15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-26 10:12:51 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
MaxKB/apps/common/auth/authentication.py
shaohuzhang1 04642eb497
Some checks are pending
sync2gitee / repo-sync (push) Waiting to run
Details
feat: authentication
2025-04-15 20:37:38 +08:00

101 lines
4.0 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# coding=utf-8
"""
@project: MaxKB
@Author虎虎
@file authentication.py
@date2025/4/15 20:12
@desc:
"""
from typing import List
from django.utils.translation import gettext_lazy as _
from common.constants.permission_constants import PermissionConstants, RoleConstants, ViewPermission, CompareConstants, \
Permission
from common.exception.app_exception import AppUnauthorizedFailed
def exist_permissions_by_permission_constants(user_permission: List[PermissionConstants],
permission_list: List[PermissionConstants]):
"""
用户是否拥有 permission_list的权限
:param user_permission: 用户权限
:param permission_list: 需要的权限
:return: 是否拥有
"""
return any(list(map(lambda up: permission_list.__contains__(up), user_permission)))
def exist_role_by_role_constants(user_role: List[RoleConstants],
role_list: List[RoleConstants]):
"""
用户是否拥有这个角色
:param user_role: 用户角色
:param role_list: 需要拥有的角色
:return: 是否拥有
"""
return any(list(map(lambda up: role_list.__contains__(up), user_role)))
def exist_permissions_by_view_permission(user_role: List[RoleConstants],
user_permission: List[PermissionConstants | object],
permission: ViewPermission, request, **kwargs):
"""
用户是否存在这些权限
:param request:
:param user_role: 用户角色
:param user_permission: 用户权限
:param permission: 所属权限
:return: 是否存在 True False
"""
role_ok = any(list(map(lambda ur: permission.roleList.__contains__(ur), user_role)))
permission_list = [user_p(request, kwargs) if callable(user_p) else user_p for user_p in
permission.permissionList
]
permission_ok = any(list(map(lambda up: permission_list.__contains__(up),
user_permission)))
return role_ok | permission_ok if permission.compare == CompareConstants.OR else role_ok & permission_ok
def exist_permissions(user_role: List[RoleConstants], user_permission: List[PermissionConstants], permission, request,
**kwargs):
if isinstance(permission, ViewPermission):
return exist_permissions_by_view_permission(user_role, user_permission, permission, request, **kwargs)
if isinstance(permission, RoleConstants):
return exist_role_by_role_constants(user_role, [permission])
if isinstance(permission, PermissionConstants):
return exist_permissions_by_permission_constants(user_permission, [permission])
if isinstance(permission, Permission):
return user_permission.__contains__(permission)
return False
def exist(user_role: List[RoleConstants], user_permission: List[PermissionConstants], permission, request, **kwargs):
if callable(permission):
p = permission(request, kwargs)
return exist_permissions(user_role, user_permission, p, request)
return exist_permissions(user_role, user_permission, permission, request, **kwargs)
def has_permissions(*permission, compare=CompareConstants.OR):
"""
权限 role or permission
:param compare: 比较符号
:param permission: 如果是角色 role:roleId
:return: 权限装饰器函数,用于判断用户是否有权限访问当前接口
"""
def inner(func):
def run(view, request, **kwargs):
exit_list = list(
map(lambda p: exist(request.auth.current_role_list, request.auth.permission_list, p, request, **kwargs),
permission))
# 判断是否有权限
if any(exit_list) if compare == CompareConstants.OR else all(exit_list):
return func(view, request, **kwargs)
raise AppUnauthorizedFailed(403, _('No permission to access'))
return run
return inner
Reference in New Issue View Git Blame Copy Permalink