mirror of
https://github.com/fastapi-practices/fastapi_best_architecture.git
synced 2025-08-26 04:33:09 +08:00
Update and fix permissions logic (#129)
* Update and fix permissions logic * feat: Update base route * Exclude non-system routing record operation logs * Update the parameter variable name * Fix the jwt authorization verify * Roles menu authorization is turned off by default * Fix the operation log code field type * Update the casbin routing string to config * Fix JWT middleware * Add custom msg of token error * Add the character length of the operation log code field * Update the logout interface authorization
This commit is contained in:
Wu Clan
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query, Request
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.pagination import PageDepends, paging_data
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.database.db_mysql import CurrentSession
|
||||
@ -15,13 +14,13 @@ from backend.app.services.api_service import ApiService
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('/{pk}', summary='获取接口详情', dependencies=[DependsJwtAuth])
|
||||
@router.get('/{pk}', summary='获取接口详情', dependencies=[DependsRBAC])
|
||||
async def get_api(pk: int):
|
||||
api = await ApiService.get(pk=pk)
|
||||
return await response_base.success(data=api)
|
||||
|
||||
|
||||
@router.get('', summary='(模糊条件)分页获取所有接口', dependencies=[DependsJwtAuth, PageDepends])
|
||||
@router.get('', summary='(模糊条件)分页获取所有接口', dependencies=[DependsRBAC, PageDepends])
|
||||
async def get_all_apis(
|
||||
db: CurrentSession,
|
||||
name: Annotated[str | None, Query()] = None,
|
||||
|
||||
@ -7,6 +7,7 @@ from fastapi.security import OAuth2PasswordRequestForm
|
||||
from fastapi_limiter.depends import RateLimiter
|
||||
from starlette.background import BackgroundTasks
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.schemas.token import GetLoginToken, GetSwaggerToken, GetNewToken
|
||||
|
||||
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.pagination import PageDepends, paging_data
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.database.db_mysql import CurrentSession
|
||||
@ -22,7 +21,7 @@ from backend.app.services.casbin_service import CasbinService
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('', summary='(模糊条件)分页获取所有 casbin 规则', dependencies=[DependsJwtAuth, PageDepends])
|
||||
@router.get('', summary='(模糊条件)分页获取所有 casbin 规则', dependencies=[DependsRBAC, PageDepends])
|
||||
async def get_all_casbin(
|
||||
db: CurrentSession,
|
||||
ptype: Annotated[str | None, Query()] = None,
|
||||
@ -33,7 +32,7 @@ async def get_all_casbin(
|
||||
return await response_base.success(data=page_data)
|
||||
|
||||
|
||||
@router.get('/policies', summary='获取所有 P 规则', dependencies=[DependsJwtAuth])
|
||||
@router.get('/policy', summary='获取所有 P 规则', dependencies=[DependsRBAC])
|
||||
async def get_all_policies():
|
||||
policies = await CasbinService.get_policy_list()
|
||||
return await response_base.success(data=policies)
|
||||
@ -66,7 +65,7 @@ async def delete_policy(p: DeletePolicy):
|
||||
return await response_base.success(data=data)
|
||||
|
||||
|
||||
@router.get('/groups', summary='获取所有 g 规则', dependencies=[DependsJwtAuth])
|
||||
@router.get('/group', summary='获取所有 g 规则', dependencies=[DependsRBAC])
|
||||
async def get_all_groups():
|
||||
data = await CasbinService.get_group_list()
|
||||
return await response_base.success(data=data)
|
||||
|
||||
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query, Request
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.schemas.dept import CreateDept, GetAllDept, UpdateDept
|
||||
from backend.app.services.dept_service import DeptService
|
||||
@ -14,21 +13,21 @@ from backend.app.utils.serializers import select_to_json
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('/{pk}', summary='获取部门详情', dependencies=[DependsJwtAuth])
|
||||
@router.get('/{pk}', summary='获取部门详情', dependencies=[DependsRBAC])
|
||||
async def get_dept(pk: int):
|
||||
dept = await DeptService.get(pk=pk)
|
||||
data = GetAllDept(**select_to_json(dept))
|
||||
return await response_base.success(data=data)
|
||||
|
||||
|
||||
@router.get('', summary='获取所有部门展示树', dependencies=[DependsJwtAuth])
|
||||
@router.get('', summary='获取所有部门展示树', dependencies=[DependsRBAC])
|
||||
async def get_all_depts(
|
||||
name: Annotated[str | None, Query()] = None,
|
||||
leader: Annotated[str | None, Query()] = None,
|
||||
phone: Annotated[str | None, Query()] = None,
|
||||
status: Annotated[bool | None, Query()] = None,
|
||||
):
|
||||
dept = await DeptService.get_select(name=name, leader=leader, phone=phone, status=status)
|
||||
dept = await DeptService.get_dept_tree(name=name, leader=leader, phone=phone, status=status)
|
||||
return await response_base.success(data=dept)
|
||||
|
||||
|
||||
|
||||
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.pagination import paging_data, PageDepends
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.database.db_mysql import CurrentSession
|
||||
@ -15,7 +14,7 @@ from backend.app.services.login_log_service import LoginLogService
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('', summary='(模糊条件)分页获取登录日志', dependencies=[DependsJwtAuth, PageDepends])
|
||||
@router.get('', summary='(模糊条件)分页获取登录日志', dependencies=[DependsRBAC, PageDepends])
|
||||
async def get_all_login_logs(
|
||||
db: CurrentSession,
|
||||
username: Annotated[str | None, Query()] = None,
|
||||
|
||||
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query, Request
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.schemas.menu import GetAllMenu, CreateMenu, UpdateMenu
|
||||
from backend.app.services.menu_service import MenuService
|
||||
@ -14,29 +13,35 @@ from backend.app.utils.serializers import select_to_json
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('/{pk}', summary='获取目录详情', dependencies=[DependsJwtAuth])
|
||||
@router.get('/sidebar', summary='获取用户菜单展示树', dependencies=[DependsRBAC])
|
||||
async def get_user_menus(request: Request):
|
||||
menu = await MenuService.get_user_menu_tree(request=request)
|
||||
return await response_base.success(data=menu)
|
||||
|
||||
|
||||
@router.get('/{pk}', summary='获取菜单详情', dependencies=[DependsRBAC])
|
||||
async def get_menu(pk: int):
|
||||
menu = await MenuService.get(pk=pk)
|
||||
data = GetAllMenu(**select_to_json(menu))
|
||||
return await response_base.success(data=data)
|
||||
|
||||
|
||||
@router.get('', summary='获取所有目录展示树', dependencies=[DependsJwtAuth])
|
||||
@router.get('', summary='获取所有菜单展示树', dependencies=[DependsRBAC])
|
||||
async def get_all_menus(
|
||||
name: Annotated[str | None, Query()] = None,
|
||||
status: Annotated[bool | None, Query()] = None,
|
||||
):
|
||||
menu = await MenuService.get_select(name=name, status=status)
|
||||
menu = await MenuService.get_menu_tree(name=name, status=status)
|
||||
return await response_base.success(data=menu)
|
||||
|
||||
|
||||
@router.post('', summary='创建目录', dependencies=[DependsRBAC])
|
||||
@router.post('', summary='创建菜单', dependencies=[DependsRBAC])
|
||||
async def create_menu(request: Request, obj: CreateMenu):
|
||||
await MenuService.create(obj=obj, user_id=request.user.id)
|
||||
return await response_base.success()
|
||||
|
||||
|
||||
@router.put('/{pk}', summary='更新目录', dependencies=[DependsRBAC])
|
||||
@router.put('/{pk}', summary='更新菜单', dependencies=[DependsRBAC])
|
||||
async def update_menu(request: Request, pk: int, obj: UpdateMenu):
|
||||
count = await MenuService.update(pk=pk, obj=obj, user_id=request.user.id)
|
||||
if count > 0:
|
||||
@ -44,7 +49,7 @@ async def update_menu(request: Request, pk: int, obj: UpdateMenu):
|
||||
return await response_base.fail()
|
||||
|
||||
|
||||
@router.delete('{pk}', summary='删除目录', dependencies=[DependsRBAC])
|
||||
@router.delete('/{pk}', summary='删除菜单', dependencies=[DependsRBAC])
|
||||
async def delete_menu(pk: int):
|
||||
count = await MenuService.delete(pk=pk)
|
||||
if count > 0:
|
||||
|
||||
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.pagination import PageDepends, paging_data
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.database.db_mysql import CurrentSession
|
||||
@ -15,7 +14,7 @@ from backend.app.services.opera_log_service import OperaLogService
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('', summary='(模糊条件)分页获取操作日志', dependencies=[DependsJwtAuth, PageDepends])
|
||||
@router.get('', summary='(模糊条件)分页获取操作日志', dependencies=[DependsRBAC, PageDepends])
|
||||
async def get_all_opera_logs(
|
||||
db: CurrentSession,
|
||||
username: Annotated[str | None, Query()] = None,
|
||||
|
||||
@ -5,7 +5,6 @@ from typing import Annotated
|
||||
from fastapi import APIRouter, Query, Request
|
||||
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.pagination import PageDepends, paging_data
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.database.db_mysql import CurrentSession
|
||||
@ -16,14 +15,14 @@ from backend.app.utils.serializers import select_to_json
|
||||
router = APIRouter()
|
||||
|
||||
|
||||
@router.get('/{pk}', summary='获取角色详情', dependencies=[DependsJwtAuth])
|
||||
@router.get('/{pk}', summary='获取角色详情', dependencies=[DependsRBAC])
|
||||
async def get_role(pk: int):
|
||||
role = await RoleService.get(pk=pk)
|
||||
data = GetAllRole(**select_to_json(role))
|
||||
return await response_base.success(data=data)
|
||||
|
||||
|
||||
@router.get('', summary='(模糊条件)分页获取所有角色', dependencies=[DependsJwtAuth, PageDepends])
|
||||
@router.get('', summary='(模糊条件)分页获取所有角色', dependencies=[DependsRBAC, PageDepends])
|
||||
async def get_all_roles(
|
||||
db: CurrentSession,
|
||||
name: Annotated[str | None, Query()] = None,
|
||||
|
||||
@ -4,7 +4,7 @@ from typing import Annotated
|
||||
|
||||
from fastapi import APIRouter, Query, Request
|
||||
|
||||
from backend.app.common.jwt import DependsJwtAuth
|
||||
from backend.app.common.casbin_rbac import DependsRBAC
|
||||
from backend.app.common.pagination import paging_data, PageDepends
|
||||
from backend.app.common.response.response_schema import response_base
|
||||
from backend.app.database.db_mysql import CurrentSession
|
||||
@ -21,7 +21,7 @@ async def user_register(obj: CreateUser):
|
||||
return await response_base.success()
|
||||
|
||||
|
||||
@router.post('/password/reset', summary='密码重置', dependencies=[DependsJwtAuth])
|
||||
@router.post('/password/reset', summary='密码重置', dependencies=[DependsRBAC])
|
||||
async def password_reset(request: Request, obj: ResetPassword):
|
||||
count = await UserService.pwd_reset(request=request, obj=obj)
|
||||
if count > 0:
|
||||
@ -29,14 +29,14 @@ async def password_reset(request: Request, obj: ResetPassword):
|
||||
return await response_base.fail()
|
||||
|
||||
|
||||
@router.get('/{username}', summary='查看用户信息', dependencies=[DependsJwtAuth])
|
||||
@router.get('/{username}', summary='查看用户信息', dependencies=[DependsRBAC])
|
||||
async def get_user(username: str):
|
||||
current_user = await UserService.get_userinfo(username=username)
|
||||
data = GetAllUserInfo(**select_to_json(current_user))
|
||||
return await response_base.success(data=data)
|
||||
|
||||
|
||||
@router.put('/{username}', summary='更新用户信息', dependencies=[DependsJwtAuth])
|
||||
@router.put('/{username}', summary='更新用户信息', dependencies=[DependsRBAC])
|
||||
async def update_userinfo(request: Request, username: str, obj: UpdateUser):
|
||||
count = await UserService.update(request=request, username=username, obj=obj)
|
||||
if count > 0:
|
||||
@ -44,7 +44,7 @@ async def update_userinfo(request: Request, username: str, obj: UpdateUser):
|
||||
return await response_base.fail()
|
||||
|
||||
|
||||
@router.put('/{username}/avatar', summary='更新头像', dependencies=[DependsJwtAuth])
|
||||
@router.put('/{username}/avatar', summary='更新头像', dependencies=[DependsRBAC])
|
||||
async def update_avatar(request: Request, username: str, avatar: Avatar):
|
||||
count = await UserService.update_avatar(request=request, username=username, avatar=avatar)
|
||||
if count > 0:
|
||||
@ -52,7 +52,7 @@ async def update_avatar(request: Request, username: str, avatar: Avatar):
|
||||
return await response_base.fail()
|
||||
|
||||
|
||||
@router.get('', summary='(模糊条件)分页获取所有用户', dependencies=[DependsJwtAuth, PageDepends])
|
||||
@router.get('', summary='(模糊条件)分页获取所有用户', dependencies=[DependsRBAC, PageDepends])
|
||||
async def get_all_users(
|
||||
db: CurrentSession,
|
||||
username: Annotated[str | None, Query()] = None,
|
||||
@ -64,7 +64,7 @@ async def get_all_users(
|
||||
return await response_base.success(data=page_data)
|
||||
|
||||
|
||||
@router.post('/{pk}/super', summary='修改用户超级权限', dependencies=[DependsJwtAuth])
|
||||
@router.post('/{pk}/super', summary='修改用户超级权限', dependencies=[DependsRBAC])
|
||||
async def super_set(request: Request, pk: int):
|
||||
count = await UserService.update_permission(request=request, pk=pk)
|
||||
if count > 0:
|
||||
@ -72,7 +72,7 @@ async def super_set(request: Request, pk: int):
|
||||
return await response_base.fail()
|
||||
|
||||
|
||||
@router.post('/{pk}/action', summary='修改用户状态', dependencies=[DependsJwtAuth])
|
||||
@router.post('/{pk}/action', summary='修改用户状态', dependencies=[DependsRBAC])
|
||||
async def active_set(request: Request, pk: int):
|
||||
count = await UserService.update_active(request=request, pk=pk)
|
||||
if count > 0:
|
||||
@ -80,7 +80,7 @@ async def active_set(request: Request, pk: int):
|
||||
return await response_base.fail()
|
||||
|
||||
|
||||
@router.post('/{pk}/multi', summary='修改用户多点登录状态', dependencies=[DependsJwtAuth])
|
||||
@router.post('/{pk}/multi', summary='修改用户多点登录状态', dependencies=[DependsRBAC])
|
||||
async def multi_set(request: Request, pk: int):
|
||||
count = await UserService.update_multi_login(request=request, pk=pk)
|
||||
if count > 0:
|
||||
@ -92,7 +92,7 @@ async def multi_set(request: Request, pk: int):
|
||||
path='/{username}',
|
||||
summary='用户注销',
|
||||
description='用户注销 != 用户登出,注销之后用户将从数据库删除',
|
||||
dependencies=[DependsJwtAuth],
|
||||
dependencies=[DependsRBAC],
|
||||
)
|
||||
async def delete_user(request: Request, username: str):
|
||||
count = await UserService.delete(request=request, username=username)
|
||||
|
||||
Reference in New Issue
Block a user