def validate():
"""使用勾子处理接口访问事件"""
# response.headers['Access-Control-Allow-Origin'] = '*'
"""
钩子函数 ,处理请求路由之前需要做什么的事情
:return:
"""
"""使用勾子处理页面或接口访问事件"""
# 让bottle框架支持jquery ajax的RESTful风格的PUT和DELETE等请求
# 获取当前访问的Url路径
path_info = request.environ.get("PATH_INFO")
# 过滤不用做任何操作的路由(即过滤不用进行判断是否登录和记录日志的url)
if path_info in ['/favicon.ico', '/', '/api/verify/', "/api/visitHandle/"]:
return
### 记录客户端提交的参数 ###
# 获取当前访问url路径与ip
request_log = 'url:' + path_info + ' ip:' + web_helper.get_ip()
try:
# 添加json方式提交的参数
if request.json:
request_log = request_log + ' params(json):' + urllib.parse.unquote(
str(request.json))
except:
pass
try:
# 添加GET方式提交的参数
if request.query_string:
request_log = request_log + ' params(get):' + urllib.parse.unquote(
str(request.query_string))
# 添加POST方式提交的参数
if request.method == 'POST':
request_log = request_log + ' params(post):' + urllib.parse.unquote(
str(request.params.__dict__))
# 存储到日志文件中
log_helper.info(request_log)
except:
pass
# 处理ajax提交的put、delete等请求转换为对应的请求路由(由于AJAX不支持RESTful风格提交,所以需要在这里处理一下,对提交方式进行转换)
if request.method == 'POST' and request.POST.get('_method'):
request.environ['REQUEST_METHOD'] = request.POST.get('_method', '')
# 过滤不用进行登录权限判断的路由(登录与退出登录不用检查是否已经登录)
url_list = ["/apiPost/login/", "/apiPost/logout/"]
if path_info in url_list:
pass
else:
# 已经登录成功的用户session肯定有值,没有值的就是未登录
session = web_helper.get_session()
# 获取用户id
manager_id = session.get('id', 0)
login_name = session.get('login_name', 0)
# 判断用户是否登录
if not manager_id or not login_name:
web_helper.return_raise(
web_helper.return_msg(-404, "您的登录已失效,请重新登录"))
def validate():
"""使用勾子处理接口访问事件"""
r = request
# 获取当前访问的Url路径
path_info = request.environ.get("PATH_INFO")
# 过滤不用做任何操作的路由(即过滤不用进行判断是否登录和记录日志的url)
if path_info in ['/favicon.ico', '/', '/api/verify/'
] or path_info.find('/upload/') > -1:
return
### 记录客户端提交的参数 ###
# 获取当前访问url路径与ip
request_log = 'url:' + path_info + ' ip:' + web_helper.get_ip()
try:
# 添加json方式提交的参数
if request.json:
request_log = request_log + ' params(json):' + urllib.parse.unquote(
str(request.json))
except:
pass
try:
# 添加GET方式提交的参数
if request.query_string:
request_log = request_log + ' params(get):' + urllib.parse.unquote(
str(request.query_string))
# 添加POST方式提交的参数
if request.method == 'POST':
request_log = request_log + ' params(post):' + urllib.parse.unquote(
str(request.params.__dict__))
# 存储到日志文件中
log_helper.info(request_log)
except:
pass
# 处理ajax提交的put、delete等请求转换为对应的请求路由(由于AJAX不支持RESTful风格提交,所以需要在这里处理一下,对提交方式进行转换)
if request.method == 'POST' and request.POST.get('_method'):
request.environ['REQUEST_METHOD'] = request.POST.get('_method', '')
# 过滤不用进行登录权限判断的路由(登录与退出登录不用检查是否已经登录)
url_list = [
"/api/login/", "/api/logout/", "/api/about/", "/api/contact_us/",
"/api/product_class/", "/api/product/"
]
if path_info in url_list or (request.method == 'GET'
and path_info.find('/api/product/') > -1):
pass
else:
# 已经登录成功的用户session肯定有值,没有值的就是未登录
session = web_helper.get_session()
# 获取用户id
manager_id = session.get('id', 0)
login_name = session.get('login_name', 0)
# 判断用户是否登录
if not manager_id or not login_name:
web_helper.return_raise(
web_helper.return_msg(-404, "您的登录已失效,请重新登录"))
def callback():
# 排序字段
sidx = web_helper.get_query('sidx', '', False)
# 排序方式
sord = web_helper.get_query('sord', '', False)
# 初始化输出格式
data = {'rows': []}
# 排序sql
order_by = 'sort asc'
if sidx:
order_by = sidx + ' ' + sord
if not order_by:
order_by = ' id desc '
# 获取数据
sql_data = 'select * from product_class order by %(orderby)s ' % {
'orderby': order_by
}
result = db_helper.read(sql_data)
if result:
data['rows'] = result
if data:
return web_helper.return_raise(
json.dumps(data, cls=json_helper.CJsonEncoder))
else:
return web_helper.return_msg(-1, '没有数据', '')
def callback():
# 页面索引
page_number = convert_helper.to_int_default(
web_helper.get_query('page', '', False), 1)
# 页面显示记录数量
page_size = convert_helper.to_int_default(
web_helper.get_query('rows', '', False), 10)
# page_size = 2
# 排序字段
sidx = web_helper.get_query('sidx', '', False)
# 排序方式
sord = web_helper.get_query('sord', '', False)
# 初始化输出格式
data = {
'records': 0, # 总记录数
'total': 0, # 总页数
'page': 1, # 页数
'rows': []
}
# 获取记录总数
sql_count = 'select count(1) as records from product_class'
result = db_helper.read(sql_count)
if not result or result[0]['records'] == 0:
return data
data['records'] = result[0].get('records', 0)
# 计算总页数
if data['records'] % page_size == 0:
page_total = data['records'] // page_size
else:
page_total = data['records'] // page_size + 1
data['total'] = page_total
data['page'] = page_number
# 排序sql
order_by = 'sort asc'
if sidx:
order_by = sidx + ' ' + sord
if not order_by:
order_by = ' id desc '
# 分页sql
record_number = (page_number - 1) * page_size
paging = ' limit ' + str(page_size) + ' offset ' + str(record_number)
# 获取数据
sql_data = 'select * from product_class order by %(orderby)s %(paging)s' % {
'orderby': order_by,
'paging': paging
}
result = db_helper.read(sql_data)
if result:
data['rows'] = result
if data:
return web_helper.return_raise(
json.dumps(data, cls=json_helper.CJsonEncoder))
else:
return web_helper.return_msg(-1, '没有数据', '')
def get_record():
# 初始化输出格式
data = {
'records': 0, # 总记录数
'total': 0, # 总页数
'page': 1, # 页数
'rows': []
}
sql = '''select * from searchrecord limit 500 offset 0 '''
result = db_helper.read(sql)
if result:
data['rows'] = result
if data:
return web_helper.return_raise(
json.dumps(data, cls=json_helper.CJsonEncoder))
else:
return web_helper.return_msg(-1, '没有数据', '')
def callback():
"""
获取列表数据
"""
# 产品分类id
product_class_id = convert_helper.to_int0(
web_helper.get_query('product_class_id', '产品分类id',
is_check_null=False))
# 类型
type = web_helper.get_query('type', '类型', is_check_null=False)
# 页面索引
page_number = convert_helper.to_int1(
web_helper.get_query('page', '', is_check_null=False))
# 页面显示记录数量
page_size = convert_helper.to_int0(
web_helper.get_query('rows', '', is_check_null=False))
# 排序字段
sidx = web_helper.get_query('sidx', '', is_check_null=False)
# 顺序还是倒序排序
sord = web_helper.get_query('sord', '', is_check_null=False)
# 设置查询条件
wheres = []
if product_class_id > 0:
wheres.append('product_class_id=' + str(product_class_id))
# 判断是否是前台提交获取数据
if type != 'backstage':
wheres.append('is_enable=1')
# 初始化排序字段
orderby = None
### 设置排序 ###
if sidx:
orderby = sidx + ' ' + sord
# 实例化product表操作类ProductLogic
_product_logic = product_logic.ProductLogic()
result = _product_logic.get_list(
'*,(select name from product_class where id=product_class_id) as product_class_name',
wheres, page_number, page_size, orderby)
if result:
return web_helper.return_raise(
json.dumps(result, cls=json_helper.CJsonEncoder))
else:
return web_helper.return_msg(-1, "查询失败")
def check_user_power():
"""检查当前用户是否有访问当前接口的权限"""
# 读取session
session = web_helper.get_session()
# session不存在则表示登录失效了
if not session:
web_helper.return_raise(web_helper.return_msg(-404, "您的登录已失效,请重新登录"))
# 获取当前页面原始路由
rule = request.route.rule
# 获取当前访问接口方式(get/post/put/delete)
method = request.method.lower()
# 获取当前访问的url地址
url = string_helper.filter_str(request.url, '<|>|%|\'')
# 初始化日志相关变量
_manager_operation_log_logic = manager_operation_log_logic.ManagerOperationLogLogic()
ip = web_helper.get_ip()
manager_id = session.get('id')
manager_name = session.get('name')
# 设置访问日志信息
if method == 'get':
method_name = '访问'
else:
method_name = '进行'
# 获取来路url
http_referer = request.environ.get('HTTP_REFERER')
if http_referer:
# 提取页面url地址
index = http_referer.find('?')
if index == -1:
web_name = http_referer[http_referer.find('/', 8) + 1:]
else:
web_name = http_referer[http_referer.find('/', 8) + 1: index]
else:
web_name = ''
# 组合当前接口访问的缓存key值
key = web_name + method + '(' + rule + ')'
# 从菜单权限缓存中读取对应的菜单实体
_menu_info_logic = menu_info_logic.MenuInfoLogic()
model = _menu_info_logic.get_model_for_url(key)
if not model:
# 添加访问失败日志
_manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '用户访问[%s]接口地址时,检测没有操作权限' % (url))
web_helper.return_raise(web_helper.return_msg(-1, "您没有访问权限1" + key))
# 初始化菜单名称
menu_name = model.get('name')
if model.get('parent_id') > 0:
# 读取父级菜单实体
parent_model = _menu_info_logic.get_model_for_cache(model.get('parent_id'))
if parent_model:
menu_name = parent_model.get('name').replace('列表', '').replace('管理', '') + menu_name
# 从session中获取当前用户登录时所存储的职位id
positions = positions_logic.PositionsLogic()
page_power = positions.get_page_power(session.get('positions_id'))
# 从菜单实体中提取菜单id,与职位权限进行比较,判断当前用户是否拥有访问该接口的权限
if page_power.find(',' + str(model.get('id', -1)) + ',') == -1:
# 添加访问失败日志
_manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '用户%s[%s]操作检测没有权限' % (method_name, menu_name))
web_helper.return_raise(web_helper.return_msg(-1, "您没有访问权限2"))
if not (method == 'get' and model.get('name') in ('添加', '编辑')):
# 添加访问日志
_manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '用户%s[%s]操作' % (method_name, menu_name))
def callback():
"""
获取列表数据
"""
# 页面索引
page_number = convert_helper.to_int1(web_helper.get_query('page', '', False))
# 页面显示记录数量
page_size = convert_helper.to_int0(web_helper.get_query('rows', '', False))
# 排序字段
sidx = web_helper.get_query('sidx', '', False)
# 顺序还是倒序排序
sord = web_helper.get_query('sord', '', False)
# 初始化排序字段
order_by = 'sort asc'
if sidx:
order_by = sidx + ' ' + sord
#############################################################
# 初始化输出格式(前端使用jqgrid列表,需要指定输出格式)
data = {
'records': 0,
'total': 0,
'page': 1,
'rows': [],
}
#############################################################
# 执行sql,获取指定条件的记录总数量
sql = 'select count(1) as records from product_class'
result = db_helper.read(sql)
# 如果查询失败或不存在指定条件记录,则直接返回初始值
if not result or result[0]['records'] == 0:
return data
# 保存总记录数量
data['records'] = result[0].get('records', 0)
#############################################################
### 设置分页索引与页面大小 ###
# 设置分页大小
if page_size is None or page_size <= 0:
page_size = 10
# 计算总页数
if data['records'] % page_size == 0:
page_total = data['records'] // page_size
else:
page_total = data['records'] // page_size + 1
# 记录总页面数量
data['total'] = page_total
# 判断提交的页码是否超出范围
if page_number < 1 or page_number > page_total:
page_number = page_total
# 记录当前页面索引值
data['page'] = page_number
# 计算当前页面要显示的记录起始位置
record_number = (page_number - 1) * page_size
# 设置查询分页条件
paging = ' limit ' + str(page_size) + ' offset ' + str(record_number)
### 设置排序 ###
if not order_by:
order_by = 'id desc'
#############################################################
# 组合sql查询语句
sql = "select * from product_class order by %(orderby)s %(paging)s" % \
{'orderby': order_by, 'paging': paging}
# 读取记录
result = db_helper.read(sql)
if result:
# 存储记录
data['rows'] = result
if data:
# 直接输出json
return web_helper.return_raise(json.dumps(data, cls=json_helper.CJsonEncoder))
else:
return web_helper.return_msg(-1, "查询失败")
def callback():
"""
获取列表数据
"""
# 设置查询条件
wheres = ''
# 产品分类id
product_class_id = convert_helper.to_int0(web_helper.get_query('product_class_id', '产品分类id', is_check_null=False))
if product_class_id > 0:
wheres = 'where product_class_id=' + str(product_class_id)
# 页面索引
page_number = convert_helper.to_int1(web_helper.get_query('page', '', is_check_null=False))
# 页面显示记录数量
page_size = convert_helper.to_int0(web_helper.get_query('rows', '', is_check_null=False))
# 排序字段
sidx = web_helper.get_query('sidx', '', is_check_null=False)
# 顺序还是倒序排序
sord = web_helper.get_query('sord', '', is_check_null=False)
# 初始化排序字段
order_by = 'id desc'
if sidx:
order_by = sidx + ' ' + sord
# 类型
type = web_helper.get_query('type', '类型', is_check_null=False)
# 判断是否是前台提交获取数据
if type != 'backstage':
# 判断是否已经存在查询条件了,是的话在原查询条件后面拼接
if wheres:
wheres = wheres + ' and is_enable=1'
else:
wheres = 'where is_enable=1'
#############################################################
# 初始化输出格式(前端使用jqgrid列表,需要指定输出格式)
data = {
'records': 0,
'total': 0,
'page': 1,
'rows': [],
}
#############################################################
# 执行sql,获取指定条件的记录总数量
sql = 'select count(1) as records from product %(wheres)s' % {'wheres': wheres}
result = db_helper.read(sql)
# 如果查询失败或不存在指定条件记录,则直接返回初始值
if not result or result[0]['records'] == 0:
return data
# 保存总记录数量
data['records'] = result[0].get('records', 0)
#############################################################
### 设置分页索引与页面大小 ###
# 设置分页大小
if page_size is None or page_size <= 0:
page_size = 10
# 计算总页数
if data['records'] % page_size == 0:
page_total = data['records'] // page_size
else:
page_total = data['records'] // page_size + 1
# 记录总页面数量
data['total'] = page_total
# 判断提交的页码是否超出范围
if page_number < 1 or page_number > page_total:
page_number = page_total
# 记录当前页面索引值
data['page'] = page_number
# 计算当前页面要显示的记录起始位置
record_number = (page_number - 1) * page_size
# 设置查询分页条件
paging = ' limit ' + str(page_size) + ' offset ' + str(record_number)
### 设置排序 ###
if not order_by:
order_by = 'id desc'
#############################################################
# 组合sql查询语句
sql = "select * from product %(wheres)s order by %(orderby)s %(paging)s" % \
{'wheres': wheres, 'orderby': order_by, 'paging': paging}
# 读取记录
result = db_helper.read(sql)
if result:
# 存储记录
data['rows'] = result
if data:
# 直接输出json
return web_helper.return_raise(json.dumps(data, cls=json_helper.CJsonEncoder))
else:
return web_helper.return_msg(-1, "查询失败")