添加角色权限添加和删除接口

api/permission.py

@@ -8,7 +8,7 @@ from exception.token import FundPermissionError
 from model import BaseResponse, Response
 from fastapi import APIRouter, Depends
 
-from schema.permission import CreateUserInfo, AllUsers
+from schema.permission import CreateUserInfo, AllUsers, DeleteUserInfo, UpdateRolePermission
 from service.permission import check_permission, find_user_permission, build_permission_tree, \
     find_all_sys_permission, find_all_roles
 from tools.jwt_tools import User
@@ -18,7 +18,7 @@ router = APIRouter()
 
 @router.post('/user/',
              response_model=BaseResponse,
-             summary='添加账号权限',
+             summary='给用户添加角色',
              description='给用户添加角色')
 async def create_permission(
         create_user_info: CreateUserInfo,
@@ -41,6 +41,31 @@ async def create_permission(
         raise FundPermissionError()
 
 
+@router.delete('/user/',
+               response_model=BaseResponse,
+               summary='删除账号角色',
+               description='删除账号角色')
+async def delete_permission(
+        delete_user_info: DeleteUserInfo,
+        user: User = Depends(get_current_user),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
+):
+    # 检查是否有权限添加用户
+    assert 'admin' not in delete_user_info.roles, FundPermissionError('无法删除 admin')  # 不可删除admin
+    is_auth = await check_permission([f'member_permission.{role}.add' for role in delete_user_info.roles],
+                                     delete_user_info.fund_id,
+                                     user.email, permission_user_collect,
+                                     permission_role_collect)
+    if is_auth:
+        query = {"fund_id": delete_user_info.fund_id, "email": delete_user_info.email}
+        update = {"$pull": {"roles": {"$each": delete_user_info.roles}}}
+        await permission_user_collect.update_one(query, update, upsert=True)
+        return Response(data='')
+    else:
+        raise FundPermissionError()
+
+
 @router.get('/user/',
             response_model=BaseResponse,
             summary='查询账号权限及角色',
@@ -64,8 +89,8 @@ async def query_account_permission(
 
 @router.get('/control/',
             response_model=BaseResponse,
-            summary='查询可管理的角色权限',
-            description='查询可管理的角色权限')
+            summary='查询所有角色',
+            description='查询所有角色')
 async def query_fund_id_permission(
         fund_id: str,
         user: User = Depends(get_current_user),
@@ -80,7 +105,7 @@ async def query_fund_id_permission(
     assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
 
     roles_data = await find_all_roles(fund_id=fund_id, permission_role_collect=permission_role_collect)
-    roles_data = [item for item in roles_data if (item['name'] not in roles and item["name"] != 'admin')]
+    roles_data = [item for item in roles_data if item["name"] != 'admin']
 
     permissions_tree = await find_all_sys_permission(fund_id=fund_id, all_permission_collect=all_permission_collect)
     return Response(data={'permission': permissions_tree['data'],
@@ -108,6 +133,54 @@ async def query_fund_all_users(
     all_users = await (permission_user_collect.find({'fund_id': fund_id}).to_list(length=None))
     return Response(data=all_users)
 
+
+@router.post('/auth/',
+             response_model=Response[List[AllUsers]],
+             summary='添加角色权限',
+             description='添加角色权限')
+async def add_role_permission(
+        update_role: UpdateRolePermission,
+        user: User = Depends(get_current_user),
+        # all_permission_collect: AgnosticCollection = Depends(get_all_permission_collect),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
+):
+    permissions, roles = await find_user_permission(fund_id=update_role.fund_id,
+                                                    email=user.email,
+                                                    permission_user_collect=permission_user_collect,
+                                                    permission_role_collect=permission_role_collect)
+    assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
+
+    query = {"fund_id": update_role.fund_id, "name": update_role.name}
+    update = {"$addToSet": {"permissions": {"$each": update_role.permissions}}}
+
+    await permission_role_collect.update_one(query, update, upsert=True)
+    return Response(data='')
+
+
+@router.delete('/auth/',
+               response_model=Response[List[AllUsers]],
+               summary='删除角色权限',
+               description='删除角色权限')
+async def remove_role_permission(
+        update_role: UpdateRolePermission,
+        user: User = Depends(get_current_user),
+        # all_permission_collect: AgnosticCollection = Depends(get_all_permission_collect),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
+):
+    permissions, roles = await find_user_permission(fund_id=update_role.fund_id,
+                                                    email=user.email,
+                                                    permission_user_collect=permission_user_collect,
+                                                    permission_role_collect=permission_role_collect)
+    assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
+
+    query = {"fund_id": update_role.fund_id, "name": update_role.name}
+    update = {"$pull": {"permissions": {"$each": update_role.permissions}}}
+
+    await permission_role_collect.update_one(query, update, upsert=True)
+    return Response(data='')
+
 # @router.get('/roles/',
 #             response_model=BaseResponse,
 #             summary='查询所有角色',

schema/permission.py

@@ -31,12 +31,24 @@ class CreateRole(BaseModel):
     remark: str = Field(None, description='备注')
 
 
+class UpdateRolePermission(BaseModel):
+    name: str = Field(..., description='角色名')
+    fund_id: str = Field(..., description='基金id')
+    permissions: List[str] = Field(..., description='修改的权限')
+
+
 class CreateUserInfo(BaseModel):
     fund_id: str = Field(..., description='基金id')
     email: str = Field(..., description='用户中心email')
     roles: List[str] = Field(..., description='角色')
 
 
+class DeleteUserInfo(BaseModel):
+    fund_id: str = Field(..., description='基金id')
+    email: str = Field(..., description='用户中心email')
+    roles: List[str] = Field(..., description='角色')
+
+
 class AllUsers(BaseModel):
     email: str = Field(..., description='用户中心email')
     roles: List[str] = Field(..., description='角色')

service/price.py

@@ -197,13 +197,18 @@ class CMCPrice:
         await self.load_base_coins()
         symbol_list = [symbol] if symbol else self.base_coins
         for symbol in symbol_list:
-            logger.info(f'[开始更新] [{symbol}]')
-            last_data = await self.query_last_data(symbol)
-            start_time = last_data['time']
-            # 新建进度
-            logger.info(f'[更新数据] [{symbol}] [从{start_time}开始]')
-            await self.start_task(symbol, start_time)
-            logger.info(f'[更新完成] [{symbol}]')
+            if symbol == 'USD':
+                continue
+            try:
+                logger.info(f'[开始更新] [{symbol}]')
+                last_data = await self.query_last_data(symbol)
+                start_time = last_data['time']
+                # 新建进度
+                logger.info(f'[更新数据] [{symbol}] [从{start_time}开始]')
+                await self.start_task(symbol, start_time)
+                logger.info(f'[更新完成] [{symbol}]')
+            except Exception as e:
+                logger.error(f'更新 [{symbol}] 失败！！ 「{e}」')
 
     async def get_index_price_map(self, symbol_list):
         await self.init()