rbac/check_perm.py

@@ -160,13 +160,32 @@ where c.userid = ${userid}$
 			userid = await getAuthenticationUserid(sor, request)
 	uperm = UserPermissions()
 	ret = await uperm.is_user_has_path_perm(userid, path)
-	"""
+	roles = await uperm.get_user_roles(userid)
-	if not ret:
+	rp_keys = [k for k in uperm.rp_caches.keys()]
-		roles = await uperm.get_user_roles(userid)
+	debug(f'{userid=}, {path=} permission is {ret},userroles={roles}, {rp_keys}')
-		rp_keys = [k for k in uperm.rp_caches.keys()]
-		debug(f'{userid=}, {path=} permission is {ret},userroles={roles}')
-	"""
 	return ret
+	"""
+
+		perms = await sor.R('permission', {'path':path})
+		if len(perms) == 0:
+			debug(f'{path=} not found in permission, can access')
+			return True
+		if userid is None:
+			debug(f'{userid=} is None, can not access {path=}')
+			return False
+
+		recs = await sor.sqlExe(sql, {'path':path, 'userid':userid})
+		for r in recs:
+			id = r['id']
+			if id is not None:
+				debug(f'{userid=} can access {path=}')
+				return True
+		debug(f'{userid=} has not permission to call {path=}')
+		return False
+	e = db.e_except
+	debug(f'objcheckperm() error happened {userid}, {path}, {e}\n{format_exc()}')
+	return False
+	"""
 
 registered_auth_methods = {
 	"Basic ": basic_auth

wwwroot/get_all_roles.dspy

@@ -8,7 +8,6 @@ async with get_sor_context(request._run_ns, 'rbac') as sor:
 			d.append(f'{r.orgtypeid}.{r.name}')
 			d.append(f'{r.orgtypeid}.*')
 			d.append(f'*.{r.name}')
-		debug(f'roles={d}')
 		d = sorted(list(set(d)))
 		return d
 	return []

wwwroot/get_normal_roles.dspy

@@ -10,7 +10,6 @@ async with get_sor_context(request._run_ns, 'rbac') as sor:
 			continue
 		else:
 			d.append(f'{r.orgtypeid}.{r.name}')
-		debug(f'roles={d}')
 		d = sorted(list(set(d)))
 		return d
 	return []