def post(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') check_alib = db.session.query(Users).filter(Users.id == user_id).one_or_none() if check_alib.authority == 0: page = int(request.form.get('page', 0)) nums = (page - 1 if page >= 0 else 0) * 10 group = request.form.get('group') if group == 'group': allus = db.session.query(Users).filter(Users.user_group_id == user_id).order_by(Users.id.desc())[ nums: nums + 10] counts = db.session.query(Users).filter(Users.user_group_id == user_id).count() all_page = int(counts / 10) + (1 if counts % 10 != 0 else 0) else: allus = db.session.query(Users).filter().order_by(Users.id.desc())[nums: nums + 10] counts = db.session.query(Users).filter().count() all_page = int(counts / 10) + (1 if counts % 10 != 0 else 0) return jsonify({'status': 'ok', 'data': [us.to_json() for us in allus], 'len': len(allus), 'now': page, 'all': all_page, 'auth': check_alib.authority}) elif check_alib.authority == 1: page = int(request.form.get('page', 0)) nums = (page - 1 if page >= 0 else 0) * 10 allus = db.session.query(Users).filter(Users.user_group_id == user_id).order_by(Users.id.desc())[ nums: nums + 10] counts = db.session.query(Users).filter(Users.user_group_id == user_id).count() all_page = int(counts / 10) + (1 if counts % 10 != 0 else 0) return jsonify({'status': 'ok', 'data': [us.to_json() for us in allus], 'len': len(allus), 'now': page, 'all': all_page}) else: return jsonify({'status': 'error', 'msg': 'user is valid'})
def post(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') check_alib = db.session.query(Users).filter(Users.id == user_id).one_or_none() if check_alib.authority == 0: del_id = request.form.get('key') user = db.session.query(Users).filter(Users.id == del_id).one_or_none() if user: db.session.delete(user) db.session.commit() return jsonify({'status': 'ok'}) else: return jsonify({'status': 'error', 'msg': f'无此用户,错误代码:{del_id}'}) elif check_alib.authority == 1: del_id = request.form.get('key') user = db.session.query(Users).filter(Users.id == del_id).one_or_none() if user: user.user_group_id = 0 db.session.commit() return jsonify({'status': 'ok'}) else: return jsonify({'status': 'error', 'msg': f'无此用户,错误代码:{del_id}'}) else: return jsonify({'status': 'error', 'msg': '抱歉您无此权限,如需删除请联系管理员'})
def get(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') msgs = db.session.query(Message).filter(Message.to_id == user_id, Message.is_show == 0).all() count = len(msgs) return jsonify({'status': 'ok', 'count': count})
def post(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') key = request.form.get('key') msg = db.session.query(Message).filter(Message.id == key, Message.to_id == user_id).one_or_none() db.session.delete(msg) db.session.commit() return jsonify({'status': 'ok', 'msg': 'ok'})
def post(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') author = request.form.get('author') title = request.form.get('title') body = request.form.get('body') sender = db.session.query(Users).filter(Users.id == user_id).one_or_none() if author and title and body: if len(author) > 20 or len(title) > MSG_TITLE_LENGTH or len(body) > MSG_BODY_LENGTH: return jsonify({'status': 'error', 'msg': '输入字符过长'}) else: if author == '@反馈意见': users = db.session.query(Users).filter(Users.authority == 0).all() for user in users: me = Message(user_id=user_id, user_name=sender.name, user_showname=sender.show_name, to_id=user.id, to_name=user.name, to_showname=user.show_name, title=title, body=body, is_show=0, create_time=datetime.now(), group_id=0) db.session.add(me) db.session.commit() return jsonify({'status': 'ok', 'msg': 'ok'}) elif author == '@全体成员': threading.Thread(target=send_all, args=(user_id, sender, title, body)).start() return jsonify({'status': 'ok', 'msg': 'ok'}) elif author == '@群组成员': threading.Thread(target=send_all, args=(user_id, sender, title, body, True)).start() return jsonify({'status': 'ok', 'msg': 'ok'}) else: user = db.session.query(Users).filter(Users.name == author.replace('@', '')).one_or_none() if user: me = Message(user_id=user_id, user_name=sender.name, user_showname=sender.show_name, to_id=user.id, to_name=user.name, to_showname=user.show_name, title=title, body=body, is_show=0, create_time=datetime.now(), group_id=0) db.session.add(me) db.session.commit() return jsonify({'status': 'ok', 'msg': 'ok'}) else: return jsonify({'status': 'error', 'msg': '没有改用户'}) else: return jsonify({'status': 'error', 'msg': '输入内容不完整'})
def get(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) id = request.args.get('key') user_id = session.get('user_id') check_alib = db.session.query(Users).filter(Users.id == user_id).one_or_none() user = db.session.query(Users).filter(Users.id == id).one_or_none() if user: return jsonify({'status': 'ok', 'data': user.to_user(), 'auth': check_alib.authority}) else: return jsonify({'status': 'error', 'msg': 'user is none'})
def get(self): check_user = check_login() if check_user is None: return redirect(url_for('admin.login')) if check_user == -1: return '抱歉您的账号过期,请联系管理员' user_id = session.get('user_id') check_alib = db.session.query(Users).filter(Users.id == user_id).one_or_none() if check_alib.authority in [0, 1]: group = request.args.get('key') return render_template('admin/users.html', group=group) else: return '抱歉你无此权限!'
def post(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') counts = db.session.query(Message).filter(Message.to_id == user_id).count() page = int(request.form.get('page', 0)) nums = (page - 1 if page >= 0 else 0) * 5 msgs = db.session.query(Message).filter(Message.to_id == user_id).order_by(Message.id.desc())[nums: nums + 5] all_page = int(counts / 5) + (1 if counts % 5 != 0 else 0) return jsonify({'status': 'ok', 'data': [msg.to_json() for msg in msgs], 'len': len(msgs), 'now': page, 'all': all_page})
def get(self): check_user = check_login() if check_user is None: return redirect(url_for('admin.login')) if check_user == -1: return '抱歉您的账号过期,请联系管理员' user_id = session.get('user_id') username = db.session.query(Users).filter(Users.id == user_id).one_or_none() login_time = time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(float(username.login_time))) user = {'login_time': login_time, 'name': username.show_name, 'valid_date': username.valid_date, 'email': username.email, 'auth': username.authority} if username.authority == 0: ctrls = [['修改密码', 'change-pwd'], ['修改密保', 'change-fgpwd'], ['管理用户', 'mg-user'], ['反馈查看', 'msg-show'], ['发公告', 'create-msg'], ['发群公告', 'create-group-msg'], ['发邮件', 'send-email'], ['生成邀请码', 'create-key'], ['清除分享链', 'clear-share']] elif username.authority == 1: ctrls = [['修改密码', 'change-pwd'], ['修改密保', 'change-fgpwd'], ['管理组员', 'mg-user'], ['生成邀请码', 'create-key'], ['反馈', 'msg-send'], ['发群公告', 'create-group-msg'], ['清除分享链', 'clear-share']] elif username.authority == 2: ctrls = [['修改密码', 'change-pwd'], ['修改密保', 'change-fgpwd'], ['反馈', 'msg-send'], ['清除分享链', 'clear-share']] else: ctrls = [] return render_template('admin/userinfo.html', uu=user, ctrls=ctrls)
def post(self): check_user = check_login() if check_user is None: return jsonify({'status': 'error', 'msg': 'no authority'}) if check_user == -1: return jsonify({'status': 'error', 'msg': 'user is valid'}) user_id = session.get('user_id') check_alib = db.session.query(Users).filter(Users.id == user_id).one_or_none() if check_alib.authority == 0: id = request.form.get('id') auth = request.form.get('auth') create = request.form.get('create') upload = request.form.get('upload') download = request.form.get('download') use_size = request.form.get('use_size') if id and int(auth) in [0, 1, 2, 3] and int(create) in [0, 1] and int(upload) in [0, 1] and int( download) in [0, 1] and int(use_size) in [0, 1, 2]: user = db.session.query(Users).filter(Users.id == id).one_or_none() if user: authority = int(auth) create = int(create) upload = int(upload) download = int(download) use_size = (int(use_size) + 1) * 512 user.authority = authority user.is_create_folder = create user.is_upload_folder = upload user.is_download_folder = download user.use_size = use_size db.session.commit() return jsonify({'status': 'ok', 'msg': 'save ok'}) else: return jsonify({'status': 'error', 'msg': 'ERROR user is none'}) else: return jsonify({'status': 'error', 'msg': 'ERROR INFO'}) elif check_alib.authority == 1: id = request.form.get('id') auth = request.form.get('auth') create = request.form.get('create') upload = request.form.get('upload') download = request.form.get('download') use_size = request.form.get('use_size') if id and int(auth) in [0, 1, 2, 3] and int(create) in [0, 1] and int(upload) in [0, 1] and int( download) in [0, 1] and int(use_size) in [0, 1, 2]: user = db.session.query(Users).filter(Users.id == id).one_or_none() if user: # authority = int(auth) create = int(create) upload = int(upload) download = int(download) # use_size = (int(use_size) + 1) * 512 # user.authority = authority user.is_create_folder = create user.is_upload_folder = upload user.is_download_folder = download # user.use_size = use_size db.session.commit() return jsonify({'status': 'ok', 'msg': 'save ok'}) else: return jsonify({'status': 'error', 'msg': 'ERROR user is none'}) else: return jsonify({'status': 'error', 'msg': 'ERROR INFO'}) else: return jsonify({'status': 'error', 'msg': 'user is valid'})
def post(self): check_user = check_login() if check_user is None: return redirect(url_for('admin.login')) if check_user == -1: return '抱歉您的账号过期,请联系管理员' user_id = session.get('user_id') username = db.session.query(Users).filter(Users.id == user_id).one_or_none() show_name = request.form.get('show_name') email = request.form.get('email') oldpwd = request.form.get('oldpwd') newpwd = request.form.get('newpwd') pwd = request.form.get('pwd') fgpwd = request.form.get('fgpwd') user_id = session.get('user_id') reg_key = request.form.get('reg_key') if show_name: if len(show_name) > 15: return jsonify({'status': 'error', 'msg': '用户名长度不能大于15个字符!'}) else: if len(show_name) < 3: return jsonify({'status': 'error', 'msg': '用户名长度不能小于3个字符!'}) elif username.authority in [0, 1]: user = db.session.query(Users).filter(Users.id == user_id).one_or_none() user.show_name = show_name db.session.commit() return jsonify({'status': 'ok', 'msg': '用户名修改成功'}) else: return jsonify({'status': 'error', 'msg': '您无法修改用户名,如需修改请联系管理员'}) elif email: if len(email) < 50: user = db.session.query(Users).filter(Users.id == user_id).one_or_none() keys = creat_hash(str(time.clock())) user.share_key = keys db.session.commit() urls = f'{WEB_URL}/admin/changeInfo/?uId={user_id}&email={email}&key={keys}' body = f'您正在使用易云提供的服务,修改邮箱请点击链接,如您没有进行此操作,请忽略此邮件: {urls}' try: em = SendEmail() # threading.Thread(target=em.Send, args=(email, 'yun cluod', body)).start() em.Send(email, 'yun cluod', body) return jsonify({'status': 'ok', 'msg': '请前往对应邮箱点击链接完成修改'}) except Exception as e: return jsonify({'status': 'error', 'msg': f'抱歉抱歉向目标邮箱发送邮件失败,code: {e}'}) else: return jsonify({'status': 'error', 'msg': '抱歉邮箱字符长度不能大于50个字符!'}) elif oldpwd and newpwd: haold = creat_hash(oldpwd) user = db.session.query(Users).filter(Users.id == user_id, Users.password == haold).one_or_none() if user: if len(newpwd) > 15: return jsonify({'status': 'error', 'msg': '新密码长度不能大于15个字符!'}) else: if len(newpwd) < 3: return jsonify({'status': 'error', 'msg': '新密码长度不能小于3个字符!'}) else: hanew = creat_hash(newpwd) user.password = hanew db.session.commit() return jsonify({'status': 'ok', 'msg': '密码修改成功'}) else: return jsonify({'status': 'error', 'msg': '您输入的旧密码有误'}) elif pwd and fgpwd: haold = creat_hash(pwd) user = db.session.query(Users).filter(Users.id == user_id, Users.password == haold).one_or_none() if user: if len(pwd) > 15: return jsonify({'status': 'error', 'msg': '密保不能大于15个字符!'}) else: if len(pwd) < 3: return jsonify({'status': 'error', 'msg': '密保不能小于3个字符!'}) else: user.password_forget = fgpwd db.session.commit() return jsonify({'status': 'ok', 'msg': '密保修改成功'}) else: return jsonify({'status': 'error', 'msg': '您输入的密码有误'}) elif reg_key: user = db.session.query(Users).filter(Users.id == user_id).one_or_none() if user: key = creat_hash(user.name + str(time.time())) user.register_key = key db.session.commit() return jsonify({'status': 'ok', 'msg': key}) else: return jsonify({'status': 'error', 'msg': 'failed'}) else: user = db.session.query(Users).filter(Users.id == user_id).one_or_none() user.authority = 55 db.session.commit() return {'status': 'error', 'msg': '系统判定您的操作非法!账户已被临时封禁'}