U api update

2020-01-13 22:24:05 +08:00 · 2020-01-13 22:24:05 +08:00 · ca63dcb62e
parent f813610116
commit ca63dcb62e
5 changed files with 42 additions and 23 deletions
--- a/spug_api/apps/account/models.py
+++ b/spug_api/apps/account/models.py
@ -28,6 +28,22 @@ class User(models.Model, ModelMixin):
    def verify_password(self, plain_password: str) -> bool:
        return check_password(plain_password, self.password_hash)

+    @property
+    def page_perms(self):
+        if self.role.page_perms:
+            data = []
+            perms = json.loads(self.role.page_perms)
+            for m, v in perms.items():
+                for p, d in v.items():
+                    data.extend(f'{m}.{p}.{x}' for x in d)
+            return data
+        else:
+            return []
+
+    @property
+    def deploy_perms(self):
+        return json.loads(self.role.deploy_perms) if self.role.deploy_perms else {'apps': [], 'envs': []}
+
    def has_perms(self, codes):
        # return self.is_supper or self.role in codes
        return self.is_supper
@ -49,22 +65,6 @@ class Role(models.Model, ModelMixin):
    created_at = models.CharField(max_length=20, default=human_datetime)
    created_by = models.ForeignKey(User, on_delete=models.PROTECT, related_name='+')

-    @property
-    def permissions(self):
-        if self.page_perms:
-            data = []
-            perms = json.loads(self.page_perms)
-            for m, v in perms.items():
-                for p, d in v.items():
-                    data.extend(f'{m}.{p}.{x}' for x in d)
-            return data
-        else:
-            return []
-
-    @property
-    def deploy(self):
-        return json.loads(self.deploy_perms) if self.deploy_perms else {'apps': [], 'envs': []}
-
    def to_dict(self, *args, **kwargs):
        tmp = super().to_dict(*args, **kwargs)
        tmp['page_perms'] = json.loads(self.page_perms) if self.page_perms else None
--- a/spug_api/apps/account/views.py
+++ b/spug_api/apps/account/views.py
@ -129,7 +129,7 @@ def login(request):
                    'nickname': user.nickname,
                    'is_supper': user.is_supper,
                    'has_real_ip': True if x_real_ip else False,
-                    'permissions': [] if user.is_supper else user.role.permissions
+                    'permissions': [] if user.is_supper else user.page_perms
                })

        value = cache.get_or_set(form.username, 0, 86400)
--- a/spug_api/apps/app/views.py
+++ b/spug_api/apps/app/views.py
@ -9,7 +9,10 @@ import json

 class AppView(View):
    def get(self, request):
-        apps = App.objects.all()
+        query = {}
+        if not request.user.is_supper:
+            query['id__in'] = request.user.deploy_perms['apps']
+        apps = App.objects.filter(**query)
        return json_response(apps)

    def post(self, request):
@ -62,6 +65,10 @@ class DeployView(View):
        form, error = JsonParser(
            Argument('app_id', type=int, required=False)
        ).parse(request.GET, True)
+        if not request.user.is_supper:
+            perms = request.user.deploy_perms
+            form.app_id__in = perms['apps']
+            form.env_id__in = perms['envs']
        deploys = Deploy.objects.filter(**form).annotate(app_name=F('app__name'))
        return json_response(deploys)

--- a/spug_api/apps/config/views.py
+++ b/spug_api/apps/config/views.py
@ -7,7 +7,10 @@ import json

 class EnvironmentView(View):
    def get(self, request):
-        envs = Environment.objects.all()
+        query = {}
+        if not request.user.is_supper:
+            query['id__in'] = request.user.deploy_perms['envs']
+        envs = Environment.objects.filter(**query)
        return json_response(envs)

    def post(self, request):
--- a/spug_api/apps/deploy/views.py
+++ b/spug_api/apps/deploy/views.py
@ -13,8 +13,12 @@ import uuid

 class RequestView(View):
    def get(self, request):
-        data = []
-        for item in DeployRequest.objects.annotate(
+        data, query = [], {}
+        if not request.user.is_supper:
+            perms = request.user.deploy_perms
+            query['deploy__app_id__in'] = perms['apps']
+            query['deploy__env_id__in'] = perms['envs']
+        for item in DeployRequest.objects.filter(**query).annotate(
                env_name=F('deploy__env__name'),
                app_name=F('deploy__app__name'),
                app_host_ids=F('deploy__host_ids'),
@ -102,7 +106,7 @@ class RequestDetailView(View):
    def get(self, request, r_id):
        req = DeployRequest.objects.filter(pk=r_id).first()
        if not req:
-            return json_response(error='为找到指定发布申请')
+            return json_response(error='未找到指定发布申请')
        hosts = Host.objects.filter(id__in=json.loads(req.host_ids))
        targets = [{'id': x.id, 'title': f'{x.name}({x.hostname}:{x.port})'} for x in hosts]
        server_actions, host_actions = [], []
@ -121,7 +125,12 @@ class RequestDetailView(View):
        })

    def post(self, request, r_id):
-        req = DeployRequest.objects.filter(pk=r_id).first()
+        query = {'pk': r_id}
+        if not request.user.is_supper:
+            perms = request.user.deploy_perms
+            query['deploy__app_id__in'] = perms['apps']
+            query['deploy__env_id__in'] = perms['envs']
+        req = DeployRequest.objects.filter(**query).first()
        if not req:
            return json_response(error='未找到指定发布申请')
        if req.status not in ('1', '-3'):