def check_rights(right, target=None, token=None, user_id=None):
"""
检查权限
:param right:目标权限
:param target: 目标附加值(可选)
:param token: token(可选)
:param user_id: 用户id(可选)
:return:boolean
"""
if not token and not user_id:
return False
user_info = database.get('User', [
or_(
database.get_model('User').ID == user_id,
database.get_model('User').token == token)
],
first=True)
if user_info:
rights_info = database.get(
'UserRight',
[database.get_model('UserRight').user_id == user_info.ID])
for item in rights_info:
if check_right(item.user_right, right, target, item.target):
return True
return False
def login():
user_name = request.form['username']
password = request.form['password']
user_info = database.get('User', [
or_(database.get_model('User').username == user_name, database.get_model('User').Snum == user_name, ),
database.get_model('User').password == generate_password(password), ], first=True)
if user_info:
face_vector = request.form['face_vector'].split(',')
face_vector1 = []
for i in face_vector:
face_vector1.append(float(i))
if user_info.face_vector:
standard_vector = user_info.face_vector.split(',')
standard_vector1 = []
for i in standard_vector:
standard_vector1.append(float(i))
if check_face_vector(face_vector1, standard_vector1):
res = database.update('User', [or_(database.get_model('User').username == user_name,
database.get_model('User').Snum == user_name, )],
{'token': new_token()})
if res:
record_user_action(2, user_id=user_info.ID)
return reply_json(1, {'token': res.token})
else:
return reply_json(-1)
return reply_json(-8)
return reply_json(-8)
return reply_json(-6)
def get_user_model(user_id=None, token=None):
"""
通过token或者用户id获取用户实例
:param user_id: 用户id
:param token: token
:return: model(未知用户=None)
"""
return database.get('User',
[or_(database.get_model('User').token == token, database.get_model('User').ID == user_id)],
first=True)
def change_face_vector():
"""
修改人脸识别信息
:return:
"""
token = request.form['token']
if database.get('User', [database.get_model('User').token == token], first=True):
face_vector = request.form['face_vector']
user_info = database.update('User', [database.get_model('User').token == token],
{'face_vector': face_vector})
if user_info:
return reply_json(1)
return reply_json(-1)
return reply_json(0)
def get_comment():
"""
获取评论
:return:
"""
article_id = request.values.get('article_id')
comments = database.get('Comment', [
or_(database.get_model('Comment').father is None, database.get_model('Comment').father == ''),
database.get_model('Comment').article_id == article_id])
data = []
for item in comments:
children = database.get('Comment', [database.get_model('Comment').father == item.ID])
father = item.get_dict(formatted=True)
father.update({'children': get_dicts_from_models(children, formatted=True)})
data.append(father)
return reply_json(1, data)
def __init__(self):
super().__init__(RIGHTS_CODE_LIST['DeleteComment'])
self.comment_id = int(request.form['comment_id']) if request.method == 'POST' else \
int(request.values.get('comment_id'))
self.comment = database.get('Comment', [database.get_model('Comment').ID == self.comment_id])
if not self.comment:
raise self.RightInitFailException()
def get_tag_children(tag_id):
"""
获取tag的子目录
:param tag_id: tag id
:return: dict
"""
children = database.get('Tag',
[database.get_model('Tag').father == tag_id])
return get_dicts_from_models(children, get_children=True)
def get_articles():
"""
获取文章列表
:return:
"""
tag_id = request.values.get('tag_id')
articles = database.get('Article',
[database.get_model('Article').tag == tag_id])
return reply_json(1, get_dicts_from_models(articles, formatted=True))
def record_user_action(code, target=None, token=None, user_id=None):
if not token and not user_id:
return False
user_info = database.get('User', [
or_(
database.get_model('User').ID == user_id,
database.get_model('User').token == token)
],
first=True)
if database.add(
'UserAction', {
'user_id': user_info.ID,
'type': code,
'desc': USER_ACTION_LIST[code],
'target': target
}):
return True
return False
def delete_comment():
"""
删除评论
:return:
"""
comment_id = request.form['comment_id']
if database.delete('Comment', [database.get_model('Comment').ID == comment_id]):
return reply_json(1)
return reply_json(-1)
def delete_tag():
"""
清除tag
:return:
"""
tag_id = request.form['tag_id']
flag = database.delete('Tag', [database.get_model('Tag').ID == tag_id])
if flag:
return reply_json(1)
return reply_json(-1)
def get_rights_by_token(self) -> list:
"""
通过token来获取对应用户的所有基础权限
:return: 权限列表
"""
data = []
rights = database.get(
'UserRight',
[database.get_model('UserRight').user_id == self.user_id])
for item in rights:
if item.right_type == 0:
data.append(item.get_dict(check=True))
elif item.right_type == 1:
group_rights = database.get('UserGroupRights', [
database.get_model('UserGroupRights').group_id
== item.user_right
])
data += get_dicts_from_models(group_rights, check=True)
return data
def get_history():
"""
获取历史列表
:return:
"""
article_id = request.values.get('article_id')
history = database.get(
'History', [database.get_model('History').article_id == article_id])
data = get_dicts_from_models(history, formatted=True)
return reply_json(1, data)
def check_s_num():
"""
检查学号是否可以被注册
:return:
"""
s_num = request.values.get('s_num')
user_info = database.get('User', [database.get_model('User').Snum == s_num], first=True)
if user_info:
return reply_json(1) if not user_info.password else reply_json(-9)
return reply_json(-10)
def delete_user():
"""
清除用户
:return:
"""
user_id = request.form['user_id']
flag = database.delete('User', [database.get_model('User').ID == user_id])
if flag:
return reply_json(1)
return reply_json(-1)
def new_token():
"""
获取一个不重复的token
:return: token
"""
token = random_char()
check = database.get('User', [get_model('User').token == token])
if check:
return new_token() # 递归调用
return token
def __init__(self):
super().__init__()
self.history_id = int(request.form['history_id']) if request.method == 'POST' else \
int(request.values.get('history_id'))
article = database.get(
'History', [database.get_model('History').ID == self.history_id],
first=True)
if not article:
raise self.RightInitFailException()
self.article_id = article.article_id
def get_father_tag(father_id, tag_list):
"""
获取父tag
:return:
"""
father = database.get('Tag', [database.get_model('Tag').ID == father_id],
first=True)
if father:
tag_list.insert(0, father.ID)
get_father_tag(father.father, tag_list)
def get_face_vector():
"""
获取面部向量
:return:
"""
user_name = request.form['username']
password = request.form['password']
user_info = database.get('User', [
or_(database.get_model('User').username == user_name, database.get_model('User').Snum == user_name, ),
database.get_model('User').password == generate_password(password), ], first=True)
if user_info:
if user_info.face_vector:
vector = user_info.face_vector.split(',')
data = []
for i in vector:
data.append(float(i))
return reply_json(1, {'face_vector': data})
return reply_json(3)
return reply_json(-6)
def update_new_api():
"""
从旧new_api升级到新new_api
:return:
"""
username = request.form['username']
password = request.form['password']
user_info = database.get('User', [
or_(database.get_model('User').username == username, database.get_model('User').Snum == username, ),
database.get_model('User').password == generate_password(password), ], first=True)
if user_info:
face_vector = request.form['face_vector']
flag = database.update('User', [database.get_model('User').ID == user_info.ID],
{'face_vector': face_vector})
if flag:
database.add('UserRight', {'user_right': -1 if user_info.group == 1 else 0, 'user_id': user_info.ID})
return reply_json(1)
return reply_json(-1)
return reply_json(0)
def delete_article():
"""
清除文章
:return:
"""
article_id = request.form['article_id']
flag = database.delete('Article',
[database.get_model('Article').ID == article_id])
if flag:
return reply_json(1)
return reply_json(-1)
def get_article_tag():
"""
获取文章标题
:return:
"""
article_id = request.values.get('article_id')
tags = database.get(
'ArticleTag',
[database.get_model('ArticleTag').article_id == article_id])
data = get_dicts_from_models(tags)
return reply_json(1, data=data)
def get_history_article():
"""
获取历史文章
:return:
"""
history_id = request.values.get('history_id')
history = database.get('History',
[database.get_model('History').id == history_id],
first=True)
return reply_json(1, history.get_dict(
formatted=True)) if history else reply_json(-7)
def delete_article_tag():
"""
清除文章标签
:return:
"""
tag_id = request.form['tag_id']
flag = database.delete('ArticleTag',
[database.get_model('ArticleTag').id == tag_id])
if flag:
return reply_json(1)
return reply_json(-1)
def get_tag_article(tag_id):
"""
获取tag树中的文章
:param tag_id:tag id
:return:dict
"""
articles = database.get('Article',
[database.get_model('Article').tag == tag_id])
data = []
for article in articles:
data.append(article.get_tag_format())
return data
def change_password():
"""
修改密码
:return:
"""
token = request.form['token']
password = request.form['password']
user_info = database.update('User', [database.get_model('User').token == token],
{'password': generate_password(password)})
if user_info:
return reply_json(1)
return reply_json(-1)
def get_article():
"""
获取article
:return:
"""
article_id = request.values.get('article_id')
article_info = database.get(
'Article', [database.get_model('Article').ID == article_id],
first=True)
if article_info:
data = article_info.get_dict(formatted=True)
return reply_json(1, data)
return reply_json(-7)
def get_tag_list():
"""
获取tag链
:return:
"""
tag_id = request.values.get('tag_id')
tag_info = database.get('Tag', [database.get_model('Tag').ID == tag_id],
first=True)
if tag_info:
data = [tag_info.ID]
get_father_tag(tag_info.father, data)
return reply_json(1, data)
return reply_json(-5)
def add_user():
"""
添加新用户
:return:
"""
s_num = request.form['s_num']
if not database.get('User', [database.get_model('User').Snum == s_num], first=True):
group = request.form['group']
flag = database.add('User', {'Snum': s_num, 'group': group, 'face_vector': ''})
if flag:
return reply_json(1)
return reply_json(-1)
return reply_json(-9)
def register():
"""
注册功能
:return:
"""
s_num = request.form['s_num']
user_info = database.get('User', [database.get_model('User').Snum == s_num], first=True)
if user_info:
if not user_info.password:
username = request.form['username']
if database.get('User', [database.get_model('User').username == username]):
return reply_json(-11)
password = request.form['password']
face_vector = request.form['face_vector']
flag = database.update('User', [database.get_model('User').Snum == s_num],
{'password': generate_password(password), 'username': username,
'face_vector': face_vector})
if flag:
database.add('UserRight', {'user_right': flag.group, 'user_id': flag.ID})
return reply_json(1)
return reply_json(-1)
return reply_json(-9)
return reply_json(-10)
