From 1478ac18fa9c4eadb7f66328db99987b6d035e6b Mon Sep 17 00:00:00 2001 From: ibuler Date: Sat, 21 Nov 2015 11:53:36 +0800 Subject: [PATCH] =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=92=8C=E7=BB=84=E6=9F=A5?= =?UTF-8?q?=E8=AF=A2api=E5=AE=8C=E6=88=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- jperm/perm_api.py | 57 ++++++++++++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 23 deletions(-) diff --git a/jperm/perm_api.py b/jperm/perm_api.py index dd747b2be..db577d076 100644 --- a/jperm/perm_api.py +++ b/jperm/perm_api.py @@ -10,12 +10,12 @@ from jperm.models import PermRole from jperm.models import PermRule -def get_user_perm(user): +def get_group_user_perm(ob): """ return: {’asset_group': { - asset_group1: {'role': [role1, role2], 'rule': [rule1, rule2]}, - asset_group2: {'role': [role1, role2], 'rule': [rule1, rule2]}, + asset_group1: {'asset': [], 'role': [role1, role2], 'rule': [rule1, rule2]}, + asset_group2: {'asset: [], 'role': [role1, role2], 'rule': [rule1, rule2]}, } 'asset':{ asset1: {'role': [role1, role2], 'rule': [rule1, rule2]}, @@ -26,38 +26,49 @@ def get_user_perm(user): } """ perm = {} - user_rule_all = PermRule.objects.filter(user=user) - perm['rule'] = user_rule_all + if isinstance(ob, User): + rule_all = PermRule.objects.filter(user=ob) + elif isinstance(ob, UserGroup): + rule_all = PermRule.objects.filter(user_group=ob) + else: + rule_all = [] + + perm['rule'] = rule_all perm_asset_group = perm['asset_group'] = {} perm_asset = perm['asset'] = {} - for rule in user_rule_all: + for rule in rule_all: asset_groups = rule.asset_group.all() assets = rule.asset.all() - for asset_group in asset_groups: - if perm_asset_group.get(asset_group): - perm_asset_group[asset_group].get('role', []).update(set(rule.role.all())) - perm_asset_group[asset_group].get('rule', []).append(rule) - else: - perm_asset_group[asset_group] = {'role': set(rule.role.all()), 'rule': [rule]} + # 获取一个规则用户授权的资产 for asset in assets: if perm_asset.get(asset): - perm_asset[asset].get('role', []).update(set(rule.role.all())) - perm_asset[asset].get('rule', []).append(rule) + perm_asset[asset].get('role', set()).update(set(rule.role.all())) + perm_asset[asset].get('rule', set()).add(rule) else: - perm_asset[asset] = {'role': set(rule.role.all()), 'rule': [rule]} + perm_asset[asset] = {'role': set(rule.role.all()), 'rule': set([rule])} + # 获取一个规则用户授权的资产组 + for asset_group in asset_groups: + asset_group_assets = asset_group.asset_set.all() + if perm_asset_group.get(asset_group): + perm_asset_group[asset_group].get('role', set()).update(set(rule.role.all())) + perm_asset_group[asset_group].get('rule', set()).add(rule) + else: + perm_asset_group[asset_group] = {'role': set(rule.role.all()), 'rule': set([rule]), + 'asset': asset_group_assets} + + # 将资产组中的资产添加到资产授权中 + for asset in asset_group_assets: + if perm_asset.get(asset): + perm_asset[asset].get('role', set()).update(perm_asset_group[asset_group].get('role', set())) + perm_asset[asset].get('rule', set()).update(perm_asset_group[asset_group].get('rule', set())) + else: + perm_asset[asset] = {'role': perm_asset_group[asset_group].get('role', set()), + 'rule': perm_asset_group[asset_group].get('rule', set())} return perm - - - - - - - - def get_object_list(model, id_list): """根据id列表获取对象列表""" object_list = []