def beats_data(id_num, con_time, current_time): """ :param id_num: :param con_time: :param current_time: :return: data = { 'id_num': id_num, 'station_alarms': station_alarms, 'plc_alarms': plc_alarms, 'station_info': info, 'data_alarms': alarm_data } """ r = ConnDB() # 获取心跳间隔时间内产生的报警 alarm_data = r.get('alarm_info') r.set('alarm_info', None) # print(alarm_data) # 获取 station_alarms = list() plc_alarms = list() session = Session() try: if con_time: station = session.query(StationAlarm).filter(con_time <= StationAlarm.time). \ filter(StationAlarm.time < current_time).all() for s in station: station_alarms.append(serialize(s)) plc = session.query(PLCAlarm). \ filter(con_time <= PLCAlarm.time).filter(PLCAlarm.time < current_time).all() for p in plc: plc_alarms.append(serialize(p)) finally: session.close() # 获取设备信息 info = station_info() data = { 'id_num': id_num, 's_a': station_alarms, 'p_a': plc_alarms, 'info': info, 'd_a': alarm_data } return data
def loginUser(self, User): isNoob = 0 std_query = db.GqlQuery("SELECT * FROM Student WHERE user = :1", User).fetch(1) student = {} if len(std_query) == 0: try: url = "https://mcommunity.umich.edu/mcPeopleService/people/" + User.nickname( ) result = urlfetch.fetch(url) info = json.loads(result.content) studentName = info['person']['displayName'] except: studentName = User.nickname() student = models.Student(user=User, courses=[], reminders=[], major="", advisor_email="", name=studentName, calID="") logging.warning(student) student.put() isNoob = 1 else: student = std_query[0] logging.warning(models.serialize(student)) context = { 'name': student.name, 'email': student.user.email(), 'major': student.major, 'advisor_email': student.advisor_email, 'logoutUrl': users.create_logout_url("/"), 'achievement': 89, 'noob': isNoob, 'admin': users.is_current_user_admin() } self.render_response('index.jade', **context) # create the courses calendar asynchronously if student.calID is None or student.calID == "": logging.warning('student calID is empty') calendar = utils.createCal() request = service.calendars().insert(body=calendar) created_cal = request.execute(http=decorator.http()) student.calID = created_cal["id"] else: logging.warning('student cal id already exists, it is %s' % student.calID) student.put()
def get(self): announcements = db.GqlQuery("SELECT * FROM Announcement") output = [] for x in announcements: output.append(models.serialize(x)) self.response.out.write(json.dumps(output))
def get(self): announcements = db.GqlQuery("SELECT * FROM Announcement") output = [] for x in announcements : output.append(models.serialize(x)) self.response.out.write(json.dumps(output))
def get_restaurants(borough): s = Session() q = s.query(Restaurant) if borough != 0: q = q.filter(Restaurant.borough == borough) ret = serialize(q.all()) resp = jsonify(ret) resp.headers['Access-Control-Allow-Origin'] = '*' return resp
def get_inspection(): ids = request.args.get('ids').split(',') s = Session() ret = serialize( s.query(Inspection).filter(Inspection.restaurant.in_(ids)).order_by( Inspection.restaurant.asc())) resp = jsonify(ret) resp.headers['Access-Control-Allow-Origin'] = '*' return resp
def get(self, id=None): try: if not id: customers = Customers.return_all() return jsonify({'customers': customers}) else: customer = Customers.return_one(id) return jsonify({'customer': serialize(customer)}) except: return {'message': 'Something went wrong'}, 500
def post(self): User = users.get_current_user() if User: student = db.GqlQuery("SELECT * FROM Student WHERE user = :1", User).get() #logging.warning("going to get credentials") #credentials = decorator.credentials #logging.warning("going to refresh credentials") #credentials.refresh(http=decorator.http()) #logging.warning("refreshed credentials") postData = json.loads(self.request.body) logging.warning(postData) newReminder = models.Reminder(parent=models.student_key(User)) newReminder.type = postData['type'] newReminder.title = postData['title'] newReminder.course_str = postData['course_str'] newReminder.completed = False newReminder.date = postData['date'] newReminder.start_time = postData['start_time'] newReminder.end_time = postData['end_time'] newReminder.course = postData['course'] newReminder.note = postData['note'] newReminder.id = int(time.time()) # do we need to rand here too? newReminder.eventid = "" newReminder.eventseq = -1 newReminder.alert_min = int(postData['alert_min']) newReminder.deleted = False newReminder.semester_id = "SP13" # eventually not hardcoded if postData['add_to_cal'] == True: newReminder.add_to_cal = True event = utils.createReminderEvent(postData) logging.warning(event) request = service.events().insert(calendarId=student.calID, body=event) response = request.execute(http=decorator.http()) if response is not None and response != "": logging.warning(json.dumps(response)) newReminder.eventid = response["id"] newReminder.eventseq = response["sequence"] else: newReminder.add_to_cal = False newReminder.put() logging.warning("added reminder to db") self.response.out.write(json.dumps(models.serialize(newReminder))) else: self.response.out.write("['auth':'fail']")
def post(self): User = users.get_current_user() if User: student = db.GqlQuery("SELECT * FROM Student WHERE user = :1", User).get() #logging.warning("going to get credentials") #credentials = decorator.credentials #logging.warning("going to refresh credentials") #credentials.refresh(http=decorator.http()) #logging.warning("refreshed credentials") postData = json.loads(self.request.body) logging.warning(postData) newReminder = models.Reminder(parent=models.student_key(User)) newReminder.type = postData['type'] newReminder.title = postData['title'] newReminder.course_str = postData['course_str'] newReminder.completed = False newReminder.date = postData['date'] newReminder.start_time = postData['start_time'] newReminder.end_time = postData['end_time'] newReminder.course = postData['course'] newReminder.note = postData['note'] newReminder.id = int(time.time()) # do we need to rand here too? newReminder.eventid = "" newReminder.eventseq = -1 newReminder.alert_min = int(postData['alert_min']) newReminder.deleted = False newReminder.semester_id = "SP13" # eventually not hardcoded if postData['add_to_cal'] == True : newReminder.add_to_cal = True event = utils.createReminderEvent(postData) logging.warning(event) request = service.events().insert(calendarId=student.calID, body=event) response = request.execute(http=decorator.http()) if response is not None and response != "" : logging.warning(json.dumps(response)) newReminder.eventid = response["id"] newReminder.eventseq = response["sequence"] else : newReminder.add_to_cal = False newReminder.put() logging.warning("added reminder to db") self.response.out.write(json.dumps(models.serialize(newReminder))) else : self.response.out.write("['auth':'fail']")
def loginUser(self, User): isNoob = 0 std_query = db.GqlQuery("SELECT * FROM Student WHERE user = :1", User).fetch(1) student = {} if len(std_query) == 0: try: url = "https://mcommunity.umich.edu/mcPeopleService/people/" + User.nickname() result = urlfetch.fetch(url) info = json.loads(result.content) studentName = info["person"]["displayName"] except: studentName = User.nickname() student = models.Student( user=User, courses=[], reminders=[], major="", advisor_email="", name=studentName, calID="" ) logging.warning(student) student.put() isNoob = 1 else: student = std_query[0] logging.warning(models.serialize(student)) context = { "name": student.name, "email": student.user.email(), "major": student.major, "advisor_email": student.advisor_email, "logoutUrl": users.create_logout_url("/"), "achievement": 89, "noob": isNoob, "admin": users.is_current_user_admin(), } self.render_response("index.jade", **context) # create the courses calendar asynchronously if student.calID is None or student.calID == "": logging.warning("student calID is empty") calendar = utils.createCal() request = service.calendars().insert(body=calendar) created_cal = request.execute(http=decorator.http()) student.calID = created_cal["id"] else: logging.warning("student cal id already exists, it is %s" % student.calID) student.put()
def get(self): User = users.get_current_user() if User: courses = db.GqlQuery("SELECT * FROM Course WHERE ANCESTOR IS :1", models.student_key(User)) output = [] for x in courses : output.append(models.serialize(x)) self.response.out.write(json.dumps(output)) else: self.response.out.write("['auth':'fail']")
def get(self): User = users.get_current_user() if User: courses = db.GqlQuery("SELECT * FROM Course WHERE ANCESTOR IS :1", models.student_key(User)) output = [] for x in courses: output.append(models.serialize(x)) self.response.out.write(json.dumps(output)) else: self.response.out.write("['auth':'fail']")
def get(self): User = users.get_current_user() if User: reminders = db.GqlQuery("SELECT * FROM Reminder WHERE ANCESTOR IS :1", models.student_key(User)) output = [] for x in reminders : #if(self.request.get('showAll') == "true" or x.completed == False): output.append(models.serialize(x)) self.response.out.write(json.dumps(output)) else: self.response.out.write("['auth':'fail']")
def get(self): User = users.get_current_user() if User: reminders = db.GqlQuery( "SELECT * FROM Reminder WHERE ANCESTOR IS :1", models.student_key(User)) output = [] for x in reminders: #if(self.request.get('showAll') == "true" or x.completed == False): output.append(models.serialize(x)) self.response.out.write(json.dumps(output)) else: self.response.out.write("['auth':'fail']")
def post(self): User = users.get_current_user() if User: student = db.GqlQuery("SELECT * FROM Student WHERE user = :1", User).get() info = json.loads(self.request.body) logging.warning(info) if student == None: self.response.out.write("student is null") return dup_course = db.GqlQuery( "SELECT * FROM Course WHERE ANCESTOR IS :1 AND id = :2", models.student_key(User), int(info["courseId"])).get() if dup_course != None: logging.warning("duplicate course") self.response.out.write("already in this course") return # create the courses calendar if it doesn't already exist if student.calID is None or student.calID == "": logging.warning('student calID is in fact empty') self.response.out.write( "student calendar is empty in api, not adding course") return else: logging.warning('student id is something else, it is %s' % student.calID) courseInfo = utils.createClassEvent(info) logging.warning(courseInfo) event = courseInfo["event"] request = service.events().insert(calendarId=student.calID, body=event) response = request.execute(http=decorator.http()) logging.warning(json.dumps(response)) newCourse = models.Course(parent=models.student_key(User)) newCourse.id = info["courseId"] newCourse.code = info["code"] newCourse.number = info["number"] newCourse.section = info["section"] newCourse.type = info["type"] newCourse.title = info["title"] newCourse.days = courseInfo["days"] newCourse.start_time = info["start_time"] newCourse.end_time = info["end_time"] newCourse.start = info["start"] newCourse.end = info["end"] newCourse.location = info["location"] newCourse.instructor = info["instructor"] newCourse.prof_email = info["prof_email"] newCourse.site_link = info["site_link"] newCourse.eventid = response["id"] newCourse.eventseq = response["sequence"] newCourse.semester_id = "SP13" # should not be hardcoded in the future newCourse.put() # respond with changes so backbone knows the id self.response.out.write(json.dumps(models.serialize(newCourse))) else: self.response.out.write("['auth':'fail']")
def get(self): par = sqlparm.parse_args() name = par.get('name', '') type = par.get('type', '') conn = pymysql.connect(host='127.0.0.1', port=3306, user='******', passwd='threaten', db='threaten') cursor = conn.cursor() if type == 'safe_orm1': # 正确示例1:以下使用sqlalchemy - orm方式,不会存在sql注入【首推荐】 data = serialize(Test.query.filter(Test.name == name).all()) return data elif type == 'safe_orm2': # 正确示例2:sqlalchemy - orm方式,不会存在sql注入【首推荐】 data = db.session.query(Test.name, Test.action).filter(Test.name == name) elif type == 'safe_api1': # 正确示例3:api_orm使用预编译【首推荐】 cursor.execute("select name,action from test where name=%s", (name)) data = cursor.fetchall() elif type == 'safe_api2': # 正确示例4:内置函数转义特殊符号 name = pymysql.escape_string(name) sql = "select name,action from test where name='%s'" % (name) cursor.execute(sql) data = cursor.fetchall() elif type == 'safe_api3': # 正确示例5:name=:name为预编译模式【首推荐】 stmt = text("SELECT name,action FROM test where name=:name") # query = db.session.query(Test.name, Test.action).from_statement(stmt).params(name=name) # 用法1-使用db query = SQLAlchemy().session.query( Test.name, Test.action).from_statement(stmt).params( name=name) # 用法2-使用Test类 data = query.all() elif type == 'safe_api4': # 正确示例6:自定义函数转义特殊符号 name = self.safe_sql_escape(name) sql = "select name,action from test where name='%s'" % (name) cursor.execute(sql) data = cursor.fetchall() elif type == 'notsafe_1': # 错误示例1:拼接用户输入,使用xx和xx' or '1'='1可验证 sql = "select name,action from test where name='%s'" % (name) cursor.execute(sql) data = cursor.fetchall() elif type == 'notsafe_2': # 错误示例2:拼接用户输入 sql = "select name,action from test where name='" + name + "'" cursor.execute(sql) data = cursor.fetchall() elif type == 'notsafe_3': # 错误示例3:拼接用户输入 sql = "select name,action from test where name='{0}'".format(name) cursor.execute(sql) data = cursor.fetchall() elif type == 'notsafe_4': # 错误示例4:拼接用户输入 sql = f"select name,action from test where name='{name}'" cursor.execute(sql) data = cursor.fetchall() cursor.close() conn.close() return dict(data)
def post(self): User = users.get_current_user() if User: student = db.GqlQuery("SELECT * FROM Student WHERE user = :1", User).get() info = json.loads(self.request.body) logging.warning(info) if student == None : self.response.out.write("student is null") return dup_course = db.GqlQuery("SELECT * FROM Course WHERE ANCESTOR IS :1 AND id = :2", models.student_key(User), int(info["courseId"])).get() if dup_course != None : logging.warning("duplicate course") self.response.out.write("already in this course") return # create the courses calendar if it doesn't already exist if student.calID is None or student.calID == "": logging.warning('student calID is in fact empty') self.response.out.write("student calendar is empty in api, not adding course") return else: logging.warning('student id is something else, it is %s' % student.calID) courseInfo = utils.createClassEvent(info) logging.warning(courseInfo) event = courseInfo["event"] request = service.events().insert(calendarId=student.calID, body=event) response = request.execute(http=decorator.http()) logging.warning(json.dumps(response)) newCourse = models.Course(parent=models.student_key(User)) newCourse.id = info["courseId"] newCourse.code = info["code"] newCourse.number = info["number"] newCourse.section = info["section"] newCourse.type = info["type"] newCourse.title = info["title"] newCourse.days = courseInfo["days"] newCourse.start_time = info["start_time"] newCourse.end_time = info["end_time"] newCourse.start = info["start"] newCourse.end = info["end"] newCourse.location = info["location"] newCourse.instructor = info["instructor"] newCourse.prof_email = info["prof_email"] newCourse.site_link = info["site_link"] newCourse.eventid = response["id"] newCourse.eventseq = response["sequence"] newCourse.semester_id = "SP13" # should not be hardcoded in the future newCourse.put() # respond with changes so backbone knows the id self.response.out.write(json.dumps(models.serialize(newCourse))) else: self.response.out.write("['auth':'fail']")