2023-09-15 09:40:35 +00:00
|
|
|
|
"""
|
|
|
|
|
|
@project: qabot
|
|
|
|
|
|
@Author:虎
|
|
|
|
|
|
@file: permission_constants.py
|
|
|
|
|
|
@date:2023/9/13 18:23
|
|
|
|
|
|
@desc: 权限,角色 常量
|
|
|
|
|
|
"""
|
|
|
|
|
|
from enum import Enum
|
|
|
|
|
|
from typing import List
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class Group(Enum):
|
|
|
|
|
|
"""
|
2024-04-15 06:51:09 +00:00
|
|
|
|
权限组 一个组一般对应前端一个菜单
|
2023-09-15 09:40:35 +00:00
|
|
|
|
"""
|
|
|
|
|
|
USER = "USER"
|
|
|
|
|
|
|
2023-10-09 11:03:41 +00:00
|
|
|
|
DATASET = "DATASET"
|
|
|
|
|
|
|
|
|
|
|
|
APPLICATION = "APPLICATION"
|
|
|
|
|
|
|
|
|
|
|
|
SETTING = "SETTING"
|
|
|
|
|
|
|
2023-11-16 05:16:27 +00:00
|
|
|
|
MODEL = "MODEL"
|
|
|
|
|
|
|
|
|
|
|
|
TEAM = "TEAM"
|
|
|
|
|
|
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
class Operate(Enum):
|
|
|
|
|
|
"""
|
|
|
|
|
|
一个权限组的操作权限
|
|
|
|
|
|
"""
|
|
|
|
|
|
READ = 'READ'
|
|
|
|
|
|
EDIT = "EDIT"
|
|
|
|
|
|
CREATE = "CREATE"
|
|
|
|
|
|
DELETE = "DELETE"
|
2023-10-09 11:03:41 +00:00
|
|
|
|
"""
|
|
|
|
|
|
管理权限
|
|
|
|
|
|
"""
|
|
|
|
|
|
MANAGE = "MANAGE"
|
|
|
|
|
|
"""
|
|
|
|
|
|
使用权限
|
|
|
|
|
|
"""
|
|
|
|
|
|
USE = "USE"
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
2023-11-16 05:16:27 +00:00
|
|
|
|
class RoleGroup(Enum):
|
|
|
|
|
|
USER = 'USER'
|
|
|
|
|
|
APPLICATION_KEY = "APPLICATION_KEY"
|
|
|
|
|
|
APPLICATION_ACCESS_TOKEN = "APPLICATION_ACCESS_TOKEN"
|
|
|
|
|
|
|
|
|
|
|
|
|
2023-09-15 09:40:35 +00:00
|
|
|
|
class Role:
|
2023-11-16 05:16:27 +00:00
|
|
|
|
def __init__(self, name: str, decs: str, group: RoleGroup):
|
2023-09-15 09:40:35 +00:00
|
|
|
|
self.name = name
|
|
|
|
|
|
self.decs = decs
|
2023-11-16 05:16:27 +00:00
|
|
|
|
self.group = group
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class RoleConstants(Enum):
|
2023-11-16 05:16:27 +00:00
|
|
|
|
ADMIN = Role("管理员", "管理员,预制目前不会使用", RoleGroup.USER)
|
|
|
|
|
|
USER = Role("用户", "用户所有权限", RoleGroup.USER)
|
|
|
|
|
|
APPLICATION_ACCESS_TOKEN = Role("会话", "只拥有应用会话框接口权限", RoleGroup.APPLICATION_ACCESS_TOKEN),
|
|
|
|
|
|
APPLICATION_KEY = Role("应用私钥", "应用私钥", RoleGroup.APPLICATION_KEY)
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class Permission:
|
|
|
|
|
|
"""
|
|
|
|
|
|
权限信息
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
2023-10-09 11:03:41 +00:00
|
|
|
|
def __init__(self, group: Group, operate: Operate, roles=None, dynamic_tag=None):
|
|
|
|
|
|
if roles is None:
|
|
|
|
|
|
roles = []
|
2023-09-15 09:40:35 +00:00
|
|
|
|
self.group = group
|
|
|
|
|
|
self.operate = operate
|
|
|
|
|
|
self.roleList = roles
|
2023-10-09 11:03:41 +00:00
|
|
|
|
self.dynamic_tag = dynamic_tag
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
def __str__(self):
|
2023-10-09 11:03:41 +00:00
|
|
|
|
return self.group.value + ":" + self.operate.value + (
|
|
|
|
|
|
(":" + self.dynamic_tag) if self.dynamic_tag is not None else '')
|
|
|
|
|
|
|
|
|
|
|
|
def __eq__(self, other):
|
|
|
|
|
|
return str(self) == str(other)
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class PermissionConstants(Enum):
|
|
|
|
|
|
"""
|
|
|
|
|
|
权限枚举
|
|
|
|
|
|
"""
|
|
|
|
|
|
USER_READ = Permission(group=Group.USER, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
USER_EDIT = Permission(group=Group.USER, operate=Operate.EDIT, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
2023-10-09 11:03:41 +00:00
|
|
|
|
USER_DELETE = Permission(group=Group.USER, operate=Operate.DELETE, roles=[RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
DATASET_CREATE = Permission(group=Group.DATASET, operate=Operate.CREATE,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
DATASET_READ = Permission(group=Group.DATASET, operate=Operate.READ,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
2024-01-03 03:51:48 +00:00
|
|
|
|
DATASET_EDIT = Permission(group=Group.DATASET, operate=Operate.EDIT,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
2023-10-09 11:03:41 +00:00
|
|
|
|
APPLICATION_READ = Permission(group=Group.APPLICATION, operate=Operate.READ,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
2023-11-16 05:16:27 +00:00
|
|
|
|
APPLICATION_CREATE = Permission(group=Group.APPLICATION, operate=Operate.CREATE,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
2024-02-29 08:14:07 +00:00
|
|
|
|
APPLICATION_DELETE = Permission(group=Group.APPLICATION, operate=Operate.DELETE,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
APPLICATION_EDIT = Permission(group=Group.APPLICATION, operate=Operate.EDIT,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
2023-10-09 11:03:41 +00:00
|
|
|
|
SETTING_READ = Permission(group=Group.SETTING, operate=Operate.READ,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
2023-11-16 05:16:27 +00:00
|
|
|
|
MODEL_READ = Permission(group=Group.MODEL, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
MODEL_EDIT = Permission(group=Group.MODEL, operate=Operate.EDIT, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
MODEL_DELETE = Permission(group=Group.MODEL, operate=Operate.DELETE,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
MODEL_CREATE = Permission(group=Group.MODEL, operate=Operate.CREATE,
|
|
|
|
|
|
roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
TEAM_READ = Permission(group=Group.TEAM, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
TEAM_CREATE = Permission(group=Group.TEAM, operate=Operate.CREATE, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
TEAM_DELETE = Permission(group=Group.TEAM, operate=Operate.DELETE, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
|
|
|
|
|
TEAM_EDIT = Permission(group=Group.TEAM, operate=Operate.EDIT, roles=[RoleConstants.ADMIN, RoleConstants.USER])
|
|
|
|
|
|
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
def get_permission_list_by_role(role: RoleConstants):
|
|
|
|
|
|
"""
|
|
|
|
|
|
根据角色 获取角色对应的权限
|
|
|
|
|
|
:param role: 角色
|
|
|
|
|
|
:return: 权限
|
|
|
|
|
|
"""
|
|
|
|
|
|
return list(map(lambda k: PermissionConstants[k],
|
|
|
|
|
|
list(filter(lambda k: PermissionConstants[k].value.roleList.__contains__(role),
|
|
|
|
|
|
PermissionConstants.__members__))))
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class Auth:
|
|
|
|
|
|
"""
|
|
|
|
|
|
用于存储当前用户的角色和权限
|
|
|
|
|
|
"""
|
|
|
|
|
|
|
2024-03-13 21:43:01 +00:00
|
|
|
|
def __init__(self, role_list: List[RoleConstants], permission_list: List[PermissionConstants | Permission]
|
2024-04-25 08:17:29 +00:00
|
|
|
|
, client_id, client_type, current_role: RoleConstants, **keywords):
|
2023-09-15 09:40:35 +00:00
|
|
|
|
self.role_list = role_list
|
|
|
|
|
|
self.permission_list = permission_list
|
2024-03-13 21:43:01 +00:00
|
|
|
|
self.client_id = client_id
|
|
|
|
|
|
self.client_type = client_type
|
2023-11-16 05:16:27 +00:00
|
|
|
|
self.keywords = keywords
|
2024-04-25 08:17:29 +00:00
|
|
|
|
self.current_role = current_role
|
2023-09-15 09:40:35 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class CompareConstants(Enum):
|
|
|
|
|
|
# 或者
|
|
|
|
|
|
OR = "OR"
|
|
|
|
|
|
# 并且
|
|
|
|
|
|
AND = "AND"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class ViewPermission:
|
2023-11-16 05:16:27 +00:00
|
|
|
|
def __init__(self, roleList: List[RoleConstants], permissionList: List[PermissionConstants | object],
|
2023-09-15 09:40:35 +00:00
|
|
|
|
compare=CompareConstants.OR):
|
|
|
|
|
|
self.roleList = roleList
|
|
|
|
|
|
self.permissionList = permissionList
|
|
|
|
|
|
self.compare = compare
|
