zcdsj
/
cnas
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rbacfilterset

This commit is contained in:
caoqianming 2020-07-06 10:14:20 +08:00
parent 8cfa767c56
commit d87a7f20c6
14 changed files with 141 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
client/src/api/user.js
View File

@ -60,3 +60,11 @@ export function deleteUser(id, data) {
data
})
}
export function changePassword(data) {
return request({
url: '/system/user/password/',
method: 'put',
data
})
}

5
client/src/layout/components/Navbar.vue
View File

@ -16,6 +16,11 @@
首页
</el-dropdown-item>
</router-link>
<router-link to="/system/user/password">
<el-dropdown-item divided>
修改密码
</el-dropdown-item>
</router-link>
<!-- <a target="_blank" href="https://github.com/PanJiaChen/vue-admin-template/">
<el-dropdown-item>Github</el-dropdown-item>
</a>

7
client/src/router/index.js
View File

@ -109,6 +109,13 @@ export const asyncRoutes = [
component: () => import('@/views/system/user'),
meta: { title: '用户管理', icon: 'user', perms: ['user_manage'] }
},
{
path: 'user/password',
name: 'ChangePassword',
component: () => import('@/views/system/changepassword'),
meta: { title: '修改密码', noCache: true, icon: ''},
hidden: true
},
{
path: 'organization',
name: 'Organization',

11
client/src/utils/request.js
View File

@ -45,6 +45,13 @@ service.interceptors.response.use(
const res = response.data
// 50008: Illegal token; 50012: Other clients logged in; 50014: Token expired;
if (res.code === 401) {
if(res.msg.indexOf('No active account')!=-1){
Message({
message: '用户名或密码错误',
type: 'error',
duration: 3 * 1000
})
}else{
MessageBox.confirm('认证失败,请重新登陆.', '确认退出', {
confirmButtonText: '重新登陆',
cancelButtonText: '取消',
@ -54,11 +61,13 @@ service.interceptors.response.use(
location.reload()
})
})
}
} else if (res.code >= 400) {
Message({
message: res.msg || '请求出错',
type: 'error',
duration: 5 * 1000
duration: 3 * 1000
})
return Promise.reject(new Error(res.msg || '请求出错'))
} else {

6
client/src/views/implementrule/implementrule.vue
View File

@ -79,12 +79,6 @@
:disabled="!checkPermission(['implementrule_update'])"
@click="handleUpdate(scope)"
>编辑</el-button>
<el-button
type="primary"
size="small"
:disabled="!checkPermission(['implementrule_update'])"
@click="handleUpate(scope)"
>单元划分</el-button>
<el-button
type="danger"
size="small"

78
client/src/views/system/changepassword.vue Normal file
View File

@ -0,0 +1,78 @@
<template>
<div class="app-container">
<el-form ref="elForm" :model="formData" :rules="rules" size="medium" label-width="100px">
<el-form-item label="旧密码" prop="old_password">
<el-input v-model="formData.old_password" placeholder="请输入旧密码" clearable show-password
:style="{width: '100%'}"></el-input>
</el-form-item>
<el-form-item label="新密码" prop="new_password1">
<el-input v-model="formData.new_password1" placeholder="请输入新密码" clearable show-password
:style="{width: '100%'}"></el-input>
</el-form-item>
<el-form-item label="新密码" prop="new_password2">
<el-input v-model="formData.new_password2" placeholder="请再次输入新密码" clearable show-password
:style="{width: '100%'}"></el-input>
</el-form-item>
<el-form-item size="large">
<el-button type="primary" @click="submitForm">提交</el-button>
<el-button @click="resetForm">重置</el-button>
</el-form-item>
</el-form>
</div>
</template>
<script>
import { changePassword } from "@/api/user"
export default {
components: {},
props: [],
data() {
return {
formData: {
old_password: undefined,
new_password1: undefined,
new_password2: undefined,
},
rules: {
old_password: [{
required: true,
message: '请输入旧密码',
trigger: 'blur'
}],
new_password1: [{
required: true,
message: '请输入新密码',
trigger: 'blur'
}],
new_password2: [{
required: true,
message: '请再次输入新密码',
trigger: 'blur'
}],
},
}
},
computed: {},
watch: {},
created() {},
mounted() {},
methods: {
submitForm() {
this.$refs['elForm'].validate(valid => {
if (!valid) return
// TODO 提交表单
changePassword(this.formData).then(async(res)=>{
this.$message({
message: '密码修改成功,请重新登陆',
type: 'success'
})
await this.$store.dispatch('user/logout')
this.$router.push(`/login`)
})
})
},
resetForm() {
this.$refs['elForm'].resetFields()
},
}
}
</script>

16
client/src/views/system/dict.vue
View File

@ -317,22 +317,18 @@ export default {
updateDictType(this.dicttype.id, this.dicttype).then(res => {
this.getDictTypeList()
this.dgV1 = false
this.$notify({
title: '成功',
this.$message({
message: '编辑成功',
type: 'success',
duration: 2000
})
}).catch(error=>{})
} else {
createDictType(this.dicttype).then(res => {
this.getDictTypeList()
this.dgV1 = false
this.$notify({
title: '成功',
this.$message({
message: '新增成功',
type: 'success',
duration: 2000
})
}).catch(error=>{})
}
@ -349,22 +345,18 @@ export default {
updateDict(this.dict.id, this.dict).then(res => {
this.getList()
this.dgV2 = false
this.$notify({
title: '成功',
this.$message({
message: '编辑成功',
type: 'success',
duration: 2000
})
}).catch(error=>{})
} else {
createDict(this.dict).then(res => {
this.getList()
this.dgV2 = false
this.$notify({
title: '成功',
this.$message({
message: '新增成功',
type: 'success',
duration: 2000
})
}).catch(error=>{})
}

8
client/src/views/system/organization.vue
View File

@ -172,11 +172,9 @@ export default {
updateOrg(this.org.id, this.org).then(() => {
this.getList()
this.dialogVisible = false
this.$notify({
title: '成功',
this.$message({
message: '编辑成功',
type: 'success',
duration: 2000
})
})
} else {
@ -185,11 +183,9 @@ export default {
// this.tableData.unshift(this.org)
this.getList()
this.dialogVisible = false
this.$notify({
title: '成功',
this.$message({
message: '新增成功',
type: 'success',
duration: 2000
})
})
}

8
client/src/views/system/perm.vue
View File

@ -184,11 +184,9 @@ export default {
updatePerm(this.perm.id, this.perm).then(() => {
this.getList()
this.dialogVisible = false
this.$notify({
title: '成功',
this.$message({
message: '编辑成功',
type: 'success',
duration: 2000
})
})
} else {
@ -197,11 +195,9 @@ export default {
// this.tableData.unshift(this.perm)
this.getList()
this.dialogVisible = false
this.$notify({
title: '成功',
this.$message({
message: '新增成功',
type: 'success',
duration: 2000
})
})
}

8
client/src/views/system/position.vue
View File

@ -169,11 +169,9 @@ export default {
updatePosition(this.position.id, this.position).then(() => {
this.getList()
this.dialogVisible = false
this.$notify({
title: '成功',
this.$message({
message: '编辑成功',
type: 'success',
duration: 2000
})
})
} else {
@ -182,11 +180,9 @@ export default {
// this.tableData.unshift(this.position)
this.getList()
this.dialogVisible = false
this.$notify({
title: '成功',
this.$message({
message: '新增成功',
type: 'success',
duration: 2000
})
})
}

10
client/src/views/system/user.vue
View File

@ -342,22 +342,18 @@ export default {
updateUser(this.user.id, this.user).then(res => {
this.getList();
this.dialogVisible = false;
this.$notify({
title: "成功",
this.$message({
message: "编辑成功",
type: "success",
duration: 2000
});
});
} else {
createUser(this.user).then(res => {
this.getList();
this.dialogVisible = false;
this.$notify({
title: "成功",
this.$message({
message: "新增成功",
type: "success",
duration: 2000
type: "success"
});
});
}

20
server/apps/certset/views.py
View File

@ -2,9 +2,11 @@ from django.shortcuts import render
from rest_framework.viewsets import ModelViewSet
from .models import Standard, UnitType, ImplementRule
from .serializers import StandardSerializer, ImplementRuleSerializer, UnitTypeSerializer, ImplementRuleListSerializer
from apps.system.permission_data import RbacFilterSet
from apps.system.mixins import CreateUpdateCustomMixin, OptimizationMixin
# Create your views here.
class StandardViewSet(ModelViewSet):
class StandardViewSet(CreateUpdateCustomMixin, ModelViewSet):
perms_map = {'get': '*', 'post': 'standard_create',
'put': 'standard_update', 'delete': 'standard_delete'}
queryset = Standard.objects
@ -13,7 +15,7 @@ class StandardViewSet(ModelViewSet):
filterset_fields = ['status']
ordering = ['-create_time']
class ImplementRuleViewSet(ModelViewSet):
class ImplementRuleViewSet(CreateUpdateCustomMixin, OptimizationMixin, ModelViewSet):
perms_map = {'get': '*', 'post': 'implementrule_create',
'put': 'implementrule_update', 'delete': 'implementrule_delete'}
queryset = ImplementRule.objects
@ -28,13 +30,7 @@ class ImplementRuleViewSet(ModelViewSet):
return ImplementRuleListSerializer
return ImplementRuleSerializer
def get_queryset(self):
queryset = self.queryset
if hasattr(self.get_serializer_class(), 'setup_eager_loading'):
queryset = self.get_serializer_class().setup_eager_loading(queryset) # 性能优化
return queryset
class UnitTypedViewSet(ModelViewSet):
class UnitTypedViewSet(CreateUpdateCustomMixin, OptimizationMixin, ModelViewSet):
perms_map = {'get': '*', 'post': 'unittype_create',
'put': 'unittype_update', 'delete': 'unittype_delete'}
queryset = UnitType.objects
@ -50,9 +46,3 @@ class UnitTypedViewSet(ModelViewSet):
if ((not self.request.query_params.get('page', None)) and (self.request.query_params.get('implementrule', None))) or (self.paginator is None):
return None
return self.paginator.paginate_queryset(queryset, self.request, view=self)
def get_queryset(self):
queryset = self.queryset
if hasattr(self.get_serializer_class(), 'setup_eager_loading'):
queryset = self.get_serializer_class().setup_eager_loading(queryset) # 性能优化
return queryset

4
server/apps/system/permission.py
View File

@ -37,6 +37,8 @@ class RbacPermission(BasePermission):
"""
perms = cache.get(request.user.username + '__perms')
if not perms:
if not request.user:
perms = ['visitor'] # 如果没有经过认证,视为游客
perms = get_permission_list(request.user)
if perms:
if 'admin' in perms:
@ -59,6 +61,8 @@ class RbacPermission(BasePermission):
"""
Return `True` if permission is granted, `False` otherwise.
"""
if not request.user:
return False
has_obj_perm(request.user, obj)
return True

4
server/apps/system/views.py
View File

@ -196,13 +196,13 @@ class UserViewSet(ModelViewSet):
serializer.save(password=password)
return Response(serializer.data)
@action(methods=['put'], detail=True, permission_classes=[IsAuthenticated], # perms_map={'put':'change_password'}
@action(methods=['put'], detail=False, permission_classes=[IsAuthenticated], # perms_map={'put':'change_password'}
url_name='change_password')
def password(self, request, pk=None):
"""
修改密码
"""
user = User.objects.get(id=pk)
user = request.user
old_password = request.data['old_password']
if check_password(old_password, user.password):
new_password1 = request.data['new_password1']