diff --git a/json/organization.json b/json/organization.json index 50fa259..667e898 100644 --- a/json/organization.json +++ b/json/organization.json @@ -1,7 +1,4 @@ { - "models_dir": "${HOME}$/py/rbac/models", - "output_dir": "${HOME}$/py/sage/wwwroot/_a/organization", - "dbname": "sage", "tblname": "organization", "title":"Organization", "params": { diff --git a/json/orgtypes.json b/json/orgtypes.json index e6778da..bdd8ced 100644 --- a/json/orgtypes.json +++ b/json/orgtypes.json @@ -1,7 +1,4 @@ { - "models_dir": "${HOME}$/py/rbac/models", - "output_dir": "${HOME}$/py/sage/wwwroot/_a/orgtypes", - "dbname": "sage", "tblname": "orgtypes", "title":"Org. type", "params": { diff --git a/json/role.json b/json/role.json index 3c52962..47de184 100644 --- a/json/role.json +++ b/json/role.json @@ -1,7 +1,4 @@ { - "models_dir": "${HOME}$/py/rbac/models", - "output_dir": "${HOME}$/py/sage/wwwroot/_a/role", - "dbname": "sage", "tblname": "role", "title":"角色", "params": { diff --git a/json/rolepermission.json b/json/rolepermission.json index 49bf3fd..7fc4021 100644 --- a/json/rolepermission.json +++ b/json/rolepermission.json @@ -1,7 +1,4 @@ { - "models_dir": "${HOME}$/py/rbac/models", - "output_dir": "${HOME}$/py/sage/wwwroot/_a/rolepermission", - "dbname": "sage", "tblname": "rolepermission", "title":"用户", "params": { diff --git a/json/userdepartment.json b/json/userdepartment.json index 91f409e..1dbd9b4 100644 --- a/json/userdepartment.json +++ b/json/userdepartment.json @@ -1,7 +1,4 @@ { - "models_dir": "${HOME}$/py/rbac/models", - "output_dir": "${HOME}$/py/sage/wwwroot/_a/userdepartment", - "dbname": "sage", "tblname": "userdepartment", "title":"用户", "params": { diff --git a/rbac/check_perm.py b/rbac/check_perm.py index 90b5a2e..43b2937 100644 --- a/rbac/check_perm.py +++ b/rbac/check_perm.py @@ -17,7 +17,7 @@ async def get_user_roles(userid): sql = "select concat(b.orgtypeid, '.', b.name) as name from userrole a, role b where a.userid=${userid}$ and a.roleid = b.id" db = DBPools() roles = [] - dbname = await get_dbname() + dbname = get_dbname() async with db.sqlorContext(dbname) as sor: recs = await sor.sqlExe(sql, {'userid':userid}) if len(recs) < 1: @@ -57,7 +57,7 @@ async def create_user(sor, ns, roles=[]): } ] for rt in roles: - sql = "select * from role where orgtypeid = ${otid}$ and name in ${roles}$)" + sql = "select * from role where orgtypeid = ${otid}$ and name in ${roles}$" recs = await sor.sqlExe(sql, { 'otid': rt['orgtypeid'], 'roles': rt['roles'] @@ -82,14 +82,15 @@ async def register_user(sor, ns): await create_user(sor, ns) return id -async def get_dbname(): - rf = RegisterFunction() - dbname = await rf.exe('get_module_dbname', 'rbac') - return dbname +def get_dbname(): + f = get_serverenv('get_module_dbname') + if f is None: + return None + return f('rbac') async def checkUserPassword(request, username, password): db = DBPools() - dbname = await get_dbname() + dbname = get_dbname() async with db.sqlorContext(dbname) as sor: sql = "select * from users where username=${username}$ and password=${password}$" recs = await sor.sqlExe(sql, {'username':username, 'password':password}) @@ -101,7 +102,8 @@ async def checkUserPassword(request, username, password): return True return False -async def basic_auth(sor, auth): +async def basic_auth(sor, request): + auth = request.headers.get('Authentication') auther = BasicAuth('x') m = auther.decode(auth) username = m.login @@ -111,26 +113,17 @@ async def basic_auth(sor, auth): if len(recs) < 1: return None await user_login(request, recs[0].id, + username=recs[0].username, + userorgid=recs[0].orgid) return recs[0].id -async def bearer_auth(sor, auth): - # apikey = get_apikey_from_token(auth[7:]) - apikey = auth[7:] - if apikey is None: - return None - sql = "select * from userapp where apikey=${apikey}$ and expired_date > ${today}$" - recs = await sor.sqlExe(sql, {"apikey":apikey, 'today': curDateString()}) - if len(recs) < 1: - return None - return recs[0].userid - async def getAuthenticationUserid(sor, request): auth = request.headers.get('Authentication') if auth is None: return None for h,f in registered_auth_methods.items(): if auth.startswith(h): - return await f(auth) + return await f(sor, request) return None async def objcheckperm(obj, request, userid, path): @@ -143,7 +136,7 @@ right join userrole c on b.roleid = c.roleid where c.userid = ${userid}$ """ - dbname = await get_dbname() + dbname = get_dbname() db = DBPools() async with db.sqlorContext(dbname) as sor: if userid is None: @@ -168,8 +161,7 @@ where c.userid = ${userid}$ return False registered_auth_methods = { - "Basic ": basic_auth, - "Bearer ": bearer_auth + "Basic ": basic_auth } def register_auth_method(heading, func): diff --git a/wwwroot/user/register.dspy b/wwwroot/user/register.dspy index 25fd15d..0dae5ec 100644 --- a/wwwroot/user/register.dspy +++ b/wwwroot/user/register.dspy @@ -1,10 +1,12 @@ debug(f'{params_kw=}') db = DBPools() -dbname = await rfexe('get_module_dbname', 'sage') +dbname = get_module_dbname('rbac') async with db.sqlorContext(dbname) as sor: orgid = await register_user(sor, params_kw) + openCustomerAccounts = globals().get('openCustomerAccounts') if get_owner_orgid and openCustomerAccounts: ownerid = await get_owner_orgid(sor, orgid) - await openCustomerAccounts(sor, ownerid, orgid) + if openCustomerAccounts: + await openCustomerAccounts(sor, ownerid, orgid) return UiMessage(title="Success", message="register success") return UiError(title='Error', message="register failed") diff --git a/wwwroot/user/up_login.dspy b/wwwroot/user/up_login.dspy index 2c9be69..1173d8a 100644 --- a/wwwroot/user/up_login.dspy +++ b/wwwroot/user/up_login.dspy @@ -7,7 +7,7 @@ ns = { info(f'{ns=}') db = DBPools() -dbname = await rfexe('get_module_dbname', 'rbac') +dbname = get_module_dbname('rbac') async with db.sqlorContext(dbname) as sor: r = await sor.sqlExe('select * from users where username=${username}$ and password=${password}$', ns.copy()) if len(r) == 0: