def group_edit(): try: id = request.form.get('id') name = request.form.get('name') status = request.form.get('status', default=1) if not name: return CommonResponse(ResultType.Failed, message=u"分组名称不能为空").to_json() user_group_obj = db.session.query(UsersGroup).filter( UsersGroup.id != id, UsersGroup.name == name).scalar() if user_group_obj: return CommonResponse(ResultType.Failed, message=u"分组名称不能重复").to_json() group = UsersGroup() group.id = id group.name = name group.status = status db.session.merge(group) db.session.commit() record_log('edit_group', u'编辑分组', u'name:{name}'.format(name=name)) return CommonResponse(ResultType.Success, message=u"编辑成功").to_json() except Exception, e: db.session.rollback() record_log('add_user', u'编辑用户失败')
def menu_edit(): form = MenuForm() try: if not form.validate(): error_message = form.get_error() return CommonResponse(ResultType.Failed, message=error_message).to_json() else: menu = MenuAuth() menu.id = form.id.data menu.name = form.menu_name.data menu.method = form.method.data menu.type = form.type.data menu.icon = form.icon.data menu.sort = form.sort.data menu.parent_id = form.parent_id.data db.session.merge(menu) db.session.commit() record_log('add_menu', u'编辑菜单', u'method:{method}'.format(method=form.method.data)) return CommonResponse(ResultType.Success, message=u"编辑成功").to_json() except Exception, e: db.session.rollback() record_log('add_menu', u'编辑菜单失败') return CommonResponse(ResultType.Failed, message=u"编辑失败").to_json()
def user_edit(): form = UserForm() try: if not form.validate(): error_message = form.get_error() return CommonResponse(ResultType.Failed, message=error_message).to_json() else: user = User() user.id = form.id.data user.username = form.username.data if form.password.data: user.password = form.password.data user.email = form.email.data if form.group_id.data: user.group_id = form.group_id.data user.is_manage = '1' else: user.group_id = None user.is_manage = '0' db.session.merge(user) db.session.commit() record_log( 'edit_user', u'编辑用户', u'username:{username}'.format(username=form.username.data)) return CommonResponse(ResultType.Success, message=u"编辑成功").to_json() except Exception, e: db.session.rollback() record_log('edit_user', u'编辑用户失败') return CommonResponse(ResultType.Failed, message=u"编辑失败").to_json()
def user_add(): form = UserForm() try: if not form.validate(): error_message = form.get_error() return CommonResponse(ResultType.Failed, message=error_message).to_json() else: user = User() user.username = form.username.data user.password = form.password.data user.email = form.email.data if form.group_id.data: user.group_id = form.group_id.data db.session.add(user) db.session.commit() record_log( 'add_user', u'添加用户', u'username:{username}'.format(username=form.username.data)) return CommonResponse(ResultType.Success, message=u"添加成功").to_json() except Exception, e: db.session.rollback() record_log('add_user', u'添加用户失败') return CommonResponse(ResultType.Failed, message=u"添加失败").to_json()
def login(): if current_app.config.get('IS_LOCALHOST'): form = LoginForm() if form.validate_on_submit(): # user = User.query.filter_by(username=form.username.data).first() user = db.session.query(User).filter( User.username == form.username.data).first() if user is not None and user.verify_password(form.password.data): if not user.status: #禁止被禁用的用户登陆 flash(u'用户被禁用,请联系管理员') else: login_user(user, form.remember_me.data) record_log( 'login', u'用户登陆', 'current_user:{username}'.format( username=current_user.username)) return redirect( request.args.get('next') or url_for('admin.index')) else: flash(u'用户名或密码错误') if current_user.is_authenticated: return redirect(url_for('admin.index')) return render_template('admin/login.html', form=form) else: return redirect(current_app.config.get('OPERATOR_LOGIN'))
def logout(): record_log('logout', u'用户登出', 'current_user:{username}'.format(username=current_user.username)) logout_user() # flash(u'您已经成功退出') if current_app.config.get('IS_LOCALHOST'): return redirect(url_for('admin.login')) else: return redirect(current_app.config.get('OPERATOR_LOGIN'))
def group_grant(): try: group_id = request.form.get('group_id') rules = request.form.get('rules') # rules = json.loads(rules_str) user_group_obj = db.session.query(UsersGroup).filter( UsersGroup.id == group_id).scalar() user_group_obj.rules = rules db.session.merge(user_group_obj) db.session.commit() record_log('group_grant', u'分组授权', 'name:{name}'.format(name=user_group_obj.name)) return CommonResponse(ResultType.Success, message=u"授权成功").to_json() except Exception, e: db.session.rollback() record_log('group_grant', u'分组授权失败')
def group_del(): group_id = request.form.get('group_id') user_group_obj = db.session.query(UsersGroup).filter( UsersGroup.id == group_id).scalar() if user_group_obj is None: return CommonResponse(ResultType.Failed, message=u"分组不存在").to_json() user_obj = db.session.query(User).filter(User.group_id == group_id).all() if user_obj: return CommonResponse(ResultType.Failed, message=u"请先移除当前分组下的用户").to_json() record_log('del_group', u'删除分组', 'name:{name}'.format(name=user_group_obj.name)) db.session.delete(user_group_obj) db.session.commit() return CommonResponse(ResultType.Success, message=u"删除成功").to_json()
def user_del(): user_id = request.form.get('user_id') if int(current_user.id) == int(user_id): return CommonResponse(ResultType.Failed, message=u"不能删除自己的账号").to_json() if user_id is None: return CommonResponse(ResultType.Failed, message=u"user_id不能为空").to_json() user_info_obj = User.query.filter(User.id == user_id).scalar() if user_info_obj is None: return CommonResponse(ResultType.Failed, message=u"用户不存在").to_json() record_log('del_user', u'删除用户', 'name:{name}'.format(name=user_info_obj.username)) db.session.delete(user_info_obj) db.session.commit() return CommonResponse(ResultType.Success, message=u"删除成功").to_json()
def menu_del(): menu_id = request.form.get('menu_id') if not menu_id: return CommonResponse(ResultType.Failed, message=u"menu_id不能为空").to_json() menu_info_obj = MenuAuth.query.filter(MenuAuth.id == menu_id).scalar() if menu_info_obj is None: return CommonResponse(ResultType.Failed, message=u"菜单不存在").to_json() other_info_obj = MenuAuth.query.filter(MenuAuth.parent_id == menu_id).all() if other_info_obj: return CommonResponse(ResultType.Failed, message=u"删除菜单前,请先删除子菜单").to_json() record_log('del_menu', u'删除菜单', 'name:{name}'.format(name=menu_info_obj.name)) db.session.delete(menu_info_obj) db.session.commit() return CommonResponse(ResultType.Success, message=u"删除成功").to_json()