def manage_edit(): forms = ManageForm() if request.method == 'POST': validate = forms.validate() if not validate: error = Tool.get_error(forms.errors) return Tool.admin_json_response(message=error, code=0) role_ids = request.form.getlist('role_id[]') try: forms.save(role_id=role_ids) return Tool.admin_json_response( '保存成功', url=url_for('blue_admin_manage.manage_index')) except AdminException as e: return Tool.admin_json_response(message=e.message, code=0) id = request.args.get('id', 0) info = ManageUser.query.filter_by(id=id).first_or_404() roles = ManageRole.query.all() user_roles = info.roles.all() role_ids = [] for user_role in user_roles: role_ids.append(user_role.id) return render_template('admin/manage/manage_edit.html', roles=roles, info=info, role_ids=role_ids, forms=forms)
def role_edit(): modal = ManageRole() form = RoleForm() role_id = request.args.get('role_id', 0) if request.method == 'POST': validate = form.validate() if not validate: error = Tool.get_error(form.errors) return Tool.admin_json_response(message=error, code=0) role_name = request.form.get('role_name') access = request.form.getlist('access[]') try: form.save(role_name, access, id=role_id) return Tool.admin_json_response( '保存成功', url=url_for('blue_admin_manage.role_index')) except AdminException as e: return Tool.admin_json_response(message=e.message, code=0) access = modal.get_all_access(role_id) info = ManageRole.query.filter_by(id=role_id).first_or_404() return render_template('admin/manage/role_edit.html', access=access, form=form, info=info)
def access_edit(): modal = ManageAccess() access_form = AccessForm() if request.method == 'POST': validate = access_form.validate() if not validate: error = Tool.get_error(access_form.errors) return Tool.admin_json_response(message=error, code=0) try: access_form.save() url = url_for('blue_admin_manage.access_index') return Tool.admin_json_response(message="保存成功", url=url) except AdminException as e: return Tool.admin_json_response(message=e.message, code=0) id = request.args.get('id', 0) info = ManageAccess.query.filter_by(id=id).first_or_404() all_access = modal.get_all_access() select_access = [] if all_access: select_access = modal.get_select_access(all_access, temp_tree_list=[]) return render_template('admin/manage/access_edit.html', select_access=select_access, form=access_form, info=info)
def manage_delete(): modal = ManageUser() id = int(request.form.get('user_id')) try: modal.delete_user(user_id=id) return Tool.admin_json_response(message="删除成功") except AdminException as e: return Tool.admin_json_response(message=e.message, code=0)
def access_delete(): modal = ManageAccess() id = int(request.form.get('access_id')) try: modal.delete_access(access_id=id) return Tool.admin_json_response(message="删除成功") except AdminException as e: return Tool.admin_json_response(message=e.message, code=0)
def before_request(): path = request.path if path not in no_require_path and not path.startswith( '/admin/static/'): admin_id = session.get('admin_id') if not admin_id: return redirect(url_for('blue_admin_index.login')) # g.admin_id = admin_id 查询用户 user_info = ManageUser.query.filter_by(id=admin_id).first() if not user_info or user_info.status != 1: return redirect(url_for('blue_admin_index.login')) # 判断权限 access_paths = no_auth_path modal = ManageUser() get_access_paths = modal.get_manage_access(user_info) access_paths = access_paths + get_access_paths g.access_paths = access_paths g.admin_user_info = user_info if not user_info.is_super and path not in no_auth_path: if path not in access_paths: # 没有权限,跳转到 错误页面 if request.is_xhr: return Tool.admin_json_response('没有权限') else: abort(403)
def manage_index(): list = ManageUser.query.all() for item in list: roles = item.roles.all() role_names = [] for role in roles: role_names.append(role.role_name) item.create_time = Tool.format_time(item.create_time) item.role_names = ','.join(role_names) if len(role_names) > 0 else '' return render_template('admin/manage/index.html', list=list)
def manage_add(): forms = ManageForm() if request.method == 'POST': validate = forms.validate() if not validate: error = Tool.get_error(forms.errors) return Tool.admin_json_response(message=error, code=0) role_ids = request.form.getlist('role_id[]') try: forms.save(role_id=role_ids) return Tool.admin_json_response( '保存成功', url=url_for('blue_admin_manage.manage_index')) except AdminException as e: return Tool.admin_json_response(message=e.message, code=0) # 获取全部角色 roles = ManageRole.query.all() return render_template('admin/manage/manage_add.html', roles=roles, forms=forms)
def access_add(): modal = ManageAccess() access_form = AccessForm() if request.method == 'POST': validate = access_form.validate() if not validate: error = Tool.get_error(access_form.errors) return Tool.admin_json_response(message=error, code=0) try: access_form.save() url = url_for('blue_admin_manage.access_index') return Tool.admin_json_response(message="保存成功", url=url) except AdminException as e: return Tool.admin_json_response(message=e.message, code=0) all_access = modal.get_all_access() select_access = [] if all_access: select_access = modal.get_select_access(all_access, temp_tree_list=[]) return render_template('admin/manage/access_add.html', select_access=select_access, form=access_form)
def role_add(): modal = ManageRole() form = RoleForm() if request.method == 'POST': validate = form.validate() if not validate: error = Tool.get_error(form.errors) return Tool.admin_json_response(message=error, code=0) role_name = request.form.get('role_name') access = request.form.getlist('access[]') try: form.save(role_name, access) return Tool.admin_json_response( '保存成功', url=url_for('blue_admin_manage.role_index')) except AdminException as e: return Tool.admin_json_response(message=e.message, code=0) access = modal.get_all_access() return render_template('admin/manage/role_add.html', access=access, form=form)
def role_index(): list = ManageRole.query.all() for item in list: item.create_time = Tool.format_time(item.create_time) return render_template('admin/manage/role.html', list=list)
def error_request_method(e): return Tool.admin_json_response('请求方式错误', code=0)