mirror of
https://github.com/jxxghp/MoviePilot.git
synced 2026-04-05 03:38:36 +08:00
fix permissions
This commit is contained in:
jxxghp
@@ -9,7 +9,7 @@ from app.core.context import MediaInfo, Context, TorrentInfo
|
||||
from app.core.metainfo import MetaInfo
|
||||
from app.core.security import verify_token
|
||||
from app.db.models.user import User
|
||||
from app.db.userauth import get_current_active_user
|
||||
from app.db.user_oper import get_current_active_user
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ from app.db import get_db
|
||||
from app.db.models import User
|
||||
from app.db.models.downloadhistory import DownloadHistory
|
||||
from app.db.models.transferhistory import TransferHistory
|
||||
from app.db.userauth import get_current_active_superuser
|
||||
from app.db.user_oper import get_current_active_superuser
|
||||
from app.schemas.types import EventType
|
||||
|
||||
router = APIRouter()
|
||||
|
||||
@@ -14,7 +14,7 @@ from app.core.security import verify_token
|
||||
from app.db import get_db
|
||||
from app.db.models import User
|
||||
from app.db.models.message import Message
|
||||
from app.db.userauth import get_current_active_superuser
|
||||
from app.db.user_oper import get_current_active_superuser
|
||||
from app.log import logger
|
||||
from app.modules.wechat.WXBizMsgCrypt3 import WXBizMsgCrypt
|
||||
from app.schemas.types import MessageChannel
|
||||
|
||||
@@ -15,7 +15,7 @@ from app.db.models.site import Site
|
||||
from app.db.models.siteicon import SiteIcon
|
||||
from app.db.models.sitestatistic import SiteStatistic
|
||||
from app.db.systemconfig_oper import SystemConfigOper
|
||||
from app.db.userauth import get_current_active_superuser
|
||||
from app.db.user_oper import get_current_active_superuser
|
||||
from app.helper.sites import SitesHelper
|
||||
from app.scheduler import Scheduler
|
||||
from app.schemas.types import SystemConfigKey, EventType
|
||||
|
||||
@@ -15,7 +15,7 @@ from app.db import get_db
|
||||
from app.db.models.subscribe import Subscribe
|
||||
from app.db.models.subscribehistory import SubscribeHistory
|
||||
from app.db.models.user import User
|
||||
from app.db.userauth import get_current_active_user
|
||||
from app.db.user_oper import get_current_active_user
|
||||
from app.helper.subscribe import SubscribeHelper
|
||||
from app.scheduler import Scheduler
|
||||
from app.schemas.types import MediaType
|
||||
|
||||
@@ -16,7 +16,7 @@ from app.core.module import ModuleManager
|
||||
from app.core.security import verify_token
|
||||
from app.db.models import User
|
||||
from app.db.systemconfig_oper import SystemConfigOper
|
||||
from app.db.userauth import get_current_active_superuser
|
||||
from app.db.user_oper import get_current_active_superuser
|
||||
from app.helper.message import MessageHelper
|
||||
from app.helper.progress import ProgressHelper
|
||||
from app.helper.rule import RuleHelper
|
||||
|
||||
@@ -9,7 +9,7 @@ from app import schemas
|
||||
from app.core.security import get_password_hash
|
||||
from app.db import get_db
|
||||
from app.db.models.user import User
|
||||
from app.db.userauth import get_current_active_superuser, get_current_active_user
|
||||
from app.db.user_oper import get_current_active_superuser, get_current_active_user
|
||||
from app.db.userconfig_oper import UserConfigOper
|
||||
from app.utils.otp import OtpUtils
|
||||
|
||||
|
||||
@@ -1,10 +1,72 @@
|
||||
import json
|
||||
from typing import Optional
|
||||
|
||||
from fastapi import Depends, HTTPException
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from app import schemas
|
||||
from app.core.security import verify_token
|
||||
from app.db import DbOper
|
||||
from app.db import get_db
|
||||
from app.db.models.user import User
|
||||
|
||||
|
||||
def get_current_user(
|
||||
db: Session = Depends(get_db),
|
||||
token_data: schemas.TokenPayload = Depends(verify_token)
|
||||
) -> User:
|
||||
"""
|
||||
获取当前用户
|
||||
"""
|
||||
user = User.get(db, rid=token_data.sub)
|
||||
if not user:
|
||||
raise HTTPException(status_code=403, detail="用户不存在")
|
||||
return user
|
||||
|
||||
|
||||
def get_current_active_user(
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> User:
|
||||
"""
|
||||
获取当前激活用户
|
||||
"""
|
||||
if not current_user.is_active:
|
||||
raise HTTPException(status_code=403, detail="用户未激活")
|
||||
return current_user
|
||||
|
||||
|
||||
def get_current_active_superuser(
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> User:
|
||||
"""
|
||||
获取当前激活超级管理员
|
||||
"""
|
||||
if not current_user.is_superuser:
|
||||
raise HTTPException(
|
||||
status_code=400, detail="用户权限不足"
|
||||
)
|
||||
return current_user
|
||||
|
||||
|
||||
def get_current_active_permission_user(
|
||||
permission: str,
|
||||
current_user: User = Depends(get_current_user)
|
||||
) -> User:
|
||||
"""
|
||||
获取当前激活且有指定权限的用户
|
||||
"""
|
||||
if not current_user.is_active:
|
||||
raise HTTPException(status_code=403, detail="用户未激活")
|
||||
if not current_user.permissions:
|
||||
raise HTTPException(status_code=400, detail="用户权限不足")
|
||||
permission_dict = json.loads(current_user.permissions)
|
||||
for key in permission.split("."):
|
||||
if key not in permission_dict or not permission_dict[key]:
|
||||
raise HTTPException(status_code=400, detail="用户权限不足")
|
||||
permission_dict = permission_dict[key]
|
||||
return current_user
|
||||
|
||||
|
||||
class UserOper(DbOper):
|
||||
"""
|
||||
用户管理
|
||||
@@ -13,6 +75,27 @@ class UserOper(DbOper):
|
||||
def get_permissions(self, name: str) -> dict:
|
||||
"""
|
||||
获取用户权限
|
||||
{
|
||||
"admin": "管理员",
|
||||
"usermanage": "用户管理",
|
||||
"dashboard": "仪表板",
|
||||
"ranking": "推荐榜单",
|
||||
"resource": {
|
||||
"search": "搜索站点资源",
|
||||
"download": "下载站点资源",
|
||||
},
|
||||
"subscribe": {
|
||||
"request": "提交订阅请求",
|
||||
"autopass": "订阅请求自动批准"
|
||||
"approve": "审批订阅请求",
|
||||
"calendar": "查看订阅日历",
|
||||
"manage": "管理所有订阅"
|
||||
},
|
||||
"downloading": {
|
||||
"view": "查看正在下载任务",
|
||||
"manager": "管理正在下载任务"
|
||||
}
|
||||
}
|
||||
"""
|
||||
user = User.get_by_name(self._db, name)
|
||||
if user:
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
from fastapi import Depends, HTTPException
|
||||
from sqlalchemy.orm import Session
|
||||
|
||||
from app import schemas
|
||||
from app.core.security import verify_token
|
||||
from app.db import get_db
|
||||
from app.db.models.user import User
|
||||
|
||||
|
||||
def get_current_user(
|
||||
db: Session = Depends(get_db),
|
||||
token_data: schemas.TokenPayload = Depends(verify_token)
|
||||
) -> User:
|
||||
user = User.get(db, rid=token_data.sub)
|
||||
if not user:
|
||||
raise HTTPException(status_code=403, detail="用户不存在")
|
||||
return user
|
||||
|
||||
|
||||
def get_current_active_user(
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> User:
|
||||
if not current_user.is_active:
|
||||
raise HTTPException(status_code=403, detail="用户未激活")
|
||||
return current_user
|
||||
|
||||
|
||||
def get_current_active_superuser(
|
||||
current_user: User = Depends(get_current_user),
|
||||
) -> User:
|
||||
if not current_user.is_superuser:
|
||||
raise HTTPException(
|
||||
status_code=400, detail="用户权限不足"
|
||||
)
|
||||
return current_user
|
||||
0
app/helper/user.py
Normal file
0
app/helper/user.py
Normal file
Reference in New Issue
Block a user