From fdbd37eb2516b67ca41b0b71b738e3368e2825fe Mon Sep 17 00:00:00 2001
From: xuyonghao <898441624@qq.com>
Date: 星期五, 27 十二月 2024 11:33:47 +0800
Subject: [PATCH] 用户所属部门与角色所属部门过滤
---
app/service/user.py | 174 +++++++++++++++++++++++++++++++++++++---------------------
1 files changed, 111 insertions(+), 63 deletions(-)
diff --git a/app/service/user.py b/app/service/user.py
index 09a82ad..ac3fddd 100644
--- a/app/service/user.py
+++ b/app/service/user.py
@@ -1,11 +1,15 @@
import time
+import uuid
from datetime import datetime
+from traceback import print_tb
from app.api import pwd_context
from app.api.dialog import dialog_list
from app.config.config import settings
-from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE
-from app.models import RoleModel, GroupModel, AgentType, role_resource_table, DialogModel, OrganizationModel
+from app.config.const import RAGFLOW, BISHENG, DIFY, USER_STATSU_DELETE, ROLE_STATUS_ON, DEPT_STATUS_ON, \
+ Dialog_STATSU_ON
+from app.models import RoleModel, GroupModel, AgentType, role_resource_table, DialogModel, OrganizationModel, \
+ ResourceModel
from app.models.menu_model import WebMenuModel, MenuCapacityModel
from app.models.user_model import UserModel, UserAppModel
from Log import logger
@@ -57,7 +61,7 @@
app_register = AppRegisterDao(db).get_apps()
register_dict = {}
token = ""
- app_password = generate_password()
+ app_password = await generate_password()
for app in app_register:
if app["id"] == RAGFLOW:
service = RagflowService(settings.fwr_base_url)
@@ -81,10 +85,10 @@
# 瀛樺偍鐢ㄦ埛淇℃伅
hashed_password = pwd_context.hash(password)
-
+ sync_flag = str(uuid.uuid4())
user_model = UserModel(username=user_name, hashed_password=hashed_password, email=email,
## ragflow_id=ragflow_info.get("id"),bisheng_id=bisheng_info.get("user_id"),
- phone=phone, login_name=login_name)
+ phone=phone, login_name=login_name,sync_flag=sync_flag)
pwd = user_model.encrypted_password(app_password)
user_model.roles = [db.get(RoleModel, roleId) for roleId in roles]
user_model.password = pwd
@@ -95,17 +99,20 @@
db.commit()
db.refresh(user_model)
u_id = user_model.id
+ user_app_dao = UserAppDao(db)
for k, v in register_dict.items():
- await UserAppDao(db).update_and_insert_data(v.get("name"), pwd, v.get("email"), u_id, str(v.get("id")), k)
+ await user_app_dao.update_and_insert_data(v.get("name"), pwd, v.get("email"), u_id, str(v.get("id")), k)
except Exception as e:
logger.error(e)
# db.rollback()
- return False
- return True
+ return ''
+ return sync_flag
async def edit_user_data(db, user_id, email, phone, login_name, roles, groups):
try:
+ print(121221)
+ print(roles)
user = db.query(UserModel).filter(UserModel.id == user_id).first()
user.email = email
user.phone = phone
@@ -115,6 +122,7 @@
user.roles = [db.get(RoleModel, roleId) for roleId in roles]
# user.groups = [db.get(GroupModel, groupId) for groupId in groups]
db.commit()
+ print(4343)
except Exception as e:
logger.error(e)
db.rollback()
@@ -168,6 +176,8 @@
user = db.query(UserModel).filter(UserModel.id==user_id,UserModel.status !=USER_STATSU_DELETE).first()
await role_resource(role_set, roles, permissions, user.roles)
for ogt in user.organizations:
+ if ogt.status != DEPT_STATUS_ON:
+ continue
dept.append(ogt.to_json())
if ogt.roles:
await role_resource(role_set, roles, permissions, user.roles)
@@ -185,11 +195,11 @@
async def role_resource(role_set, role_list, permissions, roles):
for role in roles:
- if role.id not in role_set:
+ if role.id not in role_set and role.status == ROLE_STATUS_ON:
role_set.add(role.id)
role_list.append(role.to_dict())
for r in role.resources:
- if r.resource_type_id == "1":
+ if r.resource_type_id == "1" and r.status==DEPT_STATUS_ON:
permissions.add(r.perms)
@@ -198,43 +208,73 @@
role_set = set()
dept_set = set()
user = db.query(UserModel).filter_by(id=user_id).first()
+ parent_resource = db.query(ResourceModel).filter(ResourceModel.status == DEPT_STATUS_ON, ResourceModel.resource_id == None).first()
parent_id = ""
-
- async def role_resource(role_set, permissions, roles):
- nonlocal parent_id
- for role in roles:
- if role.id not in role_set:
- role_set.add(role.id)
-
- for r in role.resources:
- if r.resource_type_id != "1":
- if not r.resource_id:
- parent_id = r.id
- continue
- permissions[r.id] = r.to_router_dict()
-
- await role_resource(role_set, permissions, user.roles)
- for ogt in user.organizations:
- if ogt.roles:
- await role_resource(role_set, permissions, user.roles)
- parent_ogt = ogt.parent
- while parent_ogt:
- if parent_ogt.id not in dept_set:
- await role_resource(role_set, permissions, parent_ogt.roles)
- dept_set.add(parent_ogt.id)
- parent_ogt = parent_ogt.parent
- else:
- break
+ print(user_id)
+ if parent_resource:
+ parent_id = parent_resource.id
tmp_dit = {}
- for permission in permissions.values():
- tmp_dit[permission["parentId"]] = tmp_dit.get(permission["parentId"], []) + [permission]
+ if user.permission == "admin":
+ dept_list = db.query(ResourceModel).filter(ResourceModel.status==DEPT_STATUS_ON, ResourceModel.resource_type_id != "1").all()
+ for dept in dept_list:
+ permissions[dept.id] = dept
+ else:
+ async def role_resource(role_set, permissions, roles):
+ nonlocal parent_id
+ for role in roles:
+ print(role.name)
+ if role.id not in role_set and role.status == ROLE_STATUS_ON:
+ role_set.add(role.id)
+ for r in role.resources:
+ if r.resource_type_id != "1" and r.status==DEPT_STATUS_ON:
+ permissions[r.id] = r
+
+ await role_resource(role_set, permissions, user.roles)
+ for ogt in user.organizations:
+ print(ogt.name)
+ if ogt.status != DEPT_STATUS_ON:
+ continue
+ print(ogt.name)
+ if ogt.roles:
+ print(9877)
+ await role_resource(role_set, permissions,ogt.roles)
+ parent_ogt = ogt.parent
+ while parent_ogt:
+ if parent_ogt.id not in dept_set:
+ await role_resource(role_set, permissions, parent_ogt.roles)
+ dept_set.add(parent_ogt.id)
+ parent_ogt = parent_ogt.parent
+ else:
+ break
+ # print(permissions.keys())
+ def get_parent(parent, permissions):
+ # print(parent.id)
+ # nonlocal permissions
+ if parent.id not in permissions:
+
+ permissions[parent.id] = parent # .to_router_dict()
+ # print(permissions.keys())
+ parent = parent.parent
+ if parent:
+ get_parent(parent, permissions)
+ # permission_list = []
+ for permission in list(permissions.values()):
+ if permission.parent:
+ get_parent(permission.parent, permissions)
+
+ permission_list = [p.to_router_dict() for p in permissions.values()]
+ for permission in permission_list:
+ tmp_dit[permission["parentId"]] = tmp_dit.get(permission["parentId"], []) + [permission]
+ # print(permissions.keys())
def get_child(parent_id):
- res = permissions[parent_id]
+ # if parent_id in tmp_dit:
+ res = permissions[parent_id].to_router_dict()
res["children"] = [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]
return res
-
- return {"routers": [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]}
+ select_list = [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]
+ sorted_permission_list = sorted(select_list, key=lambda x: x['seq'], reverse=True)
+ return {"routers": sorted_permission_list}
async def get_user_menus(db, user_id):
@@ -243,12 +283,17 @@
res = []
# print(user_id)
user = db.query(UserModel).filter_by(id=user_id).first()
- for group in user.groups:
- for dialog in group.dialogs:
- dialog_list.append(dialog.id)
+ if user.permission == "admin":
+ dialog_list = [i.id for i in db.query(DialogModel).filter(DialogModel.status==Dialog_STATSU_ON).all()]
+ else:
+ for group in user.groups:
+ for dialog in group.dialogs:
+ dialog_list.append(dialog.id)
+
+
# print(dialog_list)
menu_list = db.query(WebMenuModel.id, WebMenuModel.title, WebMenuModel.describe, WebMenuModel.icon, WebMenuModel.desc,WebMenuModel.rank,
- WebMenuModel.img, MenuCapacityModel.capacity_id, MenuCapacityModel.capacity_type, MenuCapacityModel.chat_id.label("agentId")).outerjoin(
+ WebMenuModel.img, MenuCapacityModel.capacity_id, MenuCapacityModel.capacity_type, MenuCapacityModel.chat_id.label("agentId"), MenuCapacityModel.chat_type).outerjoin(
MenuCapacityModel, WebMenuModel.id == MenuCapacityModel.menu_id).outerjoin(
DialogModel, MenuCapacityModel.capacity_id == DialogModel.id).filter(DialogModel.status=="1").all()
@@ -264,14 +309,16 @@
break
else:
res.append({
- 'id': menus[0].id,
- 'title': menus[0].title,
+ 'menuId': menus[0].id,
+ 'name': menus[0].title,
'icon': menus[0].icon,
'img': menus[0].img,
'desc': menus[0].desc,
'dialog': menus[0].describe,
- 'agentId': menus[0].agentId,
- 'rank': menus[0].rank
+ 'id': menus[0].agentId,
+ 'rank': menus[0].rank,
+ 'agent_type': menus[0].capacity_type,
+ 'type': menus[0].chat_type
})
return sorted(res, key=lambda x: x['rank'], reverse=True)
@@ -294,15 +341,15 @@
for r in role.resources:
if r.resource_type_id != "1":
- if not r.resource_id:
- parent_id = r.id
- continue
+ # if not r.resource_id:
+ # parent_id = r.id
+ # continue
permissions[r.id] = r.to_router_dict()
await role_resource(role_set, permissions, user.roles)
for ogt in user.organizations:
if ogt.roles:
- await role_resource(role_set, permissions, user.roles)
+ await role_resource(role_set, permissions, ogt.roles)
parent_ogt = ogt.parent
while parent_ogt:
@@ -314,16 +361,17 @@
else:
break
- tmp_dit = {}
- for permission in permissions.values():
- tmp_dit[permission["parentId"]] = tmp_dit.get(permission["parentId"], []) + [permission]
+ # tmp_dit = {}
+ # for permission in permissions.values():
+ # tmp_dit[permission["parentId"]] = tmp_dit.get(permission["parentId"], []) + [permission]
+ #
+ # def get_child(parent_id):
+ # res = permissions[parent_id]
+ # res["children"] = [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]
+ # return res
- def get_child(parent_id):
- res = permissions[parent_id]
- res["children"] = [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]
- return res
-
- res["menus"] = [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]
+ # res["menus"] = [get_child(i["id"]) for i in tmp_dit.get(parent_id, [])]
+ res["menus"] = list(permissions.values())
for group in user.groups:
for klg in group.knowledges:
knowledge_dict[klg.id] = klg.to_json()
@@ -337,7 +385,7 @@
async def get_user_dept(db, user_id):
res = {}
user = db.query(UserModel).filter_by(id=user_id).first()
- res["rows"] = [i.to_dict() for i in user.organizations]
+ res["rows"] = [i.to_dict() for i in user.organizations if i.status == DEPT_STATUS_ON]
return res
--
Gitblit v1.8.0