refactor: use wildcard % in load_path.py for auto-coverage
This commit is contained in:
parent
c1aec68ce3
commit
dc658fbd9c
@ -1,69 +1,112 @@
|
||||
"""Generate RBAC permissions for msp module paths.
|
||||
|
||||
Run from Sage root with Sage venv:
|
||||
cd ~/repos/sage && ./py3/bin/python ../msp/scripts/load_path.py
|
||||
#!/usr/bin/env python3
|
||||
"""
|
||||
msp 模块 RBAC 权限管理脚本
|
||||
|
||||
使用方法:
|
||||
cd ~/repos/sage
|
||||
./py3/bin/python ~/repos/msp/scripts/load_path.py
|
||||
"""
|
||||
|
||||
import subprocess
|
||||
import os
|
||||
import sys
|
||||
import asyncio
|
||||
|
||||
sage_root = os.environ.get('SAGE_ROOT')
|
||||
if sage_root and sage_root not in sys.path:
|
||||
sys.path.insert(0, sage_root)
|
||||
|
||||
from sqlor.dbpools import DBPools
|
||||
from appPublic.jsonConfig import getConfig
|
||||
from appPublic.dictObject import DictObject
|
||||
from appPublic.uniqueID import getID
|
||||
|
||||
|
||||
paths = [
|
||||
("/msp", "logined"),
|
||||
("/msp/index.ui", "logined"),
|
||||
("/msp/menu.ui", "any"),
|
||||
("/msp/accordion.ui", "logined"),
|
||||
("/msp/app_panel.ui", "logined"),
|
||||
("/msp/bottom.ui", "logined"),
|
||||
("/msp/center.ui", "logined"),
|
||||
("/msp/connecthost.ui", "logined"),
|
||||
("/msp/connecthost.xterm", "logined"),
|
||||
("/msp/keypress.ui", "logined"),
|
||||
("/msp/msp_profile.md", "logined"),
|
||||
("/msp/msp_profile.ui", "logined"),
|
||||
("/msp/sagelog.ui", "logined"),
|
||||
("/msp/sagelog.xterm", "logined"),
|
||||
("/msp/test.ui", "logined"),
|
||||
("/msp/top.ui", "logined"),
|
||||
("/msp/get_code.dspy", "logined"),
|
||||
("/msp/imgs/%", "any"),
|
||||
def find_sage_root():
|
||||
candidates = [
|
||||
os.path.expanduser("~/repos/sage"),
|
||||
os.path.expanduser("~/sage"),
|
||||
os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))),
|
||||
]
|
||||
for c in candidates:
|
||||
if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")):
|
||||
return c
|
||||
return None
|
||||
|
||||
|
||||
SAGE_ROOT = find_sage_root()
|
||||
if not SAGE_ROOT:
|
||||
print("ERROR: Cannot find Sage root directory")
|
||||
sys.exit(1)
|
||||
|
||||
PYTHON = os.path.join(SAGE_ROOT, "py3", "bin", "python")
|
||||
SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py")
|
||||
|
||||
MOD = "msp"
|
||||
|
||||
# ============================================================
|
||||
# 权限路径定义
|
||||
# ============================================================
|
||||
|
||||
# any — 无需登录
|
||||
PATHS_ANY = [
|
||||
f"/{MOD}/menu.ui",
|
||||
f"/{MOD}/imgs/%",
|
||||
]
|
||||
|
||||
# logined — 所有已登录用户
|
||||
PATHS_LOGINED = [
|
||||
# 模块入口
|
||||
f"/{MOD}",
|
||||
f"/{MOD}/index.ui",
|
||||
|
||||
async def main():
|
||||
config = getConfig('.')
|
||||
DBPools(config.databases)
|
||||
dbname = 'sage'
|
||||
async with DBPools().sqlorContext(dbname) as sor:
|
||||
cnt = 0
|
||||
for path, role in paths:
|
||||
r = await sor.sqlExe(
|
||||
'select * from permission where permcode = ${permcode}$',
|
||||
{'permcode': path}
|
||||
)
|
||||
if len(r) == 0:
|
||||
await sor.sqlExe(
|
||||
'''insert into permission (id, permcode, permname, permtype)
|
||||
values (${id}$, ${permcode}$, ${permname}$, ${permtype}$)''',
|
||||
{
|
||||
'id': getID(),
|
||||
'permcode': path,
|
||||
'permname': path,
|
||||
'permtype': role,
|
||||
}
|
||||
)
|
||||
cnt += 1
|
||||
print(f'{cnt} path(s) inserted for msp')
|
||||
# 顶层 .ui 页面
|
||||
f"/{MOD}/msp_profile.ui",
|
||||
f"/{MOD}/msp_profile.md",
|
||||
f"/{MOD}/accordion.ui",
|
||||
f"/{MOD}/app_panel.ui",
|
||||
f"/{MOD}/connecthost.ui",
|
||||
f"/{MOD}/connecthost.xterm",
|
||||
f"/{MOD}/keypress.ui",
|
||||
f"/{MOD}/sagelog.ui",
|
||||
f"/{MOD}/sagelog.xterm",
|
||||
f"/{MOD}/test.ui",
|
||||
|
||||
# 老式布局文件(兼容)
|
||||
f"/{MOD}/top.ui",
|
||||
f"/{MOD}/center.ui",
|
||||
f"/{MOD}/bottom.ui",
|
||||
|
||||
# 顶层 .dspy
|
||||
f"/{MOD}/get_code.dspy",
|
||||
|
||||
# CRUD 子目录 — 通配
|
||||
f"/{MOD}/devgroup/%",
|
||||
f"/{MOD}/hostdev/%",
|
||||
f"/{MOD}/mspcatelog/%",
|
||||
f"/{MOD}/serve_status/%",
|
||||
f"/{MOD}/service_log/%",
|
||||
f"/{MOD}/techservice/%",
|
||||
]
|
||||
|
||||
# ============================================================
|
||||
# 执行注册
|
||||
# ============================================================
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
asyncio.run(main())
|
||||
def run_set_perm(role, path):
|
||||
cmd = [PYTHON, SET_PERM_SCRIPT, role, path]
|
||||
result = subprocess.run(cmd, capture_output=True, text=True)
|
||||
return result.returncode == 0
|
||||
|
||||
|
||||
def register_role_paths(role, paths):
|
||||
count = 0
|
||||
for p in paths:
|
||||
if run_set_perm(role, p):
|
||||
count += 1
|
||||
print(f" {role}: {count}/{len(paths)} paths registered")
|
||||
return count
|
||||
|
||||
|
||||
def main():
|
||||
print(f"Sage root: {SAGE_ROOT}")
|
||||
total = 0
|
||||
total += register_role_paths("any", PATHS_ANY)
|
||||
total += register_role_paths("logined", PATHS_LOGINED)
|
||||
print(f"\nDone. Total {total} permission entries registered.")
|
||||
print("NOTE: Restart Sage after permission changes to reload RBAC cache.")
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user