yumoqing/rbac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bugfix

Browse Source
This commit is contained in:
yumoqing 2026-03-20 12:59:30 +08:00
parent 63375e4336
commit f27f1ece0b
3 changed files with 67 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
rbac/check_perm.py
View File

@ -13,6 +13,7 @@ from appPublic.uniqueID import getID
from ahserver.auth_api import AuthAPI, user_login from ahserver.auth_api import AuthAPI, user_login
from ahserver.globalEnv import password_encode from ahserver.globalEnv import password_encode
from ahserver.serverenv import ServerEnv, get_serverenv, set_serverenv from ahserver.serverenv import ServerEnv, get_serverenv, set_serverenv
from .userperm import UserPermisions
async def get_org_users(orgid): async def get_org_users(orgid):
env = ServerEnv() env = ServerEnv()
@ -92,13 +93,27 @@ async def register_user(sor, ns):
debug('password not match') debug('password not match')
return False return False
ns.password = password_encode(ns.password) ns.password = password_encode(ns.password)
recs = await sor.R('users', {'username': ns.username})
if recs:
return {
"status": "error",
"data": {
"message": f"username({ns.username}) exists",
"user": recs[0]
}
}
id = getID() id = getID()
ns.id = id ns.id = id
ns.orgid = id ns.orgid = id
ns1 = DictObject(id=id, orgname=ns.username) ns1 = DictObject(id=id, orgname=ns.username)
await create_org(sor, ns1) await create_org(sor, ns1)
await create_user(sor, ns) await create_user(sor, ns)
return id return {
"status": "ok",
"data": {
"user": ns
}
}
def get_dbname(): def get_dbname():
f = get_serverenv('get_module_dbname') f = get_serverenv('get_module_dbname')
@ -160,6 +175,12 @@ where c.userid = ${userid}$
async with db.sqlorContext(dbname) as sor: async with db.sqlorContext(dbname) as sor:
if userid is None: if userid is None:
userid = await getAuthenticationUserid(sor, request) userid = await getAuthenticationUserid(sor, request)
uperm = UserPermisions()
ret = await uperm.is_user_has_path_perm(userid, path)
debug(f'{userid=}, {path=} permission is {ret}')
return ret
"""
perms = await sor.R('permission', {'path':path}) perms = await sor.R('permission', {'path':path})
if len(perms) == 0: if len(perms) == 0:
debug(f'{path=} not found in permission, can access') debug(f'{path=} not found in permission, can access')
@ -179,6 +200,7 @@ where c.userid = ${userid}$
e = db.e_except e = db.e_except
debug(f'objcheckperm() error happened {userid}, {path}, {e}\n{format_exc()}') debug(f'objcheckperm() error happened {userid}, {path}, {e}\n{format_exc()}')
return False return False
"""
registered_auth_methods = { registered_auth_methods = {
"Basic ": basic_auth "Basic ": basic_auth

2
rbac/userperm.py
View File

@ -60,7 +60,7 @@ where a.id = c.userid
del self.cups[e['userid']] del self.cups[e['userid']]
return cup return cup
async def is_user_has_path_perm(self, userid, path): async def is_user_has_path_perm(self, request, userid, path):
paths = await self.get_user_perms_paths(userid) paths = await self.get_user_perms_paths(userid)
if path in paths: if path in paths:
return True return True

43
wwwroot/phone_login.dspy
View File

@ -22,4 +22,47 @@ if not f:
} }
} }
ns = {
"username": params_kw.cellphone,
"password": "^&%UHI",
"cfm_password": "^&%UHI",
"mobile": params_kw.cellphone,
"user_status": "0"
}
async with get_sor_context(request._run_ns, 'rbac') as sor:
recs = await R('users', {'mobile': params_kw.cellphone})
if recs:
if len(recs) == 1:
r = recs[0]
await remember_user(r.id, username=r.username, userorgid=r.orgid)
return {
"status": "ok",
"data":{
"user": r
}
}
if params_kw.selected_id:
for r in recs:
if r.id == params_kw.selected_id:
await remember_user(r.id, username=r.username, userorgid=r.orgid)
return {
"status": "ok",
"data":{
"user": r
}
}
else:
return {
"status": "choose",
"data": {
"users": recs
}
}
d = await register_user(sor, ns)
if d['status'] == 'error':
return d
r = d['data']['user']
await remember_user(r.id, username=r.username, userorgid=r.orgid)