zhenxun_bot/zhenxun/builtin_plugins/hooks/auth/auth_admin.py

import asyncio
import time

from nonebot_plugin_alconna import At
from nonebot_plugin_uninfo import Uninfo

from zhenxun.models.level_user import LevelUser
from zhenxun.models.plugin_info import PluginInfo
from zhenxun.services.data_access import DataAccess
from zhenxun.services.db_context import DB_TIMEOUT_SECONDS
from zhenxun.services.log import logger
from zhenxun.utils.utils import get_entity_ids

from .config import LOGGER_COMMAND, WARNING_THRESHOLD
from .exception import SkipPluginException
from .utils import send_message


async def auth_admin(plugin: PluginInfo, session: Uninfo):
    """管理员命令 个人权限

    参数:
        plugin: PluginInfo
        session: Uninfo
    """
    start_time = time.time()

    if not plugin.admin_level:
        return

    try:
        entity = get_entity_ids(session)
        level_dao = DataAccess(LevelUser)

        # 并行查询用户权限数据
        global_user: LevelUser | None = None
        group_users: LevelUser | None = None

        # 查询全局权限
        global_user_task = level_dao.safe_get_or_none(
            user_id=session.user.id, group_id__isnull=True
        )

        # 如果在群组中，查询群组权限
        group_users_task = None
        if entity.group_id:
            group_users_task = level_dao.safe_get_or_none(
                user_id=session.user.id, group_id=entity.group_id
            )

        # 等待查询完成，添加超时控制
        try:
            results = await asyncio.wait_for(
                asyncio.gather(global_user_task, group_users_task or asyncio.sleep(0)),
                timeout=DB_TIMEOUT_SECONDS,
            )
            global_user = results[0]
            group_users = results[1] if group_users_task else None
        except asyncio.TimeoutError:
            logger.error(f"查询用户权限超时: user_id={session.user.id}", LOGGER_COMMAND)
            # 超时时不阻塞，继续执行
            return

        user_level = global_user.user_level if global_user else 0
        if entity.group_id and group_users:
            user_level = max(user_level, group_users.user_level)

            if user_level < plugin.admin_level:
                await send_message(
                    session,
                    [
                        At(flag="user", target=session.user.id),
                        f"你的权限不足喔，该功能需要的权限等级: {plugin.admin_level}",
                    ],
                    entity.user_id,
                )

                raise SkipPluginException(
                    f"{plugin.name}({plugin.module}) 管理员权限不足..."
                )
        elif global_user:
            if global_user.user_level < plugin.admin_level:
                await send_message(
                    session,
                    f"你的权限不足喔，该功能需要的权限等级: {plugin.admin_level}",
                )

                raise SkipPluginException(
                    f"{plugin.name}({plugin.module}) 管理员权限不足..."
                )
    finally:
        # 记录执行时间
        elapsed = time.time() - start_time
        if elapsed > WARNING_THRESHOLD:  # 记录耗时超过500ms的检查
            logger.warning(
                f"auth_admin 耗时: {elapsed:.3f}s, plugin={plugin.module}",
                LOGGER_COMMAND,
                session=session,
            )
:sparkles: 引入缓存机制 (#1889) * 添加全局cache * ✨ 构建缓存，hook使用缓存 * :sparkles: 新增数据库Model方法监控 * :sparkles: 数据库添加semaphore锁 * :adhesive_bandage: 优化webapi返回数据 * :sparkles: 添加增量缓存与缓存过期 * :art: 优化检测代码结构 * :zap: 优化hook权限检测性能 * :bug: 添加新异常判断跳过权限检测 * :sparkles: 添加插件limit缓存 * :art: 代码格式优化 * :bug: 修复代码导入 * :bug: 修复刷新时检查 * :alien: Rename exception for missing database URL in initialization * :wheelchair: Update default database URL to SQLite in configuration * :wrench: Update tortoise-orm and aiocache dependencies restrictions; add optional redis and asyncpg support * :bug: 修复ban检测 * :bug: 修复所有插件关闭时缓存更新 * :bug: 尝试迁移至aiocache * :bug: 完善aiocache缓存 * :zap: 代码性能优化 * :bug: 移除获取封禁缓存时的日志记录 * :bug: 修复缓存类型声明，优化封禁用户处理逻辑 * :bug: 优化LevelUser权限更新逻辑及数据库迁移 * :sparkles: cache支持redis连接 * :rotating_light: auto fix by pre-commit hooks * :zap: ：增强获取群组的安全性和准确性。同时，优化了缓存管理中的相关逻辑，确保缓存操作的一致性。 * ✨ feat(auth_limit): 将插件初始化逻辑的启动装饰器更改为优先级管理器 * 🔧 修复日志记录级别 * 🔧 更新数据库连接字符串 * 🔧 更新数据库连接字符串为内存数据库，并优化权限检查逻辑 * ✨ feat(cache): 增加缓存功能配置项，并新增数据访问层以支持缓存逻辑 * :recycle: 重构cache * ✨ feat(cache): 增强缓存管理，新增缓存字典和缓存列表功能，支持过期时间管理 * 🔧 修复Notebook类中的viewport高度设置，将其从1000调整为10 * ✨ 更新插件管理逻辑，替换缓存服务为CacheRoot并优化缓存失效处理 * ✨ 更新RegisterConfig类中的type字段 * ✨ 修复清理重复记录逻辑，确保检查记录的id属性有效性 * :zap: 超级无敌大优化，解决延迟与卡死问题 * ✨ 更新封禁功能，增加封禁时长参数和描述，优化插件信息返回结构 * ✨ 更新zhenxun_help.py中的viewport高度，将其从453调整为10，以优化页面显示效果 * ✨ 优化插件分类逻辑，增加插件ID排序，并更新插件信息返回结构 --------- Co-authored-by: BalconyJH <balconyjh@gmail.com> Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> 2025-07-14 22:35:29 +08:00			`import asyncio`
			`import time`

			`from nonebot_plugin_alconna import At`
			`from nonebot_plugin_uninfo import Uninfo`

			`from zhenxun.models.level_user import LevelUser`
			`from zhenxun.models.plugin_info import PluginInfo`
			`from zhenxun.services.data_access import DataAccess`
			`from zhenxun.services.db_context import DB_TIMEOUT_SECONDS`
			`from zhenxun.services.log import logger`
			`from zhenxun.utils.utils import get_entity_ids`

			`from .config import LOGGER_COMMAND, WARNING_THRESHOLD`
			`from .exception import SkipPluginException`
			`from .utils import send_message`


			`async def auth_admin(plugin: PluginInfo, session: Uninfo):`
			`"""管理员命令个人权限`

			`参数:`
			`plugin: PluginInfo`
			`session: Uninfo`
			`"""`
			`start_time = time.time()`

			`if not plugin.admin_level:`
			`return`

			`try:`
			`entity = get_entity_ids(session)`
			`level_dao = DataAccess(LevelUser)`

			`# 并行查询用户权限数据`
			`global_user: LevelUser \| None = None`
			`group_users: LevelUser \| None = None`

			`# 查询全局权限`
			`global_user_task = level_dao.safe_get_or_none(`
			`user_id=session.user.id, group_id__isnull=True`
			`)`

			`# 如果在群组中，查询群组权限`
			`group_users_task = None`
			`if entity.group_id:`
			`group_users_task = level_dao.safe_get_or_none(`
			`user_id=session.user.id, group_id=entity.group_id`
			`)`

			`# 等待查询完成，添加超时控制`
			`try:`
			`results = await asyncio.wait_for(`
			`asyncio.gather(global_user_task, group_users_task or asyncio.sleep(0)),`
			`timeout=DB_TIMEOUT_SECONDS,`
			`)`
			`global_user = results[0]`
			`group_users = results[1] if group_users_task else None`
			`except asyncio.TimeoutError:`
			`logger.error(f"查询用户权限超时: user_id={session.user.id}", LOGGER_COMMAND)`
			`# 超时时不阻塞，继续执行`
			`return`

			`user_level = global_user.user_level if global_user else 0`
			`if entity.group_id and group_users:`
			`user_level = max(user_level, group_users.user_level)`

			`if user_level < plugin.admin_level:`
			`await send_message(`
			`session,`
			`[`
			`At(flag="user", target=session.user.id),`
			`f"你的权限不足喔，该功能需要的权限等级: {plugin.admin_level}",`
			`],`
			`entity.user_id,`
			`)`

			`raise SkipPluginException(`
			`f"{plugin.name}({plugin.module}) 管理员权限不足..."`
			`)`
			`elif global_user:`
			`if global_user.user_level < plugin.admin_level:`
			`await send_message(`
			`session,`
			`f"你的权限不足喔，该功能需要的权限等级: {plugin.admin_level}",`
			`)`

			`raise SkipPluginException(`
			`f"{plugin.name}({plugin.module}) 管理员权限不足..."`
			`)`
			`finally:`
			`# 记录执行时间`
			`elapsed = time.time() - start_time`
			`if elapsed > WARNING_THRESHOLD: # 记录耗时超过500ms的检查`
			`logger.warning(`
			`f"auth_admin 耗时: {elapsed:.3f}s, plugin={plugin.module}",`
			`LOGGER_COMMAND,`
			`session=session,`
			`)`