def put(self):
req = edit_biz.parse_args(strict=True)
bid = req["id"]
name = req["name"]
appid = req.get("appid")
# 业务系统不允许重名
# 查询一下这个 name 存不存在
if name and TbBusiness.query.filter(TbBusiness.name == name,
TbBusiness.code != bid).first():
return Msg.BUSINESS_NAME_ALREADY_EXIST, 400
business = TbBusiness.query.filter_by(code=bid).first()
if not business:
return Msg.BUSINESS_NOT_EXIST, 400
business.name = name
business.appid = str(uuid4()).replace("-",
"") if appid else business.appid
msg = "SUPPORT | B_USER | EDIT_BUSINESS | SUCCESS | USER: {} {} | BUSINESS: {} {}".format(
request.current_user.code, request.current_user.name,
business.code, business.name)
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="BUSINESS",
type="EDIT")
db.session.add(operation)
db.session.commit()
app.logger.info(msg)
return {}, 200
def post(self):
req = add_user.parse_args(strict=True)
merchant = TbMerchant.query.filter_by(code=req["merchantId"]).first()
if not TbMerchant:
return Msg.MERCHANT_NOT_EXIST, 400
phone = req["mobile"]
if len(phone) != 11 or TbUser.query.filter_by(phone=phone).first():
return Msg.PHONE_USED, 400
user = TbUser(
phone=phone,
name=req.get("name"),
sex=req.get("sex"),
wechat=req.get("wechat"),
qq=req.get("qq"),
mail=req.get("mail"),
address=req.get("address"),
merchant_code=merchant.code,
)
user.generate_password("123456")
merchant.users.append(user)
db.session.add(user)
db.session.commit()
user.code = str(1000000000 + user.id)
msg = "SUPPORT | B_USER | EDIT_USER | SUCCESS | EDITOR: {} {} | USER: {} {} | MERCHANT: {} {}".format(
request.current_user.code, request.current_user.name, user.code,
user.name, merchant.code, merchant.name)
operation = TbOperation(operator_code=user.code,
content=msg,
category="USER_MANAGE",
type="ADD")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def post(self):
req = add_biz.parse_args(strict=True)
user = request.current_user
name = req["name"]
appid = req["appid"]
if TbBusiness.query.filter_by(name=name).first():
return Msg.BUSINESS_NAME_ALREADY_EXIST, 400
business = TbBusiness(
name=name,
appid=str(uuid4()).replace("-", "") if appid else None,
creator=user)
if user.merchant:
mer_biz = TbMerchantBusiness(merchant_code=user.merchant.code,
business_code=business.code)
db.session.add(mer_biz)
business.merchant.add(user.merchant)
db.session.add(business)
db.session.commit()
business.code = str(business.id + 1200000000)
msg = "SUPPORT | B_USER | ADD_BUSINESS | SUCCESS | USER: {} {} | BUSINESS: {} {}".format(
user.code, user.name, business.code, business.code, business.name)
operation = TbOperation(operator_code=user.code,
content=msg,
category="BUSINESS",
type="ADD")
db.session.add(operation)
db.session.commit()
app.logger.info(msg)
return {}, 200
def post(self):
schema = Schema({"name": And(str, len), "production": And(str, len)})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
name = req["name"]
if TbMerchant.query.filter_by(name=name).first():
return Msg.MERCHANT_NAME_ALREADY_EXIST, 400
mer = TbMerchant(name=name)
db.session.add(mer)
db.session.commit()
mer.code = "{:08}".format(mer.id)
pro = TbProduction(name=req["production"],
merchant_code=mer.code,
status=True)
mer.production.append(pro)
db.session.add(pro)
db.session.commit()
pro.code = str(pro.id + 1600000000)
msg = "SUPPORT | B_USER | ADD_MERCHAT | SUCCESS | USER: {} {} | MERCHAT: {} {} | PRODUCTION: {} {}".format(
request.current_user.code, request.current_user.name, mer.code,
mer.name, pro.code, pro.name)
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="MERCHANT",
type="ADD")
db.session.add(operation)
db.session.commit()
app.logger.info(msg)
return {}, 200
def put(self):
schema = Schema({
"id": And(str),
"businessId": And(str),
"path": And(str, len),
"method": And(str, len),
"name": And(str, len),
"visible": And(bool)
})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
interface = TbInterface.query.filter_by(code=req["id"]).first()
if not interface:
return Msg.INTERFACE_NOT_EXIST, 400
business = TbBusiness.query.filter_by(code=req["businessId"]).first()
if not business:
return Msg.BUSINESS_NOT_EXIST, 400
interface.name = req["name"]
interface.path = req["path"]
interface.method = req["method"]
interface.business_code = business.code
interface.visible = req["visible"]
msg = "SUPPORT | B_USER | EDIT_INTERFACE | SUCCESS | USER: {} {} | INTERFACE: {} {} {}".format(
request.current_user.code, request.current_user.name, interface.code, interface.name, interface.path)
operation = TbOperation(operator_code=request.current_user.code, content=msg, category="INTERFACE", type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
schema = Schema({
"id": And(str),
"businessId": And(str),
"path": And(str, len),
"name": And(str, len),
"visible": And(bool)
})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
menu = TbMenu.query.filter_by(code=req["id"]).first()
if not menu:
return Msg.MENU_NOT_EXIST, 400
business = TbBusiness.query.filter_by(code=req["businessId"]).first()
if not business:
return Msg.BUSINESS_NOT_EXIST, 400
menu.name = req["name"]
menu.path = req["path"]
menu.business_code = business.code
menu.visible = req.get("visible")
msg = "SUPPORT | B_USER | EDIT_MENU | SUCCESS | USER: {} {} | MENU: {} {} {}".format(
request.current_user.code, request.current_user.name, menu.code, menu.name, menu.path)
operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MENU", type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
"""
修改用户密码
"""
req = modify_password.parse_args(strict=True)
if req["newPassword"] != req["verifyPassword"]:
return Msg.PARAMS_ERROR, 400
user = request.current_user
if user.verify_password(req["oldPassword"]):
user.generate_password(req["newPassword"])
db.session.commit()
key = "support_jwt_{}".format(request.current_user.code)
redis_delete(key)
msg = "SUPPORT | B_USER | MODIFY_PASSOWRD | SUCCESS | USER_CODE: {} | USER_NAME: {}".format(
user.code, user.name)
operation = TbOperation(operator_code=user.code,
content=msg,
category="USER",
type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
return Msg.OLD_PASSWORD_ERROR, 400
def put(self):
"""更新产品信息"""
schema = Schema({
"production_code": And(str),
"appkey": And(str),
"appid": And(str),
"sign": And(str)
})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
production = TbProduction.query.filter_by(
code=req["production_code"]).first()
if not production:
return Msg.PRODUCTION_NOT_EXIST, 400
production.sms_appkey = req["appkey"]
production.sms_appid = req["appid"]
production.sms_sign = req["sign"]
msg = "SUPPORT | B_USER | UPDATE_PRODUCTION | SUCCESS | EDITOR: {} {} | PRODUCTION: {} {} | MERCHANT: {} {}".\
format(request.current_user.code, request.current_user.name, production.code, production.name,
production.merchant.code, production.merchant.name)
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="PRODUCTION",
type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def post(self):
schema = Schema({"name": And(str, len), "businessId": And(str), "interface": [str], "menu": [str]})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
user = request.current_user
name = req["name"]
business_code = req["businessId"]
# 只允许 admin 用户添加用户中心角色
if not user.is_admin and business_code == get_business_code():
logger.info("SUPPORT | B_USER | ADD_ROLE | FAILED | USER: {} {} | REASON | {}".format(
user.code, user.name, "user has not permission to add a role"))
return Msg.PARAMS_ERROR, 400
# 检测角色名是否重复
"""
逻辑如下:
超级管理员: 检测 name + merchant + business == None 唯一
普通用户: 检测 name + merchant + business 是否唯一
"""
condition = [TbRole.name == name, TbRole.business_code == business_code]
if user.merchant:
condition.append(TbRole.merchant_code == user.merchant_code)
else:
condition.append(TbRole.merchant_code == None)
role = TbRole.query.filter(*condition).first()
if role:
return Msg.ROLE_NAME_ALREADY_EXIST, 400
biz = TbBusiness.query.filter_by(code=business_code).first()
if not biz:
return Msg.BUSINESS_NOT_EXIST, 400
role = TbRole(name=name, creator_code=user.code, business_code=biz.code)
try:
db.session.add(role)
user.create_roles.append(role)
biz.roles.append(role)
if user.merchant:
user.merchant.roles.append(role)
role.merchant_code = user.merchant.code
data = role_insert(role, req["interface"], req["menu"])
if data == {}:
role.code = str(1300000000 + role.id)
msg = "SUPPORT | B_USER | ADD_ROLE | SUCCESS | USER: {} {} | ROLE: {} {}".format(
user.code, user.name, role.code, role.name)
operation = TbOperation(operator_code=user.code, content=msg, category="ROLE", type="ADD")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return data, 200
else:
db.session.rollback()
return data, 400
except Exception as e:
logger.info("add role failed, error: {}".format(str(e)))
db.session.rollback()
return Msg.ADD_ROLE_FAILED, 400
def put(self):
schema = Schema({
"id": And(str),
"name": And(str, len),
"businessId": And(str),
"interface": [str],
"menu": [str]})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
user = request.current_user
code = req["id"]
name = req.get("name")
business_code = req.get("businessId")
interface = req.get("interface")
menu = req.get("menu")
condition = [TbRole.name == name, TbRole.code != code, TbRole.business_code == business_code]
if user.merchant:
condition.append(TbRole.merchant_code == user.merchant_code)
else:
condition.append(TbRole.merchant_code == None)
dup_role = TbRole.query.filter(*condition).first()
if dup_role:
return Msg.ROLE_NAME_ALREADY_EXIST, 400
biz = TbBusiness.query.filter_by(code=business_code).first()
if not biz:
return Msg.BUSINESS_NOT_EXIST, 400
role = TbRole.query.filter_by(code=code).first()
# 只允许 admin 用户修改用户中心角色
if not user.is_admin and role.business.appid == app.config["USER_CENTER"]:
msg = "SUPPORT | B_USER | EDIT_ROLE | FAILED | USER: {} {} | ROLE: {} {} | REASON | {}".format(
user.code, user.name, role.code, role.name, "user has not permission to edit role")
logger.info(msg)
return Msg.PARAMS_ERROR, 400
if not role:
return Msg.ROLE_NOT_EXIST, 400
role.name = name
role.interface.clear()
role.menu.clear()
role.business = biz
data = role_insert(role, interface, menu)
if data == {}:
msg = "SUPPORT | B_USER | EDIT_ROLE | SUCCESS | USER: {} {} | ROLE: {} {}".format(
user.code, user.name, role.code, role.name)
operation = TbOperation(operator_code=user.code, content=msg, category="ROLE", type="ADD")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return data, 200
else:
db.session.rollback()
return data, 400
def put(self):
"""
"""
schema = Schema({
"user_code": And(str),
"category": And(Use(int), lambda x: x in list(ConfigNameMap.name.keys())),
}, ignore_extra_keys=True)
req, error = validate_schema(schema, request.json)
if error:
return error, 400
user = TbUser.query.filter_by(code=request.json.pop("user_code")).first()
# 解锁
release_lock(req, user)
request.json.pop("category")
category = ConfigNameMap.name[req["category"]]
if not user:
return Msg.USER_NOT_EXISTS, 400
# 处理 VERSION
version = get_version(category)
# 处理 python 精度问题
request.json["VERSION"] = round(version + 0.1, 2)
# support 的配置里面需要隔离掉 SQLALCHEMY_DATABASE_URI
if category == ConfigNameMap.SUPPORT and request.json.get("SQLALCHEMY_DATABASE_URI"):
request.json.pop("SQLALCHEMY_DATABASE_URI")
data = {
"config": request.json,
"creator_name": user.name,
"creator_code": user.code,
"create_time": utc_timestamp(),
"category": category,
"is_sync": False
}
msg = "SUPPORT | MONITOR | EDIT_CONFIG | SUCCESS | USER: {} {} | CATEGORY: {}".format(
user.code, user.name, category)
try:
support_config_storage.insert_one(data)
operation = TbOperation(
operator_code=user.code,
content=msg,
operate_time=utc_timestamp(),
category=category,
type="EDIT"
)
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
except Exception as e:
logger.warn("SUPPORT | MONITOR | EDIT_CONFIG | FAILED | CATEGORY: {}| ERROR: {}".format(category, str(e)))
return Msg.UPDATE_CONFIG_FAILED, 400
def delete(self):
req = delete_menu.parse_args(strict=True)
menu = TbMenu.query.filter_by(code=req["id"]).first()
msg = "SUPPORT | B_USER | DELETE_MENU | SUCCESS | USER: {} {} | MENU: {} {} {}".format(
request.current_user.code, request.current_user.name, menu.code, menu.name, menu.path)
operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MENU", type="DELETE")
db.session.add(operation)
logger.info(msg)
try:
db.session.delete(menu)
db.session.commit()
except Exception as e:
pass
finally:
return {}, 200
def post(self):
schema = Schema({
"businessId": And(str),
"interface": [{
"path": And(str, len),
"method": And(str, len),
"name": And(str, len),
"visible": And(bool)
}]
})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
user = request.current_user
biz = TbBusiness.query.filter_by(code=req["businessId"]).first()
if not biz:
return Msg.BUSINESS_NOT_EXIST, 400
inters = []
for i in req["interface"]:
inter = TbInterface.query.filter_by(business_code=biz.code,
path=i["path"],
method=i["method"]).first()
if inter:
# 通过 path 和 method 来确定一个接口,用户就是对这个接口进行修改
inter.name = i["name"]
inter.visible = i["visible"]
else:
interface = TbInterface(
name=i["name"],
path=i["path"],
method=i["method"],
visible=i["visible"],
creator_code=user.code,
business_code=biz.code,
)
biz.interface.append(interface)
db.session.add(interface)
inters.append(interface)
db.session.commit()
for i in inters:
i.code = str(1400000000 + i.id)
msg = "SUPPORT | B_USER | ADD_INTERFACE | SUCCESS | USER: {} {} | INTERFACE: {}".format(
user.code, user.name, [i.name for i in inters])
operation = TbOperation(operator_code=user.code, content=msg, category="INTERFACE", type="ADD")
db.session.add(operation)
db.session.commit()
logger.info(Msg)
return {}, 200
def operator_log(operator_id, log_data):
"""
记录用户敏感操作
:param operator_id: 用户ID
:param log_data: 记录信息
:return: None
"""
operation = TbOperation(operator_code=operator_id,
content=log_data,
type="EDIT",
category="MARCHANT_CREDIT")
try:
db.session.add(operation)
db.session.commit()
except Exception as e:
db.session.rollback()
raise RequestsError(code=1014020001) # 数据库操作失败
def put(self):
req = asign_appid.parse_args(strict=True)
business = TbBusiness.query.filter_by(code=req["id"]).first()
if not business:
return Msg.BUSINESS_NOT_EXIST, 400
business.appid = str(uuid4()).replace(
"-", "") if not business.appid else business.appid
msg = "SUPPORT | B_USER | ASSIGN_APPID | SUCCESS | USER: {} {} | BUSINESS: {} {}".format(
request.current_user.code, request.current_user.name,
business.code, business.code, business.name)
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="BUSINESS",
type="EDIT")
db.session.add(operation)
db.session.commit()
app.logger.info(msg)
return {}, 200
def put(self):
req = reset_pwd.parse_args(strict=True)
user = TbUser.query.filter_by(code=req["id"]).first()
if not user:
return Msg.USER_NOT_EXISTS, 400
user.generate_password("123456")
msg = "SUPPORT | B_USER | RESET_PASSWORD | SUCCESS | EDITOR: {} {} | USER: {} {}".format(
request.current_user.code, request.current_user.name, user.code,
user.name)
operation = TbOperation(operator_code=user.code,
content=msg,
category="USER_MANAGE",
type="EDIT")
db.session.add(operation)
db.session.commit()
redis.delete("support_jwt_{}".format(user.code))
logger.info(msg)
return {}, 200
def operator_log(operator_id, log_data, method):
"""
记录用户敏感操作
:param method: 方法
:param operator_id: 用户ID
:param log_data: 记录信息
:return: None
"""
operation = TbOperation(operator_code=operator_id,
content=log_data,
type=str(method),
category="INTERFACE_CONF")
try:
db.session.add(operation)
db.session.commit()
except Exception as e:
db.session.rollback()
raise RequestsError(code=1014020001) # 数据库操作失败
def put(self):
req = active_user.parse_args(strict=True)
user = TbUser.query.filter_by(code=req["id"]).first()
if not user:
return Msg.USER_NOT_EXISTS, 400
user.active = req["status"]
if req["status"] is False:
redis_delete("support_jwt_{}".format(user.code))
msg = "SUPPORT | B_USER | ACTIVE_USER | SUCCESS | EDITOR: {} {} | USER: {} {} | STATUS: {}".format(
request.current_user.code, request.current_user.name, user.code,
user.name, req["status"])
operation = TbOperation(operator_code=user.code,
content=msg,
category="USER_MANAGE",
type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def delete(self):
req = delete_inter.parse_args(strict=True)
interface = TbInterface.query.filter_by(code=req["id"]).first()
msg = "SUPPORT | B_USER | DELETE_INTERFACE | SUCCESS | USER: {} {} | INTERFACE: {} {} {} {}".format(
request.current_user.code, request.current_user.name, interface.code, interface.name, interface.path,
interface.method)
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="INTERFACE",
type="DELETE")
db.session.add(operation)
logger.info(msg)
try:
db.session.delete(interface)
db.session.commit()
except Exception as e:
pass
finally:
return {}, 200
def post(self):
schema = Schema({
"businessId": And(str),
"menu": [{
"path": And(str, len),
"name": And(str, len),
"visible": And(bool)
}]
})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
biz = TbBusiness.query.filter_by(code=req["businessId"]).first()
if not biz:
return Msg.BUSINESS_NOT_EXIST, 400
menus = []
for i in req["menu"]:
menu = TbMenu.query.filter_by(business_code=biz.code, path=i["path"]).first()
if menu:
# 通过 path 来确定一个菜单,用户就是对这个接口进行修改
menu.name = i["name"]
menu.visible = i["visible"]
else:
menu = TbMenu(
name=i["name"],
path=i["path"],
creator_code=request.current_user.code,
business_code=biz.code,
visible=i["visible"],
)
biz.menu.append(menu)
menus.append(menu)
db.session.add_all(menus)
db.session.commit()
for menu in menus:
menu.code = str(1500000000 + menu.id)
msg = "SUPPORT | B_USER | ADD_MENU | SUCCESS | USER: {} {} | MENU: {}".format(
request.current_user.code, request.current_user.name, [i.name for i in menus])
operation = TbOperation(operator_code=request.current_user.code, content=msg, category="MENU", type="ADD")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
schema = Schema({
Optional("sex"): str,
Optional("address"): str,
Optional("wechat"): str,
Optional("qq"): str,
Optional("mail"): str,
"name": str,
"id": str,
"mobile": str
})
req, error = validate_schema(schema, request.json)
if error:
return error, 400
current_user = request.current_user
user = TbUser.query.filter_by(code=req["id"]).first()
if not user:
return Msg.USER_NOT_EXISTS, 400
phone = req["mobile"]
if len(phone) != 11:
return Msg.PARAMS_ERROR, 400
elif TbUser.query.filter(TbUser.code != req["id"],
TbUser.phone == phone).first():
return Msg.PHONE_USED, 400
user.phone = phone
user.name = req["name"]
user.sex = req.get("sex", user.sex)
user.mail = req.get("mail", user.mail)
user.wechat = req.get("wechat", user.wechat)
user.qq = req.get("qq", user.qq)
user.address = req.get("address", user.address)
user.update_time = utc_timestamp()
msg = "SUPPORT | B_USER | EDIT_USER | SUCCESS | EDITOR: {} {} | USER: {} {} | MERCHANT: {} {}".format(
current_user.code, current_user.name, user.code, user.name,
user.merchant.code, user.merchant.name)
operation = TbOperation(operator_code=user.code,
content=msg,
category="USER_MANAGE",
type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
req = active_biz.parse_args(strict=True)
business = TbBusiness.query.filter_by(code=req["id"]).first()
if not business:
return Msg.BUSINESS_NOT_EXIST, 400
if not business.appid:
return Msg.ASSIGN_APPID_FIRST, 400
business.status = req["status"]
msg = "SUPPORT | B_USER | ACTIVE_BUSINESS | SUCCESS | USER: {} {} | BUSINESS: {} {} | STATUS: {}".format(
request.current_user.code, request.current_user.name,
business.code, business.name, req["status"])
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="BUSINESS",
type="EDIT")
db.session.add(operation)
db.session.commit()
app.logger.info(msg)
return {}, 200
def sync_config(category: str, user: TbUser, wait_to_sync_config: dict,
_type: str) -> tuple:
"""
同步配置
"""
cache_data = CacheData(category)
if category == "SUPPORT":
# 现在的配置
now_config = support_config_db.find_one() or {}
if not judge_version(now_config, wait_to_sync_config):
return Msg.WRONG_VERSION, 400
# 先remove 再 insert
support_config_db.delete_many({})
support_config_db.insert_one(wait_to_sync_config.get("config"))
wait_to_sync_config.get("config").pop("_id")
app.config.update(wait_to_sync_config.get("config"))
cache_data.set(wait_to_sync_config.get("config"))
logger.info("SUPPORT | SYNC {} CONFIG".format(category))
else:
now_config = zk.get_config(category)
if not judge_version(now_config, wait_to_sync_config):
return Msg.WRONG_VERSION, 400
status = zk.write_config(category, wait_to_sync_config["config"])
if status is False:
return Msg.SYNC_FAILED, 400
cache_data.set(wait_to_sync_config["config"])
logger.info("SUPPORT | SYNC {} CONFIG".format(category))
# 将待更新数据里面的 is_sync 修改为 True
wait_to_sync_config["is_sync"] = True
_id = str(wait_to_sync_config.pop("_id"))
support_config_storage.update({"_id": ObjectId(_id)}, wait_to_sync_config)
msg = "SUPPORT | MONITOR | {} | SUCCESS | USER: {} {} | CATEGORY: {}".format(
_type, user.code, user.name, category)
operation = TbOperation(operator_code=user.code,
content=msg,
operate_time=utc_timestamp(),
category=category,
type=_type)
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
"""
对商户业务系统进行修改
业务系统别名
业务系统 logo
"""
schema = Schema({
"business": [{
"business_code": And(str),
"business_name": And(str),
"alias": And(str),
"logo": And(str)
}],
"merchant_code":
And(str),
"user_code":
And(str)
})
req, error = validate_schema(schema, request.json, remove_blank=True)
if error:
return error, 400
query_set = TbMerchantBusiness.query.filter_by(
merchant_code=req["merchant_code"])
for i in req["business"]:
biz_code = i["business_code"]
mer_biz = query_set.filter_by(business_code=biz_code).first()
if not mer_biz:
return Msg.MERCHANT_BUSINESS_NOT_EXIST, 400
mer_biz.alias = i["alias"]
mer_biz.logo = i["logo"]
msg = "SUPPORT | MARCHANT_MANAGE | EDIT_MARCHANT_BUSINESS | SUCCESS | USER: {} | BUSINESS: {}".format(
req["user_code"],
[(i["business_name"], i["alias"]) for i in req["business"]])
operation = TbOperation(operator_code=req["user_code"],
content=msg,
type="EDIT",
category="MARCHANT_MANAGE")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
req = auth.parse_args(strict=True)
current_user = request.current_user
user = TbUser.query.filter_by(code=req["id"]).first()
if not user:
return Msg.USER_NOT_EXISTS, 400
user.roles.clear()
for i in req["roles"]:
role = TbRole.query.filter_by(code=i).first()
if not role:
return Msg.ROLE_NOT_EXIST, 400
elif not current_user.is_admin and role.business.appid == app.config["USER_CENTER"]:
return Msg.PARAMS_ERROR, 400
else:
user.roles.append(role)
msg = "SUPPORT | B_USER | AUTH | SUCCESS | EDITOR: {} {} | USER: {} {}".format(
request.current_user.code, request.current_user.name, user.code, user.name)
operation = TbOperation(operator_code=user.code, content=msg, category="AUTH", type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
schema = Schema({
"id": And(str),
"name": And(str, len),
"production": And(str, len)
})
req, error = validate_schema(schema, request.json, remove_blank=True)
if error:
return error, 400
mer = TbMerchant.query.filter_by(code=req["id"]).first()
dup_mer = TbMerchant.query.filter_by(name=req["name"]).first()
if dup_mer and dup_mer.code != mer.code:
return Msg.MERCHANT_NAME_ALREADY_EXIST, 400
mer.name = req["name"]
production = TbProduction.query.filter_by(
merchant_code=req["id"]).first()
if not production:
return Msg.PRODUCTION_NOT_EXIST, 400
production.name = req.get("production")
msg = "SUPPORT | B_USER | EDIT_MERCHAT | SUCCESS | USER: {} {} | MERCHAT: {} {} | PRODUCTION: {} {}".format(
request.current_user.code, request.current_user.name, mer.code,
mer.name, production.code, production.name)
operation = TbOperation(operator_code=request.current_user.code,
content=msg,
category="MERCHANT",
type="EDIT")
db.session.add(operation)
db.session.commit()
app.logger.info(msg)
# 删除 redis 商户的缓存
key = "tb_merchant:code:{}".format(mer.code)
redis_delete(key)
# 删除 redis 产品的缓存
key = "tb_production:merchant_code:{}".format(mer.code)
redis_delete(key)
return {}, 200
def post(self):
req, error = validate_schema(universal_schema, request.json)
if error:
return error, 400
category = ConfigNameMap.name[req["category"]]
config_info = support_config_storage.find_one({
"_id": ObjectId(req["id"]),
"category": category
})
user = TbUser.query.filter_by(code=req["user_code"]).first()
if not user:
return Msg.USER_NOT_EXISTS, 400
# 把获取到的配置信息插入库中
version = get_version(category) + 0.1
config_info["config"]["VERSION"] = version + 0.1
support_config_storage.insert_one({
"config": config_info["config"],
"creator_name": user.name,
"creator_code": user.code,
"create_time": utc_timestamp(),
"category": category,
"is_sync": False
})
msg = "SUPPORT | MONITOR | CONFIG_ROLL_BACK | SUCCESS | USER: {} {} | CATEGORY: {} | CONFIG: {}".format(
user.code, user.name, category, config_info["config"])
operation = TbOperation(
operator_code=user.code,
content=msg,
operate_time=utc_timestamp(),
category=category,
type="CONFIG_ROLL_BACK"
)
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def delete(self):
req = delete_role.parse_args(strict=True)
role = TbRole.query.filter_by(code=req["id"]).first()
user = request.current_user
if role:
# 只允许 admin 用户删除用户中心角色
if not user.is_admin and role.business.appid == app.config["USER_CENTER"]:
logger.info("SUPPORT | B_USER | DELTE_ROLE | FAILD | USER: {} {} | ROLE: {} {} | REASON | {}".format(
user.code, user.name, role.code, role.name, "user has not permission to delete role"))
return Msg.PARAMS_ERROR, 400
# 删除角色
# 判断用户是否有此角色
msg = "SUPPORT | B_USER | DELTE_ROLE | SUCCESS | USER: {} {} | ROLE: {} {}".format(
user.code, user.name, role.code, role.name)
operation = TbOperation(operator_code=user.code, content=msg, category="ROLE", type="DELETE")
db.session.add(operation)
logger.info(msg)
try:
db.session.delete(role)
db.session.commit()
except Exception as e:
pass
finally:
return {}, 200
def put(self):
"""
修改用户信息
"""
req = user_info.parse_args(strict=True)
user = request.current_user
user.name = req.get("name")
user.sex = req.get("sex") if req.get("sex") else "unknown"
user.address = req.get("address")
user.wechat = req.get("wechat")
user.qq = req.get("qq")
user.avatar = req.get("avatar")
user.mail = req.get("mail")
user.update_time = utc_timestamp()
msg = "SUPPORT | B_USER | EDIT_SELF_INFO | SUCCESS | USER_CODE: {} | USER_NAME: {}".format(
user.code, user.name)
operation = TbOperation(operator_code=user.code,
content=msg,
category="USER",
type="EDIT")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
def put(self):
"""
更新产品信息
"""
schema = Schema({
"production": [{
Optional("appid"): And(str),
Optional("official_account_name"): And(str),
Optional("amount_limit"): And(int),
"name": And(str),
"code": And(str),
"logo": And(str),
"icon": And(str),
"face_flag": And(bool),
"e_sign": And(bool)
}],
"merchant_code":
And(str),
"user_code":
And(str)
})
req, error = validate_schema(schema, request.json, remove_blank=True)
if error:
return error, 400
user = TbUser.query.filter_by(code=req["user_code"]).first()
if not user:
return Msg.USER_NOT_EXISTS, 400
query_set = TbProduction.query.filter_by(
merchant_code=req["merchant_code"])
for i in req["production"]:
pro = query_set.filter_by(code=i["code"]).first()
if not pro:
return Msg.PRODUCTION_NOT_EXIST, 400
# 如果用户传了 appid
if i.get("appid"):
if TbMerchantPublic.query.filter(
TbMerchantPublic.production_code != pro.code,
TbMerchantPublic.appid == i["appid"]).first():
return Msg.OFFICIAL_ACCOUNT_ALREADY_EXIST, 400
public = TbMerchantPublic.query.filter_by(
production_code=pro.code).first()
# 如果没有检测到公众号,就创建一个,否则进行一次修改
if not public:
pub = TbMerchantPublic(name=i.get("official_account_name"),
appid=i["appid"],
creator_code=user.code,
merchant_code=req["merchant_code"],
production_code=pro.code)
db.session.add(pub)
else:
public.appid = i["appid"]
public.name = i.get("official_account_name")
# 删除 redis 公众号的缓存
appid_key = "merchant_public:appid:{}".format(
i.get("appid"))
redis_delete(appid_key)
pro.name = i["name"]
pro.logo = i["logo"]
pro.icon = i["icon"]
pro.face_flag = i["face_flag"]
pro.e_sign = i["e_sign"]
pro.amount_limit = i.get("amount_limit") if i["face_flag"] else 0
# 删除 redis 产品的缓存
pro_key = "tb_production:merchant_code:{}".format(
req["merchant_code"])
redis_delete(pro_key)
msg = "SUPPORT | PRODUCTION | EDIT_PRODUCTION | SUCCESS | USER: {} {} | PRODUCTION: {}".format(
user.code,
user.name,
req["production"],
)
try:
operation = TbOperation(operator_code=req["user_code"],
content=msg,
type="EDIT",
category="PRODUCTION")
db.session.add(operation)
db.session.commit()
logger.info(msg)
return {}, 200
except Exception as e:
logger.warn(
"SUPPORT PRODUCTION | EDIT_PRODUCTION | FAILED | USER: {} {} | ERROR: {}"
.format(user.code, user.name, str(e)))
db.session.rollback()
return Msg.UPDATE_PRODUCTION_FAILED, 400