lesscode-flask 0.0.27__py3-none-any.whl

lesscode_flask/__init__.py

@@ -0,0 +1 @@
+__version__ = '0.0.27'

lesscode_flask/app.py

@@ -0,0 +1,156 @@
+import json
+import logging
+import os
+import time
+import traceback
+
+from flask import Flask, typing as ft
+import typing as t
+from flask.globals import request_ctx, request
+from flask_login import current_user
+from werkzeug.middleware.proxy_fix import ProxyFix
+from lesscode_flask.utils.helpers import inject_args, generate_uuid, app_config
+from lesscode_flask.model.response_result import ResponseResult
+from lesscode_flask.setup import setup_blueprint, setup_logging, setup_query_runner, setup_swagger, setup_sql_alchemy, \
+    setup_redis, setup_login_manager
+from lesscode_flask.utils.json.NotSortJSONProvider import NotSortJSONProvider
+from lesscode_flask.utils.redis.redis_helper import RedisHelper
+
+
+class Lesscoder(Flask):
+    """A custom Flask app for lesscode-flask"""
+
+    def __init__(self, *args, **kwargs):
+        # kwargs.update(
+        #     {
+        #         "template_folder": settings.FLASK_TEMPLATE_PATH,
+        #         "static_folder": settings.STATIC_ASSETS_PATH,
+        #         "static_url_path": "/static",
+        #     }
+        # )
+        super(Lesscoder, self).__init__(__name__, *args, **kwargs)
+        # Make sure we get the right referral address even behind proxies like nginx.
+        # 将self.wsgi_app设置为一个经过ProxyFix包装的应用程序。
+        # ProxyFix配置为信任代理服务器发来的X - Forwarded - For和X - Host头部信息，各信任一层（即数值1）。
+        # 这里的ProxyFix通常用于修复在反向代理环境下WSGI应用收到的客户端地址和主机头信息。
+        self.wsgi_app = ProxyFix(self.wsgi_app, x_for=1, x_host=1)
+        # # Configure Redash using our settings
+        setting_name = "setting.config_{}.Config".format(os.getenv("profile")) if os.getenv(
+            "profile") else "setting.config.Config"
+        self.config.from_object(setting_name)
+        self.register_error_handler(Exception, self.handle_exception)
+        # 请求开始时间存储的字典
+        # self.register_error_handler(code_or_exception, f)
+
+    def dispatch_request(self) -> ft.ResponseReturnValue:
+        """ 实现参数自动注入功能，对父级代码进行重写
+        """
+
+        # 此处开始  均为原代码直接拷贝
+        req = request_ctx.request
+        if req.routing_exception is not None:
+            self.raise_routing_exception(req)
+        rule: Rule = req.url_rule  # type: ignore[assignment]
+        # if we provide automatic options for this URL and the
+        # request came with the OPTIONS method, reply automatically
+        if (
+                getattr(rule, "provide_automatic_options", False)
+                and req.method == "OPTIONS"
+        ):
+            return self.make_default_options_response()
+        # otherwise dispatch to the handler for that endpoint
+        view_args: dict[str, t.Any] = req.view_args  # type:
+        func = self.view_functions[rule.endpoint]
+        # 到此结束 以下增加新实现
+        # 此处增加参数注入代码
+        params_dict = inject_args(req, func, view_args)
+        params_dict.update(view_args)
+        print("params_dict", params_dict)
+        # 调用处理函数执行请求处理
+        result = self.ensure_sync(func)(**params_dict)
+        # 获取不包装路径
+        NOT_RESPONSE_RESULT = self.config.get("NOT_RESPONSE_RESULT", [])
+        # 如果访问的路径以不包装路径开头，则不包装返回结果
+        for url in NOT_RESPONSE_RESULT:
+            if req.full_path.startswith(url):
+                return result
+        try:
+            # 判断返回结构是否是json，不是json则不包装
+            json.dumps(result)
+            return ResponseResult(data=result)
+        except:
+            return result
+
+    def setup(self):
+        setup_logging(self)
+        setup_blueprint(self)
+        setup_query_runner()
+        setup_swagger(self)
+        setup_sql_alchemy(self)
+        setup_redis(self)
+        setup_login_manager(self)
+
+    @staticmethod
+    def handle_exception(e):
+        traceback.print_exc()  # 打印堆栈信息
+        # 统一异常处理
+        if hasattr(e, "get_response"):
+            response = e.get_response()
+            return ResponseResult.make_response(message=e.description, data=f"{e.code} {e.name}",
+                                                http_code=response.status_code, status_code="500")
+        else:
+            return ResponseResult.make_response(message=str(e), data=str(e), http_code=500, status_code="500")
+
+
+# 请求开始时间的集合
+request_start_time = {}
+
+
+def create_app():
+    app = Lesscoder()
+    app.json = NotSortJSONProvider(app)  # 设置自定义的 JSON provider
+    with app.app_context():
+        app.setup()
+
+    @app.before_request
+    def before_request():
+        # 生成请求标识
+        request_id = request.headers.get('Request-Id')
+        if request_id is None:
+            request_id = generate_uuid()
+        request.request_id = request_id
+        # 记录请求开始时间
+        request_start_time[request_id] = time.time()
+        # 获取当前请求的url
+        url = request.path
+        # 获取URL 对应的id 与访问权限
+        id, access = RedisHelper(app_config.get("REDIS_OAUTH_KEY", "redis")).sync_hmget(f"upms:url_info:{url}",
+                                                                                        ["id", "access"])
+        if not id:
+            # 如果没有进行注册的url 默认需要登录权限
+            access = app_config.get("AUTH_DEFAULT_ACCESS", "0")
+        # '访问权限2：需要权限 1：需要登录 0：游客',
+        if str(access) == "1":  # 需要登录
+            if current_user.is_anonymous_user:
+                # abort(403, "需要登录")
+                ResponseResult.fail("请登录后访问", status_code="403")
+        elif str(access) == "2":  # 需要权限
+            if current_user.is_anonymous_user:
+                ResponseResult.fail("请登录后访问", status_code="403")
+            if not current_user.has_permission(id):
+                ResponseResult.fail("请获取授权后访问", status_code="403")
+
+    @app.after_request
+    def after_request(response):
+        # 每个请求后执行
+        request_id = request.request_id
+        response.headers['Request-Id'] = request.request_id
+        # 计算请求耗时
+        start_time = request_start_time.pop(request_id, None)
+        if start_time:
+            duration = time.time() - start_time
+        # 100 为自定义 'ACCESS' 的日志级别标识
+        logging.log(100, duration, {"request_id": request_id, "duration": duration})
+        return response
+
+    return app

lesscode_flask/db/__init__.py

@@ -0,0 +1,60 @@
+import logging
+
+from lesscode_flask.db.executor import QueryExecutor, QueryExecutionError
+from lesscode_flask.model.parameterized_query import ParameterizedQuery
+
+
+def execute_query(
+        query_text, parameters,
+        query_runner, should_apply_auto_limit=True
+):
+    """
+    执行查询操作
+    :param query_text: 待执行语句
+    :param parameters: 查询参数数
+    :param query_runner: 查询执行器
+    :param should_apply_auto_limit:
+    :return:
+    """
+    try:
+        query = ParameterizedQuery(query_text)
+        if parameters is None:
+            parameters = {}
+        query.apply(parameters)
+        query_text = query_runner.apply_auto_limit(query.text, should_apply_auto_limit)
+        logging.info("query_text:{}".format(query_text))
+        return QueryExecutor(
+            query_text,
+            query_runner
+        ).run()
+    except QueryExecutionError as e:
+        # models.db.session.rollback()
+        return e
+
+
+from flask_sqlalchemy import SQLAlchemy
+
+
+class LessCodeSQLAlchemy(SQLAlchemy):
+    pass
+    # def apply_driver_hacks(self, app, info, options):
+    #     options.update(json_serializer=json_dumps)
+    #     if settings.SQLALCHEMY_ENABLE_POOL_PRE_PING:
+    #         options.update(pool_pre_ping=True)
+    #     return super(RedashSQLAlchemy, self).apply_driver_hacks(app, info, options)
+    #
+    # def apply_pool_defaults(self, app, options):
+    #     super(RedashSQLAlchemy, self).apply_pool_defaults(app, options)
+    #     if settings.SQLALCHEMY_ENABLE_POOL_PRE_PING:
+    #         options["pool_pre_ping"] = True
+    #     if settings.SQLALCHEMY_DISABLE_POOL:
+    #         options["poolclass"] = NullPool
+    #         # Remove options NullPool does not support:
+    #         options.pop("max_overflow", None)
+    #     return options
+
+
+# db = LessCodeSQLAlchemy(
+#     session_options={"expire_on_commit": False},
+#    engine_options={"json_serializer": json_dumps, "json_deserializer": json_loads}, )
+db = LessCodeSQLAlchemy()

lesscode_flask/db/datasource.py

@@ -0,0 +1,27 @@
+from redash.query_runner import get_query_runner, with_ssh_tunnel
+
+
+class DataSource():
+    def __init__(self):
+        self.options = None
+        self.data_source_id = None
+
+    @staticmethod
+    def get_by_id(object_id):
+        datasource = DataSource()
+        datasource.data_source_id = object_id
+        from lesscode_flask.utils.helpers import app_config
+        datasource_list = app_config.get("DATA_SOURCE")
+        datasource_list = [item for item in datasource_list if item.get("id") == object_id]
+        if len(datasource_list) > 0:
+            datasource.options = datasource_list[0]
+        return datasource
+
+    @property
+    def query_runner(self):
+        query_runner = get_query_runner(self.options.get("type"), self.options)
+        uses_ssh_tunnel = self.options.get("ssh_tunnel", False)
+        if uses_ssh_tunnel:
+            query_runner = with_ssh_tunnel(query_runner, self.options.get("ssh_tunnel"))
+
+        return query_runner

lesscode_flask/db/executor.py

@@ -0,0 +1,128 @@
+import time
+
+
+class QueryExecutionError(Exception):
+    pass
+
+
+class QueryExecutor:
+    # , user_id, is_api_key, metadata, is_scheduled_query
+    def __init__(self, query_text, query_runner):
+        # self.job = get_current_job()
+        self.query_text = query_text
+        # self.data_source_id = data_source_id
+        # self.metadata = metadata
+        self.metadata = {}
+        # self.data_source = self._load_data_source()
+        self.query_runner = query_runner
+        # self.query_id = metadata.get("query_id")
+        # self.user = _resolve_user(user_id, is_api_key, metadata.get("query_id"))
+        self.user = None
+        # self.query_model = (
+        #     models.Query.query.get(self.query_id)
+        #     if self.query_id and self.query_id != "adhoc"
+        #     else None
+        # )  # fmt: skip
+
+        # Close DB connection to prevent holding a connection for a long time while the query is executing.
+        # models.db.session.close()
+        # self.query_hash = gen_query_hash(self.query)
+        # self.is_scheduled_query = is_scheduled_query
+        # if self.is_scheduled_query:
+        #     # Load existing tracker or create a new one if the job was created before code update:
+        #     models.scheduled_queries_executions.update(self.query_model.id)
+
+    def run(self):
+        started_at = time.time()
+        #
+        # logger.debug("Executing query:\n%s", self.query)
+        self._log_progress("executing_query")
+
+        annotated_query = self._annotate_query(self.query_runner)
+
+        try:
+            data, error = self.query_runner.run_query(annotated_query, self.user)
+        except Exception as e:
+            # if isinstance(e, JobTimeoutException):
+            #     error = TIMEOUT_MESSAGE
+            # else:
+            #     error = str(e)
+            print(f"发生异常: {e}")
+            data = None
+            # logger.warning("Unexpected error while running query:", exc_info=1)
+        run_time = time.time() - started_at
+        return data
+
+        #
+        # logger.info(
+        #     "job=execute_query query_hash=%s ds_id=%d data_length=%s error=[%s]",
+        #     self.query_hash,
+        #     self.data_source_id,
+        #     data and len(data),
+        #     error,
+        # )
+        #
+        # _unlock(self.query_hash, self.data_source.id)
+
+        # if error is not None and data is None:
+        #     result = QueryExecutionError(error)
+        #     # if self.is_scheduled_query:
+        #     #     self.query_model = models.db.session.merge(self.query_model, load=False)
+        #     #     track_failure(self.query_model, error)
+        #     raise result
+        # else:
+        #     if self.query_model and self.query_model.schedule_failures > 0:
+        #         self.query_model = models.db.session.merge(self.query_model, load=False)
+        #         self.query_model.schedule_failures = 0
+        #         self.query_model.skip_updated_at = True
+        #         models.db.session.add(self.query_model)
+        #
+        #     query_result = models.QueryResult.store_result(
+        #         self.data_source.org_id,
+        #         self.data_source,
+        #         self.query_hash,
+        #         self.query,
+        #         data,
+        #         run_time,
+        #         utcnow(),
+        #     )
+        #
+        #     updated_query_ids = models.Query.update_latest_result(query_result)
+        #
+        #     models.db.session.commit()  # make sure that alert sees the latest query result
+        #     self._log_progress("checking_alerts")
+        #     for query_id in updated_query_ids:
+        #         check_alerts_for_query.delay(query_id, self.metadata)
+        #     self._log_progress("finished")
+        #
+        #     result = query_result.id
+        #     models.db.session.commit()
+        #     return result
+
+    def _annotate_query(self, query_runner):
+        pass
+        # self.metadata["Job ID"] = self.job.id
+        # self.metadata["Query Hash"] = self.query_hash
+        # self.metadata["Scheduled"] = self.is_scheduled_query
+
+        return query_runner.annotate_query(self.query_text, self.metadata)
+
+    def _log_progress(self, state):
+        pass
+        # logger.info(
+        #     "job=execute_query state=%s query_hash=%s type=%s ds_id=%d "
+        #     "job_id=%s queue=%s query_id=%s username=%s",  # fmt: skip
+        #     state,
+        #     self.query_hash,
+        #     self.data_source.type,
+        #     self.data_source.id,
+        #     self.job.id,
+        #     self.metadata.get("Queue", "unknown"),
+        #     self.metadata.get("query_id", "unknown"),
+        #     self.metadata.get("Username", "unknown"),
+        # )
+
+    def _load_data_source(self):
+        pass
+        # logger.info("job=execute_query state=load_ds ds_id=%d", self.data_source_id)
+        # return models.DataSource.query.get(self.data_source_id)

lesscode_flask/log/access_log_handler.py

@@ -0,0 +1,62 @@
+from logging import Handler
+
+from flask import request, copy_current_request_context
+from flask_login import current_user
+import threading
+from lesscode_flask.model.access_log import AccessLog
+
+from lesscode_flask.service.access_log_service import AccessLogService
+from lesscode_flask.utils.helpers import app_config
+from lesscode_flask.utils.redis.redis_helper import RedisHelper
+
+
+class AccessLogHandler(Handler):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+
+    def emit(self, record):
+        # 客户端IP
+        referrer = request.referrer
+        client_ip = request.remote_addr
+        x_forwarded_for = request.headers.get('X-Forwarded-For')
+        if x_forwarded_for:
+            client_ip = x_forwarded_for.split(',')[0]
+        params = {}
+        args = request.args
+        if args:
+            params["args"] = args
+        form = request.form
+        if form:
+            params["form"] = form
+        if request.mimetype == 'application/json' and request.json is not None:
+            params["json"] = request.json
+
+        request_id = request.headers.get('Request-Id')
+        if request_id is None:
+            request_id = request.request_id
+        user_agent_string = request.headers.get('user-agent')
+        url = request.path
+        url_info_key = f"upms:url_info:{url}"
+
+        resource_id = "-"
+        resource_label = "-"
+        url_info = RedisHelper(app_config.get("REDIS_OAUTH_KEY", "redis")).sync_hgetall(url_info_key)
+        if url_info:
+            resource_id = url_info.get("id", "-")
+            resource_label = url_info.get("label", "-")
+
+        access_log = AccessLog(request_id=request_id, display_name=current_user.display_name,
+                               phone_no=current_user.phone_no,
+                               resource_id=resource_id,
+                               resource_label=resource_label, url=url, referrer=referrer, client_ip=client_ip,
+                               user_agent=user_agent_string,
+                               params=params, duration=record.message)
+
+        @copy_current_request_context
+        def thread_function(access_log):
+            # 在这个函数内部，应用上下文将会被正确传递
+            AccessLogService.add_item(access_log)
+
+        # 创建并启动线程
+        thread = threading.Thread(target=thread_function, args=[access_log])
+        thread.start()

lesscode_flask/model/access_log.py

@@ -0,0 +1,26 @@
+from lesscode_flask.model.base_model import BaseModel
+from lesscode_flask.utils.helpers import generate_uuid
+from sqlalchemy import Column, DateTime, JSON, text, String, Integer, Float
+
+
+class AccessLog(BaseModel):
+    __tablename__ = 'lc_access_log'
+    __table_args__ = {'comment': '访问日志'}
+    __bind_key__ = 'log_db'
+
+    id = Column(String(32), primary_key=True, insert_default=generate_uuid)
+    request_id = Column(String(32), comment='请求id')
+    display_name = Column(String(64), comment='显示名')
+    phone_no = Column(String(255), comment='手机号')
+    resource_id = Column(String(32), comment='资源id)')
+    resource_label = Column(String(128), comment='菜单显示名(操作)')
+    url = Column(String(255), comment='访问地址')
+    referrer = Column(String(255), comment='访问来源')
+    client_ip = Column(String(255), comment='客户端ip')
+    user_agent = Column(String(512), comment='客户端')
+    params = Column(JSON)
+    duration = Column(Float, comment='请求耗时')
+    create_user_id = Column(String(36), nullable=False, comment='创建人id')
+    create_user_name = Column(String(36), nullable=False, comment='创建人用户名')
+    create_time = Column(DateTime, server_default=text("CURRENT_TIMESTAMP"), comment='创建时间')
+

lesscode_flask/model/auth_client.py

@@ -0,0 +1,42 @@
+# coding: utf-8
+from lesscode_flask.model.base_model import BaseModel,JSONEncodedDict
+from lesscode_flask.utils.helpers import generate_uuid
+from sqlalchemy import Column, DateTime, Integer, JSON, text, Text, String, Float, BigInteger
+
+
+class AuthClient(BaseModel):
+    __tablename__ = 'lc_auth_client'
+    __table_args__ = {'comment': '客户端信息表'}
+    __bind_key__ = 'auth_db'
+
+    id = Column(String(36), primary_key=True, comment='主键', insert_default=generate_uuid)
+    client_name = Column(String(255), comment='系统名称')
+    client_id = Column(String(64), nullable=False, unique=True, comment='用于唯一标识每一个客户端')
+    client_secret = Column(String(256), comment='用于指定客户端(client)的访问密匙')
+    scope = Column(String(256), comment='指定客户端申请的权限范围,可选值包括read,write,trust')
+    authorized_grant_types = Column(String(256),
+                                    comment='指定客户端支持的grant_type,可选值包括authorization_code,password,refresh_token,implicit,client_credentials, 若支持多个grant_type用逗号(,)分隔')
+    redirect_uris = Column(String(256), comment='客户端的重定向uri,可为空, 当grant_type为authorization_code或implicit时')
+    logout_redirect_uri = Column(String(255), comment='客户端登出重定向uri')
+    access_token_validity = Column(Integer,
+                                   comment='设定客户端的access_token的有效时间值(单位:秒),可选, 若不设定值则使用默认的有效时间值(60 * 60 * 12, 12小时)')
+    refresh_token_validity = Column(Integer,
+                                    comment='设定客户端的refresh_token的有效时间值(单位:秒),可选, 若不设定值则使用默认的有效时间值(60 * 60 * 24 * 30, 30天)')
+    autoapprove = Column(String(256), comment='设置用户是否自动approval操作, 默认值为 false, 可选值包括 true,false, read,write')
+    response_types = Column(String(255))
+    serial_index = Column(Float(11, True), comment='排序字段')
+    client_id_issued_at = Column(BigInteger)
+    client_secret_expires_at = Column(BigInteger)
+    token_expires_in = Column(Integer, default=3600)
+    description = Column(String(255), comment='描述')
+    is_enable = Column(Integer, nullable=False, default=1, comment='1:可用，0:禁用')
+    is_deleted = Column(Integer, nullable=False, default=0, comment='1:删除，0:未删除')
+    create_user_id = Column(String(36), nullable=False, comment='创建人id')
+    create_user_name = Column(String(36), nullable=False, comment='创建人用户名')
+    modify_user_id = Column(String(36), comment='修改人id')
+    modify_user_name = Column(String(36), comment='修改人用户名')
+    create_time = Column(DateTime, server_default=text("CURRENT_TIMESTAMP"), comment='创建时间')
+    modify_time = Column(DateTime, comment='修改时间')
+    service_export = Column(String(255), comment='服务出口,例如：https://chanyeos.com')
+    is_only_one = Column(Integer, default=1, comment='1：互踢，0：不互踢')
+    metadata_ = Column('metadata', JSONEncodedDict())

lesscode_flask/model/auth_permission.py

@@ -0,0 +1,25 @@
+# coding: utf-8
+from lesscode_flask.model.base_model import BaseModel
+from lesscode_flask.utils.helpers import generate_uuid
+from sqlalchemy import Column, DateTime, Integer, JSON, text, Text, String, Float, BigInteger
+
+
+class AuthPermission(BaseModel):
+    __tablename__ = 'lc_auth_permissions'
+    __table_args__ = {'comment': '权限表（用户、角色、应用-资源关系表）'}
+    __bind_key__ = 'auth_db'
+
+    id = Column(String(36), primary_key=True, insert_default=generate_uuid)
+    user_id = Column(String(36), comment='用户id')
+    role_id = Column(String(36), comment='角色id')
+    client_id = Column(String(36), comment='客户端id')
+    type = Column(Integer, comment='0:角色资源，1:客户端资源，2:用户资源')
+    resource_id = Column(String(36), comment='资源id')
+    expires_at = Column(Integer, comment='资源失效时间')
+    validator = Column(JSON, comment='验证数据')
+    create_user_id = Column(String(36), nullable=False, comment='创建人id')
+    create_user_name = Column(String(36), nullable=False, comment='创建人用户名')
+    modify_user_id = Column(String(36), comment='修改人id')
+    modify_user_name = Column(String(36), comment='修改人用户名')
+    create_time = Column(DateTime, server_default=text("CURRENT_TIMESTAMP"), comment='创建时间')
+    modify_time = Column(DateTime, comment='修改时间')

lesscode_flask/model/base_model.py

@@ -0,0 +1,38 @@
+import json
+from typing import Optional
+
+from sqlalchemy.sql.type_api import _T
+
+from lesscode_flask.db import db
+
+
+class BaseModel(db.Model):
+    __abstract__ = True
+    __bind_key__ = 'default'
+
+
+    # def to_dict(self):
+    #     return {c.name: getattr(self, c.name) for c in self.__table__.columns}
+
+
+from sqlalchemy import TypeDecorator, VARCHAR, Dialect
+
+
+class JSONEncodedDict(TypeDecorator):
+    """数据字段存储为json格式字符串 ，进行互转"""
+
+    def process_literal_param(self, value: Optional[_T], dialect: Dialect) -> str:
+        pass
+
+    impl = VARCHAR
+
+    def process_bind_param(self, value, dialect):
+        if value is not None:
+            value = json.dumps(value)
+        return value
+
+    def process_result_value(self, value, dialect):
+        if value is not None:
+            value = json.loads(value)
+        return value
+