pythonclass Student(Base):
"""学生模型"""
__tablename__ = "students"
id = Column(BigInteger, primary_key=True, index=True)
email = Column(String(255), unique=True, index=True, nullable=False)
password_hash = Column(String(255), nullable=False)
name = Column(String(100), nullable=False)
student_id = Column(String(50), unique=True, index=True, nullable=True)
phone = Column(String(20), nullable=True)
avatar_url = Column(String(500), nullable=True)
role = Column(Enum(UserRole), default=UserRole.STUDENT, nullable=False)
status = Column(Enum(UserStatus), default=UserStatus.ACTIVE, nullable=False)
department = Column(String(100), nullable=True)
grade = Column(String(10), nullable=True)
last_login_at = Column(DateTime(timezone=True), nullable=True)
created_at = Column(DateTime(timezone=True), server_default=func.now())
updated_at = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
def __repr__(self):
return f"<Student(id={self.id}, email='{self.email}', name='{self.name}')>"
class Administrator(Base):
"管理员模型"
__tablename__ = "administrator"
id = Column(BigInteger, primary_key=True, index=True, default=0)
name = Column(String(100), nullable=False, default="administrator")
email = Column(String(255), unique=True, index=True, nullable=False)
password_hash = Column(String(255), nullable=False)
role = Column(Enum(UserRole), default=UserRole.ADMIN, nullable=False)
status = Column(Enum(UserStatus), default=UserStatus.ACTIVE, nullable=False)
avatar_url = Column(String(500), nullable=True)
last_login_at = Column(DateTime(timezone=True), nullable=True)
created_at = Column(DateTime(timezone=True), server_default=func.now())
updated_at = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
permissions = Column(String(1000), nullable=True)
department = Column(String(100), nullable=True)
phone = Column(String(20), nullable=True)
def __repr__(self):
return f"<Administrator(id={self.id}, name='{self.name}', email='{self.email}', role='{self.role}')>"
class TeacherAssistant(Base):
"助教模型"
__tablename__ = "teacher_assistant"
id = Column(BigInteger, primary_key=True, index=True)
name = Column(String(100), nullable=False)
email = Column(String(255), unique=True, index=True, nullable=False)
password_hash = Column(String(255), nullable=False)
role = Column(Enum(UserRole), default=UserRole.TEACHING_ASSISTANT, nullable=False)
status = Column(Enum(UserStatus), default=UserStatus.ACTIVE, nullable=False)
avatar_url = Column(String(500), nullable=True)
last_login_at = Column(DateTime(timezone=True), nullable=True)
created_at = Column(DateTime(timezone=True), server_default=func.now())
updated_at = Column(DateTime(timezone=True), server_default=func.now(), onupdate=func.now())
department = Column(String(100), nullable=True)
phone = Column(String(20), nullable=True)
course_id = Column(String(50), nullable=True)
office_hours = Column(String(255), nullable=True)
def __repr__(self):
return f"<TeacherAssistant(id={self.id}, name={self.name}, email={self.email})>"
pythonclass UserRole(str, PyEnum):
"""用户角色枚举"""
STUDENT = "student"
ADMIN = "administrator"
TEACHING_ASSISTANT = "teaching_assistant"
@property
def description(self):
"""获取角色描述"""
descriptions = {
UserRole.STUDENT: "学生权限:查看课程信息、预约学习资源、查看自己的预约记录、参与协作项目、发布学习讨论、上传个人作业、查看个人成绩和进度",
UserRole.TEACHING_ASSISTANT: "助教权限:所有学生权限,外加管理特定课程资源预约、审核作业、管理课程讨论区、查看课程统计数据、管理学生分组、安排辅导时间、发布课程公告",
UserRole.ADMIN: "管理员权限:所有助教权限,外加用户账户管理、系统设置管理、所有资源管理、内容审核、日志管理、性能监控、数据备份恢复、API密钥管理"
}
return descriptions[self]
@property
def permissions(self):
"""获取角色权限列表"""
# 学生权限
student_permissions = [
"view_courses", # 查看课程信息
"book_resources", # 预约学习资源
"view_own_bookings", # 查看自己的预约记录
"join_projects", # 参与协作项目
"post_discussions", # 发布学习讨论
"upload_assignments", # 上传个人作业
"view_own_grades", # 查看个人成绩和进度
"view_own_profile", # 查看个人资料
"edit_own_profile", # 编辑个人资料
]
# 助教权限
ta_extended_permissions = [
"manage_course_bookings", # 管理特定课程资源预约
"review_assignments", # 审核作业
"manage_course_discussions", # 管理课程讨论区
"view_course_statistics", # 查看课程统计数据
"manage_student_groups", # 管理学生分组
"schedule_office_hours", # 安排辅导时间
"post_course_announcements", # 发布课程公告
"grade_assignments", # 批改作业
"view_student_progress", # 查看学生进度
]
# 管理员权限
admin_extended_permissions = [
"manage_users", # 用户账户管理
"manage_system_settings", # 系统设置管理
"manage_all_resources", # 管理所有资源
"moderate_content", # 内容审核
"view_audit_logs", # 查看审计日志
"manage_audit_logs", # 管理审计日志
"monitor_system", # 性能监控
"backup_restore_data", # 数据备份恢复
"manage_api_keys", # API密钥管理
"manage_permissions", # 权限管理
"view_system_statistics", # 查看系统统计
"manage_notifications", # 管理通知系统
"export_data", # 导出数据
"import_data", # 导入数据
]
# 根据角色返回权限
if self == UserRole.STUDENT:
return student_permissions
elif self == UserRole.TEACHING_ASSISTANT:
return student_permissions + ta_extended_permissions
elif self == UserRole.ADMIN:
return student_permissions + ta_extended_permissions + admin_extended_permissions
else:
return []
def has_permission(self, permission: str) -> bool:
"""检查是否具有指定权限"""
return permission in self.permissions
def can_access_resource(self, resource_type: str, action: str) -> bool:
"""检查是否可以访问特定资源"""
permission_key = f"{action}_{resource_type}"
return self.has_permission(permission_key)
@classmethod
def get_all_permissions(cls):
"""获取所有角色的权限汇总"""
all_permissions = set()
for role in cls:
all_permissions.update(role.permissions)
return sorted(list(all_permissions))
@classmethod
def get_role_hierarchy(cls):
"""获取角色层级关系"""
return {
cls.STUDENT: 1,
cls.TEACHING_ASSISTANT: 2,
cls.ADMIN: 3
}
def is_higher_than(self, other_role: 'UserRole') -> bool:
"""检查当前角色是否高于另一个角色"""
hierarchy = self.get_role_hierarchy()
return hierarchy.get(self, 0) > hierarchy.get(other_role, 0)
pythonclass UserStatus(str, PyEnum):
"""用户状态枚举"""
ACTIVE = "active"
INACTIVE = "inactive"
BANNED = "banned"
本文作者:晏秋
本文链接:
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!