Skip to content

P
PyFund
Commit 629021f0 authored by 陈涛's avatar 陈涛
Browse files
Options

Merge remote-tracking branch 'origin/main'

parents 86339fda cedccfff
Hide whitespace changes
Inline Side-by-side
Showing with 136 additions and 313 deletions
api/bill.py
View file @ 629021f0
...@@ -2,7 +2,8 @@ from typing import Union, List, Any ...@@ -2,7 +2,8 @@ from typing import Union, List, Any
from fastapi import APIRouter, Depends, Query from fastapi import APIRouter, Depends, Query
from motor.core import AgnosticCollection from motor.core import AgnosticCollection
from dependencies import get_current_user, get_fund_collect, get_bill_collect from dependencies import get_current_user, get_fund_collect, get_bill_collect, get_permission_user_collect, \
get_permission_role_collect
from model import Response, Page, PageResponse, SortParams, FilterTime from model import Response, Page, PageResponse, SortParams, FilterTime
from model.bill import PCFBill, ExchangeBill, AdjustBill, StakingBill from model.bill import PCFBill, ExchangeBill, AdjustBill, StakingBill
from model.node import BaseNode from model.node import BaseNode
...@@ -13,9 +14,17 @@ from schema.node import BindNode ...@@ -13,9 +14,17 @@ from schema.node import BindNode
from service.beacon import BeaconChaService from service.beacon import BeaconChaService
from service.bill import update_bill from service.bill import update_bill
from service.fund import query_fund_assets_and_nodes, update_fund from service.fund import query_fund_assets_and_nodes, update_fund
from service.permission import check_permission
from tools.jwt_tools import User from tools.jwt_tools import User
router = APIRouter() router = APIRouter()
bill_type_to_permission = {
"sub": 'sub_redeem_bill',
"redemption": 'sub_redeem_bill',
"exchange": 'swap_bill',
"staking": 'staking_bill',
"adjust": 'adjust_bill'
}
@router.post('/pcf/', @router.post('/pcf/',
...@@ -28,13 +37,19 @@ async def create_pcf( ...@@ -28,13 +37,19 @@ async def create_pcf(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
await check_permission(['data_permission.sub_redeem_bill.add'],
create_pcf_bill.fund_id,
user.email, permission_user_collect,
permission_role_collect)
delta_volume = create_pcf_bill.volume if create_pcf_bill.bill_type == PCFBillType.sub else -create_pcf_bill.volume delta_volume = create_pcf_bill.volume if create_pcf_bill.bill_type == PCFBillType.sub else -create_pcf_bill.volume
assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(fund_collect, assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(
create_pcf_bill.fund_id, fund_collect=fund_collect,
user.id, fund_id=create_pcf_bill.fund_id,
FundStatus.active) fund_status=FundStatus.active)
assets.setdefault(create_pcf_bill.currency, 0) assets.setdefault(create_pcf_bill.currency, 0)
# 如果是赎回 判断余额是否够 # 如果是赎回 判断余额是否够
assert assets[create_pcf_bill.currency] + delta_volume >= 0, "余额不足" assert assets[create_pcf_bill.currency] + delta_volume >= 0, "余额不足"
...@@ -55,11 +70,17 @@ async def create_exchange( ...@@ -55,11 +70,17 @@ async def create_exchange(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(fund_collect, await check_permission(['data_permission.swap_bill.add'],
create_exchange_bill.fund_id, create_exchange_bill.fund_id,
user.id, user.email, permission_user_collect,
FundStatus.active) permission_role_collect)
assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(
fund_collect=fund_collect,
fund_id=create_exchange_bill.fund_id,
fund_status=FundStatus.active)
assets.setdefault(create_exchange_bill.output_currency, 0) assets.setdefault(create_exchange_bill.output_currency, 0)
assets.setdefault(create_exchange_bill.input_currency, 0) assets.setdefault(create_exchange_bill.input_currency, 0)
assert assets[ assert assets[
...@@ -87,11 +108,18 @@ async def create_adjust( ...@@ -87,11 +108,18 @@ async def create_adjust(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(fund_collect, await check_permission(['data_permission.adjust_bill.add'],
create_adjust_bill.fund_id, create_adjust_bill.fund_id,
user.id, user.email, permission_user_collect,
FundStatus.active) permission_role_collect)
assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(
fund_collect=fund_collect,
fund_id=create_adjust_bill.fund_id,
fund_status=FundStatus.active)
adjust_assets.setdefault(create_adjust_bill.currency, 0) adjust_assets.setdefault(create_adjust_bill.currency, 0)
adjust_assets.setdefault('fund_share', 0) adjust_assets.setdefault('fund_share', 0)
adjust_assets[create_adjust_bill.currency] += create_adjust_bill.volume adjust_assets[create_adjust_bill.currency] += create_adjust_bill.volume
...@@ -114,10 +142,16 @@ async def create_staking_api( ...@@ -114,10 +142,16 @@ async def create_staking_api(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
beacon_service: BeaconChaService = Depends(BeaconChaService) beacon_service: BeaconChaService = Depends(BeaconChaService),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
await check_permission(['data_permission.staking_bill.add'],
create_staking_bill.fund_id,
user.email, permission_user_collect,
permission_role_collect)
assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(fund_collect, assets, adjust_assets, pending_assets, staking_assets, nodes = await query_fund_assets_and_nodes(fund_collect,
user_id=user.id,
fund_id=create_staking_bill.fund_id, fund_id=create_staking_bill.fund_id,
fund_status=FundStatus.active) fund_status=FundStatus.active)
assert assets.get(create_staking_bill.currency, 0) >= create_staking_bill.volume, '余额不足' assert assets.get(create_staking_bill.currency, 0) >= create_staking_bill.volume, '余额不足'
...@@ -158,11 +192,16 @@ async def update_pcf_bill( ...@@ -158,11 +192,16 @@ async def update_pcf_bill(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
await check_permission(['data_permission.sub_redeem_bill.edit'],
fund_id,
user.email, permission_user_collect,
permission_role_collect)
response = await update_bill( response = await update_bill(
bill_id=bill_id, bill_id=bill_id,
fund_id=fund_id, fund_id=fund_id,
user_id=user.id,
update_data=update_item, update_data=update_item,
fund_collect=fund_collect, fund_collect=fund_collect,
bill_collect=bill_collect, bill_collect=bill_collect,
...@@ -183,11 +222,16 @@ async def update_exchange_bill( ...@@ -183,11 +222,16 @@ async def update_exchange_bill(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
await check_permission(['data_permission.swap_bill.edit'],
fund_id,
user.email, permission_user_collect,
permission_role_collect)
response = await update_bill( response = await update_bill(
bill_id=bill_id, bill_id=bill_id,
fund_id=fund_id, fund_id=fund_id,
user_id=user.id,
update_data=update_item, update_data=update_item,
fund_collect=fund_collect, fund_collect=fund_collect,
bill_collect=bill_collect, bill_collect=bill_collect,
...@@ -208,11 +252,16 @@ async def update_adjust_bill( ...@@ -208,11 +252,16 @@ async def update_adjust_bill(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
await check_permission(['data_permission.adjust_bill.edit'],
fund_id,
user.email, permission_user_collect,
permission_role_collect)
response = await update_bill( response = await update_bill(
bill_id=bill_id, bill_id=bill_id,
fund_id=fund_id, fund_id=fund_id,
user_id=user.id,
update_data=update_item, update_data=update_item,
fund_collect=fund_collect, fund_collect=fund_collect,
bill_collect=bill_collect, bill_collect=bill_collect,
...@@ -233,11 +282,16 @@ async def update_staking_bill( ...@@ -233,11 +282,16 @@ async def update_staking_bill(
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
fund_collect: AgnosticCollection = Depends(get_fund_collect), fund_collect: AgnosticCollection = Depends(get_fund_collect),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
await check_permission(['data_permission.staking_bill.edit'],
fund_id,
user.email, permission_user_collect,
permission_role_collect)
response = await update_bill( response = await update_bill(
bill_id=bill_id, bill_id=bill_id,
fund_id=fund_id, fund_id=fund_id,
user_id=user.id,
update_data=update_item, update_data=update_item,
fund_collect=fund_collect, fund_collect=fund_collect,
bill_collect=bill_collect, bill_collect=bill_collect,
...@@ -259,8 +313,15 @@ async def query_bill( ...@@ -259,8 +313,15 @@ async def query_bill(
page: Page = Depends(Page), page: Page = Depends(Page),
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
query = {"fund_id": fund_id, "user_id": user.id, "bill_type": {'$in': query}} await check_permission([f'data_permission.{bill_type_to_permission[item.value]}.query' for item in query],
fund_id,
user.email, permission_user_collect,
permission_role_collect)
query = {"fund_id": fund_id, "bill_type": {'$in': query}}
if filter_time.start_time and filter_time.end_time: if filter_time.start_time and filter_time.end_time:
query.update({'record_time': filter_time.to_mongodb_query()}) query.update({'record_time': filter_time.to_mongodb_query()})
count = await bill_collect.count_documents(query) count = await bill_collect.count_documents(query)
...@@ -282,8 +343,15 @@ async def query_bill( ...@@ -282,8 +343,15 @@ async def query_bill(
bill_id: str, bill_id: str,
bill_type: AllBillType, bill_type: AllBillType,
bill_collect: AgnosticCollection = Depends(get_bill_collect), bill_collect: AgnosticCollection = Depends(get_bill_collect),
user: User = Depends(get_current_user) user: User = Depends(get_current_user),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
query = {"fund_id": fund_id, "user_id": user.id, "bill_type": bill_type, "id": bill_id} await check_permission([f'data_permission.{bill_type_to_permission[bill_type.value]}.delete'],
fund_id,
user.email, permission_user_collect,
permission_role_collect)
query = {"fund_id": fund_id, "bill_type": bill_type, "id": bill_id}
await bill_collect.delete_one(query) await bill_collect.delete_one(query)
return Response() return Response()
api/fund.py
View file @ 629021f0
...@@ -93,13 +93,18 @@ async def update( ...@@ -93,13 +93,18 @@ async def update(
fund_id: str, fund_id: str,
update_fund_data: UpdateFund, update_fund_data: UpdateFund,
user: User = Depends(get_current_user), user: User = Depends(get_current_user),
permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect),
fund_collect: AgnosticCollection = Depends(get_fund_collect) fund_collect: AgnosticCollection = Depends(get_fund_collect)
): ):
# 验证权限
await check_permission(['data_permission.fund.update_info'], fund_id, user.email, permission_user_collect,
permission_role_collect)
db_update_data = update_fund_data.dict(exclude_unset=True) db_update_data = update_fund_data.dict(exclude_unset=True)
db_update_data.update({ db_update_data.update({
"update_time": int(datetime.datetime.utcnow().timestamp()) "update_time": int(datetime.datetime.utcnow().timestamp())
}) })
data = await fund_collect.find_one_and_update({'id': fund_id, 'user_id': user.id}, {'$set': db_update_data}, data = await fund_collect.find_one_and_update({'id': fund_id}, {'$set': db_update_data},
return_document=ReturnDocument.AFTER) return_document=ReturnDocument.AFTER)
assert data, NotFundError() assert data, NotFundError()
response_model = fund_type_map[data['fund_type']] response_model = fund_type_map[data['fund_type']]
...@@ -116,11 +121,10 @@ async def get( ...@@ -116,11 +121,10 @@ async def get(
permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect) permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
): ):
# 验证权限 # 验证权限
if not await check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect, await check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect,
permission_role_collect): permission_role_collect)
raise FundPermissionError()
data = await fund_collect.find_one({'id': fund_id, 'user_id': user.id}) data = await fund_collect.find_one({'id': fund_id})
assert data, NotFundError() assert data, NotFundError()
response_model = fund_type_map[data['fund_type']] response_model = fund_type_map[data['fund_type']]
...@@ -149,7 +153,7 @@ async def get( ...@@ -149,7 +153,7 @@ async def get(
fund_id = item['fund_id'] fund_id = item['fund_id']
task = g.create_task( task = g.create_task(
check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect, check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect,
permission_role_collect)) permission_role_collect, raise_exception=False))
tasks[fund_id] = task tasks[fund_id] = task
auth_fund_list = [k for k, v in tasks.items() if v.result()] auth_fund_list = [k for k, v in tasks.items() if v.result()]
......
api/permission.py
View file @ 629021f0
...@@ -28,17 +28,14 @@ async def create_permission( ...@@ -28,17 +28,14 @@ async def create_permission(
): ):
# 检查是否有权限添加用户 # 检查是否有权限添加用户
assert 'admin' not in create_user_info.roles, FundPermissionError() # 不可添加admin assert 'admin' not in create_user_info.roles, FundPermissionError() # 不可添加admin
is_auth = await check_permission([f'member_permission.{role}.add' for role in create_user_info.roles], await check_permission([f'member_permission.{role}.add' for role in create_user_info.roles],
create_user_info.fund_id, create_user_info.fund_id,
user.email, permission_user_collect, user.email, permission_user_collect,
permission_role_collect) permission_role_collect)
if is_auth: query = {"fund_id": create_user_info.fund_id, "email": create_user_info.email}
query = {"fund_id": create_user_info.fund_id, "email": create_user_info.email} update = {"$addToSet": {"roles": {"$each": create_user_info.roles}}}
update = {"$addToSet": {"roles": {"$each": create_user_info.roles}}} await permission_user_collect.update_one(query, update, upsert=True)
await permission_user_collect.update_one(query, update, upsert=True) return Response(data='')
return Response(data='')
else:
raise FundPermissionError()
@router.delete('/user/', @router.delete('/user/',
...@@ -53,17 +50,14 @@ async def delete_permission( ...@@ -53,17 +50,14 @@ async def delete_permission(
): ):
# 检查是否有权限添加用户 # 检查是否有权限添加用户
assert 'admin' not in delete_user_info.roles, FundPermissionError('无法删除 admin') # 不可删除admin assert 'admin' not in delete_user_info.roles, FundPermissionError('无法删除 admin') # 不可删除admin
is_auth = await check_permission([f'member_permission.{role}.add' for role in delete_user_info.roles], await check_permission([f'member_permission.{role}.add' for role in delete_user_info.roles],
delete_user_info.fund_id, delete_user_info.fund_id,
user.email, permission_user_collect, user.email, permission_user_collect,
permission_role_collect) permission_role_collect)
if is_auth: query = {"fund_id": delete_user_info.fund_id, "email": delete_user_info.email}
query = {"fund_id": delete_user_info.fund_id, "email": delete_user_info.email} update = {"$pull": {"roles": {"$in": delete_user_info.roles}}}
update = {"$pull": {"roles": {"$each": delete_user_info.roles}}} await permission_user_collect.update_one(query, update, upsert=True)
await permission_user_collect.update_one(query, update, upsert=True) return Response(data='')
return Response(data='')
else:
raise FundPermissionError()
@router.get('/user/', @router.get('/user/',
...@@ -135,7 +129,7 @@ async def query_fund_all_users( ...@@ -135,7 +129,7 @@ async def query_fund_all_users(
@router.post('/auth/', @router.post('/auth/',
response_model=Response[List[AllUsers]], response_model=BaseResponse,
summary='添加角色权限', summary='添加角色权限',
description='添加角色权限') description='添加角色权限')
async def add_role_permission( async def add_role_permission(
...@@ -159,7 +153,7 @@ async def add_role_permission( ...@@ -159,7 +153,7 @@ async def add_role_permission(
@router.delete('/auth/', @router.delete('/auth/',
response_model=Response[List[AllUsers]], response_model=BaseResponse,
summary='删除角色权限', summary='删除角色权限',
description='删除角色权限') description='删除角色权限')
async def remove_role_permission( async def remove_role_permission(
...@@ -176,7 +170,7 @@ async def remove_role_permission( ...@@ -176,7 +170,7 @@ async def remove_role_permission(
assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError() assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
query = {"fund_id": update_role.fund_id, "name": update_role.name} query = {"fund_id": update_role.fund_id, "name": update_role.name}
update = {"$pull": {"permissions": {"$each": update_role.permissions}}} update = {"$pull": {"permissions": {"$in": update_role.permissions}}}
await permission_role_collect.update_one(query, update, upsert=True) await permission_role_collect.update_one(query, update, upsert=True)
return Response(data='') return Response(data='')
......
service/bill.py
View file @ 629021f0
...@@ -47,10 +47,10 @@ async def create_staking( ...@@ -47,10 +47,10 @@ async def create_staking(
async def update_bill( async def update_bill(
bill_id: str, fund_id: str, user_id: str, update_data: [], fund_collect, bill_collect, bill_id: str, fund_id: str, update_data: [], fund_collect, bill_collect,
res_model: Type[DataT] res_model: Type[DataT]
) -> Response[DataT]: ) -> Response[DataT]:
fund = await fund_collect.find_one({'id': fund_id, 'user_id': user_id}) fund = await fund_collect.find_one({'id': fund_id})
assert fund, NotFundError() assert fund, NotFundError()
db_update_data = update_data.dict(exclude_unset=True) db_update_data = update_data.dict(exclude_unset=True)
db_update_data.update({ db_update_data.update({
......
service/permission.py
View file @ 629021f0
...@@ -2,259 +2,9 @@ import json ...@@ -2,259 +2,9 @@ import json
from motor.core import AgnosticCollection from motor.core import AgnosticCollection
from exception.token import FundPermissionError
from schema.permission import CreateRole, CreateUserInfo from schema.permission import CreateRole, CreateUserInfo
# sys_permission_table = [
# {
# "code": 'data_permission',
# "label": "数据管理权限",
# "children": [
# # 基金管理
# {
# "code": "data_permission.fund",
# "label": '基金管理',
# "children": [
# {
# "code": "data_permission.fund.query_info",
# "label": "查询基金基础信息"
# },
# {
# "code": "data_permission.fund.update_info",
# "label": "更新基金基础信息"
# },
# {
# "code": "data_permission.fund.query_list",
# "label": "查询基金列表"
# },
# {
# "code": "data_permission.fund.query_asset",
# "label": "访问账目页面"
# },
# ]
# },
# # 质押节点
# {
# "code": "data_permission.node",
# "label": '质押节点',
# "children": [
# {
# "code": "data_permission.node.bind_node",
# "label": "绑定节点"
# },
# {
# "code": "data_permission.node.untie_node",
# "label": "解绑节点"
# },
# {
# "code": "data_permission.node.query_node",
# "label": "查询节点"
# }
# ]
# },
# # 账目-申购/赎回
# {
# "code": "data_permission.sub_redeem_bill",
# "label": '账目-申购/赎回',
# "children": [
# {
# "code": "data_permission.sub_redeem_bill.add",
# "label": "添加"
# },
# {
# "code": "data_permission.sub_redeem_bill.delete",
# "label": "删除"
# },
# {
# "code": "data_permission.sub_redeem_bill.edit",
# "label": "修改"
# },
# {
# "code": "data_permission.sub_redeem_bill.query",
# "label": "查询"
# },
# ]
# },
# # 账目-换币
# {
# "code": "data_permission.swap_bill",
# "label": '账目-换币',
# "children": [
# {
# "code": "data_permission.swap_bill.add",
# "label": "添加"
# },
# {
# "code": "data_permission.swap_bill.delete",
# "label": "删除"
# },
# {
# "code": "data_permission.swap_bill.edit",
# "label": "修改"
# },
# {
# "code": "data_permission.swap_bill.query",
# "label": "查询"
# },
# ]
# },
# # 账目-质押
# {
# "code": "data_permission.staking_bill",
# "label": '账目-质押',
# "children": [
# {
# "code": "data_permission.staking_bill.add",
# "label": "添加"
# },
# {
# "code": "data_permission.staking_bill.delete",
# "label": "删除"
# },
# {
# "code": "data_permission.staking_bill.edit",
# "label": "修改"
# },
# {
# "code": "data_permission.staking_bill.query",
# "label": "查询"
# },
# ]
# },
# # 账目-调整账户
# {
# "code": "data_permission.adjust_bill",
# "label": '账目-调整账户',
# "children": [
# {
# "code": "data_permission.adjust_bill.add",
# "label": "添加"
# },
# {
# "code": "data_permission.adjust_bill.delete",
# "label": "删除"
# },
# {
# "code": "data_permission.adjust_bill.edit",
# "label": "修改"
# },
# {
# "code": "data_permission.adjust_bill.query",
# "label": "查询"
# },
# ]
# },
# # 净值管理
# {
# "code": "data_permission.nav",
# "label": '净值管理',
# "children": [
# {
# "code": "data_permission.nav.recalculate",
# "label": "基金重新计算净值"
# },
# {
# "code": "data_permission.nav.add",
# "label": "新增"
# },
# {
# "code": "data_permission.nav.delete",
# "label": "删除"
# },
# {
# "code": "data_permission.nav.edit",
# "label": "修改"
# },
# {
# "code": "data_permission.nav.query",
# "label": "查询"
# },
# ]
# },
# ]
# },
# {
# "code": 'role_permission',
# "label": "角色管理权限",
# "children": [
# # 角色的管理
# {
# "code": "role_permission.role",
# "label": '角色管理',
# "children": [
# {
# "code": "role_permission.role.add",
# "label": "添加"
# },
# {
# "code": "role_permission.role.delete",
# "label": "删除"
# },
# {
# "code": "role_permission.role.edit",
# "label": "修改"
# },
# {
# "code": "role_permission.role.query",
# "label": "查询"
# },
# ]
# },
# ]
# },
# {
# "code": 'member_permission',
# "label": "人员管理权限",
# "children": [
# # 基金经理人员的管理
# {
# "code": "member_permission.fund_manager",
# "label": '基金经理',
# "children": [
# {
# "code": "member_permission.fund_manager.add",
# "label": "添加"
# },
# {
# "code": "member_permission.fund_manager.delete",
# "label": "删除"
# },
# {
# "code": "member_permission.fund_manager.edit",
# "label": "修改"
# },
# {
# "code": "member_permission.fund_manager.query",
# "label": "查询"
# },
# ]
# },
# # 基金经理助理
# {
# "code": "member_permission.fund_manager_assistant",
# "label": '基金经理助理',
# "children": [
# {
# "code": "member_permission.fund_manager_assistant.add",
# "label": "添加"
# },
# {
# "code": "member_permission.fund_manager_assistant.delete",
# "label": "删除"
# },
# {
# "code": "member_permission.fund_manager_assistant.edit",
# "label": "修改"
# },
# {
# "code": "member_permission.fund_manager_assistant.query",
# "label": "查询"
# },
# ]
# },
# ]
# }
# ]
sys_default_permission = { sys_default_permission = {
"data_permission": { "data_permission": {
"label": "数据管理权限", "label": "数据管理权限",
...@@ -268,11 +18,11 @@ sys_default_permission = { ...@@ -268,11 +18,11 @@ sys_default_permission = {
"data_permission.fund.update_info": { "data_permission.fund.update_info": {
"label": "更新基金基础信息" "label": "更新基金基础信息"
}, },
"data_permission.fund.query_list": { # "data_permission.fund.query_list": {
"label": "查询基金列表" # "label": "查询基金列表"
}, # },
"data_permission.fund.query_asset": { "data_permission.fund.query_asset": {
"label": "访问账目页面" "label": "查询资产"
} }
} }
}, },
...@@ -570,7 +320,7 @@ async def find_all_roles(fund_id, permission_role_collect: AgnosticCollection): ...@@ -570,7 +320,7 @@ async def find_all_roles(fund_id, permission_role_collect: AgnosticCollection):
async def check_permission(for_check_permission_list, fund_id, email, permission_user_collect, async def check_permission(for_check_permission_list, fund_id, email, permission_user_collect,
permission_role_collect): permission_role_collect, raise_exception=True):
""" """
验证的权限同时都满足 返回True 否则返回False 验证的权限同时都满足 返回True 否则返回False
:param for_check_permission_list: :param for_check_permission_list:
...@@ -578,18 +328,25 @@ async def check_permission(for_check_permission_list, fund_id, email, permission ...@@ -578,18 +328,25 @@ async def check_permission(for_check_permission_list, fund_id, email, permission
:param email: :param email:
:param permission_user_collect: :param permission_user_collect:
:param permission_role_collect: :param permission_role_collect:
:param raise_exception: 是否抛出异常
:return: :return:
""" """
this_fund_role = await permission_user_collect.find_one({'email': email, 'fund_id': fund_id}) this_fund_role = await permission_user_collect.find_one({'email': email, 'fund_id': fund_id})
if not this_fund_role: if not this_fund_role:
return False if raise_exception:
raise FundPermissionError()
else:
return FundPermissionError
else: else:
permission_list, roles = await find_user_permission(fund_id, email, permission_user_collect, permission_list, roles = await find_user_permission(fund_id, email, permission_user_collect,
permission_role_collect) permission_role_collect)
if all(x in permission_list for x in for_check_permission_list): if all(x in permission_list for x in for_check_permission_list):
return True return True
else: else:
return False if raise_exception:
raise FundPermissionError()
else:
return FundPermissionError
async def find_user_permission(fund_id, email, permission_user_collect, permission_role_collect): async def find_user_permission(fund_id, email, permission_user_collect, permission_role_collect):
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment