yumoqing/reallife_asset
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
reallife_asset/scripts/load_path.py

154 lines
4.7 KiB
Python
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env python3
"""
reallife_asset 模块 RBAC 权限管理脚本
使用方法:
cd ~/repos/sage
./py3/bin/python ~/repos/reallife_asset/scripts/load_path.py
每次代码变更如有新 path 出现,需同步更新此脚本。
"""
import subprocess
import os
import sys
def find_sage_root():
candidates = [
os.path.expanduser("~/repos/sage"),
os.path.expanduser("~/sage"),
os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__)))),
]
for c in candidates:
if os.path.isdir(os.path.join(c, "py3")) and os.path.isdir(os.path.join(c, "wwwroot")):
return c
return None
SAGE_ROOT = find_sage_root()
if not SAGE_ROOT:
print("ERROR: Cannot find Sage root directory")
sys.exit(1)
PYTHON = os.path.join(SAGE_ROOT, "py3", "bin", "python")
SET_PERM_SCRIPT = os.path.join(SAGE_ROOT, "set_role_perm.py")
MOD = "reallife_asset"
# ============================================================
# 权限路径定义 — 每次新增页面或API时同步更新
# ============================================================
# any — 无需登录(菜单、静态资源、回调)
PATHS_ANY = [
f"/{MOD}/menu.ui",
f"/{MOD}/api/rl_callback.dspy", # 供应商回调,无需登录
]
# logined — 所有已登录用户(含客户)
PATHS_LOGINED = [
# 模块入口
f"/{MOD}",
f"/{MOD}/index.ui",
# 客户可用页面
f"/{MOD}/create_validate.ui",
f"/{MOD}/upload_asset.ui",
f"/{MOD}/view_assets.ui",
# 虚拟人素材页面
f"/{MOD}/virtual_create_group.ui",
f"/{MOD}/virtual_upload_asset.ui",
f"/{MOD}/virtual_view_assets.ui",
# API — 所有 api/ 下的 .dspy脚本内部通过 get_user() 做权限校验)
f"/{MOD}/api/check_validate.dspy",
f"/{MOD}/api/get_asset_type_list.dspy",
f"/{MOD}/api/get_org_groups.dspy",
f"/{MOD}/api/get_status_list.dspy",
f"/{MOD}/api/get_upapp_list.dspy",
f"/{MOD}/api/get_vendor_list.dspy",
f"/{MOD}/api/get_virtual_groups.dspy",
f"/{MOD}/api/rl_asset_create.dspy",
f"/{MOD}/api/rl_asset_delete.dspy",
f"/{MOD}/api/rl_asset_group_create.dspy",
f"/{MOD}/api/rl_asset_group_delete.dspy",
f"/{MOD}/api/rl_asset_group_update.dspy",
f"/{MOD}/api/rl_asset_update.dspy",
f"/{MOD}/api/rl_assets.dspy",
f"/{MOD}/api/rl_callback.dspy",
f"/{MOD}/api/rl_org_group_create.dspy",
f"/{MOD}/api/rl_org_group_delete.dspy",
f"/{MOD}/api/rl_org_group_update.dspy",
f"/{MOD}/api/rl_query_groups.dspy",
f"/{MOD}/api/rl_status.dspy",
f"/{MOD}/api/rl_upload.dspy",
f"/{MOD}/api/rl_vendor_config_create.dspy",
f"/{MOD}/api/rl_vendor_config_delete.dspy",
f"/{MOD}/api/rl_vendor_config_update.dspy",
f"/{MOD}/api/rl_verify.dspy",
f"/{MOD}/api/rl_virtual_assets.dspy",
f"/{MOD}/api/rl_virtual_create_group.dspy",
f"/{MOD}/api/rl_virtual_groups.dspy",
f"/{MOD}/api/rl_virtual_status.dspy",
f"/{MOD}/api/rl_virtual_upload.dspy",
f"/{MOD}/api/submit_create_validate.dspy",
f"/{MOD}/api/submit_list_assets.dspy",
f"/{MOD}/api/submit_query_status.dspy",
f"/{MOD}/api/submit_upload.dspy",
f"/{MOD}/api/submit_virtual_create_group.dspy",
f"/{MOD}/api/submit_virtual_list_assets.dspy",
f"/{MOD}/api/submit_virtual_upload.dspy",
f"/{MOD}/api/sync_asset_status.dspy",
f"/{MOD}/api/sync_assets.dspy",
f"/{MOD}/api/sync_from_vendor.dspy",
]
# reseller.operator — 管理员专属页面
PATHS_OPERATOR = [
f"/{MOD}/group_manage.ui",
f"/{MOD}/asset_manage.ui",
f"/{MOD}/vendor_config_manage.ui",
f"/{MOD}/vendor_config_edit.ui",
f"/{MOD}/org_group_manage.ui",
f"/{MOD}/sync_groups.ui",
]
# owner.superuser — 同 operator
PATHS_SUPERUSER = PATHS_OPERATOR
# ============================================================
# 执行注册
# ============================================================
def run_set_perm(role, path):
cmd = [PYTHON, SET_PERM_SCRIPT, role, path]
result = subprocess.run(cmd, capture_output=True, text=True)
return result.returncode == 0
def register_role_paths(role, paths):
count = 0
for p in paths:
if run_set_perm(role, p):
count += 1
print(f" {role}: {count}/{len(paths)} paths registered")
return count
def main():
print(f"Sage root: {SAGE_ROOT}")
total = 0
total += register_role_paths("any", PATHS_ANY)
total += register_role_paths("logined", PATHS_LOGINED)
total += register_role_paths("reseller.operator", PATHS_OPERATOR)
total += register_role_paths("owner.superuser", PATHS_SUPERUSER)
print(f"\nDone. Total {total} permission entries registered.")
print("NOTE: Restart Sage after permission changes to reload RBAC cache.")
if __name__ == "__main__":
main()
Reference in New Issue View Git Blame Copy Permalink