HWJ 何伟俊 / DMapManager · 提交

提交 036571b376ed1c48c725957a756d241b43afd77f

作者 qianyingz
2 个父辈 34516e9b 97ad9010

权限控制

内嵌 并排对比
正在显示 15 个修改的文件 包含 169 行增加99 行删除
  1 +from functools import wraps
  2 +from authlib.integrations.flask_oauth2 import current_token
  3 +from flask import abort
  4 +from app.modules.auth.oauth2 import require_oauth
  5 +from flask import request
  6 +
  7 +# 认证装饰器
  8 +
  9 +
  10 +class auth_decorator(object):
  11 + def __init__(self, action='', permission='', scope='profile'):
  12 + self.permission = permission
  13 + self.action = action
  14 + self.scope = scope
  15 +
  16 + def __call__(self, func):
  17 +
  18 + @wraps(func)
  19 + def wrapped_function(*args, **kwargs):
  20 + token = request.headers.get('Authorization')
  21 + if not token:
  22 + abort(401)
  23 + validate_token()
  24 + if current_token and current_token.user and current_token.user.role:
  25 + print(func.__name__)
  26 + if self.permission and len(self.permission) > 0:
  27 + # 判断角色是否在permission列表中
  28 + role = current_token.user.role
  29 + for p in self.permission:
  30 + if role == p:
  31 + return func(*args, **kwargs)
  32 +
  33 + abort(403)
  34 + else:
  35 + # 无permission,不校验
  36 + return func(*args, **kwargs)
  37 + else:
  38 + abort(401) # 无token,401
  39 +
  40 + @require_oauth(self.scope)
  41 + def validate_token():
  42 + pass
  43 +
  44 + return wrapped_function
... ...
  1 +from functools import wraps
  2 +from authlib.integrations.flask_oauth2 import current_token
  3 +from flask import abort
  4 +from app.modules.auth.oauth2 import require_oauth
  5 +from flask import request
  6 +
  7 +# 认证装饰器
  8 +
  9 +
  10 +class token_decorator(object):
  11 + def __init__(self, scope='profile'):
  12 + self.scope = scope
  13 +
  14 + def __call__(self, func):
  15 + @wraps(func)
  16 + def wrapped_function(*args, **kwargs):
  17 + token = request.headers.get('Authorization')
  18 + if token:
  19 + validate_token()
  20 + if current_token and current_token.user:
  21 + return func(*args, **kwargs)
  22 + else:
  23 + abort(403)
  24 +
  25 + else:
  26 + abort(401) # 无token,401
  27 +
  28 + @require_oauth(self.scope)
  29 + def validate_token():
  30 + pass
  31 +
  32 + return wrapped_function
... ...
... ... @@ -6,10 +6,13 @@ from app.util import BlueprintApi
6 6 from flask import Blueprint, render_template, redirect, request, session, jsonify
7 7 from sqlalchemy import and_
8 8 from .models import *
9   -from .oauth2 import authorization, require_oauth, generate_user_info
  9 +from .oauth2 import authorization, generate_user_info
10 10 from authlib.oauth2 import OAuth2Error
11 11 from authlib.integrations.flask_oauth2 import current_token
12 12 from . import user_create, client_create, client_query, user_query, user_update, user_delete
  13 +import configure
  14 +from app.decorators.auth_decorator import auth_decorator
  15 +from app.decorators.token_decorator import token_decorator
13 16
14 17
15 18 def current_user():
... ... @@ -32,68 +35,6 @@ def split_by_crlf(s):
32 35 class DataManager(BlueprintApi):
33 36 bp = Blueprint("Auth", __name__, url_prefix="/auth")
34 37
35   - # @staticmethod
36   - # @bp.route("/test", methods=("GET", "POST"))
37   - # def Test():
38   - # res = {}
39   - # try:
40   - # res["user"] = User.query.all()
41   - # except Exception as e:
42   - # raise e
43   - # return res
44   -
45   - # @staticmethod
46   - # @bp.route("/login", methods=("GET", "POST"))
47   - # def Login():
48   - # if request.method == "POST":
49   - # username = request.form["username"]
50   - # password = request.form["password"]
51   - # user = User.query.filter_by(username=username).first()
52   - # if not user:
53   - # user = User(username=username,
54   - # password=password, role="admin")
55   - # db.session.add(user)
56   - # db.session.commit()
57   - # session["id"] = user.id
58   - # return redirect("/auth/authorize")
59   - # user = current_user()
60   - # if user:
61   - # clients = OAuth2Client.query.filter_by(user_id=user.id).all()
62   - # else:
63   - # clients = []
64   - # return render_template("auth/authorize.html", user=user, clients=clients)
65   -
66   - # @staticmethod
67   - # @bp.route("/create_client", methods=("GET", "POST"))
68   - # def create_client():
69   - # user = current_user()
70   - # if not user:
71   - # return redirect("/auth/login")
72   - # if request.method == "GET":
73   - # return render_template("auth/create_client.html")
74   - # form = request.form
75   - # client_id = gen_salt(24)
76   - # client = OAuth2Client(client_id=client_id, user_id=user.id)
77   - # # Mixin doesn"t set the issue_at date
78   - # client.client_id_issued_at = int(time.time())
79   - # if client.token_endpoint_auth_method == "none":
80   - # client.client_secret = ""
81   - # else:
82   - # client.client_secret = gen_salt(48)
83   - # client_metadata = {
84   - # "client_name": form["client_name"],
85   - # "client_uri": form["client_uri"],
86   - # "grant_types": split_by_crlf(form["grant_type"]),
87   - # "redirect_uris": split_by_crlf(form["redirect_uri"]),
88   - # "response_types": split_by_crlf(form["response_type"]),
89   - # "scope": form["scope"],
90   - # "token_endpoint_auth_method": form["token_endpoint_auth_method"]
91   - # }
92   - # client.set_client_metadata(client_metadata)
93   - # db.session.add(client)
94   - # db.session.commit()
95   - # return redirect("/auth/login")
96   -
97 38 @staticmethod
98 39 @bp.route("/authorize", methods=("GET", "POST"))
99 40 def authorize():
... ... @@ -132,10 +73,7 @@ class DataManager(BlueprintApi):
132 73 return jsonify(dict(error.get_body()))
133 74 return render_template("auth/authorize.html", user=user, grant=grant, error=error)
134 75
135   - # if request.form["confirm"]:
136   - # grant_user = user
137   - # else:
138   - # grant_user = None
  76 +
139 77
140 78 @staticmethod
141 79 @bp.route("/token", methods=["POST"])
... ... @@ -144,7 +82,7 @@ class DataManager(BlueprintApi):
144 82
145 83 @staticmethod
146 84 @bp.route("/userinfo")
147   - @require_oauth("profile")
  85 + @token_decorator("profile")
148 86 def api_me():
149 87 try:
150 88 return jsonify(generate_user_info(current_token.user, current_token.scope))
... ... @@ -153,7 +91,6 @@ class DataManager(BlueprintApi):
153 91
154 92 @staticmethod
155 93 @bp.route("/logout", methods=["GET"])
156   - # @require_oauth("profile")
157 94 def logout():
158 95 url = ''
159 96 try:
... ... @@ -170,24 +107,13 @@ class DataManager(BlueprintApi):
170 107 except OAuth2Error as error:
171 108 return jsonify(dict(error.get_body()))
172 109 return redirect(url)
173   - # if current_token:
174   - # remove_user()
175   - # # accesstoken = OAuth2Token.query.filter_by(
176   - # # access_token=current_token.access_token).first()
177   - # try:
178   - # # accesstoken.revoked = True
179   - # # db.session.commit()
180   - # except error as e:
181   - # return jsonify(dict(e.get_body()))
182   - # else:
183   - # return jsonify({"result": False, "message": "access_token is null"})
184   -
185   - # return jsonify({"result": True, "message": "logout success"})
186   -
  110 +
  111 +
187 112 """接口"""
188 113 @staticmethod
189 114 @bp.route("/users", methods=["GET"])
190 115 @swag_from(user_query.Api.api_doc)
  116 + @auth_decorator(configure.UserPermission)
191 117 def user_query():
192 118 """
193 119 获取用户列表
... ... @@ -197,6 +123,7 @@ class DataManager(BlueprintApi):
197 123 @staticmethod
198 124 @bp.route("/users", methods=["POST"])
199 125 @swag_from(user_create.Api.api_doc)
  126 + @auth_decorator(configure.UserPermission)
200 127 def user_create():
201 128 """
202 129 创建用户
... ... @@ -206,6 +133,7 @@ class DataManager(BlueprintApi):
206 133 @staticmethod
207 134 @bp.route("/userEdit", methods=["POST"])
208 135 @swag_from(user_update.Api.api_doc)
  136 + @auth_decorator(configure.UserPermission)
209 137 def user_update():
210 138 """
211 139 更新用户信息
... ... @@ -215,6 +143,7 @@ class DataManager(BlueprintApi):
215 143 @staticmethod
216 144 @bp.route("/userDelete", methods=["POST"])
217 145 @swag_from(user_delete.Api.api_doc)
  146 + @auth_decorator(configure.UserPermission)
218 147 def user_delete():
219 148 """
220 149 删除用户
... ...
... ... @@ -17,6 +17,8 @@ from . import database_edit
17 17 from . import database_alias_check
18 18 from . import database_connect_test
19 19 from . import database_info
  20 +import configure
  21 +from app.decorators.auth_decorator import auth_decorator
20 22
21 23 class DataManager(BlueprintApi):
22 24
... ... @@ -26,6 +28,7 @@ class DataManager(BlueprintApi):
26 28 @staticmethod
27 29 @bp.route('/Register', methods=['POST'])
28 30 @swag_from(database_register.Api.api_doc)
  31 + @auth_decorator(configure.DataPermission)
29 32 def api_database_register():
30 33 """
31 34 数据源注册
... ... @@ -35,6 +38,7 @@ class DataManager(BlueprintApi):
35 38 @staticmethod
36 39 @bp.route('/List', methods=['POST'])
37 40 @swag_from(database_list.Api.api_doc)
  41 + @auth_decorator(configure.DataPermission)
38 42 def api_database_list():
39 43 """
40 44 数据源列表
... ... @@ -44,6 +48,7 @@ class DataManager(BlueprintApi):
44 48 @staticmethod
45 49 @bp.route('/Delete', methods=['POST'])
46 50 @swag_from(database_delete.Api.api_doc)
  51 + @auth_decorator(configure.DataPermission)
47 52 def api_database_delete():
48 53 """
49 54 数据源注销
... ... @@ -53,6 +58,7 @@ class DataManager(BlueprintApi):
53 58 @staticmethod
54 59 @bp.route('/Edit', methods=['POST'])
55 60 @swag_from(database_edit.Api.api_doc)
  61 + @auth_decorator(configure.DataPermission)
56 62 def database_edit():
57 63 """
58 64 修改数据源
... ... @@ -62,6 +68,7 @@ class DataManager(BlueprintApi):
62 68 @staticmethod
63 69 @bp.route('/Test', methods=['POST'])
64 70 @swag_from(database_test.Api.api_doc)
  71 + @auth_decorator(configure.DataPermission)
65 72 def api_database_test():
66 73 """
67 74 数据源测试
... ... @@ -71,6 +78,7 @@ class DataManager(BlueprintApi):
71 78 @staticmethod
72 79 @bp.route('/CheckAlias', methods=['POST'])
73 80 @swag_from(database_alias_check.Api.api_doc)
  81 + @auth_decorator(configure.DataPermission)
74 82 def api_database_alias_check():
75 83 """
76 84 数据源别名测试
... ... @@ -80,6 +88,7 @@ class DataManager(BlueprintApi):
80 88 @staticmethod
81 89 @bp.route('/CheckConnect', methods=['POST'])
82 90 @swag_from(database_connect_test.Api.api_doc)
  91 + @auth_decorator(configure.DataPermission)
83 92 def api_database_connect_test():
84 93 """
85 94 数据源连接测试
... ...
... ... @@ -13,6 +13,8 @@ from . import get_meta
13 13 from . import data_entry_by_meta
14 14 from . import get_data_list
15 15 from . import data_entry_simple
  16 +import configure
  17 +from app.decorators.auth_decorator import auth_decorator
16 18
17 19 class DataManager(BlueprintApi):
18 20
... ... @@ -21,6 +23,7 @@ class DataManager(BlueprintApi):
21 23
22 24 @staticmethod
23 25 @bp.route('/Download/<file>', methods=['GET'])
  26 + @auth_decorator(configure.DataPermission)
24 27 def table_download_file(file):
25 28 parent = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
26 29 dirpath = os.path.join(parent,"file_tmp")
... ... @@ -41,6 +44,7 @@ class DataManager(BlueprintApi):
41 44
42 45 @staticmethod
43 46 @bp.route('/DeleteFile/<file>', methods=['GET'])
  47 + @auth_decorator(configure.DataPermission)
44 48 def d_file(file):
45 49 parent = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
46 50 dirpath = os.path.join(parent, "file_tmp")
... ... @@ -59,6 +63,7 @@ class DataManager(BlueprintApi):
59 63 @staticmethod
60 64 @bp.route('/DataDownloadTask', methods=['POST'])
61 65 @swag_from(data_download_task.Api.api_doc)
  66 + @auth_decorator(configure.DataPermission)
62 67 def api_data_download_task():
63 68 """
64 69 下载数据任务
... ... @@ -69,6 +74,7 @@ class DataManager(BlueprintApi):
69 74 @staticmethod
70 75 @bp.route('/GetMeta', methods=['POST'])
71 76 @swag_from(get_meta.Api.api_doc)
  77 + @auth_decorator(configure.DataPermission)
72 78 def get_meta():
73 79 """
74 80 数据Meta
... ... @@ -78,6 +84,7 @@ class DataManager(BlueprintApi):
78 84 @staticmethod
79 85 @bp.route('/GetDataList', methods=['POST'])
80 86 @swag_from(get_data_list.Api.api_doc)
  87 + @auth_decorator(configure.DataPermission)
81 88 def get_data_list():
82 89 """
83 90 本地数据list
... ... @@ -87,6 +94,7 @@ class DataManager(BlueprintApi):
87 94 @staticmethod
88 95 @bp.route('/DataEntryByMeta', methods=['POST'])
89 96 @swag_from(data_entry_by_meta.Api.api_doc)
  97 + @auth_decorator(configure.DataPermission)
90 98 def data_entry_by_meta():
91 99 """
92 100 数据入库ByMeta
... ... @@ -96,6 +104,7 @@ class DataManager(BlueprintApi):
96 104 @staticmethod
97 105 @bp.route('/DataEntrySimple', methods=['POST'])
98 106 @swag_from(data_entry_simple.Api.api_doc)
  107 + @auth_decorator(configure.DataPermission)
99 108 def data_entry_simple():
100 109 """
101 110 数据入库Simple
... ...
... ... @@ -23,6 +23,9 @@ from . import table_vacuate_info
23 23 from . import table_vacuate_ref
24 24 from . import table_vacuate_delete
25 25 from . import field_value
  26 +import configure
  27 +from app.decorators.auth_decorator import auth_decorator
  28 +
26 29 class DataManager(BlueprintApi):
27 30
28 31 bp = Blueprint("DataManager", __name__, url_prefix="/API/Manager")
... ... @@ -30,6 +33,7 @@ class DataManager(BlueprintApi):
30 33 @staticmethod
31 34 @bp.route('/FieldEdit', methods=['POST'])
32 35 @swag_from(field_edit.Api.api_doc)
  36 + @auth_decorator(configure.DataPermission)
33 37 def field_edit():
34 38 """
35 39 修改属性别名
... ... @@ -48,6 +52,7 @@ class DataManager(BlueprintApi):
48 52 @staticmethod
49 53 @bp.route('/FieldValue', methods=['POST'])
50 54 @swag_from(field_value.Api.api_doc)
  55 + @auth_decorator(configure.DataPermission)
51 56 def field_value():
52 57 """
53 58 属性值
... ... @@ -67,6 +72,7 @@ class DataManager(BlueprintApi):
67 72 @staticmethod
68 73 @bp.route('/TableEdit', methods=['POST'])
69 74 @swag_from(table_edit.Api.api_doc)
  75 + @auth_decorator(configure.DataPermission)
70 76 def table_edit():
71 77 """
72 78 修改数据
... ... @@ -77,6 +83,7 @@ class DataManager(BlueprintApi):
77 83 @staticmethod
78 84 @bp.route('/TableDelete', methods=['POST'])
79 85 @swag_from(table_delete.Api.api_doc)
  86 + @auth_decorator(configure.DataPermission)
80 87 def table_delete():
81 88 """
82 89 删除数据
... ... @@ -97,6 +104,7 @@ class DataManager(BlueprintApi):
97 104 @staticmethod
98 105 @bp.route('/TableRefresh', methods=['POST'])
99 106 @swag_from(table_refresh.Api.api_doc)
  107 + @auth_decorator(configure.DataPermission)
100 108 def table_refresh():
101 109 """
102 110 刷新数据
... ... @@ -116,6 +124,7 @@ class DataManager(BlueprintApi):
116 124 @staticmethod
117 125 @bp.route('/TableVacuate', methods=['POST'])
118 126 @swag_from(table_vacuate.Api.api_doc)
  127 + @auth_decorator(configure.DataPermission)
119 128 def table_vacuate():
120 129 """
121 130 数据抽稀
... ... @@ -125,6 +134,7 @@ class DataManager(BlueprintApi):
125 134 @staticmethod
126 135 @bp.route('/TableVacuateOne', methods=['POST'])
127 136 @swag_from(table_vacuate_one.Api.api_doc)
  137 + @auth_decorator(configure.DataPermission)
128 138 def api_table_vacuate_one():
129 139 """
130 140 单独数据抽稀
... ... @@ -153,6 +163,7 @@ class DataManager(BlueprintApi):
153 163 @staticmethod
154 164 @bp.route('/TableVacuateDelete', methods=['POST'])
155 165 @swag_from(table_vacuate_delete.Api.api_doc)
  166 + @auth_decorator(configure.DataPermission)
156 167 def api_table_vacuate_delete():
157 168 """
158 169 数据抽稀删除
... ...
1 1 # coding=utf-8
2   -#author: 4N
  2 +# author: 4N
3 3 #createtime: 2021/3/1
4 4 #email: nheweijun@sina.com
5 5
... ... @@ -11,12 +11,13 @@ from . import task_detail
11 11 from . import task_delete
12 12 from . import task_count
13 13 from . import task_kill
  14 +from app.decorators.token_decorator import token_decorator
  15 +
14 16
15 17 class DataManager(BlueprintApi):
16 18
17 19 bp = Blueprint("Task", __name__, url_prefix="/API/Task")
18 20
19   -
20 21 @staticmethod
21 22 @bp.route('/List', methods=['POST'])
22 23 @swag_from(task_list.Api.api_doc)
... ... @@ -38,6 +39,7 @@ class DataManager(BlueprintApi):
38 39 @staticmethod
39 40 @bp.route('/Delete', methods=['POST'])
40 41 @swag_from(task_delete.Api.api_doc)
  42 + @token_decorator("profile")
41 43 def task_delete():
42 44 """
43 45 删除任务
... ... @@ -47,6 +49,7 @@ class DataManager(BlueprintApi):
47 49 @staticmethod
48 50 @bp.route('/Kill', methods=['POST'])
49 51 @swag_from(task_kill.Api.api_doc)
  52 + @token_decorator("profile")
50 53 def task_kill():
51 54 """
52 55 Kill任务
... ... @@ -61,5 +64,3 @@ class DataManager(BlueprintApi):
61 64 任务统计
62 65 """
63 66 return task_count.Api().result
64   -
65   -
... ...
... ... @@ -8,7 +8,8 @@ from flasgger import swag_from
8 8 from flask import Blueprint
9 9 from app.util import BlueprintApi
10 10 from . import monitoring, metrics, monitor_host_create, monitor_host_list, monitor_host_delete, monitor_host_edit
11   -
  11 +from app.decorators.auth_decorator import auth_decorator
  12 +import configure
12 13
13 14 user_socket_list = []
14 15 user_socket_dict = {}
... ... @@ -48,6 +49,7 @@ class Monitor(BlueprintApi):
48 49 @staticmethod
49 50 @bp.route('/RegisterHost', methods=['POST'])
50 51 @swag_from(monitor_host_create.Api.api_doc)
  52 + @auth_decorator(configure.MonitorPermission)
51 53 def monitor_host_create():
52 54 '''
53 55 注册监控主机
... ... @@ -66,6 +68,7 @@ class Monitor(BlueprintApi):
66 68 @staticmethod
67 69 @bp.route('/HostDelete', methods=['POST'])
68 70 @swag_from(monitor_host_delete.Api.api_doc)
  71 + @auth_decorator(configure.MonitorPermission)
69 72 def monitor_host_delete():
70 73 '''
71 74 删除主机
... ... @@ -75,6 +78,7 @@ class Monitor(BlueprintApi):
75 78 @staticmethod
76 79 @bp.route('/HostEdit', methods=['POST'])
77 80 @swag_from(monitor_host_edit.Api.api_doc)
  81 + @auth_decorator(configure.MonitorPermission)
78 82 def monitor_host_edit():
79 83 '''
80 84 编辑主机配置
... ...
... ... @@ -16,6 +16,7 @@ from . import service_info
16 16 from . import service_edit
17 17 import os
18 18 from flask import send_from_directory
  19 +from app.decorators.token_decorator import token_decorator
19 20
20 21
21 22 class DataManager(BlueprintApi):
... ... @@ -27,6 +28,7 @@ class DataManager(BlueprintApi):
27 28 @staticmethod
28 29 @bp.route('/Register', methods=['POST'])
29 30 @swag_from(service_register.Api.api_doc)
  31 + @token_decorator("profile")
30 32 def api_service_register():
31 33 """
32 34 服务注册
... ... @@ -45,6 +47,7 @@ class DataManager(BlueprintApi):
45 47 @staticmethod
46 48 @bp.route('/State', methods=['POST'])
47 49 @swag_from(service_state.Api.api_doc)
  50 + @token_decorator("profile")
48 51 def api_service_state():
49 52 """
50 53 修改服务状态
... ... @@ -82,6 +85,7 @@ class DataManager(BlueprintApi):
82 85 @staticmethod
83 86 @bp.route('/Edit', methods=['POST'])
84 87 @swag_from(service_edit.Api.api_doc)
  88 + @token_decorator("profile")
85 89 def api_service_edit():
86 90 """
87 91 服务Edit
... ... @@ -93,6 +97,7 @@ class DataManager(BlueprintApi):
93 97 @staticmethod
94 98 @bp.route('/Delete', methods=['POST'])
95 99 @swag_from(service_delete.Api.api_doc)
  100 + @token_decorator("profile")
96 101 def api_service_delete():
97 102 """
98 103 服务删除
... ...
... ... @@ -12,6 +12,8 @@ from . import service_engine_delete
12 12 from . import service_engine_edit
13 13 from . import service_engine_list
14 14 from . import service_engine_info
  15 +import configure
  16 +from app.decorators.auth_decorator import auth_decorator
15 17
16 18 class EngineManager(BlueprintApi):
17 19
... ... @@ -19,6 +21,7 @@ class EngineManager(BlueprintApi):
19 21
20 22 @staticmethod
21 23 @bp.route('/Register', methods=['POST'])
  24 + @auth_decorator(configure.MonitorPermission)
22 25 @swag_from(service_engine_register.Api.api_doc)
23 26 def service_engine_register():
24 27 """
... ... @@ -46,6 +49,7 @@ class EngineManager(BlueprintApi):
46 49
47 50 @staticmethod
48 51 @bp.route('/Edit', methods=['POST'])
  52 + @auth_decorator(configure.MonitorPermission)
49 53 @swag_from(service_engine_edit.Api.api_doc)
50 54 def service_engine_edit():
51 55 """
... ... @@ -57,6 +61,7 @@ class EngineManager(BlueprintApi):
57 61 @staticmethod
58 62 @bp.route('/Delete', methods=['POST'])
59 63 @swag_from(service_engine_delete.Api.api_doc)
  64 + @auth_decorator(configure.MonitorPermission)
60 65 def service_engine_delete():
61 66 """
62 67 Engine Delete
... ...
... ... @@ -7,6 +7,7 @@ from flasgger import swag_from
7 7 from flask import Blueprint
8 8 from app.util import BlueprintApi
9 9 from . import image_service_delete,image_service_register,image_service_edit,image_build_pyramid
  10 +from app.decorators.token_decorator import token_decorator
10 11
11 12 class DataManager(BlueprintApi):
12 13
... ... @@ -17,6 +18,7 @@ class DataManager(BlueprintApi):
17 18 @staticmethod
18 19 @bp.route('/BuildPyramid', methods=['POST'])
19 20 @swag_from(image_build_pyramid.Api.api_doc)
  21 + @token_decorator("profile")
20 22 def api_image_build_pyramid():
21 23 """
22 24 创建影像金字塔
... ... @@ -26,6 +28,7 @@ class DataManager(BlueprintApi):
26 28 @staticmethod
27 29 @bp.route('/Register', methods=['POST'])
28 30 @swag_from(image_service_register.Api.api_doc)
  31 + @token_decorator("profile")
29 32 def api_image_service_register():
30 33 """
31 34 注册ImageService
... ... @@ -35,6 +38,7 @@ class DataManager(BlueprintApi):
35 38 @staticmethod
36 39 @bp.route('/Edit', methods=['POST'])
37 40 @swag_from(image_service_edit.Api.api_doc)
  41 + @token_decorator("profile")
38 42 def api_image_service_edit():
39 43 """
40 44 修改ImageService
... ... @@ -44,8 +48,9 @@ class DataManager(BlueprintApi):
44 48 @staticmethod
45 49 @bp.route('/Delete', methods=['POST'])
46 50 @swag_from(image_service_delete.Api.api_doc)
  51 + @token_decorator("profile")
47 52 def api_image_service_delete():
48 53 """
49 54 ImageService Delete
50 55 """
51   - return image_service_delete.Api().result
  56 + return image_service_delete.Api().result
\ No newline at end of file
... ...
1 1 # coding=utf-8
2   -#author: 4N
  2 +# author: 4N
3 3 #createtime: 2021/9/14
4 4 #email: nheweijun@sina.com
5 5
6 6 from flasgger import swag_from
7 7 from flask import Blueprint
8 8 from app.util import BlueprintApi
9   -from . import map_service_register,map_service_edit
  9 +from . import map_service_register, map_service_edit
  10 +from app.decorators.token_decorator import token_decorator
  11 +
10 12
11 13 class DataManager(BlueprintApi):
12 14
13   - bp = Blueprint("MapService", __name__, url_prefix="/API/Service/MapService")
  15 + bp = Blueprint("MapService", __name__,
  16 + url_prefix="/API/Service/MapService")
14 17 service_type = ["地图服务"]
15 18
16 19 @staticmethod
17 20 @bp.route('/Register', methods=['POST'])
18 21 @swag_from(map_service_register.Api.api_doc)
  22 + @token_decorator("profile")
19 23 def api_wms_register():
20 24 """
21 25 注册MapService
22 26 """
23 27 return map_service_register.Api().result
24 28
25   -
26 29 @staticmethod
27 30 @bp.route('/Edit', methods=['POST'])
28 31 @swag_from(map_service_edit.Api.api_doc)
  32 + @token_decorator("profile")
29 33 def api_wms_edit():
30 34 """
31 35 修改MapService
32 36 """
33   - return map_service_edit.Api().result
\ No newline at end of file
  37 + return map_service_edit.Api().result
... ...
... ... @@ -14,6 +14,8 @@ from . import scheme_edit
14 14 from . import scheme_list
15 15 from . import scheme_resolve
16 16 from . import scheme_info
  17 +from app.decorators.token_decorator import token_decorator
  18 +
17 19
18 20 class SchemeManager(BlueprintApi):
19 21
... ... @@ -23,6 +25,7 @@ class SchemeManager(BlueprintApi):
23 25 @staticmethod
24 26 @bp.route('/Create', methods=['POST'])
25 27 @swag_from(scheme_create.Api.api_doc)
  28 + @token_decorator("profile")
26 29 def api_scheme_create():
27 30 """
28 31 创建切片方案
... ... @@ -33,6 +36,7 @@ class SchemeManager(BlueprintApi):
33 36 @staticmethod
34 37 @bp.route('/Delete', methods=['POST'])
35 38 @swag_from(scheme_delete.Api.api_doc)
  39 + @token_decorator("profile")
36 40 def api_scheme_delete():
37 41 """
38 42 删除切片方案
... ... @@ -42,6 +46,7 @@ class SchemeManager(BlueprintApi):
42 46 @staticmethod
43 47 @bp.route('/Edit', methods=['POST'])
44 48 @swag_from(scheme_edit.Api.api_doc)
  49 + @token_decorator("profile")
45 50 def api_scheme_edit():
46 51 """
47 52 修改切片方案
... ...
... ... @@ -8,7 +8,7 @@ from flasgger import swag_from
8 8 from flask import Blueprint
9 9 from app.util import BlueprintApi
10 10 from . import upload_oview,tile_service_register,tile_service_edit,tile_service_reload
11   -
  11 +from app.decorators.token_decorator import token_decorator
12 12
13 13
14 14 class DataManager(BlueprintApi):
... ... @@ -30,6 +30,7 @@ class DataManager(BlueprintApi):
30 30 @staticmethod
31 31 @bp.route('/Register', methods=['POST'])
32 32 @swag_from(tile_service_register.Api.api_doc)
  33 + @token_decorator("profile")
33 34 def api_wmts_register():
34 35 """
35 36 注册TileService
... ... @@ -39,6 +40,7 @@ class DataManager(BlueprintApi):
39 40 @staticmethod
40 41 @bp.route('/Edit', methods=['POST'])
41 42 @swag_from(tile_service_edit.Api.api_doc)
  43 + @token_decorator("profile")
42 44 def api_wmts_edit():
43 45 """
44 46 修改TileService
... ...
... ... @@ -4,8 +4,8 @@ import logging
4 4 deploy_ip_host = "172.26.40.105:8840"
5 5 # 系统数据库
6 6
7   -SQLALCHEMY_DATABASE_URI = "postgresql://postgres:chinadci@172.26.60.100:5432/dmap_manager_test"
8   -# SQLALCHEMY_DATABASE_URI = "postgresql://postgres:postgres@localhost:5433/dmap_dms_test"
  7 +# SQLALCHEMY_DATABASE_URI = "postgresql://postgres:chinadci@172.26.60.100:5432/dmap_manager_test"
  8 +SQLALCHEMY_DATABASE_URI = "postgresql://postgres:postgres@localhost:5433/dmap_dms_test"
9 9
10 10 # 指定精华表所在位置(必须为空间库),设置为None则存放在各自的实体库中
11 11 #VACUATE_DB_URI = None
... ... @@ -13,7 +13,7 @@ VACUATE_DB_URI = SQLALCHEMY_DATABASE_URI
13 13
14 14 zookeeper = "172.26.99.168:2181"
15 15
16   -#WMTS服务器
  16 +# WMTS服务器
17 17 wmts_url = "http://172.26.99.160:6060"
18 18 wms_url = ""
19 19
... ... @@ -22,6 +22,11 @@ swagger_configure = {"title": "DMapManager"}
22 22 entry_data_thread = 3
23 23 scan_module = ["app.modules"] # API所在的模块
24 24 SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
  25 +# 权限
  26 +UserPermission = ['admin']
  27 +MonitorPermission = ['admin']
  28 +DataPermission = ['admin', 'dataman']
  29 +PublishPermission = ['admin', 'dataman', 'publisher']
  30 +ServicePermission = ['admin', 'dataman', 'publisher']
25 31
26 32 log_level = logging.INFO
27   -
... ...
注册登录 后发表评论