feat: 添加系统级管理专属页面权限

2025-02-26 22:56:15 +08:00
parent 1dd9f7db43
commit b59dba18f0
8 changed files with 206 additions and 9 deletions
--- a/api/user.py
+++ b/api/user.py
@@ -9,7 +9,7 @@ import os
 from datetime import datetime
 from typing import Optional

-from fastapi import APIRouter, Depends, Path, Query, UploadFile, File, Request
+from fastapi import APIRouter, Depends, Path, Query, UploadFile, File, Request, Form
 from fastapi.responses import JSONResponse

 from annotation.auth import Auth
@@ -27,7 +27,7 @@ from schemas.department import GetDepartmentListResponse
 from schemas.file import UploadFileResponse
 from schemas.user import AddUserParams, GetUserListResponse, GetUserInfoResponse, UpdateUserParams, \
    AddUserRoleParams, GetUserRoleInfoResponse, UpdateUserRoleParams, GetUserPermissionListResponse, \
-    ResetPasswordParams
+    ResetPasswordParams, UpdateBaseUserInfoParams
 from utils.common import filterKeyValues
 from utils.password import Password
 from utils.response import Response
@@ -434,3 +434,82 @@ async def reset_user_password(request: Request, params: ResetPasswordParams, id:
        await user.save()
        return Response.success(msg="重置密码成功！")
    return Response.failure(msg="用户不存在!")
+
+
+@userAPI.put("/updateBaseUserInfo", response_model=BaseResponse, response_class=JSONResponse,
+             summary="更新基础个人信息")
+@userAPI.post("/updateBaseUserInfo", response_model=BaseResponse, response_class=JSONResponse,
+              summary="更新基础个人信息")
+@Log(title="更新基础个人信息", business_type=BusinessType.UPDATE)
+async def update_base_userinfo(params: UpdateBaseUserInfoParams, request: Request,
+                               current_user: dict = Depends(LoginController.get_current_user)):
+    user = await User.get_or_none(id=current_user.get("id"), del_flag=1)
+    if user:
+        user.nickname = params.name
+        user.gender = params.gender
+        await user.save()
+        if await request.app.state.redis.get(f'{RedisKeyConfig.USER_INFO.key}:{user.id}'):
+            await request.app.state.redis.delete(f'{RedisKeyConfig.USER_INFO.key}:{user.id}')
+        return Response.success(msg="更新成功！")
+    return Response.error(msg="更新失败！")
+
+
+@userAPI.put("/updatePassword", response_class=JSONResponse, response_model=BaseResponse, summary="用户更新密码")
+@userAPI.post("/updatePassword", response_class=JSONResponse, response_model=BaseResponse, summary="用户更新密码")
+@Log(title="用户更新密码", business_type=BusinessType.UPDATE)
+async def update_user_password(request: Request, oldPassword: str = Form(description="用户旧密码"),
+                               newPassword: str = Form(description="用户新密码"),
+                               current_user: dict = Depends(LoginController.get_current_user)):
+    if user := await User.get_or_none(id=current_user.get("id"), del_flag=1):
+        password = await Password.get_password_hash(oldPassword)
+        if user.password != password:
+            return Response.error(msg="旧密码错误！")
+        newPassword = await Password.get_password_hash(newPassword)
+        user.password = newPassword
+        await user.save()
+        if await request.app.state.redis.get(f'{RedisKeyConfig.USER_INFO.key}:{user.id}'):
+            await request.app.state.redis.delete(f'{RedisKeyConfig.USER_INFO.key}:{user.id}')
+        return Response.success(msg="更新成功！")
+    return Response.error(msg="更新失败！")
+
+
+@userAPI.put("/updatePhone", response_class=JSONResponse, response_model=BaseResponse, summary="用户更新手机号")
+@userAPI.post("/updatePhone", response_class=JSONResponse, response_model=BaseResponse, summary="用户更新手机号")
+@Log(title="用户更新手机号", business_type=BusinessType.UPDATE)
+async def update_user_phone(request: Request, password: str = Form(description="用户密码"),
+                            phone: str = Form(description="用户手机号"),
+                            current_user: dict = Depends(LoginController.get_current_user)):
+    if user := await User.get_or_none(id=current_user.get("id"), del_flag=1):
+        password = await Password.get_password_hash(password)
+        if user.password != password:
+            return Response.error("更改失败，请正确输入旧密码")
+        phoneStatus = await User.filter(phone=phone, del_flag=1).count()
+        if phoneStatus:
+            return Response.error(f"更改失败，手机号:{phone}已绑定其他账号！")
+        user.phone = phone
+        await user.save()
+        if await request.app.state.redis.get(f'{RedisKeyConfig.USER_INFO.key}:{user.id}'):
+            await request.app.state.redis.delete(f'{RedisKeyConfig.USER_INFO.key}:{user.id}')
+        return Response.success(msg="更新成功！")
+    return Response.error(msg="更新失败！")
+
+
+@userAPI.put("/updateEmail", response_class=JSONResponse, response_model=BaseResponse, summary="用户更新邮箱")
+@userAPI.post("/updateEmail", response_class=JSONResponse, response_model=BaseResponse, summary="用户更新邮箱")
+@Log(title="用户更新邮箱", business_type=BusinessType.UPDATE)
+async def update_user_email(request: Request, password: str = Form(description="用户密码"),
+                            email: str = Form(description="用户邮箱"),
+                            current_user: dict = Depends(LoginController.get_current_user)):
+    if user := await User.get_or_none(id=current_user.get("id"), del_flag=1):
+        password = await Password.get_password_hash(password)
+        if user.password != password:
+            return Response.error("更改失败，请正确输入旧密码")
+        emailStatus = await User.filter(email=email, del_flag=1).count()
+        if emailStatus:
+            return Response.error(f"更改失败，邮箱:{email}已绑定其他账号！")
+        user.email = email
+        await user.save()
+        if await request.app.state.redis.get(f'{RedisKeyConfig.USER_INFO.key}:{user.id}'):
+            await request.app.state.redis.delete(f'{RedisKeyConfig.USER_INFO.key}:{user.id}')
+        return Response.success(msg="更新成功！")
+    return Response.error(msg="更新失败！")