def manage_edit():
forms = ManageForm()
if request.method == 'POST':
validate = forms.validate()
if not validate:
error = Tool.get_error(forms.errors)
return Tool.admin_json_response(message=error, code=0)
role_ids = request.form.getlist('role_id[]')
try:
forms.save(role_id=role_ids)
return Tool.admin_json_response(
'保存成功', url=url_for('blue_admin_manage.manage_index'))
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
id = request.args.get('id', 0)
info = ManageUser.query.filter_by(id=id).first_or_404()
roles = ManageRole.query.all()
user_roles = info.roles.all()
role_ids = []
for user_role in user_roles:
role_ids.append(user_role.id)
return render_template('admin/manage/manage_edit.html',
roles=roles,
info=info,
role_ids=role_ids,
forms=forms)
def role_edit():
modal = ManageRole()
form = RoleForm()
role_id = request.args.get('role_id', 0)
if request.method == 'POST':
validate = form.validate()
if not validate:
error = Tool.get_error(form.errors)
return Tool.admin_json_response(message=error, code=0)
role_name = request.form.get('role_name')
access = request.form.getlist('access[]')
try:
form.save(role_name, access, id=role_id)
return Tool.admin_json_response(
'保存成功', url=url_for('blue_admin_manage.role_index'))
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
access = modal.get_all_access(role_id)
info = ManageRole.query.filter_by(id=role_id).first_or_404()
return render_template('admin/manage/role_edit.html',
access=access,
form=form,
info=info)
def access_edit():
modal = ManageAccess()
access_form = AccessForm()
if request.method == 'POST':
validate = access_form.validate()
if not validate:
error = Tool.get_error(access_form.errors)
return Tool.admin_json_response(message=error, code=0)
try:
access_form.save()
url = url_for('blue_admin_manage.access_index')
return Tool.admin_json_response(message="保存成功", url=url)
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
id = request.args.get('id', 0)
info = ManageAccess.query.filter_by(id=id).first_or_404()
all_access = modal.get_all_access()
select_access = []
if all_access:
select_access = modal.get_select_access(all_access, temp_tree_list=[])
return render_template('admin/manage/access_edit.html',
select_access=select_access,
form=access_form,
info=info)
def manage_delete():
modal = ManageUser()
id = int(request.form.get('user_id'))
try:
modal.delete_user(user_id=id)
return Tool.admin_json_response(message="删除成功")
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
def access_delete():
modal = ManageAccess()
id = int(request.form.get('access_id'))
try:
modal.delete_access(access_id=id)
return Tool.admin_json_response(message="删除成功")
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
def before_request():
path = request.path
if path not in no_require_path and not path.startswith(
'/admin/static/'):
admin_id = session.get('admin_id')
if not admin_id:
return redirect(url_for('blue_admin_index.login'))
# g.admin_id = admin_id 查询用户
user_info = ManageUser.query.filter_by(id=admin_id).first()
if not user_info or user_info.status != 1:
return redirect(url_for('blue_admin_index.login'))
# 判断权限
access_paths = no_auth_path
modal = ManageUser()
get_access_paths = modal.get_manage_access(user_info)
access_paths = access_paths + get_access_paths
g.access_paths = access_paths
g.admin_user_info = user_info
if not user_info.is_super and path not in no_auth_path:
if path not in access_paths:
# 没有权限,跳转到 错误页面
if request.is_xhr:
return Tool.admin_json_response('没有权限')
else:
abort(403)
def manage_index():
list = ManageUser.query.all()
for item in list:
roles = item.roles.all()
role_names = []
for role in roles:
role_names.append(role.role_name)
item.create_time = Tool.format_time(item.create_time)
item.role_names = ','.join(role_names) if len(role_names) > 0 else ''
return render_template('admin/manage/index.html', list=list)
def manage_add():
forms = ManageForm()
if request.method == 'POST':
validate = forms.validate()
if not validate:
error = Tool.get_error(forms.errors)
return Tool.admin_json_response(message=error, code=0)
role_ids = request.form.getlist('role_id[]')
try:
forms.save(role_id=role_ids)
return Tool.admin_json_response(
'保存成功', url=url_for('blue_admin_manage.manage_index'))
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
# 获取全部角色
roles = ManageRole.query.all()
return render_template('admin/manage/manage_add.html',
roles=roles,
forms=forms)
def access_add():
modal = ManageAccess()
access_form = AccessForm()
if request.method == 'POST':
validate = access_form.validate()
if not validate:
error = Tool.get_error(access_form.errors)
return Tool.admin_json_response(message=error, code=0)
try:
access_form.save()
url = url_for('blue_admin_manage.access_index')
return Tool.admin_json_response(message="保存成功", url=url)
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
all_access = modal.get_all_access()
select_access = []
if all_access:
select_access = modal.get_select_access(all_access, temp_tree_list=[])
return render_template('admin/manage/access_add.html',
select_access=select_access,
form=access_form)
def role_add():
modal = ManageRole()
form = RoleForm()
if request.method == 'POST':
validate = form.validate()
if not validate:
error = Tool.get_error(form.errors)
return Tool.admin_json_response(message=error, code=0)
role_name = request.form.get('role_name')
access = request.form.getlist('access[]')
try:
form.save(role_name, access)
return Tool.admin_json_response(
'保存成功', url=url_for('blue_admin_manage.role_index'))
except AdminException as e:
return Tool.admin_json_response(message=e.message, code=0)
access = modal.get_all_access()
return render_template('admin/manage/role_add.html',
access=access,
form=form)
def role_index():
list = ManageRole.query.all()
for item in list:
item.create_time = Tool.format_time(item.create_time)
return render_template('admin/manage/role.html', list=list)
def error_request_method(e):
return Tool.admin_json_response('请求方式错误', code=0)