简单权限管理示例rbac

原创

wx5ddb891cb7e09 2023-01-28 10:45:08 ©著作权

文章标签 redis sql mysql 文章分类 运维

©著作权归作者所有：来自51CTO博客作者wx5ddb891cb7e09的原创作品，请联系作者获取转载授权，否则将追究法律责任

async def get_menu_apis():
    redis_key = "menu_apis"
    api_path_res = await redis_client.get_obj(redis_key)
    if api_path_res:
        api_path_list = ast.literal_eval（api_path_res.decode())
        # print(host_sensor_dict, type(host_sensor_dict))
        return api_path_list, None
    else:
        menu_sql = "select api_route_name from admin_menu where type =2"

        menu_datas=mysql_db.get_all_data(menu_sql)
        api_path_list = []

        if len(menu_datas) > 0:
            for menu in menu_datas:
                api_path_list.append(menu['api_route_name'])

        menu_redis = await redis_client.set_obj(redis_key, str(api_path_list))
        if menu_redis: 
            return api_path_list, None
        else:
            return {},None


async def get_user_apis(user_id):
    redis_key = "user_apis_" + str(user_id)
    api_path_res = await redis_client.get_obj(redis_key)
    if api_path_res:
        api_path_list = ast.literal_eval（api_path_res.decode())
        # print(host_sensor_dict, type(host_sensor_dict))
        return api_path_list, None
    else:
        user_role_sql = "select B.api_name from (select b.menu_id from admin_role_user a  LEFT JOIN admin_role_menu b on  a.role_id = b.role_id where a.user_id =%s) A LEFT JOIN admin_menu B on A.menu_id =B.id "
        role_datas = mysql_db.get_all_data(user_role_sql, user_id)

        user_api_list = []

        if len(role_datas) > 0:
        for api_route in role_datas:
        user_api_list.append(api_route['api_route_name'])
        menu_redis = await redis_client.set_obj(redis_key, str(user_api_list))
        if menu_redis: 
        return user_api_list, None
        else:
        return {}, None

def access_control(func):

    @wraps(func)
    async def wrap_func(request,*args, **kwargs):
        payload=jwt.decode(
            request.token, token_secret, algorithms=["HS256"]
        )

        if payload:
            user_id = payload['user_id']
        else:
            return sjson({'error': 'login errr'}, 403)
        route_path = request.path
        #缓存redis
        menu_list, menu_err = await get_menu_apis()
        if menu_err:
            return [], menu_err
        #请求是否存在权限列表当中
        if route_path in menu_list:
            user_api_list, user_msg = await get_user_apis(user_id)
            if route_path in user_api_list:
                return await func(request, *args, **kwargs)
            else:
                print("权限问题")
                return sjson({'error': 'no permission'}, 403)
        else:
            print("不在权限菜单中")
            return await func(request, *args, **kwargs)

    return wrap_func

上一篇：查看系统信息

提问和评论都可以，用心的回复会被更多人看到评论

发布评论

相关文章

官方博客	全部文章	热门标签	班级博客
了解我们	在线客服	网站地图	意见反馈

开源基础软件社区	51CTO学堂
51CTO	汽车开发者社区