权限系统Hub的5个重要接口讲解
2024-04-08 04:31:40
首先,我需要对这5个接口进行一些说明: 分别是op_login(登录)、op_pattern_leader_datalist(仅型号领导接口)、op_department_leader_datalist(仅部门领导接口)、op_pattern_leader_datalist(既是型号领导又是部门领导)、op_authorization_task_permissions(分配任务权限):
本项目开放的后4个接口,单纯是来解决项目所需的问题。整个生产环境中的用户包括:普通用户(设为user)、部门领导(department_user)、型号领导(pattern_user)、双重领导(pattern_department_user),普通用户只能看到自己的和他人共享出来的(这里涉及到密级everyone、public等,后续进行讲解),而诸如此类,pattern_user只能看到自己上传的数据 以及 他所管辖的pattern中的所有数据。这里权限系统存在的意义就是让相应职位的人看到相应的数据。
一、登录接口:op_login:
作用:获取导入系统中的几个参数,比如username、department、modelName等,并且对用户进行验证,通过authenticate方法判断是否是合法用户或非法用户。如果是合法用户,则向访问该接口的前端返回cookie值;如果用户非法,则登录失败。
@csrf_exempt
def op_login(request):print("===def op_login===")logobj = Logger(APP_LOG_PATH + 'cus_auth.log', logging.ERROR, logging.DEBUG)logobj.info('METHOD op_login START')if request.method == "POST":try:request_body = byteify(json.loads(request.body)) # 将byte类型转换为json类型,byteify方法是将json转换为strprint request_bodyusername = request_body.get('username', '')password = request_body.get('password', '')department = request_body.get('department', '')modelName = request_body.get('modelName', '')modelCoding = request_body.get('modelCoding', '')userId = request_body.get('userId', '')modelNameStr = ""if modelName:for index in range(len(modelName)):if index == 0:modelNameStr += modelName[index]else:modelNameStr += (',' + modelName[index]) departmentName = request_body.get('departmentName', '') # 部门名称isManager = request_body.get('isManager', '') # 是否是部门领导(isManager)isModelManager = request_body.get('isModelManager', '') # 是否是型号领导(isModelManager)logobj.info('<op_login>: 正在验证{}的{}...'.format(department, username))if (User.objects.filter(username=username)).count() == 0:# 如果User表中 不存在这个username的用户:调用op_register————注册用户requestJson = {'username': username, 'password': password, 'secret_level':'public', 'describe': '', 'department': ''}requests.post(url='http://localhost:80/cus_auth/register/', data=json.dumps(requestJson))else:# 如果User表中 存在这个username的用户:调用op_userProfile_update————更新用户信息requestJson = {'new_username': username, 'new_department': '', 'new_describe': '','new_password': password, 'new_secretlevel': SecretLevel.objects.get(id=(User.objects.get(username=username)).userprofile.secret_level.id).name, 'userid': User.objects.get(username=username).id}requests.post(url='http://localhost:80/cus_auth/user/profile_update/', data=json.dumps(requestJson))logobj.info('<op_login>: 正在验证{}的{}...'.format(department, username))# authenticate认证: 在密码对给出的用户名合法的情况下返回一个 User 对象。 如果密码不合法,authenticate()返回Noneuser = authenticate(username=username,password=password,userprofile__department=department)# 如果用户非空(user是存在的话)if user is not None:if user.is_active:# login 1login(request, user)# login 2user.userprofile.is_login = Trueuser.userprofile.save()logobj.info('<op_login>: 用户{}登录成功'.format(user.username.encode("utf-8")))response = HttpResponse(json.dumps({'code': '2','info': u'Login successfully','url': '/ExperimentList','secret_level': user.userprofile.secret_level.name}), status=200)# 向前台写入cookieresponse.set_cookie("username", urlquote(userId), max_age=3600)response.set_cookie("userId", username, max_age=3600)response.set_cookie("isManager",isManager , max_age=3600)response.set_cookie("isModelManager", isModelManager, max_age=3600)response.set_cookie("department", department, max_age=3600)response.set_cookie("modelName", urlquote(modelNameStr), max_age=3600)response.set_cookie("departmentName", urlquote(departmentName), max_age=3600)logobj.close()return responseelse:logobj.war('<op_login>: 用户{}没有被激活'.format(user.username.encode("utf-8")))logobj.close()return HttpResponse(json.dumps({'code': '-5', 'info': u'User not be active'}), status=503)else:logobj.war('<op_login>: 认证失败, 用户名或密码错误')logobj.close()return HttpResponse(json.dumps({'code': '-4', 'info': u'Username or Password is wrong'}), status=503)except Exception, e:logobj.error('<op_login>: 登录失败,错误信息为{}'.format(str(e)))logobj.close()return HttpResponse(json.dumps({'code': '0', 'info': e.message}), status=503)logobj.close()return HttpResponseBadRequest二、分配任务权限:op_authorization_task_permissions
作用:①导入系统上传数据需要调用此接口 ②为上传这些数据的user 分配这些data的权限
③导入数据中关联的department、pattern判断在User表中是否存在,如果为空则创建department_user、pattern_user。
逻辑思路:
1、首先获取导入系统后台view.py的assign方法中,上传的data值,如任务标签、密级、上传数据类型、表名(比如温度数据,对应数据库表为table22)、型号名称(pattern)、部门id、部门名称。
2、然后,分别判断User表中是否有对应的 department_user、pattern_user,有则获取对应用户信息,无则创建新的用户。
3、对一个用户关联权限时,为user、admin(管理员)、department_user、pattern_user 添加上permission,比如:
pattern_user.user_permissions.add(perm_ins) # perm_ins权限名4、增加user、admin(管理员)、department_user、pattern_user 与任务的关系,拿admin举例:
admin = User.objects.get(is_superuser=True)
User_data_info.objects.get_or_create(user=admin, data=data_info) # User_data_info表5、增加"user"与{table_name}:{task_id}之间的关联关系(IN ORACLE)...,这里利用到了cus_auth_extension.views中一个方法:_action_add_relation()
def _action_add_relation(user_id, task_id, table_name):roll_back = []try:with transaction.atomic():relation=User_id_Task_id.objects.using('oracle').get_or_create(user_id=user_id,task_id=task_id,table_name=table_name.upper())if relation[1]:relation[0].save(using='oracle')roll_back.append(relation[0])return Trueexcept Exception, e:for item in roll_back:item.delete()return False# assign the permissions of task to its owner who submits it
@_decorator_login_verification()
@csrf_exempt
def op_authorization_task_permissions(request):logobj = Logger("{}{}/{}".format(APP_LOG_PATH,"{}-{}".format(str(request.user.id), request.user.username.encode("utf-8")),'cus_auth.log'), logging.ERROR, logging.DEBUG)logobj.info('METHOD <op_authorization_task_permissions> START')# 获取 导入user的这一条用户信息(即User表中的一条记录)user = User.objects.get(username=request.user)rollback_del = []if request.method == 'POST':try:logobj.info('<op_authorization_task_permissions>: 从request中获取相关信息...')request_body = byteify(json.loads(request.body)) # json.loads():将byte类型转换为json类型; byteify():将json类型转换为strkernel = lambda x: request_body.get(x, None)params = {name: kernel(name) for name in ['task_id','secret_level','data_type','table_name','test_Pattern','department','departmentName']}# params中的 7个参数必须全部非空if any(map(lambda x: x is None or x is "", params.values())):logobj.war('<op_authorization_task_permissions>: Task_id或secret_level或data_type或table_name.....为null')logobj.close()return HttpResponse(json.dumps({'code': '-6','info': u'Task_id or secret_level or data_type or table_name is null'}),status=503)# 事务回滚: 初始化Task_permissions表with transaction.atomic():print("===============<op_authorization_task_permissions>: 初始化Data_info表================")logobj.info('<op_authorization_task_permissions>: 初始化Data_info表')# Data_info表: 1.任务标签 2.数据类型 3.表名和密级data_info = Data_info.objects.get_or_create(task_id=params['task_id'],secret_level=SecretLevel.objects.get(name=params['secret_level']),data_type=params['data_type'],table_name=params['table_name'])[0]rollback_del.append(data_info)print (params['task_id'])# xjy_create:作为user的departmentdepartment_id = params['department']if User.objects.filter(username=department_id).count() == 0:# 察看User这个表中 部门user为空,则需要新建try:# 1、创建(Create)部门Usertry:User.objects.update_or_create(username=department_id)print ("Suceess: 创建一个新的部门user")except Exception as e:print("Failed: 创建部门user失败")print e# 2、获取(get)部门Usertry:department_user = User.objects.get(username=department_id)department_name = department_user.first_name # 获取部门的中文名print("Success: get 部门user")except Exception as e:print("Failed: get 部门user")print eprint("Success: 创建部门user && get部门user成功")except Exception as e:print("Failed: 创建部门user && get部门user失败")print eelse:# 察看User这个表中部门user非空try:department_user = User.objects.get(username=department_id)department_name = department_user.first_name # 获取部门 的 中文名print("Success: get 部门user")except Exception as e:print("Failed: get 部门user")print e# xjy_create_end# xjy_create:作为user的型号test_pattern = params['test_Pattern']# 型号user() 是否为空if User.objects.filter(first_name=test_pattern).count() == 0:# 察看User这个表中 型号user为空,则需要新建try:# 1、创建型号Usertry:import timeuuid = time.time()uuid_pattern = int(round(uuid*1000)) # 时间戳(毫秒级)# 创建型号User(username为uuid,first_name为型号)User.objects.update_or_create(username=str(uuid_pattern), first_name=test_pattern)print("Success: 创建型号user")except Exception as e:print("Failed: 创建型号user失败")print e# 2、获取型号Usertry:# 获取型号Userpattern_user = User.objects.get(first_name=test_pattern)print("Success: find user")except Exception as e:print("Failed: find user失败")print("Success: 创建型号user && get型号user成功")except Exception as e:print("Failed: 创建型号user && get型号user失败")else:pattern_user = User.objects.get(first_name=test_pattern)# xjy_create-end# 为任务添加新的permissions:add the new permissions for taskprint("<op_authorization_task_permissions>: 为{table_name}:{task_id}添加新的权限...")logobj.info('<op_authorization_task_permissions>: 为{}:{}添加新的权限...'.format(params['table_name'], params['task_id']))from __init__ import _data_basic_permissions_list, _data_extend_permissions_listcontent_type = ContentType.objects.get(app_label='data', model='manage')# _data_permissions_list:【读、写、授权(grant)】 ------{'name': 'can grant {} data', 'perm': 'data.grant_{}'}print ("_data_permissions_list:【读、写、授权(grant)】")_data_permissions_list = _data_basic_permissions_list + _data_extend_permissions_listfor permission in _data_permissions_list:print("for permission in _data_permissions_list===")try:# 将导入data 相关权限写入Permission这个权限表中perm_ins = Permission.objects.get_or_create(codename=permission['perm'].split(".")[1].format('data{}'.format(str(data_info.id))),name=permission['name'].format('data{}'.format(str(data_info.id))),content_type=content_type)[0]print("====Successed: permission ====")except Exception as e:print("====Failed: permission ====")print erollback_del.append(perm_ins)try:# 为user添加权限: user_permissions.add()user.user_permissions.add(perm_ins)print("Success: 为user添加上permission")except Exception as e:print("====Failed: : 为user添加上permission ====")print e# xjy_create:为部门user 添加上permissiontry:department_user.user_permissions.add(perm_ins)print("Success: 为部门user添加上permission")except Exception as e:print("====Failed: : 为部门user添加上permission ====")print e# 为型号user 添加上permissiontry:pattern_user.user_permissions.add(perm_ins)print("Success: 为型号user添加上permission")except Exception as e:print("====Failed: : 为型号user添加上permission ====")print e# xjy_created_end# 增加user与任务的关系:add the relationship between user and taskprint ("===增加user与任务的关系===")logobj.info('<op_authorization_task_permissions>: 增加{}与{}:{}之间的关联关系...'.format(user.username, params['table_name'], params['task_id']))User_data_info.objects.get_or_create(user=user, data=data_info)# 增加admin与任务之间的联系print ("增加admin与任务之间的联系")logobj.info('<op_authorization_task_permissions>: 增加admin与{}:{}之间的关联关系...'.format(params['table_name'], params['task_id']))admin = User.objects.get(is_superuser=True)# User_data_info表User_data_info.objects.get_or_create(user=admin, data=data_info)# xjy_create:增加部门user、型号user与任务之间的联系try:logobj.info('<op_authorization_task_permissions>: 增加department与{}:{}之间的关联关系...'.format(params['table_name'],params['task_id']))User_data_info.objects.get_or_create(user=department_user, data=data_info)print("===Success: 增加department与任务之间的联系===")except Exception as e:print("====Failed: : 增加department与任务之间的联系 ====")print etry:logobj.info('<op_authorization_task_permissions>: 增加pattern与{}:{}之间的关联关系...'.format(params['table_name'],params['task_id']))User_data_info.objects.get_or_create(user=pattern_user, data=data_info)print("===Success: 增加pattern与任务之间的联系===")except Exception as e:print("====Failed: : 增加pattern与任务之间的联系 ====")print e# xjy_create-end# 增加"user"与{table_name}:{task_id}之间的关联关系(IN ORACLE)...logobj.info('<op_authorization_task_permissions>: 增加{}与{}:{}之间的关联关系(IN ORACLE)...'.format(user.username, params['table_name'], params['task_id']))from cus_auth_extension.views import _action_add_relation_action_add_relation(user_id=user.id,task_id=params['task_id'],table_name=params['table_name'])# 增加"admin"与{table_name}:{task_id}之间的关联关系(IN ORACLE)...logobj.info('<op_authorization_task_permissions>: 增加admin与{}之间的关联关系(IN ORACLE)...'.format(params['task_id']))_action_add_relation(user_id=admin.id,task_id=params['task_id'],table_name=params['table_name'])# xjy_create: 增加部门user与{table_name}:{task_id}之间的关联关系(IN ORACLE)...try:logobj.info('<op_authorization_task_permissions>: 增加department与{}之间的关联关系(IN ORACLE)...'.format(params['task_id']))_action_add_relation(user_id=department_user.id,task_id=params['task_id'],table_name=params['table_name'])print("===Success: 增加部门user {table_name}:{task_id}之间的关联关系(IN ORACLE)===")except Exception, e:print("===Failed: 增加部门user {table_name}:{task_id}之间的关联关系(IN ORACLE)===")print e# 增加型号user与{table_name}:{task_id}之间的关联关系(IN ORACLE)...try:logobj.info('<op_authorization_task_permissions>: 增加pattern与{}之间的关联关系(IN ORACLE)...'.format(params['task_id']))_action_add_relation(user_id=pattern_user.id,task_id=params['task_id'],table_name=params['table_name'])print("===Success: 增加型号user {table_name}:{task_id}之间的关联关系(IN ORACLE)===")except Exception, e:print("===Failed: 增加型号user {table_name}:{task_id}之间的关联关系(IN ORACLE)===")print e# xjy_create-endrollback_del = []logobj.info('<op_authorization_task_permissions>: 授权成功')logobj.close()return HttpResponse(json.dumps({'code': '4', 'info': u'Authorization successfully'}), status=200)except Exception, e:print elogobj.error('<op_authorization_task_permissions>: METHOD <op_authorization_task_permissions>失败')logobj.error('<op_authorization_task_permissions>: {}'.format(str(e)))logobj.info('<op_authorization_task_permissions>: 开始回滚...')for item in rollback_del:user.user_permissions.remove(item)item.delete()logobj.info('<op_authorization_task_permissions>: 回滚成功')logobj.close()return HttpResponse(json.dumps({'code': '0', 'info': e.message}), status=503)logobj.war('<op_authorization_task_permissions>: request的方法必须为POST, 但是只获得{}'.format(request.method))logobj.close()return HttpResponseBadRequest三、只是型号领导接口:op_pattern_leader_datalist
明确一点,型号领导既是一个普通user,又是一个Pattern_user
逻辑思路:首先查询pattern_user的权限, 然后再查询普通user的权限,最后进行合并,这个合并可以借鉴一下我的想法———嵌套字典的数组。
# xjy_create: op_pattern_leader_datalist(型号领导:可查看所属型号的全部数据,所属型号可能有多个)
@_decorator_login_verification()
@csrf_exempt
def op_pattern_leader_datalist(request):print("user only 型号领导")logobj = Logger("{}{}/{}".format(APP_LOG_PATH,"{}-{}".format(str(request.user.id), request.user.username.encode("utf-8")),'cus_auth.log'), logging.ERROR, logging.DEBUG)logobj.info('METHOD op_pattern_leader_datalist START')try:if request.method == 'POST':# (从管理平台了解) 型号leader: modelName:["LeixingA", "LeixingB"]# modelName = request.modelName#modelName = ["LeixingA","LeixingB"]# 用户名、型号request_body = byteify(json.loads(request.body))username = request_body.get('userName', '')modelName = request_body.get('modelName', '')print (request.body) print (modelName) zong = []# 对所有型号进行去重 zong[]for modelname in modelName:if User.objects.filter(first_name=modelname).count() == 0:continueelse:pattern_user = User.objects.get(first_name=modelname) # 获取型号user 的值tables = []# 从数据库取得匹配结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=pattern_user).all():if user_data.data.table_name not in tables:tables.append(user_data.data.table_name)print (tables)logobj.info('<op_pattern_leader_datalist>: 生成属于型号领导{}的表信息列表...'.format(pattern_user.username.encode("utf-8")))pattern_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=pattern_user,data__table_name=i).all()]} for i in tables]print("<op_pattern_leader_datalist>: 获取数据信息成功,return pattern_tables_taskids")print pattern_tables_taskidstableNames = [t['table_name'] for t in zong]for list_pattern in pattern_tables_taskids:if list_pattern['table_name'] in tableNames:(zong[tableNames.index(list_pattern['table_name'])])['task_ids'] += list_pattern['task_ids']else:zong.append(list_pattern)# 对zong进行去重for zong_list in zong:zong_list['task_ids'] = list(set(zong_list['task_ids']))pattern_tables_taskids = zong# 型号leader个人:(从管理系统得到) username = request.username && id = request.iduser_name = usernameuser = User.objects.get(username= user_name) leader_tables = []# model.objects.filter从数据库的取得匹配的结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=user).all():if user_data.data.table_name not in leader_tables:# 添加table_nameleader_tables.append(user_data.data.table_name)pattern_leader_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=user,data__table_name=i).all()]} for i in leader_tables]print("pattern_leader_tables_taskids:领导个人本身的数据")print pattern_leader_tables_taskids# 合并(去除)两个含有字典的数组 [{},{},{}]list_1 = pattern_tables_taskidslist_2 = pattern_leader_tables_taskids# 定义一个方法: 将列表a与b合并去重def merge_task(task_id1, task_id2):task_id1.extend(task_id2)return list(set(task_id1))new_list = [] # 用于存储合并去重列表record = [] # 用于记录table_name(利于去重)if len(list_1) == 0 and len(list_2) != 0:new_list = list_2elif len(list_1) != 0 and len(list_2) == 0:new_list = list_1else:for list1_table in list_1:for list2_table in list_2:# 表名相同,则新生成一个表放入list中,合并去重task_id字段list1_table_name = list1_table.get("table_name")list2_table_name = list2_table.get("table_name")if (list1_table_name == list2_table_name) and (list1_table_name not in record):record.append(list1_table_name)new_table = {"table_name": list1_table.get("table_name"),"data_type": list1_table.get("data_type"),"task_ids": merge_task(list1_table.get("task_ids"), list2_table.get("task_ids")),}new_list.append(new_table)# 如果表名不同,则全都放进新list中elif list1_table_name != list2_table_name:if list1_table_name not in record:new_list.append(list1_table)record.append(list1_table_name)if list2_table_name not in record:new_list.append(list2_table)record.append(list2_table_name)print(new_list)logobj.info('<op_pattern_leader_datalist>: 获取数据信息成功')logobj.close()return HttpResponse(json.dumps({'code': '15','data': new_list,})) except Exception, e:print e.messagelogobj.error('<op_pattern_leader_datalist>: METHOD <op_pattern_leader_datalist>失败, 错误信息为{}'.format(e.message))logobj.close()return HttpResponse(json.dumps({'code': '0','info': e.message,}), status=503)logobj.war('<op_pattern_leader_datalist>: request的方法必须为POST, 但是只获得{}'.format(request.method))logobj.close()return HttpResponseBadRequest
# xjy_create_end四、只是部门领导接口:op_department_leader_datalist
明确一点,型号领导既是一个普通user,又是一个department_user
逻辑思路:首先查询department_user的权限, 然后再查询普通user的权限,最后进行合并,这个合并可以借鉴一下我的想法———嵌套字典的数组。
# xjy_create:
@_decorator_login_verification()
@csrf_exempt
# 返回部门leader的数据
def op_department_leader_datalist(request):print("===def op_department_leader_datalist: 部门leader的数据===")logobj = Logger("{}{}/{}".format(APP_LOG_PATH,"{}-{}".format(str(request.user.id), request.user.username.encode("utf-8")),'cus_auth.log'), logging.ERROR, logging.DEBUG)logobj.info('METHOD op_department_leader_datalist START')try:if request.method == 'POST':#(从管理平台了解) 部门名称 和 部门idprint("=======================")test_1 = request.readlines()request_body = byteify(json.loads(request.body))print request_body# 用户名、密码、部门username = request_body.get('userName', '')depart_id = request_body.get('deptid', '')#depart_id = "11011"# depart_id = request.POST.get("deptid")print(depart_id)#xjy_create 察看user这个表中 部门 是否为空if User.objects.filter(username=depart_id).count() == 0:logobj.info('<op_department_leader_datalist>: 部门为空:直接返回空值')logobj.close()return HttpResponse(json.dumps({'code': '15','data': [],}))# xjy_created_enddepartment_user = User.objects.get(username= depart_id)print (department_user)tables = []# model.objects.filter从数据库的取得匹配的结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=department_user).all():if user_data.data.table_name not in tables:# 添加table_nametables.append(user_data.data.table_name)# xjy_testprintprint (tables)logobj.info('<op_department_leader_datalist>: 生成属于领导{}的表信息列表...'.format(department_user.username.encode("utf-8")))print ("===department_tables_taskids===")department_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=department_user,data__table_name=i).all()]} for i in tables]# 是领导这个用户信息print ("===get 领导这个用户信息===")# user = request.user#user_name = request.POST.get("userName")user = User.objects.get(username=username)print(username) print ("===leader_tables===")leader_tables = []# model.objects.filter从数据库的取得匹配的结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=user).all():if user_data.data.table_name not in leader_tables:# 添加table_nameleader_tables.append(user_data.data.table_name)department_leader_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=user,data__table_name=i).all()]} for i in leader_tables]# 合并(去除)两个含有字典的数组 [{},{},{}]# 新方法print ("合并(去除)两个含有字典的数组 [{},{},{}]")list_1 = department_tables_taskidslist_2 = department_leader_tables_taskidsprint("=====list_1====")print department_tables_taskidsprint ("=====list_2===")print department_leader_tables_taskids# 定义一个方法: 将列表a与b合并去重def merge_task(task_id1, task_id2):task_id1.extend(task_id2)return list(set(task_id1))new_list = [] # 用于存储合并去重列表record = [] # 用于记录table_name(利于去重)if len(list_1) == 0 and len(list_2)!=0:new_list = list_2elif len(list_1) != 0 and len(list_2)==0:new_list = list_1else:for list1_table in list_1:for list2_table in list_2:# 表名相同,则新生成一个表放入list中,合并去重task_id字段list1_table_name = list1_table.get("table_name")list2_table_name = list2_table.get("table_name")if (list1_table_name == list2_table_name) and (list1_table_name not in record):record.append(list1_table_name)new_table = {"table_name": list1_table.get("table_name"),"data_type": list1_table.get("data_type"),"task_ids": merge_task(list1_table.get("task_ids"), list2_table.get("task_ids")),}new_list.append(new_table)# 如果表名不同,则全都放进新list中elif list1_table_name != list2_table_name:if list1_table_name not in record:new_list.append(list1_table)record.append(list1_table_name)if list2_table_name not in record:new_list.append(list2_table)record.append(list2_table_name)print("====new_list====")print(new_list)logobj.info('<op_department_leader_datalist>: 获取数据信息成功')logobj.close()return HttpResponse(json.dumps({'code': '15','data': new_list,}))except Exception, e:print e.messagelogobj.error('<op_department_leader_datalist>: METHOD <op_department_leader_datalist>失败, 错误信息为{}'.format(e.message))logobj.close()return HttpResponse(json.dumps({'code': '0','info': e.message,}), status=503)logobj.war('<op_department_leader_datalist>: request的方法必须为POST, 但是只获得{}'.format(request.method))logobj.close()return HttpResponseBadRequest
# xjy_create_end五、既是部门领导又是型号:op_department_pattern_leader_datalist
明确一点,型号领导既是一个普通user,又是一个department_user,还是一个pattern_leader,这里的代码逻辑就是 类比三四接口再合并去重即可。
# 既是部门领导,又是型号领导
# xjy_create: (型号领导:可查看所属型号的全部数据,所属部门的全部数据)
@_decorator_login_verification()
@csrf_exempt
def op_department_pattern_leader_datalist(request):print("******user既是部门领导,又是型号领导")logobj = Logger("{}{}/{}".format(APP_LOG_PATH,"{}-{}".format(str(request.user.id), request.user.username.encode("utf-8")),'cus_auth.log'), logging.ERROR, logging.DEBUG)logobj.info('METHOD op_department_pattern_leader_datalist START')try:if request.method == 'POST':# (从管理平台了解) 型号leader: modelName:["LeixingA", "LeixingB"]request_body = byteify(json.loads(request.body))print request_body# 用户名、部门名、型号username = request_body.get('userName', '')depart_id = request_body.get('deptid', '')modelName = request_body.get('modelName', '')print("==========部门user下的all列表 + 这个user本身all列表==============")# 部门user可接收的列表department_user = User.objects.get(username=depart_id)print(department_user)tables = []# model.objects.filter从数据库的取得匹配的结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=department_user).all():if user_data.data.table_name not in tables:# 添加table_nametables.append(user_data.data.table_name)# xjy_testprintprint(tables)logobj.info('<op_department_leader_datalist>: 生成属于领导{}的表信息列表...'.format(department_user.username.encode("utf-8")))print("===department_tables_taskids===")department_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=department_user,data__table_name=i).all()]} for i in tables]# 是领导这个用户信息print("===get 领导这个用户信息===")# user = request.user# user_name = request.POST.get("userName")user = User.objects.get(username=username)print(username)print("===leader_tables===")leader_tables = []# model.objects.filter从数据库的取得匹配的结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=user).all():if user_data.data.table_name not in leader_tables:# 添加table_nameleader_tables.append(user_data.data.table_name)department_leader_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=user,data__table_name=i).all()]} for i in leader_tables]# 合并(去除)两个含有字典的数组 [{},{},{}]# 新方法print("合并(去除)两个含有字典的数组 [{},{},{}]")list_1 = department_tables_taskidslist_2 = department_leader_tables_taskidsprint("=====list_1====")print department_tables_taskidsprint("=====list_2===")print department_leader_tables_taskids# 定义一个方法: 将列表a与b合并去重def merge_task(task_id1, task_id2):task_id1.extend(task_id2)return list(set(task_id1))new_list = [] # 用于存储合并去重列表record = [] # 用于记录table_name(利于去重)if len(list_1) == 0 and len(list_2) != 0:new_list = list_2elif len(list_1) != 0 and len(list_2) == 0:new_list = list_1else:for list1_table in list_1:for list2_table in list_2:# 表名相同,则新生成一个表放入list中,合并去重task_id字段list1_table_name = list1_table.get("table_name")list2_table_name = list2_table.get("table_name")if (list1_table_name == list2_table_name) and (list1_table_name not in record):record.append(list1_table_name)new_table = {"table_name": list1_table.get("table_name"),"data_type": list1_table.get("data_type"),"task_ids": merge_task(list1_table.get("task_ids"), list2_table.get("task_ids")),}new_list.append(new_table)# 如果表名不同,则全都放进新list中elif list1_table_name != list2_table_name:if list1_table_name not in record:new_list.append(list1_table)record.append(list1_table_name)if list2_table_name not in record:new_list.append(list2_table)record.append(list2_table_name)print("====department_leader_tables_taskids :list====")print(new_list)list_dapartment_and_user = new_list# 型号leader可接收的列表print("==========型号user下的all列表==============")zong = []# 对所有型号进行去重 zong[]for modelname in modelName:if User.objects.filter(first_name=modelname).count() == 0:continueelse:pattern_user = User.objects.get(first_name=modelname) # 获取型号user 的值tables = []# 从数据库取得匹配结果,返回一个对象列表for user_data in User_data_info.objects.filter(user=pattern_user).all():if user_data.data.table_name not in tables:tables.append(user_data.data.table_name)print(tables)logobj.info('<op_pattern_leader_datalist>: 生成属于型号领导{}的表信息列表...'.format(pattern_user.username.encode("utf-8")))pattern_tables_taskids = [{'table_name': i,'data_type': Data_info.objects.filter(table_name=i).first().data_type,'task_ids': [j.data.task_id for j in User_data_info.objects.filter(user=pattern_user,data__table_name=i).all()]} for i in tables]print("<op_pattern_leader_datalist>: 获取数据信息成功,return pattern_tables_taskids")print pattern_tables_taskidstableNames = [t['table_name'] for t in zong]for list_pattern in pattern_tables_taskids:if list_pattern['table_name'] in tableNames:(zong[tableNames.index(list_pattern['table_name'])])['task_ids'] += list_pattern['task_ids']else:zong.append(list_pattern)# 对zong进行去重for zong_list in zong:zong_list['task_ids'] = list(set(zong_list['task_ids']))list_pattern_no_user = zong# 合并:list_1 = list_dapartment_and_userlist_2 = list_pattern_no_user# 定义一个方法: 将列表a与b合并去重def merge_task(task_id1, task_id2):task_id1.extend(task_id2)return list(set(task_id1))new_list = [] # 用于存储合并去重列表record = [] # 用于记录table_name(利于去重)if len(list_1) == 0 and len(list_2) != 0:list_pattern_and_department = list_2print list_pattern_and_departmentelif len(list_1) != 0 and len(list_2) == 0:list_pattern_and_department = list_1print list_pattern_and_departmentelse:for list1_table in list_1:for list2_table in list_2:# 表名相同,则新生成一个表放入list中,合并去重task_id字段list1_table_name = list1_table.get("table_name")list2_table_name = list2_table.get("table_name")if (list1_table_name == list2_table_name) and (list1_table_name not in record):record.append(list1_table_name)new_table = {"table_name": list1_table.get("table_name"),"data_type": list1_table.get("data_type"),"task_ids": merge_task(list1_table.get("task_ids"), list2_table.get("task_ids")),}new_list.append(new_table)# 如果表名不同,则全都放进新list中elif list1_table_name != list2_table_name:if list1_table_name not in record:new_list.append(list1_table)record.append(list1_table_name)if list2_table_name not in record:new_list.append(list2_table)record.append(list2_table_name)print("部门领导 和 型号领导合并")print(new_list)list_pattern_and_department = new_list# xjy_created_endlogobj.info('<op_department_pattern_leader_datalist>: 获取数据信息成功')logobj.close()return HttpResponse(json.dumps({'code': '15','data': list_pattern_and_department,}))except Exception, e:print e.messagelogobj.error('<op_department_pattern_leader_datalist>: METHOD <op_pattern_leader_datalist>失败, 错误信息为{}'.format(e.message))logobj.close()return HttpResponse(json.dumps({'code': '0','info': e.message,}), status=503)logobj.war('<op_department_pattern_leader_datalist>: request的方法必须为POST, 但是只获得{}'.format(request.method))logobj.close()return HttpResponseBadRequest
# xjy_create_end权限系统Hub的5个重要接口讲解相关推荐
- 项目积累 之 权限系统Hub(一)
一.什么是权限? 简而言之,就是使得相应的用户拥有对应的身份,或者是相应的用户分配对相应资源的读.写.授予权限. 权限机制能够约束用户行为,控制页面的显示内容,也能使得API(应用程序接口)更加安全和 ...
- 采用SpringBoot、MyBatis-Plus 、Security框架,开发的一套权限系统,实现前后端分离,完善的代码生成机制
项目说明 harry 采用SpringBoot.MyBatis-Plus .Security框架,开发的一套权限系统,实现前后端分离,完善的代码生成机制.Harry Gitee地址 harry-vue ...
- bootstrap 开源框架demo_高大上的开源Springboot企业级用户权限系统
往期精彩推荐: 略吊!Springboot+vue前后端分离快速开发平台-QuickD springboot炸翔版CMS开源系统 一个高颜值,方便使用的开源redis桌面客户端程序 这是一款国产略吊的 ...
- linux 权限777_Linux编程之权限系统与工具使用(二)
阿里P7移动互联网架构师进阶视频(每日更新中)免费学习请点击:https://space.bilibili.com/474380680 本篇文章将继续通过权限系统与工具使用来阐述Linux编程: 一. ...
- 【从0到1,搭建Spring Boot+RESTful API+Shiro+Mybatis+SQLServer权限系统】05、Shiro集成
1.POM文件中加入Shiro和fastJSON依赖 <dependency><groupId>org.apache.shiro</groupId><arti ...
- Spring Security和 JWT两大利器来打造一个简易的权限系统。
写在前面 关于 Spring Security Web系统的认证和权限模块也算是一个系统的基础设施了,几乎任何的互联网服务都会涉及到这方面的要求.在Java EE领域,成熟的安全框架解决方案一般有 A ...
- 品达通用权限系统(Day 1~Day 2)
1. 项目概述 1.1 项目介绍 对于企业中的项目绝大多数都需要进行用户权限管理.认证.鉴权.加密.解密.XSS防跨站攻击等.这些功能整体实现思路基本一致,但是大部分项目都需要实现一次,这无形中就形成 ...
- 万能通用!权限系统就该这么设计!
大家好,我是老赵.今天给大家介绍一下权限系统的设计以及主流的五种权限模型. 权限管控可以通俗的理解为权力限制,即不同的人由于拥有不同权力,他所看到的.能使用的可能不一样.对应到一个应用系统,其实就是一 ...
- 权限系统就该这么设计(万能通用),稳的一批!
权限管控可以通俗的理解为权力限制,即不同的人由于拥有不同权力,他所看到的.能使用的可能不一样.对应到一个应用系统,其实就是一个用户可能拥有不同的数据权限(看到的)和操作权限(使用的). 主流的权限模型 ...
最新文章
- NOIP2018 集训(一)
- 牛客(35)数组中的逆序对
- WebBrowser页面与WinForm交互技巧
- 调查显示:被黑过的公司难以找到投资
- 程序员怒斥:虎牙HR真奇葩,通知我面试,又何必当面羞辱我一番?
- 假如苹果构建了一个搜索引擎
- 树莓派zero_w 串口的使用(解决usb可用rxtx不可用的问题)
- 深入浅出Docker(五):基于Fig搭建开发环境
- 前端web 技术盘点
- 批处理调用devcon确保虚拟驱动设备只存在安装一次
- 高二获全奖跳级进哈佛,29岁坐拥数亿身家,这位曾让马云畏惧的“天才神童”现在怎么样了?...
- git clone 失败问题解决方案
- IDA动态调试夜神模拟器
- python中remove函数的用法_Remove函数用法
- HDOJ 4069 Squiggly Sudoku 精确覆盖+搜索
- 登陆验证成功后的跳转页面依然保留用户信息
- CB2-2CARD的openSUSE安装NAS环境配置
- 课程7 :PLC常见指令详解:比较指令(工控PLC工程师入门必读,5天可上手调试)
- MailStore邮件归档
- 淘宝授权登录 oauth2.0