def post():
session = get_session()
args_att = base_parse.parse_args()
action = args_att.get('action')
method = args_att.get('method')
uid = args_att.get('uid')
if action is None:
abort(400, msg='Method not allowed.')
if action == ApiConstant.ATT_ADD:
if method == ApiConstant.ATT_ADD_SUP:
att = UserAttendanceResource.add_manually(uid=uid)
elif method == ApiConstant.ATT_ADD_FRC:
att = UserAttendanceResource.add_automatically()
elif method == ApiConstant.ATT_ADD_TRA:
att = UserAttendanceResource.add_traditionally()
else:
abort(400, msg='Method not allowed.')
return
session.add(att)
raw_data = db_event_commit(session)
msg = 'Success' if raw_data else 'Failed'
status = ApiConstant.HTTP_OK if raw_data else ApiConstant.HTTP_FAILED
return get_common_marshaled(msg=msg, status=status)
elif action == ApiConstant.ATT_DEL:
# TODO 删除考勤记录接口
pass
else:
abort(400, msg='Invalid Action.')
def createsuperuser(username, password):
if not all([username, password]):
print('请提供足够的参数。')
return -1
user = User.create_admin(username=username, password=password)
session = get_session()
session.add(user)
admin_register_feedback = db_event_commit(session)
if admin_register_feedback:
print('Register Successfully.')
else:
print('Error occurred when write into the database.')
return 0
def grant(uid: int, grant_val: int) -> bool:
if uid is None:
abort(ApiConstant.HTTP_FAILED, msg='Invalid user id.')
return False
if grant_val is None:
abort(ApiConstant.HTTP_FAILED, msg='Vague permission code.')
return False
session = get_session()
user = session.query(User).get(uid)
if user is None:
abort(ApiConstant.HTTP_FAILED, msg='Invalid user id.')
user.permission = grant_val
return db_event_commit(session=session)
def delete_(idb: int, idd: str) -> bool:
session = get_session()
if idb == ApiConstant.IDENT_NAME:
user = get_user_by_name(idd)
elif idb == ApiConstant.IDENT_PHONE:
user = get_user_by_phone(idd)
elif idb == ApiConstant.IDENT_EMAIL:
user = get_user_by_email(idd)
else:
abort(ApiConstant.HTTP_FAILED, msg='Invalid idb.')
return False
if user is not None:
user.is_delete = True
else:
return False
return db_event_commit(session)
def post():
args_post = post_parse.parse_args()
prt_token = args_post.get('prt_token')
_id = args_post.get('id')
if prt_token is None:
abort(401, msg='No Prt Session Token.')
if _id is None:
abort(401, msg='Invalid id.')
data = request.files.get('data')
if data is None:
abort(500, msg='No data uploaded or received.')
# 使用时间戳和id的方式对文件命名
fn = str(time.time()) + str(_id)
fn = md5(fn.encode('utf-8')).hexdigest()
prefix = os.path.join(PORTRAIT_DIR, str(_id))
if not os.path.exists(prefix):
os.mkdir(prefix)
pr = PortraitRecords(staff_id=_id, staff_portrait_prefix=prefix)
pfn = PortraitFileNames(staff_id=_id, staff_portrait_md5=fn)
session = get_session()
session.add(pr)
session.add(pfn)
db_feedback = db_event_commit(session)
f_abs_name = os.path.join(prefix, fn)
data.save(f_abs_name)
# 检测文件是否存在
save_feedback = os.path.exists(f_abs_name)
return marshal(
{
'msg':
'Success' if save_feedback and db_feedback else 'Failed',
'status':
ApiConstant.HTTP_OK
if save_feedback and db_feedback else ApiConstant.HTTP_FAILED
# TODO get portrait amount.
},
post_feedback_fields)
def patch_() -> dict:
new_data = {}
args_patch = parse_patch.parse_args()
# 修改密码逻辑
old_password = args_patch.get('old_password')
new_password = args_patch.get('new_password')
_id = args_patch.get('id')
session = get_session()
# 获取用户
user = session.query(User).get(_id) if _id is not None else None
if user is None:
user = g.user
# 修改其他信息
name = args_patch.get('name')
phone = args_patch.get('phone')
email = args_patch.get('email')
address = args_patch.get('address')
gender = args_patch.get('gender')
user.name = name if name is not None and len(name) > 0 else user.name
db_res = db_event_commit(session)
if db_res:
new_data.setdefault('name', name)
user.phone = phone if phone is not None and len(phone) > 0 else user.phone
db_res = db_event_commit(session)
if db_res:
new_data.setdefault('phone', phone)
user.e_mail = email if email is not None and len(email) > 0 else user.e_mail
db_res = db_event_commit(session)
if db_res:
new_data.setdefault('email', email)
user.address = address if address is not None and len(address) > 0 else user.address
db_res = db_event_commit(session)
if db_res:
new_data.setdefault('address', address)
user.gender = gender if gender is not None and len(gender) > 0 else user.gender
db_res = db_event_commit(session)
if db_res:
new_data.setdefault('gender', gender)
feedback_data = {
'msg': 'Success',
'status': ApiConstant.HTTP_OK,
'password_change_status': 0,
'new_data': new_data
}
# 如果要修改密码
if new_password is not None:
if (_id is not None or name is not None) and user.is_super:
# 意味着可以给任何用户修改密码
if name is not None:
_user = session.query(User).filter_by(name=name).first()
else:
_user = session.query(User).get(_id)
if _user is None:
abort(400, msg='User not found.')
pwd_change = not _user.check_password(new_password)
if pwd_change:
_user.password = new_password
db_res = db_event_commit(session)
elif old_password is not None and len(old_password) > 0 and user.check_password(old_password):
# 更改密码完成
pwd_change = not user.check_password(new_password)
if pwd_change:
user.password = new_password
db_res = db_event_commit(session)
else:
pwd_change = False
feedback_data['password_change_status'] = 1 if db_res and pwd_change else 0
else:
feedback_data['password_change_status'] = 0
return feedback_data