admin/000-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: 新增睿美云对接模块
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source 
- 扩展 ToolConfig 配置类型,新增 external_api 类型
- 实现接口注册表,包含 90+ 睿美云开放接口定义
- 实现 TPOS SHA256WithRSA 签名鉴权
- 实现睿美云 API 客户端,支持多租户配置
- 新增代理路由 /api/ruimeiyun/call/{api_name}
- 支持接口权限控制和健康检查
This commit is contained in:
Admin
2026-01-30 17:27:58 +08:00
parent c1ba17f809
commit afcf30b519
23 changed files with 6290 additions and 4648 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
backend/app/main.py
View File

@@ -16,6 +16,8 @@ from .routers.cost import router as cost_router
from .routers.quota import router as quota_router
from .routers.tasks import router as tasks_router
from .routers.notification_channels import router as notification_channels_router
from .routers.tool_configs import router as tool_configs_router
from .routers.ruimeiyun import router as ruimeiyun_router
from .middleware import TraceMiddleware, setup_exception_handlers, RequestLoggerMiddleware
from .middleware.trace import setup_logging
from .services.scheduler import scheduler_service
@@ -71,6 +73,8 @@ app.include_router(cost_router, prefix="/api")
app.include_router(quota_router, prefix="/api")
app.include_router(tasks_router)
app.include_router(notification_channels_router)
app.include_router(tool_configs_router, prefix="/api")
app.include_router(ruimeiyun_router, prefix="/api")
# 应用生命周期事件

42
backend/app/models/notification_channel.py
View File

@@ -1,21 +1,21 @@
"""任务通知渠道模型"""
from datetime import datetime
from sqlalchemy import Column, Integer, String, Enum, Boolean, DateTime
from ..database import Base
class TaskNotifyChannel(Base):
"""任务通知渠道表(用于定时任务推送)"""
__tablename__ = "platform_task_notify_channels"
id = Column(Integer, primary_key=True, autoincrement=True)
tenant_id = Column(String(50), nullable=False)
channel_name = Column(String(100), nullable=False)
channel_type = Column(Enum('dingtalk_bot', 'wecom_bot'), nullable=False)
webhook_url = Column(String(500), nullable=False)
sign_secret = Column(String(200)) # 钉钉加签密钥
description = Column(String(255))
is_enabled = Column(Boolean, default=True)
created_at = Column(DateTime, default=datetime.now)
updated_at = Column(DateTime, default=datetime.now, onupdate=datetime.now)
"""任务通知渠道模型"""
from datetime import datetime
from sqlalchemy import Column, Integer, String, Enum, Boolean, DateTime
from ..database import Base
class TaskNotifyChannel(Base):
"""任务通知渠道表(用于定时任务推送)"""
__tablename__ = "platform_task_notify_channels"
id = Column(Integer, primary_key=True, autoincrement=True)
tenant_id = Column(String(50), nullable=False)
channel_name = Column(String(100), nullable=False)
channel_type = Column(Enum('dingtalk_bot', 'wecom_bot'), nullable=False)
webhook_url = Column(String(500), nullable=False)
sign_secret = Column(String(200)) # 钉钉加签密钥
description = Column(String(255))
is_enabled = Column(Boolean, default=True)
created_at = Column(DateTime, default=datetime.now)
updated_at = Column(DateTime, default=datetime.now, onupdate=datetime.now)

206
backend/app/models/scheduled_task.py
View File

@@ -1,103 +1,103 @@
"""定时任务相关模型"""
from datetime import datetime
from sqlalchemy import Column, BigInteger, Integer, String, Text, Enum, SmallInteger, TIMESTAMP, DateTime, JSON, Boolean
from ..database import Base
class ScheduledTask(Base):
"""定时任务表"""
__tablename__ = "platform_scheduled_tasks"
id = Column(Integer, primary_key=True, autoincrement=True)
tenant_id = Column(String(50))
task_name = Column(String(100), nullable=False)
task_desc = Column(String(500))
# 调度配置
schedule_type = Column(Enum('simple', 'cron'), nullable=False, default='simple')
time_points = Column(JSON) # JSON数组 ["08:00", "12:00"]
cron_expression = Column(String(100))
timezone = Column(String(50), default='Asia/Shanghai')
# 执行类型
execution_type = Column(Enum('webhook', 'script'), nullable=False, default='script')
# Webhook配置
webhook_url = Column(String(500))
# 脚本配置
script_content = Column(Text)
script_deps = Column(Text) # 脚本依赖
# 输入参数
input_params = Column(JSON) # JSON格式
# 重试配置
retry_count = Column(Integer, default=0)
retry_interval = Column(Integer, default=60)
# 告警配置
alert_on_failure = Column(Boolean, default=False)
alert_webhook = Column(String(500))
# 通知配置
notify_channels = Column(JSON) # 通知渠道ID列表
notify_wecom_app_id = Column(Integer) # 企微应用ID
# 状态
is_enabled = Column(Boolean, default=True)
last_run_at = Column(DateTime)
last_run_status = Column(Enum('success', 'failed', 'running'))
last_run_message = Column(Text)
created_at = Column(DateTime, default=datetime.now)
updated_at = Column(DateTime, default=datetime.now, onupdate=datetime.now)
class TaskLog(Base):
"""任务执行日志"""
__tablename__ = "platform_task_logs"
id = Column(BigInteger, primary_key=True, autoincrement=True)
task_id = Column(Integer, nullable=False)
tenant_id = Column(String(50))
trace_id = Column(String(100))
status = Column(Enum('running', 'success', 'failed'), nullable=False)
started_at = Column(DateTime, nullable=False)
finished_at = Column(DateTime)
duration_ms = Column(Integer)
output = Column(Text)
error = Column(Text)
retry_count = Column(Integer, default=0)
created_at = Column(TIMESTAMP, default=datetime.now)
class ScriptVar(Base):
"""脚本变量存储"""
__tablename__ = "platform_script_vars"
id = Column(Integer, primary_key=True, autoincrement=True)
task_id = Column(Integer, nullable=False)
tenant_id = Column(String(50))
var_key = Column(String(100), nullable=False)
var_value = Column(Text) # JSON格式
created_at = Column(TIMESTAMP, default=datetime.now)
updated_at = Column(TIMESTAMP, default=datetime.now, onupdate=datetime.now)
class Secret(Base):
"""密钥管理"""
__tablename__ = "platform_secrets"
id = Column(Integer, primary_key=True, autoincrement=True)
tenant_id = Column(String(50)) # NULL为全局
secret_key = Column(String(100), nullable=False)
secret_value = Column(Text, nullable=False)
description = Column(String(255))
created_at = Column(TIMESTAMP, default=datetime.now)
updated_at = Column(TIMESTAMP, default=datetime.now, onupdate=datetime.now)
"""定时任务相关模型"""
from datetime import datetime
from sqlalchemy import Column, BigInteger, Integer, String, Text, Enum, SmallInteger, TIMESTAMP, DateTime, JSON, Boolean
from ..database import Base
class ScheduledTask(Base):
"""定时任务表"""
__tablename__ = "platform_scheduled_tasks"
id = Column(Integer, primary_key=True, autoincrement=True)
tenant_id = Column(String(50))
task_name = Column(String(100), nullable=False)
task_desc = Column(String(500))
# 调度配置
schedule_type = Column(Enum('simple', 'cron'), nullable=False, default='simple')
time_points = Column(JSON) # JSON数组 ["08:00", "12:00"]
cron_expression = Column(String(100))
timezone = Column(String(50), default='Asia/Shanghai')
# 执行类型
execution_type = Column(Enum('webhook', 'script'), nullable=False, default='script')
# Webhook配置
webhook_url = Column(String(500))
# 脚本配置
script_content = Column(Text)
script_deps = Column(Text) # 脚本依赖
# 输入参数
input_params = Column(JSON) # JSON格式
# 重试配置
retry_count = Column(Integer, default=0)
retry_interval = Column(Integer, default=60)
# 告警配置
alert_on_failure = Column(Boolean, default=False)
alert_webhook = Column(String(500))
# 通知配置
notify_channels = Column(JSON) # 通知渠道ID列表
notify_wecom_app_id = Column(Integer) # 企微应用ID
# 状态
is_enabled = Column(Boolean, default=True)
last_run_at = Column(DateTime)
last_run_status = Column(Enum('success', 'failed', 'running'))
last_run_message = Column(Text)
created_at = Column(DateTime, default=datetime.now)
updated_at = Column(DateTime, default=datetime.now, onupdate=datetime.now)
class TaskLog(Base):
"""任务执行日志"""
__tablename__ = "platform_task_logs"
id = Column(BigInteger, primary_key=True, autoincrement=True)
task_id = Column(Integer, nullable=False)
tenant_id = Column(String(50))
trace_id = Column(String(100))
status = Column(Enum('running', 'success', 'failed'), nullable=False)
started_at = Column(DateTime, nullable=False)
finished_at = Column(DateTime)
duration_ms = Column(Integer)
output = Column(Text)
error = Column(Text)
retry_count = Column(Integer, default=0)
created_at = Column(TIMESTAMP, default=datetime.now)
class ScriptVar(Base):
"""脚本变量存储"""
__tablename__ = "platform_script_vars"
id = Column(Integer, primary_key=True, autoincrement=True)
task_id = Column(Integer, nullable=False)
tenant_id = Column(String(50))
var_key = Column(String(100), nullable=False)
var_value = Column(Text) # JSON格式
created_at = Column(TIMESTAMP, default=datetime.now)
updated_at = Column(TIMESTAMP, default=datetime.now, onupdate=datetime.now)
class Secret(Base):
"""密钥管理"""
__tablename__ = "platform_secrets"
id = Column(Integer, primary_key=True, autoincrement=True)
tenant_id = Column(String(50)) # NULL为全局
secret_key = Column(String(100), nullable=False)
secret_value = Column(Text, nullable=False)
description = Column(String(255))
created_at = Column(TIMESTAMP, default=datetime.now)
updated_at = Column(TIMESTAMP, default=datetime.now, onupdate=datetime.now)

422
backend/app/routers/notification_channels.py
View File

@@ -1,211 +1,211 @@
"""通知渠道API路由"""
from typing import Optional, List
from fastapi import APIRouter, Depends, HTTPException, Query
from pydantic import BaseModel
from sqlalchemy.orm import Session
from sqlalchemy import desc
from ..database import get_db
from ..models.notification_channel import TaskNotifyChannel
router = APIRouter(prefix="/api/notification-channels", tags=["notification-channels"])
# ==================== Schemas ====================
class ChannelCreate(BaseModel):
tenant_id: str
channel_name: str
channel_type: str # dingtalk_bot, wecom_bot
webhook_url: str
sign_secret: Optional[str] = None # 钉钉加签密钥
description: Optional[str] = None
class ChannelUpdate(BaseModel):
channel_name: Optional[str] = None
channel_type: Optional[str] = None
webhook_url: Optional[str] = None
sign_secret: Optional[str] = None
description: Optional[str] = None
is_enabled: Optional[bool] = None
# ==================== CRUD ====================
@router.get("")
async def list_channels(
tenant_id: Optional[str] = None,
channel_type: Optional[str] = None,
is_enabled: Optional[bool] = None,
page: int = Query(1, ge=1),
size: int = Query(50, ge=1, le=100),
db: Session = Depends(get_db)
):
"""获取通知渠道列表"""
query = db.query(TaskNotifyChannel)
if tenant_id:
query = query.filter(TaskNotifyChannel.tenant_id == tenant_id)
if channel_type:
query = query.filter(TaskNotifyChannel.channel_type == channel_type)
if is_enabled is not None:
query = query.filter(TaskNotifyChannel.is_enabled == is_enabled)
total = query.count()
items = query.order_by(desc(TaskNotifyChannel.created_at)).offset((page - 1) * size).limit(size).all()
return {
"total": total,
"items": [format_channel(c) for c in items]
}
@router.get("/{channel_id}")
async def get_channel(channel_id: int, db: Session = Depends(get_db)):
"""获取渠道详情"""
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
return format_channel(channel)
@router.post("")
async def create_channel(data: ChannelCreate, db: Session = Depends(get_db)):
"""创建通知渠道"""
channel = TaskNotifyChannel(
tenant_id=data.tenant_id,
channel_name=data.channel_name,
channel_type=data.channel_type,
webhook_url=data.webhook_url,
sign_secret=data.sign_secret,
description=data.description,
is_enabled=True
)
db.add(channel)
db.commit()
db.refresh(channel)
return {"success": True, "id": channel.id}
@router.put("/{channel_id}")
async def update_channel(channel_id: int, data: ChannelUpdate, db: Session = Depends(get_db)):
"""更新通知渠道"""
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
if data.channel_name is not None:
channel.channel_name = data.channel_name
if data.channel_type is not None:
channel.channel_type = data.channel_type
if data.webhook_url is not None:
channel.webhook_url = data.webhook_url
if data.sign_secret is not None:
channel.sign_secret = data.sign_secret
if data.description is not None:
channel.description = data.description
if data.is_enabled is not None:
channel.is_enabled = data.is_enabled
db.commit()
return {"success": True}
@router.delete("/{channel_id}")
async def delete_channel(channel_id: int, db: Session = Depends(get_db)):
"""删除通知渠道"""
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
db.delete(channel)
db.commit()
return {"success": True}
@router.post("/{channel_id}/test")
async def test_channel(channel_id: int, db: Session = Depends(get_db)):
"""测试通知渠道"""
import httpx
import time
import hmac
import hashlib
import base64
import urllib.parse
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
test_content = f"**测试消息**\n\n渠道名称: {channel.channel_name}\n发送时间: 测试中..."
try:
url = channel.webhook_url
if channel.channel_type == 'dingtalk_bot':
# 钉钉加签
if channel.sign_secret:
timestamp = str(round(time.time() * 1000))
string_to_sign = f'{timestamp}\n{channel.sign_secret}'
hmac_code = hmac.new(
channel.sign_secret.encode('utf-8'),
string_to_sign.encode('utf-8'),
digestmod=hashlib.sha256
).digest()
sign = urllib.parse.quote_plus(base64.b64encode(hmac_code))
# 拼接签名参数
if '?' in url:
url = f"{url}&timestamp={timestamp}&sign={sign}"
else:
url = f"{url}?timestamp={timestamp}&sign={sign}"
payload = {
"msgtype": "markdown",
"markdown": {
"title": "渠道测试",
"text": test_content
}
}
else: # wecom_bot
payload = {
"msgtype": "markdown",
"markdown": {
"content": test_content
}
}
async with httpx.AsyncClient(timeout=10) as client:
response = await client.post(url, json=payload)
result = response.json()
# 钉钉返回 errcode=0企微返回 errcode=0
if result.get('errcode') == 0:
return {"success": True, "message": "发送成功"}
else:
return {"success": False, "message": f"发送失败: {result}"}
except Exception as e:
return {"success": False, "message": f"发送失败: {str(e)}"}
# ==================== Helpers ====================
def format_channel(channel: TaskNotifyChannel) -> dict:
"""格式化渠道数据"""
return {
"id": channel.id,
"tenant_id": channel.tenant_id,
"channel_name": channel.channel_name,
"channel_type": channel.channel_type,
"webhook_url": channel.webhook_url,
"sign_secret": channel.sign_secret,
"description": channel.description,
"is_enabled": channel.is_enabled,
"created_at": channel.created_at,
"updated_at": channel.updated_at
}
"""通知渠道API路由"""
from typing import Optional, List
from fastapi import APIRouter, Depends, HTTPException, Query
from pydantic import BaseModel
from sqlalchemy.orm import Session
from sqlalchemy import desc
from ..database import get_db
from ..models.notification_channel import TaskNotifyChannel
router = APIRouter(prefix="/api/notification-channels", tags=["notification-channels"])
# ==================== Schemas ====================
class ChannelCreate(BaseModel):
tenant_id: str
channel_name: str
channel_type: str # dingtalk_bot, wecom_bot
webhook_url: str
sign_secret: Optional[str] = None # 钉钉加签密钥
description: Optional[str] = None
class ChannelUpdate(BaseModel):
channel_name: Optional[str] = None
channel_type: Optional[str] = None
webhook_url: Optional[str] = None
sign_secret: Optional[str] = None
description: Optional[str] = None
is_enabled: Optional[bool] = None
# ==================== CRUD ====================
@router.get("")
async def list_channels(
tenant_id: Optional[str] = None,
channel_type: Optional[str] = None,
is_enabled: Optional[bool] = None,
page: int = Query(1, ge=1),
size: int = Query(50, ge=1, le=100),
db: Session = Depends(get_db)
):
"""获取通知渠道列表"""
query = db.query(TaskNotifyChannel)
if tenant_id:
query = query.filter(TaskNotifyChannel.tenant_id == tenant_id)
if channel_type:
query = query.filter(TaskNotifyChannel.channel_type == channel_type)
if is_enabled is not None:
query = query.filter(TaskNotifyChannel.is_enabled == is_enabled)
total = query.count()
items = query.order_by(desc(TaskNotifyChannel.created_at)).offset((page - 1) * size).limit(size).all()
return {
"total": total,
"items": [format_channel(c) for c in items]
}
@router.get("/{channel_id}")
async def get_channel(channel_id: int, db: Session = Depends(get_db)):
"""获取渠道详情"""
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
return format_channel(channel)
@router.post("")
async def create_channel(data: ChannelCreate, db: Session = Depends(get_db)):
"""创建通知渠道"""
channel = TaskNotifyChannel(
tenant_id=data.tenant_id,
channel_name=data.channel_name,
channel_type=data.channel_type,
webhook_url=data.webhook_url,
sign_secret=data.sign_secret,
description=data.description,
is_enabled=True
)
db.add(channel)
db.commit()
db.refresh(channel)
return {"success": True, "id": channel.id}
@router.put("/{channel_id}")
async def update_channel(channel_id: int, data: ChannelUpdate, db: Session = Depends(get_db)):
"""更新通知渠道"""
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
if data.channel_name is not None:
channel.channel_name = data.channel_name
if data.channel_type is not None:
channel.channel_type = data.channel_type
if data.webhook_url is not None:
channel.webhook_url = data.webhook_url
if data.sign_secret is not None:
channel.sign_secret = data.sign_secret
if data.description is not None:
channel.description = data.description
if data.is_enabled is not None:
channel.is_enabled = data.is_enabled
db.commit()
return {"success": True}
@router.delete("/{channel_id}")
async def delete_channel(channel_id: int, db: Session = Depends(get_db)):
"""删除通知渠道"""
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
db.delete(channel)
db.commit()
return {"success": True}
@router.post("/{channel_id}/test")
async def test_channel(channel_id: int, db: Session = Depends(get_db)):
"""测试通知渠道"""
import httpx
import time
import hmac
import hashlib
import base64
import urllib.parse
channel = db.query(TaskNotifyChannel).filter(TaskNotifyChannel.id == channel_id).first()
if not channel:
raise HTTPException(status_code=404, detail="渠道不存在")
test_content = f"**测试消息**\n\n渠道名称: {channel.channel_name}\n发送时间: 测试中..."
try:
url = channel.webhook_url
if channel.channel_type == 'dingtalk_bot':
# 钉钉加签
if channel.sign_secret:
timestamp = str(round(time.time() * 1000))
string_to_sign = f'{timestamp}\n{channel.sign_secret}'
hmac_code = hmac.new(
channel.sign_secret.encode('utf-8'),
string_to_sign.encode('utf-8'),
digestmod=hashlib.sha256
).digest()
sign = urllib.parse.quote_plus(base64.b64encode(hmac_code))
# 拼接签名参数
if '?' in url:
url = f"{url}&timestamp={timestamp}&sign={sign}"
else:
url = f"{url}?timestamp={timestamp}&sign={sign}"
payload = {
"msgtype": "markdown",
"markdown": {
"title": "渠道测试",
"text": test_content
}
}
else: # wecom_bot
payload = {
"msgtype": "markdown",
"markdown": {
"content": test_content
}
}
async with httpx.AsyncClient(timeout=10) as client:
response = await client.post(url, json=payload)
result = response.json()
# 钉钉返回 errcode=0企微返回 errcode=0
if result.get('errcode') == 0:
return {"success": True, "message": "发送成功"}
else:
return {"success": False, "message": f"发送失败: {result}"}
except Exception as e:
return {"success": False, "message": f"发送失败: {str(e)}"}
# ==================== Helpers ====================
def format_channel(channel: TaskNotifyChannel) -> dict:
"""格式化渠道数据"""
return {
"id": channel.id,
"tenant_id": channel.tenant_id,
"channel_name": channel.channel_name,
"channel_type": channel.channel_type,
"webhook_url": channel.webhook_url,
"sign_secret": channel.sign_secret,
"description": channel.description,
"is_enabled": channel.is_enabled,
"created_at": channel.created_at,
"updated_at": channel.updated_at
}

287
backend/app/routers/ruimeiyun.py Normal file
View File

@@ -0,0 +1,287 @@
"""
睿美云代理路由
提供统一的睿美云接口代理能力,支持:
- 多租户配置隔离
- 接口权限控制
- 统一日志记录
- 错误处理
"""
import logging
from typing import Optional, Dict, Any, List
from fastapi import APIRouter, Depends, HTTPException, Query
from pydantic import BaseModel
from sqlalchemy.orm import Session
from ..database import get_db
from ..services.ruimeiyun import RuimeiyunClient, RUIMEIYUN_APIS, get_api_definition
from ..services.ruimeiyun.client import RuimeiyunError
from ..services.ruimeiyun.registry import get_all_modules, get_api_list_by_module, get_api_summary
from .auth import get_current_user
from ..models.user import User
logger = logging.getLogger(__name__)
router = APIRouter(prefix="/ruimeiyun", tags=["睿美云代理"])
# ========================================
# Schemas
# ========================================
class RuimeiyunCallRequest(BaseModel):
"""睿美云接口调用请求"""
params: Optional[Dict[str, Any]] = None # URL 参数
body: Optional[Dict[str, Any]] = None # 请求体
class RuimeiyunRawCallRequest(BaseModel):
"""睿美云原始接口调用请求"""
method: str # HTTP 方法
path: str # API 路径
params: Optional[Dict[str, Any]] = None
body: Optional[Dict[str, Any]] = None
# ========================================
# API Endpoints
# ========================================
@router.post("/call/{api_name}")
async def call_ruimeiyun_api(
api_name: str,
request: RuimeiyunCallRequest,
tenant_id: str = Query(..., description="租户ID"),
user: User = Depends(get_current_user),
db: Session = Depends(get_db)
):
"""
调用睿美云接口(通过接口名称)
Args:
api_name: 接口名称,如 customer.search, order.list
request: 请求参数
tenant_id: 租户ID
Returns:
睿美云接口返回的数据
示例:
POST /api/ruimeiyun/call/customer.search?tenant_id=xxx
Body: {"params": {"keyword": "13800138000", "page": 1, "size": 20}}
"""
try:
client = RuimeiyunClient(tenant_id, db)
result = await client.call(
api_name=api_name,
params=request.params,
body=request.body
)
if result.success:
return {
"success": True,
"data": result.data
}
else:
return {
"success": False,
"error": result.error,
"raw": result.raw_response
}
except RuimeiyunError as e:
logger.error(f"睿美云调用失败: {api_name}, {e}")
raise HTTPException(status_code=e.status_code, detail=str(e))
except Exception as e:
logger.exception(f"睿美云调用异常: {api_name}")
raise HTTPException(status_code=500, detail=f"调用失败: {str(e)}")
@router.post("/call-raw")
async def call_ruimeiyun_raw(
request: RuimeiyunRawCallRequest,
tenant_id: str = Query(..., description="租户ID"),
user: User = Depends(get_current_user),
db: Session = Depends(get_db)
):
"""
直接调用睿美云接口(通过路径)
用于调用未在注册表中定义的接口
Args:
request: 请求参数(包含 method, path, params, body
tenant_id: 租户ID
Returns:
睿美云接口返回的数据
示例:
POST /api/ruimeiyun/call-raw?tenant_id=xxx
Body: {
"method": "GET",
"path": "/api/v1/tpos/customer/customer-search",
"params": {"keyword": "13800138000"}
}
"""
try:
client = RuimeiyunClient(tenant_id, db)
result = await client.call_raw(
method=request.method,
path=request.path,
params=request.params,
body=request.body
)
if result.success:
return {
"success": True,
"data": result.data
}
else:
return {
"success": False,
"error": result.error,
"raw": result.raw_response
}
except RuimeiyunError as e:
logger.error(f"睿美云调用失败: {request.path}, {e}")
raise HTTPException(status_code=e.status_code, detail=str(e))
except Exception as e:
logger.exception(f"睿美云调用异常: {request.path}")
raise HTTPException(status_code=500, detail=f"调用失败: {str(e)}")
# ========================================
# 接口元数据
# ========================================
@router.get("/apis")
async def list_apis(
module: Optional[str] = None,
user: User = Depends(get_current_user)
):
"""
获取可用的接口列表
Args:
module: 模块名称(可选),如 customer, order
Returns:
接口列表
"""
if module:
apis = get_api_list_by_module(module)
return {
"module": module,
"count": len(apis),
"apis": apis
}
else:
return {
"count": len(RUIMEIYUN_APIS),
"summary": get_api_summary(),
"apis": RUIMEIYUN_APIS
}
@router.get("/apis/{api_name}")
async def get_api_info(
api_name: str,
user: User = Depends(get_current_user)
):
"""
获取接口详情
Args:
api_name: 接口名称,如 customer.search
Returns:
接口定义
"""
api_def = get_api_definition(api_name)
if not api_def:
raise HTTPException(status_code=404, detail=f"接口不存在: {api_name}")
return {
"name": api_name,
**api_def
}
@router.get("/modules")
async def list_modules(
user: User = Depends(get_current_user)
):
"""
获取所有模块列表
Returns:
模块名称列表和每个模块的接口数量
"""
modules = get_all_modules()
summary = get_api_summary()
return {
"modules": [
{"name": m, "count": summary.get(m, 0)}
for m in modules
]
}
# ========================================
# 健康检查
# ========================================
@router.get("/health/{tenant_id}")
async def check_ruimeiyun_health(
tenant_id: str,
user: User = Depends(get_current_user),
db: Session = Depends(get_db)
):
"""
检查租户的睿美云连接状态
Args:
tenant_id: 租户ID
Returns:
连接状态信息
"""
try:
client = RuimeiyunClient(tenant_id, db)
# 调用门店列表接口测试连接
result = await client.call("tenant.list")
if result.success:
return {
"status": "connected",
"tenant_id": tenant_id,
"base_url": client.config.base_url,
"account": client.config.account,
"message": "连接正常"
}
else:
return {
"status": "error",
"tenant_id": tenant_id,
"message": result.error
}
except RuimeiyunError as e:
return {
"status": "error",
"tenant_id": tenant_id,
"message": str(e)
}
except Exception as e:
return {
"status": "error",
"tenant_id": tenant_id,
"message": f"检查失败: {str(e)}"
}

1118
backend/app/routers/tasks.py
View File

File diff suppressed because it is too large Load Diff

9
backend/app/routers/tool_configs.py
View File

@@ -354,7 +354,8 @@ async def get_config_types():
{"code": "datasource", "name": "数据源配置", "description": "数据库连接等"},
{"code": "jssdk", "name": "JS-SDK 配置", "description": "企微侧边栏等"},
{"code": "webhook", "name": "Webhook 配置", "description": "n8n 工作流地址等"},
{"code": "params", "name": "工具参数", "description": "各工具的自定义参数"}
{"code": "params", "name": "工具参数", "description": "各工具的自定义参数"},
{"code": "external_api", "name": "外部API配置", "description": "睿美云等外部系统对接"}
]
}
@@ -387,5 +388,11 @@ async def get_config_keys():
{"key": "default_data_tenant_id", "name": "默认数据租户ID", "encrypted": False},
{"key": "enable_deep_thinking", "name": "启用深度思考", "encrypted": False},
{"key": "max_history_rounds", "name": "最大历史轮数", "encrypted": False}
],
"external_api": [
{"key": "ruimeiyun_base_url", "name": "睿美云 API 地址", "encrypted": False},
{"key": "ruimeiyun_account", "name": "睿美云 TPOS 账号", "encrypted": False},
{"key": "ruimeiyun_private_key", "name": "睿美云 RSA 私钥", "encrypted": True},
{"key": "ruimeiyun_allowed_apis", "name": "允许的接口列表(JSON)", "encrypted": False}
]
}

10
backend/app/services/ruimeiyun/__init__.py Normal file
View File

@@ -0,0 +1,10 @@
"""
睿美云对接服务
提供睿美云开放接口的代理调用能力,支持多租户配置。
"""
from .client import RuimeiyunClient
from .registry import RUIMEIYUN_APIS, get_api_definition
__all__ = ["RuimeiyunClient", "RUIMEIYUN_APIS", "get_api_definition"]

124
backend/app/services/ruimeiyun/auth.py Normal file
View File

@@ -0,0 +1,124 @@
"""
睿美云 TPOS 鉴权
实现睿美云开放接口的身份验证机制:
- tpos-timestamp: 请求时间戳(秒级)
- tpos-account: 账号
- tpos-nonce-str: 随机字符串
- tpos-sign: SHA256WithRSA 签名
签名算法:
1. 组合待签名字符串: {timestamp}&{nonce_str}
2. 使用私钥进行 SHA256WithRSA 签名
3. Base64 编码签名结果
"""
import time
import uuid
import base64
import logging
from typing import Dict
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import padding
from cryptography.hazmat.backends import default_backend
logger = logging.getLogger(__name__)
class TposAuthError(Exception):
"""TPOS 鉴权错误"""
pass
def build_tpos_headers(account: str, private_key_pem: str) -> Dict[str, str]:
"""
构建 TPOS 鉴权请求头
Args:
account: TPOS 账号(由睿美云提供)
private_key_pem: RSA 私钥PEM 格式)
Returns:
包含鉴权信息的请求头字典
Raises:
TposAuthError: 签名失败时抛出
"""
try:
# 1. 生成时间戳和随机字符串
timestamp = str(int(time.time()))
nonce_str = uuid.uuid4().hex
# 2. 组合待签名字符串
sign_content = f"{timestamp}&{nonce_str}"
# 3. 加载私钥
private_key = serialization.load_pem_private_key(
private_key_pem.encode('utf-8'),
password=None,
backend=default_backend()
)
# 4. SHA256WithRSA 签名
signature = private_key.sign(
sign_content.encode('utf-8'),
padding.PKCS1v15(),
hashes.SHA256()
)
# 5. Base64 编码
sign_base64 = base64.b64encode(signature).decode('utf-8')
return {
"tpos-timestamp": timestamp,
"tpos-account": account,
"tpos-nonce-str": nonce_str,
"tpos-sign": sign_base64
}
except Exception as e:
logger.error(f"TPOS 签名失败: {e}")
raise TposAuthError(f"签名失败: {str(e)}")
def validate_private_key(private_key_pem: str) -> bool:
"""
验证私钥格式是否正确
Args:
private_key_pem: RSA 私钥PEM 格式)
Returns:
True 如果私钥有效,否则 False
"""
try:
serialization.load_pem_private_key(
private_key_pem.encode('utf-8'),
password=None,
backend=default_backend()
)
return True
except Exception as e:
logger.warning(f"私钥验证失败: {e}")
return False
def mask_private_key(private_key_pem: str, show_chars: int = 50) -> str:
"""
对私钥进行脱敏处理,用于日志显示
Args:
private_key_pem: RSA 私钥PEM 格式)
show_chars: 显示的字符数
Returns:
脱敏后的字符串
"""
if not private_key_pem:
return ""
if len(private_key_pem) <= show_chars * 2:
return "****"
return f"{private_key_pem[:show_chars]}...****...{private_key_pem[-show_chars:]}"

325
backend/app/services/ruimeiyun/client.py Normal file
View File

@@ -0,0 +1,325 @@
"""
睿美云 API 客户端
提供统一的睿美云接口调用能力:
- 自动加载租户配置
- 自动构建 TPOS 鉴权头
- 统一错误处理
- 请求日志记录
"""
import json
import logging
from typing import Dict, Any, Optional, List
from dataclasses import dataclass
import httpx
from sqlalchemy.orm import Session
from .auth import build_tpos_headers, TposAuthError
from .registry import get_api_definition, RUIMEIYUN_APIS
from ..crypto import decrypt_value
logger = logging.getLogger(__name__)
# 请求超时设置
DEFAULT_TIMEOUT = 30.0 # 秒
LONG_TIMEOUT = 60.0 # 长时间操作
@dataclass
class RuimeiyunConfig:
"""睿美云配置"""
base_url: str
account: str
private_key: str
allowed_apis: Optional[List[str]] = None
@dataclass
class RuimeiyunResponse:
"""睿美云响应"""
success: bool
data: Optional[Any] = None
error: Optional[str] = None
status_code: int = 200
raw_response: Optional[Dict] = None
class RuimeiyunError(Exception):
"""睿美云调用错误"""
def __init__(self, message: str, status_code: int = 500, response: Any = None):
super().__init__(message)
self.status_code = status_code
self.response = response
class RuimeiyunClient:
"""
睿美云 API 客户端
使用方式:
client = RuimeiyunClient(tenant_id, db)
result = await client.call("customer.search", params={"keyword": "13800138000"})
"""
def __init__(self, tenant_id: str, db: Session):
"""
初始化客户端
Args:
tenant_id: 租户ID
db: 数据库会话
"""
self.tenant_id = tenant_id
self.db = db
self.config = self._load_config()
def _load_config(self) -> RuimeiyunConfig:
"""从数据库加载租户的睿美云配置"""
from ...models.tool_config import ToolConfig
# 查询租户的睿美云配置
configs = self.db.query(ToolConfig).filter(
ToolConfig.tenant_id == self.tenant_id,
ToolConfig.tool_code == "ruimeiyun",
ToolConfig.config_type == "external_api",
ToolConfig.status == 1
).all()
if not configs:
raise RuimeiyunError(
f"租户 {self.tenant_id} 未配置睿美云连接信息",
status_code=400
)
# 转换为字典
config_dict = {}
for c in configs:
value = c.config_value
# 解密加密字段
if c.is_encrypted and value:
try:
value = decrypt_value(value)
except Exception as e:
logger.error(f"解密配置失败: {c.config_key}, {e}")
raise RuimeiyunError(f"配置解密失败: {c.config_key}")
config_dict[c.config_key] = value
# 验证必填配置
required = ["ruimeiyun_base_url", "ruimeiyun_account", "ruimeiyun_private_key"]
for key in required:
if not config_dict.get(key):
raise RuimeiyunError(f"缺少必填配置: {key}", status_code=400)
# 解析允许的接口列表
allowed_apis = None
if config_dict.get("ruimeiyun_allowed_apis"):
try:
allowed_apis = json.loads(config_dict["ruimeiyun_allowed_apis"])
except json.JSONDecodeError:
logger.warning(f"解析 allowed_apis 失败: {config_dict.get('ruimeiyun_allowed_apis')}")
return RuimeiyunConfig(
base_url=config_dict["ruimeiyun_base_url"].rstrip("/"),
account=config_dict["ruimeiyun_account"],
private_key=config_dict["ruimeiyun_private_key"],
allowed_apis=allowed_apis
)
def _check_permission(self, api_name: str):
"""检查是否有权限调用该接口"""
if self.config.allowed_apis is not None:
if api_name not in self.config.allowed_apis:
raise RuimeiyunError(
f"租户无权调用接口: {api_name}",
status_code=403
)
async def call(
self,
api_name: str,
params: Optional[Dict[str, Any]] = None,
body: Optional[Dict[str, Any]] = None,
timeout: float = DEFAULT_TIMEOUT
) -> RuimeiyunResponse:
"""
调用睿美云接口
Args:
api_name: 接口名称,如 customer.search
params: URL 查询参数
body: 请求体POST 请求)
timeout: 超时时间(秒)
Returns:
RuimeiyunResponse 对象
Raises:
RuimeiyunError: 调用失败时抛出
"""
# 1. 获取接口定义
api_def = get_api_definition(api_name)
if not api_def:
raise RuimeiyunError(f"未知接口: {api_name}", status_code=400)
# 2. 检查权限
self._check_permission(api_name)
# 3. 构建请求
method = api_def["method"]
url = f"{self.config.base_url}{api_def['path']}"
# 4. 构建鉴权头
try:
auth_headers = build_tpos_headers(
self.config.account,
self.config.private_key
)
except TposAuthError as e:
raise RuimeiyunError(str(e), status_code=500)
headers = {
**auth_headers,
"Content-Type": "application/json"
}
# 5. 发送请求
logger.info(f"调用睿美云接口: {api_name} ({method} {api_def['path']})")
try:
async with httpx.AsyncClient(timeout=timeout) as client:
if method == "GET":
response = await client.get(url, params=params, headers=headers)
else:
response = await client.post(url, params=params, json=body, headers=headers)
# 6. 处理响应
status_code = response.status_code
try:
response_data = response.json()
except Exception:
response_data = {"raw": response.text}
# 睿美云响应格式通常为: {"code": 0, "data": ..., "msg": "success"}
if status_code == 200:
# 检查业务状态码
code = response_data.get("code")
if code == 0 or code == "0" or code is None:
return RuimeiyunResponse(
success=True,
data=response_data.get("data", response_data),
status_code=status_code,
raw_response=response_data
)
else:
return RuimeiyunResponse(
success=False,
error=response_data.get("msg", response_data.get("message", "未知错误")),
status_code=status_code,
raw_response=response_data
)
else:
return RuimeiyunResponse(
success=False,
error=f"HTTP {status_code}: {response_data}",
status_code=status_code,
raw_response=response_data
)
except httpx.TimeoutException:
logger.error(f"睿美云接口超时: {api_name}")
raise RuimeiyunError(f"接口超时: {api_name}", status_code=504)
except httpx.RequestError as e:
logger.error(f"睿美云接口请求错误: {api_name}, {e}")
raise RuimeiyunError(f"请求错误: {str(e)}", status_code=502)
async def call_raw(
self,
method: str,
path: str,
params: Optional[Dict[str, Any]] = None,
body: Optional[Dict[str, Any]] = None,
timeout: float = DEFAULT_TIMEOUT
) -> RuimeiyunResponse:
"""
直接调用睿美云接口(不经过注册表)
用于调用未在注册表中定义的接口
Args:
method: HTTP 方法
path: API 路径
params: URL 查询参数
body: 请求体
timeout: 超时时间
Returns:
RuimeiyunResponse 对象
"""
url = f"{self.config.base_url}{path}"
try:
auth_headers = build_tpos_headers(
self.config.account,
self.config.private_key
)
except TposAuthError as e:
raise RuimeiyunError(str(e), status_code=500)
headers = {
**auth_headers,
"Content-Type": "application/json"
}
logger.info(f"调用睿美云接口(raw): {method} {path}")
try:
async with httpx.AsyncClient(timeout=timeout) as client:
response = await client.request(
method=method,
url=url,
params=params,
json=body if method != "GET" else None,
headers=headers
)
try:
response_data = response.json()
except Exception:
response_data = {"raw": response.text}
if response.status_code == 200:
code = response_data.get("code")
if code == 0 or code == "0" or code is None:
return RuimeiyunResponse(
success=True,
data=response_data.get("data", response_data),
status_code=response.status_code,
raw_response=response_data
)
else:
return RuimeiyunResponse(
success=False,
error=response_data.get("msg", "未知错误"),
status_code=response.status_code,
raw_response=response_data
)
else:
return RuimeiyunResponse(
success=False,
error=f"HTTP {response.status_code}",
status_code=response.status_code,
raw_response=response_data
)
except httpx.TimeoutException:
raise RuimeiyunError("接口超时", status_code=504)
except httpx.RequestError as e:
raise RuimeiyunError(f"请求错误: {str(e)}", status_code=502)
@staticmethod
def get_available_apis() -> Dict[str, Any]:
"""获取所有可用的接口列表"""
return RUIMEIYUN_APIS

885
backend/app/services/ruimeiyun/registry.py Normal file
View File

@@ -0,0 +1,885 @@
"""
睿美云接口注册表
定义所有可用的睿美云开放接口,包括:
- 接口路径
- 请求方法
- 参数说明
- 接口分组
接口命名规则: {模块}.{操作}
例如: customer.search, order.list, treat.page
"""
from typing import Dict, Any, Optional, List
from dataclasses import dataclass
@dataclass
class ApiDefinition:
"""接口定义"""
method: str # GET / POST
path: str # API 路径
description: str # 接口描述
module: str # 所属模块
params: Optional[List[str]] = None # URL 参数列表
body_required: bool = False # 是否需要请求体
# 睿美云开放接口注册表
RUIMEIYUN_APIS: Dict[str, Dict[str, Any]] = {
# ========================================
# 客户模块 (customer)
# ========================================
"customer.sync": {
"method": "POST",
"path": "/api/v1/tpos/customer/info-sync",
"description": "客户档案新增/编辑",
"module": "customer",
"body_required": True
},
"customer.search": {
"method": "GET",
"path": "/api/v1/tpos/customer/customer-search",
"description": "获取客户信息列表(支持姓名、电话、档案号模糊查询)",
"module": "customer",
"params": ["keyword", "createDateStart", "createDateEnd", "tenantId", "page", "size", "lastCustomerId"]
},
"customer.detail": {
"method": "GET",
"path": "/api/v1/tpos/customer/customer-by-id",
"description": "根据客户ID获取详细信息",
"module": "customer",
"params": ["customerId"]
},
"customer.rebate_list": {
"method": "POST",
"path": "/api/v1/tpos/customer/my-rebate-list",
"description": "获取客户返利列表",
"module": "customer",
"body_required": True
},
"customer.rebate_detail": {
"method": "GET",
"path": "/api/v1/tpos/customer/my-rebate-detail",
"description": "获取返利详情",
"module": "customer",
"params": ["rebateId"]
},
"customer.clue_list": {
"method": "POST",
"path": "/api/v1/tpos/customer/customer-clue-list",
"description": "获取客户线索列表",
"module": "customer",
"body_required": True
},
"customer.label_list": {
"method": "GET",
"path": "/api/v1/tpos/customer/customer-label-list",
"description": "获取客户标签列表",
"module": "customer",
"params": ["tenantId"]
},
"customer.gold_list": {
"method": "POST",
"path": "/api/v1/tpos/customer/customer-gold-list",
"description": "获取金卡客户列表",
"module": "customer",
"body_required": True
},
"customer.plan_list": {
"method": "GET",
"path": "/api/v1/tpos/customer/get-all-plan",
"description": "获取所有客户计划",
"module": "customer",
"params": ["tenantId"]
},
"customer.transfer_pool": {
"method": "POST",
"path": "/api/v1/tpos/customer/transfer-pool",
"description": "客户池转移",
"module": "customer",
"body_required": True
},
"customer.pool_info": {
"method": "GET",
"path": "/api/v1/tpos/customer/get-pool-info",
"description": "获取客户池信息",
"module": "customer",
"params": ["customerId"]
},
"customer.qw_info": {
"method": "GET",
"path": "/api/v1/tpos/customer/customer-qw-info",
"description": "获取客户企微信息",
"module": "customer",
"params": ["customerId"]
},
"customer.sign_search": {
"method": "POST",
"path": "/api/v1/tpos/customer/customer-sign-search",
"description": "客户签到搜索",
"module": "customer",
"body_required": True
},
# ========================================
# 门店模块 (tenant)
# ========================================
"tenant.list": {
"method": "GET",
"path": "/api/v1/tpos/common/tenantList",
"description": "获取门店信息列表",
"module": "tenant",
"params": []
},
# ========================================
# 回访模块 (visit)
# ========================================
"visit.type_list": {
"method": "GET",
"path": "/api/v1/tpos/visit/get-visit-type",
"description": "获取回访类型列表",
"module": "visit",
"params": ["tenantId"]
},
"visit.way_type_list": {
"method": "GET",
"path": "/api/v1/tpos/visit/get-visit-way-type",
"description": "获取回访方式类型列表",
"module": "visit",
"params": ["tenantId"]
},
"visit.page": {
"method": "POST",
"path": "/api/v1/tpos/visit/get-visit-page",
"description": "分页获取回访记录",
"module": "visit",
"body_required": True
},
"visit.create": {
"method": "POST",
"path": "/api/v1/tpos/visit/create-visit",
"description": "新增回访记录",
"module": "visit",
"body_required": True
},
"visit.template_type": {
"method": "GET",
"path": "/api/v1/tpos/visit/visit-template-type",
"description": "获取回访模板类型",
"module": "visit",
"params": ["tenantId"]
},
# ========================================
# 报备模块 (preparation)
# ========================================
"preparation.add": {
"method": "POST",
"path": "/api/v1/tpos/preparation/add",
"description": "新增报备",
"module": "preparation",
"body_required": True
},
"preparation.query": {
"method": "POST",
"path": "/api/v1/tpos/preparation/get-preparation",
"description": "查询报备",
"module": "preparation",
"body_required": True
},
# ========================================
# 员工模块 (user)
# ========================================
"user.page": {
"method": "GET",
"path": "/api/v1/tpos/user/get-page",
"description": "分页获取员工列表",
"module": "user",
"params": ["page", "size", "tenantId", "keyword"]
},
"user.dept_tree": {
"method": "GET",
"path": "/api/v1/tpos/basic/dept-tree",
"description": "获取部门树结构",
"module": "user",
"params": ["tenantId"]
},
"user.role_list": {
"method": "GET",
"path": "/api/v1/tpos/role/getRoleList",
"description": "获取角色列表",
"module": "user",
"params": ["tenantId"]
},
# ========================================
# 卡券模块 (coupon)
# ========================================
"coupon.customer_page": {
"method": "GET",
"path": "/api/v1/tpos/coupon/customer-coupon-page",
"description": "分页获取客户卡券",
"module": "coupon",
"params": ["customerId", "page", "size"]
},
"coupon.customer_list": {
"method": "GET",
"path": "/api/v1/tpos/coupon/customer-coupon-list",
"description": "获取客户卡券列表",
"module": "coupon",
"params": ["customerId"]
},
"coupon.use": {
"method": "POST",
"path": "/api/v1/tpos/coupon/use-coupon",
"description": "使用卡券",
"module": "coupon",
"body_required": True
},
"coupon.page": {
"method": "GET",
"path": "/api/v1/tpos/coupon/coupon-page",
"description": "分页获取卡券信息",
"module": "coupon",
"params": ["page", "size", "tenantId"]
},
"coupon.send": {
"method": "POST",
"path": "/api/v1/tpos/coupon/send-coupon",
"description": "发送卡券",
"module": "coupon",
"body_required": True
},
"coupon.gift": {
"method": "POST",
"path": "/api/v1/tpos/coupon/gift-coupon",
"description": "卡券赠送(小程序分享)",
"module": "coupon",
"body_required": True
},
"coupon.receive": {
"method": "POST",
"path": "/api/v1/tpos/coupon/receive-coupon",
"description": "领取卡券(小程序分享)",
"module": "coupon",
"body_required": True
},
# ========================================
# 营销模块 (marketing)
# ========================================
"marketing.appoint_card_page": {
"method": "GET",
"path": "/api/v1/tpos/marketing/appoint-card-page",
"description": "线上预约-名片管理",
"module": "marketing",
"params": ["page", "size", "tenantId"]
},
"marketing.graphic_message_list": {
"method": "GET",
"path": "/api/v1/tpos/marketing/graphic-message-list",
"description": "内容管理-图文消息",
"module": "marketing",
"params": ["tenantId"]
},
# ========================================
# 积分模块 (integral)
# ========================================
"integral.customer": {
"method": "GET",
"path": "/api/v1/tpos/integral/getCusIntegral",
"description": "获取客户积分",
"module": "integral",
"params": ["customerId"]
},
"integral.score_record_page": {
"method": "GET",
"path": "/api/v1/tpos/integral/score-record-page",
"description": "获取客户积分/成长值分页信息",
"module": "integral",
"params": ["customerId", "page", "size"]
},
"integral.growth_upgrade": {
"method": "POST",
"path": "/api/v1/tpos/integral/query-customer-growth-upgrade",
"description": "查询客户成长升级信息",
"module": "integral",
"body_required": True
},
# ========================================
# 订单模块 (order)
# ========================================
"order.billing_page": {
"method": "GET",
"path": "/api/v1/tpos/order/billing-page",
"description": "获取订单信息列表",
"module": "order",
"params": ["customerId", "page", "size", "startDate", "endDate"]
},
"order.payment_detail": {
"method": "GET",
"path": "/api/v1/tpos/order/payment-detail",
"description": "获取费用单详细信息",
"module": "order",
"params": ["billingId"]
},
"order.add_billing": {
"method": "POST",
"path": "/api/v1/tpos/order/add-billing",
"description": "开单",
"module": "order",
"body_required": True
},
"order.add_billing_review": {
"method": "POST",
"path": "/api/v1/tpos/order/add-billing-review",
"description": "开单审核",
"module": "order",
"body_required": True
},
"order.enable_billing": {
"method": "GET",
"path": "/api/v1/tpos/order/enable-billing",
"description": "可操作的订单项",
"module": "order",
"params": ["billingId"]
},
"order.refund": {
"method": "POST",
"path": "/api/v1/tpos/order/refund",
"description": "订单退款",
"module": "order",
"body_required": True
},
"order.gift_project": {
"method": "POST",
"path": "/api/v1/tpos/order/gift-project",
"description": "项目转赠(小程序分享)",
"module": "order",
"body_required": True
},
"order.receive_project": {
"method": "POST",
"path": "/api/v1/tpos/order/receive-project",
"description": "领取赠送项目(小程序分享)",
"module": "order",
"body_required": True
},
"order.equity_card_page": {
"method": "GET",
"path": "/api/v1/tpos/order/billing-equity-card-page",
"description": "获取客户权益卡列表",
"module": "order",
"params": ["customerId", "page", "size"]
},
"order.balance_recharge_page": {
"method": "GET",
"path": "/api/v1/tpos/order/balance-recharge-page",
"description": "储值充值记录",
"module": "order",
"params": ["customerId", "page", "size"]
},
"order.balance_deduction_page": {
"method": "GET",
"path": "/api/v1/tpos/order/balance-deduction-page",
"description": "储值抵扣记录",
"module": "order",
"params": ["customerId", "page", "size"]
},
"order.balance_refund_page": {
"method": "GET",
"path": "/api/v1/tpos/order/balance-refund-page",
"description": "储值退款记录",
"module": "order",
"params": ["customerId", "page", "size"]
},
"order.balance_transfer_page": {
"method": "GET",
"path": "/api/v1/tpos/order/balance-transfer-page",
"description": "储值转赠记录",
"module": "order",
"params": ["customerId", "page", "size"]
},
"order.integral_mall_page": {
"method": "GET",
"path": "/api/v1/tpos/order/integral-mall-exchange-page",
"description": "获取积分兑换订单信息列表",
"module": "order",
"params": ["customerId", "page", "size"]
},
"order.add_external": {
"method": "POST",
"path": "/api/v1/tpos/order/add-order-external",
"description": "外部订单创建",
"module": "order",
"body_required": True
},
"order.refund_external": {
"method": "POST",
"path": "/api/v1/tpos/order/refund-order-external",
"description": "外部订单退款",
"module": "order",
"body_required": True
},
"order.customer_billing_list": {
"method": "POST",
"path": "/api/v1/tpos/order/get-customer-billing-list",
"description": "获取客户订单列表",
"module": "order",
"body_required": True
},
"order.cashier_record_list": {
"method": "POST",
"path": "/api/v1/tpos/order/get-cashierRecord-list",
"description": "获取收银记录列表",
"module": "order",
"body_required": True
},
# ========================================
# 治疗模块 (treat)
# ========================================
"treat.untreated_page": {
"method": "GET",
"path": "/api/v1/tpos/treat/untreated-page",
"description": "查询客户未治疗记录",
"module": "treat",
"params": ["customerId", "page", "size"]
},
"treat.already_treated_page": {
"method": "GET",
"path": "/api/v1/tpos/treat/already-treated-page",
"description": "查询客户已治疗记录",
"module": "treat",
"params": ["customerId", "page", "size"]
},
"treat.page_review": {
"method": "GET",
"path": "/api/v1/tpos/treat/treated-page-review",
"description": "分页获取治疗数据",
"module": "treat",
"params": ["page", "size", "tenantId"]
},
"treat.operating_room_list": {
"method": "GET",
"path": "/api/v1/tpos/treat/get-operating-room-list",
"description": "获取治疗时查询的手术间信息",
"module": "treat",
"params": ["tenantId"]
},
"treat.begin_info": {
"method": "GET",
"path": "/api/v1/tpos/treat/get-begin-treat-info",
"description": "获取治疗中和已治疗的数据",
"module": "treat",
"params": ["treatId"]
},
"treat.deduct_verify": {
"method": "POST",
"path": "/api/v1/tpos/treat/treat-deduct-verify",
"description": "进行核销和划扣",
"module": "treat",
"body_required": True
},
"treat.cancel_deduct": {
"method": "POST",
"path": "/api/v1/tpos/treat/cancel-deduct",
"description": "取消划扣",
"module": "treat",
"body_required": True
},
"treat.cancel_verify": {
"method": "POST",
"path": "/api/v1/tpos/treat/cancel-verify",
"description": "取消核销",
"module": "treat",
"body_required": True
},
"treat.deduct_verify_detail": {
"method": "GET",
"path": "/api/v1/tpos/treat/get-treated-deduct-and-verify-detail",
"description": "已治疗的核销和划扣详情信息",
"module": "treat",
"params": ["treatId"]
},
"treat.roles": {
"method": "GET",
"path": "/api/v1/tpos/treat/get-treatment-roles",
"description": "获取所有的治疗岗位列表",
"module": "treat",
"params": ["tenantId"]
},
"treat.scrm_list": {
"method": "POST",
"path": "/api/v1/tpos/treat/scrmTreatList",
"description": "小程序-我的治疗(新版)",
"module": "treat",
"body_required": True
},
# ========================================
# 照片模块 (photo)
# ========================================
"photo.add": {
"method": "POST",
"path": "/api/v1/tpos/common/addPhoto",
"description": "外部七牛照片转存至睿美云",
"module": "photo",
"body_required": True
},
"photo.add_open": {
"method": "POST",
"path": "/api/v1/tpos/common/addPhotoOpen",
"description": "外部照片路径转存至睿美云",
"module": "photo",
"body_required": True
},
"photo.upload": {
"method": "POST",
"path": "/api/v1/tpos/common/upload_customer_photo",
"description": "上传照片到睿美云",
"module": "photo",
"body_required": True
},
"photo.page": {
"method": "GET",
"path": "/api/v1/tpos/common/photoPage",
"description": "通过客户id分页查询照片信息",
"module": "photo",
"params": ["customerId", "page", "size"]
},
"photo.skin_update": {
"method": "POST",
"path": "/api/v1/tpos/skin_image/update_skin_file",
"description": "皮肤检测类图片上传",
"module": "photo",
"body_required": True
},
# ========================================
# 基础数据模块 (basic)
# ========================================
"basic.project_page": {
"method": "GET",
"path": "/api/v1/tpos/basic/project-page",
"description": "分页获取项目列表",
"module": "basic",
"params": ["page", "size", "tenantId", "keyword"]
},
"basic.project_type_tree": {
"method": "GET",
"path": "/api/v1/tpos/basic/project-type-tree",
"description": "获取项目分类树",
"module": "basic",
"params": ["tenantId"]
},
"basic.project_detail": {
"method": "GET",
"path": "/api/v1/tpos/basic/project-detail",
"description": "获取项目详情",
"module": "basic",
"params": ["projectId"]
},
"basic.package_page": {
"method": "GET",
"path": "/api/v1/tpos/basic/package-page",
"description": "分页获取套餐列表",
"module": "basic",
"params": ["page", "size", "tenantId"]
},
"basic.package_type_tree": {
"method": "GET",
"path": "/api/v1/tpos/basic/package-type-tree",
"description": "获取套餐分类树",
"module": "basic",
"params": ["tenantId"]
},
"basic.package_detail": {
"method": "GET",
"path": "/api/v1/tpos/basic/package-detail",
"description": "获取套餐详情",
"module": "basic",
"params": ["packageId"]
},
"basic.annual_card_page": {
"method": "GET",
"path": "/api/v1/tpos/basic/annual-card-page",
"description": "分页获取年卡列表",
"module": "basic",
"params": ["page", "size", "tenantId"]
},
"basic.annual_card_type_tree": {
"method": "GET",
"path": "/api/v1/tpos/basic/annual-card-type-tree",
"description": "获取年卡分类树",
"module": "basic",
"params": ["tenantId"]
},
"basic.annual_card_detail": {
"method": "GET",
"path": "/api/v1/tpos/basic/annual-card-detail",
"description": "获取年卡详情",
"module": "basic",
"params": ["cardId"]
},
"basic.time_card_page": {
"method": "GET",
"path": "/api/v1/tpos/basic/time-card-page",
"description": "分页获取次卡列表",
"module": "basic",
"params": ["page", "size", "tenantId"]
},
"basic.time_card_type_tree": {
"method": "GET",
"path": "/api/v1/tpos/basic/time-card-type-tree",
"description": "获取次卡分类树",
"module": "basic",
"params": ["tenantId"]
},
"basic.time_card_detail": {
"method": "GET",
"path": "/api/v1/tpos/basic/time-card-detail",
"description": "获取次卡详情",
"module": "basic",
"params": ["cardId"]
},
# ========================================
# 预约模块 (cusbespeak)
# ========================================
"appointment.add": {
"method": "POST",
"path": "/api/v1/tpos/cusbespeak/add",
"description": "新增预约",
"module": "appointment",
"body_required": True
},
"appointment.update": {
"method": "POST",
"path": "/api/v1/tpos/cusbespeak/update",
"description": "修改预约",
"module": "appointment",
"body_required": True
},
"appointment.confirm": {
"method": "POST",
"path": "/api/v1/tpos/cusbespeak/confirm",
"description": "确认预约",
"module": "appointment",
"body_required": True
},
"appointment.cancel": {
"method": "POST",
"path": "/api/v1/tpos/cusbespeak/cancel",
"description": "取消预约",
"module": "appointment",
"body_required": True
},
"appointment.page": {
"method": "POST",
"path": "/api/v1/tpos/cusbespeak/page",
"description": "预约分页查询",
"module": "appointment",
"body_required": True
},
"appointment.doctor_list": {
"method": "GET",
"path": "/api/v1/tpos/cusbespeak/doctor-list",
"description": "获取可选择的预约医生",
"module": "appointment",
"params": ["tenantId"]
},
"appointment.schedule": {
"method": "GET",
"path": "/api/v1/tpos/cusbespeak/schedule",
"description": "查询预约专家排班",
"module": "appointment",
"params": ["doctorId", "date"]
},
# ========================================
# 渠道模块 (channel)
# ========================================
"channel.type_select": {
"method": "GET",
"path": "/api/v1/tpos/channel/type-select",
"description": "整合渠道类型选择(建档,报备)",
"module": "channel",
"params": ["tenantId"]
},
"channel.list_by_type": {
"method": "GET",
"path": "/api/v1/tpos/channel/list-by-type",
"description": "通过渠道类型获取渠道列表",
"module": "channel",
"params": ["typeId", "tenantId"]
},
"channel.info": {
"method": "GET",
"path": "/api/v1/tpos/channel/info",
"description": "查询渠道信息",
"module": "channel",
"params": ["channelId"]
},
"channel.media_info": {
"method": "GET",
"path": "/api/v1/tpos/channel/media-info",
"description": "查询运营媒体信息",
"module": "channel",
"params": ["mediaId"]
},
# ========================================
# 接待模块 (reception)
# ========================================
"reception.triage_list": {
"method": "GET",
"path": "/api/v1/tpos/reception/triage-list",
"description": "可用的接待分诊人列表",
"module": "reception",
"params": ["tenantId"]
},
"reception.add": {
"method": "POST",
"path": "/api/v1/tpos/reception/add",
"description": "新增接待",
"module": "reception",
"body_required": True
},
"reception.query": {
"method": "GET",
"path": "/api/v1/tpos/reception/query",
"description": "查询客户接待信息",
"module": "reception",
"params": ["customerId"]
},
"reception.sign_init": {
"method": "GET",
"path": "/api/v1/tpos/reception/sign-init",
"description": "客户扫码签到初始化数据(小程序)",
"module": "reception",
"params": ["tenantId"]
},
"reception.sign": {
"method": "POST",
"path": "/api/v1/tpos/reception/sign",
"description": "客户扫码签到(小程序)",
"module": "reception",
"body_required": True
},
# ========================================
# 咨询模块 (consult)
# ========================================
"consult.add": {
"method": "POST",
"path": "/api/v1/tpos/consult/add",
"description": "新增咨询",
"module": "consult",
"body_required": True
},
"consult.update": {
"method": "POST",
"path": "/api/v1/tpos/consult/update",
"description": "修改咨询",
"module": "consult",
"body_required": True
},
# ========================================
# 病历模块 (medical_record)
# ========================================
"medical_record.add": {
"method": "POST",
"path": "/api/v1/tpos/medical-record/add",
"description": "新增病历",
"module": "medical_record",
"body_required": True
},
"medical_record.update": {
"method": "POST",
"path": "/api/v1/tpos/medical-record/update",
"description": "修改病历",
"module": "medical_record",
"body_required": True
},
"medical_record.delete": {
"method": "POST",
"path": "/api/v1/tpos/medical-record/delete",
"description": "删除病历",
"module": "medical_record",
"body_required": True
},
}
def get_api_definition(api_name: str) -> Optional[Dict[str, Any]]:
"""
获取接口定义
Args:
api_name: 接口名称,如 customer.search
Returns:
接口定义字典,不存在则返回 None
"""
return RUIMEIYUN_APIS.get(api_name)
def get_api_list_by_module(module: str) -> List[Dict[str, Any]]:
"""
按模块获取接口列表
Args:
module: 模块名称,如 customer, order
Returns:
该模块下的接口列表
"""
result = []
for name, definition in RUIMEIYUN_APIS.items():
if definition.get("module") == module:
result.append({"name": name, **definition})
return result
def get_all_modules() -> List[str]:
"""获取所有模块名称"""
modules = set()
for definition in RUIMEIYUN_APIS.values():
if "module" in definition:
modules.add(definition["module"])
return sorted(list(modules))
def get_api_summary() -> Dict[str, int]:
"""获取接口统计"""
summary = {}
for definition in RUIMEIYUN_APIS.values():
module = definition.get("module", "unknown")
summary[module] = summary.get(module, 0) + 1
return summary

1218
backend/app/services/scheduler.py
View File

File diff suppressed because it is too large Load Diff

570
backend/app/services/script_executor.py
View File

@@ -1,285 +1,285 @@
"""脚本执行器 - 安全执行Python脚本"""
import sys
import traceback
from io import StringIO
from typing import Any, Dict, Optional, Tuple
from datetime import datetime
from sqlalchemy.orm import Session
from .script_sdk import ScriptSDK
# 禁止导入的模块
FORBIDDEN_MODULES = {
'os', 'subprocess', 'shutil', 'pathlib',
'socket', 'ftplib', 'telnetlib', 'smtplib',
'pickle', 'shelve', 'marshal',
'ctypes', 'multiprocessing',
'__builtins__', 'builtins',
'importlib', 'imp',
'code', 'codeop', 'compile',
}
# 允许的内置函数
ALLOWED_BUILTINS = {
'abs', 'all', 'any', 'ascii', 'bin', 'bool', 'bytearray', 'bytes',
'callable', 'chr', 'complex', 'dict', 'dir', 'divmod', 'enumerate',
'filter', 'float', 'format', 'frozenset', 'getattr', 'hasattr', 'hash',
'hex', 'id', 'int', 'isinstance', 'issubclass', 'iter', 'len', 'list',
'map', 'max', 'min', 'next', 'object', 'oct', 'ord', 'pow', 'print',
'range', 'repr', 'reversed', 'round', 'set', 'setattr', 'slice',
'sorted', 'str', 'sum', 'tuple', 'type', 'vars', 'zip',
'True', 'False', 'None',
'Exception', 'BaseException', 'ValueError', 'TypeError', 'KeyError',
'IndexError', 'AttributeError', 'RuntimeError', 'StopIteration',
}
class ScriptExecutor:
"""脚本执行器"""
def __init__(self, db: Session):
self.db = db
def execute(
self,
script_content: str,
task_id: int,
tenant_id: Optional[str] = None,
trace_id: Optional[str] = None,
params: Optional[Dict[str, Any]] = None,
timeout: int = 300
) -> Tuple[bool, str, str, Optional[Dict]]:
"""执行脚本
Args:
script_content: Python脚本内容
task_id: 任务ID
tenant_id: 租户ID
trace_id: 追踪ID
params: 输入参数
timeout: 超时秒数
Returns:
(success, output, error, result)
result: 脚本返回值 {'content': '...', 'title': '...'}
"""
# 创建SDK实例
sdk = ScriptSDK(
db=self.db,
task_id=task_id,
tenant_id=tenant_id,
trace_id=trace_id,
params=params or {}
)
# 检查脚本安全性
check_result = self._check_script_safety(script_content)
if check_result:
return False, '', f"脚本安全检查失败: {check_result}", None
# 准备执行环境
safe_globals = self._create_safe_globals(sdk)
# 捕获输出
old_stdout = sys.stdout
old_stderr = sys.stderr
stdout_capture = StringIO()
stderr_capture = StringIO()
try:
sys.stdout = stdout_capture
sys.stderr = stderr_capture
# 编译并执行脚本
compiled = compile(script_content, '<script>', 'exec')
exec(compiled, safe_globals)
# 获取输出
stdout_output = stdout_capture.getvalue()
sdk_output = sdk.get_output()
# 合并输出
output = '\n'.join(filter(None, [sdk_output, stdout_output]))
# 获取脚本返回值(通过 __result__ 变量)
result = safe_globals.get('__result__')
if result is None and 'result' in safe_globals:
result = safe_globals.get('result')
# 如果返回的是字符串,包装成字典
if isinstance(result, str):
result = {'content': result}
elif result is not None and not isinstance(result, dict):
result = {'content': str(result)}
return True, output, '', result
except Exception as e:
error_msg = f"{type(e).__name__}: {str(e)}\n{traceback.format_exc()}"
return False, sdk.get_output(), error_msg, None
finally:
sys.stdout = old_stdout
sys.stderr = old_stderr
def _check_script_safety(self, script_content: str) -> Optional[str]:
"""检查脚本安全性
Returns:
错误消息如果安全则返回None
"""
# 检查危险导入
import_patterns = [
'import os', 'from os',
'import subprocess', 'from subprocess',
'import shutil', 'from shutil',
'import socket', 'from socket',
'__import__',
'eval(', 'exec(',
'compile(',
'open(', # 禁止文件操作
]
script_lower = script_content.lower()
for pattern in import_patterns:
if pattern.lower() in script_lower:
return f"禁止使用: {pattern}"
return None
def _create_safe_globals(self, sdk: ScriptSDK) -> Dict[str, Any]:
"""创建安全的执行环境"""
import json
import re
import math
import random
import hashlib
import base64
import time
import collections
from datetime import datetime, date, timedelta
from urllib.parse import urlencode, quote, unquote
# 允许导入的模块白名单
ALLOWED_MODULES = {
'json': json,
're': re,
'math': math,
'random': random,
'hashlib': hashlib,
'base64': base64,
'time': time,
'datetime': __import__('datetime'),
'collections': collections,
}
def safe_import(name, globals=None, locals=None, fromlist=(), level=0):
"""受限的 import 函数"""
if name in ALLOWED_MODULES:
return ALLOWED_MODULES[name]
raise ImportError(f"不允许导入模块: {name}。已内置可用: {', '.join(ALLOWED_MODULES.keys())}")
# 安全的内置函数
safe_builtins = {name: getattr(__builtins__, name, None)
for name in ALLOWED_BUILTINS
if hasattr(__builtins__, name) or name in dir(__builtins__)}
# 如果 __builtins__ 是字典
if isinstance(__builtins__, dict):
safe_builtins = {name: __builtins__.get(name)
for name in ALLOWED_BUILTINS
if name in __builtins__}
# 添加受限的 __import__
safe_builtins['__import__'] = safe_import
# 添加常用异常
safe_builtins['Exception'] = Exception
safe_builtins['ValueError'] = ValueError
safe_builtins['TypeError'] = TypeError
safe_builtins['KeyError'] = KeyError
safe_builtins['IndexError'] = IndexError
safe_builtins['ImportError'] = ImportError
return {
'__builtins__': safe_builtins,
'__name__': '__main__',
# SDK函数全局可用
'log': sdk.log,
'print': sdk.print,
'ai': sdk.ai,
'dingtalk': sdk.dingtalk,
'wecom': sdk.wecom,
'http_get': sdk.http_get,
'http_post': sdk.http_post,
'db_query': sdk.db_query,
'get_var': sdk.get_var,
'set_var': sdk.set_var,
'del_var': sdk.del_var,
'get_param': sdk.get_param,
'get_params': sdk.get_params,
'get_tenants': sdk.get_tenants,
'get_tenant_config': sdk.get_tenant_config,
'get_all_tenant_configs': sdk.get_all_tenant_configs,
'get_secret': sdk.get_secret,
# 当前上下文
'task_id': sdk.task_id,
'tenant_id': sdk.tenant_id,
'trace_id': sdk.trace_id,
# 安全的标准库
'json': json,
're': re,
'math': math,
'random': random,
'hashlib': hashlib,
'base64': base64,
'datetime': datetime,
'date': date,
'timedelta': timedelta,
'time': time,
'urlencode': urlencode,
'quote': quote,
'unquote': unquote,
}
def test_script(
self,
script_content: str,
task_id: int = 0,
tenant_id: Optional[str] = None,
params: Optional[Dict[str, Any]] = None
) -> Dict[str, Any]:
"""测试脚本(用于调试)
Returns:
{
"success": bool,
"output": str,
"error": str,
"duration_ms": int,
"result": dict
}
"""
start_time = datetime.now()
success, output, error, result = self.execute(
script_content=script_content,
task_id=task_id,
tenant_id=tenant_id,
trace_id=f"test-{start_time.timestamp()}",
params=params
)
duration_ms = int((datetime.now() - start_time).total_seconds() * 1000)
return {
"success": success,
"output": output,
"error": error,
"duration_ms": duration_ms,
"result": result
}
"""脚本执行器 - 安全执行Python脚本"""
import sys
import traceback
from io import StringIO
from typing import Any, Dict, Optional, Tuple
from datetime import datetime
from sqlalchemy.orm import Session
from .script_sdk import ScriptSDK
# 禁止导入的模块
FORBIDDEN_MODULES = {
'os', 'subprocess', 'shutil', 'pathlib',
'socket', 'ftplib', 'telnetlib', 'smtplib',
'pickle', 'shelve', 'marshal',
'ctypes', 'multiprocessing',
'__builtins__', 'builtins',
'importlib', 'imp',
'code', 'codeop', 'compile',
}
# 允许的内置函数
ALLOWED_BUILTINS = {
'abs', 'all', 'any', 'ascii', 'bin', 'bool', 'bytearray', 'bytes',
'callable', 'chr', 'complex', 'dict', 'dir', 'divmod', 'enumerate',
'filter', 'float', 'format', 'frozenset', 'getattr', 'hasattr', 'hash',
'hex', 'id', 'int', 'isinstance', 'issubclass', 'iter', 'len', 'list',
'map', 'max', 'min', 'next', 'object', 'oct', 'ord', 'pow', 'print',
'range', 'repr', 'reversed', 'round', 'set', 'setattr', 'slice',
'sorted', 'str', 'sum', 'tuple', 'type', 'vars', 'zip',
'True', 'False', 'None',
'Exception', 'BaseException', 'ValueError', 'TypeError', 'KeyError',
'IndexError', 'AttributeError', 'RuntimeError', 'StopIteration',
}
class ScriptExecutor:
"""脚本执行器"""
def __init__(self, db: Session):
self.db = db
def execute(
self,
script_content: str,
task_id: int,
tenant_id: Optional[str] = None,
trace_id: Optional[str] = None,
params: Optional[Dict[str, Any]] = None,
timeout: int = 300
) -> Tuple[bool, str, str, Optional[Dict]]:
"""执行脚本
Args:
script_content: Python脚本内容
task_id: 任务ID
tenant_id: 租户ID
trace_id: 追踪ID
params: 输入参数
timeout: 超时秒数
Returns:
(success, output, error, result)
result: 脚本返回值 {'content': '...', 'title': '...'}
"""
# 创建SDK实例
sdk = ScriptSDK(
db=self.db,
task_id=task_id,
tenant_id=tenant_id,
trace_id=trace_id,
params=params or {}
)
# 检查脚本安全性
check_result = self._check_script_safety(script_content)
if check_result:
return False, '', f"脚本安全检查失败: {check_result}", None
# 准备执行环境
safe_globals = self._create_safe_globals(sdk)
# 捕获输出
old_stdout = sys.stdout
old_stderr = sys.stderr
stdout_capture = StringIO()
stderr_capture = StringIO()
try:
sys.stdout = stdout_capture
sys.stderr = stderr_capture
# 编译并执行脚本
compiled = compile(script_content, '<script>', 'exec')
exec(compiled, safe_globals)
# 获取输出
stdout_output = stdout_capture.getvalue()
sdk_output = sdk.get_output()
# 合并输出
output = '\n'.join(filter(None, [sdk_output, stdout_output]))
# 获取脚本返回值(通过 __result__ 变量)
result = safe_globals.get('__result__')
if result is None and 'result' in safe_globals:
result = safe_globals.get('result')
# 如果返回的是字符串,包装成字典
if isinstance(result, str):
result = {'content': result}
elif result is not None and not isinstance(result, dict):
result = {'content': str(result)}
return True, output, '', result
except Exception as e:
error_msg = f"{type(e).__name__}: {str(e)}\n{traceback.format_exc()}"
return False, sdk.get_output(), error_msg, None
finally:
sys.stdout = old_stdout
sys.stderr = old_stderr
def _check_script_safety(self, script_content: str) -> Optional[str]:
"""检查脚本安全性
Returns:
错误消息如果安全则返回None
"""
# 检查危险导入
import_patterns = [
'import os', 'from os',
'import subprocess', 'from subprocess',
'import shutil', 'from shutil',
'import socket', 'from socket',
'__import__',
'eval(', 'exec(',
'compile(',
'open(', # 禁止文件操作
]
script_lower = script_content.lower()
for pattern in import_patterns:
if pattern.lower() in script_lower:
return f"禁止使用: {pattern}"
return None
def _create_safe_globals(self, sdk: ScriptSDK) -> Dict[str, Any]:
"""创建安全的执行环境"""
import json
import re
import math
import random
import hashlib
import base64
import time
import collections
from datetime import datetime, date, timedelta
from urllib.parse import urlencode, quote, unquote
# 允许导入的模块白名单
ALLOWED_MODULES = {
'json': json,
're': re,
'math': math,
'random': random,
'hashlib': hashlib,
'base64': base64,
'time': time,
'datetime': __import__('datetime'),
'collections': collections,
}
def safe_import(name, globals=None, locals=None, fromlist=(), level=0):
"""受限的 import 函数"""
if name in ALLOWED_MODULES:
return ALLOWED_MODULES[name]
raise ImportError(f"不允许导入模块: {name}。已内置可用: {', '.join(ALLOWED_MODULES.keys())}")
# 安全的内置函数
safe_builtins = {name: getattr(__builtins__, name, None)
for name in ALLOWED_BUILTINS
if hasattr(__builtins__, name) or name in dir(__builtins__)}
# 如果 __builtins__ 是字典
if isinstance(__builtins__, dict):
safe_builtins = {name: __builtins__.get(name)
for name in ALLOWED_BUILTINS
if name in __builtins__}
# 添加受限的 __import__
safe_builtins['__import__'] = safe_import
# 添加常用异常
safe_builtins['Exception'] = Exception
safe_builtins['ValueError'] = ValueError
safe_builtins['TypeError'] = TypeError
safe_builtins['KeyError'] = KeyError
safe_builtins['IndexError'] = IndexError
safe_builtins['ImportError'] = ImportError
return {
'__builtins__': safe_builtins,
'__name__': '__main__',
# SDK函数全局可用
'log': sdk.log,
'print': sdk.print,
'ai': sdk.ai,
'dingtalk': sdk.dingtalk,
'wecom': sdk.wecom,
'http_get': sdk.http_get,
'http_post': sdk.http_post,
'db_query': sdk.db_query,
'get_var': sdk.get_var,
'set_var': sdk.set_var,
'del_var': sdk.del_var,
'get_param': sdk.get_param,
'get_params': sdk.get_params,
'get_tenants': sdk.get_tenants,
'get_tenant_config': sdk.get_tenant_config,
'get_all_tenant_configs': sdk.get_all_tenant_configs,
'get_secret': sdk.get_secret,
# 当前上下文
'task_id': sdk.task_id,
'tenant_id': sdk.tenant_id,
'trace_id': sdk.trace_id,
# 安全的标准库
'json': json,
're': re,
'math': math,
'random': random,
'hashlib': hashlib,
'base64': base64,
'datetime': datetime,
'date': date,
'timedelta': timedelta,
'time': time,
'urlencode': urlencode,
'quote': quote,
'unquote': unquote,
}
def test_script(
self,
script_content: str,
task_id: int = 0,
tenant_id: Optional[str] = None,
params: Optional[Dict[str, Any]] = None
) -> Dict[str, Any]:
"""测试脚本(用于调试)
Returns:
{
"success": bool,
"output": str,
"error": str,
"duration_ms": int,
"result": dict
}
"""
start_time = datetime.now()
success, output, error, result = self.execute(
script_content=script_content,
task_id=task_id,
tenant_id=tenant_id,
trace_id=f"test-{start_time.timestamp()}",
params=params
)
duration_ms = int((datetime.now() - start_time).total_seconds() * 1000)
return {
"success": success,
"output": output,
"error": error,
"duration_ms": duration_ms,
"result": result
}

958
backend/app/services/script_sdk.py
View File

@@ -1,479 +1,479 @@
"""脚本执行SDK - 为Python脚本提供内置功能"""
import json
import os
import httpx
from datetime import datetime
from typing import Any, Dict, List, Optional
from sqlalchemy.orm import Session
class ScriptSDK:
"""脚本SDK - 提供AI、通知、数据库、HTTP、变量存储等功能"""
def __init__(
self,
db: Session,
task_id: int,
tenant_id: Optional[str] = None,
trace_id: Optional[str] = None,
params: Optional[Dict[str, Any]] = None
):
self.db = db
self.task_id = task_id
self.tenant_id = tenant_id
self.trace_id = trace_id
self.params = params or {}
self._logs: List[Dict] = []
self._output: List[str] = []
self._tenants_cache: Dict = {}
# AI 配置
self._ai_base_url = os.getenv('OPENAI_BASE_URL', 'https://api.4sapi.net/v1')
self._ai_api_key = os.getenv('OPENAI_API_KEY', 'sk-9yMCXjRGANbacz20kJY8doSNy6Rf446aYwmgGIuIXQ7DAyBw')
self._ai_model = os.getenv('OPENAI_MODEL', 'gemini-2.5-flash')
# ==================== 参数获取 ====================
def get_param(self, key: str, default: Any = None) -> Any:
"""获取任务参数
Args:
key: 参数名
default: 默认值
Returns:
参数值
"""
return self.params.get(key, default)
def get_params(self) -> Dict[str, Any]:
"""获取所有任务参数
Returns:
所有参数字典
"""
return self.params.copy()
# ==================== 日志 ====================
def log(self, message: str, level: str = 'INFO') -> None:
"""记录日志
Args:
message: 日志内容
level: 日志级别 (INFO, WARN, ERROR)
"""
log_entry = {
'time': datetime.now().isoformat(),
'level': level.upper(),
'message': message
}
self._logs.append(log_entry)
self._output.append(f"[{level.upper()}] {message}")
def print(self, *args, **kwargs) -> None:
"""打印输出兼容print"""
message = ' '.join(str(arg) for arg in args)
self._output.append(message)
def get_logs(self) -> List[Dict]:
"""获取所有日志"""
return self._logs
def get_output(self) -> str:
"""获取所有输出"""
return '\n'.join(self._output)
# ==================== AI 调用 ====================
def ai(
self,
prompt: str,
system: Optional[str] = None,
model: Optional[str] = None,
temperature: float = 0.7,
max_tokens: int = 2000
) -> str:
"""调用AI模型
Args:
prompt: 用户提示词
system: 系统提示词
model: 模型名称默认gemini-2.5-flash
temperature: 温度参数
max_tokens: 最大token数
Returns:
AI响应内容
"""
model = model or self._ai_model
messages = []
if system:
messages.append({"role": "system", "content": system})
messages.append({"role": "user", "content": prompt})
try:
with httpx.Client(timeout=60) as client:
response = client.post(
f"{self._ai_base_url}/chat/completions",
headers={
"Authorization": f"Bearer {self._ai_api_key}",
"Content-Type": "application/json"
},
json={
"model": model,
"messages": messages,
"temperature": temperature,
"max_tokens": max_tokens
}
)
response.raise_for_status()
data = response.json()
content = data['choices'][0]['message']['content']
self.log(f"AI调用成功: {len(content)} 字符")
return content
except Exception as e:
self.log(f"AI调用失败: {str(e)}", 'ERROR')
raise
# ==================== 通知 ====================
def dingtalk(self, webhook: str, content: str, title: Optional[str] = None, at_all: bool = False) -> bool:
"""发送钉钉消息
Args:
webhook: 钉钉机器人webhook地址
content: 消息内容支持Markdown
title: 消息标题
at_all: 是否@所有人
Returns:
是否发送成功
"""
try:
payload = {
"msgtype": "markdown",
"markdown": {
"title": title or "通知",
"text": content + ("\n@所有人" if at_all else "")
},
"at": {"isAtAll": at_all}
}
with httpx.Client(timeout=10) as client:
response = client.post(webhook, json=payload)
response.raise_for_status()
result = response.json()
success = result.get('errcode') == 0
self.log(f"钉钉消息发送{'成功' if success else '失败'}")
return success
except Exception as e:
self.log(f"钉钉消息发送失败: {str(e)}", 'ERROR')
return False
def wecom(self, webhook: str, content: str, msg_type: str = 'markdown') -> bool:
"""发送企业微信消息
Args:
webhook: 企微机器人webhook地址
content: 消息内容
msg_type: 消息类型 (text, markdown)
Returns:
是否发送成功
"""
try:
if msg_type == 'markdown':
payload = {
"msgtype": "markdown",
"markdown": {"content": content}
}
else:
payload = {
"msgtype": "text",
"text": {"content": content}
}
with httpx.Client(timeout=10) as client:
response = client.post(webhook, json=payload)
response.raise_for_status()
result = response.json()
success = result.get('errcode') == 0
self.log(f"企微消息发送{'成功' if success else '失败'}")
return success
except Exception as e:
self.log(f"企微消息发送失败: {str(e)}", 'ERROR')
return False
# ==================== HTTP 请求 ====================
def http_get(self, url: str, headers: Optional[Dict] = None, params: Optional[Dict] = None, timeout: int = 30) -> Dict:
"""发起HTTP GET请求
Returns:
{"status": 200, "data": ..., "text": "..."}
"""
try:
with httpx.Client(timeout=timeout) as client:
response = client.get(url, headers=headers, params=params)
return {
"status": response.status_code,
"data": response.json() if response.headers.get('content-type', '').startswith('application/json') else None,
"text": response.text
}
except Exception as e:
self.log(f"HTTP GET 失败: {str(e)}", 'ERROR')
raise
def http_post(self, url: str, data: Any = None, headers: Optional[Dict] = None, timeout: int = 30) -> Dict:
"""发起HTTP POST请求
Returns:
{"status": 200, "data": ..., "text": "..."}
"""
try:
with httpx.Client(timeout=timeout) as client:
response = client.post(url, json=data, headers=headers)
return {
"status": response.status_code,
"data": response.json() if response.headers.get('content-type', '').startswith('application/json') else None,
"text": response.text
}
except Exception as e:
self.log(f"HTTP POST 失败: {str(e)}", 'ERROR')
raise
# ==================== 数据库查询(只读)====================
def db_query(self, sql: str, params: Optional[Dict] = None) -> List[Dict]:
"""执行只读SQL查询
Args:
sql: SQL语句必须是SELECT
params: 参数字典
Returns:
查询结果列表
"""
sql_upper = sql.strip().upper()
if not sql_upper.startswith('SELECT'):
raise ValueError("只允许执行SELECT查询")
# 禁止危险操作
forbidden = ['INSERT', 'UPDATE', 'DELETE', 'DROP', 'TRUNCATE', 'ALTER', 'CREATE']
for word in forbidden:
if word in sql_upper:
raise ValueError(f"禁止执行 {word} 操作")
try:
from sqlalchemy import text
result = self.db.execute(text(sql), params or {})
columns = result.keys()
rows = [dict(zip(columns, row)) for row in result.fetchall()]
self.log(f"SQL查询返回 {len(rows)} 条记录")
return rows
except Exception as e:
self.log(f"SQL查询失败: {str(e)}", 'ERROR')
raise
# ==================== 变量存储 ====================
def get_var(self, key: str, default: Any = None) -> Any:
"""获取持久化变量
Args:
key: 变量名
default: 默认值
Returns:
变量值
"""
from ..models.scheduled_task import ScriptVar
var = self.db.query(ScriptVar).filter(
ScriptVar.task_id == self.task_id,
ScriptVar.tenant_id == self.tenant_id,
ScriptVar.var_key == key
).first()
if var and var.var_value:
try:
return json.loads(var.var_value)
except:
return var.var_value
return default
def set_var(self, key: str, value: Any) -> None:
"""设置持久化变量
Args:
key: 变量名
value: 变量值会JSON序列化
"""
from ..models.scheduled_task import ScriptVar
var = self.db.query(ScriptVar).filter(
ScriptVar.task_id == self.task_id,
ScriptVar.tenant_id == self.tenant_id,
ScriptVar.var_key == key
).first()
value_json = json.dumps(value, ensure_ascii=False)
if var:
var.var_value = value_json
else:
var = ScriptVar(
task_id=self.task_id,
tenant_id=self.tenant_id,
var_key=key,
var_value=value_json
)
self.db.add(var)
self.db.commit()
self.log(f"变量 {key} 已保存")
def del_var(self, key: str) -> bool:
"""删除持久化变量"""
from ..models.scheduled_task import ScriptVar
result = self.db.query(ScriptVar).filter(
ScriptVar.task_id == self.task_id,
ScriptVar.tenant_id == self.tenant_id,
ScriptVar.var_key == key
).delete()
self.db.commit()
return result > 0
# ==================== 租户配置 ====================
def get_tenants(self, app_code: Optional[str] = None) -> List[Dict]:
"""获取租户列表
Args:
app_code: 可选,按应用代码筛选
Returns:
租户列表 [{"tenant_id": ..., "tenant_name": ...}, ...]
"""
from ..models.tenant import Tenant
from ..models.tenant_app import TenantApp
if app_code:
# 获取订阅了该应用的租户
tenant_ids = self.db.query(TenantApp.tenant_id).filter(
TenantApp.app_code == app_code,
TenantApp.status == 1
).all()
tenant_ids = [t[0] for t in tenant_ids]
tenants = self.db.query(Tenant).filter(
Tenant.code.in_(tenant_ids),
Tenant.status == 'active'
).all()
else:
tenants = self.db.query(Tenant).filter(Tenant.status == 'active').all()
return [{"tenant_id": t.code, "tenant_name": t.name} for t in tenants]
def get_tenant_config(self, tenant_id: str, app_code: str, key: Optional[str] = None) -> Any:
"""获取租户的应用配置
Args:
tenant_id: 租户ID
app_code: 应用代码
key: 配置键(可选,不提供则返回所有配置)
Returns:
配置值或配置字典
"""
from ..models.tenant_app import TenantApp
tenant_app = self.db.query(TenantApp).filter(
TenantApp.tenant_id == tenant_id,
TenantApp.app_code == app_code
).first()
if not tenant_app:
return None if key else {}
# 解析 custom_configs
configs = {}
if hasattr(tenant_app, 'custom_configs') and tenant_app.custom_configs:
try:
configs = json.loads(tenant_app.custom_configs) if isinstance(tenant_app.custom_configs, str) else tenant_app.custom_configs
except:
pass
if key:
return configs.get(key)
return configs
def get_all_tenant_configs(self, app_code: str) -> List[Dict]:
"""获取所有租户的应用配置
Args:
app_code: 应用代码
Returns:
[{"tenant_id": ..., "tenant_name": ..., "configs": {...}}, ...]
"""
from ..models.tenant import Tenant
from ..models.tenant_app import TenantApp
tenant_apps = self.db.query(TenantApp).filter(
TenantApp.app_code == app_code,
TenantApp.status == 1
).all()
result = []
for ta in tenant_apps:
tenant = self.db.query(Tenant).filter(Tenant.code == ta.tenant_id).first()
configs = {}
if hasattr(ta, 'custom_configs') and ta.custom_configs:
try:
configs = json.loads(ta.custom_configs) if isinstance(ta.custom_configs, str) else ta.custom_configs
except:
pass
result.append({
"tenant_id": ta.tenant_id,
"tenant_name": tenant.name if tenant else ta.tenant_id,
"configs": configs
})
return result
# ==================== 密钥管理 ====================
def get_secret(self, key: str) -> Optional[str]:
"""获取密钥(优先租户级,其次全局)
Args:
key: 密钥名
Returns:
密钥值
"""
from ..models.scheduled_task import Secret
# 先查租户级
if self.tenant_id:
secret = self.db.query(Secret).filter(
Secret.tenant_id == self.tenant_id,
Secret.secret_key == key
).first()
if secret:
return secret.secret_value
# 再查全局
secret = self.db.query(Secret).filter(
Secret.tenant_id.is_(None),
Secret.secret_key == key
).first()
return secret.secret_value if secret else None
"""脚本执行SDK - 为Python脚本提供内置功能"""
import json
import os
import httpx
from datetime import datetime
from typing import Any, Dict, List, Optional
from sqlalchemy.orm import Session
class ScriptSDK:
"""脚本SDK - 提供AI、通知、数据库、HTTP、变量存储等功能"""
def __init__(
self,
db: Session,
task_id: int,
tenant_id: Optional[str] = None,
trace_id: Optional[str] = None,
params: Optional[Dict[str, Any]] = None
):
self.db = db
self.task_id = task_id
self.tenant_id = tenant_id
self.trace_id = trace_id
self.params = params or {}
self._logs: List[Dict] = []
self._output: List[str] = []
self._tenants_cache: Dict = {}
# AI 配置
self._ai_base_url = os.getenv('OPENAI_BASE_URL', 'https://api.4sapi.net/v1')
self._ai_api_key = os.getenv('OPENAI_API_KEY', 'sk-9yMCXjRGANbacz20kJY8doSNy6Rf446aYwmgGIuIXQ7DAyBw')
self._ai_model = os.getenv('OPENAI_MODEL', 'gemini-2.5-flash')
# ==================== 参数获取 ====================
def get_param(self, key: str, default: Any = None) -> Any:
"""获取任务参数
Args:
key: 参数名
default: 默认值
Returns:
参数值
"""
return self.params.get(key, default)
def get_params(self) -> Dict[str, Any]:
"""获取所有任务参数
Returns:
所有参数字典
"""
return self.params.copy()
# ==================== 日志 ====================
def log(self, message: str, level: str = 'INFO') -> None:
"""记录日志
Args:
message: 日志内容
level: 日志级别 (INFO, WARN, ERROR)
"""
log_entry = {
'time': datetime.now().isoformat(),
'level': level.upper(),
'message': message
}
self._logs.append(log_entry)
self._output.append(f"[{level.upper()}] {message}")
def print(self, *args, **kwargs) -> None:
"""打印输出兼容print"""
message = ' '.join(str(arg) for arg in args)
self._output.append(message)
def get_logs(self) -> List[Dict]:
"""获取所有日志"""
return self._logs
def get_output(self) -> str:
"""获取所有输出"""
return '\n'.join(self._output)
# ==================== AI 调用 ====================
def ai(
self,
prompt: str,
system: Optional[str] = None,
model: Optional[str] = None,
temperature: float = 0.7,
max_tokens: int = 2000
) -> str:
"""调用AI模型
Args:
prompt: 用户提示词
system: 系统提示词
model: 模型名称默认gemini-2.5-flash
temperature: 温度参数
max_tokens: 最大token数
Returns:
AI响应内容
"""
model = model or self._ai_model
messages = []
if system:
messages.append({"role": "system", "content": system})
messages.append({"role": "user", "content": prompt})
try:
with httpx.Client(timeout=60) as client:
response = client.post(
f"{self._ai_base_url}/chat/completions",
headers={
"Authorization": f"Bearer {self._ai_api_key}",
"Content-Type": "application/json"
},
json={
"model": model,
"messages": messages,
"temperature": temperature,
"max_tokens": max_tokens
}
)
response.raise_for_status()
data = response.json()
content = data['choices'][0]['message']['content']
self.log(f"AI调用成功: {len(content)} 字符")
return content
except Exception as e:
self.log(f"AI调用失败: {str(e)}", 'ERROR')
raise
# ==================== 通知 ====================
def dingtalk(self, webhook: str, content: str, title: Optional[str] = None, at_all: bool = False) -> bool:
"""发送钉钉消息
Args:
webhook: 钉钉机器人webhook地址
content: 消息内容支持Markdown
title: 消息标题
at_all: 是否@所有人
Returns:
是否发送成功
"""
try:
payload = {
"msgtype": "markdown",
"markdown": {
"title": title or "通知",
"text": content + ("\n@所有人" if at_all else "")
},
"at": {"isAtAll": at_all}
}
with httpx.Client(timeout=10) as client:
response = client.post(webhook, json=payload)
response.raise_for_status()
result = response.json()
success = result.get('errcode') == 0
self.log(f"钉钉消息发送{'成功' if success else '失败'}")
return success
except Exception as e:
self.log(f"钉钉消息发送失败: {str(e)}", 'ERROR')
return False
def wecom(self, webhook: str, content: str, msg_type: str = 'markdown') -> bool:
"""发送企业微信消息
Args:
webhook: 企微机器人webhook地址
content: 消息内容
msg_type: 消息类型 (text, markdown)
Returns:
是否发送成功
"""
try:
if msg_type == 'markdown':
payload = {
"msgtype": "markdown",
"markdown": {"content": content}
}
else:
payload = {
"msgtype": "text",
"text": {"content": content}
}
with httpx.Client(timeout=10) as client:
response = client.post(webhook, json=payload)
response.raise_for_status()
result = response.json()
success = result.get('errcode') == 0
self.log(f"企微消息发送{'成功' if success else '失败'}")
return success
except Exception as e:
self.log(f"企微消息发送失败: {str(e)}", 'ERROR')
return False
# ==================== HTTP 请求 ====================
def http_get(self, url: str, headers: Optional[Dict] = None, params: Optional[Dict] = None, timeout: int = 30) -> Dict:
"""发起HTTP GET请求
Returns:
{"status": 200, "data": ..., "text": "..."}
"""
try:
with httpx.Client(timeout=timeout) as client:
response = client.get(url, headers=headers, params=params)
return {
"status": response.status_code,
"data": response.json() if response.headers.get('content-type', '').startswith('application/json') else None,
"text": response.text
}
except Exception as e:
self.log(f"HTTP GET 失败: {str(e)}", 'ERROR')
raise
def http_post(self, url: str, data: Any = None, headers: Optional[Dict] = None, timeout: int = 30) -> Dict:
"""发起HTTP POST请求
Returns:
{"status": 200, "data": ..., "text": "..."}
"""
try:
with httpx.Client(timeout=timeout) as client:
response = client.post(url, json=data, headers=headers)
return {
"status": response.status_code,
"data": response.json() if response.headers.get('content-type', '').startswith('application/json') else None,
"text": response.text
}
except Exception as e:
self.log(f"HTTP POST 失败: {str(e)}", 'ERROR')
raise
# ==================== 数据库查询(只读)====================
def db_query(self, sql: str, params: Optional[Dict] = None) -> List[Dict]:
"""执行只读SQL查询
Args:
sql: SQL语句必须是SELECT
params: 参数字典
Returns:
查询结果列表
"""
sql_upper = sql.strip().upper()
if not sql_upper.startswith('SELECT'):
raise ValueError("只允许执行SELECT查询")
# 禁止危险操作
forbidden = ['INSERT', 'UPDATE', 'DELETE', 'DROP', 'TRUNCATE', 'ALTER', 'CREATE']
for word in forbidden:
if word in sql_upper:
raise ValueError(f"禁止执行 {word} 操作")
try:
from sqlalchemy import text
result = self.db.execute(text(sql), params or {})
columns = result.keys()
rows = [dict(zip(columns, row)) for row in result.fetchall()]
self.log(f"SQL查询返回 {len(rows)} 条记录")
return rows
except Exception as e:
self.log(f"SQL查询失败: {str(e)}", 'ERROR')
raise
# ==================== 变量存储 ====================
def get_var(self, key: str, default: Any = None) -> Any:
"""获取持久化变量
Args:
key: 变量名
default: 默认值
Returns:
变量值
"""
from ..models.scheduled_task import ScriptVar
var = self.db.query(ScriptVar).filter(
ScriptVar.task_id == self.task_id,
ScriptVar.tenant_id == self.tenant_id,
ScriptVar.var_key == key
).first()
if var and var.var_value:
try:
return json.loads(var.var_value)
except:
return var.var_value
return default
def set_var(self, key: str, value: Any) -> None:
"""设置持久化变量
Args:
key: 变量名
value: 变量值会JSON序列化
"""
from ..models.scheduled_task import ScriptVar
var = self.db.query(ScriptVar).filter(
ScriptVar.task_id == self.task_id,
ScriptVar.tenant_id == self.tenant_id,
ScriptVar.var_key == key
).first()
value_json = json.dumps(value, ensure_ascii=False)
if var:
var.var_value = value_json
else:
var = ScriptVar(
task_id=self.task_id,
tenant_id=self.tenant_id,
var_key=key,
var_value=value_json
)
self.db.add(var)
self.db.commit()
self.log(f"变量 {key} 已保存")
def del_var(self, key: str) -> bool:
"""删除持久化变量"""
from ..models.scheduled_task import ScriptVar
result = self.db.query(ScriptVar).filter(
ScriptVar.task_id == self.task_id,
ScriptVar.tenant_id == self.tenant_id,
ScriptVar.var_key == key
).delete()
self.db.commit()
return result > 0
# ==================== 租户配置 ====================
def get_tenants(self, app_code: Optional[str] = None) -> List[Dict]:
"""获取租户列表
Args:
app_code: 可选,按应用代码筛选
Returns:
租户列表 [{"tenant_id": ..., "tenant_name": ...}, ...]
"""
from ..models.tenant import Tenant
from ..models.tenant_app import TenantApp
if app_code:
# 获取订阅了该应用的租户
tenant_ids = self.db.query(TenantApp.tenant_id).filter(
TenantApp.app_code == app_code,
TenantApp.status == 1
).all()
tenant_ids = [t[0] for t in tenant_ids]
tenants = self.db.query(Tenant).filter(
Tenant.code.in_(tenant_ids),
Tenant.status == 'active'
).all()
else:
tenants = self.db.query(Tenant).filter(Tenant.status == 'active').all()
return [{"tenant_id": t.code, "tenant_name": t.name} for t in tenants]
def get_tenant_config(self, tenant_id: str, app_code: str, key: Optional[str] = None) -> Any:
"""获取租户的应用配置
Args:
tenant_id: 租户ID
app_code: 应用代码
key: 配置键(可选,不提供则返回所有配置)
Returns:
配置值或配置字典
"""
from ..models.tenant_app import TenantApp
tenant_app = self.db.query(TenantApp).filter(
TenantApp.tenant_id == tenant_id,
TenantApp.app_code == app_code
).first()
if not tenant_app:
return None if key else {}
# 解析 custom_configs
configs = {}
if hasattr(tenant_app, 'custom_configs') and tenant_app.custom_configs:
try:
configs = json.loads(tenant_app.custom_configs) if isinstance(tenant_app.custom_configs, str) else tenant_app.custom_configs
except:
pass
if key:
return configs.get(key)
return configs
def get_all_tenant_configs(self, app_code: str) -> List[Dict]:
"""获取所有租户的应用配置
Args:
app_code: 应用代码
Returns:
[{"tenant_id": ..., "tenant_name": ..., "configs": {...}}, ...]
"""
from ..models.tenant import Tenant
from ..models.tenant_app import TenantApp
tenant_apps = self.db.query(TenantApp).filter(
TenantApp.app_code == app_code,
TenantApp.status == 1
).all()
result = []
for ta in tenant_apps:
tenant = self.db.query(Tenant).filter(Tenant.code == ta.tenant_id).first()
configs = {}
if hasattr(ta, 'custom_configs') and ta.custom_configs:
try:
configs = json.loads(ta.custom_configs) if isinstance(ta.custom_configs, str) else ta.custom_configs
except:
pass
result.append({
"tenant_id": ta.tenant_id,
"tenant_name": tenant.name if tenant else ta.tenant_id,
"configs": configs
})
return result
# ==================== 密钥管理 ====================
def get_secret(self, key: str) -> Optional[str]:
"""获取密钥(优先租户级,其次全局)
Args:
key: 密钥名
Returns:
密钥值
"""
from ..models.scheduled_task import Secret
# 先查租户级
if self.tenant_id:
secret = self.db.query(Secret).filter(
Secret.tenant_id == self.tenant_id,
Secret.secret_key == key
).first()
if secret:
return secret.secret_value
# 再查全局
secret = self.db.query(Secret).filter(
Secret.tenant_id.is_(None),
Secret.secret_key == key
).first()
return secret.secret_value if secret else None

30
backend/requirements.txt
View File

@@ -1,15 +1,15 @@
fastapi>=0.109.0
uvicorn>=0.27.0
sqlalchemy>=2.0.0
pymysql>=1.1.0
pydantic>=2.0.0
pydantic-settings>=2.0.0
cryptography>=42.0.0
python-jose[cryptography]>=3.3.0
passlib[bcrypt]>=1.7.4
bcrypt>=4.0.0
python-multipart>=0.0.6
httpx>=0.26.0
redis>=5.0.0
openpyxl>=3.1.0
apscheduler>=3.10.0
fastapi>=0.109.0
uvicorn>=0.27.0
sqlalchemy>=2.0.0
pymysql>=1.1.0
pydantic>=2.0.0
pydantic-settings>=2.0.0
cryptography>=42.0.0
python-jose[cryptography]>=3.3.0
passlib[bcrypt]>=1.7.4
bcrypt>=4.0.0
python-multipart>=0.0.6
httpx>=0.26.0
redis>=5.0.0
openpyxl>=3.1.0
apscheduler>=3.10.0