feat: add backend rule group and permission support
This commit is contained in:
@@ -0,0 +1,103 @@
|
||||
"""评查点控制器。"""
|
||||
|
||||
from fastapi import Depends, Query
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
from fastapi_common.fastapi_common_security.security import verify_access_token
|
||||
from fastapi_common.fastapi_common_web.controller import BaseController
|
||||
from fastapi_modules.fastapi_leaudit.domian.Dto.evaluationPointDto import (
|
||||
EvaluationPointCreateDTO,
|
||||
EvaluationPointUpdateDTO,
|
||||
)
|
||||
from fastapi_modules.fastapi_leaudit.services.evaluationPointService import IEvaluationPointService
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.evaluationPointServiceImpl import EvaluationPointServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.permissionServiceImpl import PermissionServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.permissionService import IPermissionService
|
||||
|
||||
|
||||
class EvaluationPointController(BaseController):
|
||||
"""评查点控制器。"""
|
||||
|
||||
_PERMISSIONS = {
|
||||
"list": "evaluation_point:list:read",
|
||||
"detail": "evaluation_point:detail:read",
|
||||
"create": "evaluation_point:create:write",
|
||||
"update": "evaluation_point:update:write",
|
||||
"delete": "evaluation_point:delete:delete",
|
||||
}
|
||||
|
||||
def __init__(self):
|
||||
super().__init__(prefix="/v3/evaluation-points", tags=["评查点"])
|
||||
self.PointService: IEvaluationPointService = EvaluationPointServiceImpl()
|
||||
self.PermissionService: IPermissionService = PermissionServiceImpl()
|
||||
|
||||
@self.router.get("")
|
||||
async def ListEvaluationPoints(
|
||||
name: str | None = Query(None, description="名称模糊搜索"),
|
||||
code: str | None = Query(None, description="编码模糊搜索"),
|
||||
risk: str | None = Query(None, description="风险等级"),
|
||||
is_enabled: bool | None = Query(None, description="是否启用"),
|
||||
evaluation_point_groups_pid: int | None = Query(None, description="一级分组ID"),
|
||||
evaluation_point_groups_id: int | None = Query(None, description="二级分组ID"),
|
||||
document_attribute_type: str | None = Query(None, description="文档属性类型"),
|
||||
area: str | None = Query(None, description="地区"),
|
||||
page: int = Query(1, ge=1, description="页码"),
|
||||
page_size: int = Query(20, ge=1, le=500, description="分页大小"),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["list"]]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点查看权限", "data": None})
|
||||
data = await self.PointService.ListPoints(
|
||||
name,
|
||||
code,
|
||||
risk,
|
||||
is_enabled,
|
||||
evaluation_point_groups_pid,
|
||||
evaluation_point_groups_id,
|
||||
document_attribute_type,
|
||||
area,
|
||||
page,
|
||||
page_size,
|
||||
)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.get("/attribute-types")
|
||||
async def GetEvaluationPointAttributeTypes(payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["list"]]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点查看权限", "data": None})
|
||||
data = await self.PointService.GetAttributeTypes()
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.get("/{PointId}")
|
||||
async def GetEvaluationPoint(PointId: int, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["detail"]]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点查看权限", "data": None})
|
||||
data = await self.PointService.GetPoint(PointId)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.post("")
|
||||
async def CreateEvaluationPoint(body: EvaluationPointCreateDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["create"]]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有创建评查点权限", "data": None})
|
||||
data = await self.PointService.CreatePoint(body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.put("/{PointId}")
|
||||
async def UpdateEvaluationPoint(PointId: int, body: EvaluationPointUpdateDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["update"]]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有更新评查点权限", "data": None})
|
||||
data = await self.PointService.UpdatePoint(PointId, body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.delete("/{PointId}")
|
||||
async def DeleteEvaluationPoint(PointId: int, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), [self._PERMISSIONS["delete"]]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有删除评查点权限", "data": None})
|
||||
data = await self.PointService.DeletePoint(PointId)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
async def _check_permission(self, user_id: int, permission_keys: list[str]) -> bool:
|
||||
for permission_key in permission_keys:
|
||||
if await self.PermissionService.CheckPermission(user_id, permission_key):
|
||||
return True
|
||||
return False
|
||||
@@ -0,0 +1,167 @@
|
||||
"""评查点分组控制器。"""
|
||||
|
||||
from fastapi import Body, Depends, Query
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
from fastapi_common.fastapi_common_security.security import verify_access_token
|
||||
from fastapi_common.fastapi_common_web.controller import BaseController
|
||||
from fastapi_modules.fastapi_leaudit.domian.Dto.evaluationPointGroupDto import (
|
||||
EvaluationPointGroupBatchDeleteDTO,
|
||||
EvaluationPointGroupBatchStatusDTO,
|
||||
EvaluationPointGroupBindingCreateDTO,
|
||||
EvaluationPointGroupBindingUpdateDTO,
|
||||
EvaluationPointGroupCreateDTO,
|
||||
EvaluationPointGroupRebindDTO,
|
||||
EvaluationPointGroupUpdateDTO,
|
||||
)
|
||||
from fastapi_modules.fastapi_leaudit.services.evaluationPointGroupService import IEvaluationPointGroupService
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.evaluationPointGroupServiceImpl import EvaluationPointGroupServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.permissionServiceImpl import PermissionServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.permissionService import IPermissionService
|
||||
|
||||
|
||||
class EvaluationPointGroupController(BaseController):
|
||||
"""评查点分组控制器。"""
|
||||
|
||||
def __init__(self):
|
||||
super().__init__(prefix="/v3/evaluation-point-groups", tags=["评查点分组"])
|
||||
self.GroupService: IEvaluationPointGroupService = EvaluationPointGroupServiceImpl()
|
||||
self.PermissionService: IPermissionService = PermissionServiceImpl()
|
||||
|
||||
@self.router.get("")
|
||||
async def ListEvaluationPointGroups(
|
||||
name: str | None = Query(None, description="分组名称模糊搜索"),
|
||||
code: str | None = Query(None, description="分组编码模糊搜索"),
|
||||
is_enabled: bool | None = Query(None, description="是否启用"),
|
||||
pid: int | None = Query(None, description="父分组ID,0 表示一级分组"),
|
||||
page: int = Query(1, ge=1, description="页码"),
|
||||
page_size: int = Query(20, ge=1, le=500, description="分页大小"),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:list:read", "rules:list:read"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点分组查看权限", "data": None})
|
||||
data = await self.GroupService.ListGroups(name, code, is_enabled, pid, page, page_size)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.get("/all")
|
||||
async def ListAllEvaluationPointGroups(
|
||||
include_disabled: bool = Query(False, description="是否包含禁用分组"),
|
||||
with_rule_count: bool = Query(True, description="是否返回评查点数"),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:list:read", "rules:list:read"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点分组查看权限", "data": None})
|
||||
data = await self.GroupService.ListAllGroups(include_disabled, with_rule_count)
|
||||
return JSONResponse(status_code=200, content=[item.model_dump() for item in data])
|
||||
|
||||
@self.router.get("/by-document-types")
|
||||
async def ListEvaluationPointGroupsByDocumentTypes(
|
||||
document_type_ids: str = Query(..., description="逗号分隔的文档类型ID列表"),
|
||||
include_disabled: bool = Query(False, description="是否包含禁用分组"),
|
||||
with_rule_count: bool = Query(False, description="是否返回评查点数"),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:list:read", "rules:list:read"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点分组查看权限", "data": None})
|
||||
document_type_id_list = [int(item.strip()) for item in document_type_ids.split(",") if item.strip().isdigit()]
|
||||
data = await self.GroupService.ListGroupsByDocumentTypes(document_type_id_list, include_disabled, with_rule_count)
|
||||
return JSONResponse(status_code=200, content=[item.model_dump() for item in data])
|
||||
|
||||
@self.router.post("")
|
||||
async def CreateEvaluationPointGroup(body: EvaluationPointGroupCreateDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:create:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有创建评查点分组权限", "data": None})
|
||||
data = await self.GroupService.CreateGroup(body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.patch("/batch/status")
|
||||
async def BatchUpdateEvaluationPointGroupStatus(
|
||||
body: EvaluationPointGroupBatchStatusDTO,
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:batch:write", "evaluation_group:update:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有批量更新评查点分组权限", "data": None})
|
||||
data = await self.GroupService.BatchUpdateStatus(body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.delete("/batch")
|
||||
async def BatchDeleteEvaluationPointGroups(
|
||||
body: EvaluationPointGroupBatchDeleteDTO = Body(...),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:batch:write", "evaluation_group:delete:delete"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有批量删除评查点分组权限", "data": None})
|
||||
data = await self.GroupService.BatchDelete(body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.get("/{GroupId}")
|
||||
async def GetEvaluationPointGroup(
|
||||
GroupId: int,
|
||||
with_rule_count: bool = Query(True, description="是否返回评查点数"),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:list:read", "rules:list:read"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点分组查看权限", "data": None})
|
||||
data = await self.GroupService.GetGroup(GroupId, with_rule_count)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.put("/{GroupId}")
|
||||
async def UpdateEvaluationPointGroup(GroupId: int, body: EvaluationPointGroupUpdateDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:batch:write", "evaluation_group:update:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有更新评查点分组权限", "data": None})
|
||||
data = await self.GroupService.UpdateGroup(GroupId, body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.delete("/{GroupId}")
|
||||
async def DeleteEvaluationPointGroup(GroupId: int, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:batch:write", "evaluation_group:delete:delete"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有删除评查点分组权限", "data": None})
|
||||
data = await self.GroupService.DeleteGroup(GroupId)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.get("/{GroupId}/children")
|
||||
async def GetEvaluationPointGroupChildren(
|
||||
GroupId: int,
|
||||
is_enabled: bool | None = Query(None, description="是否启用"),
|
||||
page: int = Query(1, ge=1, description="页码"),
|
||||
page_size: int = Query(20, ge=1, le=500, description="分页大小"),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:list:read", "rules:list:read"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有评查点分组查看权限", "data": None})
|
||||
data = await self.GroupService.GetChildren(GroupId, is_enabled, page, page_size)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.put("/{GroupId}/rebind")
|
||||
async def RebindEvaluationPointGroup(GroupId: int, body: EvaluationPointGroupRebindDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:update:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有换绑评查点分组权限", "data": None})
|
||||
data = await self.GroupService.RebindGroup(GroupId, body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.post("/{GroupId}/bindings")
|
||||
async def CreateEvaluationPointGroupBinding(GroupId: int, body: EvaluationPointGroupBindingCreateDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:update:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有绑定规则集权限", "data": None})
|
||||
data = await self.GroupService.CreateBinding(GroupId, body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.put("/bindings/{BindingId}")
|
||||
async def UpdateEvaluationPointGroupBinding(BindingId: int, body: EvaluationPointGroupBindingUpdateDTO, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:update:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有更新规则集绑定权限", "data": None})
|
||||
data = await self.GroupService.UpdateBinding(BindingId, body)
|
||||
return JSONResponse(status_code=200, content=data.model_dump())
|
||||
|
||||
@self.router.delete("/bindings/{BindingId}")
|
||||
async def DeleteEvaluationPointGroupBinding(BindingId: int, payload: dict = Depends(verify_access_token)):
|
||||
if not await self._check_permission(int(payload["user_id"]), ["evaluation_group:update:write"]):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有删除规则集绑定权限", "data": None})
|
||||
await self.GroupService.DeleteBinding(BindingId)
|
||||
return JSONResponse(status_code=200, content={"success": True})
|
||||
|
||||
async def _check_permission(self, user_id: int, permission_keys: list[str]) -> bool:
|
||||
for permission_key in permission_keys:
|
||||
if await self.PermissionService.CheckPermission(user_id, permission_key):
|
||||
return True
|
||||
return False
|
||||
@@ -0,0 +1,66 @@
|
||||
"""提示词模板控制器。"""
|
||||
|
||||
from fastapi import Depends, Query
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
from fastapi_common.fastapi_common_security.security import verify_access_token
|
||||
from fastapi_common.fastapi_common_web.controller import BaseController
|
||||
from fastapi_modules.fastapi_leaudit.domian.Dto.promptTemplateDto import PromptTemplateCreateDTO, PromptTemplateUpdateDTO
|
||||
from fastapi_modules.fastapi_leaudit.services.promptTemplateService import IPromptTemplateService
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.promptTemplateServiceImpl import PromptTemplateServiceImpl
|
||||
|
||||
|
||||
class PromptTemplateController(BaseController):
|
||||
def __init__(self):
|
||||
super().__init__(prefix='/v3/prompt-templates', tags=['提示词模板'])
|
||||
self.Service: IPromptTemplateService = PromptTemplateServiceImpl()
|
||||
|
||||
@self.router.get('')
|
||||
async def ListPromptTemplates(
|
||||
search: str | None = Query(None, description='名称/编码搜索'),
|
||||
template_type: str | None = Query(None, description='模板类型,逗号分隔'),
|
||||
status: int | None = Query(None, description='状态'),
|
||||
page: int = Query(1, ge=1),
|
||||
page_size: int = Query(20, ge=1, le=500),
|
||||
payload: dict = Depends(verify_access_token),
|
||||
):
|
||||
_ = payload
|
||||
template_types = [item.strip() for item in str(template_type or '').split(',') if item.strip()]
|
||||
data = await self.Service.ListTemplates(search, template_types or None, status, page, page_size)
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': data.model_dump()})
|
||||
|
||||
@self.router.get('/types')
|
||||
async def GetPromptTemplateTypes(payload: dict = Depends(verify_access_token)):
|
||||
_ = payload
|
||||
data = await self.Service.GetTemplateTypes()
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': data.model_dump()})
|
||||
|
||||
@self.router.get('/{TemplateId}')
|
||||
async def GetPromptTemplate(TemplateId: int, payload: dict = Depends(verify_access_token)):
|
||||
_ = payload
|
||||
data = await self.Service.GetTemplate(TemplateId)
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': data.model_dump()})
|
||||
|
||||
@self.router.post('')
|
||||
async def CreatePromptTemplate(body: PromptTemplateCreateDTO, payload: dict = Depends(verify_access_token)):
|
||||
_ = payload
|
||||
data = await self.Service.CreateTemplate(body)
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': data.model_dump()})
|
||||
|
||||
@self.router.put('/{TemplateId}')
|
||||
async def UpdatePromptTemplate(TemplateId: int, body: PromptTemplateUpdateDTO, payload: dict = Depends(verify_access_token)):
|
||||
_ = payload
|
||||
data = await self.Service.UpdateTemplate(TemplateId, body)
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': data.model_dump()})
|
||||
|
||||
@self.router.delete('/{TemplateId}')
|
||||
async def DeletePromptTemplate(TemplateId: int, payload: dict = Depends(verify_access_token)):
|
||||
_ = payload
|
||||
await self.Service.DeleteTemplate(TemplateId)
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': True})
|
||||
|
||||
@self.router.post('/{TemplateId}/duplicate')
|
||||
async def DuplicatePromptTemplate(TemplateId: int, new_code: str | None = Query(None), payload: dict = Depends(verify_access_token)):
|
||||
_ = payload
|
||||
data = await self.Service.DuplicateTemplate(TemplateId, new_code)
|
||||
return JSONResponse(status_code=200, content={'code': 200, 'message': 'ok', 'data': data.model_dump()})
|
||||
@@ -8,7 +8,7 @@ from fastapi.responses import JSONResponse
|
||||
from fastapi_common.fastapi_common_security.security import verify_access_token
|
||||
from fastapi_common.fastapi_common_web.controller import BaseController
|
||||
|
||||
from fastapi_modules.fastapi_leaudit.domian.Dto.rbacAdminDto import RoleCreateDTO, RolePermissionsBatchDTO, RoleRoutesUpdateDTO, RoleUpdateDTO, UserRolesAssignDTO
|
||||
from fastapi_modules.fastapi_leaudit.domian.Dto.rbacAdminDto import RoleAccessSaveDTO, RoleCreateDTO, RolePermissionsBatchDTO, RoleRoutesUpdateDTO, RoleUpdateDTO, UserRolesAssignDTO
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.rbacAdminServiceImpl import RbacAdminServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.rbacAdminService import IRbacAdminService
|
||||
|
||||
@@ -128,6 +128,12 @@ class RbacAdminController(BaseController):
|
||||
data = await self.RbacAdminService.SaveRolePermissions(int(payload["user_id"]), Body)
|
||||
return JSONResponse(status_code=200, content={"code": 200, "message": "权限分配成功", "data": data.model_dump()})
|
||||
|
||||
@self.router.post("/v3/rbac/roles/{RoleId}/access")
|
||||
async def SaveRoleAccess(RoleId: int, Body: RoleAccessSaveDTO, payload: dict[str, Any] = Depends(verify_access_token)):
|
||||
"""原子保存角色菜单与接口权限。"""
|
||||
data = await self.RbacAdminService.SaveRoleAccess(int(payload["user_id"]), RoleId, Body)
|
||||
return JSONResponse(status_code=200, content={"code": 200, "message": "角色权限保存成功", "data": data.model_dump()})
|
||||
|
||||
@self.router.get("/v3/routes/{RouteId}/permissions")
|
||||
async def GetRoutePermissions(RouteId: int, payload: dict[str, Any] = Depends(verify_access_token)):
|
||||
"""查询路由关联权限。"""
|
||||
|
||||
@@ -0,0 +1,45 @@
|
||||
"""规则配置页聚合控制器。"""
|
||||
|
||||
from typing import Any
|
||||
|
||||
from fastapi import Depends
|
||||
from fastapi.responses import JSONResponse
|
||||
|
||||
from fastapi_common.fastapi_common_security.security import verify_access_token
|
||||
from fastapi_common.fastapi_common_web.controller import BaseController
|
||||
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.permissionServiceImpl import PermissionServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.impl.ruleConfigServiceImpl import RuleConfigServiceImpl
|
||||
from fastapi_modules.fastapi_leaudit.services.permissionService import IPermissionService
|
||||
from fastapi_modules.fastapi_leaudit.services.ruleConfigService import IRuleConfigService
|
||||
|
||||
|
||||
class RuleConfigController(BaseController):
|
||||
"""规则配置页聚合控制器。"""
|
||||
|
||||
def __init__(self):
|
||||
super().__init__(prefix="/v3/rule-config-packs", tags=["规则配置"])
|
||||
self.RuleConfigService: IRuleConfigService = RuleConfigServiceImpl()
|
||||
self.PermissionService: IPermissionService = PermissionServiceImpl()
|
||||
|
||||
@self.router.get("")
|
||||
async def ListRuleConfigPacks(payload: dict[str, Any] = Depends(verify_access_token)):
|
||||
"""列出规则配置页 pack。"""
|
||||
if not await self._check_permission(int(payload["user_id"])):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有规则配置查看权限", "data": None})
|
||||
data = await self.RuleConfigService.ListPacks()
|
||||
return JSONResponse(status_code=200, content={"code": 200, "message": "success", "data": [item.model_dump() for item in data]})
|
||||
|
||||
@self.router.get("/{PackId}")
|
||||
async def GetRuleConfigPack(PackId: int, payload: dict[str, Any] = Depends(verify_access_token)):
|
||||
"""获取单个规则配置 pack。"""
|
||||
if not await self._check_permission(int(payload["user_id"])):
|
||||
return JSONResponse(status_code=403, content={"code": 403, "msg": "当前用户没有规则配置查看权限", "data": None})
|
||||
data = await self.RuleConfigService.GetPack(PackId)
|
||||
return JSONResponse(status_code=200, content={"code": 200, "message": "success", "data": data.model_dump()})
|
||||
|
||||
async def _check_permission(self, user_id: int) -> bool:
|
||||
for permission_key in ("rules:list:read", "rules:content:read", "evaluation_group:list:read"):
|
||||
if await self.PermissionService.CheckPermission(user_id, permission_key):
|
||||
return True
|
||||
return False
|
||||
Reference in New Issue
Block a user