# coding:utf-8 from rest_framework.permissions import BasePermission from apps.Equipment.models import Device from .db_utils import MySQLTool class RegisterViewPermission(BasePermission): def has_permission(self, request, view): try: user = request.user if user['username'] == "管理员": return True else: return False except: return False class ModulePermission(BasePermission): def has_permission(self, request, view): try: user = request.user user_modules = user.get("user_modules") path = request.path if path.startswith("/equipment") and user_modules == "1": return True else: return False except: return False class DeviceDetailPermission(BasePermission): def has_permission(self, request, view): try: user = request.user uid = user.get("uid") user_modules = user.get("user_modules") deviceId = request.data.get("device_id") device = Device.objects.filter(device_id=deviceId, owner_id=int(uid)) if user_modules == "1" and device.exists(): return True else: return False except: return False def get_bigdata_user_uid(token): sql = f'''select uid from sa_device_user where api_token={token}''' m = MySQLTool() result = m.execute_by_one(sql) uid = result['uid'] return uid class AccessPermission(BasePermission): def has_permission(self, request, view): try: auth = request.MATE['HTTP_AUTHORIZATION'] temp_list = auth.split() if temp_list[0] != 'Bearer': raise Exception() token = temp_list[1] try: uid = request.session['bigdata_uid'] except KeyError as e: uid = get_bigdata_user_uid(token) request.session['bigdata_uid'] = uid request.session.save() request.bigdata_uid = uid except Exception as e: return False return True