From 7a05944bb5f5ec3d00c326afb573247225903950 Mon Sep 17 00:00:00 2001
From: sichan <sichanwong0527@gmail.com>
Date: Wed, 5 Jun 2024 00:45:24 +0800
Subject: [PATCH] commit

---
 XH_Digital_Management/settings.py             |   4 +-
 .../accounts/user_permissions_list.html       |   2 +-
 application/accounts/urls.py                  |   3 +-
 application/accounts/views.py                 | 130 ++++++++++++++----
 templates/authority_modal.html                |  24 ++--
 templates/authority_modal1.html               |  67 +++++++++
 6 files changed, 188 insertions(+), 42 deletions(-)
 create mode 100644 templates/authority_modal1.html

diff --git a/XH_Digital_Management/settings.py b/XH_Digital_Management/settings.py
index 98a28ce..084365e 100644
--- a/XH_Digital_Management/settings.py
+++ b/XH_Digital_Management/settings.py
@@ -122,8 +122,8 @@ DATABASES = {
     'default': {
         'ENGINE': 'django.db.backends.mysql',
         'NAME': 'xh_digital_manage',  # 数据库名
-        'USER': 'ps',  # 用户名
-        'PASSWORD': 'ps240523..',  # 密码
+        'USER': 'wsc',  # 用户名
+        'PASSWORD': 'jsxh9512..',  # 密码
         'HOST': 'bj-cdb-7qxczedm.sql.tencentcdb.com',  # 地址
         'PORT': '59450',  # 端口号
         'OPTIONS': {
diff --git a/application/accounts/templates/accounts/user_permissions_list.html b/application/accounts/templates/accounts/user_permissions_list.html
index aaf2997..f46352e 100644
--- a/application/accounts/templates/accounts/user_permissions_list.html
+++ b/application/accounts/templates/accounts/user_permissions_list.html
@@ -46,7 +46,7 @@
 </section>
 <!-- [ 主内容页 ] 结束 -->
 
-{% include "authority_modal.html" %}
+{% include "authority_modal1.html" %}
 {% include "add_modify_modal.html" %}
 
 {% endblock %}
\ No newline at end of file
diff --git a/application/accounts/urls.py b/application/accounts/urls.py
index 58f1709..2225221 100644
--- a/application/accounts/urls.py
+++ b/application/accounts/urls.py
@@ -3,7 +3,7 @@ from django.urls import path, include
 from django.contrib.auth import views as auth_views
 
 from application.accounts.views import logout_view, user_permissions_list, available_permissions, \
-    get_user_existing_permissions
+    get_user_existing_permissions, view_permissions
 
 urlpatterns = [
     path('login/', auth_views.LoginView.as_view(template_name='accounts/login.html'), name='user_login'),
@@ -12,4 +12,5 @@ urlpatterns = [
     path('user_permissions/', user_permissions_list, name='user_permissions_list'),
     path('get_user_existing_permissions/', get_user_existing_permissions, name='get_user_existing_permissions'),
     path('permissions/', available_permissions, name='available_permissions'),
+    path("view_permissions/", view_permissions, name="view_permissions"),
 ]
\ No newline at end of file
diff --git a/application/accounts/views.py b/application/accounts/views.py
index c91cf09..41a1386 100644
--- a/application/accounts/views.py
+++ b/application/accounts/views.py
@@ -11,11 +11,55 @@ from django.contrib.auth.models import Permission, User
 from django.contrib.auth.views import LoginView
 from django.views.decorators.csrf import csrf_protect
 
+from XH_Digital_Management import settings
 # 本地Django应用导入
 from application.accounts.models import AccountProfile
 from common.utils.page_helper import paginate_query_and_assign_numbers
 
 
+def format_permissions(permissions):
+    action_prefixes = ['Can add ', 'Can change ', 'Can delete ', 'Can view ']
+    # 创建动作映射字典
+    action_mapping = {
+        'add': '新增',
+        'change': '修改',
+        'view': '查看',
+        'delete': '删除'
+    }
+    formatted_permissions = []
+
+    for perm in permissions:
+        name = perm['name']
+        # 从权限名称中移除动作前缀
+        for prefix in action_prefixes:
+            if name.startswith(prefix):
+                name = name.replace(prefix, '')
+                break
+
+        # 从settings中获取APP_NAME_MAPPING
+        app_label = perm['content_type__app_label']
+        resource_group = settings.APP_NAME_MAPPING.get(app_label)
+
+        # 如果APP_NAME_MAPPING中没有相应的映射，则跳过这个权限
+        if resource_group is None:
+            continue
+
+        # 获取权限的动作描述
+        action = perm['codename'].split('_')[0]
+        permission_description = action_mapping.get(action, '未知操作')
+
+        # 构建格式化后的权限字典并添加到列表中
+        formatted_permissions.append({
+            'id': perm['id'],
+            'resource_group': resource_group,
+            'resource': name,
+            'permission': permission_description,
+            'codename': perm['codename']
+        })
+
+    return formatted_permissions
+
+
 @method_decorator(csrf_protect, name='dispatch')
 class CustomLoginView(LoginView):
     template_name = 'accounts/login.html'
@@ -125,34 +169,17 @@ def available_permissions(request):
     # 使用user_id获取用户对象
     user = get_object_or_404(User, pk=user_id)
 
-    # 获取用户已有的权限
-    user_permissions = user.user_permissions.all()
+    # 获取用户已有的权限，并关联content_type的app_label
+    user_permissions = user.user_permissions.all().prefetch_related('content_type').values('id', 'name', 'codename', 'content_type__app_label')
 
-    # 获取系统中所有的权限
-    all_permissions = Permission.objects.all()
+    # 获取系统中所有的权限，并关联content_type的app_label
+    all_permissions = Permission.objects.all().prefetch_related('content_type').values('id', 'name', 'codename', 'content_type__app_label')
 
     # 找出用户尚未拥有的权限
     available_permissions = all_permissions.exclude(id__in=user_permissions.values_list('id', flat=True))
 
-    # 修改权限的显示格式
-    def format_permission(permission):
-        name = permission['name']
-        # 用于匹配 "Can add ", "Can change ", "Can delete ", "Can view " 等
-        action_prefixes = ['Can add ', 'Can change ', 'Can delete ', 'Can view ']
-        for prefix in action_prefixes:
-            if name.startswith(prefix):
-                # 移除动作描述，保留资源名称
-                name = name.replace(prefix, '')
-                break
-        return {
-            'id': permission['id'],
-            'resource': name,  # 这里的name已经不包含动作描述
-            'permission': permission['codename'].split('_')[0],  # 动作描述从codename中提取
-            'codename': permission['codename']
-        }
-
     # 序列化可添加的权限并格式化
-    formatted_permissions_list = [format_permission(perm) for perm in available_permissions.values('id', 'name', 'codename')]
+    formatted_permissions_list = format_permissions(available_permissions)
 
     # 返回JSON响应
     return JsonResponse(formatted_permissions_list, safe=False)
@@ -173,11 +200,62 @@ def get_user_existing_permissions(request):
     # 使用user_id获取用户对象
     user = get_object_or_404(User, pk=user_id)
 
-    # 获取用户已有的权限
-    user_permissions = user.user_permissions.all().values('id', 'name', 'codename')
+    # 获取用户所有权限的QuerySet，并包含content_type的app_label
+    user_permissions = user.user_permissions.all().prefetch_related('content_type').values('id', 'name', 'codename', 'content_type__app_label')
 
     # 将权限序列化为列表
-    permissions_list = list(user_permissions)
+    permissions_list = format_permissions(user_permissions)
 
     # 返回JSON响应
-    return JsonResponse(permissions_list, safe=False)
\ No newline at end of file
+    return JsonResponse(permissions_list, safe=False)
+
+
+def get_user_permissions_with_app(request):
+    user_id = request.GET.get('user_id')
+
+    # 使用user_id获取用户对象
+    user = get_object_or_404(User, pk=user_id)
+
+    # 获取用户所有权限的QuerySet
+    permissions = user.user_permissions.select_related('content_type')
+
+    # 创建包含权限和它们所属应用的列表
+    permissions_with_app = [
+        {
+            'permission': perm.codename,
+            'app': perm.content_type.app_label,
+        }
+        for perm in permissions
+    ]
+
+    return permissions_with_app
+
+
+@login_required
+def view_permissions(request, user_id):
+    # 获取指定的用户对象
+    user = get_object_or_404(User, pk=user_id)
+
+    # 获取用户已有的权限ID集合
+    user_permissions_ids = set(user.user_permissions.values_list('id', flat=True))
+
+    # 查询所有权限，并包括关联的ContentType
+    all_permissions = Permission.objects.select_related('content_type').all()
+
+    # 将权限组织为一个字典，以资源分组为键
+    grouped_permissions = {}
+    for perm in all_permissions:
+        group = perm.content_type.app_label
+        perm_dict = {
+            'id': perm.id,
+            'name': perm.name,
+            'codename': perm.codename,
+            'checked': perm.id in user_permissions_ids  # 标记用户是否已有该权限
+        }
+        grouped_permissions.setdefault(group, []).append(perm_dict)
+
+    # 渲染模板并传递grouped_permissions和user_id
+    return render(request, 'authority_modal1.html', {
+        'grouped_permissions': grouped_permissions,
+        'user_id': user_id
+    })
diff --git a/templates/authority_modal.html b/templates/authority_modal.html
index 98c8926..147bea0 100644
--- a/templates/authority_modal.html
+++ b/templates/authority_modal.html
@@ -9,7 +9,7 @@
 				<!-- 表格右上方的新增按钮 -->
 				<div class="d-flex justify-content-end mb-2">
 					<button type="button" class="btn btn-success btn-sm">新增权限</button>
-                    <a href="{% url 'available_permissions' %}?user_id=1" target="_blank">查看可用权限</a>
+                    <a href="{% url 'available_permissions' %}?user_id=1" target="">查看可用权限</a>
                     <a href="{% url 'get_user_existing_permissions' %}?user_id=1" target="_blank">查看用户已有权限</a>
 				</div>
 				<!-- 权限管理表格 -->
@@ -19,7 +19,7 @@
 						<th>资源分组</th>
 						<th>资源名称</th>
 						<th>新增权限</th>
-						<th>删除权限</th>
+						<th>移除权限</th>
 						<th>修改权限</th>
 						<th>查看权限</th>
 						<th>操作</th>
@@ -34,7 +34,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -45,7 +45,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -56,7 +56,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -67,7 +67,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -78,7 +78,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -89,7 +89,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -100,7 +100,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -111,7 +111,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -122,7 +122,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					<tr>
@@ -133,7 +133,7 @@
 						<td><input type="checkbox" name="edit_permission"></td>
 						<td><input type="checkbox" name="view_permission"></td>
 						<td>
-							<button type="button" class="btn btn-danger btn-sm">删除</button>
+							<button type="button" class="btn btn-danger btn-sm">移除</button>
 						</td>
 					</tr>
 					</tbody>
diff --git a/templates/authority_modal1.html b/templates/authority_modal1.html
new file mode 100644
index 0000000..b18ea5c
--- /dev/null
+++ b/templates/authority_modal1.html
@@ -0,0 +1,67 @@
+<div class="modal" id="userPermissionModal" tabindex="-1" aria-labelledby="userPermissionModalLabel" aria-hidden="true">
+	<div class="modal-dialog modal-lg"> <!-- 修改了模态框的大小 -->
+		<div class="modal-content">
+			<div class="modal-header">
+				<h5 class="modal-title" id="userPermissionModalLabel">用户权限管理</h5>
+				<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+			</div>
+			<div class="modal-body">
+				<!-- 表格右上方的新增按钮 -->
+				<div class="d-flex justify-content-end mb-2">
+					<button type="button" class="btn btn-success btn-sm">新增权限</button>
+				</div>
+				<!-- 权限管理表格 -->
+				<table class="table">
+					<thead>
+					<tr>
+						<th>资源分组</th>
+						<th>资源名称</th>
+						<th>新增权限</th>
+						<th>移除权限</th>
+						<th>修改权限</th>
+						<th>查看权限</th>
+						<th>操作</th>
+					</tr>
+					</thead>
+                    <tbody>
+                    {% for group, perms in grouped_permissions.items %}
+                      {% for perm in perms %}
+                      <tr>
+                        <td>{{ group }}</td>
+                        <td>{{ perm.name }}</td>
+                        <td>{{ perm.codename }}</td>
+                        <td><input type="checkbox" name="{{ perm.codename }}" {% if perm.checked %}checked{% endif %} disabled></td>
+                        <!-- 根据实际需要填充更多单元格 -->
+                      </tr>
+                      {% endfor %}
+                    {% endfor %}
+                  </tbody>
+				</table>
+			</div>
+			<div class="modal-footer">
+				<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">关闭</button>
+				<button type="button" class="btn btn-primary">保存更改</button>
+			</div>
+		</div>
+	</div>
+</div>
+
+<script>
+$(document).ready(function() {
+  // 当模态框被触发显示时
+  $('#userPermissionModal').on('show.bs.modal', function(event) {
+    // 可以传递额外的数据，例如用户ID
+    var userId = $(event.relatedTarget).data('userid');
+
+    // 发送AJAX请求到服务器以获取权限表格的HTML内容
+    $.ajax({
+      url: '/path-to-your-view/' + userId,  // 服务器端的URL
+      type: 'GET',
+      success: function(response) {
+        // 将响应的HTML内容插入到模态框的内容区域
+        $('#permissionsModal .modal-content').html(response);
+      }
+    });
+  });
+});
+</script>