Modify code organization

cmdb-api/api/views/acl/__init__.py

@@ -0,0 +1 @@
+# -*- coding:utf-8 -*-

cmdb-api/api/views/acl/permission.py

@@ -0,0 +1,40 @@
+# -*- coding:utf-8 -*-
+
+
+from flask import request
+
+from api.lib.decorator import args_required
+from api.lib.perm.acl.permission import PermissionCRUD
+from api.lib.utils import handle_arg_list
+from api.resource import APIView
+
+
+class ResourcePermissionView(APIView):
+    url_prefix = ("/resources/<int:resource_id>/permissions", "/resource_groups/<int:group_id>/permissions")
+
+    def get(self, resource_id=None, group_id=None):
+        return self.jsonify(PermissionCRUD.get_all(resource_id, group_id))
+
+
+class RolePermissionGrantView(APIView):
+    url_prefix = ('/roles/<int:rid>/resources/<int:resource_id>/grant',
+                  '/roles/<int:rid>/resource_groups/<int:group_id>/grant')
+
+    @args_required('perms')
+    def post(self, rid, resource_id=None, group_id=None):
+        perms = handle_arg_list(request.values.get("perms"))
+        PermissionCRUD.grant(rid, perms, resource_id=resource_id, group_id=group_id)
+
+        return self.jsonify(rid=rid, resource_id=resource_id, group_id=group_id, perms=perms)
+
+
+class RolePermissionRevokeView(APIView):
+    url_prefix = ('/roles/<int:rid>/resources/<int:resource_id>/revoke',
+                  '/roles/<int:rid>/resource_groups/<int:group_id>/revoke')
+
+    @args_required('perms')
+    def post(self, rid, resource_id=None, group_id=None):
+        perms = handle_arg_list(request.values.get("perms"))
+        PermissionCRUD.revoke(rid, perms, resource_id=resource_id, group_id=group_id)
+
+        return self.jsonify(rid=rid, resource_id=resource_id, group_id=group_id, perms=perms)

cmdb-api/api/views/acl/resources.py

@@ -0,0 +1,166 @@
+# -*- coding:utf-8 -*-
+
+from flask import request
+
+from api.lib.decorator import args_required
+from api.lib.perm.acl import validate_app
+from api.lib.perm.acl.resource import ResourceCRUD
+from api.lib.perm.acl.resource import ResourceGroupCRUD
+from api.lib.perm.acl.resource import ResourceTypeCRUD
+from api.lib.utils import get_page
+from api.lib.utils import get_page_size
+from api.lib.utils import handle_arg_list
+from api.resource import APIView
+
+
+class ResourceTypeView(APIView):
+    url_prefix = ("/resource_types", "/resource_types/<int:type_id>")
+
+    @args_required('app_id')
+    @validate_app
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        app_id = request.values.get('app_id')
+
+        numfound, res, id2perms = ResourceTypeCRUD.search(q, app_id, page, page_size)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            groups=[i.to_dict() for i in res],
+                            id2perms=id2perms)
+
+    @args_required('name')
+    @args_required('app_id')
+    @args_required('perms')
+    @validate_app
+    def post(self):
+        name = request.values.get('name')
+        app_id = request.values.get('app_id')
+        description = request.values.get('description', '')
+        perms = request.values.get('perms')
+
+        rt = ResourceTypeCRUD.add(app_id, name, description, perms)
+
+        return self.jsonify(rt.to_dict())
+
+    def put(self, type_id):
+        rt = ResourceTypeCRUD.update(type_id, **request.values)
+
+        return self.jsonify(rt.to_dict())
+
+    def delete(self, type_id):
+        ResourceTypeCRUD.delete(type_id)
+
+        return self.jsonify(type_id=type_id)
+
+
+class ResourceTypePermsView(APIView):
+    url_prefix = "/resource_types/<int:type_id>/perms"
+
+    def get(self, type_id):
+        return self.jsonify(ResourceTypeCRUD.get_perms(type_id))
+
+
+class ResourceView(APIView):
+    url_prefix = ("/resources", "/resources/<int:resource_id>")
+
+    @args_required('app_id')
+    @validate_app
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        resource_type_id = request.values.get('resource_type_id')
+        app_id = request.values.get('app_id')
+
+        numfound, res = ResourceCRUD.search(q, app_id, resource_type_id, page, page_size)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            resources=[i.to_dict() for i in res])
+
+    @args_required('name')
+    @args_required('type_id')
+    @args_required('app_id')
+    @validate_app
+    def post(self):
+        name = request.values.get('name')
+        type_id = request.values.get('type_id')
+        app_id = request.values.get('app_id')
+
+        resource = ResourceCRUD.add(name, type_id, app_id)
+
+        return self.jsonify(resource.to_dict())
+
+    @args_required('name')
+    def put(self, resource_id):
+        name = request.values.get('name')
+
+        resource = ResourceCRUD.update(resource_id, name)
+
+        return self.jsonify(resource.to_dict())
+
+    def delete(self, resource_id):
+        ResourceCRUD.delete(resource_id)
+
+        return self.jsonify(resource_id=resource_id)
+
+
+class ResourceGroupView(APIView):
+    url_prefix = ("/resource_groups", "/resource_groups/<int:group_id>")
+
+    @args_required('app_id')
+    @validate_app
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        app_id = request.values.get('app_id')
+
+        numfound, res = ResourceGroupCRUD.search(q, app_id, page, page_size)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            groups=[i.to_dict() for i in res])
+
+    @args_required('name')
+    @args_required('type_id')
+    @args_required('app_id')
+    @validate_app
+    def post(self):
+        name = request.values.get('name')
+        type_id = request.values.get('type_id')
+        app_id = request.values.get('app_id')
+
+        group = ResourceGroupCRUD.add(name, type_id, app_id)
+
+        return self.jsonify(group.to_dict())
+
+    @args_required('items')
+    def put(self, group_id):
+        items = handle_arg_list(request.values.get("items"))
+
+        ResourceGroupCRUD.update(group_id, items)
+
+        items = ResourceGroupCRUD.get_items(group_id)
+
+        return self.jsonify(items)
+
+    def delete(self, group_id):
+        ResourceGroupCRUD.delete(group_id)
+
+        return self.jsonify(group_id=group_id)
+
+
+class ResourceGroupItemsView(APIView):
+    url_prefix = "/resource_groups/<int:group_id>/items"
+
+    def get(self, group_id):
+        items = ResourceGroupCRUD.get_items(group_id)
+
+        return self.jsonify(items)

cmdb-api/api/views/acl/role.py

@@ -0,0 +1,77 @@
+# -*- coding:utf-8 -*-
+
+from flask import current_app
+from flask import request
+
+from api.lib.decorator import args_required
+from api.lib.perm.acl import validate_app
+from api.lib.perm.acl.role import RoleCRUD
+from api.lib.perm.acl.role import RoleRelationCRUD
+from api.lib.utils import get_page
+from api.lib.utils import get_page_size
+from api.resource import APIView
+
+
+class RoleView(APIView):
+    url_prefix = ("/roles", "/roles/<int:rid>")
+
+    @args_required('app_id')
+    @validate_app
+    def get(self):
+        page = get_page(request.values.get("page", 1))
+        page_size = get_page_size(request.values.get("page_size"))
+        q = request.values.get('q')
+        app_id = request.values.get('app_id')
+        user_role = request.values.get('user_role', True)
+        user_role = True if user_role in current_app.config.get("BOOL_TRUE") else False
+
+        numfound, roles = RoleCRUD.search(q, app_id, page, page_size, user_role)
+
+        id2parents = RoleRelationCRUD.get_parents([i.id for i in roles])
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            id2parents=id2parents,
+                            roles=[i.to_dict() for i in roles])
+
+    @args_required('name')
+    @args_required('app_id')
+    @validate_app
+    def post(self):
+        name = request.values.get('name')
+        app_id = request.values.get('app_id')
+        is_app_admin = request.values.get('is_app_admin', False)
+
+        role = RoleCRUD.add_role(name, app_id, is_app_admin=is_app_admin)
+
+        return self.jsonify(role.to_dict())
+
+    def put(self, rid):
+        role = RoleCRUD.update_role(rid, **request.values)
+
+        return self.jsonify(role.to_dict())
+
+    def delete(self, rid):
+        RoleCRUD.delete_role(rid)
+
+        return self.jsonify(rid=rid)
+
+
+class RoleRelationView(APIView):
+    url_prefix = "/roles/<int:child_id>/parents"
+
+    @args_required('parent_id')
+    def post(self, child_id):
+        parent_id = request.values.get('parent_id')
+        res = RoleRelationCRUD.add(parent_id, child_id)
+
+        return self.jsonify(res.to_dict())
+
+    @args_required('parent_id')
+    def delete(self, child_id):
+        parent_id = request.values.get('parent_id')
+
+        RoleRelationCRUD.delete2(parent_id, child_id)
+
+        return self.jsonify(parent_id=parent_id, child_id=child_id)

cmdb-api/api/views/acl/user.py

@@ -0,0 +1,78 @@
+# -*- coding:utf-8 -*-
+
+
+from flask import request
+from flask import session
+from flask_login import current_user
+
+from api.lib.decorator import args_required
+from api.lib.perm.acl.role import RoleRelationCRUD
+from api.lib.perm.acl.user import UserCRUD
+from api.lib.utils import get_page
+from api.lib.utils import get_page_size
+from api.resource import APIView
+
+
+class GetUserInfoView(APIView):
+    url_prefix = "/users/info"
+
+    def get(self):
+        name = session.get("CAS_USERNAME") or current_user.nickname
+        role = dict(permissions=session.get("acl", {}).get("parentRoles", []))
+        avatar = current_user.avatar
+
+        return self.jsonify(result=dict(name=name,
+                                        role=role,
+                                        avatar=avatar))
+
+
+class UserView(APIView):
+    url_prefix = ("/users", "/users/<int:uid>")
+
+    def get(self):
+        page = get_page(request.values.get('page', 1))
+        page_size = get_page_size(request.values.get('page_size'))
+        q = request.values.get("q")
+        numfound, users = UserCRUD.search(q, page, page_size)
+        id2parents = RoleRelationCRUD.get_parents(uids=[i.uid for i in users])
+
+        users = [i.to_dict() for i in users]
+        for u in users:
+            u.pop('password', None)
+            u.pop('key', None)
+            u.pop('secret', None)
+
+        return self.jsonify(numfound=numfound,
+                            page=page,
+                            page_size=page_size,
+                            id2parents=id2parents,
+                            users=users)
+
+    @args_required('username')
+    @args_required('email')
+    def post(self):
+        user = UserCRUD.add(**request.values)
+
+        return self.jsonify(user.to_dict())
+
+    def put(self, uid):
+        user = UserCRUD.update(uid, **request.values)
+
+        return self.jsonify(user.to_dict())
+
+    def delete(self, uid):
+        UserCRUD.delete(uid)
+
+        return self.jsonify(uid=uid)
+
+
+class UserResetKeySecretView(APIView):
+    url_prefix = "/users/reset_key_secret"
+
+    def post(self):
+        key, secret = UserCRUD.reset_key_secret()
+
+        return self.jsonify(key=key, secret=secret)
+
+    def put(self):
+        return self.post()