def authenticate():
i = ctx.request.input(remember='')
phone = i.phone.strip()
password = i.password
user = RMS.find_first(
'where mobile = ? and crm is not null and stillwork = 1', phone)
if user is None:
error_code = ERROR_CODE['user_error']
raise APIError(error_code, ERROR_MESSAGE[error_code])
login_info = _login(phone, password)
if login_info['errno'] != 0 or not login_info['data'] or not login_info[
'data']['sessionToken']:
error_code = ERROR_CODE['login_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
else:
# 如果登录成功,查看ipPoolAdmin表,如果木有该用户,那么增加这个用户,否则更新下登录时间
count = IpPoolAdmin.count_by('where uid = ?', user.uid)
if count < 1:
IpPoolAdmin(uid=user.uid).insert()
else:
IpPoolAdmin(createAt=time.time()).update_by(
'where `uid` = ?', user.uid)
max_age = 86400
cookie = make_signed_cookie(str(user.id), user.mobile, max_age)
ctx.response.set_cookie(LOGIN_COOKIE_NAME, cookie, max_age=max_age)
ctx.response.set_cookie('leancloud-token',
login_info['data']['sessionToken'],
max_age=max_age)
return user
def vote():
result = int(ctx.request.get('result', None))
ip_id = int(ctx.request.get('ipId', 0))
reason = ctx.request.get('reason', '')
if (result != 1 and result != 2) or ip_id <= 0 or (result == 1
and not reason):
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
if ctx.request.user.crm.find('4_1_8') == -1:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
admin_list = RMS.find_by('where `crm` like "%4_1_8%" and stillwork = 1')
admins = admin_list[:]
where = 'where ipId = ?'
res = IPBlacklistVote.find_by(where, ip_id)
pass_num, refuse_num, vote_turnout = 0, 0, 0.0
if result == 1:
pass_num += 1
else:
refuse_num += 1
for x in res:
if x.voterId == ctx.request.user.uid:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
if x.result == 1:
pass_num += 1
if x.result == 2:
refuse_num += 1
for admin in admin_list:
if admin.uid == x.voterId or admin.uid == ctx.request.user.uid:
if admin in admins:
admins.remove(admin)
vote_end = 1 if len(admins) < 1 or len(admin_list) == 1 else 0
vote_turnout = float(pass_num) / (pass_num + refuse_num)
IPBlacklist(voteTurnout=vote_turnout,
voteEnd=vote_end).update_by('where id = ?', ip_id)
res = IPBlacklistVote(ipId=ip_id,
voterId=ctx.request.user.uid,
voterName=ctx.request.user.name,
result=result,
reason=reason,
createAt=time.time(),
updateAt=time.time()).insert()
return res
def api_verify():
newwriter_id = ctx.request.get('newWriterId', None)
story = int(ctx.request.get('story', 0))
structure = int(ctx.request.get('structure', 0))
character = int(ctx.request.get('character', 0))
market = int(ctx.request.get('market', 0))
if not newwriter_id:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
args = [newwriter_id, ctx.request.user.uid]
NewWriterVerifyRecord(status=0,
story=story,
structure=structure,
character=character,
market=market).update_by(
'where newWriterId = ? and uid = ?', *args)
res = NewWriterVerifyRecord.find_by('where newWriterId = ? and uid != ?',
*args)
count, state = (story + structure + character + market), True
for info in res:
if info.status == -1:
state = False
break
count += (info.story + info.structure + info.character + info.market)
if state:
count /= (len(res) + 1)
NewWriterPool(id=newwriter_id, status=1, result=count).update()
return dict(error=0)
def register_user():
i = ctx.request.input(name='', email='', password='')
name = i.name.strip()
email = i.email.strip().lower()
password = i.password
if not name:
raise APIValueError('name')
if not email or not _RE_EMAIL.match(email):
raise APIValueError('email')
if not password or not _RE_MD5.match(password):
raise APIValueError('password')
user = Users.find_first('where email=?', email)
if user:
raise APIError('register:failed', 'email', 'Email is already in use.')
user = Users(id=next_id(),
name=name,
email=email,
password=password,
image='http://www.gravatar.com/avatar/%s?d=mm&s=120' %
hashlib.md5(email).hexdigest())
user.insert()
# make session cookie:
cookie = make_signed_cookie(user.id, user.password, None)
ctx.response.set_cookie(COOKIE_NAME, cookie)
return user
def _detail():
detail_type = ctx.request.get('type', '1')
stored_id = ctx.request.get('id')
data = {'data': {}}
if stored_id:
detail_api = _API_HOST + '/api/tools/whiteList?storedIp=%s&token=%s' % (
stored_id, ctx.request.cookies.get('leancloud-token'))
res_data = urllib2.urlopen(detail_api)
res = res_data.read()
res_data.close()
data = json.loads(res)
if data['code'] != 0:
error_code = ERROR_CODE['data_exception_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
params = {
'type': detail_type,
'apiHost': _API_HOST,
'token': ctx.request.cookies.get('leancloud-token'),
'storedIp': stored_id or ''
}
return dict(data=data['data'], param=params, user=ctx.request.user)
def authenticate():
i = ctx.request.input(remember='')
email = i.email.strip().lower()
password = i.password
remember = i.remember
user = Users.find_first('where email=?', email)
if user is None:
raise APIError('auth:failed', 'email', 'Invalid email.')
elif user.password != password:
raise APIError('auth:failed', 'password', 'Invalid password.')
# make session cookie:
max_age = 604800 if remember == 'true' else None
cookie = make_signed_cookie(user.id, user.password, max_age)
ctx.response.set_cookie(COOKIE_NAME, cookie, max_age=max_age)
user.password = '******'
return user
def _get_list(api_url):
pn = int(ctx.request.get('pn', 1))
rn = int(ctx.request.get('rn', 10))
list_type = ctx.request.get('type', 'open')
list_api = _API_HOST + api_url + '?listType=%s&pn=%d&rn=%d&token=%s' % (
list_type, pn - 1, rn, ctx.request.cookies.get('leancloud-token'))
res_data = urllib2.urlopen(list_api)
res = res_data.read()
res_data.close()
data = json.loads(res)
if data['code'] != 0:
error_code = ERROR_CODE['data_exception_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
page = Page(data['count'], pn, rn)
params = {
'type': list_type,
'apiHost': _API_HOST,
'token': ctx.request.cookies.get('leancloud-token')
}
return dict(data=data['data'],
page=page.to_dict(),
param=params,
user=ctx.request.user)
def _blacklist_package():
ip_id = int(ctx.request.get('ipId', 0))
packager_id = ctx.request.get('packagerId', None)
uptime = int(ctx.request.get('uptime', 0))
if ctx.request.user.crm.find('4_1_10') == -1:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
info = IPBlacklist.find_first('where id = ?', ip_id)
if not info or info.status != 1:
error_code = ERROR_CODE['error_operation']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
res = IPBlacklist(status=2,
packagerId=packager_id,
updateAt=time.time(),
uptime=uptime).update_by('where id = ?', ip_id)
return res
def _detail_api():
copy_id = ctx.request.get('copyId', False)
if not copy_id:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
detail_api = _API_HOST + '/copy/workdetail?copyId=%s&token=%s' % (
copy_id,
ctx.request.cookies.get('leancloud-token'),
)
res_data = urllib2.urlopen(detail_api)
res = res_data.read()
res_data.close()
data = json.loads(res)
if data['errno'] != 0:
error_code = ERROR_CODE['data_exception_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
return dict(data=data['data'], user=ctx.request.user)
def api_allot():
if ctx.request.user.crm.find('4_1_7') == -1:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
ip_list = ctx.request.get('ipList', '')
admin_list = ctx.request.get('adminList', '')
everyone_num = int(ctx.request.get('everyoneNum', 0))
ip_list = ip_list.split(',')
admin_list = admin_list.split(',')
admins = _allot_method(ip_list, admin_list, everyone_num)
try:
for admin in admins:
for newwriter_id in admin['verifyList']:
field = {
'uid': admin['uid'],
'newWriterId': newwriter_id,
'createAt': time.time(),
'updateAt': time.time(),
'status': -1
}
NewWriterVerifyRecord(**field).insert()
except:
error_code = ERROR_CODE['insert_sql_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
update_field = {'type': 1, 'status': 0}
new_ip_list = []
for ip in ip_list:
new_ip_list.append(str(int(ip)))
NewWriterPool(**update_field).update_by('where id in (%s)' %
(','.join(new_ip_list), ))
return dict(error=0)
def api_verify_result():
newwriter_id = ctx.request.get('newWriterId', None)
if not newwriter_id:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
res = _get_verify_result(newwriter_id)
param = {
'newWriterId': newwriter_id,
}
return dict(list=res, param=param, user=ctx.request.user)
def _search_user_info():
key = ctx.request.get('key', None)
if not key:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
keys, i = [], 0
while i < 7:
keys.append("%" + key + "%")
i += 1
where = 'where `username` like ? or `desc` like ? or `company` like ? or `companyShortName` like ? or `person_name` like ? or `person_nickname` like ? or `person_desc` like ?'
data = User.find_by(where, *keys)
return dict(user=data)
def api_verify_result():
object_id = ctx.request.get('objectId')
if not object_id:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
first_res = IPVerify.find_by(
'where verifyType = 1 and objectId = ? order by updateAt ASC',
object_id)
second_res = IPVerify.find_by(
'where verifyType = 3 and objectId = ? order by updateAt ASC',
object_id)
third_res = IPVerify.find_by(
'where verifyType = 4 and objectId = ? order by updateAt ASC',
object_id)
_format_data(first_res), _format_data(second_res), _format_data(third_res)
return dict(first=first_res, second=second_res, third=third_res)
def home():
pn = int(ctx.request.get('pn', 1))
rn = int(ctx.request.get('rn', 10))
list_api = _API_HOST + '/copy/workchecklist?pn=%d&rn=%d&token=%s' % (
pn - 1, rn, ctx.request.cookies.get('leancloud-token'))
res_data = urllib2.urlopen(list_api)
res = res_data.read()
res_data.close()
data = json.loads(res)
if data['errno'] != 0:
error_code = ERROR_CODE['data_exception_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
_format_data(data['data']['list'])
page = Page(data['data']['count'], pn, rn)
return dict(data=data['data'], page=page.to_dict(), user=ctx.request.user)
def _get_verify_list_by_page(verify_type='1', verify_result=None, title=None):
page_index, page_size = get_page_info()
join = 'as a left join %s as b on a.objectId = b.objectId' % (
IPPool.__table__, )
if title:
args = ['%' + title + '%', ctx.request.user.uid]
where = '%s where b.title like ? and a.verifyPerson = ?' % (join, )
elif verify_type == '1':
if verify_result:
args = [verify_result, ctx.request.user.uid]
where = '%s where a.verifyType = 1 and a.verifyResult = ? and a.verifyPerson = ?' % (
join, )
else:
args = [verify_type, ctx.request.user.uid]
where = '%s where a.verifyType = ? and a.verifyPerson = ?' % (
join, )
elif verify_type == '3':
if verify_result:
args = [verify_result, ctx.request.user.uid]
where = '%s where (a.verifyType = 3 or a.verifyType = 4) and a.verifyResult = ? and a.verifyPerson = ?' % (
join, )
else:
args = [ctx.request.user.uid]
where = '%s where (a.verifyType = 3 or a.verifyType = 4) and a.verifyPerson = ?' % (
join, )
else:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
total = IPSamplingVerify.count_by_field(where, 'a.id', *args)
page = Page(total, page_index, page_size)
where = '%s order by updateAt limit ?,?' % (where, )
args.append(page.offset)
args.append(page.limit)
lists = IPSamplingVerify.select_by(where, args, [
'a.*', 'b.verifyType as ipPoolType', 'status', 'b.title',
'b.hasOutline', 'b.author', 'b.createAt as publishTime'
])
return lists, page.to_dict()
def _join_blacklist():
ip_id = int(ctx.request.get('ipId', 0))
object_id = ctx.request.get('objectId', None)
title = ctx.request.get('title', None)
shortcut = ctx.request.get('shortcut', None)
if ip_id < 1:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
if ctx.request.user.crm.find('4_1_10') == -1:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
info = IPBlacklist.find_first('where id = ?', ip_id)
if info and info.status == -1:
raise APIError('8888', "此作品已从黑名单下线,如需上线请联系管理员!", {})
if not shortcut:
if not info or info.status != 0:
error_code = ERROR_CODE['error_operation']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
return IPBlacklist(status=1,
operatorId=ctx.request.user.uid,
updateAt=time.time()).update_by(
'where id = ?', ip_id)
else:
if info:
raise APIError('9999', "此作品已在黑名单候选流程中,无需单独添加!", {})
if not object_id or not title:
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
return IPBlacklist(id=ip_id,
status=1,
operatorId=ctx.request.user.uid,
updateAt=time.time(),
createAt=time.time(),
isShortcut=1,
title=title,
objectId=object_id).insert()
def api_verify():
verify_type = ctx.request.get('verifyType', None)
object_id = ctx.request.get('objectId', None)
verify_result = ctx.request.get('verifyResult', None)
if not ctx.request.user.uid:
raise HttpError.seeother('/login')
# 如果缺少verify_type,或者object_id,或者verifyResult不等于1或2或3那么抛出参数错误
if not verify_type or not object_id or (verify_result != '1'
and verify_result != '2'
and verify_result != '3'):
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
# 先查一次,看看这个ip是否有效,并且是否被评审过了,如果已经评审了,那么不能修改结果
where = 'where `objectId` = ? and `verifyPerson` = ? and `verifyType` = ?'
verify_data = IPSamplingVerify.select_by(
where, [object_id, ctx.request.user.uid, verify_type],
['verifyResult'])
if not verify_data or 'verifyResult' not in verify_data[
0] or verify_data[0].verifyResult != 0:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
# 重新修改选题会作品的状态
where = 'where objectId = ?'
ip_info = IPPool.find_first(where, *[object_id])
# 一抽过
if verify_type == '1' and verify_result == '1':
# 一审过(1,1)or 二审不过(3,2)or 二审复审不过(4,2) or 二评待审(3, 0 || 4, 0)
if (ip_info.verifyType == 1 and ip_info.status == 1) or (
ip_info.verifyType == 3 and ip_info.status
== 2) or (ip_info.verifyType == 4 and ip_info.status == 2) or (
ip_info.verifyType == 3 and ip_info.status == 1) or (
ip_info.verifyType == 4 and ip_info.status
== 1) or (ip_info.verifyType == 3 and ip_info.status
== 0) or (ip_info.verifyType == 4
and ip_info.status == 0):
pass
# 一审不过(1,2)
elif ip_info.verifyType == 1 and ip_info.status == 2:
IPPool(status=1).update_by(where, *[object_id])
else:
raise APIError(99999991, '抽检数据存在异常!', {})
# 一抽不过
elif verify_type == '1' and verify_result == '2':
# 一审过(1,1)or 二审不过(3,2)or 二审复审不过(4,2)or 二评待审(3, 0 || 4, 0)
if (ip_info.verifyType == 1 and ip_info.status == 1) or (
ip_info.verifyType == 3
and ip_info.status == 2) or (ip_info.verifyType == 4
and ip_info.status == 2):
IPPool(verifyType=1, status=2).update_by(where, *[object_id])
# 一审不过(1,2)
elif (ip_info.verifyType == 1 and ip_info.status
== 2) or (ip_info.verifyType == 3 and ip_info.status == 1) or (
ip_info.verifyType == 4 and ip_info.status == 1) or (
ip_info.verifyType == 3
and ip_info.status == 0) or (ip_info.verifyType == 4
and ip_info.status == 0):
pass
else:
raise APIError(99999992, '抽检数据存在异常!', {})
# 二抽过
elif verify_type == '3' and verify_result == '1':
# 一审不过(1,2)or 二审不过(3,2)
if (ip_info.verifyType == 1 and ip_info.status == 2) or (
ip_info.verifyType == 3
and ip_info.status == 2) or (ip_info.verifyType == 4
and ip_info.status == 2):
ip_verify_type = 4 if ip_info.thirdOldStatus > 0 else 3
IPPool(verifyType=ip_verify_type,
status=1).update_by(where, *[object_id])
# 二审过(3,1)
elif (ip_info.verifyType == 3
and ip_info.status == 1) or (ip_info.verifyType == 4
and ip_info.status == 1):
pass
else:
raise APIError(99999993, '抽检数据存在异常!', {})
# 二抽不过
elif verify_type == '3' and verify_result == '2':
# 一审不过(1,2)or 二审不过(3,2)
if (ip_info.verifyType == 1 and ip_info.status == 2) or (
ip_info.verifyType == 3
and ip_info.status == 2) or (ip_info.verifyType == 4
and ip_info.status == 2):
pass
# 二审过(2,1)
elif (ip_info.verifyType == 3
and ip_info.status == 1) or (ip_info.verifyType == 4
and ip_info.status == 1):
IPPool(status=2).update_by(where, *[object_id])
else:
raise APIError(99999994, '抽检数据存在异常!', {})
# 复审二抽过
elif verify_type == '4' and verify_result == '1':
# 一审不过(1,2)or 二审复审不过(4,2)
if (ip_info.verifyType == 1
and ip_info.status == 2) or (ip_info.verifyType == 4
and ip_info.status == 2):
IPPool(verifyType=4, status=1).update_by(where, *[object_id])
# 二审复审过(4,1)
elif ip_info.verifyType == 4 and ip_info.status == 1:
pass
else:
raise APIError(99999995, '抽检数据存在异常!', {})
# 复审二抽不过
elif verify_type == '4' and verify_result == '2':
# 一审不过(1,2)or 二审复审不过(4,2)
if (ip_info.verifyType == 1
and ip_info.status == 2) or (ip_info.verifyType == 4
and ip_info.status == 2):
pass
# 二审复审过(3,1)
elif ip_info.verifyType == 4 and ip_info.status == 1:
IPPool(status=2).update_by(where, *[object_id])
else:
raise APIError(99999996, '抽检数据存在异常!', {})
where = 'where `objectId` = ? and `verifyPerson` = ? and `verifyType` = ?'
ip_verify = IPSamplingVerify(verifyResult=verify_result,
updateAt=time.time())
res = ip_verify.update_by(where, object_id, ctx.request.user.uid,
verify_type)
# 判断下返回的结果是不是存在问题
if not hasattr(res, 'verifyResult') or res.verifyResult != verify_result:
IPPool(verifyType=ip_info.verifyType,
status=ip_info.status).update_by(where, *[object_id])
error_code = ERROR_CODE['update_sql_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
return res
def api_verify():
verify_type = ctx.request.get('verifyType', None)
object_id = ctx.request.get('objectId', None)
verify_result = ctx.request.get('verifyResult', None)
if not ctx.request.user.uid:
raise HttpError.seeother('/login')
# 如果缺少verify_type,或者object_id,或者verifyResult不等于1或2那么抛出参数错误
if not verify_type or not object_id or (verify_result != '1'
and verify_result != '2'):
error_code = ERROR_CODE['param_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
# 先查一次,看看这个ip是否有效,并且是否被评审过了,如果已经评审了,那么不能修改结果
where = 'where `objectId` = ? and `adminId` = ? and `verifyType` = ?'
verify_data = IPVerify.select_by(
where, [object_id, ctx.request.user.uid, verify_type],
['verifyResult'])
if not verify_data or 'verifyResult' not in verify_data[
0] or verify_data[0].verifyResult != 0:
error_code = ERROR_CODE['not_allow_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
# 如果是未评审过的,那么可以放心大胆的修改状态了
ip_verify = IPVerify(verifyResult=verify_result, updateAt=time.time())
res = ip_verify.update_by(where, object_id, ctx.request.user.uid,
verify_type)
# 判断下返回的结果是不是存在问题,好安心执行下面的操作
if not hasattr(res, 'verifyResult') or res.verifyResult != verify_result:
error_code = ERROR_CODE['update_sql_error']
raise APIError(error_code, ERROR_MESSAGE[error_code], {})
# 获取其他人的评审记录
select_where = 'where `objectId` = ? and `adminId` != ? and `verifyType` = ?'
verify_list = IPVerify.find_by(select_where, object_id,
ctx.request.user.uid, verify_type)
pass_count, not_pass_count = 0, 0
if verify_result == '1':
pass_count += 1
else:
not_pass_count += 1
for item in verify_list:
if item.verifyResult == 0:
# 如果有没评审完的人,那么停止操作,返回上面的更新结果
return res
elif item.verifyResult == 1:
pass_count += 1
else:
not_pass_count += 1
# 计算下多人的评审结果,顺便将ipPools表的状态也改一下
old_status_field = {
'1': 'firstOldStatus',
'3': 'secondOldStatus',
'4': 'thirdOldStatus'
}[verify_type]
final_result = 1 if pass_count > not_pass_count else 2
field = {
'status': final_result,
old_status_field: final_result,
'updateAt': time.time()
}
where = 'where objectId = ? and verifyType = ?'
update_info = IPPool(**field).update_by(where, object_id, verify_type)
res.ipPoolsInfo = update_info
return res