refactor: ♻️ 授权页面重构

重构授权页面
2023-06-05 22:21:19 +08:00
parent 8c0a04ce61
commit f7b94e496c
11 changed files with 600 additions and 56 deletions
--- a/backend/dvadmin/system/models.py
+++ b/backend/dvadmin/system/models.py
@@ -236,7 +236,7 @@ class RoleMenuPermission(CoreModel):
        db_table = table_prefix + "role_menu_permission"
        verbose_name = "角色菜单权限表"
        verbose_name_plural = verbose_name
-        ordering = ("-create_datetime",)
+        # ordering = ("-create_datetime",)


 class RoleMenuButtonPermission(CoreModel):
--- a/backend/dvadmin/system/views/menu.py
+++ b/backend/dvadmin/system/views/menu.py
@@ -90,11 +90,16 @@ class MenuViewSet(CustomModelViewSet):
    def web_router(self, request):
        """用于前端获取当前角色的路由"""
        user = request.user
-        queryset = self.queryset.filter(status=1)
-        if not user.is_superuser:
+        is_admin = user.role.values_list('admin', flat=True)
+        if user.is_superuser or True in is_admin:
+            queryset = self.queryset.filter(status=1)
+        else:
            role_list = user.role.values_list('id', flat=True)
-            menu_list = RoleMenuPermission.objects.filter(role__in=role_list).values_list('menu_id')
+            menu_list = RoleMenuPermission.objects.filter(role__in=role_list).values_list('menu_id',flat=True)
+            print("role_list", role_list)
+            print("menu_list",menu_list)
            queryset = Menu.objects.filter(id__in=menu_list)
+        print(queryset)
        serializer = WebRouterSerializer(queryset, many=True, request=request)
        data = serializer.data
        return SuccessResponse(data=data, total=len(data), msg="获取成功")
--- a/backend/dvadmin/system/views/role_menu.py
+++ b/backend/dvadmin/system/views/role_menu.py
@@ -72,7 +72,14 @@ class RoleMenuPermissionViewSet(CustomModelViewSet):
        menu_list = body.get('menu',None)
        if menu_list is None:
            return ErrorResponse(msg="未获取到菜单参数")
-        data = [{"role":role_id,"menu":item} for item in menu_list]
+        obj_list = RoleMenuPermission.objects.filter(role__id=role_id).values_list('menu__id',flat=True)
+        old_set = set(obj_list)
+        new_set = set(menu_list)
+        #need_update = old_set.intersection(new_set) # 需要更新的
+        need_del = old_set.difference(new_set) # 需要删除的
+        need_add = new_set.difference(old_set) # 需要新增的
+        RoleMenuPermission.objects.filter(role__id=role_id,menu__in=list(need_del)).delete()
+        data = [{"role": role_id, "menu": item} for item in list(need_add)]
        serializer = RoleMenuPermissionSerializer(data=data,many=True,request=request)
        if serializer.is_valid(raise_exception=True):
            serializer.save()
--- a/backend/dvadmin/system/views/role_menu_button_permission.py
+++ b/backend/dvadmin/system/views/role_menu_button_permission.py
@@ -6,11 +6,11 @@
@Created on: 2021/6/3 003 0:30
@Remark: 菜单按钮管理
 """
-from django.db.models import F
+from django.db.models import F, Subquery, OuterRef, Exists
 from rest_framework.decorators import action
 from rest_framework.permissions import IsAuthenticated

-from dvadmin.system.models import RoleMenuButtonPermission, Menu, MenuButton, Dept
+from dvadmin.system.models import RoleMenuButtonPermission, Menu, MenuButton, Dept, RoleMenuPermission
 from dvadmin.utils.json_response import DetailResponse, ErrorResponse
 from dvadmin.utils.serializers import CustomModelSerializer
 from dvadmin.utils.viewset import CustomModelViewSet
@@ -66,14 +66,23 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
    @action(methods=['GET'], detail=False, permission_classes=[IsAuthenticated])
    def role_get_menu(self, request):
        """根据当前用户的角色返回角色拥有的菜单"""
+        data = []
        is_superuser = request.user.is_superuser
        is_admin = request.user.role.values_list('admin', flat=True)
        if is_superuser or True in is_admin:
-            queryset = Menu.objects.filter(status=1).values('id','name','parent','is_catalog')
+            queryset = Menu.objects.filter(status=1).values('name','parent','is_catalog',menu_id=F('id'))
+            for item in queryset:
+                btn_name = MenuButton.objects.filter(menu=item['menu_id']).values_list(
+                    'name', flat=True)
+                data.append({'menu_id': item['menu_id'], 'name': item['name'], 'parent': item['parent'],
+                             'permission': ','.join(btn_name), 'is_catalog': item['is_catalog']})
        else:
            role_id = request.user.role.values_list('id',flat=True)
-            queryset = RoleMenuButtonPermission.objects.filter(role__in=role_id).values(id=F('menu__id'),name=F('menu__name'),parent=F('menu__parent'),is_catalog=F('menu__is_catalog'))
-        return DetailResponse(data=queryset)
+            queryset = RoleMenuPermission.objects.filter(role__in=role_id).values('menu_id',name=F('menu__name'),parent=F('menu__parent'),is_catalog=F('menu__is_catalog')).distinct()
+            for item in queryset:
+                btn_name = RoleMenuButtonPermission.objects.filter(menu_button__menu=item['menu_id']).values_list('menu_button__name',flat=True)
+                data.append({'menu_id':item['menu_id'], 'name':item['name'], 'parent':item['parent'],'permission':','.join(btn_name),'is_catalog':item['is_catalog']})
+        return DetailResponse(data=data)

    @action(methods=['GET'], detail=False, permission_classes=[IsAuthenticated])
    def role_menu_get_button(self,request):
@@ -82,18 +91,16 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
        :param request:
        :return:
        """
-        params = request.query_params
-        if params:
-            menu_id = params.get('menu',None)
-            if menu_id:
+        if params := request.query_params:
+            if menu_id := params.get('menu', None):
                is_superuser = request.user.is_superuser
                is_admin = request.user.role.values_list('admin', flat=True)
                if is_superuser or True in is_admin:
                    queryset = MenuButton.objects.filter(menu=menu_id).values('id', 'name')
                else:
                    role_list = request.user.role.values_list('id',flat=True)
-                    queryset = RoleMenuButtonPermission.objects.filter(role_in=role_list,menu_button__menu=menu_id).values(
-                        id=F('menu_button__id'),
+                    queryset = RoleMenuButtonPermission.objects.filter(role__in=role_list,menu_button__menu=menu_id).values(
+                        btn_id=F('menu_button__id'),
                        name=F('menu_button__name')
                    )
                return DetailResponse(data=queryset)
@@ -133,12 +140,10 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
            return DetailResponse(data=data)
        else:
            data = []
-            role_id = request.user.role.id
-            params = request.query_params
-            if params:
-                menu_button_id = params.get('menu_button', None)
-                if menu_button_id:
-                    role_queryset = RoleMenuButtonPermission.objects.filter(role=role_id,menu_button=menu_button_id).values_list('data_range',flat=True)
+            role_list = request.user.role.values_list('id',flat=True)
+            if params := request.query_params:
+                if menu_button_id := params.get('menu_button', None):
+                    role_queryset = RoleMenuButtonPermission.objects.filter(role__in=role_list,menu_button__id=menu_button_id).values_list('data_range',flat=True)
                    data_range_list = list(set(role_queryset))
                    for item in data_range_list:
                        if item == 0:
@@ -202,21 +207,19 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
        is_admin = request.user.role.values_list('admin', flat=True)
        if is_superuser or True in is_admin:
            queryset = Dept.objects.values('id','name','parent')
-            return DetailResponse(data=queryset)
        else:
-            if params:
-                menu_button = params.get('menu_button')
-                if menu_button is None:
-                    return ErrorResponse(msg="参数错误")
-                role_list = request.user.role.values_list('id', flat=True)
-                queryset = RoleMenuButtonPermission.objects.filter(role_in=role_list,menu_button=None).values(
-                    id=F('dept__id'),
-                    name=F('dept__name'),
-                    parent=F('dept__parent')
-                )
-                return DetailResponse(data=queryset)
-            else:
+            if not params:
                return ErrorResponse(msg="参数错误")
+            menu_button = params.get('menu_button')
+            if menu_button is None:
+                return ErrorResponse(msg="参数错误")
+            role_list = request.user.role.values_list('id', flat=True)
+            queryset = RoleMenuButtonPermission.objects.filter(role__in=role_list,menu_button=None).values(
+                dept_id=F('dept__id'),
+                name=F('dept__name'),
+                parent=F('dept__parent')
+            )
+        return DetailResponse(data=queryset)



@@ -228,17 +231,48 @@ class RoleMenuButtonPermissionViewSet(CustomModelViewSet):
        :return:
        """
        params = request.query_params
-        if params:
-            menu_id = params.get('menu',None)
-            if menu_id is None:
-                return ErrorResponse(msg="未获取到参数")
-            role_id = params.get('role', None)
-            if role_id is None:
-                return ErrorResponse(msg="未获取到参数")
-            queryset = RoleMenuButtonPermission.objects.filter(role=role_id,menu_button__menu=menu_id).values(
+        menu_id = params.get('menu', None)
+        if menu_id is None:
+            return ErrorResponse(msg="未获取到参数")
+        is_superuser = request.user.is_superuser
+        is_admin = request.user.role.values_list('admin', flat=True)
+        if is_superuser or True in is_admin:
+            queryset = RoleMenuButtonPermission.objects.filter(menu_button__menu=menu_id).values(
                'id',
                'data_range',
-                'menu_button'
+                'menu_button',
+                'menu_button__name',
+                'menu_button__value'
            )
            return DetailResponse(data=queryset)
-        return ErrorResponse(msg="未获取到参数")
+        else:
+            if params:
+
+                role_id = params.get('role', None)
+                if role_id is None:
+                    return ErrorResponse(msg="未获取到参数")
+                queryset = RoleMenuButtonPermission.objects.filter(role=role_id,menu_button__menu=menu_id).values(
+                    'id',
+                    'data_range',
+                    'menu_button',
+                    'menu_button__name',
+                    'menu_button__value'
+                )
+                return DetailResponse(data=queryset)
+        return ErrorResponse(msg="未获取到参数")
+
+    @action(methods=['get'], detail=False, permission_classes=[IsAuthenticated])
+    def role_to_menu(self, request):
+        """
+        获取角色对应的按钮权限
+        :param request:
+        :return:
+        """
+        params = request.query_params
+        role_id = params.get('role', None)
+        if role_id is None:
+            return ErrorResponse(msg="未获取到参数")
+        queryset = RoleMenuPermission.objects.filter(role_id=role_id).values_list('menu_id',flat=True).distinct()
+
+        return DetailResponse(data=queryset)
+