dayuan
/
manyi


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293
							# -*- coding: utf-8 -*-
# !/usr/bin/env python
import logging
import re
from collections import OrderedDict

from django.core.urlresolvers import RegexURLPattern, RegexURLResolver

from apilib.utils_string import cn
from apps.web.dealer.models import Dealer, PermissionRole
from apps.web.utils import ErrorResponseRedirect
from middlewares.django_jwt_session_auth import get_authorization_header
from django.conf import settings as django_settings

logger = logging.getLogger(__name__)


class PermissionMiddleware(object):

    def process_request(self, request):
        auth_domain, _ = get_authorization_header(request)

        if auth_domain == django_settings.SERVICE_DOMAIN.DEALER:
            original_user = request.session.get('_auth_user_id')
            to_oper_user = request.session.get('oper_id')
            if original_user and to_oper_user:
                # role = PermissionRole.objects.filter(dealerId=to_oper_user, operId=original_user, isActive=True).first()
                permissionRule = PermissionRole.get_role_permission(dealerId=to_oper_user, operId=original_user)

                if not permissionRule:
                    request.session.clear()

                    return ErrorResponseRedirect(error=cn(u'您无权限进行此操作'))

                # TODO url 过滤
                url = request.path
                # result = re.findall(r'password|pwd|verifyNewTel|Wallet|withdraw|paymentInfo|accountInfo', url, re.I)
                result = re.findall(r'password|pwd|verifyNewTel|getWalletWithdrawInfo', url, re.I)
                if result:
                    return ErrorResponseRedirect(error=cn(u'您当前账号无权访问,请切换主账号来操作'))

                # 有授权信息
                request.user = Dealer.objects.get(id=to_oper_user)
                request.permissions = permissionRule

    def process_response(self, request, response):
        return response


def recursion_urls(pre_namespace, pre_url, urlpatterns, url_ordered_dict):
    """
    递归的去获取URL
    :param pre_namespace: namespace前缀，以后用户拼接name
    :param pre_url: url前缀，以后用于拼接url
    :param urlpatterns: 路由关系列表
    :param url_ordered_dict: 用于保存递归中获取的所有路由
    :return:
    """
    for item in urlpatterns:
        if isinstance(item, RegexURLPattern):  # 非路由分发
            if not item.name:
                continue
            if pre_namespace:
                name = '%s:%s' % (pre_namespace, item.name)
            else:
                name = item.name
            url = pre_url + str(item._regex)

            url_ordered_dict[url.replace('^', '').replace('$', '')] = name
        elif isinstance(item, RegexURLResolver):
            if pre_namespace:
                if item.namespace:
                    namespace = '%s:%s' % (pre_namespace, item.namespace)
                else:
                    namespace = pre_namespace
            else:
                if item.namespace:
                    namespace = item.namespace
                else:
                    namespace = None
            recursion_urls(namespace, pre_url + str(item._regex), item.url_patterns, url_ordered_dict)


def get_all_url_dict():
    """
    获取项目中所有的URL
    :return:
    """
    url_ordered_dict = OrderedDict()
    import urls as md
    recursion_urls(None, '/', [md.urlpatterns[6]], url_ordered_dict)  # 递归去获取所有的路由
    for key, val in url_ordered_dict.items():
        print '\33[33m' + key + '\t\t\t' + val + '\33[0m'