def process_request(self, request):
requestUrl = request.path
addUserLog(request, "MiddleWare", "PASS")
needFilt = True
if requestUrl==settings.LOGIN_URL:
needFilt = False
else:
for noAuthUrl in settings.NO_AUTH_URLS:
if requestUrl.startswith(noAuthUrl):
needFilt = False
break
if needFilt:
adminFilt = False
for adminAuthUrl in settings.MYADMIN_URLS:
if requestUrl.startswith(adminAuthUrl):
adminFilt = True
break
if adminFilt:
adminAuthInfo = adminAAA(request)
if adminAuthInfo[0] == False:
return doLogin(request)
else:
authInfo = AAAUser(request)
redirectUrlList = [
"/interfaceTest/HTTP_InterfaceCheck",
"/dubbo/interfaceList",
"/mockserver/HTTP_InterfaceCheck",
"/interfaceTest/HTTP_operationInterface",
"/interfaceTest/HTTP_InterfaceAddPage",
"/interfaceTest/importPostmanPage",
"/dubbo/importLogPage",
"/interfaceTest/HTTP_TestCaseCheck",
"/interfaceTest/HTTP_TestCaseStepCheck",
"/interfaceTest/HTTP_TestCaseAddPage",
"/interfaceTest/HTTP_TaskCheck",
"/interfaceTest/HTTP_TaskSuiteCheck",
"/dubbo/operationInterface",
"/dubbo/interfaceAddPage",
"/statistictask/execlistPage",
"/statistictask/listPage",
"/statistictask/operationCheck",
"/interfaceTest/HTTP_EnvUriConf",
"/interfaceTest/HTTP_UserHttpConf",
"/interfaceTest/HTTP_UriConf",
"/interfaceTest/HTTP_UserServiceConf",
"/interfaceTest/HTTP_GlobalVarsConf",
"/interfaceTest/HTTP_GlobalTextConf",
"/datakeyword/listPage",
"/datakeyword/operationCheck",
"/interfaceTest/HTTP_operationTestCase",
"/dubbo/operationTestCase",
]
if request.META["PATH_INFO"] in redirectUrlList:
request.session["nextUrl"] = request.META["PATH_INFO"] + ("" if request.META["QUERY_STRING"] == "" else "?"+request.META["QUERY_STRING"])
if authInfo[0] == False:
return index(request)
def saveEditData(request):
postLoad = json.loads(request.POST.get("postData"))
postLoad["modTime"] = datetime.datetime.now()
postLoad["modBy"] = request.session.get("loginName")
try:
retCode, retV = MainService.dataSaveEdit(request, postLoad)
addUserLog(request, "DataKeyword服务->更新[%s]->成功。" % id, "PASS")
return HttpResponse(
ApiReturn(code=retCode, message=str(retV)).toJson())
except Exception as e:
logger.error(traceback.format_exc())
return HttpResponse(
ApiReturn(ApiReturn.CODE_INTERFACE_ERROR,
'保存编辑失败!%s' % e).toJson())
def setReason(request):
id = request.GET.get("id")
reason = request.GET.get("reason")
try:
retCode, retInfo = MainService.dataSaveEditSetReason(id, reason)
if retCode == 10000:
addUserLog(request, "StatisticTask管理->删除[%s]->成功。" % id, "PASS")
return HttpResponse(ApiReturn(ApiReturn.CODE_OK).toJson())
else:
return HttpResponse(
ApiReturn(code=retCode, message=retmsg).toJson())
except Exception as e:
print(traceback.format_exc())
return HttpResponse(
ApiReturn(ApiReturn.CODE_INTERFACE_ERROR,
"参数id错误 %s" % e).toJson())
def delData(request):
id = request.GET.get("id")
try:
dataObj = MainService.getDataById(request.GET.get("id"))
if dataObj.addBy != request.session.get("loginName"):
return HttpResponse(
ApiReturn(ApiReturn.CODE_INTERFACE_ERROR,
"只能删除自己的用例").toJson())
except Exception as e:
print(traceback.format_exc())
return HttpResponse(
ApiReturn(ApiReturn.CODE_INTERFACE_ERROR,
"参数id错误 %s" % e).toJson())
if MainService.delDataById(request, id) == 1:
addUserLog(request, "DataKeyword管理->删除[%s]->成功。" % id, "PASS")
return HttpResponse(ApiReturn(ApiReturn.CODE_OK).toJson())
else:
return HttpResponse(ApiReturn(ApiReturn.CODE_INTERFACE_ERROR).toJson())
def addPage(request, context):
context["option"] = "add"
context["datakeywordAdd"] = "current-page"
if not isRelease:
context["env"] = "test"
# 文本
text = {}
if request.GET.get("type", "DATA_KEYWORD") == "DATA_KEYWORD":
context["title"] = "添加自定义关键字"
text["pageTitle"] = "自定义关键字"
text["subPageTitle"] = "添加自定义关键字"
else:
context["title"] = "添加PYTHON代码"
text["pageTitle"] = "PYTHON代码"
text["subPageTitle"] = "添加PYTHON代码"
context["text"] = text
context["importStr"] = getPythonThirdLib()
addUserLog(request, "DataKeyword管理->添加->页面展示->成功", "PASS")
return render(request, "data_keyword/add.html", context)
def addPage(request):
context = {}
context["option"] = "add"
context["addStatisticTask"] = "current-page"
if not isRelease:
context["env"] = "test"
# 文本
text = {}
text["pageTitle"] = "添加统计任务"
text["subPageTitle"] = "添加统计任务"
context["text"] = text
context["businessLine"] = dbModelListToListDict(
BusinessService.getAllBusinessLine()) #初始化业务线
permission = []
permission.append("HTTP_interface_add") #加数据为了测试
permission.append("HTTP_interface_edit")
permission.append("HTTP_interface_copy")
context["permission"] = permission
addUserLog(request, "StatisticTask管理->添加->页面展示->成功", "PASS")
return render(request, "statistic_task/add.html", context)
def executeListPage(request):
request.session['groupLevel1'] = groupLevel1
request.session['groupLevel2'] = groupLevel2
request.session['isReleaseEnv'] = isRelease
langDict = getLangTextDict(request)
context = {}
if not isRelease:
context["env"] = "test"
context["execStatisticTaskCheck"] = "current-page"
context["userName"] = request.session.get("userName")
context["checkBusinessLine"] = dbModelListToListDict(
BusinessService.getAllBusinessLine())
context["checkModules"] = dbModelListToListDict(
ModulesService.getAllModules())
# 文本
text = {}
text["pageTitle"] = "统计任务上报结果"
context["text"] = text
context["page"] = 1
# context["lang"] = getLangTextDict(request)
addUserLog(request, "StatisticTask管理->查看->页面展示->成功", "PASS")
return render(request, "statistic_task/exec_list.html", context)
def listPage(request):
request.session['groupLevel1'] = groupLevel1
request.session['groupLevel2'] = groupLevel2
request.session['isReleaseEnv'] = isRelease
langDict = getLangTextDict(request)
context = {}
if not isRelease:
context["env"] = "test"
context["datakeywordList"] = "current-page"
context["userName"] = request.session.get("userName")
context["checkBusinessLine"] = dbModelListToListDict(
BusinessService.getAllBusinessLine())
context["checkModules"] = dbModelListToListDict(
ModulesService.getAllModules())
# 文本
text = {}
text["pageTitle"] = "数据关键字/PYTHON模式"
context["text"] = text
context["page"] = 1
# context["lang"] = getLangTextDict(request)
addUserLog(request, "DataKeyword管理->查看->页面展示->成功", "PASS")
context["title"] = "KEYWORD/PYTHON"
return render(request, "data_keyword/list.html", context)
def listData(request):
page = request.POST.get("page")
if isInt(page):
page = int(page)
else:
addUserLog(request, "DataKeyword管理->查看用例->获取数据->页面参数不合法", "FAIL")
return HttpResponse("<script>alert('请验证页数参数');</script>")
checkArr = json.loads(parse.unquote(request.POST.get("checkArr")))
orderBy = request.POST.get("orderBy")
if isSqlInjectable(orderBy):
addUserLog(request, "DataKeyword管理->查看用例->获取数据->SQL注入检测时发现查询条件非法",
"FAIL")
return HttpResponse("<script>alert('查询条件非法');</script>")
tbName = "tb4_data_keyword"
versionCondition = ""
execSql = "SELECT i.*,u.userName,mu.userName modByName from %s i LEFT JOIN tb_user mu ON i.modBy = mu.loginName LEFT JOIN tb_user u ON i.addBy = u.loginName WHERE 1=1 and i.state=1 %s" % (
tbName, versionCondition)
print(execSql)
checkList = []
for key in checkArr:
if checkArr[key] == "":
continue
elif key == "caseFounder":
checkList.append("%%%s%%" % checkArr[key])
checkList.append("%%%s%%" % checkArr[key])
execSql += """ and (i.addBy LIKE %s or u.userName LIKE %s) """
continue
elif key == "module":
checkList.append("%%%s%%" % checkArr[key])
execSql += """ and m.moduleName LIKE %s """
continue
elif key == "businessLine":
checkList.append("%%%s%%" % checkArr[key])
execSql += """ and b.bussinessLineName LIKE %s """
continue
checkList.append("%%%s%%" % checkArr[key])
execSql += """ and i.%s """ % key
execSql += """ LIKE %s"""
execSql += """ ORDER BY %s""" % orderBy
otherUserList = []
context = pagination(sqlStr=execSql,
attrList=checkList,
page=page,
pageNum=commonWebConfig.interFacePageNum,
request=request)
for index in context["pageDatas"]:
if index["addBy"] not in otherUserList:
otherUserList.append(index["addBy"])
response = render(request, "data_keyword/SubPages/list_data.html", context)
addUserLog(request, "DataKeyword管理->查看->获取数据->成功", "PASS")
return response