def create_super(user,password):
try:
encryptuser = encrypt(password)
db.user.insert({'role':'superadmin','name':user,'passwd':encryptuser})
log.info("create superuser success")
return True
except Exception,e:
traceback.print_exc()
log.error("create superuser error")
return False
def create_super(user, password):
try:
encryptuser = encrypt(password)
db.user.insert({
'role': 'superadmin',
'name': user,
'passwd': encryptuser
})
log.info("create superuser success")
return True
except Exception, e:
traceback.print_exc()
log.error("create superuser error")
return False
def changepasswd_form():
"""
修改密码
"""
log.info("changepasswd_form")
user = request.get_cookie('user',secret="chermong")
user = db.user.find_one({'name':user})
if checkpassword(request.forms.get('oldpass'),user['passwd']):
if request.forms.get('newpass') == request.forms.get('repeatpass'):
db.user.update({'name':user['name']},{'$set':{'passwd':encrypt(request.forms.get('newpass'))}})#注意mongodb中update方法的使用
response.delete_cookie(key='user',secret='chermong')
return jinja2_template('login.html')
else:
errormsg = u"两次输入密码不同,请重新输入!"
return jinja2_template('changepasswd.html',user = user,app = chermongapp,error_repeate=errormsg)
else:
errormsg = u"密码不正确!"
return jinja2_template('changepasswd.html',user = user,app = chermongapp,error_oldpass=errormsg)
def manage_users():
"""
更改用户信息
"""
log.info('manage_users')
user = request.get_cookie('user',secret="chermong")
user = db.user.find_one({'name':user})
if "update" in request.forms.keys():
if request.forms.get("userid") == "":#添加用户
role = [i for i in ['superadmin','statistician','student'] if i in request.forms.keys()][0]
if role == "superadmin":
db.user.insert({'role':role,'name':request.forms.get('admin-name'),'passwd':encrypt(request.forms.get('raw_passwd'))})
elif role == "statistician":
db.user.insert({'role':role,'name':request.forms.get('statistician-name'),'passwd':encrypt(request.forms.get('raw_passwd'))})
elif role == "student":#同时更新assessment数据库中assessment collections的document
db.user.insert({'role':role,'schoolid':request.forms.get('schoolid'),'name':request.forms.get('student-name'),'sex':request.forms.get('sex'),'passwd':encrypt(request.forms.get('raw_passwd'))})
newbie = {"schoolid":request.forms.get('schoolid'),'name':request.forms.get('student-name'),"option":"",'sex':request.forms.get('sex')}
pro_for_others = []
allusers = list(db.user.find({'role':'student'}))#明白为什么要转化为list
for i in allusers:
if i.get('schoolid') != request.forms.get('schoolid'):
db.assessment.update({'schoolid':i.get('schoolid')},{'$push':{'pro-others':newbie}})
item = {key:value for key,value in i.iteritems() if key != "passwd" and key != "role" and key != "_id"}
item.update({'option':""})#dict update
pro_for_others.append(item)
db.assessment.insert({'schoolid':request.forms.get('schoolid'),'pro-others':pro_for_others})
else:#修改用户
role = [i for i in ['superadmin','statistician','student'] if i in request.forms.keys()][0]
if role == "superadmin":
db.user.update({'_id':ObjectId(request.forms.get('userid'))},{'$set':{'name':request.forms.get('admin-name')}})
elif role == "statistician":
db.user.update({'_id':ObjectId(request.forms.get('userid'))},{'$set':{'name':request.forms.get('statistician-name')}})
elif role == "student":
schoolid = db.user.find_one({'_id':ObjectId(request.forms.get('userid'))},fields = ['schoolid'])['schoolid']
#pymongo update每次只能更新一条数据
for i in db.assessment.find():
db.assessment.update({"schoolid":i.get('schoolid'),"pro-others.schoolid":schoolid},{'$set':{"pro-others.$.name":request.forms.get('student-name'),"pro-others.$.schoolid":request.forms.get('schoolid'),"pro-others.$.sex":request.forms.get('sex')}})#注意这个update方法如何更新数组中数据
db.user.update({'_id':ObjectId(request.forms.get('userid'))},{'$set':{'name':request.forms.get('student-name'),'schoolid':request.forms.get('schoolid'),'sex':request.forms.get('sex')}})
elif "delete" in request.forms.keys():#删除用户
ids = [ObjectId(i) for i in request.forms.keys() if i != "delete" and i != 'all-select']
deleteusers = []
for id in ids:
deleteusers.append(db.user.find_one({"_id":id}))
for i in db.assessment.find():
for j in deleteusers:#利用$pull删除数组中数据
db.assessment.update({"schoolid":i.get('schoolid')},{'$pull':{"pro-others":{'schoolid':j.get('schoolid')}}},safe = True)
db.user.remove({"_id":{"$in":ids}},safe=True)
schoolids = [i.get('schoolid') for i in deleteusers]
db.assessment.remove({"schoolid":{"$in":schoolids}},safe=True)
users = db.user.find()
return jinja2_template('manage-user.html',user = user,app = chermongapp,users = users)