Django auth 自己編寫裝飾器

使用Django auth認(rèn)證模塊,但不適用起權(quán)限矩陣。自己編寫基于本系統(tǒng)的權(quán)限模塊,權(quán)限裝飾器等

#!/usr/bin/env python

#encoding: utf-8

#author: xiaofangliu

importos

importsys

printos.getcwd()

reload(sys)

sys.setdefaultencoding('utf-8')

#os.environ.update({"DJANGO_SETTINGS_MODULE": "djapi.settings"})

#pro_dir = os.getcwd()? # 如果放在project目錄,就不需要在配置絕對(duì)路徑了

#sys.path.append('/Users/xiaofangl/Downloads/huasheng/hasan/djapi')

#

os.environ['DJANGO_SETTINGS_MODULE']='djapi.settings.settings'#項(xiàng)目的settings

importdjango

django.setup()

printsys.path

sys.path.append(os.path.dirname(__file__))

importjson

importuuid

importtime

importdatetime

fromlog.logging_confimport*

fromdjango.views.decorators.csrfimportcsrf_exempt

fromdjango.httpimportJsonResponse, HttpResponse, HttpResponseRedirect

fromdjango.shortcutsimportredirect

fromdjango.contrib.auth.modelsimportUser

fromdjango.contrib.auth.modelsimportGroup

frommodelsimportUser2Group

frommodelsimportGroupExtend

frommodelsimportModifyPermissionsLog

frompassport.modelsimportuserInfo

frompassport.modelsimportoperLog

fromdjango.appsimportAppConfig

fromdjango.confimportsettings

fromtools.send_mailimportMail

classPassportConfig(AppConfig):

name='passport'

"""

INSTALLED_APPS

給上面應(yīng)用的每個(gè)應(yīng)用創(chuàng)建四個(gè)組

admin, operate, guest, standby

"""

loger=logging.getLogger(__file__)

deflogin_required_hasan(func):

def_wrapper(request,*args,**kwargs):

#if login

ifrequest.META.get('HTTP_AUTHORIZATION',''):

returnfunc(request,*args,**kwargs)

#else:

#res = {'status': False, 'msg': '登錄失敗。。', 'user_id': '', 'userhashid': 'login_required_hasan', 'code': '2'}

#return res

return_wrapper

defrun_is_admin(username):

username=''ifnotusernameelseusername

user_id=userInfo.objects.filter(hashKey=username).values('user_id')

groups=User2Group.objects.filter(is_del=False,user_id=user_id).values('group__name')

foritemingroups:

if'admin'initem['group__name']:

returnTrue

else:

break

returnFalse

#訪問用戶是否在這個(gè)組

deflogin_required_permission(group):

defwrapped(func):

def_wrapper(request,*args,**kwargs):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

user_id=userInfo.objects.filter(hashKey=username).values('user_id')

user_group=get_user_group(user_id)#用戶已有權(quán)限組

_group=group.split('_')[:-1]

_group='_'.join(_group)

#print '_group', _group, type(_group)

_group=_group+'_admin'

#print _group

ifuser_group:

forminuser_group['data']:

ifgroupinm['group__name']:

returnfunc(request,*args,**kwargs)

elif_groupinm['group__name']:

returnfunc(request,*args,**kwargs)

print'not permission..'

res={'status':False,'msg':'權(quán)限不足,操作失敗。請(qǐng)申請(qǐng)權(quán)限','user_id': username,'code':'21','data': group}

returnHttpResponse(json.dumps(res))

return_wrapper

returnwrapped

defget_user_group(user_id):

try:

groups=User2Group.objects.filter(is_del=False,user_id=user_id).values('group_id','group__name','group__groupextend__be_app')

group_name=[]

foritemingroups:

? ? ? ? ? ? group_name.append(item)

res={'status':True,'msg':'獲取權(quán)限組成功。。','user_id': user_id,'code':'1','data': group_name}

exceptUser.groups:

res={'status':False,'msg':'沒有權(quán)限。。','user_id': user_id,'code':'1','data': group_name}

? ? loger.warning(res)

ModifyPermissionsLog.objects.create(user=user_id,type='5',status=res['status'],desc=res['msg'],code=res['data'])

returnres

defget_admin_group(request):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

user_id=userInfo.objects.filter(hashKey=username).values('user_id')

user_group=get_user_group(user_id)#用戶已有權(quán)限組

#print 'user_group', user_group

apps=[]

forminuser_group['data']:

if'admin'inm['group__name']:

apps.append(m['group__groupextend__be_app'])

app_list=set(apps)

list_group=[]

printapp_list

foriteminapp_list:

tmp=GroupExtend.objects.filter(is_del=False,be_app=item).values('group_id','group__name','be_app')

fornintmp:

? ? ? ? ? ? list_group.append(n)

#print 'get_admin_group', list_group

returnlist_group

#

@login_required_hasan

defadd_group(request):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

print'add_group_username', username

#第一次,

apps=settings.__getattr__('INSTALLED_APPS')

#每創(chuàng)建一個(gè)APP

#apps = settings.__getattr__('ADD_APP')

#groups = settings.APP_DEFAULT_GROUP.get().keys()

group_list=['admin','operate','guest','standby']

#print 'add_group', settings.APP_DEFAULT_GROUP.get('admin')

app_list=[]

foriteminapps:

#print item

if'django'notinitem:

? ? ? ? ? ? app_list.append(item)

else:

continue

print'applist', app_list, group_list

all_data=[]

forappinapp_list:

name_row=[]

row_data={'group_id':''}

forgroupingroup_list:

name_row.append(app+'_'+group)

row_data['be_app']=app

row_data['created']=datetime.datetime.now().strftime('%Y-%m-%d%H:%M:%S')

row_data['name']=name_row

? ? ? ? all_data.append(row_data)

#print 'all_data', all_data

for_ninall_data:

for_namein_n['name']:

try:

group=Group.objects.get(name=_name)

is_extend=GroupExtend.objects.filter(group_id=group.id)

ifnotis_extend:

is_extend=GroupExtend.objects.create(be_app=_n['be_app'],group_id=group.id,created=_n['created'])

res={'status':False,'msg':'group 已經(jīng)存在。。','user_id': username,'code':'1','is_extend': is_extend}

exceptGroup.DoesNotExist:

group=Group.objects.create(name=_name)

is_extend=GroupExtend.objects.create(be_app=_n['be_app'],group_id=group.id,created=_n['created'])

res={'status':True,'msg':'group 創(chuàng)建成功。。','user_id': username,'code':'0','is_extend': is_extend}

operLog.objects.create(user=username,type='add_group',status=res['status'],desc=res['msg'],code=res['is_extend'])

print'add_group', res

returnHttpResponse(res)

"""

# group => PERMISSIONS(super)

# @get_group_user('passport_operate')

def group_add_permissions(request):

? ? username = request.META.get('HTTP_AUTHORIZATION', '')

? ? username = '' if not username else username

# (super)

# @get_group_user('passport_operate')

def group_del_permissions(request):

? ? username = request.META.get('HTTP_AUTHORIZATION', '')

? ? username = '' if not username else username

"""

#@login_required_hasan

defget_users(request,*args,**kwargs):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

try:

data=[]

user=User.objects.filter(is_active=True).values('id','username','email')

#print type(user)

foriteminuser:

? ? ? ? ? ? data.append(item)

exceptUser.DoesNotExist:

res={'status':False,'msg':'get_groups failed..'}

ModifyPermissionsLog.objects.create(user=username,type='get_users',status=res['status'],desc=res['msg'],code='')

#print type(data)

returndata

defget_groups(request,*args,**kwargs):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

try:

data=[]

group=Group.objects.filter(groupextend__is_del=False).values('id','groupextend__be_app','name')

#print 'data', data

foritemingroup:

? ? ? ? ? ? data.append(item)

exceptGroup.DoesNotExist:

res={'status':False,'msg':'get_groups failed..'}

ModifyPermissionsLog.objects.create(user=username,type='get_groups',status=res['status'],desc=res['msg'],code='')

printtype(data)

returndata

#(admin)

#@get_group_user('admin')

defrun_add_group(request,user_list,group):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

res={'status':True,'msg':'','data':''}

print'receive', user_list, group

foriteminuser_list:

is_exist=User2Group.objects.filter(is_del=False,group_id=group,user_id=item)

ifnotis_exist:

try:

obj=User2Group.objects.create(group_id=group,user_id=item)

res={'status':True,'msg':'user added group success..','data': obj.id}

exceptUser2Group.DoesNotExistase:

res={'status':False,'msg':'user added group failed..','data': e}

ModifyPermissionsLog.objects.create(user=username,type='run_add_group',status=res['status'],desc=res['msg'],

code=res['data'])

else:

continue

returnres

#(admin)

#@get_group_user('admin')

defrun_del_group(request,group_list,user):

username=request.META.get('HTTP_AUTHORIZATION','')

username=''ifnotusernameelseusername

res={'status':True,'msg':'','data':''}

print'receive', group_list, user

foritemingroup_list:

is_exist=User2Group.objects.filter(is_del=False,group_id=item,user_id=user)

ifis_exist:

try:

is_exist.update(is_del=True)

res={'status':True,'msg':'user deleted group success..','data':''}

exceptUser2Group.DoesNotExistase:

res={'status':False,'msg':'user deleted group failed..','data': e}

ModifyPermissionsLog.objects.create(user=username,type='run_add_group',status=res['status'],

desc=res['msg'],

code=res['data'])

else:

continue

returnres

@csrf_exempt

defrun_pwd_mail(title,sender,addressee,content,source_ip):

print'this run_send_mail'

#寫一個(gè)urls 專用來 重置密碼的

title='Reset Password'ifnottitleelsetitle

sender='Hasan(哈桑)'ifnotsenderelsesender

#urls = "http://hasan.huashenghaoche.work"

reset="/reset_pwd"

urls="http://"+source_ip+reset

#urls = "http://www.baidu.com"

content="""


? ? ? ? ? 請(qǐng)重置密碼


Hi!%s

? ? ? ? ? ? ? 請(qǐng)點(diǎn)擊鏈接重置密碼.

鏈接地址為 點(diǎn)我


? ? ? ? ? ?

You Dear Shawna..



"""%(addressee, urls, urls)

addressee=addressee+'@huashenghaoche.com'

mail=Mail(title, sender, addressee, content)

res=mail._send()

returnres

defrun_apply_permission(apply_user,app,text,source_ip):

#print type(apply_user), type(app), type(text)

title='APPLY PERMISSION'

#app_group_id = GroupExtend.objects.filter(is_del=False, be_app=app).values('group__name', 'group_id')

##print 'app_group_id', app_group_id

#for item in app_group_id:

#if 'admin' in item['group__name']:

#admin_group = item['group_id']

#print 'admin_group', admin_group

#addressees = User2Group.objects.filter(is_del=False, group_id=admin_group).values('user__username')

#print 'addressees', addressees

#for c in addressees:

#print type(c['user__username']), c['user__username']

addressee='ops'+'@huashenghaoche.com'

urls="http://"+source_ip

content="""


? ? ? ? ? ? ? 申請(qǐng)權(quán)限


Hi!%s

因訪問%s:

%s


鏈接地址為 去往Hasan

? ? ? ? ? ? ? ?

You Dear Shawna..



"""%(addressee, app, text, urls, urls)

#print content

mail=Mail(title, apply_user, addressee, content)

res=mail._send()

returnres

defrun_apply_dbmain(apply_user,text,source_ip):

#print type(apply_user), type(app), type(text)

title='APPLY DBMAIN'

addressee=settings.DB_MAIN.get('addressee')

addressee='ops@huashenghaoche.com'ifnotaddresseeelseaddressee

source_ip='http://dbmain.huashenghaoche.work/accounts/login/?next=/'ifnotsource_ipelsesource_ip

urls=source_ip

content="""


? ? ? ? ? ? ? 申請(qǐng)dbmain賬號(hào)


Hi!%s

%s


去往dbmain

? ? ? ? ? ? ? ?

You Dear Shawna..



"""%(addressee, text, urls, urls)

#print content

mail=Mail(title, apply_user, addressee, content)

res=mail._send()

returnres

if__name__=='__main__':

get_groups('')

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容