60 ví dụ mã Python được tìm thấy liên quan đến "kiểm tra quyền". Bạn có thể bỏ phiếu cho những cái bạn thích hoặc bỏ phiếu cho những cái bạn không thích và chuyển đến dự án gốc hoặc tệp nguồn bằng cách nhấp vào các liên kết phía trên mỗi ví dụ
def use_check_permission[]: common.logger.info["Sorry, we haven't completed the check for use_check_permission yet. Check for updates soon."] ''' From Android Lint: UseCheckPermission ------------------ Summary: Using the result of check permission calls Priority: 6 / 10 Severity: Warning Category: Security You normally want to use the result of checking a permission; these methods return whether the permission is held; they do not throw an error if the permission is not granted. Code which does not do anything with the return value probably meant to be calling the enforce methods instead, e.g. rather than Context#checkCallingPermission it should call Context#enforceCallingPermission. ''' return
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 0
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator
def check_permission[self, permissions, logical_operator]: """ This method determines whether the requested Permission[s] are collectively granted authorization. The Permission[s] associated with the subject are evaluated to determine whether authorization is implied for each Permission requested. Results are collectively evaluated using the logical operation provided: either ANY or ALL. This method is similar to is_permitted_collective except that it raises an AuthorizationException if collectively False else does not return any value. :param permission_s: a collection of 1..N permissions, all of the same type :type permission_s: List of authz_abcs.Permission object[s] or String[s] :param logical_operator: any or all :type logical_operator: function [stdlib] :raises AuthorizationException: if the user does not have sufficient permission """ pass
def check_contest_permission[func]: def wrapper[*args, **kwargs]: info = args[func.__code__.co_varnames.index['info']] pk = info.variable_values.get['pk'] contest = get_object_or_None[Contest, pk=pk] usr = info.context.user if not contest: raise GraphQLError['No such contest'] else: privilege = usr.has_perm['contest.view_contest'] member = None if usr.is_authenticated: member = get_object_or_None[ContestTeamMember, user=usr, contest_team__contest=contest, confirmed=True] if privilege or contest.is_public[] or [ usr.is_authenticated and member and member.contest_team.approved]: return func[*args, **kwargs] else: return None return wrapper
________số 8
def check_permission[request, permission, context=None]: """Checks permissions Custom implementation replacing aiohttp-security one. This one adds the requested permissions to the request so they can be presented in the error handler. Raises: HTTPForbidden """ await check_authorized[request] allowed = await permits[request, permission, context] if not allowed: request['permission_required'] = permission raise web.HTTPForbidden[]
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]0
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]1
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]2
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]3
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]4
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]5
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]6
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]7
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]8
def check_permission[permission_codename, request]: """Checks if the current user has `permission_codename` permissions. """ if request.user.is_superuser: return True # `view` permissions are project-centric, and we must treat them # differently if permission_codename == "view": path_obj = None if hasattr[request, "translation_project"]: path_obj = request.translation_project elif hasattr[request, "project"]: path_obj = request.project if path_obj is None: return True # Always allow to view language pages return path_obj.is_accessible_by[request.user] return [ "administrate" in request.permissions or permission_codename in request.permissions ]9
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True0
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True1
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True2
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True3
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True4
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True5
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True6
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True7
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True8
def check_permission_equipment[self, user, ids]: # Check permission group equipments for row in ids: id_network, network_type = self.get_id_and_net_type[row] if network_type == self.NETWORK_TYPE_V4: equips_from_ipv4 = Equipamento.objects.filter[ ipequipamento__ip__networkipv4=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv4: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False else: equips_from_ipv6 = Equipamento.objects.filter[ ipv6equipament__ip__networkipv6=id_network, equipamentoambiente__is_router=1] for equip in equips_from_ipv6: # User permission if not has_perm[user, AdminPermission.EQUIPMENT_MANAGEMENT, AdminPermission.WRITE_OPERATION, None, equip.id, AdminPermission.EQUIP_WRITE_OPERATION]: self.log.error[ u'User does not have permission to perform the operation.'] return False return True9
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 00
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 01
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 02
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 03
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 04
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 05
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 06
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 07
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 08
def check_single_permission[user, permission, obj=None]: if user.is_superuser: return True if obj is not None and obj.id is not None: ctype_id = ContentType.objects.get_for_model[obj].id obj_id = obj.id else: ctype_id = None obj_id = None perm_id = get_permission_id_by_name[permission] if perm_id is None: return False query = "SELECT op.id FROM {permission_owners} WHERE {filter_condition} LIMIT 1" query = query.format[ permission_owners=get_permission_owners_query[], filter_condition=_generate_filter_condition[ user.id, perm_id, ctype_id, obj_id ] ] cursor = connection.cursor[] cursor.execute[query] return len[cursor.fetchall[]] > 09
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"0
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"1
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"2
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"3
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"4
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"5
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"6
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"7
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"8
def close_ticket_permission_check[cls, ticket_id: int, username: str]->tuple: """ 用户是否有强制关闭工单的权限 :param ticket_id: :param username: :return: """ # 强制关闭工单需要对应工作流的管理员或者超级管理员 或者处于初始状态的工单由创建人直接关闭 flag, result = ticket_base_service_ins.ticket_admin_permission_check[ticket_id, username] if flag is False: # 判断是否属于初始状态 且用户为工单创建人 flag, ticket_result = cls.get_ticket_by_id[ticket_id] if flag is False: return False, ticket_result flag, start_state_result = workflow_state_service_ins.get_workflow_start_state[ticket_id] if flag is False: return False, start_state_result if ticket_result.creator == username and ticket_result.state_id == start_state_result.id: return True, "ticket's creator can close ticket in start state" else: return False, "just ticket's creator can close ticket in start state or workflow_admin can close ticket in any state" else: return True, "ticket's workflow admin casn close ticket in any state"9
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator0
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator1
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator2
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator3
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator4
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator5
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator6
def manage_permission_check[permission=None]: """ manage permission check decorator :param permission: :return: """ def decorator[func]: @wraps[func] def _deco[view_class, request, *args, **kwargs]: username = request.user.username if permission == 'admin': flag, result = account_base_service_ins.admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] elif permission == 'workflow_admin': flag, result = account_base_service_ins.workflow_admin_permission_check[username] if flag is False: return api_response[-1, 'has no permission:{}'.format[result], {}] return func[view_class, request, *args, **kwargs] return _deco return decorator7
777 có nghĩa là gì trong chmod?
Lệnh chmod -R 777 / làm cho mọi tệp trên hệ thống dưới / [root] có quyền rwxrwxrwx . Điều này tương đương với việc cho phép TẤT CẢ người dùng đọc/ghi/thực thi quyền. Nếu các thư mục khác như home, media, v.v. nằm dưới quyền root thì những thư mục đó cũng sẽ bị ảnh hưởng.
Lệnh nào kiểm tra quyền truy cập tệp?
Để xem quyền của tất cả các tệp trong một thư mục, hãy sử dụng lệnh ls với các tùy chọn -la . Thêm các tùy chọn khác như mong muốn; . Trong ví dụ đầu ra ở trên, ký tự đầu tiên trong mỗi dòng cho biết đối tượng được liệt kê là tệp hay thư mục.