添加角色权限添加和删除接口

005d98bf · confusion · 5eea8ec6 · 005d98bf · 005d98bf · 005d98bf
Commit 005d98bf authored Jun 12, 2023 by confusion
Show whitespace changes
Inline Side-by-side

Showing with 102 additions and 12 deletions

permission.py api/permission.py +78 -5

permission.py schema/permission.py +12 -0

price.py service/price.py +12 -7

No files found.
--- a/api/permission.py
+++ b/api/permission.py
@@ -8,7 +8,7 @@ from exception.token import FundPermissionError
 from model import BaseResponse, Response
 from fastapi import APIRouter, Depends
-from schema.permission import CreateUserInfo, AllUsers
+from schema.permission import CreateUserInfo, AllUsers, DeleteUserInfo, UpdateRolePermission
 from service.permission import check_permission, find_user_permission, build_permission_tree, \
    find_all_sys_permission, find_all_roles
 from tools.jwt_tools import User
@@ -18,7 +18,7 @@ router = APIRouter()
 @router.post('/user/',
             response_model=BaseResponse,
-             summary='添加账号权限',
+             summary='给用户添加角色',
             description='给用户添加角色')
 async def create_permission(
        create_user_info: CreateUserInfo,
@@ -41,6 +41,31 @@ async def create_permission(
        raise FundPermissionError()
+@router.delete('/user/',
+               response_model=BaseResponse,
+               summary='删除账号角色',
+               description='删除账号角色')
+async def delete_permission(
+        delete_user_info: DeleteUserInfo,
+        user: User = Depends(get_current_user),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
+):
+    # 检查是否有权限添加用户
+    assert 'admin' not in delete_user_info.roles, FundPermissionError('无法删除 admin')  # 不可删除admin
+    is_auth = await check_permission([f'member_permission.{role}.add' for role in delete_user_info.roles],
+                                     delete_user_info.fund_id,
+                                     user.email, permission_user_collect,
+                                     permission_role_collect)
+    if is_auth:
+        query = {"fund_id": delete_user_info.fund_id, "email": delete_user_info.email}
+        update = {"$pull": {"roles": {"$each": delete_user_info.roles}}}
+        await permission_user_collect.update_one(query, update, upsert=True)
+        return Response(data='')
+    else:
+        raise FundPermissionError()
 @router.get('/user/',
            response_model=BaseResponse,
            summary='查询账号权限及角色',
@@ -64,8 +89,8 @@ async def query_account_permission(
 @router.get('/control/',
            response_model=BaseResponse,
-            summary='查询可管理的角色权限',
+            summary='查询所有角色',
-            description='查询可管理的角色权限')
+            description='查询所有角色')
 async def query_fund_id_permission(
        fund_id: str,
        user: User = Depends(get_current_user),
@@ -80,7 +105,7 @@ async def query_fund_id_permission(
    assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
    roles_data = await find_all_roles(fund_id=fund_id, permission_role_collect=permission_role_collect)
-    roles_data = [item for item in roles_data if (item['name'] not in roles and item["name"] != 'admin')]
+    roles_data = [item for item in roles_data if item["name"] != 'admin']
    permissions_tree = await find_all_sys_permission(fund_id=fund_id, all_permission_collect=all_permission_collect)
    return Response(data={'permission': permissions_tree['data'],
@@ -108,6 +133,54 @@ async def query_fund_all_users(
    all_users = await (permission_user_collect.find({'fund_id': fund_id}).to_list(length=None))
    return Response(data=all_users)
+@router.post('/auth/',
+             response_model=Response[List[AllUsers]],
+             summary='添加角色权限',
+             description='添加角色权限')
+async def add_role_permission(
+        update_role: UpdateRolePermission,
+        user: User = Depends(get_current_user),
+        # all_permission_collect: AgnosticCollection = Depends(get_all_permission_collect),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
+):
+    permissions, roles = await find_user_permission(fund_id=update_role.fund_id,
+                                                    email=user.email,
+                                                    permission_user_collect=permission_user_collect,
+                                                    permission_role_collect=permission_role_collect)
+    assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
+    query = {"fund_id": update_role.fund_id, "name": update_role.name}
+    update = {"$addToSet": {"permissions": {"$each": update_role.permissions}}}
+    await permission_role_collect.update_one(query, update, upsert=True)
+    return Response(data='')
+@router.delete('/auth/',
+               response_model=Response[List[AllUsers]],
+               summary='删除角色权限',
+               description='删除角色权限')
+async def remove_role_permission(
+        update_role: UpdateRolePermission,
+        user: User = Depends(get_current_user),
+        # all_permission_collect: AgnosticCollection = Depends(get_all_permission_collect),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
+):
+    permissions, roles = await find_user_permission(fund_id=update_role.fund_id,
+                                                    email=user.email,
+                                                    permission_user_collect=permission_user_collect,
+                                                    permission_role_collect=permission_role_collect)
+    assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
+    query = {"fund_id": update_role.fund_id, "name": update_role.name}
+    update = {"$pull": {"permissions": {"$each": update_role.permissions}}}
+    await permission_role_collect.update_one(query, update, upsert=True)
+    return Response(data='')
 # @router.get('/roles/',
 #             response_model=BaseResponse,
 #             summary='查询所有角色',

--- a/schema/permission.py
+++ b/schema/permission.py
@@ -31,12 +31,24 @@ class CreateRole(BaseModel):
    remark: str = Field(None, description='备注')
+class UpdateRolePermission(BaseModel):
+    name: str = Field(..., description='角色名')
+    fund_id: str = Field(..., description='基金id')
+    permissions: List[str] = Field(..., description='修改的权限')
 class CreateUserInfo(BaseModel):
    fund_id: str = Field(..., description='基金id')
    email: str = Field(..., description='用户中心email')
    roles: List[str] = Field(..., description='角色')
+class DeleteUserInfo(BaseModel):
+    fund_id: str = Field(..., description='基金id')
+    email: str = Field(..., description='用户中心email')
+    roles: List[str] = Field(..., description='角色')
 class AllUsers(BaseModel):
    email: str = Field(..., description='用户中心email')
    roles: List[str] = Field(..., description='角色')
--- a/service/price.py
+++ b/service/price.py
@@ -197,6 +197,9 @@ class CMCPrice:
        await self.load_base_coins()
        symbol_list = [symbol] if symbol else self.base_coins
        for symbol in symbol_list:
+            if symbol == 'USD':
+                continue
+            try:
                logger.info(f'[开始更新] [{symbol}]')
                last_data = await self.query_last_data(symbol)
                start_time = last_data['time']
@@ -204,6 +207,8 @@ class CMCPrice:
                logger.info(f'[更新数据] [{symbol}] [从{start_time}开始]')
                await self.start_task(symbol, start_time)
                logger.info(f'[更新完成] [{symbol}]')
+            except Exception as e:
+                logger.error(f'更新 [{symbol}] 失败！！ 「{e}」')
    async def get_index_price_map(self, symbol_list):
        await self.init()