def post(self, request):
try:
username = request.META.get("HTTP_USERNAME")
user_id = request.data.get('user_id')
user = UserProfile.objects.get(username=username)
permission = user.permission
if permission not in ['superadmin', 'admin']:
return JsonResponse({"error_no": 2, "info": "您没有权限重置密码"})
if permission == 'superadmin':
userinfo = UserProfile.objects.get(id=user_id)
userinfo.password = make_password("123456")
userinfo.save()
create_history_record(username, '重置%s的密码' % userinfo.username)
make_message(userinfo.username, "已重置密码,请立即修改密码!", -1)
elif permission == 'admin':
company_id = user.company_id
userinfo = UserProfile.objects.get(id=user_id,
company_id=company_id)
if userinfo.permission == 'admin' or userinfo.permission == 'superadmin':
return JsonResponse({"error_no": -2, "info": "您没有权限重置密码"})
return JsonResponse({"error_no": 0, "info": "重置密码成功"})
except UserProfile.DoesNotExist:
return JsonResponse({"error_no": -2, "info": "没有这个用户"})
except Exception as e:
print(e)
return JsonResponse({"error_no": -1, "info": str(e)})
def post(self, request):
permission = request.user.permission
if permission not in ['superadmin', 'admin']:
return JsonResponse({"status": "fail", "msg": "您没有权限重置密码"})
user_id = request.POST.get('user_id')
userinfo = UserProfile.objects.get(id=user_id)
if userinfo.permission == 'admin' and permission == 'admin':
return JsonResponse({"status": "success", "msg": "您没有权限重置管理员的密码"})
userinfo.password = make_password("123456")
userinfo.save()
make_message(userinfo.username, "已重置密码,请立即修改密码!", -1)
return JsonResponse({"status": "success", "msg": "重置密码成功"})
def post(self, request):
username = request.user.username
user = UserProfile.objects.get(username=username)
# print(user.permission)
if (user.permission != "superadmin") and (user.permission != "admin"):
return JsonResponse({
'status': "fail",
'msg': '您没有权限注册其他账号'
})
password = request.POST.get('password', '')
if password == "":
password = '******'
# print(password)
permission = request.POST.get('permission', 'user')
company_id = request.POST.get('company', '')
username = request.POST.get('username', '')
if not username or UserProfile.objects.filter(username=username):
return JsonResponse({
'status': "fail",
'msg': '请检查用户名是否填写或重复'
})
if permission == "superadmin":
return JsonResponse({
'status': "fail",
'msg': '您没有权限注册超级管理员'
})
if permission == "admin" and user.permission != "superadmin":
return JsonResponse({
'status': "fail",
'msg': '您没有权限注册管理员'
})
user_profile = UserProfile()
user_profile.username = username
user_profile.password = make_password(password)
user_profile.permission = permission
user_profile.company_id = company_id
user_profile.save()
# 记录操作
if permission == "superadmin":
permission = "超级管理员"
elif permission == "admin":
permission = "管理员"
elif permission == "user":
permission = "用户"
elif permission == "other":
permission = "其他类型用户"
make_message(username, "初始密码过于简单,请立即修改密码!", -1)
create_history_record(user, "注册 %s 账号 %s" % (permission, username))
return JsonResponse({
'status': "success",
'msg': '注册成功'
})