kali/TS-ResHub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
TS-ResHub/authorize/api/website_authorize.py
Franklin-F c54372a7fa 整理简历详细信息 
加入导入脚本
2025-04-17 16:58:00 +08:00

148 lines
5.4 KiB
Python
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

from ninja import Router, Query
from django.shortcuts import get_object_or_404
from accounts.models import User
from authorize.models import WebsiteAccessRequest, ResumeDetailAccessRequest
from authorize.schemas import ResumeAccessRequestIn, AccessRequestIn, AuthorizeIn
from resumes.models import ResumeDetail
from websites.models import Website
from utils.auth import jwt_auth
from utils.permissions import manager_required, login_required
from logs.models import LogEntry
website_authorize_router = Router(tags=["网站(简历一般信息)授权管理"])
@website_authorize_router.post("/authorize", auth=jwt_auth, summary="分管手动授权网站[分管]",
description="分管理授权普通用户访问指定网站")
@manager_required
def authorize_user(request, data: AuthorizeIn):
manager = request.user
target_user = get_object_or_404(User, id=data.user_id)
if target_user.role != "user":
return {"success": False, "message": "只能授权给普通用户"}
managed_ids = set(manager.managed_websites.values_list("id", flat=True))
for wid in data.website_ids:
if wid not in managed_ids:
return {"success": False, "message": f"无权授权网站ID{wid}"}
target_user.authorized_websites.add(*data.website_ids)
WebsiteAccessRequest.objects.filter(user=target_user, website_id__in=data.website_ids).update(status="approved")
for wid in data.website_ids:
LogEntry.objects.create(
user=manager,
action="manual_grant_website",
target_type="website",
target_id=wid,
message=f"手动授权 {target_user.username} 访问网站"
)
return {
"success": True,
"message": f"已授权 {target_user.username} 访问 {len(data.website_ids)} 个网站",
}
@website_authorize_router.post("/apply", auth=jwt_auth, summary="申请网站授权[普]",
description="普通用户发起网站访问申请")
@login_required
def request_access(request, data: AccessRequestIn):
user = request.user
site = get_object_or_404(Website, id=data.website_id)
if WebsiteAccessRequest.objects.filter(user=user, website=site, status="pending").exists():
return {"success": False, "message": "您已申请,正在等待审批"}
WebsiteAccessRequest.objects.create(user=user, website=site, reason=data.reason or "")
LogEntry.objects.create(
user=user,
action="apply_website",
target_type="website",
target_id=site.id,
message="申请访问网站"
)
return {"success": True, "message": "申请已提交,等待分管理审批"}
@website_authorize_router.get("/pending", auth=jwt_auth, summary="待审批列表[分管]",
description="分管理查看自己负责的网站的待审批访问申请")
@manager_required
def list_pending_requests(request):
manager = request.user
managed_ids = manager.managed_websites.values_list("id", flat=True)
requests = WebsiteAccessRequest.objects.filter(website_id__in=managed_ids, status="pending")
return {
"success": True,
"items": [
{
"id": r.id,
"user": r.user.username,
"website": r.website.name,
"reason": r.reason,
"created_at": r.created_at,
}
for r in requests
]
}
@website_authorize_router.post("/approve", auth=jwt_auth, summary="审批网站授权[分管]",
description="分管理审批网站访问申请(通过或拒绝)")
@manager_required
def approve_request(request, request_id: int = Query(...), approve: bool = Query(True)):
r = get_object_or_404(WebsiteAccessRequest, id=request_id)
if r.website not in request.user.managed_websites.all():
return {"success": False, "message": "无权审批此申请"}
r.status = "approved" if approve else "rejected"
r.save()
if approve:
r.user.authorized_websites.add(r.website)
LogEntry.objects.create(
user=request.user,
action="approve_website",
target_type="website",
target_id=r.website.id,
message=f"审批网站:{r.user.username} -> {r.status}"
)
return {"success": True, "message": f"{'通过' if approve else '拒绝'} {r.user.username} 的访问申请"}
@website_authorize_router.get("/my-sites", auth=jwt_auth, summary="我的网站列表[普]",
description="展示当前用户可申请与已授权的网站列表,并标记授权状态")
@login_required
def list_user_sites_with_status(request):
user = request.user
if not user.is_user():
return {"success": False, "message": "仅普通用户可访问"}
if not user.source_manager:
return {"success": False, "message": "您尚未绑定所属分管理,无法申请网站"}
# 可申请的网站(所属分管理可管理)
manageable_sites = user.source_manager.managed_websites.all()
authorized_site_ids = set(user.authorized_websites.values_list("id", flat=True))
websites = []
for site in manageable_sites:
websites.append({
"id": site.id,
"name": site.name,
"db_alias": site.db_alias,
"authorized": site.id in authorized_site_ids
})
return {"success": True, "websites": websites}
Reference in New Issue View Git Blame Copy Permalink