| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 |
- # coding:utf-8
- from rest_framework.permissions import BasePermission
- from apps.Equipment.models import Device
- from .db_utils import MySQLTool
- class RegisterViewPermission(BasePermission):
- def has_permission(self, request, view):
- try:
- user = request.user
- if user['username'] == "管理员":
- return True
- else:
- return False
- except:
- return False
- class ModulePermission(BasePermission):
- def has_permission(self, request, view):
- try:
- user = request.user
- user_modules = user.get("user_modules")
- path = request.path
- if path.startswith("/equipment") and user_modules == "1":
- return True
- else:
- return False
- except:
- return False
- class DeviceDetailPermission(BasePermission):
- def has_permission(self, request, view):
- try:
- user = request.user
- uid = user.get("uid")
- user_modules = user.get("user_modules")
- deviceId = request.data.get("device_id")
- device = Device.objects.filter(device_id=deviceId, owner_id=int(uid))
- if user_modules == "1" and device.exists():
- return True
- else:
- return False
- except:
- return False
- def get_bigdata_user_uid(token):
- sql = f'''select uid from sa_device_user where api_token={token}'''
- m = MySQLTool()
- result = m.execute_by_one(sql)
- uid = result['uid']
- return uid
- class AccessPermission(BasePermission):
- def has_permission(self, request, view):
- try:
- auth = request.MATE['HTTP_AUTHORIZATION']
- temp_list = auth.split()
- if temp_list[0] != 'Bearer':
- raise Exception()
- token = temp_list[1]
- try:
- uid = request.session['bigdata_uid']
- except KeyError as e:
- uid = get_bigdata_user_uid(token)
- request.session['bigdata_uid'] = uid
- request.session.save()
- request.bigdata_uid = uid
- except Exception as e:
- return False
- return True
|
