python开发信息系统权限设置_python开发-权限管理初试-CSDN博客

数据库设计

groups表 ----- 存储组信息（组id，组名）

userinfo表 ---- 存储用户信息（用户id，用户名，密码，组id），跟groups表做了外键关联

permisson表----权限表（权限id，能适应权限的信息，权限对应的函数名，权限对应函数名所在的模块名）

user_to_permisson表----组对应权限表（id，组id，权限id），与groups表和permisson表做外键关联

应遵循

CREATE table groups(

gid INT primary key auto_increment,

gname varchar(30))ENGINE = INNODB charset=utf8;

CREATE TABLE userinfo(

uid INT primary key auto_increment,

username varchar(20) notnull,

passwd varchar(30) notnull,

groups_id INTnotNULL,

CONSTRAINT fk_userinfo_groups foreign key userinfo(groups_id) references groups(gid)

)ENGINE= INNODB charset=utf8;

CREATE table permisson(

pid INT PRIMARY KEY auto_increment,

func varchar(20) notnull,

module varchar(30) not null)ENGINE = INNODB charset=utf8;

CREATE TABLE user_to_permisson(

uid INT primary KEY auto_increment,

group_id INTnotNULL,

permisson_id INTnotNULL,

KEY fk_u_g (group_id),

KEY fk_u_p (permisson_id),

CONSTRAINT fk_u_g FOREIGN KEY user_to_permisson(group_id) REFERENCES groups(gid),

CONSTRAINT fk_u_p FOREIGN KEY user_to_permisson(permisson_id) REFERENCES permisson(pid)

)ENGINE= INNODB charset=utf8;

INSERT INTO groups(gname) VALUES('超级管理员'),('普通用户')

INSERT INTO userinfo(username,passwd,groups_id) VALUES ('root',password('123'),1),('xieys',password('123'),2)

INSERT INTO permisson()

ALTER TABLE permisson add msg varchar(30) notnull AFTER pid

INSERT INTO permisson(msg,func,module) values

('添加用户','add','src.action'),

('查看用户','get','src.action'),

('添加组','addgroup','src.action')

INSERT INTO user_to_permisson(group_id,permisson_id) VALUES (1,1),(1,2),(1,3),(2,2);

ALTER TABLE userinfo modify passwd varchar(40) NOT NULL

UPDATE userinfo set passwd=md5('123')

importos,sys

BASEDIR= os.path.dirname(os.path.dirname(__file__))

sys.path.append(BASEDIR)from src importserverif __name__ == '__main__':

server.main()

bin\app.py程序入口

USER_PERMISSON ={}

USERINFO_LS={}

DBCONN={"host":"172.16.0.70","user":'xieys','password': '123','db':'auth','charset':'utf8'}

conf\setting.py 程序配置信息

importhashlibdefmd5(passwd):

data=hashlib.md5()

data.update(passwd)return data.hexdigest()

lib\md5.py 公共方法（MD5方法）

importpymysqlfrom conf importsettingclassDbConnection:def __init__(self):

self.conn= pymysql.connect(**setting.DBCONN)defcreate_cur(self):return self.conn.cursor(cursor=pymysql.cursors.DictCursor)

lib\DcConnection.py 公共类（连接数据库，创建cursor）

from src.sql.groups importGroupsfrom src.sql.userinfo importUserInfofrom lib.md5 importmd5defaddgroup():

gname= input("请输入组名：")

g=Groups()if notg.exist(gname):

g.add(gname)print("%s组添加成功！" %gname)else:print("该组已存在！")

g.conn.close()defadd():

uname= input("请输入用户名：")

passwd= input("请输入密码：")

g=Groups()

group_id= input("请输入组ID：%s" %g.fatch_all())

g.conn.close()

passwd= md5(passwd.encode('utf8'))

u=UserInfo()ifu.add(uname,passwd,group_id):print("%s 用户添加成功！" %uname)else:print("用户添加失败")

u.conn.close()defget():

u=UserInfo()print(u.get_all())

u.conn.close

src\auth\action.py 业务访问方法

from lib.DbConnection importDbConnectionclassGroups:def __init__(self):

self.db=DbConnection()

self.conn=self.db.conndefadd(self,gname):

self.cursor=self.db.create_cur()

sql= """insert into groups(gname) values (%s)"""self.cursor.execute(sql,gname)

self.conn.commit()

self.cursor.close()defexist(self,gname):

self.cursor=self.db.create_cur()

sql= """select 1 from groups where gname = %s"""r=self.cursor.execute(sql,gname)

self.cursor.close()returnrdeffatch_all(self):

self.cursor=self.db.create_cur()

sql= """select * from groups"""self.cursor.execute(sql)

data=self.cursor.fetchall()

self.cursor.close()return data

src\sql\groups.py groups表的数据库操作，相当于数据逻辑层

from lib.DbConnection importDbConnectionfrom conf importsettingfrom lib.md5 importmd5classUserInfo:def __init__(self):

self.db=DbConnection()

self.conn=self.db.conndefexist(self,username):

self.cursor=self.db.create_cur()

sql= """select 1 from userinfo where username = %s"""r=self.cursor.execute(sql,username)returnrdeflogin(self,username,passwd):

self.cursor=self.db.create_cur()

sql= """select uid,username,groups_id from userinfo where username = %s and passwd = %s"""

#print(passwd)

r =self.cursor.execute(sql,[username,passwd])

data=self.cursor.fetchone()

self.cursor.close()

self.conn.close()returndatadef add(self,username,passwd,group_id=2):

self.cursor=self.db.create_cur()

sql= """insert into userinfo(username,passwd,groups_id) values(%s,%s,%s)"""r=self.cursor.execute(sql,[username,passwd,group_id])

self.conn.commit()

self.cursor.close()returnrdefget_all(self):

self.cursor=self.db.create_cur()

sql= """select uid,username from userinfo"""self.cursor.execute(sql)

data=self.cursor.fetchall()

self.cursor.close()returndatadeffind_pass(self,user,passwd):

self.cursor=self.db.create_cur()

sql= """UPDATE userinfo set passwd = %s where username = %s"""r=self.cursor.execute(sql,[passwd,user])print(r)

self.conn.commit()

self.cursor.close()

src\sql\userinfo userinfo表的数据库操作，相当于数据逻辑层

from lib.DbConnection importDbConnectionclassUserToPermisson:def __init__(self):

self.db=DbConnection()

self.conn=self.db.conndefget_user_p(self,gid):

self.cursor=self.db.create_cur()

sql= """SELECT msg,func,module from user_to_permisson

left JOIN permisson ON user_to_permisson.permisson_id = permisson.pid

where user_to_permisson.group_id = %s"""r=self.cursor.execute(sql,gid)return self.cursor.fetchall()

src\sql\usertopermisson usertopermisson表的数据库操作，相当于数据逻辑层

from src.sql.userinfo importUserInfofrom conf importsettingfrom src.sql.usertopermisson importUserToPermissonfrom lib.md5 importmd5importimportlibdefview():print("欢迎%s登录权限管理系统!" % setting.USERINFO_LS['username'])whileTrue:for index,item in enumerate(setting.USER_PERMISSON,1):print(index,item['msg'])print('q',"退出")

choice= input("请选择：").strip().lower()[0]if choice == 'q':

setting.USERINFO_LS={}

setting.USER_PERMISSON={}return

if choice.isdigit() and int(choice) != 0 and (int(choice) <=len(setting.USER_PERMISSON)):

module= setting.USER_PERMISSON[int(choice)-1]['module']

func_name= setting.USER_PERMISSON[int(choice)-1]['func']

m=importlib.import_module(module)

func=getattr(m,func_name)

func()else:print("选择有误!")deflogin():

user= input("username：")

passwd= input("password：")

passwd= md5(passwd.encode('utf8'))

u=UserInfo()

result=u.login(user,passwd)ifresult:

setting.USERINFO_LS=result

u_p=UserToPermisson()

setting.USER_PERMISSON= u_p.get_user_p(result["groups_id"])

view()else:print("账号密码错误！")defregiest():

uname= input("username：")

passwd= input("password：")

passwd= md5(passwd.encode('utf8'))

u=UserInfo()if notu.exist(uname):

u.add(uname,passwd)print("添加成功!")else:print("用户已存在！")

u.conn.close()deffindpass():

user= input("请输入用户名：")

u=UserInfo()if notu.exist(user):print("该用户不存在")else:

passwd= input("请输入新密码：")

passwd= md5(passwd.encode('utf8'))

u.find_pass(user,passwd)

u.conn.close()defmain():

msg= """1 登录

2 注册

3 找回密码

q 退出

请选择："""f_dic={'1': login,'2': regiest,'3': findpass

}whileTrue:

choice=input(msg).strip().lower()[0]if choice == 'q':return

if choice not inf_dic:print("选择有误，请重新选择！")continuef_dic[choice]()

src\server.py 所有用户都能访问的方法