From 3361fca5d226c624307032cfd17a1fcdcd2b293f Mon Sep 17 00:00:00 2001 From: insistence <3055204202@qq.com> Date: Sun, 18 Feb 2024 11:10:03 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E7=94=A8=E6=88=B7=E6=8E=A5=E5=8F=A3?= =?UTF-8?q?=E6=9D=83=E9=99=90=E6=A0=A1=E9=AA=8C=E5=A2=9E=E5=8A=A0=E5=88=97?= =?UTF-8?q?=E8=A1=A8=E6=8E=A5=E6=94=B6=E5=8F=82=E6=95=B0=EF=BC=8C=E5=AE=9E?= =?UTF-8?q?=E7=8E=B0=E5=90=8C=E4=B8=80=E6=8E=A5=E5=8F=A3=E6=94=AF=E6=8C=81?= =?UTF-8?q?=E5=A4=9A=E4=B8=AA=E6=9D=83=E9=99=90=E6=A0=87=E8=AF=86=E6=A0=A1?= =?UTF-8?q?=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../module_admin/aspect/interface_auth.py | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py b/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py index d91bdb4..247e0b6 100644 --- a/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py +++ b/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py @@ -1,4 +1,5 @@ from fastapi import Depends +from typing import Union, List from module_admin.entity.vo.user_vo import CurrentUserModel from module_admin.service.login_service import LoginService from exceptions.exception import PermissionException @@ -7,13 +8,25 @@ from exceptions.exception import PermissionException class CheckUserInterfaceAuth: """ 校验当前用户是否具有相应的接口权限 + :param perm: 权限标识 + :param is_strict: 当传入的权限标识是list类型时,是否开启严格模式,开启表示会校验列表中的每一个权限标识,所有的校验结果都需要为True才会通过 """ - def __init__(self, perm_str: str = 'common'): - self.perm_str = perm_str + def __init__(self, perm: Union[str, List], is_strict: bool = False): + self.perm = perm + self.is_strict = is_strict def __call__(self, current_user: CurrentUserModel = Depends(LoginService.get_current_user)): user_auth_list = current_user.permissions - user_auth_list.append('common') - if '*:*:*' in user_auth_list or self.perm_str in user_auth_list: + if '*:*:*' in user_auth_list: return True + if isinstance(self.perm, str): + if self.perm in user_auth_list: + return True + if isinstance(self.perm, list): + if self.is_strict: + if all([perm_str in user_auth_list for perm_str in self.perm]): + return True + else: + if any([perm_str in user_auth_list for perm_str in self.perm]): + return True raise PermissionException(data="", message="该用户无此接口权限")