hygc/hts-code-query-system-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 修复普通用户也能获取下属部门的数据

Browse Source
This commit is contained in:
皓月归尘 2025-02-24 18:33:22 +08:00
parent afe1ae8353
commit 8edb6badc4
4 changed files with 57 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
annotation/auth.py
View File

@ -40,3 +40,16 @@ class Auth:
raise PermissionException(message="该用户无此接口权限!") raise PermissionException(message="该用户无此接口权限!")
return wrapper return wrapper
async def hasAuth(request: Request, permission: str) -> bool:
"""
判断是有拥有某项权限
"""
token = request.headers.get('Authorization') # 直接使用 request 对象
current_user = await LoginController.get_current_user(request, token)
permissions = current_user.get('permissions')
if permission in permissions:
return True
else:
return False

14
api/code.py
View File

@ -16,7 +16,7 @@ from fastapi import APIRouter, Depends, Path, Request, Query
from fastapi.encoders import jsonable_encoder from fastapi.encoders import jsonable_encoder
from fastapi.responses import JSONResponse, FileResponse from fastapi.responses import JSONResponse, FileResponse
from annotation.auth import Auth from annotation.auth import Auth, hasAuth
from annotation.log import Log from annotation.log import Log
from config.constant import BusinessType from config.constant import BusinessType
from config.env import ElasticSearchConfig from config.env import ElasticSearchConfig
@ -476,9 +476,13 @@ async def get_code_log_list(request: Request,
startTime = datetime.fromtimestamp(startTime) startTime = datetime.fromtimestamp(startTime)
endTime = datetime.fromtimestamp(endTime) endTime = datetime.fromtimestamp(endTime)
filterArgs['operation_time__range'] = [startTime, endTime] filterArgs['operation_time__range'] = [startTime, endTime]
if not department_id: if await hasAuth(request, "code:btn:logAdmin"):
if department_id:
filterArgs['operator__department__id'] = department_id
else:
filterArgs['operator__department__id__in'] = sub_departments filterArgs['operator__department__id__in'] = sub_departments
else: else:
if department_id:
filterArgs['operator__department__id'] = department_id filterArgs['operator__department__id'] = department_id
count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count() count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count()
data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").offset( data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").offset(
@ -532,9 +536,13 @@ async def get_code_log_list(request: Request,
startTime = datetime.fromtimestamp(startTime) startTime = datetime.fromtimestamp(startTime)
endTime = datetime.fromtimestamp(endTime) endTime = datetime.fromtimestamp(endTime)
filterArgs['operation_time__range'] = [startTime, endTime] filterArgs['operation_time__range'] = [startTime, endTime]
if not department_id: if await hasAuth(request, "code:btn:logAdmin"):
if department_id:
filterArgs['operator__department__id'] = department_id
else:
filterArgs['operator__department__id__in'] = sub_departments filterArgs['operator__department__id__in'] = sub_departments
else: else:
if department_id:
filterArgs['operator__department__id'] = department_id filterArgs['operator__department__id'] = department_id
count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count() count = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).count()
data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").values( data = await QueryCodeLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).order_by("-operation_time").values(

19
api/log.py
View File

@ -12,7 +12,7 @@ from fastapi import APIRouter, Depends, Path, Query, Request
from fastapi.encoders import jsonable_encoder from fastapi.encoders import jsonable_encoder
from fastapi.responses import JSONResponse from fastapi.responses import JSONResponse
from annotation.auth import Auth from annotation.auth import Auth, hasAuth
from annotation.log import Log from annotation.log import Log
from config.constant import BusinessType, RedisKeyConfig from config.constant import BusinessType, RedisKeyConfig
from controller.login import LoginController from controller.login import LoginController
@ -41,9 +41,8 @@ async def get_login_log(request: Request,
current_user: dict = Depends(LoginController.get_current_user), current_user: dict = Depends(LoginController.get_current_user),
): ):
sub_departments = current_user.get("sub_departments") sub_departments = current_user.get("sub_departments")
user_id = current_user.get("id")
online_user_list = await LoginController.get_online_user(request, sub_departments) online_user_list = await LoginController.get_online_user(request, sub_departments)
online_user_list = list(
filter(lambda x: x["department_id"] in sub_departments, jsonable_encoder(online_user_list)))
filterArgs = { filterArgs = {
f'{k}__contains': v for k, v in { f'{k}__contains': v for k, v in {
'username': username, 'username': username,
@ -56,10 +55,18 @@ async def get_login_log(request: Request,
startTime = datetime.fromtimestamp(float(startTime) / 1000) startTime = datetime.fromtimestamp(float(startTime) / 1000)
endTime = datetime.fromtimestamp(float(endTime) / 1000) endTime = datetime.fromtimestamp(float(endTime) / 1000)
filterArgs['login_time__range'] = [startTime, endTime] filterArgs['login_time__range'] = [startTime, endTime]
if await hasAuth(request, "login:btn:admin"):
online_user_list = list(
filter(lambda x: x["department_id"] in sub_departments, jsonable_encoder(online_user_list)))
if not department_id: if not department_id:
filterArgs['user__department__id__in'] = sub_departments filterArgs['user__department__id__in'] = sub_departments
else: else:
filterArgs['user__department__id'] = department_id filterArgs['user__department__id'] = department_id
else:
online_user_list = list(
filter(lambda x: x["user_id"] == user_id, jsonable_encoder(online_user_list)))
if department_id:
filterArgs['user__department__id'] = department_id
result = await LoginLog.filter(**filterArgs, user__del_flag=1, del_flag=1).offset( result = await LoginLog.filter(**filterArgs, user__del_flag=1, del_flag=1).offset(
(page - 1) * pageSize).limit(pageSize).values( (page - 1) * pageSize).limit(pageSize).values(
id="id", id="id",
@ -171,6 +178,7 @@ async def get_operation_log(request: Request,
current_user: dict = Depends(LoginController.get_current_user), current_user: dict = Depends(LoginController.get_current_user),
): ):
sub_departments = current_user.get("sub_departments") sub_departments = current_user.get("sub_departments")
user_id = current_user.get("id")
filterArgs = { filterArgs = {
f'{k}__contains': v for k, v in { f'{k}__contains': v for k, v in {
'operation_name': name, 'operation_name': name,
@ -185,10 +193,15 @@ async def get_operation_log(request: Request,
startTime = datetime.fromtimestamp(float(startTime) / 1000) startTime = datetime.fromtimestamp(float(startTime) / 1000)
endTime = datetime.fromtimestamp(float(endTime) / 1000) endTime = datetime.fromtimestamp(float(endTime) / 1000)
filterArgs['operation_time__range'] = [startTime, endTime] filterArgs['operation_time__range'] = [startTime, endTime]
if await hasAuth(request, "operation:btn:admin"):
if not department_id: if not department_id:
filterArgs['department__id__in'] = sub_departments filterArgs['department__id__in'] = sub_departments
else: else:
filterArgs['department__id'] = department_id filterArgs['department__id'] = department_id
else:
filterArgs['operator__id'] = user_id
if department_id:
filterArgs['department__id'] = department_id
result = await OperationLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).offset( result = await OperationLog.filter(**filterArgs, operator__del_flag=1, del_flag=1).offset(
(page - 1) * pageSize).limit( (page - 1) * pageSize).limit(
pageSize).values( pageSize).values(

6
api/role.py
View File

@ -10,7 +10,7 @@ from typing import Optional
from fastapi import APIRouter, Depends, Path, Query, Request from fastapi import APIRouter, Depends, Path, Query, Request
from fastapi.responses import JSONResponse from fastapi.responses import JSONResponse
from annotation.auth import Auth from annotation.auth import Auth, hasAuth
from annotation.log import Log from annotation.log import Log
from config.constant import BusinessType, RedisKeyConfig from config.constant import BusinessType, RedisKeyConfig
from controller.login import LoginController from controller.login import LoginController
@ -194,8 +194,12 @@ async def get_role_list(
"status": status "status": status
}.items() if v }.items() if v
} }
if await hasAuth(request, "role:btn:admin"):
if not department_id: if not department_id:
filterArgs["department__id__in"] = current_user.get("sub_departments") filterArgs["department__id__in"] = current_user.get("sub_departments")
else:
if department_id:
filterArgs["department__id"] = department_id
total = await Role.filter(**filterArgs, del_flag=1).count() total = await Role.filter(**filterArgs, del_flag=1).count()
data = await Role.filter(**filterArgs, del_flag=1).offset( data = await Role.filter(**filterArgs, del_flag=1).offset(
(page - 1) * pageSize).limit( (page - 1) * pageSize).limit(