HWJ 何伟俊 / DMapManager · 提交

提交 63f18135245d571900071e21f2b66ecd186ba8f1

作者 nheweijun
2 个父辈 fe5f18cb 036571b3

2022.01.14 合并成功

内嵌 并排对比
正在显示 15 个修改的文件 包含 175 行增加98 行删除
  1 +from functools import wraps
  2 +from authlib.integrations.flask_oauth2 import current_token
  3 +from flask import abort
  4 +from app.modules.auth.oauth2 import require_oauth
  5 +from flask import request
  6 +
  7 +# 认证装饰器
  8 +
  9 +
  10 +class auth_decorator(object):
  11 + def __init__(self, action='', permission='', scope='profile'):
  12 + self.permission = permission
  13 + self.action = action
  14 + self.scope = scope
  15 +
  16 + def __call__(self, func):
  17 +
  18 + @wraps(func)
  19 + def wrapped_function(*args, **kwargs):
  20 + token = request.headers.get('Authorization')
  21 + if not token:
  22 + abort(401)
  23 + validate_token()
  24 + if current_token and current_token.user and current_token.user.role:
  25 + print(func.__name__)
  26 + if self.permission and len(self.permission) > 0:
  27 + # 判断角色是否在permission列表中
  28 + role = current_token.user.role
  29 + for p in self.permission:
  30 + if role == p:
  31 + return func(*args, **kwargs)
  32 +
  33 + abort(403)
  34 + else:
  35 + # 无permission,不校验
  36 + return func(*args, **kwargs)
  37 + else:
  38 + abort(401) # 无token,401
  39 +
  40 + @require_oauth(self.scope)
  41 + def validate_token():
  42 + pass
  43 +
  44 + return wrapped_function
  1 +from functools import wraps
  2 +from authlib.integrations.flask_oauth2 import current_token
  3 +from flask import abort
  4 +from app.modules.auth.oauth2 import require_oauth
  5 +from flask import request
  6 +
  7 +# 认证装饰器
  8 +
  9 +
  10 +class token_decorator(object):
  11 + def __init__(self, scope='profile'):
  12 + self.scope = scope
  13 +
  14 + def __call__(self, func):
  15 + @wraps(func)
  16 + def wrapped_function(*args, **kwargs):
  17 + token = request.headers.get('Authorization')
  18 + if token:
  19 + validate_token()
  20 + if current_token and current_token.user:
  21 + return func(*args, **kwargs)
  22 + else:
  23 + abort(403)
  24 +
  25 + else:
  26 + abort(401) # 无token,401
  27 +
  28 + @require_oauth(self.scope)
  29 + def validate_token():
  30 + pass
  31 +
  32 + return wrapped_function
@@ -6,10 +6,13 @@ from app.util import BlueprintApi @@ -6,10 +6,13 @@ from app.util import BlueprintApi
6 from flask import Blueprint, render_template, redirect, request, session, jsonify 6 from flask import Blueprint, render_template, redirect, request, session, jsonify
7 from sqlalchemy import and_ 7 from sqlalchemy import and_
8 from .models import * 8 from .models import *
9 -from .oauth2 import authorization, require_oauth, generate_user_info 9 +from .oauth2 import authorization, generate_user_info
10 from authlib.oauth2 import OAuth2Error 10 from authlib.oauth2 import OAuth2Error
11 from authlib.integrations.flask_oauth2 import current_token 11 from authlib.integrations.flask_oauth2 import current_token
12 from . import user_create, client_create, client_query, user_query, user_update, user_delete 12 from . import user_create, client_create, client_query, user_query, user_update, user_delete
  13 +import configure
  14 +from app.decorators.auth_decorator import auth_decorator
  15 +from app.decorators.token_decorator import token_decorator
13 16
14 17
15 def current_user(): 18 def current_user():
@@ -32,68 +35,6 @@ def split_by_crlf(s): @@ -32,68 +35,6 @@ def split_by_crlf(s):
32 class DataManager(BlueprintApi): 35 class DataManager(BlueprintApi):
33 bp = Blueprint("Auth", __name__, url_prefix="/auth") 36 bp = Blueprint("Auth", __name__, url_prefix="/auth")
34 37
35 - # @staticmethod  
36 - # @bp.route("/test", methods=("GET", "POST"))  
37 - # def Test():  
38 - # res = {}  
39 - # try:  
40 - # res["user"] = User.query.all()  
41 - # except Exception as e:  
42 - # raise e  
43 - # return res  
44 -  
45 - # @staticmethod  
46 - # @bp.route("/login", methods=("GET", "POST"))  
47 - # def Login():  
48 - # if request.method == "POST":  
49 - # username = request.form["username"]  
50 - # password = request.form["password"]  
51 - # user = User.query.filter_by(username=username).first()  
52 - # if not user:  
53 - # user = User(username=username,  
54 - # password=password, role="admin")  
55 - # db.session.add(user)  
56 - # db.session.commit()  
57 - # session["id"] = user.id  
58 - # return redirect("/auth/authorize")  
59 - # user = current_user()  
60 - # if user:  
61 - # clients = OAuth2Client.query.filter_by(user_id=user.id).all()  
62 - # else:  
63 - # clients = []  
64 - # return render_template("auth/authorize.html", user=user, clients=clients)  
65 -  
66 - # @staticmethod  
67 - # @bp.route("/create_client", methods=("GET", "POST"))  
68 - # def create_client():  
69 - # user = current_user()  
70 - # if not user:  
71 - # return redirect("/auth/login")  
72 - # if request.method == "GET":  
73 - # return render_template("auth/create_client.html")  
74 - # form = request.form  
75 - # client_id = gen_salt(24)  
76 - # client = OAuth2Client(client_id=client_id, user_id=user.id)  
77 - # # Mixin doesn"t set the issue_at date  
78 - # client.client_id_issued_at = int(time.time())  
79 - # if client.token_endpoint_auth_method == "none":  
80 - # client.client_secret = ""  
81 - # else:  
82 - # client.client_secret = gen_salt(48)  
83 - # client_metadata = {  
84 - # "client_name": form["client_name"],  
85 - # "client_uri": form["client_uri"],  
86 - # "grant_types": split_by_crlf(form["grant_type"]),  
87 - # "redirect_uris": split_by_crlf(form["redirect_uri"]),  
88 - # "response_types": split_by_crlf(form["response_type"]),  
89 - # "scope": form["scope"],  
90 - # "token_endpoint_auth_method": form["token_endpoint_auth_method"]  
91 - # }  
92 - # client.set_client_metadata(client_metadata)  
93 - # db.session.add(client)  
94 - # db.session.commit()  
95 - # return redirect("/auth/login")  
96 -  
97 @staticmethod 38 @staticmethod
98 @bp.route("/authorize", methods=("GET", "POST")) 39 @bp.route("/authorize", methods=("GET", "POST"))
99 def authorize(): 40 def authorize():
@@ -132,10 +73,7 @@ class DataManager(BlueprintApi): @@ -132,10 +73,7 @@ class DataManager(BlueprintApi):
132 return jsonify(dict(error.get_body())) 73 return jsonify(dict(error.get_body()))
133 return render_template("auth/authorize.html", user=user, grant=grant, error=error) 74 return render_template("auth/authorize.html", user=user, grant=grant, error=error)
134 75
135 - # if request.form["confirm"]:  
136 - # grant_user = user  
137 - # else:  
138 - # grant_user = None 76 +
139 77
140 @staticmethod 78 @staticmethod
141 @bp.route("/token", methods=["POST"]) 79 @bp.route("/token", methods=["POST"])
@@ -144,7 +82,7 @@ class DataManager(BlueprintApi): @@ -144,7 +82,7 @@ class DataManager(BlueprintApi):
144 82
145 @staticmethod 83 @staticmethod
146 @bp.route("/userinfo") 84 @bp.route("/userinfo")
147 - @require_oauth("profile") 85 + @token_decorator("profile")
148 def api_me(): 86 def api_me():
149 try: 87 try:
150 return jsonify(generate_user_info(current_token.user, current_token.scope)) 88 return jsonify(generate_user_info(current_token.user, current_token.scope))
@@ -153,7 +91,6 @@ class DataManager(BlueprintApi): @@ -153,7 +91,6 @@ class DataManager(BlueprintApi):
153 91
154 @staticmethod 92 @staticmethod
155 @bp.route("/logout", methods=["GET"]) 93 @bp.route("/logout", methods=["GET"])
156 - # @require_oauth("profile")  
157 def logout(): 94 def logout():
158 url = '' 95 url = ''
159 try: 96 try:
@@ -170,24 +107,13 @@ class DataManager(BlueprintApi): @@ -170,24 +107,13 @@ class DataManager(BlueprintApi):
170 except OAuth2Error as error: 107 except OAuth2Error as error:
171 return jsonify(dict(error.get_body())) 108 return jsonify(dict(error.get_body()))
172 return redirect(url) 109 return redirect(url)
173 - # if current_token:  
174 - # remove_user()  
175 - # # accesstoken = OAuth2Token.query.filter_by(  
176 - # # access_token=current_token.access_token).first()  
177 - # try:  
178 - # # accesstoken.revoked = True  
179 - # # db.session.commit()  
180 - # except error as e:  
181 - # return jsonify(dict(e.get_body()))  
182 - # else:  
183 - # return jsonify({"result": False, "message": "access_token is null"})  
184 -  
185 - # return jsonify({"result": True, "message": "logout success"})  
186 - 110 +
  111 +
187 """接口""" 112 """接口"""
188 @staticmethod 113 @staticmethod
189 @bp.route("/users", methods=["GET"]) 114 @bp.route("/users", methods=["GET"])
190 @swag_from(user_query.Api.api_doc) 115 @swag_from(user_query.Api.api_doc)
  116 + @auth_decorator(configure.UserPermission)
191 def user_query(): 117 def user_query():
192 """ 118 """
193 获取用户列表 119 获取用户列表
@@ -197,6 +123,7 @@ class DataManager(BlueprintApi): @@ -197,6 +123,7 @@ class DataManager(BlueprintApi):
197 @staticmethod 123 @staticmethod
198 @bp.route("/users", methods=["POST"]) 124 @bp.route("/users", methods=["POST"])
199 @swag_from(user_create.Api.api_doc) 125 @swag_from(user_create.Api.api_doc)
  126 + @auth_decorator(configure.UserPermission)
200 def user_create(): 127 def user_create():
201 """ 128 """
202 创建用户 129 创建用户
@@ -206,6 +133,7 @@ class DataManager(BlueprintApi): @@ -206,6 +133,7 @@ class DataManager(BlueprintApi):
206 @staticmethod 133 @staticmethod
207 @bp.route("/userEdit", methods=["POST"]) 134 @bp.route("/userEdit", methods=["POST"])
208 @swag_from(user_update.Api.api_doc) 135 @swag_from(user_update.Api.api_doc)
  136 + @auth_decorator(configure.UserPermission)
209 def user_update(): 137 def user_update():
210 """ 138 """
211 更新用户信息 139 更新用户信息
@@ -215,6 +143,7 @@ class DataManager(BlueprintApi): @@ -215,6 +143,7 @@ class DataManager(BlueprintApi):
215 @staticmethod 143 @staticmethod
216 @bp.route("/userDelete", methods=["POST"]) 144 @bp.route("/userDelete", methods=["POST"])
217 @swag_from(user_delete.Api.api_doc) 145 @swag_from(user_delete.Api.api_doc)
  146 + @auth_decorator(configure.UserPermission)
218 def user_delete(): 147 def user_delete():
219 """ 148 """
220 删除用户 149 删除用户
@@ -4,11 +4,9 @@ @@ -4,11 +4,9 @@
4 #email: nheweijun@sina.com 4 #email: nheweijun@sina.com
5 5
6 6
7 -  
8 from flasgger import swag_from 7 from flasgger import swag_from
9 from flask import Blueprint 8 from flask import Blueprint
10 from app.util import BlueprintApi 9 from app.util import BlueprintApi
11 -  
12 from . import database_register 10 from . import database_register
13 from . import database_test 11 from . import database_test
14 from . import database_list 12 from . import database_list
@@ -18,6 +16,9 @@ from . import database_alias_check @@ -18,6 +16,9 @@ from . import database_alias_check
18 from . import database_connect_test 16 from . import database_connect_test
19 from . import database_info 17 from . import database_info
20 from . import database_detail 18 from . import database_detail
  19 +import configure
  20 +from app.decorators.auth_decorator import auth_decorator
  21 +
21 22
22 class DataManager(BlueprintApi): 23 class DataManager(BlueprintApi):
23 24
@@ -27,6 +28,7 @@ class DataManager(BlueprintApi): @@ -27,6 +28,7 @@ class DataManager(BlueprintApi):
27 @staticmethod 28 @staticmethod
28 @bp.route('/Register', methods=['POST']) 29 @bp.route('/Register', methods=['POST'])
29 @swag_from(database_register.Api.api_doc) 30 @swag_from(database_register.Api.api_doc)
  31 + @auth_decorator(configure.DataPermission)
30 def api_database_register(): 32 def api_database_register():
31 """ 33 """
32 数据源注册 34 数据源注册
@@ -36,6 +38,7 @@ class DataManager(BlueprintApi): @@ -36,6 +38,7 @@ class DataManager(BlueprintApi):
36 @staticmethod 38 @staticmethod
37 @bp.route('/List', methods=['POST']) 39 @bp.route('/List', methods=['POST'])
38 @swag_from(database_list.Api.api_doc) 40 @swag_from(database_list.Api.api_doc)
  41 + @auth_decorator(configure.DataPermission)
39 def api_database_list(): 42 def api_database_list():
40 """ 43 """
41 数据源列表 44 数据源列表
@@ -45,6 +48,7 @@ class DataManager(BlueprintApi): @@ -45,6 +48,7 @@ class DataManager(BlueprintApi):
45 @staticmethod 48 @staticmethod
46 @bp.route('/Delete', methods=['POST']) 49 @bp.route('/Delete', methods=['POST'])
47 @swag_from(database_delete.Api.api_doc) 50 @swag_from(database_delete.Api.api_doc)
  51 + @auth_decorator(configure.DataPermission)
48 def api_database_delete(): 52 def api_database_delete():
49 """ 53 """
50 数据源注销 54 数据源注销
@@ -54,6 +58,7 @@ class DataManager(BlueprintApi): @@ -54,6 +58,7 @@ class DataManager(BlueprintApi):
54 @staticmethod 58 @staticmethod
55 @bp.route('/Edit', methods=['POST']) 59 @bp.route('/Edit', methods=['POST'])
56 @swag_from(database_edit.Api.api_doc) 60 @swag_from(database_edit.Api.api_doc)
  61 + @auth_decorator(configure.DataPermission)
57 def database_edit(): 62 def database_edit():
58 """ 63 """
59 修改数据源 64 修改数据源
@@ -63,6 +68,7 @@ class DataManager(BlueprintApi): @@ -63,6 +68,7 @@ class DataManager(BlueprintApi):
63 @staticmethod 68 @staticmethod
64 @bp.route('/Test', methods=['POST']) 69 @bp.route('/Test', methods=['POST'])
65 @swag_from(database_test.Api.api_doc) 70 @swag_from(database_test.Api.api_doc)
  71 + @auth_decorator(configure.DataPermission)
66 def api_database_test(): 72 def api_database_test():
67 """ 73 """
68 数据源测试 74 数据源测试
@@ -72,6 +78,7 @@ class DataManager(BlueprintApi): @@ -72,6 +78,7 @@ class DataManager(BlueprintApi):
72 @staticmethod 78 @staticmethod
73 @bp.route('/CheckAlias', methods=['POST']) 79 @bp.route('/CheckAlias', methods=['POST'])
74 @swag_from(database_alias_check.Api.api_doc) 80 @swag_from(database_alias_check.Api.api_doc)
  81 + @auth_decorator(configure.DataPermission)
75 def api_database_alias_check(): 82 def api_database_alias_check():
76 """ 83 """
77 数据源别名测试 84 数据源别名测试
@@ -81,6 +88,7 @@ class DataManager(BlueprintApi): @@ -81,6 +88,7 @@ class DataManager(BlueprintApi):
81 @staticmethod 88 @staticmethod
82 @bp.route('/CheckConnect', methods=['POST']) 89 @bp.route('/CheckConnect', methods=['POST'])
83 @swag_from(database_connect_test.Api.api_doc) 90 @swag_from(database_connect_test.Api.api_doc)
  91 + @auth_decorator(configure.DataPermission)
84 def api_database_connect_test(): 92 def api_database_connect_test():
85 """ 93 """
86 数据源连接测试 94 数据源连接测试
@@ -13,6 +13,8 @@ from . import get_meta @@ -13,6 +13,8 @@ from . import get_meta
13 from . import data_entry_by_meta 13 from . import data_entry_by_meta
14 from . import get_data_list 14 from . import get_data_list
15 from . import data_entry_simple 15 from . import data_entry_simple
  16 +import configure
  17 +from app.decorators.auth_decorator import auth_decorator
16 18
17 class DataManager(BlueprintApi): 19 class DataManager(BlueprintApi):
18 20
@@ -21,6 +23,7 @@ class DataManager(BlueprintApi): @@ -21,6 +23,7 @@ class DataManager(BlueprintApi):
21 23
22 @staticmethod 24 @staticmethod
23 @bp.route('/Download/<file>', methods=['GET']) 25 @bp.route('/Download/<file>', methods=['GET'])
  26 + @auth_decorator(configure.DataPermission)
24 def table_download_file(file): 27 def table_download_file(file):
25 parent = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) 28 parent = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
26 dirpath = os.path.join(parent,"file_tmp") 29 dirpath = os.path.join(parent,"file_tmp")
@@ -41,6 +44,7 @@ class DataManager(BlueprintApi): @@ -41,6 +44,7 @@ class DataManager(BlueprintApi):
41 44
42 @staticmethod 45 @staticmethod
43 @bp.route('/DeleteFile/<file>', methods=['GET']) 46 @bp.route('/DeleteFile/<file>', methods=['GET'])
  47 + @auth_decorator(configure.DataPermission)
44 def d_file(file): 48 def d_file(file):
45 parent = os.path.dirname(os.path.dirname(os.path.realpath(__file__))) 49 parent = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
46 dirpath = os.path.join(parent, "file_tmp") 50 dirpath = os.path.join(parent, "file_tmp")
@@ -59,6 +63,7 @@ class DataManager(BlueprintApi): @@ -59,6 +63,7 @@ class DataManager(BlueprintApi):
59 @staticmethod 63 @staticmethod
60 @bp.route('/DataDownloadTask', methods=['POST']) 64 @bp.route('/DataDownloadTask', methods=['POST'])
61 @swag_from(data_download_task.Api.api_doc) 65 @swag_from(data_download_task.Api.api_doc)
  66 + @auth_decorator(configure.DataPermission)
62 def api_data_download_task(): 67 def api_data_download_task():
63 """ 68 """
64 下载数据任务 69 下载数据任务
@@ -69,6 +74,7 @@ class DataManager(BlueprintApi): @@ -69,6 +74,7 @@ class DataManager(BlueprintApi):
69 @staticmethod 74 @staticmethod
70 @bp.route('/GetMeta', methods=['POST']) 75 @bp.route('/GetMeta', methods=['POST'])
71 @swag_from(get_meta.Api.api_doc) 76 @swag_from(get_meta.Api.api_doc)
  77 + @auth_decorator(configure.DataPermission)
72 def get_meta(): 78 def get_meta():
73 """ 79 """
74 数据Meta 80 数据Meta
@@ -78,6 +84,7 @@ class DataManager(BlueprintApi): @@ -78,6 +84,7 @@ class DataManager(BlueprintApi):
78 @staticmethod 84 @staticmethod
79 @bp.route('/GetDataList', methods=['POST']) 85 @bp.route('/GetDataList', methods=['POST'])
80 @swag_from(get_data_list.Api.api_doc) 86 @swag_from(get_data_list.Api.api_doc)
  87 + @auth_decorator(configure.DataPermission)
81 def get_data_list(): 88 def get_data_list():
82 """ 89 """
83 本地数据list 90 本地数据list
@@ -87,6 +94,7 @@ class DataManager(BlueprintApi): @@ -87,6 +94,7 @@ class DataManager(BlueprintApi):
87 @staticmethod 94 @staticmethod
88 @bp.route('/DataEntryByMeta', methods=['POST']) 95 @bp.route('/DataEntryByMeta', methods=['POST'])
89 @swag_from(data_entry_by_meta.Api.api_doc) 96 @swag_from(data_entry_by_meta.Api.api_doc)
  97 + @auth_decorator(configure.DataPermission)
90 def data_entry_by_meta(): 98 def data_entry_by_meta():
91 """ 99 """
92 数据入库ByMeta 100 数据入库ByMeta
@@ -96,6 +104,7 @@ class DataManager(BlueprintApi): @@ -96,6 +104,7 @@ class DataManager(BlueprintApi):
96 @staticmethod 104 @staticmethod
97 @bp.route('/DataEntrySimple', methods=['POST']) 105 @bp.route('/DataEntrySimple', methods=['POST'])
98 @swag_from(data_entry_simple.Api.api_doc) 106 @swag_from(data_entry_simple.Api.api_doc)
  107 + @auth_decorator(configure.DataPermission)
99 def data_entry_simple(): 108 def data_entry_simple():
100 """ 109 """
101 数据入库Simple 110 数据入库Simple
@@ -24,6 +24,10 @@ from . import table_vacuate_ref @@ -24,6 +24,10 @@ from . import table_vacuate_ref
24 from . import table_vacuate_delete 24 from . import table_vacuate_delete
25 from . import field_value 25 from . import field_value
26 from . import table_check 26 from . import table_check
  27 +import configure
  28 +from app.decorators.auth_decorator import auth_decorator
  29 +
  30 +
27 class DataManager(BlueprintApi): 31 class DataManager(BlueprintApi):
28 32
29 bp = Blueprint("DataManager", __name__, url_prefix="/API/Manager") 33 bp = Blueprint("DataManager", __name__, url_prefix="/API/Manager")
@@ -31,6 +35,7 @@ class DataManager(BlueprintApi): @@ -31,6 +35,7 @@ class DataManager(BlueprintApi):
31 @staticmethod 35 @staticmethod
32 @bp.route('/FieldEdit', methods=['POST']) 36 @bp.route('/FieldEdit', methods=['POST'])
33 @swag_from(field_edit.Api.api_doc) 37 @swag_from(field_edit.Api.api_doc)
  38 + @auth_decorator(configure.DataPermission)
34 def field_edit(): 39 def field_edit():
35 """ 40 """
36 修改属性别名 41 修改属性别名
@@ -49,6 +54,7 @@ class DataManager(BlueprintApi): @@ -49,6 +54,7 @@ class DataManager(BlueprintApi):
49 @staticmethod 54 @staticmethod
50 @bp.route('/FieldValue', methods=['POST']) 55 @bp.route('/FieldValue', methods=['POST'])
51 @swag_from(field_value.Api.api_doc) 56 @swag_from(field_value.Api.api_doc)
  57 + @auth_decorator(configure.DataPermission)
52 def field_value(): 58 def field_value():
53 """ 59 """
54 属性值 60 属性值
@@ -68,6 +74,7 @@ class DataManager(BlueprintApi): @@ -68,6 +74,7 @@ class DataManager(BlueprintApi):
68 @staticmethod 74 @staticmethod
69 @bp.route('/TableEdit', methods=['POST']) 75 @bp.route('/TableEdit', methods=['POST'])
70 @swag_from(table_edit.Api.api_doc) 76 @swag_from(table_edit.Api.api_doc)
  77 + @auth_decorator(configure.DataPermission)
71 def table_edit(): 78 def table_edit():
72 """ 79 """
73 修改数据 80 修改数据
@@ -78,6 +85,7 @@ class DataManager(BlueprintApi): @@ -78,6 +85,7 @@ class DataManager(BlueprintApi):
78 @staticmethod 85 @staticmethod
79 @bp.route('/TableDelete', methods=['POST']) 86 @bp.route('/TableDelete', methods=['POST'])
80 @swag_from(table_delete.Api.api_doc) 87 @swag_from(table_delete.Api.api_doc)
  88 + @auth_decorator(configure.DataPermission)
81 def table_delete(): 89 def table_delete():
82 """ 90 """
83 删除数据 91 删除数据
@@ -107,6 +115,7 @@ class DataManager(BlueprintApi): @@ -107,6 +115,7 @@ class DataManager(BlueprintApi):
107 @staticmethod 115 @staticmethod
108 @bp.route('/TableRefresh', methods=['POST']) 116 @bp.route('/TableRefresh', methods=['POST'])
109 @swag_from(table_refresh.Api.api_doc) 117 @swag_from(table_refresh.Api.api_doc)
  118 + @auth_decorator(configure.DataPermission)
110 def table_refresh(): 119 def table_refresh():
111 """ 120 """
112 刷新数据 121 刷新数据
@@ -126,6 +135,7 @@ class DataManager(BlueprintApi): @@ -126,6 +135,7 @@ class DataManager(BlueprintApi):
126 @staticmethod 135 @staticmethod
127 @bp.route('/TableVacuate', methods=['POST']) 136 @bp.route('/TableVacuate', methods=['POST'])
128 @swag_from(table_vacuate.Api.api_doc) 137 @swag_from(table_vacuate.Api.api_doc)
  138 + @auth_decorator(configure.DataPermission)
129 def table_vacuate(): 139 def table_vacuate():
130 """ 140 """
131 数据抽稀 141 数据抽稀
@@ -135,6 +145,7 @@ class DataManager(BlueprintApi): @@ -135,6 +145,7 @@ class DataManager(BlueprintApi):
135 @staticmethod 145 @staticmethod
136 @bp.route('/TableVacuateOne', methods=['POST']) 146 @bp.route('/TableVacuateOne', methods=['POST'])
137 @swag_from(table_vacuate_one.Api.api_doc) 147 @swag_from(table_vacuate_one.Api.api_doc)
  148 + @auth_decorator(configure.DataPermission)
138 def api_table_vacuate_one(): 149 def api_table_vacuate_one():
139 """ 150 """
140 单独数据抽稀 151 单独数据抽稀
@@ -163,6 +174,7 @@ class DataManager(BlueprintApi): @@ -163,6 +174,7 @@ class DataManager(BlueprintApi):
163 @staticmethod 174 @staticmethod
164 @bp.route('/TableVacuateDelete', methods=['POST']) 175 @bp.route('/TableVacuateDelete', methods=['POST'])
165 @swag_from(table_vacuate_delete.Api.api_doc) 176 @swag_from(table_vacuate_delete.Api.api_doc)
  177 + @auth_decorator(configure.DataPermission)
166 def api_table_vacuate_delete(): 178 def api_table_vacuate_delete():
167 """ 179 """
168 数据抽稀删除 180 数据抽稀删除
1 # coding=utf-8 1 # coding=utf-8
2 -#author: 4N 2 +# author: 4N
3 #createtime: 2021/3/1 3 #createtime: 2021/3/1
4 #email: nheweijun@sina.com 4 #email: nheweijun@sina.com
5 5
@@ -11,12 +11,13 @@ from . import task_detail @@ -11,12 +11,13 @@ from . import task_detail
11 from . import task_delete 11 from . import task_delete
12 from . import task_count 12 from . import task_count
13 from . import task_kill 13 from . import task_kill
  14 +from app.decorators.token_decorator import token_decorator
  15 +
14 16
15 class DataManager(BlueprintApi): 17 class DataManager(BlueprintApi):
16 18
17 bp = Blueprint("Task", __name__, url_prefix="/API/Task") 19 bp = Blueprint("Task", __name__, url_prefix="/API/Task")
18 20
19 -  
20 @staticmethod 21 @staticmethod
21 @bp.route('/List', methods=['POST']) 22 @bp.route('/List', methods=['POST'])
22 @swag_from(task_list.Api.api_doc) 23 @swag_from(task_list.Api.api_doc)
@@ -38,6 +39,7 @@ class DataManager(BlueprintApi): @@ -38,6 +39,7 @@ class DataManager(BlueprintApi):
38 @staticmethod 39 @staticmethod
39 @bp.route('/Delete', methods=['POST']) 40 @bp.route('/Delete', methods=['POST'])
40 @swag_from(task_delete.Api.api_doc) 41 @swag_from(task_delete.Api.api_doc)
  42 + @token_decorator("profile")
41 def task_delete(): 43 def task_delete():
42 """ 44 """
43 删除任务 45 删除任务
@@ -47,6 +49,7 @@ class DataManager(BlueprintApi): @@ -47,6 +49,7 @@ class DataManager(BlueprintApi):
47 @staticmethod 49 @staticmethod
48 @bp.route('/Kill', methods=['POST']) 50 @bp.route('/Kill', methods=['POST'])
49 @swag_from(task_kill.Api.api_doc) 51 @swag_from(task_kill.Api.api_doc)
  52 + @token_decorator("profile")
50 def task_kill(): 53 def task_kill():
51 """ 54 """
52 Kill任务 55 Kill任务
@@ -61,5 +64,3 @@ class DataManager(BlueprintApi): @@ -61,5 +64,3 @@ class DataManager(BlueprintApi):
61 任务统计 64 任务统计
62 """ 65 """
63 return task_count.Api().result 66 return task_count.Api().result
64 -  
65 -  
@@ -8,7 +8,8 @@ from flasgger import swag_from @@ -8,7 +8,8 @@ from flasgger import swag_from
8 from flask import Blueprint 8 from flask import Blueprint
9 from app.util import BlueprintApi 9 from app.util import BlueprintApi
10 from . import monitoring, metrics, monitor_host_create, monitor_host_list, monitor_host_delete, monitor_host_edit 10 from . import monitoring, metrics, monitor_host_create, monitor_host_list, monitor_host_delete, monitor_host_edit
11 - 11 +from app.decorators.auth_decorator import auth_decorator
  12 +import configure
12 13
13 user_socket_list = [] 14 user_socket_list = []
14 user_socket_dict = {} 15 user_socket_dict = {}
@@ -48,6 +49,7 @@ class Monitor(BlueprintApi): @@ -48,6 +49,7 @@ class Monitor(BlueprintApi):
48 @staticmethod 49 @staticmethod
49 @bp.route('/RegisterHost', methods=['POST']) 50 @bp.route('/RegisterHost', methods=['POST'])
50 @swag_from(monitor_host_create.Api.api_doc) 51 @swag_from(monitor_host_create.Api.api_doc)
  52 + @auth_decorator(configure.MonitorPermission)
51 def monitor_host_create(): 53 def monitor_host_create():
52 ''' 54 '''
53 注册监控主机 55 注册监控主机
@@ -66,6 +68,7 @@ class Monitor(BlueprintApi): @@ -66,6 +68,7 @@ class Monitor(BlueprintApi):
66 @staticmethod 68 @staticmethod
67 @bp.route('/HostDelete', methods=['POST']) 69 @bp.route('/HostDelete', methods=['POST'])
68 @swag_from(monitor_host_delete.Api.api_doc) 70 @swag_from(monitor_host_delete.Api.api_doc)
  71 + @auth_decorator(configure.MonitorPermission)
69 def monitor_host_delete(): 72 def monitor_host_delete():
70 ''' 73 '''
71 删除主机 74 删除主机
@@ -75,6 +78,7 @@ class Monitor(BlueprintApi): @@ -75,6 +78,7 @@ class Monitor(BlueprintApi):
75 @staticmethod 78 @staticmethod
76 @bp.route('/HostEdit', methods=['POST']) 79 @bp.route('/HostEdit', methods=['POST'])
77 @swag_from(monitor_host_edit.Api.api_doc) 80 @swag_from(monitor_host_edit.Api.api_doc)
  81 + @auth_decorator(configure.MonitorPermission)
78 def monitor_host_edit(): 82 def monitor_host_edit():
79 ''' 83 '''
80 编辑主机配置 84 编辑主机配置
@@ -17,6 +17,7 @@ from . import service_edit @@ -17,6 +17,7 @@ from . import service_edit
17 from . import service_reload 17 from . import service_reload
18 import os 18 import os
19 from flask import send_from_directory 19 from flask import send_from_directory
  20 +from app.decorators.token_decorator import token_decorator
20 21
21 22
22 class DataManager(BlueprintApi): 23 class DataManager(BlueprintApi):
@@ -28,6 +29,7 @@ class DataManager(BlueprintApi): @@ -28,6 +29,7 @@ class DataManager(BlueprintApi):
28 @staticmethod 29 @staticmethod
29 @bp.route('/Register', methods=['POST']) 30 @bp.route('/Register', methods=['POST'])
30 @swag_from(service_register.Api.api_doc) 31 @swag_from(service_register.Api.api_doc)
  32 + @token_decorator("profile")
31 def api_service_register(): 33 def api_service_register():
32 """ 34 """
33 服务注册 35 服务注册
@@ -46,6 +48,7 @@ class DataManager(BlueprintApi): @@ -46,6 +48,7 @@ class DataManager(BlueprintApi):
46 @staticmethod 48 @staticmethod
47 @bp.route('/State', methods=['POST']) 49 @bp.route('/State', methods=['POST'])
48 @swag_from(service_state.Api.api_doc) 50 @swag_from(service_state.Api.api_doc)
  51 + @token_decorator("profile")
49 def api_service_state(): 52 def api_service_state():
50 """ 53 """
51 修改服务状态 54 修改服务状态
@@ -83,6 +86,7 @@ class DataManager(BlueprintApi): @@ -83,6 +86,7 @@ class DataManager(BlueprintApi):
83 @staticmethod 86 @staticmethod
84 @bp.route('/Edit', methods=['POST']) 87 @bp.route('/Edit', methods=['POST'])
85 @swag_from(service_edit.Api.api_doc) 88 @swag_from(service_edit.Api.api_doc)
  89 + @token_decorator("profile")
86 def api_service_edit(): 90 def api_service_edit():
87 """ 91 """
88 服务Edit 92 服务Edit
@@ -102,6 +106,7 @@ class DataManager(BlueprintApi): @@ -102,6 +106,7 @@ class DataManager(BlueprintApi):
102 @staticmethod 106 @staticmethod
103 @bp.route('/Delete', methods=['POST']) 107 @bp.route('/Delete', methods=['POST'])
104 @swag_from(service_delete.Api.api_doc) 108 @swag_from(service_delete.Api.api_doc)
  109 + @token_decorator("profile")
105 def api_service_delete(): 110 def api_service_delete():
106 """ 111 """
107 服务删除 112 服务删除
@@ -12,13 +12,19 @@ from . import service_engine_delete @@ -12,13 +12,19 @@ from . import service_engine_delete
12 from . import service_engine_edit 12 from . import service_engine_edit
13 from . import service_engine_list 13 from . import service_engine_list
14 from . import service_engine_info 14 from . import service_engine_info
  15 +
15 from . import service_engine_deploy 16 from . import service_engine_deploy
  17 +
  18 +import configure
  19 +from app.decorators.auth_decorator import auth_decorator
  20 +
16 class EngineManager(BlueprintApi): 21 class EngineManager(BlueprintApi):
17 22
18 bp = Blueprint("Engine", __name__, url_prefix="/API/Service/Engine") 23 bp = Blueprint("Engine", __name__, url_prefix="/API/Service/Engine")
19 24
20 @staticmethod 25 @staticmethod
21 @bp.route('/Register', methods=['POST']) 26 @bp.route('/Register', methods=['POST'])
  27 + @auth_decorator(configure.MonitorPermission)
22 @swag_from(service_engine_register.Api.api_doc) 28 @swag_from(service_engine_register.Api.api_doc)
23 def service_engine_register(): 29 def service_engine_register():
24 """ 30 """
@@ -46,6 +52,7 @@ class EngineManager(BlueprintApi): @@ -46,6 +52,7 @@ class EngineManager(BlueprintApi):
46 52
47 @staticmethod 53 @staticmethod
48 @bp.route('/Edit', methods=['POST']) 54 @bp.route('/Edit', methods=['POST'])
  55 + @auth_decorator(configure.MonitorPermission)
49 @swag_from(service_engine_edit.Api.api_doc) 56 @swag_from(service_engine_edit.Api.api_doc)
50 def service_engine_edit(): 57 def service_engine_edit():
51 """ 58 """
@@ -57,6 +64,7 @@ class EngineManager(BlueprintApi): @@ -57,6 +64,7 @@ class EngineManager(BlueprintApi):
57 @staticmethod 64 @staticmethod
58 @bp.route('/Delete', methods=['POST']) 65 @bp.route('/Delete', methods=['POST'])
59 @swag_from(service_engine_delete.Api.api_doc) 66 @swag_from(service_engine_delete.Api.api_doc)
  67 + @auth_decorator(configure.MonitorPermission)
60 def service_engine_delete(): 68 def service_engine_delete():
61 """ 69 """
62 Engine Delete 70 Engine Delete
@@ -7,6 +7,7 @@ from flasgger import swag_from @@ -7,6 +7,7 @@ from flasgger import swag_from
7 from flask import Blueprint 7 from flask import Blueprint
8 from app.util import BlueprintApi 8 from app.util import BlueprintApi
9 from . import image_service_delete,image_service_register,image_service_edit,image_build_pyramid 9 from . import image_service_delete,image_service_register,image_service_edit,image_build_pyramid
  10 +from app.decorators.token_decorator import token_decorator
10 11
11 class DataManager(BlueprintApi): 12 class DataManager(BlueprintApi):
12 13
@@ -17,6 +18,7 @@ class DataManager(BlueprintApi): @@ -17,6 +18,7 @@ class DataManager(BlueprintApi):
17 @staticmethod 18 @staticmethod
18 @bp.route('/BuildPyramid', methods=['POST']) 19 @bp.route('/BuildPyramid', methods=['POST'])
19 @swag_from(image_build_pyramid.Api.api_doc) 20 @swag_from(image_build_pyramid.Api.api_doc)
  21 + @token_decorator("profile")
20 def api_image_build_pyramid(): 22 def api_image_build_pyramid():
21 """ 23 """
22 创建影像金字塔 24 创建影像金字塔
@@ -26,6 +28,7 @@ class DataManager(BlueprintApi): @@ -26,6 +28,7 @@ class DataManager(BlueprintApi):
26 @staticmethod 28 @staticmethod
27 @bp.route('/Register', methods=['POST']) 29 @bp.route('/Register', methods=['POST'])
28 @swag_from(image_service_register.Api.api_doc) 30 @swag_from(image_service_register.Api.api_doc)
  31 + @token_decorator("profile")
29 def api_image_service_register(): 32 def api_image_service_register():
30 """ 33 """
31 注册ImageService 34 注册ImageService
@@ -35,6 +38,7 @@ class DataManager(BlueprintApi): @@ -35,6 +38,7 @@ class DataManager(BlueprintApi):
35 @staticmethod 38 @staticmethod
36 @bp.route('/Edit', methods=['POST']) 39 @bp.route('/Edit', methods=['POST'])
37 @swag_from(image_service_edit.Api.api_doc) 40 @swag_from(image_service_edit.Api.api_doc)
  41 + @token_decorator("profile")
38 def api_image_service_edit(): 42 def api_image_service_edit():
39 """ 43 """
40 修改ImageService 44 修改ImageService
@@ -44,8 +48,9 @@ class DataManager(BlueprintApi): @@ -44,8 +48,9 @@ class DataManager(BlueprintApi):
44 @staticmethod 48 @staticmethod
45 @bp.route('/Delete', methods=['POST']) 49 @bp.route('/Delete', methods=['POST'])
46 @swag_from(image_service_delete.Api.api_doc) 50 @swag_from(image_service_delete.Api.api_doc)
  51 + @token_decorator("profile")
47 def api_image_service_delete(): 52 def api_image_service_delete():
48 """ 53 """
49 ImageService Delete 54 ImageService Delete
50 """ 55 """
51 - return image_service_delete.Api().result 56 + return image_service_delete.Api().result
1 # coding=utf-8 1 # coding=utf-8
2 -#author: 4N 2 +# author: 4N
3 #createtime: 2021/9/14 3 #createtime: 2021/9/14
4 #email: nheweijun@sina.com 4 #email: nheweijun@sina.com
5 5
6 from flasgger import swag_from 6 from flasgger import swag_from
7 from flask import Blueprint 7 from flask import Blueprint
8 from app.util import BlueprintApi 8 from app.util import BlueprintApi
9 -from . import map_service_register,map_service_edit 9 +from . import map_service_register, map_service_edit
  10 +from app.decorators.token_decorator import token_decorator
  11 +
10 12
11 class DataManager(BlueprintApi): 13 class DataManager(BlueprintApi):
12 14
13 - bp = Blueprint("MapService", __name__, url_prefix="/API/Service/MapService") 15 + bp = Blueprint("MapService", __name__,
  16 + url_prefix="/API/Service/MapService")
14 service_type = ["地图服务"] 17 service_type = ["地图服务"]
15 18
16 @staticmethod 19 @staticmethod
17 @bp.route('/Register', methods=['POST']) 20 @bp.route('/Register', methods=['POST'])
18 @swag_from(map_service_register.Api.api_doc) 21 @swag_from(map_service_register.Api.api_doc)
  22 + @token_decorator("profile")
19 def api_wms_register(): 23 def api_wms_register():
20 """ 24 """
21 注册MapService 25 注册MapService
22 """ 26 """
23 return map_service_register.Api().result 27 return map_service_register.Api().result
24 28
25 -  
26 @staticmethod 29 @staticmethod
27 @bp.route('/Edit', methods=['POST']) 30 @bp.route('/Edit', methods=['POST'])
28 @swag_from(map_service_edit.Api.api_doc) 31 @swag_from(map_service_edit.Api.api_doc)
  32 + @token_decorator("profile")
29 def api_wms_edit(): 33 def api_wms_edit():
30 """ 34 """
31 修改MapService 35 修改MapService
32 """ 36 """
33 - return map_service_edit.Api().result  
  37 + return map_service_edit.Api().result
@@ -14,6 +14,8 @@ from . import scheme_edit @@ -14,6 +14,8 @@ from . import scheme_edit
14 from . import scheme_list 14 from . import scheme_list
15 from . import scheme_resolve 15 from . import scheme_resolve
16 from . import scheme_info 16 from . import scheme_info
  17 +from app.decorators.token_decorator import token_decorator
  18 +
17 19
18 class SchemeManager(BlueprintApi): 20 class SchemeManager(BlueprintApi):
19 21
@@ -23,6 +25,7 @@ class SchemeManager(BlueprintApi): @@ -23,6 +25,7 @@ class SchemeManager(BlueprintApi):
23 @staticmethod 25 @staticmethod
24 @bp.route('/Create', methods=['POST']) 26 @bp.route('/Create', methods=['POST'])
25 @swag_from(scheme_create.Api.api_doc) 27 @swag_from(scheme_create.Api.api_doc)
  28 + @token_decorator("profile")
26 def api_scheme_create(): 29 def api_scheme_create():
27 """ 30 """
28 创建切片方案 31 创建切片方案
@@ -33,6 +36,7 @@ class SchemeManager(BlueprintApi): @@ -33,6 +36,7 @@ class SchemeManager(BlueprintApi):
33 @staticmethod 36 @staticmethod
34 @bp.route('/Delete', methods=['POST']) 37 @bp.route('/Delete', methods=['POST'])
35 @swag_from(scheme_delete.Api.api_doc) 38 @swag_from(scheme_delete.Api.api_doc)
  39 + @token_decorator("profile")
36 def api_scheme_delete(): 40 def api_scheme_delete():
37 """ 41 """
38 删除切片方案 42 删除切片方案
@@ -42,6 +46,7 @@ class SchemeManager(BlueprintApi): @@ -42,6 +46,7 @@ class SchemeManager(BlueprintApi):
42 @staticmethod 46 @staticmethod
43 @bp.route('/Edit', methods=['POST']) 47 @bp.route('/Edit', methods=['POST'])
44 @swag_from(scheme_edit.Api.api_doc) 48 @swag_from(scheme_edit.Api.api_doc)
  49 + @token_decorator("profile")
45 def api_scheme_edit(): 50 def api_scheme_edit():
46 """ 51 """
47 修改切片方案 52 修改切片方案
@@ -8,7 +8,7 @@ from flasgger import swag_from @@ -8,7 +8,7 @@ from flasgger import swag_from
8 from flask import Blueprint 8 from flask import Blueprint
9 from app.util import BlueprintApi 9 from app.util import BlueprintApi
10 from . import upload_oview,tile_service_register,tile_service_edit,tile_service_reload 10 from . import upload_oview,tile_service_register,tile_service_edit,tile_service_reload
11 - 11 +from app.decorators.token_decorator import token_decorator
12 12
13 13
14 class DataManager(BlueprintApi): 14 class DataManager(BlueprintApi):
@@ -30,6 +30,7 @@ class DataManager(BlueprintApi): @@ -30,6 +30,7 @@ class DataManager(BlueprintApi):
30 @staticmethod 30 @staticmethod
31 @bp.route('/Register', methods=['POST']) 31 @bp.route('/Register', methods=['POST'])
32 @swag_from(tile_service_register.Api.api_doc) 32 @swag_from(tile_service_register.Api.api_doc)
  33 + @token_decorator("profile")
33 def api_wmts_register(): 34 def api_wmts_register():
34 """ 35 """
35 注册TileService 36 注册TileService
@@ -39,6 +40,7 @@ class DataManager(BlueprintApi): @@ -39,6 +40,7 @@ class DataManager(BlueprintApi):
39 @staticmethod 40 @staticmethod
40 @bp.route('/Edit', methods=['POST']) 41 @bp.route('/Edit', methods=['POST'])
41 @swag_from(tile_service_edit.Api.api_doc) 42 @swag_from(tile_service_edit.Api.api_doc)
  43 + @token_decorator("profile")
42 def api_wmts_edit(): 44 def api_wmts_edit():
43 """ 45 """
44 修改TileService 46 修改TileService
@@ -4,24 +4,33 @@ import logging @@ -4,24 +4,33 @@ import logging
4 deploy_ip_host = "172.26.40.105:8840" 4 deploy_ip_host = "172.26.40.105:8840"
5 # 系统数据库 5 # 系统数据库
6 6
  7 +
7 SQLALCHEMY_DATABASE_URI = "postgresql://postgres:chinadci@172.26.60.100:5432/dmap_manager" 8 SQLALCHEMY_DATABASE_URI = "postgresql://postgres:chinadci@172.26.60.100:5432/dmap_manager"
8 9
  10 +
9 # 指定精华表所在位置(必须为空间库),设置为None则存放在各自的实体库中 11 # 指定精华表所在位置(必须为空间库),设置为None则存放在各自的实体库中
10 #VACUATE_DB_URI = None 12 #VACUATE_DB_URI = None
11 VACUATE_DB_URI = SQLALCHEMY_DATABASE_URI 13 VACUATE_DB_URI = SQLALCHEMY_DATABASE_URI
12 14
13 zookeeper = "172.26.99.168:2181" 15 zookeeper = "172.26.99.168:2181"
14 16
  17 +
15 #切片引擎 18 #切片引擎
16 tile_engine = "http://172.26.99.160:6060" 19 tile_engine = "http://172.26.99.160:6060"
17 #矢量引擎 20 #矢量引擎
18 vector_engine = "http://172.26.99.160:6060" 21 vector_engine = "http://172.26.99.160:6060"
19 22
  23 +
20 # 固定配置不需要修改 24 # 固定配置不需要修改
21 swagger_configure = {"title": "DMapManager"} 25 swagger_configure = {"title": "DMapManager"}
22 entry_data_thread = 3 26 entry_data_thread = 3
23 scan_module = ["app.modules"] # API所在的模块 27 scan_module = ["app.modules"] # API所在的模块
24 SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/' 28 SECRET_KEY = b'_5#y2L"F4Q8z\n\xec]/'
  29 +# 权限
  30 +UserPermission = ['admin']
  31 +MonitorPermission = ['admin']
  32 +DataPermission = ['admin', 'dataman']
  33 +PublishPermission = ['admin', 'dataman', 'publisher']
  34 +ServicePermission = ['admin', 'dataman', 'publisher']
25 35
26 log_level = logging.INFO 36 log_level = logging.INFO
27 -  
注册登录 后发表评论