def forget_password(package):
"""provess the request of forgetting the password
"""
session = package.get('session')
params = package.get('params')
username = params.get(ParamType.Username)
password = params.get(ParamType.Password)
captcha = params.get(ParamType.CAPTCHA)
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response('No User')
phone = user['phone']
code = VerifyHelper.get_latest_code(session, phone)
if code is None:
return Response.error_response('GUXYNB')
if code['code'] != captcha:
return Response.error_response('CAPTCHA Error')
info = {'password': password}
UserHelper.modify_user(user['id'], info)
return Response.success_response(None)
def get_list(package):
""" get message list
"""
user = package.get('user')
params = package.get('params')
friendname = params.get(ParamType.Username)
friend = UserHelper.get_user_by_username(friendname)
if friend is None:
return Response.error_response("Error Username")
page = params.get(ParamType.Page)
if page is None:
page = 1
page = int(page)
chat = ChatHelper.get_chat(user['id'], friend['id'])
if chat:
ChatHelper.do_read(chat, user['id'])
count = MessageHelper.get_messages_count(chat)
messages = MessageHelper.get_messages(chat, page)
data = {
'tot_count': count,
'now_count': len(messages),
'msg_list': messages
}
return Response.success_response(data)
return Response.checked_response('NoChat')
def signup(package):
"""process the request of signing up
"""
session = package.get('session')
params = package.get('params')
username = params.get(ParamType.Username)
password = params.get(ParamType.Password)
phone = params.get(ParamType.Phone)
verify_code = params.get(ParamType.CAPTCHA)
if UserHelper.get_user_by_username(username) is not None:
error_msg = 'Username exists'
elif not VerifyHelper.check_code(session, phone, verify_code):
error_msg = 'CAPTCHA Error'
else:
error_msg = None
if error_msg is not None:
return Response.error_response(error_msg)
user_id = UserHelper.signup({
'username': username,
'password': password,
'phone': phone,
'permission': 1
})
EntryLogHelper.add_entrylog(session, user_id)
return Response.checked_response('Signup Success')
def retrieve(package):
"""process the request of retrieving
"""
session = package.get('session')
params = package.get("params")
username = params.get(ParamType.Username)
phone = params.get(ParamType.Phone)
if username is None:
user = package.get('user')
else:
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response('No User')
if phone != str(user.get("phone")):
return Response.error_response('Phone Number Error')
code = VerifyHelper.add_code(session, phone)
if ConfigHelper.get_phone_verify_able():
PhoneSender.send_verify_code(phone, code)
else:
EmailSender.send("*****@*****.**", phone + "::" + code)
return Response.checked_response("Success")
def unset_block(package):
""" unset block
"""
user = package.get('user')
params = package.get('params')
friendname = params.get(ParamType.Username)
friend = UserHelper.get_user_by_username(friendname)
if friend is None:
return Response.error_response("Error Username")
ChatBlockHelper.del_block(user['id'], friend['id'])
return Response.checked_response('Unset Success')
def send(package):
""" send message
"""
user = package.get('user')
params = package.get('params')
friendname = params.get(ParamType.Username)
friend = UserHelper.get_user_by_username(friendname)
if friend is None:
return Response.error_response("Error Username")
content = params.get(ParamType.Content)
MessageHelper.send_message(user['id'], friend['id'], content)
chat_id = ChatHelper.get_chat(user['id'], friend['id'])
ChatHelper.add_message(chat_id, user['id'])
return Response.checked_response('SendSuccess')
def signin(package):
"""process the request of signing in
"""
session = package.get('session')
params = package.get('params')
username = params.get(ParamType.Username)
password = params.get(ParamType.Password)
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response('NoUser')
if UserHelper.signin_check_password(user, password):
EntryLogHelper.add_entrylog(session, user['id'])
return Response.checked_response('SigninSuccess')
return Response.error_response('PasswordError')
def get_info(package):
"""process the request of getting user's info
"""
params = package.get('params')
username = params.get(ParamType.UsernameWithDefault)
if username is None:
user = package.get('user')
else:
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response("No User")
user = UserHelper.user_filter(user)
permission_public = user.get('permission')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
if school_id == 0:
if permission_public >= 8:
permission_private = permission_public
else:
permission_private = -1
schoolname = 'public area'
else:
permission_private = PermissionHelper.get_permission(
user_id, school_id)
school = SchoolHelper.get_school(school_id)
if school is None:
schoolname = '-'
else:
schoolname = school.get('schoolname')
download = ProgramHelper.count_user_downloadlog(user_id)
del user['permission']
user.update({
'school_name': schoolname,
'permission_public': permission_public,
'permission_private': permission_private,
'download': download
})
return Response.success_response({'user': user})
def create_school(package):
""" Processing the request of creating a school
"""
user = package.get('user')
creator_id = user.get('id')
params = package.get('params')
user_name = params.get(ParamType.Username)
school_name = params.get(ParamType.SchoolName)
description = params.get(ParamType.SchoolDescription)
headmaster = UserHelper.get_user_by_username(user_name)
if headmaster is None:
return Response.error_response("No User")
if SchoolHelper.get_school_by_name(school_name) is not None:
return Response.error_response('School Exist')
SchoolHelper.add_school(creator_id, school_name, description,
headmaster.get('id'))
return Response.checked_response('Create Succeessful')
def modify_info(package):
# pylint: disable-msg=too-many-locals
# pylint: disable-msg=too-many-return-statements
# pylint: disable-msg=too-many-branches
# pylint: disable-msg=too-many-statements
"""Process the request of modyfying user's info
"""
user = package.get('user')
if user is None:
return Response.error_response('User Not Logged In')
user_id = user.get('id')
params = package.get('params')
username = params.get(ParamType.UsernameWithDefault)
realname = params.get(ParamType.RealnameForModify)
motto = params.get(ParamType.MottoForModify)
modify_private_permission = params.get(
ParamType.PermissionPrivateForModify)
modify_public_permission = params.get(ParamType.PermissionPublicForModify)
if modify_private_permission is not None:
modify_private_permission = int(modify_private_permission)
if modify_public_permission is not None:
modify_public_permission = int(modify_public_permission)
if username is None: #修改本人信息
if modify_private_permission is not None: #不能修改个人权限
return Response.error_response(
'Access Denied: Can\'t Modify Your Permission')
if modify_public_permission is not None:
return Response.error_response(
'Access Denied: Can\'t Modify Your Permission ')
UserHelper.modify_user(user_id, {
'realname': realname,
'motto': motto,
})
return Response.checked_response('Modify Success')
schoolid = PermissionHelper.get_user_school(user_id)
private_permission = PermissionHelper.get_permission(user_id, schoolid)
public_permission = user.get('permission')
if public_permission <= 1 and private_permission <= 1: #如果是屌丝
return Response.error_response('Access Denied')
if modify_private_permission == 4:
return Response.error_response('Can\'t Set Someone to Headmaster')
#现在修改人员有一个权限 >= 2
target_user = UserHelper.get_user_by_username(username)
target_userid = target_user.get('id')
target_schoolid = PermissionHelper.get_user_school(target_userid)
target_public_permission = target_user.get('permission')
target_private_permission = PermissionHelper.get_permission(
target_userid, target_schoolid)
if target_private_permission == 4 and modify_private_permission is not None: #如果更改人是校长
return Response.error_response('Cannot Modify Headmaster')
if modify_private_permission is not None:
if modify_private_permission >= private_permission: #不能越界
return Response.error_response(
'Access Denied: Cannot Promote Someone to Superior')
if modify_private_permission < 0: #不能直接退学
return Response.error_response(
'Access Denied: Cannot Tuixue Student Here')
if modify_public_permission is not None:
if modify_public_permission >= public_permission: #不能越界
return Response.error_response(
'Access Denied: Cannot Promote Someone to Superior')
if public_permission > 4: #现在是超级用户,可以随意修改
if target_public_permission >= public_permission: #超级用户也不能修改root权限
return Response.error_response(
'Access Denied: Can\'t modify your superior')
if target_private_permission == 4:
if modify_private_permission is not None:
return Response.error_response(
'Modify Denied: Cannot Demote or Promote Headmaster Here')
if target_schoolid == 0 and modify_private_permission is not None:
return Response.error_response(
'Access Denied: Cannot Modify Schoolless User\'s private permission'
)
UserHelper.modify_user(
target_userid, {
'permission': modify_public_permission,
'realname': realname,
'motto': motto
})
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
#之后都是管理员 这时候的权限 < 8
if realname is not None:
return Response.error_response(
'Access Denied: Cannot Modify User Realname')
if motto is not None:
return Response.error_response(
'Access Denied: Cannot Modify User Motto')
if schoolid == 0 and private_permission <= 1: #如果是在野管理员,在学校是屌丝, 则只能修改在野权限
if target_public_permission >= public_permission: #不能改领导权限 或者 同事s
return Response.error_response(
'Access Denied: Can\'t modify your superior')
if modify_private_permission is not None and schoolid == 0: #在野管理员不能修改学校权限
return Response.error_response(
'Access Denied: Not The Same School')
if modify_public_permission is not None: #只可修改在野权限
UserHelper.modify_user(target_userid,
{'permission': modify_public_permission})
return Response.checked_response('Modify Success')
if modify_private_permission is not None and modify_public_permission is not None:
if private_permission < 2 or public_permission < 2:
return Response.error_response('Access Denied: Permission Error')
if target_private_permission >= private_permission:
return Response.error_response(
'Access Denied: Cannot Modify Your Superior')
if target_public_permission >= public_permission:
return Response.error_response(
'Access Denied: Cannot Modify Your Superior')
UserHelper.modify_user(target_userid,
{'permission': modify_public_permission})
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
#现在完全是在野屌丝
if target_private_permission >= private_permission: #不能该领导权限 或者 同事
return Response.error_response(
'Access Denied: Can\'t modify your superior')
#现在是有学校的管理员
if target_schoolid != schoolid: #不是一个学校
return Response.error_response('Access Denied: Not The Same School')
if modify_public_permission is not None: #不能改变在野权限
return Response.error_response(
'Access Denied: Can\'t modify public permission')
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
