| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379 |
- # coding=utf-8
- """
- @project: MaxKB
- @Author:虎虎
- @file: user.py
- @date:2025/4/14 19:25
- @desc:
- """
- from django.core.cache import cache
- from django.db.models import QuerySet
- from django.utils.translation import gettext_lazy as _
- from drf_spectacular.utils import extend_schema
- from rest_framework.request import Request
- from rest_framework.views import APIView
- from common.auth.authenticate import TokenAuth
- from common.auth.authentication import has_permissions
- from common.constants.cache_version import Cache_Version
- from common.constants.permission_constants import PermissionConstants, Permission, Group, Operate, RoleConstants
- from common.log.log import log
- from common.result import result
- from common.utils.common import query_params_to_single_dict
- from maxkb.const import CONFIG
- from models_provider.api.model import DefaultModelResponse
- from tools.serializers.tool import encryption
- from users.api.user import UserProfileAPI, TestWorkspacePermissionUserApi, DeleteUserApi, EditUserApi, \
- ChangeUserPasswordApi, UserPageApi, UserListApi, UserPasswordResponse, WorkspaceUserAPI, ResetPasswordAPI, \
- SendEmailAPI, CheckCodeAPI, SwitchUserLanguageAPI
- from users.models import User
- from users.serializers.user import UserProfileSerializer, UserManageSerializer, CheckCodeSerializer, \
- SendEmailSerializer, RePasswordSerializer, SwitchLanguageSerializer, ResetCurrentUserPassword
- default_password = CONFIG.get('DEFAULT_PASSWORD', 'ZhAgent@980123')
- def get_user_operation_object(user_id):
- user_model = QuerySet(model=User).filter(id=user_id).first()
- if user_model is not None:
- return {
- "name": user_model.name
- }
- return {}
- def get_re_password_details(request):
- path = request.path
- body = request.data
- query = request.query_params
- return {
- "path": path,
- "body": {**body, 'password': encryption(body.get('password', '')),
- 're_password': encryption(body.get('re_password', ''))},
- "query": query
- }
- class UserProfileView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary=_("Get current user information"),
- description=_("Get current user information"),
- operation_id=_("Get current user information"), # type: ignore
- tags=[_("User Management")], # type: ignore
- responses=UserProfileAPI.get_response())
- def get(self, request: Request):
- return result.success(UserProfileSerializer().profile(request.user, request.auth))
- class TestPermissionsUserView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary=_("Get current user information"),
- description=_("Get current user information"),
- operation_id="测试",
- tags=[_("User Management")], # type: ignore
- responses=UserProfileAPI.get_response())
- @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
- def get(self, request: Request):
- return result.success(UserProfileSerializer().profile(request.user, request.auth))
- class SwitchUserLanguageView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['POST'],
- summary=_("Switch Language"),
- description=_("Switch Language"),
- operation_id=_("Switch Language"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=SwitchUserLanguageAPI.get_request(),
- )
- @log(menu='User management', operate='Switch Language',
- get_operation_object=lambda r, k: {'name': r.user.username})
- @has_permissions(PermissionConstants.SWITCH_LANGUAGE, RoleConstants.ADMIN, RoleConstants.USER,
- RoleConstants.WORKSPACE_MANAGE)
- def post(self, request: Request):
- data = {**request.data, 'user_id': request.user.id}
- return result.success(SwitchLanguageSerializer(data=data).switch())
- class TestWorkspacePermissionUserView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary="针对工作空间下权限校验",
- description="针对工作空间下权限校验",
- operation_id="针对工作空间下权限校验",
- tags=[_("User Management")], # type: ignore
- responses=UserProfileAPI.get_response(),
- parameters=TestWorkspacePermissionUserApi.get_parameters())
- @has_permissions(PermissionConstants.USER_EDIT.get_workspace_permission(), RoleConstants.ADMIN)
- def get(self, request: Request, workspace_id):
- return result.success(UserProfileSerializer().profile(request.user, request.auth))
- class UserList(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary=_("Get all user"),
- description=_("Get all user"),
- operation_id=_("Get all user"), # type: ignore
- tags=[_("User Management")], # type: ignore
- responses=UserListApi.get_response())
- @has_permissions(RoleConstants.WORKSPACE_MANAGE, RoleConstants.ADMIN, RoleConstants.EXTENDS_ADMIN,
- RoleConstants.EXTENDS_WORKSPACE_MANAGE, RoleConstants.USER, RoleConstants.EXTENDS_USER)
- def get(self, request: Request):
- nick_name = request.query_params.get('nick_name', None)
- return result.success(UserManageSerializer().get_all_user_list(nick_name))
- class WorkspaceUserListView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary=_("Get user list under workspace"),
- description=_("Get user list under workspace"),
- operation_id=_("Get user list under workspace"), # type: ignore
- tags=[_("User Management")], # type: ignore
- parameters=WorkspaceUserAPI.get_parameters(),
- responses=WorkspaceUserAPI.get_response())
- def get(self, request: Request, workspace_id):
- return result.success(UserManageSerializer().get_user_list(workspace_id))
- class WorkspaceUserMemberView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary=_("Get user member under workspace"),
- description=_("Get user member under workspace"),
- operation_id=_("Get user member under workspace"), # type: ignore
- tags=[_("User Management")], # type: ignore
- parameters=WorkspaceUserAPI.get_parameters(),
- responses=WorkspaceUserAPI.get_response())
- def get(self, request: Request, workspace_id):
- return result.success(UserManageSerializer().get_user_members(workspace_id))
- class UserManage(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['POST'],
- summary=_("Create user"),
- description=_("Create user"),
- operation_id=_("Create user"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=UserProfileAPI.get_request(),
- responses=UserProfileAPI.get_response())
- @has_permissions(PermissionConstants.USER_CREATE, RoleConstants.ADMIN)
- @log(menu='User management', operate='Add user',
- get_operation_object=lambda r, k: {'name': r.data.get('username', None)})
- def post(self, request: Request):
- return result.success(UserManageSerializer().save(request.data, str(request.user.id)))
- class Password(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['Get'],
- summary=_("Get default password"),
- description=_("Get default password"),
- operation_id=_("Get default password"), # type: ignore
- tags=[_("User Management")], # type: ignore
- responses=UserPasswordResponse.get_response())
- @has_permissions(PermissionConstants.USER_CREATE, PermissionConstants.CHAT_USER_CREATE,
- PermissionConstants.WORKSPACE_CHAT_USER_CREATE, RoleConstants.ADMIN,
- RoleConstants.WORKSPACE_MANAGE)
- def get(self, request: Request):
- return result.success(data={'password': default_password})
- class Operate(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['DELETE'],
- description=_("Delete user"),
- summary=_("Delete user"),
- operation_id=_("Delete user"), # type: ignore
- tags=[_("User Management")], # type: ignore
- parameters=DeleteUserApi.get_parameters(),
- responses=DefaultModelResponse.get_response())
- @has_permissions(PermissionConstants.USER_DELETE, RoleConstants.ADMIN)
- @log(menu='User management', operate='Delete user',
- get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')))
- def delete(self, request: Request, user_id):
- return result.success(UserManageSerializer.Operate(data={'id': user_id}).delete(with_valid=True))
- @extend_schema(methods=['GET'],
- summary=_("Get user information"),
- description=_("Get user information"),
- operation_id=_("Get user information"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=DeleteUserApi.get_parameters(),
- responses=UserProfileAPI.get_response())
- @has_permissions(PermissionConstants.USER_READ, RoleConstants.ADMIN)
- def get(self, request: Request, user_id):
- return result.success(UserManageSerializer.Operate(data={'id': user_id}).one(with_valid=True))
- @extend_schema(methods=['PUT'],
- summary=_("Update user information"),
- description=_("Update user information"),
- operation_id=_("Update user information"), # type: ignore
- tags=[_("User Management")], # type: ignore
- parameters=DeleteUserApi.get_parameters(),
- request=EditUserApi.get_request(),
- responses=UserProfileAPI.get_response())
- @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
- @log(menu='User management', operate='Update user information',
- get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')))
- def put(self, request: Request, user_id):
- return result.success(
- UserManageSerializer.Operate(data={'id': user_id}).edit(request.data, str(request.user.id),
- with_valid=True))
- class BatchDelete(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['POST'],
- description=_("Batch delete user"),
- summary=_("Batch delete user"),
- operation_id=_("Batch delete user"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=DeleteUserApi.get_request(),
- responses=DefaultModelResponse.get_response())
- @has_permissions(PermissionConstants.USER_DELETE, RoleConstants.ADMIN)
- @log(menu='User management', operate='Batch delete user',
- get_operation_object=lambda r, k: get_user_operation_object(r.data.get('ids', [])))
- def post(self, request: Request):
- return result.success(UserManageSerializer.BatchDelete({'ids': request.data}).batch_delete(with_valid=True))
- class RePassword(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['PUT'],
- summary=_("Change password"),
- description=_("Change password"),
- operation_id=_("Change password"), # type: ignore
- tags=[_("User Management")], # type: ignore
- parameters=DeleteUserApi.get_parameters(),
- request=ChangeUserPasswordApi.get_request(),
- responses=DefaultModelResponse.get_response())
- @log(menu='User management', operate='Change password',
- get_operation_object=lambda r, k: get_user_operation_object(k.get('user_id')),
- get_details=get_re_password_details)
- @has_permissions(PermissionConstants.USER_EDIT, RoleConstants.ADMIN)
- def put(self, request: Request, user_id):
- return result.success(
- UserManageSerializer.Operate(data={'id': user_id}).re_password(request.data, with_valid=True))
- class Page(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['GET'],
- summary=_("Get user paginated list"),
- description=_("Get user paginated list"),
- operation_id=_("Get user paginated list"), # type: ignore
- tags=[_("User Management")], # type: ignore
- parameters=UserPageApi.get_parameters(),
- responses=UserPageApi.get_response())
- @has_permissions(PermissionConstants.USER_READ, RoleConstants.ADMIN)
- def get(self, request: Request, current_page, page_size):
- d = UserManageSerializer.Query(
- data={**query_params_to_single_dict(request.query_params)})
- return result.success(d.page(current_page, page_size, str(request.user.id)))
- class RePasswordView(APIView):
- @extend_schema(methods=['POST'],
- summary=_("Change password"),
- description=_("Change password"),
- operation_id=_("Change password"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=ResetPasswordAPI.get_request(),
- responses=DefaultModelResponse.get_response())
- @log(menu='User management', operate='Change password',
- get_operation_object=lambda r, k: {'name': r.user.username},
- get_details=get_re_password_details)
- def post(self, request: Request):
- serializer_obj = RePasswordSerializer(data=request.data)
- return result.success(serializer_obj.reset_password())
- class SendEmail(APIView):
- @extend_schema(methods=['POST'],
- summary=_("Send email"),
- description=_("Send email"),
- operation_id=_("Send email"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=SendEmailAPI.get_request(),
- responses=SendEmailAPI.get_response())
- @log(menu='User management', operate='Send email',
- get_operation_object=lambda r, k: {'name': r.data.get('email', None)},
- get_user=lambda r: {'user_name': None, 'email': r.data.get('email', None)})
- def post(self, request: Request):
- serializer_obj = SendEmailSerializer(data=request.data)
- if serializer_obj.is_valid(raise_exception=True):
- return result.success(serializer_obj.send())
- class CheckCode(APIView):
- @extend_schema(methods=['POST'],
- summary=_("Check whether the verification code is correct"),
- description=_("Check whether the verification code is correct"),
- operation_id=_("Check whether the verification code is correct"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=CheckCodeAPI.get_request(),
- responses=CheckCodeAPI.get_response())
- @log(menu='User management', operate='Check whether the verification code is correct',
- get_operation_object=lambda r, k: {'name': r.data.get('email', None)},
- get_user=lambda r: {'user_name': None, 'email': r.data.get('email', None)})
- def post(self, request: Request):
- return result.success(CheckCodeSerializer(data=request.data).is_valid(raise_exception=True))
- class SendEmailToCurrentUserView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['POST'],
- summary=_("Send email to current user"),
- description=_("Send email to current user"),
- operation_id=_("Send email to current user"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=SendEmailAPI.get_request(),
- responses=SendEmailAPI.get_response())
- @log(menu='User management', operate='Send email to current user',
- get_operation_object=lambda r, k: {'name': r.user.username})
- def post(self, request: Request):
- serializer_obj = SendEmailSerializer(data={'email': request.user.email, 'type': "reset_password"})
- if serializer_obj.is_valid(raise_exception=True):
- return result.success(serializer_obj.send())
- class ResetCurrentUserPasswordView(APIView):
- authentication_classes = [TokenAuth]
- @extend_schema(methods=['POST'],
- summary=_("Modify current user password"),
- description=_("Modify current user password"),
- operation_id=_("Modify current user password"), # type: ignore
- tags=[_("User Management")], # type: ignore
- request=ResetPasswordAPI.get_request(),
- responses=DefaultModelResponse.get_response())
- @log(menu='User management', operate='Modify current user password',
- get_operation_object=lambda r, k: {'name': r.user.username},
- get_details=get_re_password_details)
- @has_permissions(PermissionConstants.CHANGE_PASSWORD, RoleConstants.ADMIN, RoleConstants.USER,
- RoleConstants.WORKSPACE_MANAGE)
- def post(self, request: Request):
- serializer_obj = ResetCurrentUserPassword(data=request.data)
- if serializer_obj.reset_password(request.user.id):
- version, get_key = Cache_Version.TOKEN.value
- cache.delete(get_key(token=request.auth), version=version)
- return result.success(True)
- return result.error(_("Failed to change password"))
|
