alicorn-dev/KintoneAppBuilder
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged PR 8: app&appversion&flowhistory&role&permission

Browse Source 
app&appversion&flowhistory&role&permission
This commit is contained in:
方 柏
2024-11-23 10:49:59 +00:00
committed by 小哲 馬
parent 4563274789 1626091e36
commit 321f14b229
10 changed files with 278 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
backend/app/api/api_v1/routers/auth.py
View File

@@ -25,11 +25,15 @@ async def login(
minutes=security.ACCESS_TOKEN_EXPIRE_MINUTES
)
if user.is_superuser:
permissions = "admin"
roles = "super"
permissions = "ALL"
else:
permissions = "user"
roles = ";".join(role.name for role in user.roles)
perlst = [perm.privilege for role in user.roles for perm in role.permissions]
permissions =";".join(list(set(perlst)))
access_token = security.create_access_token(
data={"sub": user.id, "permissions": permissions},
data={"sub": user.id, "roles":roles,"permissions": permissions ,},
expires_delta=access_token_expires,
)

41
backend/app/api/api_v1/routers/platform.py
View File

@@ -23,7 +23,7 @@ platform_router = r = APIRouter()
)
async def apps_list(
request: Request,
user = Depends(get_current_user),
user = Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -60,7 +60,7 @@ async def apps_list(
async def apps_update(
request: Request,
app: AppVersion,
user=Depends(get_current_user),
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -68,6 +68,20 @@ async def apps_update(
except Exception as e:
raise APIException('platform:apps',request.url._url,f"Error occurred while get create app :",e)
@r.delete(
"/apps/{domainurl}/{appid}", response_model_exclude_none=True
)
async def apps_delete(
request: Request,
domainurl:str,
appid: str,
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
return delete_apps(db, domainurl,appid)
except Exception as e:
raise APIException('platform:apps',request.url._url,f"Error occurred while delete apps({domainurl}:{appid}):",e)
@r.get(
"/appsettings/{id}",
@@ -183,7 +197,7 @@ async def flow_details(
async def flow_list(
request: Request,
appid: str,
user=Depends(get_current_user),
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -198,8 +212,8 @@ async def flow_list(
@r.post("/flow", response_model=Flow, response_model_exclude_none=True)
async def flow_create(
request: Request,
flow: FlowBase,
user=Depends(get_current_user),
flow: FlowIn,
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -215,13 +229,13 @@ async def flow_create(
async def flow_edit(
request: Request,
flowid: str,
flow: FlowBase,
user=Depends(get_current_user),
flow: FlowIn,
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
domain = get_activedomain(db, user.id)
return edit_flow(db,domain.url, flow)
return edit_flow(db,domain.url, flow,user.id)
except Exception as e:
raise APIException('platform:flow',request.url._url,f"Error occurred while edit flow:",e)
@@ -259,7 +273,7 @@ async def domain_details(
async def domain_create(
request: Request,
domain: DomainBase,
user=Depends(get_current_user),
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -274,10 +288,11 @@ async def domain_create(
async def domain_edit(
request: Request,
domain: DomainBase,
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
return edit_domain(db, domain)
return edit_domain(db, domain,user.id)
except Exception as e:
raise APIException('platform:domain',request.url._url,f"Error occurred while edit domain:",e)
@@ -303,7 +318,7 @@ async def domain_delete(
async def userdomain_details(
request: Request,
userId: Optional[int] = Query(None, alias="userId"),
user=Depends(get_current_user),
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -351,7 +366,7 @@ async def userdomain_delete(
async def get_useractivedomain(
request: Request,
userId: Optional[int] = Query(None, alias="userId"),
user=Depends(get_current_user),
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:
@@ -371,7 +386,7 @@ async def update_activeuserdomain(
request: Request,
domainid:int,
userId: Optional[int] = Query(None, alias="userId"),
user=Depends(get_current_user),
user=Depends(get_current_active_user),
db=Depends(get_db),
):
try:

41
backend/app/api/api_v1/routers/users.py
View File

@@ -1,4 +1,4 @@
from fastapi import APIRouter, Request, Depends, Response, encoders
from fastapi import APIRouter, Request, Depends, Response, Security, encoders
import typing as t
from app.db.session import get_db
@@ -8,9 +8,11 @@ from app.db.crud import (
create_user,
delete_user,
edit_user,
assign_userrole,
get_roles,
)
from app.db.schemas import UserCreate, UserEdit, User, UserOut
from app.core.auth import get_current_active_user, get_current_active_superuser
from app.db.schemas import UserCreate, UserEdit, User, UserOut,Role
from app.core.auth import get_current_user,get_current_active_user, get_current_active_superuser
users_router = r = APIRouter()
@@ -23,14 +25,14 @@ users_router = r = APIRouter()
async def users_list(
response: Response,
db=Depends(get_db),
current_user=Depends(get_current_active_superuser),
current_user=Depends(get_current_active_user),
):
"""
Get all users
"""
users = get_users(db)
users = get_users(db,current_user.is_superuser)
# This is necessary for react-admin to work
response.headers["Content-Range"] = f"0-9/{len(users)}"
#response.headers["Content-Range"] = f"0-9/{len(users)}"
return users
@@ -105,3 +107,30 @@ async def user_delete(
Delete existing user
"""
return delete_user(db, user_id)
@r.post("/userrole",
response_model=User,
response_model_exclude_none=True,)
async def assign_role(
request: Request,
userid:int,
roles:t.List[int],
db=Depends(get_db)
):
return assign_userrole(db,userid,roles)
@r.get(
"/roles",
response_model=t.List[Role],
response_model_exclude_none=True,
)
async def roles_list(
response: Response,
db=Depends(get_db),
current_user=Security(get_current_active_user, scopes=["role_list"]),
):
roles = get_roles(db)
return roles

13
backend/app/core/auth.py
View File

@@ -1,5 +1,6 @@
from fastapi.security import SecurityScopes
import jwt
from fastapi import Depends, HTTPException, status
from fastapi import Depends, HTTPException, Request, Security, status
from jwt import PyJWTError
from app.db import models, schemas, session
@@ -7,7 +8,7 @@ from app.db.crud import get_user_by_email, create_user,get_user
from app.core import security
async def get_current_user(
async def get_current_user(security_scopes: SecurityScopes,
db=Depends(session.get_db), token: str = Depends(security.oauth2_scheme)
):
credentials_exception = HTTPException(
@@ -16,13 +17,21 @@ async def get_current_user(
headers={"WWW-Authenticate": "Bearer"},
)
try:
payload = jwt.decode(
token, security.SECRET_KEY, algorithms=[security.ALGORITHM]
)
id: int = payload.get("sub")
if id is None:
raise credentials_exception
permissions: str = payload.get("permissions")
if not permissions =="ALL":
for scope in security_scopes.scopes:
if scope not in permissions.split(";"):
raise HTTPException(
status_code=403, detail="The user doesn't have enough privileges"
)
token_data = schemas.TokenData(id = id, permissions=permissions)
except PyJWTError:
raise credentials_exception

125
backend/app/db/crud.py
View File

@@ -1,3 +1,4 @@
import datetime
from fastapi import HTTPException, status
from sqlalchemy.orm import Session
from sqlalchemy import and_
@@ -19,9 +20,12 @@ def get_user_by_email(db: Session, email: str) -> schemas.UserBase:
def get_users(
db: Session, skip: int = 0, limit: int = 100
db: Session, super:bool
) -> t.List[schemas.UserOut]:
return db.query(models.User).offset(skip).limit(limit).all()
if super:
return db.query(models.User).all()
else:
return db.query(models.User).filter(models.User.is_superuser == False)
def create_user(db: Session, user: schemas.UserCreate):
@@ -69,28 +73,48 @@ def edit_user(
db.refresh(db_user)
return db_user
def get_roles(
db: Session
) -> t.List[schemas.Role]:
return db.query(models.Role).all()
def assign_userrole( db: Session, user_id: int, roles: t.List[int]):
db_user = db.query(models.User).get(user_id)
if db_user:
for role in db_user.roles:
db_user.roles.remove(role)
for roleid in roles:
role = db.query(models.Role).get(roleid)
if role:
db_user.roles.append(role)
db.commit()
db.refresh(db_user)
return db_user
def get_apps(
db: Session,
domain_url:str
domainurl:str
) -> t.List[schemas.AppList]:
return db.query(models.App).filter(models.App.domainurl == domain_url).all()
return db.query(models.App).filter(models.App.domainurl == domainurl).all()
def update_appversion(db: Session, appedit: schemas.AppVersion,userid:int):
app = db.query(models.App).filter(and_(models.App.domainurl == appedit.domainurl,models.App.appid == appedit.appid)).first()
if app:
app.version = app.version + 1
db_app = app
appver = app.version
else:
appver = 1
db_app = models.App(
db_app = db.query(models.App).filter(and_(models.App.domainurl == appedit.domainurl,models.App.appid == appedit.appid)).first()
if not db_app:
raise HTTPException(status.HTTP_404_NOT_FOUND, detail="User not found")
db_app.version = db_app.version + 1
appversion = models.AppVersion(
domainurl = appedit.domainurl,
appid=appedit.appid,
appname=appedit.appname,
version = 1,
updateuser= userid
)
appname=db_app.appname,
version = db_app.version,
versionname = appedit.versionname,
comment = appedit.comment,
updateuserid = userid,
createuserid = userid
)
db.add(appversion)
db.add(db_app)
flows = db.query(models.Flow).filter(and_(models.Flow.domainurl == appedit.domainurl,models.App.appid == appedit.appid))
@@ -103,7 +127,9 @@ def update_appversion(db: Session, appedit: schemas.AppVersion,userid:int):
name = flow.name,
content = flow.content,
createuser = userid,
version = appver
version = db_app.version,
updateuserid = userid,
createuserid = userid
)
db.add(db_flowhistory)
@@ -111,6 +137,17 @@ def update_appversion(db: Session, appedit: schemas.AppVersion,userid:int):
db.refresh(db_app)
return db_app
def delete_apps(db: Session, domainurl: str,appid: str ):
db_app = db.query(models.App).filter(and_(models.App.domainurl == domainurl,models.App.appid ==appid)).first()
if not db_app:
raise HTTPException(status.HTTP_404_NOT_FOUND, detail="App not found")
db.delete(db_app)
db_flows = db.query(models.Flow).filter(and_(models.Flow.domainurl == domainurl,models.Flow.appid ==appid))
for flow in db_flows:
db.delete(flow)
db.commit()
return db_app
def get_appsetting(db: Session, id: int):
app = db.query(models.AppSetting).get(id)
if not app:
@@ -166,16 +203,28 @@ def get_actions(db: Session):
return actions
def create_flow(db: Session, domainurl: str, flow: schemas.FlowBase):
def create_flow(db: Session, domainurl: str, flow: schemas.FlowIn,userid:int):
db_flow = models.Flow(
flowid=flow.flowid,
appid=flow.appid,
eventid=flow.eventid,
domainurl=domainurl,
name=flow.name,
content=flow.content
content=flow.content,
createuserid = userid,
updateuserid = userid
)
db.add(db_flow)
db_app = db.query(models.App).filter(and_(models.App.domainurl == domainurl,models.App.appid == flow.appid)).first()
if not db_app:
db_app = models.App(
domainurl = domainurl,
appid=flow.appid,
appname=flow.appname,
version = 0,
createuserid= userid,
updateuserid = userid
)
db.commit()
db.refresh(db_flow)
return db_flow
@@ -190,17 +239,20 @@ def delete_flow(db: Session, flowid: str):
def edit_flow(
db: Session, domainurl: str, flow: schemas.FlowBase
db: Session, domainurl: str, flow: schemas.FlowIn,userid:int
) -> schemas.Flow:
db_flow = get_flow(db, flow.flowid)
if not db_flow:
#見つからない時新規作成
return create_flow(db,domainurl,flow)
return create_flow(db,domainurl,flow,userid)
update_data = flow.dict(exclude_unset=True)
for key, value in update_data.items():
setattr(db_flow, key, value)
db_flow.appid =flow.appid,
db_flow.eventid=flow.eventid,
db_flow.domainurl=domainurl,
db_flow.name=flow.name,
db_flow.content=flow.content,
db_flow.updateuserid = userid,
db_flow.update_time = datetime.now
db.add(db_flow)
db.commit()
@@ -233,7 +285,9 @@ def create_domain(db: Session, domain: schemas.DomainBase,userid:int):
name=domain.name,
url=domain.url,
kintoneuser=domain.kintoneuser,
kintonepwd=domain.kintonepwd
kintonepwd=domain.kintonepwd,
createuserid = userid,
updateuserid = userid
)
db.add(db_domain)
db.flush()
@@ -252,18 +306,19 @@ def delete_domain(db: Session,id: int):
def edit_domain(
db: Session, domain: schemas.DomainBase
db: Session, domain: schemas.DomainBase,userid:int
) -> schemas.Domain:
domain.encrypt_kintonepwd()
db_domain = db.query(models.Domain).get(domain.id)
if not db_domain:
raise HTTPException(status.HTTP_404_NOT_FOUND, detail="Domain not found")
update_data = domain.dict(exclude_unset=True)
for key, value in update_data.items():
if key != "id" and not (key == "kintonepwd" and (value is None or value == "")):
setattr(db_domain, key, value)
print(str(db_domain))
raise HTTPException(status.HTTP_404_NOT_FOUND, detail="Domain not found")
db_domain.tenantid = domain.tenantid
db_domain.name=domain.name
db_domain.url=domain.url
db_domain.kintoneuser=domain.kintoneuser
db_domain.kintonepwd = domain.kintonepwd
db_domain.updateuserid = userid
db_domain.update_time = datetime.now
db.add(db_domain)
db.commit()
db.refresh(db_domain)

73
backend/app/db/models.py
View File

@@ -1,8 +1,8 @@
from sqlalchemy import Boolean, Column, Integer, String, DateTime,ForeignKey
from sqlalchemy import Boolean, Column, Integer, String, DateTime,ForeignKey,Table
from sqlalchemy.ext.declarative import as_declarative
from sqlalchemy.orm import relationship
from datetime import datetime
from app.db.session import Base
from app.core.security import chacha20Decrypt
@as_declarative()
@@ -11,6 +11,21 @@ class Base:
create_time = Column(DateTime, default=datetime.now)
update_time = Column(DateTime, default=datetime.now, onupdate=datetime.now)
userrole = Table(
"userrole",
Base.metadata,
Column("userid",Integer,ForeignKey("user.id")),
Column("roleid",Integer,ForeignKey("role.id")),
)
rolepermission = Table(
"rolepermission",
Base.metadata,
Column("roleid",Integer,ForeignKey("role.id")),
Column("permissionid",Integer,ForeignKey("permission.id")),
)
class User(Base):
__tablename__ = "user"
@@ -20,6 +35,25 @@ class User(Base):
hashed_password = Column(String(200), nullable=False)
is_active = Column(Boolean, default=True)
is_superuser = Column(Boolean, default=False)
roles = relationship("Role",secondary=userrole,back_populates="users")
class Role(Base):
__tablename__ = "role"
name = Column(String(100))
description = Column(String(255))
users = relationship("User",secondary=userrole,back_populates="roles")
permissions = relationship("Permission",secondary=rolepermission,back_populates="roles")
class Permission(Base):
__tablename__ = "permission"
menu = Column(String(100))
function = Column(String(255))
privilege = Column(String(100))
roles = relationship("Role",secondary=rolepermission,back_populates="permissions")
class App(Base):
__tablename__ = "app"
@@ -28,8 +62,25 @@ class App(Base):
appname = Column(String(200), nullable=False)
appid = Column(String(100), index=True, nullable=False)
version = Column(Integer)
updateuser = Column(Integer,ForeignKey("user.id"))
user = relationship('User')
createuserid = Column(Integer,ForeignKey("user.id"))
updateuserid = Column(Integer,ForeignKey("user.id"))
createuser = relationship('User',foreign_keys=[createuserid])
updateuser = relationship('User',foreign_keys=[updateuserid])
class AppVersion(Base):
__tablename__ = "appversion"
domainurl = Column(String(200), nullable=False)
appname = Column(String(200), nullable=False)
appid = Column(String(100), index=True, nullable=False)
version = Column(Integer)
versionname = Column(String(200), nullable=False)
comment = Column(String(200), nullable=False)
createuserid = Column(Integer,ForeignKey("user.id"))
updateuserid = Column(Integer,ForeignKey("user.id"))
createuser = relationship('User',foreign_keys=[createuserid])
updateuser = relationship('User',foreign_keys=[updateuserid])
class AppSetting(Base):
__tablename__ = "appsetting"
@@ -65,6 +116,10 @@ class Flow(Base):
domainurl = Column(String(200))
name = Column(String(200))
content = Column(String)
createuserid = Column(Integer,ForeignKey("user.id"))
updateuserid = Column(Integer,ForeignKey("user.id"))
createuser = relationship('User',foreign_keys=[createuserid])
updateuser = relationship('User',foreign_keys=[updateuserid])
class FlowHistory(Base):
__tablename__ = "flowhistory"
@@ -75,8 +130,11 @@ class FlowHistory(Base):
domainurl = Column(String(200))
name = Column(String(200))
content = Column(String)
createuser = Column(Integer,ForeignKey("user.id"))
version = Column(Integer)
createuserid = Column(Integer,ForeignKey("user.id"))
updateuserid = Column(Integer,ForeignKey("user.id"))
createuser = relationship('User',foreign_keys=[createuserid])
updateuser = relationship('User',foreign_keys=[updateuserid])
class Tenant(Base):
__tablename__ = "tenant"
@@ -98,7 +156,10 @@ class Domain(Base):
def decrypt_kintonepwd(self):
decrypted_pwd = chacha20Decrypt(self.kintonepwd)
return decrypted_pwd
createuserid = Column(Integer,ForeignKey("user.id"))
updateuserid = Column(Integer,ForeignKey("user.id"))
createuser = relationship('User',foreign_keys=[createuserid])
updateuser = relationship('User',foreign_keys=[updateuserid])
class UserDomain(Base):
__tablename__ = "userdomain"

24
backend/app/db/schemas.py
View File

@@ -8,13 +8,26 @@ class Base(BaseModel):
create_time: datetime
update_time: datetime
class Permission(BaseModel):
id: int
menu:str
function:str
privilege:str
class Role(BaseModel):
id: int
name:str
description:str
permissions:t.List[Permission] = []
class UserBase(BaseModel):
email: str
is_active: bool = True
is_superuser: bool = False
first_name: str = None
last_name: str = None
roles:t.List[Role] = []
class UserOut(UserBase):
pass
@@ -54,14 +67,17 @@ class AppList(Base):
domainurl: str
appname: str
appid:str
updateuser: UserOut
version:int
user:UserOut
class AppVersion(BaseModel):
domainurl: str
appname: str
versionname: str
comment:str
appid:str
class TokenData(BaseModel):
id:int = 0
email: str = None
@@ -106,9 +122,11 @@ class Action(BaseModel):
class ConfigDict:
orm_mode = True
class FlowBase(BaseModel):
class FlowIn(BaseModel):
flowid: str
# domainurl:str
appid: str
appname:str
eventid: str
name: str = None
content: str = None

2
frontend/src/pages/AppManagement.vue
View File

@@ -83,7 +83,7 @@ const getApps = async () => {
id: item.appid,
name: item.appname,
url: `${item.domainurl}/k/${item.appid}`,
user: `${item.user.first_name} ${item.user.last_name}` ,
user: `${item.updateuser.first_name} ${item.updateuser.last_name}` ,
updatetime:date.formatDate(item.update_time, 'YYYY/MM/DD HH:mm'),
version: Number(item.version)
}

1
frontend/src/stores/flowEditor.ts
View File

@@ -128,6 +128,7 @@ export const useFlowEditorStore = defineStore('flowEditor', {
const jsonData = {
flowid: isNew ? flow.createNewId() : flow.id,
appid: this.appInfo?.appId,
appname: this.appInfo?.name,
eventid: root?.name,
name: root?.subTitle,
content: JSON.stringify(flow),

2
frontend/src/types/AppTypes.ts
View File

@@ -9,6 +9,6 @@ export interface IManagedApp {
appname: string;
domainurl: string;
version: string;
user: IUser;
updateuser: IUser;
update_time: string;
}