github
/
spug
mirror of https://github.com/openspug/spug
1
0
Fork 0
Code Issues Releases Wiki Activity

multi role support

pull/345/head
vapao 2021-07-12 19:45:35 +08:00
parent 65a316b0cd
commit 150732911e
5 changed files with 83 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
spug_api/apps/account/models.py
View File

@ -18,8 +18,8 @@ class User(models.Model, ModelMixin):
token_expired = models.IntegerField(null=True) token_expired = models.IntegerField(null=True)
last_login = models.CharField(max_length=20) last_login = models.CharField(max_length=20)
last_ip = models.CharField(max_length=50) last_ip = models.CharField(max_length=50)
role = models.ForeignKey('Role', on_delete=models.PROTECT, null=True)
wx_token = models.CharField(max_length=50, null=True) wx_token = models.CharField(max_length=50, null=True)
roles = models.ManyToManyField('Role', db_table='user_role_rel')
created_at = models.CharField(max_length=20, default=human_datetime) created_at = models.CharField(max_length=20, default=human_datetime)
created_by = models.ForeignKey('User', models.PROTECT, related_name='+', null=True) created_by = models.ForeignKey('User', models.PROTECT, related_name='+', null=True)
@ -35,26 +35,32 @@ class User(models.Model, ModelMixin):
@property @property
def page_perms(self): def page_perms(self):
if self.role and self.role.page_perms: data = set()
data = [] for item in self.roles.all():
perms = json.loads(self.role.page_perms) if item.page_perms:
perms = json.loads(item.page_perms)
for m, v in perms.items(): for m, v in perms.items():
for p, d in v.items(): for p, d in v.items():
data.extend(f'{m}.{p}.{x}' for x in d) data.update(f'{m}.{p}.{x}' for x in d)
return data return list(data)
else:
return []
@property @property
def deploy_perms(self): def deploy_perms(self):
perms = json.loads(self.role.deploy_perms) if self.role and self.role.deploy_perms else {} data = {'apps': set(), 'envs': set()}
perms.setdefault('apps', []) for item in self.roles.all():
perms.setdefault('envs', []) if item.deploy_perms:
return perms perms = json.loads(item.deploy_perms)
data['apps'].update(perms.get('apps', []))
data['envs'].update(perms.get('envs', []))
return data
@property @property
def group_perms(self): def group_perms(self):
return json.loads(self.role.group_perms) if self.role and self.role.group_perms else [] data = set()
for item in self.roles.all():
if item.group_perms:
data.update(json.loads(item.group_perms))
return list(data)
def has_perms(self, codes): def has_perms(self, codes):
# return self.is_supper or self.role in codes # return self.is_supper or self.role in codes

55
spug_api/apps/account/views.py
View File

@ -3,7 +3,6 @@
# Released under the AGPL-3.0 License. # Released under the AGPL-3.0 License.
from django.core.cache import cache from django.core.cache import cache
from django.views.generic import View from django.views.generic import View
from django.db.models import F
from libs import JsonParser, Argument, human_datetime, json_response from libs import JsonParser, Argument, human_datetime, json_response
from libs.utils import get_request_real_ip, generate_random_str from libs.utils import get_request_real_ip, generate_random_str
from libs.spug import send_login_wx_code from libs.spug import send_login_wx_code
@ -19,49 +18,54 @@ import json
class UserView(View): class UserView(View):
def get(self, request): def get(self, request):
users = [] users = []
for u in User.objects.filter(deleted_by_id__isnull=True).annotate(role_name=F('role__name')): for u in User.objects.filter(deleted_by_id__isnull=True):
tmp = u.to_dict(excludes=('access_token', 'password_hash')) tmp = u.to_dict(excludes=('access_token', 'password_hash'))
tmp['role_name'] = u.role_name tmp['role_ids'] = [x.id for x in u.roles.all()]
tmp['password'] = '******'
users.append(tmp) users.append(tmp)
return json_response(users) return json_response(users)
def post(self, request): def post(self, request):
form, error = JsonParser( form, error = JsonParser(
Argument('id', type=int, required=False),
Argument('username', help='请输入登录名'), Argument('username', help='请输入登录名'),
Argument('password', help='请输入密码'), Argument('password', help='请输入密码'),
Argument('nickname', help='请输入姓名'), Argument('nickname', help='请输入姓名'),
Argument('role_id', type=int, help='请选择角色'), Argument('role_ids', type=list, default=[]),
Argument('wx_token', required=False), Argument('wx_token', required=False),
).parse(request.body) ).parse(request.body)
if error is None: if error is None:
if User.objects.filter(username=form.username, deleted_by_id__isnull=True).exists(): user = User.objects.filter(username=form.username, deleted_by_id__isnull=True).first()
if user and (not form.id or form.id != user.id):
return json_response(error=f'已存在登录名为【{form.username}】的用户') return json_response(error=f'已存在登录名为【{form.username}】的用户')
form.password_hash = User.make_password(form.pop('password'))
form.created_by = request.user role_ids, password = form.pop('role_ids'), form.pop('password')
User.objects.create(**form) if form.id:
User.objects.filter(pk=form.id).update(**form)
else:
User.objects.create(
password_hash=User.make_password(password),
created_by=request.user,
**form
)
user.roles.set(role_ids)
return json_response(error=error) return json_response(error=error)
def patch(self, request): def patch(self, request):
form, error = JsonParser( form, error = JsonParser(
Argument('id', type=int, help='请指定操作对象'), Argument('id', type=int, help='参数错误'),
Argument('username', required=False),
Argument('password', required=False), Argument('password', required=False),
Argument('nickname', required=False),
Argument('role_id', required=False),
Argument('wx_token', required=False),
Argument('is_active', type=bool, required=False), Argument('is_active', type=bool, required=False),
).parse(request.body, True) ).parse(request.body)
if error is None: if error is None:
if form.get('password'):
form.token_expired = 0
form.password_hash = User.make_password(form.pop('password'))
if 'username' in form:
if User.objects.filter(username=form.username, deleted_by_id__isnull=True).exclude(id=form.id).exists():
return json_response(error=f'已存在登录名为【{form.username}】的用户')
if 'is_active' in form:
user = User.objects.get(pk=form.id) user = User.objects.get(pk=form.id)
if form.password:
user.token_expired = 0
user.password_hash = User.make_password(form.pop('password'))
if form.is_active is not None:
user.is_active = form.is_active
cache.delete(user.username) cache.delete(user.username)
User.objects.filter(pk=form.pop('id')).update(**form) user.save()
return json_response(error=error) return json_response(error=error)
def delete(self, request): def delete(self, request):
@ -73,7 +77,7 @@ class UserView(View):
if user: if user:
if user.type == 'ldap': if user.type == 'ldap':
return json_response(error='ldap账户无法删除请使用禁用功能来禁止该账户访问系统') return json_response(error='ldap账户无法删除请使用禁用功能来禁止该账户访问系统')
user.role_id = None user.is_active = True
user.deleted_at = human_datetime() user.deleted_at = human_datetime()
user.deleted_by = request.user user.deleted_by = request.user
user.save() user.save()
@ -124,9 +128,10 @@ class RoleView(View):
Argument('id', type=int, help='参数错误') Argument('id', type=int, help='参数错误')
).parse(request.GET) ).parse(request.GET)
if error is None: if error is None:
if User.objects.filter(role_id=form.id).exists(): role = Role.objects.get(pk=form.id)
if role.user_set.exists():
return json_response(error='已有用户使用了该角色,请解除关联后再尝试删除') return json_response(error='已有用户使用了该角色,请解除关联后再尝试删除')
Role.objects.filter(pk=form.id).delete() role.delete()
return json_response(error=error) return json_response(error=error)

21
spug_web/src/pages/system/account/Form.js
View File

@ -24,14 +24,9 @@ export default observer(function () {
function handleSubmit() { function handleSubmit() {
setLoading(true); setLoading(true);
const formData = form.getFieldsValue(); const formData = form.getFieldsValue();
let request; formData.id = store.record.id;
if (store.record.id) { http.post('/api/account/user/', formData)
formData['id'] = store.record.id; .then(() => {
request = http.patch('/api/account/user/', formData)
} else {
request = http.post('/api/account/user/', formData)
}
request.then(() => {
message.success('操作成功'); message.success('操作成功');
store.formVisible = false; store.formVisible = false;
store.fetchRecords() store.fetchRecords()
@ -54,14 +49,12 @@ export default observer(function () {
<Form.Item required name="nickname" label="姓名"> <Form.Item required name="nickname" label="姓名">
<Input placeholder="请输入姓名"/> <Input placeholder="请输入姓名"/>
</Form.Item> </Form.Item>
{store.record.id === undefined && ( <Form.Item required hidden={store.record.id} name="password" label="密码">
<Form.Item required name="password" label="密码">
<Input type="password" placeholder="请输入密码"/> <Input type="password" placeholder="请输入密码"/>
</Form.Item> </Form.Item>
)} <Form.Item hidden={store.record.is_supper} label="角色" style={{marginBottom: 0}}>
<Form.Item hidden={store.record.is_supper} required label="角色" style={{marginBottom: 0}}> <Form.Item name="role_ids" style={{display: 'inline-block', width: '80%'}}>
<Form.Item name="role_id" style={{display: 'inline-block', width: '80%'}}> <Select mode="multiple" placeholder="请选择">
<Select placeholder="请选择">
{roleStore.records.map(item => ( {roleStore.records.map(item => (
<Select.Option value={item.id} key={item.id}>{item.name}</Select.Option> <Select.Option value={item.id} key={item.id}>{item.name}</Select.Option>
))} ))}

22
spug_web/src/pages/system/account/Table.js
View File

@ -6,8 +6,8 @@
import React from 'react'; import React from 'react';
import { observer } from 'mobx-react'; import { observer } from 'mobx-react';
import { ExclamationCircleOutlined, PlusOutlined } from '@ant-design/icons'; import { ExclamationCircleOutlined, PlusOutlined } from '@ant-design/icons';
import { Divider, Form, Radio, Modal, Button, Badge, message, Input } from 'antd'; import { Form, Radio, Modal, Button, Badge, message, Input } from 'antd';
import { LinkButton, TableCard } from 'components'; import { TableCard, Action } from 'components';
import http from 'libs/http'; import http from 'libs/http';
import store from './store'; import store from './store';
@ -30,9 +30,6 @@ class ComTable extends React.Component {
}, { }, {
title: '姓名', title: '姓名',
dataIndex: 'nickname', dataIndex: 'nickname',
}, {
title: '角色',
dataIndex: 'role_name'
}, { }, {
title: '状态', title: '状态',
render: text => text['is_active'] ? <Badge status="success" text="正常"/> : <Badge status="default" text="禁用"/> render: text => text['is_active'] ? <Badge status="success" text="正常"/> : <Badge status="default" text="禁用"/>
@ -42,15 +39,12 @@ class ComTable extends React.Component {
}, { }, {
title: '操作', title: '操作',
render: info => ( render: info => (
<span> <Action>
<LinkButton onClick={() => this.handleActive(info)}>{info['is_active'] ? '禁用' : '启用'}</LinkButton> <Action.Button onClick={() => this.handleActive(info)}>{info['is_active'] ? '禁用' : '启用'}</Action.Button>
<Divider type="vertical"/> <Action.Button onClick={() => store.showForm(info)}>编辑</Action.Button>
<LinkButton onClick={() => store.showForm(info)}>编辑</LinkButton> <Action.Button disabled={info['type'] === 'ldap'} onClick={() => this.handleReset(info)}>重置密码</Action.Button>
<Divider type="vertical"/> <Action.Button danger onClick={() => this.handleDelete(info)}>删除</Action.Button>
<LinkButton disabled={info['type'] === 'ldap'} onClick={() => this.handleReset(info)}>重置密码</LinkButton> </Action>
<Divider type="vertical"/>
<LinkButton onClick={() => this.handleDelete(info)}>删除</LinkButton>
</span>
) )
}]; }];

24
spug_web/src/pages/system/role/Table.js
View File

@ -5,11 +5,11 @@
*/ */
import React from 'react'; import React from 'react';
import { observer } from 'mobx-react'; import { observer } from 'mobx-react';
import { Divider, Modal, message } from 'antd'; import { Modal, message } from 'antd';
import { PlusOutlined } from '@ant-design/icons'; import { PlusOutlined } from '@ant-design/icons';
import { TableCard, AuthButton, Action } from 'components';
import http from 'libs/http'; import http from 'libs/http';
import store from './store'; import store from './store';
import { LinkButton, TableCard, AuthButton } from "components";
@observer @observer
class ComTable extends React.Component { class ComTable extends React.Component {
@ -31,24 +31,20 @@ class ComTable extends React.Component {
title: '操作', title: '操作',
width: 400, width: 400,
render: info => ( render: info => (
<span> <Action>
<LinkButton onClick={() => store.showForm(info)}>编辑</LinkButton> <Action.Button onClick={() => store.showForm(info)}>编辑</Action.Button>
<Divider type="vertical"/> <Action.Button onClick={() => store.showPagePerm(info)}>功能权限</Action.Button>
<LinkButton onClick={() => store.showPagePerm(info)}>功能权限</LinkButton> <Action.Button onClick={() => store.showDeployPerm(info)}>发布权限</Action.Button>
<Divider type="vertical"/> <Action.Button onClick={() => store.showHostPerm(info)}>主机权限</Action.Button>
<LinkButton onClick={() => store.showDeployPerm(info)}>发布权限</LinkButton> <Action.Button danger onClick={() => this.handleDelete(info)}>删除</Action.Button>
<Divider type="vertical"/> </Action>
<LinkButton onClick={() => store.showHostPerm(info)}>主机权限</LinkButton>
<Divider type="vertical"/>
<LinkButton onClick={() => this.handleDelete(info)}>删除</LinkButton>
</span>
) )
}]; }];
handleDelete = (text) => { handleDelete = (text) => {
Modal.confirm({ Modal.confirm({
title: '删除确认', title: '删除确认',
content: `确定要删除${text['name']}】?`, content: `确定要删除角色${text['name']}】?`,
onOk: () => { onOk: () => {
return http.delete('/api/account/role/', {params: {id: text.id}}) return http.delete('/api/account/role/', {params: {id: text.id}})
.then(() => { .then(() => {