def GET(self, xid): assert (str(xid).isdigit()) if not check_right (xid): print 'try to read an unauthrithm data, %s record id:%s , user id:%s' % ('user',xid, get_user()) raise web.notfound() record = m_user.get_one (**{"id": int(xid)}) return render ('admin/user_read.html', data = {'record':record})
def GET(self,xid): assert (str(xid).isdigit()) xid = int(xid) if xid and not check_right (xid): print 'try to edit unauthorization data, table:%s, id:%s' % ( 'user', xid) return default_error () data = {} if xid: data['record'] = m_user.get_one (**{"id": int(xid)}) if not data: print 'Error, try to edit record but not found data, table:%s, id:%s' % ('user', xid) raise web.notfound() return render ('admin/user_edit.html', data = data)
def POST(self,xid): #xid = web.input(xid=0).get('xid') assert (str(xid).isdigit()) xid = int(xid) request = web.input() input_fields = [ 'user_memID', 'user_userID', 'user_userCode', 'user_userName', 'user_chainID', 'user_projectID', 'user_cityID', 'user_cityName', 'user_managerID', 'user_managerName', 'user_stationID', 'user_stationName', 'user_email', 'user_tel', 'user_mobile', 'user_joinDate', 'user_status', ] nonul_fields = [ 'user_memID', 'user_userID', 'user_userCode', 'user_userName', ] #user input fileds, can not be emtpy #检查用户是否有权限 if xid!=0 and not check_right (xid): print 'try to save an unauthrithm data, %s record id:%s , user id:%s' % ('user',xid, get_user()) raise web.notfound() #检查是否存在 不能为空的字段 输入为空 if not self.check_input (request, nonul_fields): print 'try to edit data, but found some not-null parameter null, table: %s' % 'user' return default_error('some parameter empty') data = {} if xid==0: #new record print 'add new record into database for table user' data["id"] = 0 data['create_time'] = get_date(); data['create_user'] = get_user() else: print 'update record into database for table user' data = m_user.get_one ( ** {'id': xid}) if not data: print 'try to update record into database, but fail' raise web.notfound() data['update_time'] = get_date(); data['update_user'] = get_user() for field in input_fields: new_field = field.replace('user_','',1) data[new_field] = request.get(field,'') #if xid=0 then add ; otherwise update m_user.upsert ("id",**data) return web.seeother('/admin/user'+"_list")