From f71ed6c26e16dc1627bfa103f7d5716ab644de2f Mon Sep 17 00:00:00 2001 From: inji-hanbin Date: Mon, 14 Nov 2022 14:05:37 +0800 Subject: [PATCH 1/3] =?UTF-8?q?feat:=20=F0=9F=8E=B8=20=E5=AE=8C=E5=96=84?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E5=88=97=E8=A1=A8=E5=92=8C=E5=88=A0=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/v1/views/user.py | 28 +++++++++++++++++++++------- arkid/core/error.py | 4 ++-- 2 files changed, 23 insertions(+), 9 deletions(-) diff --git a/api/v1/views/user.py b/api/v1/views/user.py index e62f790a2..c2a8c9cb1 100644 --- a/api/v1/views/user.py +++ b/api/v1/views/user.py @@ -27,7 +27,12 @@ @paginate(CustomPagination) def user_list(request, tenant_id: str, query_data: UserListQueryIn=Query(...)): from arkid.core.perm.permission_data import PermissionData - users = User.expand_objects.filter(tenant_id=tenant_id, is_del=False) + tenant = request.tenant + tenant_users = tenant.users + tenant_user_ids = [] + for tenant_user in tenant_users.all(): + tenant_user_ids.append(tenant_user.id) + users = User.expand_objects.filter(id__in=tenant_user_ids, is_del=False) if query_data.username: users = users.filter(username__icontains=query_data.username) if query_data.nickname: @@ -39,7 +44,7 @@ def user_list(request, tenant_id: str, query_data: UserListQueryIn=Query(...)): if query_data.order: users = users.order_by(query_data.order) login_user = request.user - tenant = request.tenant + # tenant = request.tenant pd = PermissionData() users = pd.get_manage_all_user(login_user, tenant, users) @@ -55,10 +60,10 @@ def user_list(request, tenant_id: str, query_data: UserListQueryIn=Query(...)): def user_list_no_super(request, tenant_id: str): from arkid.core.perm.permission_data import PermissionData super_user_id = User.valid_objects.order_by('created').first().id - users = User.valid_objects.filter(tenant_id=tenant_id).exclude(id=super_user_id) + tenant = request.tenant + users = tenant.users.filter(is_del=False).exclude(id=super_user_id) # 如果当前登录的用户不是管理员,需要根据用户所拥有的分组进行区分 login_user = request.user - tenant = request.tenant pd = PermissionData() users = pd.get_manage_all_user(login_user, tenant, users) return {"data": list(users.all())} @@ -102,9 +107,18 @@ def user_pull(request, tenant_id: str): @api.delete("/tenant/{tenant_id}/users/{id}/",response=UserDeleteOut, tags=['用户']) @operation(UserDeleteOut,roles=[TENANT_ADMIN, PLATFORM_ADMIN]) def user_delete(request, tenant_id: str,id:str): - user = get_object_or_404(User.valid_objects,tenant=request.tenant, id=id) - user.delete() - return {"error":ErrorCode.OK.value} + # user = get_object_or_404(User.valid_objects,tenant=request.tenant, id=id) + tenant = request.tenant + user = tenant.users.filter(id=id).first() + if user: + is_tenant_admin = tenant.has_admin_perm(user) + if is_tenant_admin: + return ErrorDict(ErrorCode.USER_MANAGER_NOT_DELETE) + else: + user.delete() + return ErrorDict(ErrorCode.OK) + else: + return ErrorDict(ErrorCode.USER_NOT_EXISTS_ERROR) # ------------- 更新用户接口 -------------- @api.post("/tenant/{tenant_id}/users/{id}/",response=UserUpdateOut, tags=['用户']) diff --git a/arkid/core/error.py b/arkid/core/error.py index 736fa9561..4b53e00fe 100644 --- a/arkid/core/error.py +++ b/arkid/core/error.py @@ -12,8 +12,8 @@ class ErrorCode(Enum): # SMS_CODE_MISMATCH = '10002' # EMAIL_CODE_MISMATCH = '10021' USERNAME_EXISTS_ERROR = ('10004', _('username already exists', '用户名已存在')) - - + USER_MANAGER_NOT_DELETE = ('10005', _('not delete manager', '不允许删除管理员')) + USER_NOT_EXISTS_ERROR = ('10006', _('user not exists', '用户不存在')) # TENANT_NO_ACCESS = '10003' # TENANT_NO_EXISTS = '10007' # CODE_EXISTS_ERROR = '10008' From 986f6f8aa9cfa2c4b53e3e81e9a19500e943d494 Mon Sep 17 00:00:00 2001 From: inji-hanbin Date: Mon, 14 Nov 2022 14:36:28 +0800 Subject: [PATCH 2/3] =?UTF-8?q?feat:=20=F0=9F=8E=B8=20=E5=A4=84=E7=90=86?= =?UTF-8?q?=E6=8E=88=E6=9D=83=E7=AE=A1=E7=90=86=E5=88=97=E8=A1=A8=E7=94=A8?= =?UTF-8?q?=E6=88=B7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/v1/views/user.py | 12 +++++++++--- arkid/core/perm/permission_data.py | 21 +++++++++++++++++++++ 2 files changed, 30 insertions(+), 3 deletions(-) diff --git a/api/v1/views/user.py b/api/v1/views/user.py index c2a8c9cb1..967d76d1a 100644 --- a/api/v1/views/user.py +++ b/api/v1/views/user.py @@ -59,12 +59,18 @@ def user_list(request, tenant_id: str, query_data: UserListQueryIn=Query(...)): # @paginate(CustomPagination) def user_list_no_super(request, tenant_id: str): from arkid.core.perm.permission_data import PermissionData - super_user_id = User.valid_objects.order_by('created').first().id + pd = PermissionData() + # super_user_id = User.valid_objects.order_by('created').first().id tenant = request.tenant - users = tenant.users.filter(is_del=False).exclude(id=super_user_id) + user_managers = pd.get_tenant_managers(tenant) + exclude_ids = [] + for user_manager in user_managers: + exclude_ids.append(user_manager.id) + users = tenant.users.filter(is_del=False) + if exclude_ids: + users = users.exclude(id__in=exclude_ids) # 如果当前登录的用户不是管理员,需要根据用户所拥有的分组进行区分 login_user = request.user - pd = PermissionData() users = pd.get_manage_all_user(login_user, tenant, users) return {"data": list(users.all())} diff --git a/arkid/core/perm/permission_data.py b/arkid/core/perm/permission_data.py index d86a616f1..d2a03440d 100644 --- a/arkid/core/perm/permission_data.py +++ b/arkid/core/perm/permission_data.py @@ -2545,6 +2545,27 @@ def has_admin_perm(self, tenant, user): return True return False + def get_tenant_managers(self, tenant): + ''' + 取得当前租户所有的管理员 + ''' + systempermission = SystemPermission.valid_objects.filter(tenant=tenant, code=tenant.admin_perm_code, is_system=True).first() + userpermissionresults = UserPermissionResult.valid_objects.filter( + app=None, + tenant=tenant, + ) + compress = Compress() + users = [] + for userpermissionresult in userpermissionresults: + permission_result = compress.decrypt(userpermissionresult.result) + permission_result_arr = list(permission_result) + if len(permission_result_arr) > systempermission.sort_id: + check_result = int(permission_result_arr[systempermission.sort_id]) + if check_result == 1 and userpermissionresult.user not in users: + users.append(userpermissionresult.user) + return users + + def create_tenant_admin_permission(self, tenant): ''' 创建租户管理员权限 From 0a69c2e588132aaba79fe276a5566d2cc26a70ad Mon Sep 17 00:00:00 2001 From: Lu Luo Date: Mon, 14 Nov 2022 16:48:56 +0800 Subject: [PATCH 3/3] =?UTF-8?q?fix:=20=F0=9F=90=9B=20=E6=B7=BB=E5=8A=A0?= =?UTF-8?q?=E6=8F=92=E4=BB=B6=E6=9C=AC=E5=9C=B0UUID=E5=92=8CArkstore?= =?UTF-8?q?=E7=9A=84UUID=20(#1407)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- api/v1/views/arkstore.py | 25 ++++++++++++++++++++----- arkid/core/pagenation.py | 6 +++++- 2 files changed, 25 insertions(+), 6 deletions(-) diff --git a/api/v1/views/arkstore.py b/api/v1/views/arkstore.py index 878c57906..7219e5bae 100644 --- a/api/v1/views/arkstore.py +++ b/api/v1/views/arkstore.py @@ -92,6 +92,8 @@ class PAYMENT_TYPE(str, Enum): class ArkstoreItemSchemaOut(Schema): uuid: str = Field(hidden=True) + local_uuid: Optional[str] = Field(hidden=True, title=_('Local UUID', '插件本地UUID')) + arkstore_uuid: Optional[str] = Field(hidden=True, title=_('Arkstore UUID', '插件商店UUID')) name: str = Field(readonly=True) version: str = Field(readonly=True, title=_('Version', '版本')) author: str = Field(readonly=True, title=_('Author', '作者')) @@ -457,13 +459,17 @@ def list_arkstore_purchased_and_installed_extensions(request, tenant_id: str, fi installed_ext_packages = {ext.package: ext for ext in installed_exts} purchased_exts = get_arkstore_list(request, True, 'extension', all=True, extra_params=extra_params)['items'] for ext in purchased_exts: + ext['arkstore_uuid'] = ext['uuid'] if ext['package'] in installed_ext_packages: + local_ext = installed_ext_packages[ext['package']] + ext['local_uuid'] = str(local_ext.id) ext['installed'] = True - ext['is_active'] = installed_ext_packages[ext['package']].is_active - ext['is_active_tenant'] = installed_ext_packages[ext['package']].is_active_tenant - if installed_ext_packages[ext['package']].version < ext['version']: + ext['is_active'] = local_ext.is_active + ext['is_active_tenant'] = local_ext.is_active_tenant + if local_ext.version < ext['version']: ext['has_upgrade'] = True else: + ext['local_uuid'] = None ext['installed'] = False purchased_exts_packages = {ext['package']: ext for ext in purchased_exts} @@ -472,6 +478,8 @@ def list_arkstore_purchased_and_installed_extensions(request, tenant_id: str, fi ext.uuid = str(ext.id) ext.labels = " ".join(ext.labels) if ext.labels else "" ext.is_default_extension = True + ext.local_uuid = str(ext.id) + ext.arkstore_uuid = None if filter.has_upgrade == True: return [ext for ext in purchased_exts if ext.get('has_upgrade') == True] @@ -508,15 +516,20 @@ def list_arkstore_rented_extensions(request, tenant_id: str): for ext in extensions: ext.lease_useful_life = ["不限天数,不限人数"] ext.lease_state = '已租赁' + ext.local_uuid = str(ext.id) + ext.arkstore_uuid = None return extensions resp = get_arkstore_list(request, None, 'extension', rented=True, all=True)['items'] extensions_rented = {ext['package']: ext for ext in resp} for ext in extensions: + ext.local_uuid = str(ext.id) if ext.package in extensions_rented: - ext.lease_useful_life = extensions_rented[ext.package]['lease_useful_life'] + ext_arkstore = extensions_rented[ext.package] + ext.arkstore_uuid = ext_arkstore['uuid'] + ext.lease_useful_life = ext_arkstore['lease_useful_life'] ext.lease_state = '已租赁' - lease_records = extensions_rented[ext.package].get('lease_records') or [] + lease_records = ext_arkstore.get('lease_records') or [] # check_lease_records_expired if check_time_and_user_valid(lease_records, tenant): tenant_extension, created = TenantExtension.objects.update_or_create( @@ -524,6 +537,8 @@ def list_arkstore_rented_extensions(request, tenant_id: str): extension=ext, defaults={"is_rented": True} ) + else: + ext.arkstore_uuid = None return extensions diff --git a/arkid/core/pagenation.py b/arkid/core/pagenation.py index d64287477..f185fe007 100644 --- a/arkid/core/pagenation.py +++ b/arkid/core/pagenation.py @@ -77,10 +77,14 @@ def paginate_queryset(self, queryset, pagination: CustomPagination.Input, reques installed_exts = Extension.valid_objects.filter() installed_ext_packages = {ext.package: ext for ext in installed_exts} for ext in items: + ext['arkstore_uuid'] = ext['uuid'] if ext['package'] in installed_ext_packages: - if installed_ext_packages[ext['package']].version < ext['version']: + local_ext = installed_ext_packages[ext['package']] + ext['local_uuid'] = str(local_ext.id) + if local_ext.version < ext['version']: ext['has_upgrade'] = True else: + ext['local_uuid'] = None ext['installed'] = False tenant = request.tenant