def askRequirement():
session = request.session
param = request.json_param
try:
requirement = Requirement.query.filter_by(Id=param[u'ReqId']).one()
except NoResultFound:
raise APIException(SystemErrorCode.UnkonwnError, u'无该需求数据')
if u'Command' not in param:
raise APIException(SystemErrorCode.UnkonwnError, u'错误命令')
if param[u'Command'] == u'ask':
if requirement.ServiceUserId is not None and requirement.ServiceUserId != session['UserId']:
raise APIException(SystemErrorCode.UnkonwnError, u'该需求已被他人申请了')
requirement.ServiceUserId = session['UserId']
requirement.Status = RequirementStatus.Contracting
db.session.commit()
return {'message': u'申请成功'}
elif param[u'Command'] == u'cancel':
if requirement.ServiceUserId != session['UserId']:
raise APIException(SystemErrorCode.UnkonwnError, u'没有申请该需求')
requirement.ServiceUserId = None
requirement.Status = RequirementStatus.Published
db.session.commit()
return {'message': u'取消成功'}
else:
raise APIException(SystemErrorCode.UnkonwnError, u'错误命令')
def deleteRequirement():
param = {}
param = request.json_param
print param
try:
requirement = Requirement.query.filter_by(Id=param[u'Id']).one()
except NoResultFound:
raise APIException(SystemErrorCode.UnkonwnError, u'需求不存在')
if requirement.Status == RequirementStatus.Published or requirement.Status == RequirementStatus.Created:
RequirementAttachment.query.filter_by(
RequirementId=requirement.Id).delete()
RequirementReplyGroup.query.filter_by(
RequirementId=requirement.Id).delete()
RequirementReply.query.filter_by(RequirementId=requirement.Id).delete()
RequirementFollower.query.filter_by(
RequirementId=requirement.Id).delete()
RequirementSegment.query.filter_by(
RequirementId=requirement.Id).delete()
ResourceShare.query.filter_by(ResourceId=requirement.Id,
ResourceType='r').delete()
Contract.query.filter_by(RequirementId=requirement.Id).delete()
db.session.delete(requirement)
db.session.commit()
return 'ok'
else:
return APIException(SystemErrorCode.UnkonwnError, u'合同已经建立,无法删除需求')
def delUserRole(role, param):
(user, domain) = param
user.DomainPermissionInvalidate = 1
dbrole = domain.Roles.filter_by(Id=role[u'Id']).one()
if dbrole.DomainAdmin == 1 and domain.OwnerUserId == user.Id:
raise APIException(SystemErrorCode.UnkonwnError, u'域创建者必须是域管理员,不能删除')
user.Roles.remove(dbrole)
def delDomainUser(user, domain):
if domain.OwnerUserId == user[u'Id']:
raise APIException(SystemErrorCode.UnkonwnError, u'域创建者必须是域成员,不能删除')
UserRole.query.filter_by(UserId=user[u'Id']).delete()
u = User.query.filter_by(Id=user[u'Id']).one()
domain.Users.remove(u)
db.session.delete(u)
def payNotify():
param = request.json_param
if u'Id' in param:
try:
requirement = Requirement.query.filter_by(Id=param[u'Id']).one()
if u'Final' in param:
requirement.IsFinalPay = 1
else :
requirement.IsAdvancePay = 1
db.session.commit()
except NoResultFound:
raise APIException(SystemErrorCode.UnkonwnError, u'需求不存在')
# try: # 合同押金支付
# print 'status'
# print requirement.Status
# if requirement.Status == RequirementStatus.PayDeposit:
# if requirement.IsAdvancePay == 1:
# requirement.Status = RequirementStatus.Reviewing
# orderType = '合同押金'
# elif requirement.Status == RequirementStatus.PayAll:
# requirement.Status = RequirementStatus.Retainage
# requirement.IsFinalPay = 1
# orderType = '合同尾款'
# except NoResultFound:
# pass
return 'ok'
def saveRole():
param = request.json_param
rights = Right.query.all()
ur = param[u'Rights']
if param[u'bNew']:
role = Role(param[u'RoleName'], param[u'DomainId'],
param[u'CreatorId'], 0)
db.session.add(role)
db.session.flush()
for right in rights:
if right.Leaf:
sid = str(right.Id)
roleRight = RoleRight(right.Id, role.Id, ur[sid])
db.session.add(roleRight)
db.session.commit()
return role
else:
try:
role = Role.query.filter_by(Id=param[u'RoleId']).one()
except NoResultFound:
return APIException(SystemErrorCode.UnkonwnError, u'无角色信息')
role.Name = param[u'RoleName']
try:
roleRights = RoleRight.query.filter_by(
RoleId=param[u'RoleId']).all()
for roleRight in roleRights:
sid = str(roleRight.RightId)
roleRight.Checked = ur[sid]
except NoResultFound:
pass
db.session.commit()
return {}
def addDomainUser(user, domain):
try:
dbuser = User.query.filter_by(Id=user[u'Id']).one()
except KeyError as e:
dbuser = User(None, None, None)
dbuser.CreateTime = datetime.datetime.now()
dbuser.NickName = user[u'DomainName']
dbuser.Password = user[u'Password']
if dbuser.DomainId is not None:
raise APIException(SystemErrorCode.UnkonwnError, u'不能将已加入其它企业的用户加入')
domain.Users.append(dbuser)
if domain.Users.filter_by(DomainName=user[u'DomainName']).count() > 0:
raise APIException(SystemErrorCode.UnkonwnError,
u'企业中已存在(%s)' % user[u'DomainName'])
dbuser.DomainName = user[u'DomainName']
db.session.flush()
process_list(user['Roles'], 'UserRole', (dbuser, domain))
def modifyDomainRole(role, domain):
db.session.query(User).filter(UserRole.RoleId == role[u'Id']).update(
{User.DomainPermissionInvalidate: 1})
dbrole = domain.Roles.filter_by(Id=role[u'Id']).one()
if dbrole.DomainAdmin == 1:
return APIException(SystemErrorCode.UnkonwnError, u'超级管理员角色不允许修改!')
if u'Name' in role:
dbrole.Name = role[u'Name']
def process_list(list, suffix, param=None):
sorted(list, key=OperateKey) # 按操作优先级排序,以免数据先加加不上后删除导致数据与预期不一致
for item in list:
try:
func = globals()[item[u'Operate'] + suffix]
except KeyError: # 函数不存在时,KeyError
print u"无效操作接口:" + item[u'Operate'] + suffix
raise APIException(SystemErrorCode.UnkonwnError, u"无效操作接口")
func(item, param)
def delDomain():
session = request.session
param = request.json_param
UserId = session["UserId"]
if (db.session.query(
Domain.OwnerUserId).filter_by(Id=param['Id']).one()) == (UserId, ):
res = Domain.query.filter_by(Id=param['Id']).delete()
else:
return APIException(SystemErrorCode.NonPermissionDelete, u'没有权限删除')
return {"res": res}
def modifyDomainUser(user, domain):
dbuser = domain.Users.filter_by(Id=user[u'Id']).one()
if u'DomainName' in user:
if domain.Users.filter(User.Id != user[u'Id'], User.DomainName
== user[u'DomainName']).count() > 0:
raise APIException(SystemErrorCode.UnkonwnError,
u'DomainName已存在(%s)' % user[u'DomainName'])
dbuser.DomainName = user[u'DomainName']
if u'Password' in user:
dbuser.Password = user[u'Password']
db.session.flush()
process_list(user['Roles'], 'UserRole', (dbuser, domain))
def getDomainInfo():
session = request.session
# param = request.json_param
UserId = session["UserId"]
domain = User.query.filter_by(Id=UserId).one().Domain
if domain.Status == DomainStatus.init:
return APIException(SystemErrorCode.UnkonwnError, u'企业还未开通')
result = domain.__dict__
users = domain.Users.all()
result['Roles'] = domain.Roles.all()
result['Users'] = []
for user in users:
user = expandAttribute(user, ['Roles'])
result['Users'].append(user)
for u in result['Users']:
del u['Domain']
return result
def pay_confirm():
param = request.json_param
if u'Id' in param:
try:
requirement = Requirement.query.filter_by(Id=param[u'Id']).one()
except NoResultFound:
raise APIException(SystemErrorCode.UnkonwnError, u'需求不存在')
try: # 合同押金支付
if requirement.Status == RequirementStatus.PayDeposit and requirement.IsAdvancePay == 1:
requirement.Status = RequirementStatus.Reviewing
elif requirement.Status == RequirementStatus.PayAll and requirement.IsFinalPay == 1:
requirement.Status = RequirementStatus.Retainage
db.session.commit()
except NoResultFound:
pass
return 'ok'
return 'ok'
def createDomain():
param = request.json_param
session = request.session
UserId = session["UserId"]
try:
user = User.query.filter_by(Id=UserId).one()
except NoResultFound:
return APIException(SystemErrorCode.UnkonwnError, u'无该用户信息')
#公司注册
if u'RealName' in param:
user.RealName = param[u'RealName']
if u'CellPhone' in param:
user.Domain.CompanyCelPhone = param[u'CellPhone']
user.Domain.DomainName = param[u'DomainName']
user.Domain.Status = DomainStatus.use
db.session.commit()
return user
def publishRequirement():
session = request.session
param = request.json_param
bNew = True
if u'Id' in param:
try:
requirement = Requirement.query.filter_by(Id=param[u'Id']).one()
except NoResultFound:
raise APIException(SystemErrorCode.UnkonwnError, u'需求不存在')
# 取消提交
if u'bCancel' in param:
if requirement.Status == RequirementStatus.Published:
requirement.Status = RequirementStatus.Created
RequirementFollower.query.filter_by(RequirementId=requirement.Id).delete()
db.session.commit()
return requirement
db.session.commit()
return requirement
def payNotify():
param = request.json_param
if u'Id' in param:
try:
requirement = Requirement.query.filter_by(Id=param[u'Id']).one()
except NoResultFound:
raise APIException(SystemErrorCode.UnkonwnError, u'需求不存在')
try: # 合同押金支付
print 'status'
print requirement.Status
if requirement.Status == RequirementStatus.PayDeposit:
requirement.Status = RequirementStatus.Reviewing
orderType = '合同押金'
elif requirement.Status == RequirementStatus.PayAll:
requirement.Status = RequirementStatus.Retainage
orderType = '合同尾款'
db.session.commit()
except NoResultFound:
pass
return 'ok'
def modifyDomainInfo():
session = request.session
param = request.json_param
UserId = session["UserId"]
domaininfo = Domain.query.filter_by(Id=param[u'Id']).one()
if u'DomainName' in param:
if Domain.query.filter_by(DomainName=param[u'DomainName']).count() > 0:
return APIException(DataErrorCode.DomainNameExist, u'域名已被占用')
domaininfo.DomainName = param[u'DomainName']
if u'Roles' in param:
process_list(param[u'Roles'], 'DomainRole', domaininfo)
if u'Users' in param:
process_list(param[u'Users'], 'DomainUser', domaininfo)
db.session.commit()
domaininfo.Id
result = domaininfo.__dict__
result['Roles'] = domaininfo.Roles.all()
users = domaininfo.Users.all()
result['Users'] = []
for user in users:
result['Users'].append(user.__dict__)
for u in result['Users']:
del u['Domain']
return result
def shareObject():
session = request.session
param = request.json_param
objectUserId = sharedPermissionValidate(Permission.PermissionShare)
UserId = session["UserId"]
if u'DomainId' in param and (u'Groups' in param or u'Users'
in param): # objectUserId!=UserId: # 域内容共享
permissions = [
Permission.PermissionWrite, Permission.PermissionCreate,
Permission.PermissionDelete, Permission.PermissionDownload
]
for i in range(len(permissions) - 1, -1, -1):
if session['domainPermission' + permissions[i].name[10:]] == 1:
permissions.remove(permissions[i])
if u'Groups' in param:
for g in param[u'Groups']:
for p in permissions:
if g[u'Group' + p.name[10:]] == 1:
raise APIException(SystemErrorCode.UnkonwnError,
u'不能将自己不具备的权限在共享时赋给他人')
if u'Users' in param:
for u in param[u'Users']:
for p in permissions:
if u[u'User' + p.name[10:]] == 1:
raise APIException(SystemErrorCode.UnkonwnError,
u'不能将自己不具备的权限在共享时赋给他人')
Name = None
#权限验证
Object.query.filter_by(OwnerUserId=objectUserId, Id=param[u'Id']).one()
if u'Name' in param:
Name = param[u'Name']
try:
shareobject = Share.query.filter_by(CreatorUserId=UserId,
ObjectId=param[u"Id"]).one()
if len(param) != 2: #只有两个参数时是取信息
ShareUserCache.query.filter_by(
ShareObjectId=shareobject.Id).delete()
except NoResultFound:
if Name is None:
return
shareobject = Share(Name, UserId, param[u'Id']) #添加共享对象
db.session.add(shareobject)
if Name is not None:
shareobject.Name = Name
if u'Groups' in param:
process_list(param[u'Groups'], 'ShareGroup', shareobject)
if u'Users' in param:
process_list(param[u'Users'], 'ShareUser', shareobject)
db.session.flush()
if len(param) != 2: # 只有两个参数时是取信息
RefreshShareCache(shareobject)
db.session.commit()
shareobject.Id
result = shareobject.__dict__
result['Groups'] = db.session.query(Group).options(
joinedload(Group.Users, innerjoin=False)).filter(
Group.ShareObjectId == shareobject.Id).all()
result['Users'] = shareobject.Users.all()
return result
def addDomainRole(role, domain):
if domain.Roles.filter_by(Name=role[u'Name']).count() > 0:
return APIException(DataErrorCode.DomainRoleExist, u'角色名已被占用')
dbrole = Role(role[u'Name'], None, domain.OwnerUserId, 0)
domain.Roles.append(dbrole)