添加节点接口权限验证

c77a9751 · 杨明橙 · 873f54d8 · c77a9751
Commit c77a9751 authored Jun 16, 2023 by 杨明橙
Show whitespace changes
Inline Side-by-side

Showing with 53 additions and 10 deletions

node.py api/node.py +53 -10

No files found.
--- a/api/node.py
+++ b/api/node.py
@@ -13,6 +13,7 @@ from model.node import BaseNode
 from schema.beacon import Validator, ValidatorDeposit, ValidatorBlock, ValidatorIncome, Epoch, Rewards
 from schema.node import BindNode
 from service.beacon import BeaconChaService
+from service.permission import check_permission
 from tools.jwt_tools import User
 router = APIRouter()
@@ -27,7 +28,14 @@ async def subscribe(
        user: User = Depends(dependencies.get_current_user),
        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect),
        beacon_service: BeaconChaService = Depends(BeaconChaService),
+        permission_user_collect: AgnosticCollection = Depends(dependencies.get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(dependencies.get_permission_role_collect)
 ):
+    await check_permission(['data_permission.node.bind_node'],
+                           bind_node.fund_id,
+                           user.email, permission_user_collect,
+                           permission_role_collect)
    node_detail = await beacon_service.get_validator(index_or_pubkey=bind_node.pub_key)
    db_data = BaseNode(**bind_node.dict(), index=node_detail.validator_index)
    # 限制staking基金才可绑定节点
@@ -51,9 +59,16 @@ async def unsubscribe(
        # pub_key: str = Query(regex=r"\d*[a-zA-Z]+\d*"),
        pub_key: str = Query(regex=r".*\D+"),
        user: User = Depends(dependencies.get_current_user),
-        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect)
+        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect),
+        permission_user_collect: AgnosticCollection = Depends(dependencies.get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(dependencies.get_permission_role_collect)
 ):
-    query = {'id': fund_id, 'user_id': user.id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
+    await check_permission(['data_permission.node.untie_node'],
+                           fund_id,
+                           user.email, permission_user_collect,
+                           permission_role_collect)
+    query = {'id': fund_id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
    update = {"$unset": {f"nodes.{pub_key}": ""}}
    res = await fund_collect.update_one(
        query,
@@ -70,9 +85,16 @@ async def get_node_info(
        pub_key: str = Query(regex=r".*\D+"),
        user: User = Depends(dependencies.get_current_user),
        beacon_service: BeaconChaService = Depends(BeaconChaService),
-        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect)
+        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect),
+        permission_user_collect: AgnosticCollection = Depends(dependencies.get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(dependencies.get_permission_role_collect)
 ):
-    query = {'id': fund_id, 'user_id': user.id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
+    await check_permission(['data_permission.node.query_node'],
+                           fund_id,
+                           user.email, permission_user_collect,
+                           permission_role_collect)
+    query = {'id': fund_id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
    fund = await fund_collect.find_one(query)
    assert fund, NotFundError('未绑定该节点')
    validator_detail = await beacon_service.get_validator(pub_key)
@@ -89,9 +111,16 @@ async def get_node_deposit(
        pub_key: str = Query(regex=r".*\D+"),
        user: User = Depends(dependencies.get_current_user),
        beacon_service: BeaconChaService = Depends(BeaconChaService),
-        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect)
+        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect),
+        permission_user_collect: AgnosticCollection = Depends(dependencies.get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(dependencies.get_permission_role_collect)
 ):
-    query = {'id': fund_id, 'user_id': user.id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
+    await check_permission(['data_permission.node.query_node'],
+                           fund_id,
+                           user.email, permission_user_collect,
+                           permission_role_collect)
+    query = {'id': fund_id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
    fund = await fund_collect.find_one(query)
    assert fund, NotFundError('未绑定该节点')
    validator_deposit_list = await beacon_service.get_validator_deposit(pub_key)
@@ -109,10 +138,17 @@ async def get_node_blocks(
        user: User = Depends(dependencies.get_current_user),
        page: Page = Depends(Page),
        beacon_service: BeaconChaService = Depends(BeaconChaService),
-        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect)
+        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect),
+        permission_user_collect: AgnosticCollection = Depends(dependencies.get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(dependencies.get_permission_role_collect)
 ):
+    await check_permission(['data_permission.node.query_node'],
+                           fund_id,
+                           user.email, permission_user_collect,
+                           permission_role_collect)
    start = (page.page - 1) * page.page_size
-    query = {'id': fund_id, 'user_id': user.id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
+    query = {'id': fund_id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
    fund = await fund_collect.find_one(query)
    assert fund, NotFundError('未绑定该节点')
    validator_blocks = await beacon_service.get_validator_blocks(
@@ -144,9 +180,16 @@ async def get_node_income(
        pub_key: str = Query(regex=r".*\D+"),
        user: User = Depends(dependencies.get_current_user),
        beacon_service: BeaconChaService = Depends(BeaconChaService),
-        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect)
+        fund_collect: AgnosticCollection = Depends(dependencies.get_fund_collect),
+        permission_user_collect: AgnosticCollection = Depends(dependencies.get_permission_user_collect),
+        permission_role_collect: AgnosticCollection = Depends(dependencies.get_permission_role_collect)
 ):
-    query = {'id': fund_id, 'user_id': user.id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
+    await check_permission(['data_permission.node.query_node'],
+                           fund_id,
+                           user.email, permission_user_collect,
+                           permission_role_collect)
+    query = {'id': fund_id, 'fund_type': FundType.staking, f"nodes.{pub_key}": {"$exists": True}}
    fund = await fund_collect.find_one(query)
    assert fund, NotFundError('未绑定该节点')
    validator_income_list = await beacon_service.get_validator_income(index_or_pubkey=pub_key)