def edit(self):
req = self.request()
passwd = req.get('passwd')
passwd1 = req.get('passwd1')
# 验证
if passwd==passwd1 :
return self.getJSON({'code':4000,'msg':'不能与原密码相同!'})
if not Safety.isRight('passwd',passwd) or not Safety.isRight('passwd',passwd1) :
return self.getJSON({'code':4000,'msg':'密码格式错误!'})
# 用户信息
m1 = User()
m1.where('id=%s AND password="******"'%(self.tokenData['uid'],Inc.md5(passwd)))
m1.columns('id')
info = m1.findFirst()
# 是否存在
if len(info)==0 :
return self.getJSON({'code':4000,'msg':'当前密码错误!'})
# 保存
m2 = User()
m2.password = Inc.md5(passwd1)
m2.where('id='+str(self.tokenData['uid']))
if m2.update() :
return self.getJSON({'code':0,'msg':'成功'})
else :
return self.getJSON({'code':5000,'msg':'修改失败!'})
def edit(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data)!=dict or not data.get('tel') :
return self.getJSON({'code':4000,'msg':'参数错误!'})
uid = req.get('uid').strip()
tel = data['tel'].strip()
passwd = Inc.md5(data['passwd']) if data['passwd']!='' else ''
# 验证手机
res = Safety.isRight('tel',tel)
if not Safety.isRight('tel',tel) :
return self.getJSON({'code':4000,'msg':'手机号码有误!'})
# 是否存在
res = User().findFirst({'where':'tel=:tel:','bind':{'tel':tel}})
if res :
if passwd != '' :
params = {'data': {'password':passwd}, 'where':'id=:uid:', 'bind':{'uid':uid}}
if User().update(params) : return self.getJSON({'code':0,'msg':'成功'})
else : return self.getJSON({'code':5000,'msg':'更新密码失败!'})
else :
return self.getJSON({'code':4000,'msg':'密码为6-16位字符!'})
# 修改手机
uData = {'tel':tel}
if passwd != '' : uData['password']=passwd
params = {'data': uData, 'where':'id=:uid:', 'bind':{'uid':uid}}
if User().update(params) :
return self.getJSON({'code':0,'msg':'成功'})
else :
return self.getJSON({'code':5000,'msg':'编辑失败!'})
def add(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data)!=dict or not data.get('tel') :
return self.getJSON({'code':4000,'msg':'参数错误!'})
tel = data['tel'].strip()
passwd = Inc.md5(data['passwd']) if data['passwd']!='' else Inc.md5('123456')
# 验证手机
res = Safety.isRight('tel',tel)
if not Safety.isRight('tel',tel) :
return self.getJSON({'code':4000,'msg':'手机号码有误!'})
# 是否存在
res = User().findFirst({'where':'tel=:tel:','bind':{'tel':tel}})
if res : return self.getJSON({'code':4000,'msg':'该用户已存在!'})
# 保存
params = {
'id': Data.getId(),
'tel': tel,
'password': passwd,
'rtime': Inc.date('%Y%m%d%H%M%S'),
}
# 结果
if User().insert(params) == 0 :
return self.getJSON({'code':0,'msg':'成功'})
else :
return self.getJSON({'code':5000,'msg':'添加失败!'})
def login(self):
req = self.request()
uname = req.get('uname')
passwd = Inc.md5(req.get('passwd'))
# 验证用户名
if Safety.isRight('uname', uname) and Safety.isRight(
'tel', uname) and Safety.isRight('email', uname):
return self.getJSON({'code': 4000, 'msg': '请输入用户名/手机/邮箱'})
# 查询
model = User()
model.table(
'user AS a LEFT JOIN user_info AS b ON a.id=b.uid LEFT JOIN user_perm AS c ON a.id=c.uid'
)
model.columns(
'a.id, a.state, b.position, b.nickname, b.name, b.gender, b.img, c.state_admin'
)
model.where(
'(a.uname=":uname:" OR a.tel=":uname:" OR a.email=":uname:") AND a.password="******"',
{
'uname': uname,
'passwd': passwd
})
uData = model.findFirst()
# 是否存在
if len(uData) == 0:
return self.getJSON({'code': 4000, 'msg': '帐号或密码错误'})
# 是否禁用
if uData['state'] != '1':
return self.getJSON({'code': 4000, 'msg': '该用户已被禁用'})
elif uData['state_admin'] != '1':
return self.getJSON({'code': 4000, 'msg': '该用户不允许登录'})
# 登录时间
m = User()
m.ltime = Inc.date('%Y%m%d%H%M%S')
m.where('id=' + str(uData['id']))
m.update()
# 返回
return self.getJSON({
'code':
0,
'msg':
'成功登录',
'uinfo': {
'uid': uData['id'],
'uname': uname,
'position': uData['position'],
'nickname': uData['nickname'],
'name': uData['name'],
'gender': uData['gender'],
'img':
Env.base_url + uData['img'] if uData['img'] != '' else '',
},
'token':
AdminToken().create({
'uid': str(uData['id']),
'uname': uname
})
})
def login(self):
req = self.request()
uname = req.get('uname')
passwd = Inc.md5(req.get('passwd'))
# 验证用户名
if Safety.isRight('uname', uname) and Safety.isRight(
'tel', uname) and Safety.isRight('email', uname):
return self.getJSON({'code': 4000, 'msg': '请输入用户名/手机/邮箱'})
# 查询数据
uData = User().findFirst({
'table':
'user as a LEFT JOIN user_info as b ON a.id=b.uid LEFT JOIN user_perm as c ON a.id=c.uid',
'columns':
'a.id, a.state, b.position, b.nickname, b.name, b.gender, b.img, c.state_admin',
'where':
f'(a.uname="{uname}" OR a.tel="{uname}" OR a.email="{uname}") AND a.password="******"',
})
# 是否存在
if uData == None: return self.getJSON({'code': 4000, 'msg': '帐号或密码错误'})
# 是否禁用
if uData['state'] != '1':
return self.getJSON({'code': 4000, 'msg': '该用户已被禁用'})
elif uData['state_admin'] != '1':
return self.getJSON({'code': 4000, 'msg': '该用户不允许登录'})
# 登录时间
User().update({
'data': {
'ltime': Inc.date('%Y%m%d%H%M%S')
},
'where': 'id=' + str(uData['id']),
}),
# 返回
return self.getJSON({
'code':
0,
'msg':
'成功登录',
'uinfo': {
'uid': uData['id'],
'uname': uname,
'position': uData['position'],
'nickname': uData['nickname'],
'name': uData['name'],
'gender': uData['gender'],
'img':
Env.base_url + uData['img'] if uData['img'] != '' else '',
},
'token':
AdminToken().create({
'uid': str(uData['id']),
'uname': uname
})
})
def delete(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
# ID
ids = Inc.implode(',', data)
model = UserRole()
model.where('id in(:ids:)', {'ids': ids})
# 结果
if model.delete():
return self.getJSON({'code': 0, 'msg': '成功'})
else:
return self.getJSON({'code': 5000, 'msg': '删除失败!'})
def info(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data)!=dict :
return self.getJSON({'code':4000,'msg':'参数错误!'})
uid = req.get('uid').strip()
# 管理员
if self.tokenData['uid']!='1' and uid=='1' :
return self.getJSON({'code':4000,'msg':'非系统管理员!'})
# 查询
info = UserInfo().findFirst({'where':'uid=:uid:','bind':{'uid':uid}})
# 数据
uData = {}
arr = ['uid']
keys = data.keys()
for key in keys :
if key in arr : continue
uData[key] = data[key].strip()
uData['birthday'] = uData['birthday'] if uData['birthday']!='' else 'null'
# 是否存在
if not info :
uData['uid'] = uid
UserInfo().insert(uData)
else :
params = {'data':uData,'where':'uid=:uid:','bind':{'uid':uid}}
UserInfo().update(params)
# 结果
return self.getJSON({'code':0,'msg':'成功'})
def edit(self):
# 验证
AdminToken().urlVerify('SysMenus')
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data) != dict:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
id = req.get('id')
# 数据
model = SysMenu()
model.fid = data['fid'] if 'fid' in data.keys() else '0'
model.title = data['title'].strip() if 'title' in data.keys() else ''
model.url = data['url'].strip() if 'url' in data.keys() else ''
model.perm = data['perm'] if 'perm' in data.keys() else '0'
model.ico = data['ico'].strip() if 'ico' in data.keys() else ''
model.sort = data['sort'] if 'sort' in data.keys() else '0'
model.remark = data['remark'].strip() if 'remark' in data.keys(
) else ''
model.where('id=:id:', {'id': id})
# 结果
if model.update():
return self.getJSON({'code': 0, 'msg': '成功'})
else:
return self.getJSON({'code': 5000, 'msg': '编辑失败!'})
def list(self):
# 验证
AdminToken().urlVerify('SysMenus')
# 搜索
req = self.request()
data = Inc.json_decode(req.get('data'))
fid = data['fid'].strip() if 'fid' in data.keys() else ''
title = data['title'].strip() if 'title' in data.keys() else ''
url = data['url'].strip() if 'url' in data.keys() else ''
where = 'fid LIKE "%:fid:%" AND title LIKE "%:title:%" AND url LIKE "%:url:%"'
bind = {'fid': fid, 'title': title, 'url': url}
# 查询
model = SysMenu()
model.where(where, bind)
model.order('sort DESC, fid')
# 统计
total = model.count()
# 分页
page = req.get('page')
limit = req.get('limit')
start = (int(page) - 1) * int(limit)
model.limit(str(start) + ',' + limit)
# 数据
list = model.find()
# 状态
for val in list:
val['ctime'] = str(val['ctime']) if val['ctime'] else ''
val['utime'] = str(val['utime']) if val['utime'] else ''
return self.getJSON({
'code': 0,
'msg': '成功',
'list': list,
'total': total
})
def list(self):
req = self.request()
# 搜索
data = Inc.json_decode(req.get('data'))
role = data['role'].strip() if 'role' in data.keys() else ''
where = 'role LIKE \"%:role:%\"'
bind = {'role': role}
# 查询
model = UserRole()
model.where(where, bind)
# 统计
total = model.count()
# 分页
page = req.get('page')
limit = req.get('limit')
start = (int(page) - 1) * int(limit)
model.limit(str(start) + ',' + limit)
# 数据
list = model.find()
# 状态
for val in list:
val['ctime'] = str(val['ctime']) if val['ctime'] else ''
val['utime'] = str(val['utime']) if val['utime'] else ''
return self.getJSON({
'code': 0,
'msg': '成功',
'list': list,
'total': total
})
def list(self):
# 验证
AdminToken().urlVerify('SysMenusAction')
# 搜索
req = self.request()
data = Inc.json_decode(req.get('data'))
name = data['name'].strip() if 'name' in data.keys() else ''
action = data['action'].strip() if 'action' in data.keys() else ''
where = 'name LIKE "%:name:%" AND action LIKE "%:action:%"'
bind = {'name': name, 'action': action}
# 查询
model = SysMenuAction()
model.where(where, bind)
# 统计
total = model.count()
# 分页
page = req.get('page')
limit = req.get('limit')
start = (int(page) - 1) * int(limit)
model.limit(str(start) + ',' + limit)
# 数据
list = model.find()
print(model.getSql())
# 返回
return self.getJSON({
'code': 0,
'msg': '成功',
'list': list,
'total': total
})
def create(self,data) :
data['l_time'] = Inc.date('%Y-%m-%d %H:%M:%S')
token = Safety.encode(data)
# 缓存
name = Env.admin_token_prefix+str(data['uid'])
Redis.run().setex(name,Env.admin_token_time,'1')
return token
def delete(self):
# 验证
AdminToken().urlVerify('SysMenusAction')
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
# ID
ids = Inc.implode(',', data)
model = SysMenuAction()
model.where('id in(:ids:)', {'ids': ids})
# 结果
if model.delete():
return self.getJSON({'code': 0, 'msg': '成功'})
else:
return self.getJSON({'code': 5000, 'msg': '删除失败!'})
def delete(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data :
return self.getJSON({'code':4000,'msg':'参数错误!'})
# 管理员
if '1' in data or 1 in data :
return self.getJSON({'code':4000,'msg':'无法删除系统管理员!'})
# ID
ids = Inc.implode(',',data)
user = {'where':'id in(:uid:)','bind':{'uid':ids}}
uinfo = {'where':'uid in(:uid:)','bind':{'uid':ids}}
# 结果
if User().delete(user) and UserInfo().delete(uinfo) :
return self.getJSON({'code':0,'msg':'成功'})
else :
return self.getJSON({'code':5000,'msg':'删除失败!'})
async def router(self,fds,socket,msg,token) :
# 参数
self.__fds = fds
self.__token = token
# 数据
data = Inc.json_decode(msg)
if not data : await socket.send(self.getJSON({'code':4000,'msg':'格式错误!'}))
# 消息
elif data['type']=='msg' : await self.msg(socket,data)
# 心跳
else : await socket.send(self.getJSON({'code':0,'msg':'成功'}))
def rmFile(self):
# 参数
req = self.request()
path = req.get('path').strip()
data = Inc.json_decode(req.get('data').strip())
if not path or not data:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
# 执行
for val in data:
Files().delAll(path + str(val))
return self.getJSON({'code': 0, 'msg': '成功'})
def upImg(self):
req = self.request()
base64 = req.get('base64')
if not base64:
return self.getJSON({'code': 4000, 'msg': 'Base64内容为空!'})
# 上传
res = Upload().base64({'path': self.imgDir, 'base64': base64})
if res:
info = UserInfo().findFirst(
{'where': 'uid=' + str(self.tokenData['uid'])})
if not info:
UserInfo().insert({
'uid': self.tokenData['uid'],
'img': self.imgDir + res['filename'],
'ctime': Inc.date('%Y%m%d%H%M%S'),
})
else:
# 头像
img = info['img'] if info['img'] else ''
# 保存
UserInfo().update({
'data': {
'img': self.imgDir + res['filename'],
'utime': Inc.date('%Y%m%d%H%M%S'),
},
'where': 'uid=' + str(self.tokenData['uid']),
})
# 清理头像
if os.path.exists(img): os.remove(img)
return self.getJSON({
'code':
0,
'msg':
'上传成功',
'img':
Env.base_url + self.imgDir + res['filename']
})
else:
return self.getJSON({'code': 5000, 'msg': '保存图片失败!'})
def add(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data) != dict:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
# 数据
model = UserRole()
model.role = data['role'].strip() if 'role' in data.keys() else ''
# 结果
if model.create():
return self.getJSON({'code': 0, 'msg': '成功'})
else:
return self.getJSON({'code': 5000, 'msg': '添加失败!'})
def edit(self):
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data) != dict:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
id = req.get('id').strip()
# 数据
model = UserRole()
model.role = data['role'].strip() if 'role' in data.keys() else ''
model.where('id=:id:', {'id': id})
# 结果
if model.update():
return self.getJSON({'code': 0, 'msg': '成功'})
else:
return self.getJSON({'code': 5000, 'msg': '编辑失败!'})
def add(self):
# 验证
AdminToken().urlVerify('SysMenusAction')
# 参数
req = self.request()
data = Inc.json_decode(req.get('data'))
if not data or type(data) != dict:
return self.getJSON({'code': 4000, 'msg': '参数错误!'})
# 数据
model = SysMenuAction()
model.name = data['name'].strip() if 'name' in data.keys() else ''
model.action = data['action'].strip() if 'action' in data.keys(
) else ''
model.perm = data['perm'].strip() if 'perm' in data.keys() else '2'
model.ico = data['ico'].strip() if 'ico' in data.keys() else ''
# 结果
if model.create():
return self.getJSON({'code': 0, 'msg': '成功'})
else:
return self.getJSON({'code': 5000, 'msg': '添加失败!'})
def list(self):
info = UserInfo().findFirst(
{'where': 'uid=' + str(self.tokenData['uid'])})
# 添加
if not info:
UserInfo().insert({
'uid': str(self.tokenData['uid']),
'ctime': Inc.date('%Y%m%d%H%M%S'),
})
# 查询
info = UserInfo().findFirst(
{'where': 'uid=' + str(self.tokenData['uid'])})
# 数据
list = {
'img': Env.base_url + info['img'] if info['img'] else '',
'nickname': info['nickname'],
'name': info['name'],
'gender': info['gender'],
'birthday': str(info['birthday']) if info['birthday'] else "",
'position': info['position'],
}
return self.getJSON({'code': 0, 'msg': '成功', 'list': list})
def list(self):
req = self.request()
# 搜索
data = Inc.json_decode(req.get('data'))
uname = data['uname']
where = 'a.uname LIKE \"%:uname:%\" OR a.tel LIKE \"%:uname:%\" OR a.email LIKE \"%:uname:%\"'
bind = {'uname':uname}
# 查询
params = {
'table': 'user as a LEFT JOIN user_info as b ON a.id=b.uid',
'columns':
'a.id as uid,a.uname as uname,a.email as email,a.tel as tel,a.state as state,'+
'a.rtime as rtime,a.ltime as ltime,a.utime as utime,'+
'b.nickname as nickname,b.position as position,b.name as name,b.gender as gender,b.birthday as birthday,b.img as img',
'order': 'a.id DESC',
'where': where,
'bind': bind,
}
# 统计
total = User().count(params)
# 分页
page = req.get('page')
limit = req.get('limit')
start = (int(page)-1)*int(limit)
params['limit'] = str(start)+','+limit
# 数据
list = User().find(params)
# 状态
for val in list :
val['state'] = True if val['state']=='1' else False
val['uid'] = str(val['uid'])
val['img'] = Env.base_url+str(val['img']) if val['img'] else ''
val['birthday'] = str(val['birthday']) if val['birthday'] else ''
val['rtime'] = str(val['rtime']) if val['rtime'] else ''
val['ltime'] = str(val['ltime']) if val['ltime'] else ''
val['utime'] = str(val['utime']) if val['utime'] else ''
return self.getJSON({'code':0,'msg':'成功','list':list,'total':total})
def setPassword(self, val):
if val == '':
val = Inc.md5('123456')
self.password = val
def setFid(self,val) :
if not Inc.is_numeric(val) :
self.error('FID为正整数!')
self.fid = int(float(val))
def beforeUpdate(self):
if self.utime == 'null': self.utime = Inc.date('%Y%m%d%H%M%S')
def setPerm(self,val) :
if not Inc.is_numeric(val) :
self.error('权限值为正整数!')
self.perm = int(float(val))
def getMtime(self, ff):
return Inc.date('%Y-%m-%d %H:%M:%S', os.path.getmtime(ff))
def beforeCreate(self):
if self.ctime == 'null': self.ctime = Inc.date('%Y%m%d%H%M%S')