changes
This commit is contained in:
parent
0debbccfb4
commit
234bfdb2aa
|
@ -36,3 +36,11 @@ def func02(role_id: str, schema: RoleSchema.CreateRolePolicyReqBody, db: Session
|
|||
def func02(role_id: str, schema: RoleSchema.CreateRolePolicyReqBody, db: Session = Depends(get_db)):
|
||||
RoleCrud.create_role_policy(db=db, role_id=role_id, schema=schema)
|
||||
return {"info": "Success"}
|
||||
|
||||
|
||||
@router.get("/view/{role_id}", summary="查看角色", response_model=RoleSchema.RoleFullResBody)
|
||||
def func01(role_id: str, db: Session = Depends(get_db)):
|
||||
role_obj = RoleCrud.get_role_by_id(db=db, role_id=role_id)
|
||||
if not role_obj:
|
||||
raise HTTPException(status_code=202, detail="Role Not Found")
|
||||
return role_obj.to_dict()
|
||||
|
|
|
@ -6,6 +6,7 @@ from sqlalchemy.orm import Session
|
|||
from AppUser.Crud import RoleCrud
|
||||
from AppUser.Model import RoleModel
|
||||
from AppUser.Schemas import RoleSchema
|
||||
from Utils.AccessControl.AccessUtil import login_ac
|
||||
|
||||
from Utils.DataBase.SqlAlchemyUtils import get_db, engine
|
||||
|
||||
|
@ -13,18 +14,11 @@ RoleModel.Base.metadata.create_all(bind=engine)
|
|||
|
||||
router = APIRouter(
|
||||
tags=["角色"],
|
||||
prefix="/api/user/role"
|
||||
prefix="/api/user/role",
|
||||
dependencies=[Depends(login_ac)]
|
||||
)
|
||||
|
||||
|
||||
@router.get("/view/{role_id}", summary="查看角色", response_model=RoleSchema.RoleFullResBody)
|
||||
def func01(role_id: str, db: Session = Depends(get_db)):
|
||||
role_obj = RoleCrud.get_role_by_id(db=db, role_id=role_id)
|
||||
if not role_obj:
|
||||
raise HTTPException(status_code=202, detail="Role Not Found")
|
||||
return role_obj.to_dict()
|
||||
|
||||
|
||||
@router.post("/role_access_policy/view", summary="查看角色权限策略", response_model=List[RoleSchema.RoleAccessPolicyResBody])
|
||||
def func02(name: str, db: Session = Depends(get_db)):
|
||||
role_obj = RoleCrud.get_role_by_name(db=db, name=name)
|
||||
|
|
|
@ -36,39 +36,33 @@ def get_rap_by_name(name):
|
|||
def rbac(request: Request, token: Optional[str] = Header(...)):
|
||||
|
||||
user_info = get_user_info_from_token(token)
|
||||
|
||||
sub = user_info.get("role")
|
||||
|
||||
raps = get_rap_by_name(name=sub)
|
||||
|
||||
req_url = request.url.__str__()
|
||||
|
||||
if sub == "管理员":
|
||||
return True
|
||||
|
||||
for rap in raps:
|
||||
|
||||
regex = rap.get("obj")
|
||||
m = re.search(regex, req_url)
|
||||
|
||||
if m:
|
||||
df = pd.json_normalize(raps)
|
||||
policy_file = create_time_serial_num(prefix="policy", suffix="")
|
||||
df.to_csv(r".\Utils\AccessControl\{}.csv".format(policy_file), header=False, index=False)
|
||||
|
||||
e = casbin.Enforcer(
|
||||
os.getcwd() + r"\Utils\AccessControl\model.conf",
|
||||
os.getcwd() + r"\Utils\AccessControl\{}.csv".format(policy_file)
|
||||
)
|
||||
|
||||
os.remove(r".\Utils\AccessControl\{}.csv".format(policy_file))
|
||||
|
||||
obj = rap.get("obj")
|
||||
act = rap.get("act")
|
||||
|
||||
if not e.enforce(sub, obj, act):
|
||||
raise HTTPException(status_code=202, detail="No Access")
|
||||
|
||||
return True
|
||||
|
||||
raise HTTPException(status_code=400, detail="Invalid Request")
|
||||
|
||||
|
||||
def login_ac(request: Request, token: Optional[str] = Header(...)):
|
||||
get_user_info_from_token(token)
|
||||
return True
|
||||
|
|
Loading…
Reference in New Issue