change group permission field

create permission parser add flask jwt requirements
4 years ago · bfaab9fc77
parent bf5942905f
commit bfaab9fc77
3 changed files with 63 additions and 2 deletions
--- a/internal_lib/permission_parser.py
+++ b/internal_lib/permission_parser.py
@ -0,0 +1,60 @@
 def parse_permission(string):
    """
    Parsing permission string
    permission_type{read,delete,write,update,*(for all permissions)}::module_name{module name or for all modules *}::union_id{for all companies *}/item_id{for all items *}
    example string:
    read::collectors::union1id/* ->read union1 all collectors
    read::collectors::union1id/collector1 ->read union1 collector1
    *::users::union2/* -> read, write, update, delete all users for union2
    *::users::union2/user1 -> read, write, update, delete for users1 in union2
    *::*::union2/* -> all permissions for union2
    *::*::*/* -> all permissions like a admin
    :param string:
    :return: dict
    """
    permission_type, module, extras = string.split("::")
    union_id, item_id = extras.split('/')
    read = False
    write = False
    update = False
    delete = False
    if permission_type == '*':
        read = True
        write = True
        update = True
        delete = True
    if permission_type == 'read':
        read = True
    if permission_type == 'write':
        write = True
    if permission_type == 'update':
        update = True
    if permission_type == 'delete':
        delete = True
    return {
        "delete":delete,
        "write":write,
        "read":read,
        "update":update,
        "module":module,
        "union":union_id,
        "item_id":item_id
    }
 def control_permission(group, module, perm_type, itemid, unionid):
    for right_string in group.rights:
        right = parse_permission(right_string.strip())
        print(right, right_string, group, perm_type)
        if right.get('module') in ["*", module]:
            return True
        elif right.get('union') in ['*', unionid]:
            return True
        elif right.get(perm_type):
            return True
        elif right.get('item_id') in ['*',itemid]:
            return True
        elif right.get('module') in ["*",module] and right.get('union') in ['*', unionid] and right.get(perm_type) and right.get('item_id') in ['*',itemid]:
            return True
    return False
--- a/models/Group.py
+++ b/models/Group.py
@ -6,7 +6,7 @@ from models.Union import Union
 class Group(Document):
    union = ReferenceField(Union)
    name = StringField()
-    rights = StringField()
+    rights = ListField(StringField())
 class PaymentGroup(Document):
--- a/requirements.txt
+++ b/requirements.txt
@ -2,3 +2,4 @@ mongoengine
 flask-mongoengine
 flask
 pycryptodome
 flask_jwt_extended