From 91062dda27e06bf29eaa78eff47ba505ad19b7a2 Mon Sep 17 00:00:00 2001
From: zhaoqingang <zhaoqg0118@163.com>
Date: 星期三, 18 十二月 2024 16:00:31 +0800
Subject: [PATCH] 机构接口优化
---
app/service/user.py | 73 +++++++++++++++++++++---------------
1 files changed, 43 insertions(+), 30 deletions(-)
diff --git a/app/service/user.py b/app/service/user.py
index 09a82ad..0cf305c 100644
--- a/app/service/user.py
+++ b/app/service/user.py
@@ -4,8 +4,9 @@
from app.api import pwd_context
from app.api.dialog import dialog_list
from app.config.config import settings
-from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
-from app.models import RoleModel, GroupModel, AgentType, role_resource_table, DialogModel, OrganizationModel
+from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, ROLE_STATUS_ON, DEPT_STATUS_ON
+from app.models import RoleModel, GroupModel, AgentType, role_resource_table, DialogModel, OrganizationModel, \
+ ResourceModel
from app.models.menu_model import WebMenuModel, MenuCapacityModel
from app.models.user_model import UserModel, UserAppModel
from Log import logger
@@ -168,6 +169,8 @@
user = db.query(UserModel).filter(UserModel.id==user_id,UserModel.status !=USER_STATSU_DELETE).first()
await role_resource(role_set, roles, permissions, user.roles)
for ogt in user.organizations:
+ if ogt.status != DEPT_STATUS_ON:
+ continue
dept.append(ogt.to_json())
if ogt.roles:
await role_resource(role_set, roles, permissions, user.roles)
@@ -185,11 +188,11 @@
async def role_resource(role_set, role_list, permissions, roles):
for role in roles:
- if role.id not in role_set:
+ if role.id not in role_set and role.status == ROLE_STATUS_ON:
role_set.add(role.id)
role_list.append(role.to_dict())
for r in role.resources:
- if r.resource_type_id == "1":
+ if r.resource_type_id == "1" and r.status==DEPT_STATUS_ON:
permissions.add(r.perms)
@@ -199,33 +202,43 @@
dept_set = set()
user = db.query(UserModel).filter_by(id=user_id).first()
parent_id = ""
-
- async def role_resource(role_set, permissions, roles):
- nonlocal parent_id
- for role in roles:
- if role.id not in role_set:
- role_set.add(role.id)
-
- for r in role.resources:
- if r.resource_type_id != "1":
- if not r.resource_id:
- parent_id = r.id
- continue
- permissions[r.id] = r.to_router_dict()
-
- await role_resource(role_set, permissions, user.roles)
- for ogt in user.organizations:
- if ogt.roles:
- await role_resource(role_set, permissions, user.roles)
- parent_ogt = ogt.parent
- while parent_ogt:
- if parent_ogt.id not in dept_set:
- await role_resource(role_set, permissions, parent_ogt.roles)
- dept_set.add(parent_ogt.id)
- parent_ogt = parent_ogt.parent
- else:
- break
tmp_dit = {}
+ if user.permission == "admin":
+ dept_list = db.query(ResourceModel).filter(ResourceModel.status==DEPT_STATUS_ON, ResourceModel.resource_type_id != "1").all()
+ for dept in dept_list:
+ if not dept.resource_id:
+ parent_id = dept.id
+ continue
+ permissions[dept.id] = dept.to_router_dict()
+ else:
+ async def role_resource(role_set, permissions, roles):
+ nonlocal parent_id
+ for role in roles:
+ if role.id not in role_set and role.status == ROLE_STATUS_ON:
+ role_set.add(role.id)
+
+ for r in role.resources:
+ if r.resource_type_id != "1" and r.status==DEPT_STATUS_ON:
+ if not r.resource_id:
+ parent_id = r.id
+ continue
+ permissions[r.id] = r.to_router_dict()
+
+ await role_resource(role_set, permissions, user.roles)
+ for ogt in user.organizations:
+ if ogt.status != DEPT_STATUS_ON:
+ continue
+ if ogt.roles:
+ await role_resource(role_set, permissions, user.roles)
+ parent_ogt = ogt.parent
+ while parent_ogt:
+ if parent_ogt.id not in dept_set:
+ await role_resource(role_set, permissions, parent_ogt.roles)
+ dept_set.add(parent_ogt.id)
+ parent_ogt = parent_ogt.parent
+ else:
+ break
+
for permission in permissions.values():
tmp_dit[permission["parentId"]] = tmp_dit.get(permission["parentId"], []) + [permission]
--
Gitblit v1.8.0