Merge remote-tracking branch 'origin/main'

629021f0 · 陈涛 · 86339fda · cedccfff · 629021f0 · 629021f0
Commit 629021f0 authored Jun 16, 2023 by 陈涛
Showing with 136 additions and 313 deletions

bill.py api/bill.py +90 -22

fund.py api/fund.py +10 -6

permission.py api/permission.py +19 -25

bill.py service/bill.py +2 -2

permission.py service/permission.py +15 -258

No files found.
--- a/api/bill.py
+++ b/api/bill.py
--- a/api/fund.py
+++ b/api/fund.py
@@ -93,13 +93,18 @@ async def update(
        fund_id: str,
        update_fund_data: UpdateFund,
        user: User = Depends(get_current_user),
+        permission_user_collect: AgnosticCollection = Depends(get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect),
        fund_collect: AgnosticCollection = Depends(get_fund_collect)
 ):
+    # 验证权限
+    await check_permission(['data_permission.fund.update_info'], fund_id, user.email, permission_user_collect,
+                           permission_role_collect)
    db_update_data = update_fund_data.dict(exclude_unset=True)
    db_update_data.update({
        "update_time": int(datetime.datetime.utcnow().timestamp())
    })
-    data = await fund_collect.find_one_and_update({'id': fund_id, 'user_id': user.id}, {'$set': db_update_data},
+    data = await fund_collect.find_one_and_update({'id': fund_id}, {'$set': db_update_data},
                                                  return_document=ReturnDocument.AFTER)
    assert data, NotFundError()
    response_model = fund_type_map[data['fund_type']]
@@ -116,11 +121,10 @@ async def get(
        permission_role_collect: AgnosticCollection = Depends(get_permission_role_collect)
 ):
    # 验证权限
-    if not await check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect,
+    await check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect,
-                                  permission_role_collect):
+                           permission_role_collect)
-        raise FundPermissionError()
-    data = await fund_collect.find_one({'id': fund_id, 'user_id': user.id})
+    data = await fund_collect.find_one({'id': fund_id})
    assert data, NotFundError()
    response_model = fund_type_map[data['fund_type']]
@@ -149,7 +153,7 @@ async def get(
            fund_id = item['fund_id']
            task = g.create_task(
                check_permission(['data_permission.fund.query_info'], fund_id, user.email, permission_user_collect,
-                                 permission_role_collect))
+                                 permission_role_collect, raise_exception=False))
            tasks[fund_id] = task
    auth_fund_list = [k for k, v in tasks.items() if v.result()]

--- a/api/permission.py
+++ b/api/permission.py
@@ -28,17 +28,14 @@ async def create_permission(
 ):
    # 检查是否有权限添加用户
    assert 'admin' not in create_user_info.roles, FundPermissionError()  # 不可添加admin
-    is_auth = await check_permission([f'member_permission.{role}.add' for role in create_user_info.roles],
+    await check_permission([f'member_permission.{role}.add' for role in create_user_info.roles],
-                                     create_user_info.fund_id,
+                           create_user_info.fund_id,
-                                     user.email, permission_user_collect,
+                           user.email, permission_user_collect,
-                                     permission_role_collect)
+                           permission_role_collect)
-    if is_auth:
+    query = {"fund_id": create_user_info.fund_id, "email": create_user_info.email}
-        query = {"fund_id": create_user_info.fund_id, "email": create_user_info.email}
+    update = {"$addToSet": {"roles": {"$each": create_user_info.roles}}}
-        update = {"$addToSet": {"roles": {"$each": create_user_info.roles}}}
+    await permission_user_collect.update_one(query, update, upsert=True)
-        await permission_user_collect.update_one(query, update, upsert=True)
+    return Response(data='')
-        return Response(data='')
-    else:
-        raise FundPermissionError()
 @router.delete('/user/',
@@ -53,17 +50,14 @@ async def delete_permission(
 ):
    # 检查是否有权限添加用户
    assert 'admin' not in delete_user_info.roles, FundPermissionError('无法删除 admin')  # 不可删除admin
-    is_auth = await check_permission([f'member_permission.{role}.add' for role in delete_user_info.roles],
+    await check_permission([f'member_permission.{role}.add' for role in delete_user_info.roles],
-                                     delete_user_info.fund_id,
+                           delete_user_info.fund_id,
-                                     user.email, permission_user_collect,
+                           user.email, permission_user_collect,
-                                     permission_role_collect)
+                           permission_role_collect)
-    if is_auth:
+    query = {"fund_id": delete_user_info.fund_id, "email": delete_user_info.email}
-        query = {"fund_id": delete_user_info.fund_id, "email": delete_user_info.email}
+    update = {"$pull": {"roles": {"$in": delete_user_info.roles}}}
-        update = {"$pull": {"roles": {"$each": delete_user_info.roles}}}
+    await permission_user_collect.update_one(query, update, upsert=True)
-        await permission_user_collect.update_one(query, update, upsert=True)
+    return Response(data='')
-        return Response(data='')
-    else:
-        raise FundPermissionError()
 @router.get('/user/',
@@ -135,7 +129,7 @@ async def query_fund_all_users(
 @router.post('/auth/',
-             response_model=Response[List[AllUsers]],
+             response_model=BaseResponse,
             summary='添加角色权限',
             description='添加角色权限')
 async def add_role_permission(
@@ -159,7 +153,7 @@ async def add_role_permission(
 @router.delete('/auth/',
-               response_model=Response[List[AllUsers]],
+               response_model=BaseResponse,
               summary='删除角色权限',
               description='删除角色权限')
 async def remove_role_permission(
@@ -176,7 +170,7 @@ async def remove_role_permission(
    assert ('admin' in roles or 'fund_manager' in roles), FundPermissionError()
    query = {"fund_id": update_role.fund_id, "name": update_role.name}
-    update = {"$pull": {"permissions": {"$each": update_role.permissions}}}
+    update = {"$pull": {"permissions": {"$in": update_role.permissions}}}
    await permission_role_collect.update_one(query, update, upsert=True)
    return Response(data='')

--- a/service/bill.py
+++ b/service/bill.py
@@ -47,10 +47,10 @@ async def create_staking(
 async def update_bill(
-        bill_id: str, fund_id: str, user_id: str, update_data: [], fund_collect, bill_collect,
+        bill_id: str, fund_id: str, update_data: [], fund_collect, bill_collect,
        res_model: Type[DataT]
 ) -> Response[DataT]:
-    fund = await fund_collect.find_one({'id': fund_id, 'user_id': user_id})
+    fund = await fund_collect.find_one({'id': fund_id})
    assert fund, NotFundError()
    db_update_data = update_data.dict(exclude_unset=True)
    db_update_data.update({

--- a/service/permission.py
+++ b/service/permission.py