format(kwargs['username']))
kwargs['nickname'] = kwargs['username'] if not kwargs.get('nickname') else kwargs['nickname']
kwargs['block'] = 0
return User.create(**kwargs)
@staticmethod
def update(rid, **kwargs):
user = User.get_by_id(rid) or abort(404, "User <{0}> does not exist".format(rid))
UserCache.clean(rid)
return user.update(**kwargs)
@classmethod
def delete(cls, uid):
user = User.get_by_id(uid) or abort(404, "User <{0}> does not exist".format(uid))
UserCache.clean(user)
user.soft_delete()

4
api/lib/perm/auth.py
View File

@@ -13,8 +13,8 @@ from flask import request
from flask import session
from flask_login import login_user
from api.models.account import User
from api.models.account import UserCache
from api.models.acl import User
from api.lib.perm.acl.cache import UserCache
def _auth_with_key():