def usradd(): """添加用户""" if request.method == "GET": render_obj = {"type": "add"} return render_template('msbox/usrmanage-usr.html', render_obj=render_obj) else: workerid = request.form.get("workerid") usrname = request.form.get("usrname") password = request.form.get("password") depid = request.form.get("curdep_id") if not all([workerid, usrname, password, depid]): return jsonify(re_code=RET.PARAMERR, msg="提交用户参数有误") # 查询是否已经存在workerid stored_u = User.query.filter(User.workerid == workerid).first() if stored_u is not None: return jsonify(re_code=RET.PARAMERR, msg="该用户工号已被注册") u = User() u.workerid = workerid u.real_name = usrname u.password_hash = password u.dep_id = depid u.usrrole = "COMMON" try: db_session.add(u) db_session.commit() return jsonify(re_code=RET.OK, msg="添加用户成功") except Exception as e: pass return jsonify(re_code=RET.DBERR, msg="添加用户失败")
def usrmodi(): """修改用户信息""" usrid = request.args.get("usrid") u = User.query.filter(User.id == usrid).first() if u is None: return "对不起,你的访问异常" if request.method == "GET": render_obj = {"type": "modi", 'cur_usr': u.to_detail_dict()} return render_template('msbox/usrmanage-usr.html', render_obj=render_obj) else: workerid = request.form.get("workerid") usrname = request.form.get("usrname") depid = request.form.get("curdep_id") password = request.form.get("password") if not all([workerid, usrname, depid]): return jsonify(re_code=RET.PARAMERR, msg="提交用户参数有误") try: u.workerid = workerid u.real_name = usrname u.dep_id = depid if password is not None and password != '': u.password_hash = password db_session.commit() return jsonify(re_code=RET.OK, msg="修改用户成功") except Exception as e: return jsonify(re_code=RET.DBERR, msg="修改用户失败,请稍后重试")
def systemadd(): """添加接入系统""" if request.method == "GET": render_obj = {"type": "add"} return render_template('msbox/sysmanage-sys.html', render_obj=render_obj) else: sysname = request.form.get("sysname") sysip = request.form.get("sysip") sysport = request.form.get('sysport') sysurl = request.form.get('sysurl') sysdesc = request.form.get('sysdesc') if not all([sysname, sysip, sysport, sysurl, sysdesc]): return jsonify(re_code=RET.PARAMERR, msg="参数不完整") try: newsys = ServiceSystem(sysname=sysname, sysip=sysip, sysport=sysport, sysurl=sysurl, sysdescription=sysdesc) newsys.status = "CLOSED" # 默认关闭 # 生成appkey和appsecrect newsys.appkey = str(uuid.uuid4()) newsys.appsecrect = generate_secrectkey( newsys.appkey, config[APP_ENV].SECRET_KEY) # appsecrect db_session.add(newsys) db_session.commit() return jsonify(re_code=RET.OK, msg="添加系统成功") except Exception as e: return jsonify(re_code=RET.DBERR, msg="添加系统失败,请稍后重试!")
def changepwd(): """修改密码""" usrid = session.get("user_id") oldpwd = request.form.get("oripass") newpwd = request.form.get("newpass") surepwd = request.form.get("surepass") if not all([newpwd, surepwd]): return jsonify(re_code=RET.PARAMERR, msg="参数不完整") if newpwd != surepwd: return jsonify(re_code=RET.PARAMERR, msg="两次密码输入不一致") try: u = User.query.filter(User.id == usrid).first() if not u.check_password(oldpwd): return jsonify(re_code=RET.PARAMERR, msg="旧密码错误") if u.check_password(newpwd): return jsonify(re_code=RET.PARAMERR, msg="新密码不能与现有的密码重复") u.password_hash = newpwd db_session.commit() session.pop("user_id") session.pop("user_name") return jsonify(re_code=RET.OK, msg="修改密码成功,请重新登录") except Exception as e: return jsonify(re_code=RET.DBERR, msg="修改密码失败,请稍后重试")
def clientFetchData(): """ 批量更新消息的状态,然后返回最新的消息 :return: """ # 获取工号和消息编号 jsonobj = request.json workerid = jsonobj.get("workerid") msgslist = jsonobj.get("msgs") if workerid is None: return jsonify(re_code=RET.PARAMERR, msg="用户参数有误") # 根据workerid查询用户的信息 usr = User.query.filter(User.workerid == workerid).first() if usr is None: return jsonify(re_code=RET.PARAMERR, msg="工号非法") try: if msgslist is not None and len(msgslist) > 0: # 根据消息编号更新信息 msg_tuple = tuple(msgslist) SystemMessage.query.filter(SystemMessage.id.in_(msg_tuple)).update( {SystemMessage.msg_status: 'WAITTING_READ'}, synchronize_session=False) db_session.commit() # 抓取所有的数据 return jsonify(re_code=RET.OK, data=get_usr_msg(workerid)) except Exception as e: print(e) return jsonify(re_code=RET.DBERR, msg="更新数据失败,请稍后重试")
def addorg(): """新增组织: 0.校验请求参数 1.添加组织 3.返回相应结果 """ depname = request.form.get('orgname') pid = request.form.get('pid') # 校验数据 if not all([depname, pid]): return jsonify(re_code=RET.PARAMERR, msg="传递参数有误") # 判断父节点是否存在 exit = True if pid != '0': exit = db_session.query( exists().where(Organization.id == pid)).scalar() if exit: newOrg = Organization(depname=depname, pid=pid) try: db_session.add(newOrg) db_session.commit() # 查询新的组织结构 orgs = db_session.query(Organization).filter( Organization.pid >= 0).all() result = [v.to_dict() for v in orgs] return jsonify(re_code=RET.OK, msg="新增组织成功", data=result) except Exception as e: return jsonify(re_code=RET.DBERR, msg="保存组织失败") else: return jsonify(re_code=RET.PARAMERR, msg="父节点不存在")
def pushmsg(): """ 推送消息:{tousr:'',url:'',des:''} 0.校验所传递参数 1.校验系统是否存在,并且为开启的状态 2.校验用户是否存在 3.将消息入库,并标记未读取(同时尝试推送客户端) :return: """ appkey = request.args.get("appkey", None) jsonobj = request.json if not all([appkey, jsonobj]): return jsonify(re_code=RET.PARAMERR, msg="提交参数有误") touser = jsonobj.get("tousr") url = jsonobj.get("url") des = jsonobj.get("des") if not all([touser, url, des]): return jsonify(re_code=RET.PARAMERR, msg="参数不完整") # 验证url if not re.match( r"http[s]?://(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+", url): return jsonify(re_code=RET.PARAMERR, msg="url格式非法") # 校验系统 sys = ServiceSystem.query.filter(ServiceSystem.appkey == appkey).first() if not sys or sys and sys.status == "CLOSED": return jsonify(re_code=RET.PARAMERR, msg="查无次系统") # 校验用户 usr = User.query.filter(User.workerid == touser).first() if usr is None: return jsonify(re_code=RET.PARAMERR, msg="发送消息失败,该用户不存在,请联系管理员添加当前用户(工号):" + touser) # 消息入库 msg = SystemMessage() msg.from_sys_id = sys.id msg.to_usr_id = usr.id msg.msg_title = des msg.msg_url = url msg.msg_status = "WAITTING_SEND" # 待发送 msg.msg_push_time = datetime.datetime.now() try: db_session.add(msg) db_session.commit() try: # todo:推送给客户端消息 websocket_pushmsg( { "msg_id": msg.id, "msg_title": msg.msg_title, "msg_url": msg.msg_url }, usr.workerid) except: # 默认继续处理 pass return jsonify(re_code=RET.OK, msg="推送消息成功") except Exception as e: return jsonify(re_code=RET.DBERR, msg="推送消息失败,请稍后重试")
def usrdel(): """删除用户信息""" usrid = request.args.get("usrid") u = User.query.filter(User.id == usrid).first() if u is None: return jsonify(re_code=RET.NODATA, msg="用户不存在") try: db_session.delete(u) db_session.commit() except Exception as e: return jsonify(re_code=RET.PARAMERR, msg="删除失败") return jsonify(re_code=RET.OK, msg="删除成功!")
def stopsys(): """关闭系统""" sysid = request.args.get("sysid") sys = ServiceSystem.query.filter(ServiceSystem.id == sysid).first() if sys is None: return jsonify(re_code=RET.PARAMERR, msg="不存在该系统") try: sys.status = "CLOSED" db_session.commit() return jsonify(re_code=RET.OK, msg="关闭系统成功") except Exception as e: return jsonify(re_code=RET.DBERR, msg="关闭系统失败")
def delorg(): """删除组织""" id = request.args.get("orgid") if id is None: return jsonify(re_code=RET.PARAMERR, msg="组织编号有误") try: Organization.query.filter(Organization.id == id).delete() db_session.commit() # 查询新的组织结构 orgs = db_session.query(Organization).filter( Organization.pid >= 0).all() result = [v.to_dict() for v in orgs] return jsonify(re_code=RET.OK, msg="删除组织成功", data=result) except Exception as e: return jsonify(re_code=RET.DBERR, msg="删除组织失败,请检查该组织下是否有用户")
def update_hasread(): """ 更新消息的状态已被阅读 :return: """ msgid = request.args.get("msgid") if not msgid: return jsonify(re_code=RET.PARAMERR, msg="提交参数有误") msg = SystemMessage.query.filter(SystemMessage.id == msgid).first() if msg is None: return jsonify(re_code=RET.PARAMERR, msg="查无消息") try: msg.msg_status = "HAVE_READED" db_session.commit() return jsonify(re_code=RET.OK, msg="修改消息状态成功") except Exception as e: return jsonify(re_code=RET.DBERR, msg="更新失败,请稍重试")
def removesys(): """删除系统""" sysid = request.args.get("sysid") if sysid is None: return jsonify(re_code=RET.PARAMERR, msg="获取appkey和appsecrect失败") sys = ServiceSystem.query.filter(ServiceSystem.id == sysid).first() if sys is None: return jsonify(re_code=RET.PARAMERR, msg="不存在该系统") if sys.status == "OPENING": return jsonify(re_code=RET.PARAMERR, msg="已运行的系统不能删除") try: db_session.delete(sys) db_session.commit() except Exception as e: return jsonify(re_code=RET.DBERR, msg="删除系统失败") return jsonify(re_code=RET.OK, msg="删除成功")
def modiorg(): """修改组织名称""" id = request.form.get("id") orgname = request.form.get("orgname") if not all([id, orgname]): return jsonify(re_code=RET.PARAMERR, msg="参数有误") else: try: org = Organization.query.filter(Organization.id == id).first() org.depname = orgname db_session.commit() # 查询新的组织结构 orgs = db_session.query(Organization).filter( Organization.pid >= 0).all() result = [v.to_dict() for v in orgs] return jsonify(re_code=RET.OK, msg="修改组织成功", data=result) except Exception as e: return jsonify(re_code=RET.DBERR, msg="更新组织失败")
def modisys(): """修改系统信息""" sysid = request.args.get("sysid") sys = ServiceSystem.query.filter(ServiceSystem.id == sysid).first() if sys is None: return jsonify(re_code=RET.PARAMERR, msg="不存在该系统") if sysid is None: return jsonify(re_code=RET.PARAMERR, msg="获取appkey和appsecrect失败") if request.method == 'GET': render_obj = {"type": "modi", "cursys": sys} return render_template("msbox/sysmanage-sys.html", render_obj=render_obj) else: sysname = request.form.get("sysname") sysip = request.form.get("sysip") sysport = request.form.get('sysport') sysurl = request.form.get('sysurl') sysdesc = request.form.get('sysdesc') if not all([sysname, sysip, sysport, sysurl, sysdesc]): return jsonify(re_code=RET.PARAMERR, msg="参数不完整") try: sys.sysname = sysname sys.sysip = sysip sys.sysport = sysport sys.sysurl = sysurl sys.sysdesc = sysdesc sys.appkey = str(uuid.uuid4()) sys.appsecrect = generate_secrectkey( sys.appkey, config[APP_ENV].SECRET_KEY) # appsecrect db_session.commit() return jsonify(re_code=RET.OK, msg="修改系统成功,appkey和appsecrect已被重置!") except Exception as e: return jsonify(re_code=RET.DBERR, msg="修改系统失败,请稍后重试!")