mirror of https://github.com/openspug/spug
multi role support
parent
65a316b0cd
commit
150732911e
|
@ -18,8 +18,8 @@ class User(models.Model, ModelMixin):
|
|||
token_expired = models.IntegerField(null=True)
|
||||
last_login = models.CharField(max_length=20)
|
||||
last_ip = models.CharField(max_length=50)
|
||||
role = models.ForeignKey('Role', on_delete=models.PROTECT, null=True)
|
||||
wx_token = models.CharField(max_length=50, null=True)
|
||||
roles = models.ManyToManyField('Role', db_table='user_role_rel')
|
||||
|
||||
created_at = models.CharField(max_length=20, default=human_datetime)
|
||||
created_by = models.ForeignKey('User', models.PROTECT, related_name='+', null=True)
|
||||
|
@ -35,26 +35,32 @@ class User(models.Model, ModelMixin):
|
|||
|
||||
@property
|
||||
def page_perms(self):
|
||||
if self.role and self.role.page_perms:
|
||||
data = []
|
||||
perms = json.loads(self.role.page_perms)
|
||||
for m, v in perms.items():
|
||||
for p, d in v.items():
|
||||
data.extend(f'{m}.{p}.{x}' for x in d)
|
||||
return data
|
||||
else:
|
||||
return []
|
||||
data = set()
|
||||
for item in self.roles.all():
|
||||
if item.page_perms:
|
||||
perms = json.loads(item.page_perms)
|
||||
for m, v in perms.items():
|
||||
for p, d in v.items():
|
||||
data.update(f'{m}.{p}.{x}' for x in d)
|
||||
return list(data)
|
||||
|
||||
@property
|
||||
def deploy_perms(self):
|
||||
perms = json.loads(self.role.deploy_perms) if self.role and self.role.deploy_perms else {}
|
||||
perms.setdefault('apps', [])
|
||||
perms.setdefault('envs', [])
|
||||
return perms
|
||||
data = {'apps': set(), 'envs': set()}
|
||||
for item in self.roles.all():
|
||||
if item.deploy_perms:
|
||||
perms = json.loads(item.deploy_perms)
|
||||
data['apps'].update(perms.get('apps', []))
|
||||
data['envs'].update(perms.get('envs', []))
|
||||
return data
|
||||
|
||||
@property
|
||||
def group_perms(self):
|
||||
return json.loads(self.role.group_perms) if self.role and self.role.group_perms else []
|
||||
data = set()
|
||||
for item in self.roles.all():
|
||||
if item.group_perms:
|
||||
data.update(json.loads(item.group_perms))
|
||||
return list(data)
|
||||
|
||||
def has_perms(self, codes):
|
||||
# return self.is_supper or self.role in codes
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
# Released under the AGPL-3.0 License.
|
||||
from django.core.cache import cache
|
||||
from django.views.generic import View
|
||||
from django.db.models import F
|
||||
from libs import JsonParser, Argument, human_datetime, json_response
|
||||
from libs.utils import get_request_real_ip, generate_random_str
|
||||
from libs.spug import send_login_wx_code
|
||||
|
@ -19,49 +18,54 @@ import json
|
|||
class UserView(View):
|
||||
def get(self, request):
|
||||
users = []
|
||||
for u in User.objects.filter(deleted_by_id__isnull=True).annotate(role_name=F('role__name')):
|
||||
for u in User.objects.filter(deleted_by_id__isnull=True):
|
||||
tmp = u.to_dict(excludes=('access_token', 'password_hash'))
|
||||
tmp['role_name'] = u.role_name
|
||||
tmp['role_ids'] = [x.id for x in u.roles.all()]
|
||||
tmp['password'] = '******'
|
||||
users.append(tmp)
|
||||
return json_response(users)
|
||||
|
||||
def post(self, request):
|
||||
form, error = JsonParser(
|
||||
Argument('id', type=int, required=False),
|
||||
Argument('username', help='请输入登录名'),
|
||||
Argument('password', help='请输入密码'),
|
||||
Argument('nickname', help='请输入姓名'),
|
||||
Argument('role_id', type=int, help='请选择角色'),
|
||||
Argument('role_ids', type=list, default=[]),
|
||||
Argument('wx_token', required=False),
|
||||
).parse(request.body)
|
||||
if error is None:
|
||||
if User.objects.filter(username=form.username, deleted_by_id__isnull=True).exists():
|
||||
user = User.objects.filter(username=form.username, deleted_by_id__isnull=True).first()
|
||||
if user and (not form.id or form.id != user.id):
|
||||
return json_response(error=f'已存在登录名为【{form.username}】的用户')
|
||||
form.password_hash = User.make_password(form.pop('password'))
|
||||
form.created_by = request.user
|
||||
User.objects.create(**form)
|
||||
|
||||
role_ids, password = form.pop('role_ids'), form.pop('password')
|
||||
if form.id:
|
||||
User.objects.filter(pk=form.id).update(**form)
|
||||
else:
|
||||
User.objects.create(
|
||||
password_hash=User.make_password(password),
|
||||
created_by=request.user,
|
||||
**form
|
||||
)
|
||||
user.roles.set(role_ids)
|
||||
return json_response(error=error)
|
||||
|
||||
def patch(self, request):
|
||||
form, error = JsonParser(
|
||||
Argument('id', type=int, help='请指定操作对象'),
|
||||
Argument('username', required=False),
|
||||
Argument('id', type=int, help='参数错误'),
|
||||
Argument('password', required=False),
|
||||
Argument('nickname', required=False),
|
||||
Argument('role_id', required=False),
|
||||
Argument('wx_token', required=False),
|
||||
Argument('is_active', type=bool, required=False),
|
||||
).parse(request.body, True)
|
||||
).parse(request.body)
|
||||
if error is None:
|
||||
if form.get('password'):
|
||||
form.token_expired = 0
|
||||
form.password_hash = User.make_password(form.pop('password'))
|
||||
if 'username' in form:
|
||||
if User.objects.filter(username=form.username, deleted_by_id__isnull=True).exclude(id=form.id).exists():
|
||||
return json_response(error=f'已存在登录名为【{form.username}】的用户')
|
||||
if 'is_active' in form:
|
||||
user = User.objects.get(pk=form.id)
|
||||
user = User.objects.get(pk=form.id)
|
||||
if form.password:
|
||||
user.token_expired = 0
|
||||
user.password_hash = User.make_password(form.pop('password'))
|
||||
if form.is_active is not None:
|
||||
user.is_active = form.is_active
|
||||
cache.delete(user.username)
|
||||
User.objects.filter(pk=form.pop('id')).update(**form)
|
||||
user.save()
|
||||
return json_response(error=error)
|
||||
|
||||
def delete(self, request):
|
||||
|
@ -73,7 +77,7 @@ class UserView(View):
|
|||
if user:
|
||||
if user.type == 'ldap':
|
||||
return json_response(error='ldap账户无法删除,请使用禁用功能来禁止该账户访问系统')
|
||||
user.role_id = None
|
||||
user.is_active = True
|
||||
user.deleted_at = human_datetime()
|
||||
user.deleted_by = request.user
|
||||
user.save()
|
||||
|
@ -124,9 +128,10 @@ class RoleView(View):
|
|||
Argument('id', type=int, help='参数错误')
|
||||
).parse(request.GET)
|
||||
if error is None:
|
||||
if User.objects.filter(role_id=form.id).exists():
|
||||
role = Role.objects.get(pk=form.id)
|
||||
if role.user_set.exists():
|
||||
return json_response(error='已有用户使用了该角色,请解除关联后再尝试删除')
|
||||
Role.objects.filter(pk=form.id).delete()
|
||||
role.delete()
|
||||
return json_response(error=error)
|
||||
|
||||
|
||||
|
|
|
@ -24,18 +24,13 @@ export default observer(function () {
|
|||
function handleSubmit() {
|
||||
setLoading(true);
|
||||
const formData = form.getFieldsValue();
|
||||
let request;
|
||||
if (store.record.id) {
|
||||
formData['id'] = store.record.id;
|
||||
request = http.patch('/api/account/user/', formData)
|
||||
} else {
|
||||
request = http.post('/api/account/user/', formData)
|
||||
}
|
||||
request.then(() => {
|
||||
message.success('操作成功');
|
||||
store.formVisible = false;
|
||||
store.fetchRecords()
|
||||
}, () => setLoading(false))
|
||||
formData.id = store.record.id;
|
||||
http.post('/api/account/user/', formData)
|
||||
.then(() => {
|
||||
message.success('操作成功');
|
||||
store.formVisible = false;
|
||||
store.fetchRecords()
|
||||
}, () => setLoading(false))
|
||||
}
|
||||
|
||||
return (
|
||||
|
@ -54,14 +49,12 @@ export default observer(function () {
|
|||
<Form.Item required name="nickname" label="姓名">
|
||||
<Input placeholder="请输入姓名"/>
|
||||
</Form.Item>
|
||||
{store.record.id === undefined && (
|
||||
<Form.Item required name="password" label="密码">
|
||||
<Input type="password" placeholder="请输入密码"/>
|
||||
</Form.Item>
|
||||
)}
|
||||
<Form.Item hidden={store.record.is_supper} required label="角色" style={{marginBottom: 0}}>
|
||||
<Form.Item name="role_id" style={{display: 'inline-block', width: '80%'}}>
|
||||
<Select placeholder="请选择">
|
||||
<Form.Item required hidden={store.record.id} name="password" label="密码">
|
||||
<Input type="password" placeholder="请输入密码"/>
|
||||
</Form.Item>
|
||||
<Form.Item hidden={store.record.is_supper} label="角色" style={{marginBottom: 0}}>
|
||||
<Form.Item name="role_ids" style={{display: 'inline-block', width: '80%'}}>
|
||||
<Select mode="multiple" placeholder="请选择">
|
||||
{roleStore.records.map(item => (
|
||||
<Select.Option value={item.id} key={item.id}>{item.name}</Select.Option>
|
||||
))}
|
||||
|
|
|
@ -6,8 +6,8 @@
|
|||
import React from 'react';
|
||||
import { observer } from 'mobx-react';
|
||||
import { ExclamationCircleOutlined, PlusOutlined } from '@ant-design/icons';
|
||||
import { Divider, Form, Radio, Modal, Button, Badge, message, Input } from 'antd';
|
||||
import { LinkButton, TableCard } from 'components';
|
||||
import { Form, Radio, Modal, Button, Badge, message, Input } from 'antd';
|
||||
import { TableCard, Action } from 'components';
|
||||
import http from 'libs/http';
|
||||
import store from './store';
|
||||
|
||||
|
@ -30,9 +30,6 @@ class ComTable extends React.Component {
|
|||
}, {
|
||||
title: '姓名',
|
||||
dataIndex: 'nickname',
|
||||
}, {
|
||||
title: '角色',
|
||||
dataIndex: 'role_name'
|
||||
}, {
|
||||
title: '状态',
|
||||
render: text => text['is_active'] ? <Badge status="success" text="正常"/> : <Badge status="default" text="禁用"/>
|
||||
|
@ -42,15 +39,12 @@ class ComTable extends React.Component {
|
|||
}, {
|
||||
title: '操作',
|
||||
render: info => (
|
||||
<span>
|
||||
<LinkButton onClick={() => this.handleActive(info)}>{info['is_active'] ? '禁用' : '启用'}</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton onClick={() => store.showForm(info)}>编辑</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton disabled={info['type'] === 'ldap'} onClick={() => this.handleReset(info)}>重置密码</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton onClick={() => this.handleDelete(info)}>删除</LinkButton>
|
||||
</span>
|
||||
<Action>
|
||||
<Action.Button onClick={() => this.handleActive(info)}>{info['is_active'] ? '禁用' : '启用'}</Action.Button>
|
||||
<Action.Button onClick={() => store.showForm(info)}>编辑</Action.Button>
|
||||
<Action.Button disabled={info['type'] === 'ldap'} onClick={() => this.handleReset(info)}>重置密码</Action.Button>
|
||||
<Action.Button danger onClick={() => this.handleDelete(info)}>删除</Action.Button>
|
||||
</Action>
|
||||
)
|
||||
}];
|
||||
|
||||
|
|
|
@ -5,11 +5,11 @@
|
|||
*/
|
||||
import React from 'react';
|
||||
import { observer } from 'mobx-react';
|
||||
import { Divider, Modal, message } from 'antd';
|
||||
import { Modal, message } from 'antd';
|
||||
import { PlusOutlined } from '@ant-design/icons';
|
||||
import { TableCard, AuthButton, Action } from 'components';
|
||||
import http from 'libs/http';
|
||||
import store from './store';
|
||||
import { LinkButton, TableCard, AuthButton } from "components";
|
||||
|
||||
@observer
|
||||
class ComTable extends React.Component {
|
||||
|
@ -31,24 +31,20 @@ class ComTable extends React.Component {
|
|||
title: '操作',
|
||||
width: 400,
|
||||
render: info => (
|
||||
<span>
|
||||
<LinkButton onClick={() => store.showForm(info)}>编辑</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton onClick={() => store.showPagePerm(info)}>功能权限</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton onClick={() => store.showDeployPerm(info)}>发布权限</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton onClick={() => store.showHostPerm(info)}>主机权限</LinkButton>
|
||||
<Divider type="vertical"/>
|
||||
<LinkButton onClick={() => this.handleDelete(info)}>删除</LinkButton>
|
||||
</span>
|
||||
<Action>
|
||||
<Action.Button onClick={() => store.showForm(info)}>编辑</Action.Button>
|
||||
<Action.Button onClick={() => store.showPagePerm(info)}>功能权限</Action.Button>
|
||||
<Action.Button onClick={() => store.showDeployPerm(info)}>发布权限</Action.Button>
|
||||
<Action.Button onClick={() => store.showHostPerm(info)}>主机权限</Action.Button>
|
||||
<Action.Button danger onClick={() => this.handleDelete(info)}>删除</Action.Button>
|
||||
</Action>
|
||||
)
|
||||
}];
|
||||
|
||||
handleDelete = (text) => {
|
||||
Modal.confirm({
|
||||
title: '删除确认',
|
||||
content: `确定要删除【${text['name']}】?`,
|
||||
content: `确定要删除角色【${text['name']}】?`,
|
||||
onOk: () => {
|
||||
return http.delete('/api/account/role/', {params: {id: text.id}})
|
||||
.then(() => {
|
||||
|
|
Loading…
Reference in New Issue