Files
KiloStar/kilostar/core/postgres_database/module/user.py
T

149 lines
5.9 KiB
Python

# Copyright 2026 zhaoxi826
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from kilostar.core.postgres_database.model.user import User
from sqlalchemy import select
from kilostar.utils.error import UserNotExistError, UserPasswordError
from kilostar.core.postgres_database.database_exception import database_exception
from kilostar.core.postgres_database.model.user import UserAuthority
from kilostar.utils.access import Accessor
class AuthDatabase:
"""User 表的 DAO:注册、登录、改密、删除以及权限读写。"""
def __init__(self, async_session_maker):
self.async_session_maker = async_session_maker
@database_exception
async def add_user(self, user_name: str, hashed_password: str) -> User:
"""新建一名用户;若当前库中尚无任何用户,第一名将被自动赋予 SUPER_ADMINISTRATOR 权限。"""
from ulid import ULID
async with self.async_session_maker() as session:
# Check if any users exist
statement = select(User).limit(1)
results = await session.execute(statement)
existing_user = results.first()
authority = UserAuthority.USER
if existing_user is None:
authority = UserAuthority.SUPER_ADMINISTRATOR
user = User(
user_id=str(ULID()),
user_name=user_name,
hashed_password=hashed_password,
user_authority=authority,
)
session.add(user)
await session.commit()
await session.refresh(user)
return user
@database_exception
async def change_password(self, user_name, old_password, new_password) -> User:
"""校验旧密码后将其替换为新密码;旧密码不匹配抛 UserPasswordError。"""
async with self.async_session_maker() as session:
statement = select(User).where(User.user_name == user_name)
results = await session.execute(statement)
user = results.scalar_one_or_none()
if user is None:
raise UserNotExistError()
if not Accessor.verify_password(old_password, user.hashed_password):
raise UserPasswordError()
user.hashed_password = Accessor.hash_password(new_password)
session.add(user)
await session.commit()
await session.refresh(user)
return user
@database_exception
async def delete_user(self, user_name: str) -> None:
"""按用户名删除一名用户,不存在则抛 UserNotExistError。"""
async with self.async_session_maker() as session:
statement = select(User).where(User.user_name == user_name)
results = await session.execute(statement)
user = results.scalar_one_or_none()
if user is None:
raise UserNotExistError()
session.delete(user)
await session.commit()
@database_exception
async def delete_user_by_id(self, user_id: str) -> None:
"""按用户 ID 删除一名用户,不存在则抛 UserNotExistError。"""
async with self.async_session_maker() as session:
user = await session.get(User, user_id)
if user is None:
raise UserNotExistError()
session.delete(user)
await session.commit()
@database_exception
async def login_user(self, user_name: str) -> str:
"""按用户名查出 User 记录返回给上层;上层再做密码校验并签发 token。"""
async with self.async_session_maker() as session:
statement = select(User).where(User.user_name == user_name)
results = await session.execute(statement)
user = results.scalar_one_or_none()
if user is None:
raise UserNotExistError()
return user
@database_exception
async def get_all_users(self) -> list[User]:
"""返回数据库中全部用户列表。"""
async with self.async_session_maker() as session:
statement = select(User)
results = await session.execute(statement)
users = results.scalars().all()
return list(users)
@database_exception
async def get_user_authority(self, user_id: str) -> UserAuthority:
"""返回指定用户的 UserAuthority 枚举;不存在抛 UserNotExistError。"""
async with self.async_session_maker() as session:
user = await session.get(User, user_id)
if user is None:
raise UserNotExistError()
return user.user_authority
@database_exception
async def change_user_authority(
self, user_id: str, new_authority: UserAuthority
) -> User:
"""
Changes the authority level of a specific user.
Args:
user_id: The ID of the user whose authority is to be changed.
new_authority: The new authority level to assign to the user.
Returns:
User: The updated user object.
Raises:
UserNotExistError: If the specified user does not exist.
"""
async with self.async_session_maker() as session:
user = await session.get(User, user_id)
if user is None:
raise UserNotExistError()
user.user_authority = new_authority
session.add(user)
await session.commit()
await session.refresh(user)
return user