221V
/
maple-bbs


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168
							#!/usr/bin/env python
# -*- coding=UTF-8 -*-
# **************************************************************************
# Copyright © 2016 jianglin
# File Name: permission.py
# Author: jianglin
# Email: xiyang0807@gmail.com
# Created: 2016-06-09 19:53:35 (CST)
# Last Update:星期三 2016-6-15 17:50:37 (CST)
#          By:
# Description:
# **************************************************************************
from flask import (request, abort, current_app, redirect, jsonify, url_for,
                   flash, g)
from flask_principal import Permission, RoleNeed, UserNeed, identity_loaded
from flask_login import current_user, login_required
from maple import app
from collections import namedtuple
from functools import partial, wraps

TopicNeed = namedtuple('topic', ['method', 'value'])
EditTopicNeed = partial(TopicNeed, 'edit')


class EditTopicPermission(Permission):
    def __init__(self, topic_id):
        need = EditTopicNeed(topic_id)
        super(EditTopicPermission, self).__init__(need)


class BasePermission(object):
    decorators = ()

    def __call__(self, func):
        if self.decorators:
            for dec in self.decorators:
                return dec(func)

        @wraps(func)
        def decorator(*args, **kwargs):
            meth = getattr(self, request.method.lower(), None)
            if meth is None and request.method == 'HEAD':
                meth = getattr(self, 'get', None)
            assert meth is not None, 'Unimplemented method %r' % request.method
            check = meth(*args, **kwargs)
            if check:
                return check
            else:
                pass
            return func(*args, **kwargs)

        return decorator


class TopicPermission(BasePermission):
    @login_required
    def post(self):
        pass

    def get(self, uid):
        pass

    @login_required
    def put(self, uid):
        permission = EditTopicPermission(uid)
        if not permission.can():
            flash('你没有权限')
            return redirect(url_for('topic.topic', uid=uid))

    @login_required
    def delete(self):
        pass


class ReplyPermission(BasePermission):
    decorators = [login_required]

    def post(self, uid):
        pass

    def put(self, uid):
        pass

    def delete(self, uid):
        pass


class FollowPermission(BasePermission):
    decorators = [login_required]

    def get(self, type):
        pass

    def post(self, uid):
        pass

    def delete(self, uid):
        pass


class CollectPermission(BasePermission):
    decorators = [login_required]

    def get(self, type):
        pass

    def post(self, uid):
        pass

    def put(self, uid):
        pass

    def delete(self, uid):
        pass


class TagPermission(BasePermission):
    def get(self, tag):
        pass

    @login_required
    def post(self, tag):
        pass

    @login_required
    def put(self, tag):
        pass


class LikePermission(BasePermission):
    def post(self):
        if not g.user.is_authenticated:
            return jsonify(judge=False, url=url_for('auth.login'))

    def delete(self):
        if not g.user.is_authenticated:
            return jsonify(judge=False, url=url_for('auth.login'))


topic_permission = TopicPermission()
reply_permission = ReplyPermission()
follow_permission = FollowPermission()
collect_permission = CollectPermission()
tag_permission = TagPermission()
like_permission = LikePermission()

super_permission = Permission(RoleNeed('super'))


@identity_loaded.connect_via(app)
def on_identity_loaded(sender, identity):
    '''基础权限'''
    identity.user = current_user

    if hasattr(current_user, 'id'):
        identity.provides.add(UserNeed(current_user.id))

    if hasattr(current_user, 'roles'):
        for role in current_user.roles:
            identity.provides.add(RoleNeed(role.rolename))

    if hasattr(current_user, 'is_superuser'):
        if current_user.is_superuser:
            identity.provides.add(RoleNeed('super'))

    if hasattr(current_user, 'topics'):
        for topic in current_user.topics:
            identity.provides.add(EditTopicNeed(topic.id))