vor 3 Jahren · 3814035df8
--- a/app/auth.py
+++ b/app/auth.py
@@ -1,7 +1,7 @@
 
				 from flask import Blueprint, render_template, redirect, flash, url_for, request, abort, current_app
			
 
				 from flask_login import login_required, login_user, current_user, logout_user
			
 
				 from flask_wtf import FlaskForm
			
 
				-from wtforms import StringField, PasswordField, BooleanField, SubmitField, ValidationError
			
 
				+from wtforms import StringField, PasswordField, BooleanField, SelectMultipleField, SelectField, SubmitField, ValidationError
			
 
				 from wtforms.validators import DataRequired
			
 
				 
			
 
				 import app
			
@@ -47,20 +47,28 @@ class DeleteUserForm(FlaskForm):
 
				 
			
 
				 class CreateRoleForm(FlaskForm):
			
 
				     name = StringField("角色名称", validators=[DataRequired()])
			
 
				-    authority = StringField("权限")
			
 
				+    authority = SelectMultipleField("权限", coerce=str, choices=User.RoleAuthorize)
			
 
				     submit = SubmitField("创建角色")
			
 
				 
			
 
				 
			
 
				 class DeleteRoleForm(FlaskForm):
			
 
				-    name = StringField("角色名称", validators=[DataRequired()])
			
 
				+    name = SelectField("角色名称", validators=[DataRequired()], coerce=int)
			
 
				     submit = SubmitField("删除角色")
			
 
				 
			
 
				+    def __init__(self):
			
 
				+        super(DeleteRoleForm, self).__init__()
			
 
				+        self.name.choices = [(i[0], i[1]) for i in User.get_role_list()]
			
 
				+
			
 
				 
			
 
				 class SetRoleForm(FlaskForm):
			
 
				     email = StringField("邮箱", validators=[DataRequired()])
			
 
				-    name = StringField("角色名称", validators=[DataRequired()])
			
 
				+    name = SelectField("角色名称", validators=[DataRequired()], coerce=int)
			
 
				     submit = SubmitField("设置角色")
			
 
				 
			
 
				+    def __init__(self):
			
 
				+        super(SetRoleForm, self).__init__()
			
 
				+        self.name.choices = [(i[0], i[1]) for i in User.get_role_list()]
			
 
				+
			
 
				 
			
 
				 @auth.route('/yours')
			
 
				 @login_required
			
@@ -230,7 +238,7 @@ def role_create_page(form: CreateRoleForm):
 
				     if len(name) > 10:
			
 
				         flash("角色名字太长")
			
 
				     else:
			
 
				-        if User.create_role(name, form.authority.data.replace(" ", "").split(";")):
			
 
				+        if User.create_role(name, form.authority.data):
			
 
				             app.HBlogFlask.print_sys_opt_success_log(f"Create role success: {name}")
			
 
				             flash("角色创建成功")
			
 
				         else:
			
--- a/object/user.py
+++ b/object/user.py
@@ -4,6 +4,7 @@ from itsdangerous import URLSafeTimedSerializer as Serializer
 
				 from itsdangerous.exc import BadData
			
 
				 from typing import Optional
			
 
				 
			
 
				+import sql.user
			
 
				 from configure import conf
			
 
				 from sql.user import (read_user,
			
 
				                       check_role,
			
@@ -14,7 +15,8 @@ from sql.user import (read_user,
 
				                       change_passwd_hash,
			
 
				                       create_role,
			
 
				                       delete_role,
			
 
				-                      set_user_role)
			
 
				+                      set_user_role,
			
 
				+                      get_role_list)
			
 
				 import object.blog
			
 
				 import object.comment
			
 
				 import object.msg
			
@@ -53,6 +55,8 @@ def load_user_by_id(user_id):
 
				 
			
 
				 
			
 
				 class User(UserMixin):
			
 
				+    RoleAuthorize = sql.user.role_authority
			
 
				+
			
 
				     def __init__(self, email, passwd_hash, role, user_id):
			
 
				         self.email = email
			
 
				         self.passwd_hash = passwd_hash
			
@@ -144,8 +148,12 @@ class User(UserMixin):
 
				         return create_role(name, authority)
			
 
				 
			
 
				     @staticmethod
			
 
				-    def delete_role(name: str):
			
 
				-        return delete_role(name)
			
 
				+    def delete_role(role_id: int):
			
 
				+        return delete_role(role_id)
			
 
				+
			
 
				+    def set_user_role(self, role_id: int):
			
 
				+        return set_user_role(role_id, self.user_id)
			
 
				 
			
 
				-    def set_user_role(self, name: str):
			
 
				-        return set_user_role(name, self.user_id)
			
 
				+    @staticmethod
			
 
				+    def get_role_list():
			
 
				+        return get_role_list()
			
--- a/sql/user.py
+++ b/sql/user.py
@@ -65,17 +65,14 @@ def create_role(name: str, authority: List[str]):
 
				     return True
			
 
				 
			
 
				 
			
 
				-def delete_role(name: str):
			
 
				-    cur = db.delete(table="role", where=f"RoleName='{name}'")
			
 
				+def delete_role(role_id: int):
			
 
				+    cur = db.delete(table="role", where=f"RoleID={role_id}")
			
 
				     if cur is None or cur.rowcount == 0:
			
 
				         return False
			
 
				     return True
			
 
				 
			
 
				 
			
 
				-def set_user_role(name: str, user_id: str):
			
 
				-    role_id = get_role_id_by_name(name)
			
 
				-    if role_id is None:
			
 
				-        return False
			
 
				+def set_user_role(role_id: int, user_id: str):
			
 
				     cur = db.update(table="user", kw={"Role": f"{role_id}"}, where=f"ID={user_id}")
			
 
				     if cur is None or cur.rowcount == 0:
			
 
				         return False
			
@@ -127,3 +124,11 @@ def get_role_id_by_name(role: str):
 
				     if cur is None or cur.rowcount == 0:
			
 
				         return None
			
 
				     return cur.fetchone()[0]
			
 
				+
			
 
				+
			
 
				+def get_role_list():
			
 
				+    """ 获取归档列表 """
			
 
				+    cur = db.search(columns=["RoleID", "RoleName"], table="role")
			
 
				+    if cur is None or cur.rowcount == 0:
			
 
				+        return []
			
 
				+    return cur.fetchall()
			
--- a/static/styles/auth/role.css
+++ b/static/styles/auth/role.css
@@ -6,5 +6,5 @@
 
				 }
			
 
				 
			
 
				 #RoleTabDiv {
			
 
				-    min-height: 30vh;
			
 
				+    min-height: 40vh;
			
 
				 }