引入casbin权限管理

.idea/dataSources.xml

@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="DataSourceManagerImpl" format="xml" multifile-model="true">
+    <data-source source="LOCAL" name="db" uuid="a69a780c-7ddf-4eb5-891a-e4864b75ed31">
+      <driver-ref>sqlite.xerial</driver-ref>
+      <synchronize>true</synchronize>
+      <jdbc-driver>org.sqlite.JDBC</jdbc-driver>
+      <jdbc-url>jdbc:sqlite:E:\pythonProject\gitea_push2qq\db.sqlite3</jdbc-url>
+      <working-dir>$ProjectFileDir$</working-dir>
+      <libraries>
+        <library>
+          <url>file://$APPLICATION_CONFIG_DIR$/jdbc-drivers/Xerial SQLiteJDBC/3.39.2/sqlite-jdbc-3.39.2.jar</url>
+        </library>
+      </libraries>
+    </data-source>
+  </component>
+</project>

casbin_data/model.conf

@@ -0,0 +1,14 @@
+[request_definition]
+r = sub, act
+
+[policy_definition]
+p = sub, act
+
+[role_definition]
+g = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = g(r.sub, p.sub) && (r.act == p.act || p.act == "*")

server.py

@@ -2,6 +2,7 @@ import tomllib
 from typing import Dict, Any, List, Tuple
 
 import casbin
+from casbin_tortoise_adapter import TortoiseAdapter
 from nacl.signing import SigningKey
 from sanic import Sanic, Request
 from sanic.log import logger, Colors
@@ -11,7 +12,7 @@ from tortoise.contrib.sanic import register_tortoise
 from command import command_convert
 from gitea_model import WebHookIssueComment, WebHookIssue, GiteaEvent
 from sio_model import Ctx, SioConfig, Message
-from unit import sio_log_format, int2str
+from unit import sio_log_format, int2str, cas_log_fmt
 
 app = Sanic('GiteaPush', ctx=Ctx)
 
@@ -25,7 +26,7 @@ def get_config() -> SioConfig:
 SIO_CONFIG = get_config()
 
 register_tortoise(
-    app, db_url=SIO_CONFIG.db_url, modules={"models": ["models"]}, generate_schemas=True
+    app, db_url=SIO_CONFIG.db_url, modules={"models": ["models", "casbin_tortoise_adapter"]}, generate_schemas=True
 )
 
 
@@ -34,19 +35,26 @@ async def setup_before_start(_app):
     _app.ctx.sio_config = SIO_CONFIG
 
     # 使用casbin策略管理
-    e = casbin.Enforcer('./casbin_data/model.conf', './casbin_data/casbin.csv')
+    adapter = TortoiseAdapter()
+    e = casbin.AsyncEnforcer('./casbin_data/model.conf', adapter)
+    # e = casbin.Enforcer('./casbin_data/model.conf', './casbin_data/casbin.csv')
     _app.ctx.e = e
 
-    e.add_policy('admin', '*')
-    e.add_policy('default', 'ping')
+    t1 = await _app.ctx.e.add_policy('admin', '*')
+    t2 = await _app.ctx.e.add_policy('default', 'ping')
+    if t1 is True and t2 is True:
+        logger.info(cas_log_fmt('Init casbin rule success!'))
     admins = int2str(_app.ctx.sio_config.admin)
     for qid in admins:
-        logger.info(e.add_role_for_user(qid, 'admin'))
-    users = e.get_users_for_role('admin')
+        if await _app.ctx.e.add_role_for_user(qid, 'admin'):
+            logger.debug(cas_log_fmt(f'Added {Colors.PURPLE}{qid}{Colors.YELLOW} to admin group'))
+    users = await _app.ctx.e.get_users_for_role('admin')
     rm_user = set(users) ^ set(admins)
     for u in list(rm_user):
-        logger.info(e.delete_user(u))
-    e.save_policy()
+        if await _app.ctx.e.delete_user(u):
+            logger.debug(f'Delete {Colors.PURPLE}{u}{Colors.YELLOW} for group admin')
+
+    await _app.ctx.e.save_policy()
 
     # 初始化sio
     # _app.ctx.sio = AsyncClient()

unit.py

@@ -3,5 +3,16 @@ from typing import Any
 from sanic.log import Colors
 
 
-def sio_log_format(text: str, data: Any):
+def sio_log_format(text: str, data: Any = ''):
     return f"{Colors.GREEN}{text} {Colors.PURPLE}{data}{Colors.END}"
+
+
+def cas_log_fmt(text: str, data: Any = ''):
+    return f'{Colors.YELLOW}{text} {Colors.PURPLE}{data}{Colors.END}'
+
+
+def int2str(li: list):
+    t = []
+    for i in li:
+        t.append(str(i))
+    return t