flask 用户、角色、权限模型(flask 86)

import os
from datetime import datetime

from flask import current_app
from flask_avatars import Identicon
from flask_login import UserMixin
from werkzeug.security import generate_password_hash, check_password_hash

from extensions import db, whooshee

roles_permissions = db.Table('roles_permissions',
db.Column('role_id', db.Integer, db.ForeignKey('role.id')),
db.Column('permission_id', db.Integer, db.ForeignKey('permission.id'))
)
class Permission(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(30), unique=True)
roles = db.relationship('Role', secondary=roles_permissions, back_populates='permissions')
class Role(db.Model):
id = db.Column(db.Integer, primary_key=True)
name = db.Column(db.String(30), unique=True)
users = db.relationship('User', back_populates='role')
permissions = db.relationship('Permission', secondary=roles_permissions, back_populates='roles')

@staticmethod
def init_role():
    roles_permissions_map = {
        'Locked': ['FOLLOW', 'COLLECT'],
        'User': ['FOLLOW', 'COLLECT', 'COMMENT', 'UPLOAD'],
        'Moderator': ['FOLLOW', 'COLLECT', 'COMMENT', 'UPLOAD', 'MODERATE'],
        'Administrator': ['FOLLOW', 'COLLECT', 'COMMENT', 'UPLOAD', 'MODERATE', 'ADMINISTER']
    }

    for role_name in roles_permissions_map:
        role = Role.query.filter_by(name=role_name).first()
        if role is None:
            role = Role(name=role_name)
            db.session.add(role)
        role.permissions = []
        for permission_name in roles_permissions_map[role_name]:
            permission = Permission.query.filter_by(name=permission_name).first()
            if permission is None:
                permission = Permission(name=permission_name)
                db.session.add(permission)
            role.permissions.append(permission)
    db.session.commit()

@whooshee.register_model('name', 'username')
class User(db.Model, UserMixin):
id = db.Column(db.Integer, primary_key=True)
username = db.Column(db.String(20), unique=True, index=True)
email = db.Column(db.String(254), unique=True, index=True)
password_hash = db.Column(db.String(128))
name = db.Column(db.String(30))
website = db.Column(db.String(255))
bio = db.Column(db.String(120))
location = db.Column(db.String(50))
member_since = db.Column(db.DateTime, default=datetime.utcnow)
avatar_s = db.Column(db.String(64))
avatar_m = db.Column(db.String(64))
avatar_l = db.Column(db.String(64))
avatar_raw = db.Column(db.String(64))

confirmed = db.Column(db.Boolean, default=False)
locked = db.Column(db.Boolean, default=False)
active = db.Column(db.Boolean, default=True)

role_id = db.Column(db.Integer, db.ForeignKey('role.id'))

role = db.relationship('Role', back_populates='users')

def __init__(self, **kwargs):
    super(User, self).__init__(**kwargs)
    self.generate_avatar()
    self.follow(self)  # follow self
    self.set_role()

def set_password(self, password):
    self.password_hash = generate_password_hash(password)

def set_role(self):
    if self.role is None:
        if self.email == current_app.config['ALBUMY_ADMIN_EMAIL']:
            self.role = Role.query.filter_by(name='Administrator').first()
        else:
            self.role = Role.query.filter_by(name='User').first()
        db.session.commit()

def validate_password(self, password):
    return check_password_hash(self.password_hash, password)

def block(self):
    self.active = False
    db.session.commit()

def unblock(self):
    self.active = True
    db.session.commit()

def generate_avatar(self):
    avatar = Identicon()
    filenames = avatar.generate(text=self.username)
    self.avatar_s = filenames[0]
    self.avatar_m = filenames[1]
    self.avatar_l = filenames[2]
    db.session.commit()

@property
def is_admin(self):
    return self.role.name == 'Administrator'

@property
def is_active(self):
    return self.active

def can(self, permission_name):
    permission = Permission.query.filter_by(name=permission_name).first()
    return permission is not None and self.role is not None and permission in self.role.permissions

你可能感兴趣的:(flask 用户、角色、权限模型(flask 86))