!5 RuoYi-Vue3-FastAPI v1.0.2

Merge pull request !5 from insistence/develop
12 months ago · e9ad084dff
14 changed files with 64 additions and 22 deletions
--- a/README.md
+++ b/README.md
@ -1,18 +1,19 @@
 <p align="center">
 	<img alt="logo" src="https://oscimg.oschina.net/oscnet/up-d3d0a9303e11d522a06cd263f3079027715.png">
 </p>
-<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.0.1</h1>
+<h1 align="center" style="margin: 30px 0 30px; font-weight: bold;">RuoYi-Vue3-FastAPI v1.0.2</h1>
 <h4 align="center">基于RuoYi-Vue3+FastAPI前后端分离的快速开发框架</h4>
 <p align="center">
 	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/stargazers"><img src="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/badge/star.svg?theme=dark"></a>
    <a href="https://github.com/insistence/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/github/stars/insistence/RuoYi-Vue3-FastAPI?style=social"></a>
-	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.0.1-brightgreen.svg"></a>
+	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI"><img src="https://img.shields.io/badge/RuoYiVue3FastAPI-v1.0.2-brightgreen.svg"></a>
 	<a href="https://gitee.com/insistence2022/RuoYi-Vue3-FastAPI/blob/master/LICENSE"><img src="https://img.shields.io/github/license/mashape/apistatus.svg"></a>
    <img src="https://img.shields.io/badge/python-≥3.8-blue">
    <img src="https://img.shields.io/badge/MySQL-≥5.7-blue">
 </p>


+
 ## 平台简介

 RuoYi-Vue-FastAPI是一套全部开源的快速开发平台，毫无保留给个人及企业免费使用。
--- a/ruoyi-fastapi-backend/.env.dev
+++ b/ruoyi-fastapi-backend/.env.dev
@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.0.0'
+APP_VERSION= '1.0.2'
 # 应用是否开启热重载
 APP_RELOAD = true

--- a/ruoyi-fastapi-backend/.env.prod
+++ b/ruoyi-fastapi-backend/.env.prod
@ -10,7 +10,7 @@ APP_HOST = '0.0.0.0'
 # 应用端口
 APP_PORT = 9099
 # 应用版本
-APP_VERSION= '1.0.0'
+APP_VERSION= '1.0.2'
 # 应用是否开启热重载
 APP_RELOAD = false

--- a/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py
+++ b/ruoyi-fastapi-backend/module_admin/aspect/interface_auth.py
@ -1,4 +1,5 @@
 from fastapi import Depends
+from typing import Union, List
 from module_admin.entity.vo.user_vo import CurrentUserModel
 from module_admin.service.login_service import LoginService
 from exceptions.exception import PermissionException
@ -7,13 +8,52 @@ from exceptions.exception import PermissionException
 class CheckUserInterfaceAuth:
    """
    校验当前用户是否具有相应的接口权限
+    :param perm: 权限标识
+    :param is_strict: 当传入的权限标识是list类型时，是否开启严格模式，开启表示会校验列表中的每一个权限标识，所有的校验结果都需要为True才会通过
    """
-    def __init__(self, perm_str: str = 'common'):
-        self.perm_str = perm_str
+    def __init__(self, perm: Union[str, List], is_strict: bool = False):
+        self.perm = perm
+        self.is_strict = is_strict

    def __call__(self, current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
        user_auth_list = current_user.permissions
-        user_auth_list.append('common')
-        if '*:*:*' in user_auth_list or self.perm_str in user_auth_list:
+        if '*:*:*' in user_auth_list:
            return True
+        if isinstance(self.perm, str):
+            if self.perm in user_auth_list:
+                return True
+        if isinstance(self.perm, list):
+            if self.is_strict:
+                if all([perm_str in user_auth_list for perm_str in self.perm]):
+                    return True
+            else:
+                if any([perm_str in user_auth_list for perm_str in self.perm]):
+                    return True
        raise PermissionException(data="", message="该用户无此接口权限")
+
+
+class CheckRoleInterfaceAuth:
+    """
+    根据角色校验当前用户是否具有相应的接口权限
+    :param role_key: 角色标识
+    :param is_strict: 当传入的角色标识是list类型时，是否开启严格模式，开启表示会校验列表中的每一个角色标识，所有的校验结果都需要为True才会通过
+    """
+    def __init__(self, role_key: Union[str, List], is_strict: bool = False):
+        self.role_key = role_key
+        self.is_strict = is_strict
+
+    def __call__(self, current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
+        user_role_list = current_user.user.role
+        user_role_key_list = [role.role_key for role in user_role_list]
+        if isinstance(self.role_key, str):
+            if self.role_key in user_role_key_list:
+                return True
+        if isinstance(self.role_key, list):
+            if self.is_strict:
+                if all([role_key_str in user_role_key_list for role_key_str in self.role_key]):
+                    return True
+            else:
+                if any([role_key_str in user_role_key_list for role_key_str in self.role_key]):
+                    return True
+        raise PermissionException(data="", message="该用户无此接口权限")
+
--- a/ruoyi-fastapi-backend/module_admin/controller/config_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/config_controller.py
@ -62,7 +62,7 @@ async def edit_system_config(request: Request, edit_config: ConfigModel, query_d
        return ResponseUtil.error(msg=str(e))


-@configController.delete("/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:config:edit'))])
+@configController.delete("/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:config:remove'))])
@log_decorator(title='参数管理', business_type=2)
 async def refresh_system_config(request: Request, query_db: Session = Depends(get_db)):
    try:
--- a/ruoyi-fastapi-backend/module_admin/controller/dept_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/dept_controller.py
@ -13,7 +13,7 @@ from module_admin.annotation.log_annotation import log_decorator
 deptController = APIRouter(prefix='/system/dept', dependencies=[Depends(LoginService.get_current_user)])


-@deptController.get("/list/exclude/{dept_id}", response_model=List[DeptModel], dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@deptController.get("/list/exclude/{dept_id}", response_model=List[DeptModel], dependencies=[Depends(CheckUserInterfaceAuth('system:dept:list'))])
 async def get_system_dept_tree_for_edit_option(request: Request, dept_id: int, query_db: Session = Depends(get_db), data_scope_sql: str = Depends(GetDataScope('SysDept'))):
    try:
        dept_query = DeptModel(deptId=dept_id)
--- a/ruoyi-fastapi-backend/module_admin/controller/dict_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/dict_controller.py
@ -62,7 +62,7 @@ async def edit_system_dict_type(request: Request, edit_dict_type: DictTypeModel,
        return ResponseUtil.error(msg=str(e))


-@dictController.delete("/type/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:dict:edit'))])
+@dictController.delete("/type/refreshCache", dependencies=[Depends(CheckUserInterfaceAuth('system:dict:remove'))])
@log_decorator(title='字典管理', business_type=2)
 async def refresh_system_dict(request: Request, query_db: Session = Depends(get_db)):
    try:
@ -95,7 +95,7 @@ async def delete_system_dict_type(request: Request, dict_ids: str, query_db: Ses
        return ResponseUtil.error(msg=str(e))


-@dictController.get("/type/optionselect", response_model=List[DictTypeModel], dependencies=[Depends(CheckUserInterfaceAuth('system:dict:query'))])
+@dictController.get("/type/optionselect", response_model=List[DictTypeModel])
 async def query_system_dict_type_options(request: Request, query_db: Session = Depends(get_db)):
    try:
        dict_type_query_result = DictTypeService.get_dict_type_list_services(query_db, DictTypePageQueryModel(**dict()), is_page=False)
@ -131,7 +131,7 @@ async def export_system_dict_type_list(request: Request, dict_type_page_query: D
        return ResponseUtil.error(msg=str(e))


-@dictController.get("/data/type/{dict_type}", dependencies=[Depends(CheckUserInterfaceAuth('system:dict:list'))])
+@dictController.get("/data/type/{dict_type}")
 async def query_system_dict_type_data(request: Request, dict_type: str, query_db: Session = Depends(get_db)):
    try:
        # 获取全量数据
--- a/ruoyi-fastapi-backend/module_admin/controller/job_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/job_controller.py
@ -63,7 +63,7 @@ async def edit_system_job(request: Request, edit_job: EditJobModel, query_db: Se
        return ResponseUtil.error(msg=str(e))


-@jobController.put("/job/changeStatus", dependencies=[Depends(CheckUserInterfaceAuth('monitor:job:edit'))])
+@jobController.put("/job/changeStatus", dependencies=[Depends(CheckUserInterfaceAuth('monitor:job:changeStatus'))])
@log_decorator(title='定时任务管理', business_type=2)
 async def edit_system_job(request: Request, edit_job: EditJobModel, query_db: Session = Depends(get_db), current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
    try:
--- a/ruoyi-fastapi-backend/module_admin/controller/log_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/log_controller.py
@ -70,7 +70,7 @@ async def export_system_operation_log_list(request: Request, operation_log_page_
        return ResponseUtil.streaming(data=bytes2file_response(operation_log_export_result))
    except Exception as e:
        logger.exception(e)
-        return response_500(data="", message=str(e))
+        return ResponseUtil.error(msg=str(e))


@logController.get("/logininfor/list", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('monitor:logininfor:list'))])
--- a/ruoyi-fastapi-backend/module_admin/controller/menu_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/menu_controller.py
@ -12,7 +12,7 @@ from module_admin.annotation.log_annotation import log_decorator
 menuController = APIRouter(prefix='/system/menu', dependencies=[Depends(LoginService.get_current_user)])


-@menuController.get("/treeselect", dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@menuController.get("/treeselect")
 async def get_system_menu_tree(request: Request, query_db: Session = Depends(get_db), current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
    try:
        menu_query_result = MenuService.get_menu_tree_services(query_db, current_user)
@ -23,7 +23,7 @@ async def get_system_menu_tree(request: Request, query_db: Session = Depends(get
        return ResponseUtil.error(msg=str(e))


-@menuController.get("/roleMenuTreeselect/{role_id}", dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@menuController.get("/roleMenuTreeselect/{role_id}")
 async def get_system_role_menu_tree(request: Request, role_id: int, query_db: Session = Depends(get_db), current_user: CurrentUserModel = Depends(LoginService.get_current_user)):
    try:
        role_menu_query_result = MenuService.get_role_menu_tree_services(query_db, role_id, current_user)
--- a/ruoyi-fastapi-backend/module_admin/controller/role_controller.py
+++ b/ruoyi-fastapi-backend/module_admin/controller/role_controller.py
@ -17,7 +17,7 @@ from module_admin.annotation.log_annotation import log_decorator
 roleController = APIRouter(prefix='/system/role', dependencies=[Depends(LoginService.get_current_user)])


-@roleController.get("/deptTree/{role_id}", dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@roleController.get("/deptTree/{role_id}", dependencies=[Depends(CheckUserInterfaceAuth('system:role:query'))])
 async def get_system_role_dept_tree(request: Request, role_id: int, query_db: Session = Depends(get_db), data_scope_sql: str = Depends(GetDataScope('SysDept'))):
    try:
        dept_query_result = DeptService.get_dept_tree_services(query_db, DeptModel(**{}), data_scope_sql)
@ -160,7 +160,7 @@ async def reset_system_role_status(request: Request, edit_role: AddRoleModel, qu
        return ResponseUtil.error(msg=str(e))


-@roleController.get("/authUser/allocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@roleController.get("/authUser/allocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('system:role:list'))])
 async def get_system_allocated_user_list(request: Request, user_role: UserRolePageQueryModel = Depends(UserRolePageQueryModel.as_query), query_db: Session = Depends(get_db)):
    try:
        role_user_allocated_page_query_result = RoleService.get_role_user_allocated_list_services(query_db, user_role, is_page=True)
@ -171,7 +171,7 @@ async def get_system_allocated_user_list(request: Request, user_role: UserRolePa
        return ResponseUtil.error(msg=str(e))


-@roleController.get("/authUser/unallocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('common'))])
+@roleController.get("/authUser/unallocatedList", response_model=PageResponseModel, dependencies=[Depends(CheckUserInterfaceAuth('system:role:list'))])
 async def get_system_unallocated_user_list(request: Request, user_role: UserRolePageQueryModel = Depends(UserRolePageQueryModel.as_query), query_db: Session = Depends(get_db)):
    try:
        role_user_unallocated_page_query_result = RoleService.get_role_user_unallocated_list_services(query_db, user_role, is_page=True)
--- a/ruoyi-fastapi-backend/module_admin/dao/dept_dao.py
+++ b/ruoyi-fastapi-backend/module_admin/dao/dept_dao.py
@ -1,5 +1,6 @@
 from sqlalchemy.orm import Session
 from module_admin.entity.do.dept_do import SysDept
+from module_admin.entity.do.role_do import SysRoleDept
 from module_admin.entity.vo.dept_vo import *
 from utils.time_format_util import list_format_datetime

--- a/ruoyi-fastapi-backend/module_admin/dao/user_dao.py
+++ b/ruoyi-fastapi-backend/module_admin/dao/user_dao.py
@ -1,7 +1,7 @@
 from sqlalchemy import and_, or_, desc, func
 from sqlalchemy.orm import Session
 from module_admin.entity.do.user_do import SysUser, SysUserRole, SysUserPost
-from module_admin.entity.do.role_do import SysRole, SysRoleMenu
+from module_admin.entity.do.role_do import SysRole, SysRoleDept, SysRoleMenu
 from module_admin.entity.do.dept_do import SysDept
 from module_admin.entity.do.post_do import SysPost
 from module_admin.entity.do.menu_do import SysMenu
--- a/ruoyi-fastapi-frontend/package.json
+++ b/ruoyi-fastapi-frontend/package.json
@ -1,6 +1,6 @@
 {
  "name": "vfadmin",
-  "version": "1.0.0",
+  "version": "1.0.2",
  "description": "vfadmin管理系统",
  "author": "insistence",
  "license": "MIT",