15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-26 10:12:51 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
MaxKB/apps/common/constants/permission_constants.py
2025-01-13 11:15:51 +08:00

177 lines
5.8 KiB
Python
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

"""
@project: qabot
@Author
@file permission_constants.py
@date2023/9/13 18:23
@desc: 权限,角色 常量
"""
from enum import Enum
from typing import List
from django.utils.translation import gettext_lazy as _
class Group(Enum):
"""
权限组 一个组一般对应前端一个菜单
"""
USER = "USER"
DATASET = "DATASET"
APPLICATION = "APPLICATION"
SETTING = "SETTING"
MODEL = "MODEL"
TEAM = "TEAM"
class Operate(Enum):
"""
一个权限组的操作权限
"""
READ = 'READ'
EDIT = "EDIT"
CREATE = "CREATE"
DELETE = "DELETE"
"""
管理权限
"""
MANAGE = "MANAGE"
"""
使用权限
"""
USE = "USE"
class RoleGroup(Enum):
USER = 'USER'
APPLICATION_KEY = "APPLICATION_KEY"
APPLICATION_ACCESS_TOKEN = "APPLICATION_ACCESS_TOKEN"
class Role:
def __init__(self, name: str, decs: str, group: RoleGroup):
self.name = name
self.decs = decs
self.group = group
class RoleConstants(Enum):
ADMIN = Role(_("ADMIN"), _('Admin, prefabs are not currently used'), RoleGroup.USER)
USER = Role(_("USER"), _('All user permissions'), RoleGroup.USER)
APPLICATION_ACCESS_TOKEN = Role(_('chat'), _('Only has application dialog interface permissions'), RoleGroup.APPLICATION_ACCESS_TOKEN),
APPLICATION_KEY = Role(_('Apply private key'), _('Apply private key'), RoleGroup.APPLICATION_KEY)
class Permission:
"""
权限信息
"""
def __init__(self, group: Group, operate: Operate, roles=None, dynamic_tag=None):
if roles is None:
roles = []
self.group = group
self.operate = operate
self.roleList = roles
self.dynamic_tag = dynamic_tag
def __str__(self):
return self.group.value + ":" + self.operate.value + (
(":" + self.dynamic_tag) if self.dynamic_tag is not None else '')
def __eq__(self, other):
return str(self) == str(other)
class PermissionConstants(Enum):
"""
权限枚举
"""
USER_READ = Permission(group=Group.USER, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])
USER_EDIT = Permission(group=Group.USER, operate=Operate.EDIT, roles=[RoleConstants.ADMIN, RoleConstants.USER])
USER_DELETE = Permission(group=Group.USER, operate=Operate.DELETE, roles=[RoleConstants.USER])
DATASET_CREATE = Permission(group=Group.DATASET, operate=Operate.CREATE,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
DATASET_READ = Permission(group=Group.DATASET, operate=Operate.READ,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
DATASET_EDIT = Permission(group=Group.DATASET, operate=Operate.EDIT,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
APPLICATION_READ = Permission(group=Group.APPLICATION, operate=Operate.READ,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
APPLICATION_CREATE = Permission(group=Group.APPLICATION, operate=Operate.CREATE,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
APPLICATION_DELETE = Permission(group=Group.APPLICATION, operate=Operate.DELETE,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
APPLICATION_EDIT = Permission(group=Group.APPLICATION, operate=Operate.EDIT,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
SETTING_READ = Permission(group=Group.SETTING, operate=Operate.READ,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
MODEL_READ = Permission(group=Group.MODEL, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])
MODEL_EDIT = Permission(group=Group.MODEL, operate=Operate.EDIT, roles=[RoleConstants.ADMIN, RoleConstants.USER])
MODEL_DELETE = Permission(group=Group.MODEL, operate=Operate.DELETE,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
MODEL_CREATE = Permission(group=Group.MODEL, operate=Operate.CREATE,
roles=[RoleConstants.ADMIN, RoleConstants.USER])
TEAM_READ = Permission(group=Group.TEAM, operate=Operate.READ, roles=[RoleConstants.ADMIN, RoleConstants.USER])
TEAM_CREATE = Permission(group=Group.TEAM, operate=Operate.CREATE, roles=[RoleConstants.ADMIN, RoleConstants.USER])
TEAM_DELETE = Permission(group=Group.TEAM, operate=Operate.DELETE, roles=[RoleConstants.ADMIN, RoleConstants.USER])
TEAM_EDIT = Permission(group=Group.TEAM, operate=Operate.EDIT, roles=[RoleConstants.ADMIN, RoleConstants.USER])
def get_permission_list_by_role(role: RoleConstants):
"""
根据角色 获取角色对应的权限
:param role: 角色
:return: 权限
"""
return list(map(lambda k: PermissionConstants[k],
list(filter(lambda k: PermissionConstants[k].value.roleList.__contains__(role),
PermissionConstants.__members__))))
class Auth:
"""
用于存储当前用户的角色和权限
"""
def __init__(self, role_list: List[RoleConstants], permission_list: List[PermissionConstants | Permission]
, client_id, client_type, current_role: RoleConstants, **keywords):
self.role_list = role_list
self.permission_list = permission_list
self.client_id = client_id
self.client_type = client_type
self.keywords = keywords
self.current_role = current_role
class CompareConstants(Enum):
# 或者
OR = "OR"
# 并且
AND = "AND"
class ViewPermission:
def __init__(self, roleList: List[RoleConstants], permissionList: List[PermissionConstants | object],
compare=CompareConstants.OR):
self.roleList = roleList
self.permissionList = permissionList
self.compare = compare
Reference in New Issue View Git Blame Copy Permalink