From 5ec7357c568dd64665c2d29842896b8ef5b0866f Mon Sep 17 00:00:00 2001 From: jxxghp Date: Fri, 13 Sep 2024 17:23:41 +0800 Subject: [PATCH] fix bug --- app/api/endpoints/download.py | 6 +----- app/api/endpoints/search.py | 8 +------- app/db/user_oper.py | 23 ----------------------- 3 files changed, 2 insertions(+), 35 deletions(-) diff --git a/app/api/endpoints/download.py b/app/api/endpoints/download.py index 655b69bc..cd970cd8 100644 --- a/app/api/endpoints/download.py +++ b/app/api/endpoints/download.py @@ -9,7 +9,7 @@ from app.core.context import MediaInfo, Context, TorrentInfo from app.core.metainfo import MetaInfo from app.core.security import verify_token from app.db.models.user import User -from app.db.user_oper import get_current_active_user, check_user_permission +from app.db.user_oper import get_current_active_user router = APIRouter() @@ -100,8 +100,6 @@ def stop(hashString: str) -> Any: """ 暂停下载任务 """ - # 检查用户权限 - check_user_permission(permission='downloading.manage') ret = DownloadChain().set_downloading(hashString, "stop") return schemas.Response(success=True if ret else False) @@ -111,7 +109,5 @@ def delete(hashString: str) -> Any: """ 删除下载任务 """ - # 检查用户权限 - check_user_permission(permission='downloading.manage') ret = DownloadChain().remove_downloading(hashString) return schemas.Response(success=True if ret else False) diff --git a/app/api/endpoints/search.py b/app/api/endpoints/search.py index ecd64714..dea642bc 100644 --- a/app/api/endpoints/search.py +++ b/app/api/endpoints/search.py @@ -7,7 +7,6 @@ from app.chain.media import MediaChain from app.chain.search import SearchChain from app.core.config import settings from app.core.security import verify_token -from app.db.user_oper import check_user_permission from app.schemas.types import MediaType router = APIRouter() @@ -30,8 +29,6 @@ def search_by_id(mediaid: str, """ 根据TMDBID/豆瓣ID精确搜索站点资源 tmdb:/douban:/bangumi: """ - # 检查用户权限 - check_user_permission(permission='resource.search') if mtype: mtype = MediaType(mtype) if season: @@ -92,13 +89,10 @@ def search_by_id(mediaid: str, @router.get("/title", summary="模糊搜索资源", response_model=schemas.Response) def search_by_title(keyword: str = None, page: int = 0, - site: int = None, - _: schemas.TokenPayload = Depends(verify_token)) -> Any: + site: int = None) -> Any: """ 根据名称模糊搜索站点资源,支持分页,关键词为空是返回首页资源 """ - # 检查用户权限 - check_user_permission(permission='resource.search') torrents = SearchChain().search_by_title(title=keyword, page=page, site=site) if not torrents: return schemas.Response(success=False, message="未搜索到任何资源") diff --git a/app/db/user_oper.py b/app/db/user_oper.py index 79934579..60267a21 100644 --- a/app/db/user_oper.py +++ b/app/db/user_oper.py @@ -48,29 +48,6 @@ def get_current_active_superuser( return current_user -def check_user_permission( - permission: str, - current_user: User = Depends(get_current_user) -) -> User: - """ - 获取当前激活且有指定权限的用户 - """ - if not current_user.is_active: - raise HTTPException(status_code=403, detail="用户未激活") - if current_user.is_superuser: - return current_user - if not current_user.permissions: - raise HTTPException(status_code=400, detail="用户权限不足") - permission_dict = json.loads(current_user.permissions) - if permission_dict.get("admin"): - return current_user - for key in permission.split("."): - if key not in permission_dict or not permission_dict[key]: - raise HTTPException(status_code=400, detail="用户权限不足") - permission_dict = permission_dict[key] - return current_user - - class UserOper(DbOper): """ 用户管理