权限模块

src/app/api/permission.py

@@ -0,0 +1,69 @@
+from flask import request, jsonify, g
+from flask_restx import Resource, Namespace, reqparse
+from sqlalchemy import select
+from sqlalchemy.orm import Session
+
+from app.database import engine
+from app.defines import StatesCode
+from app.modle.menus import Menus
+from app.modle.role import Role
+from app.modle.users import User
+from app.utils.jwt_util import login_required
+
+ns = Namespace('permission', description='权限管理')
+
+
+@ns.route('/permission')
+class PermissionApi(Resource):
+    method_decorators = [login_required]
+
+    @ns.doc(id='get_permission', description='获取权限配置信息')
+    @ns.expect()
+    def get(self):
+        """获取权限信息"""
+        data = []
+        with Session(engine) as session:
+            stmt = select(Menus.id, Menus.name).where(Menus.parent_id == 0)
+            results = session.execute(stmt)
+            for result in results:
+                stmt2 = select(Menus.id, Menus.name).where(Menus.parent_id == result.id)
+                data.append(
+                    {
+                        'id': result.id,
+                        'name': result.name,
+                        'children': [
+                            {'id': result1.id, 'name': result1.name} for result1 in session.execute(stmt2)
+                        ]
+                    }
+                )
+
+        return jsonify(code=StatesCode.SUCCESS, message='成功', data=data)
+
+
+auth_permission = reqparse.RequestParser(bundle_errors=True)
+auth_permission.add_argument(name='path', type=str, location='args', required=False, help='请求url')
+
+
+@ns.route('/auth_permission')
+class AuthPermissionApi(Resource):
+    method_decorators = [login_required]
+
+    @ns.doc(id='auth_permission', description='权限认证')
+    @ns.expect()
+    def get(self):
+        """权限认证"""
+        path = request.args.get('path')
+
+        with Session(engine) as session:
+            # 根据用户id获取角色id
+            stmt = select(User.role).where(User.id == g.user_id)
+            role_id = session.execute(stmt).scalars().first()
+            # 根据角色id获取权限id
+            stmt = select(Role.role_permission).where(Role.id == role_id)
+            role_permission = session.execute(stmt).scalars().first()
+            # 根据权限id获取可访问的接口
+            stmt = select(Menus.router).where(Menus.id.in_(role_permission))
+            results = session.execute(stmt).scalars().all()
+            # 判断传入接口是否在可访问的接口中
+            if path not in results:
+                return jsonify(code=StatesCode.UNKNOWN_ERROR, message='无权限')

src/app/api/role.py

@@ -234,15 +234,3 @@ class RoleMemberApi(Resource):
         return jsonify(code=StatesCode.SUCCESS, message='批量移除成功')
 
 
-@ns.route('/role_permission')
-class RolePermissionApi(Resource):
-    method_decorators = [login_required]
-
-    @ns.doc(id='get_role_permission', description='获取权限配置信息')
-    @ns.expect()
-    def get(self):
-        """获取权限信息"""
-
-        permission = current_app.config['permission']
-
-        return {"code": StatesCode.SUCCESS, "message": "成功", "data": permission}

src/app/modle/menus.py

@@ -0,0 +1,28 @@
+from sqlalchemy import String, Column, Integer, DateTime
+
+from app.modle import Base
+
+
+class Menus(Base):
+    """菜单"""
+    __tablename__ = 'menus'
+
+    id = Column(Integer, primary_key=True, autoincrement=True, nullable=False, unique=True, doc='id')
+    name = Column(String, nullable=True, unique=False, index=False)
+    parent_id = Column(Integer, nullable=True, unique=False, index=False)
+    order_num = Column(Integer, nullable=True, unique=False, index=False)
+    path = Column(String, nullable=True, unique=False, index=False)
+    router = Column(String, nullable=True, unique=False, index=False)
+    query = Column(String, nullable=True, unique=False, index=False)
+    is_frame = Column(Integer, nullable=True, unique=False, index=False)
+    is_cache = Column(Integer, nullable=True, unique=False, index=False)
+    menu_type = Column(String, nullable=True, unique=False, index=False)
+    visible = Column(String, nullable=True, unique=False, index=False)
+    status = Column(String, nullable=True, unique=False, index=False)
+    perms = Column(String, nullable=True, unique=False, index=False)
+    icon = Column(String, nullable=True, unique=False, index=False)
+    create_by = Column(String, nullable=True, unique=False, index=False)
+    create_time = Column(DateTime, nullable=True, unique=False, index=False)
+    update_by = Column(String, nullable=True, unique=False, index=False)
+    update_time = Column(DateTime, nullable=True, unique=False, index=False)
+    remark = Column(String, nullable=True, unique=False, index=False)

src/app/modle/users.py

@@ -26,6 +26,7 @@ class User(Base):
                             doc='账户状态,0为正常，1为禁用')
     nationality = Column(String, nullable=True, unique=False, index=False, doc='国籍')
     register_time = Column(String, nullable=True, unique=False, index=False, default=cn_now(), doc='注册时间')
+    common_menus = Column(String, nullable=True, unique=False, index=False, doc='常用功能')
 
     # 赋值password，则自动加密存储。
     def generate_password(self, value):