def update(key, param):
"""更新记录
[description]
Arguments:
key string -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Config.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
if not key:
raise JsonError('key 不能为空')
try:
Config.Update.filter(Config.key == key).update(param)
Config.session.commit()
return True
except Exception as e:
Config.session.rollback()
SysLogger.error(e)
raise JsonError('update error')
def insert(param):
"""插入
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Article.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'created_at' in columns:
param['created_at'] = utime.timestamp(3)
category_id = param.get('category_id', 0)
if not category_id:
raise JsonError('文章分类缺失')
description = param.get('description', '')
if len(description) > 255:
raise JsonError('Data too long for \'description\'')
try:
obj = Article(**param)
Article.session.add(obj)
Article.session.commit()
return True
except Exception as e:
Article.session.rollback()
SysLogger.error(e)
raise JsonError('insert error')
def update(id, param):
"""更新记录
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in AdminRole.__table__.columns.items()]
param = {k:v for k,v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
if not id:
raise JsonError('ID 不能为空')
try:
AdminRole.Update.filter(AdminRole.id == id).update(param)
AdminRole.session.commit()
return True
except Exception as e:
AdminRole.session.rollback()
SysLogger.error(e)
raise JsonError('update error')
def admin_user_post(self, *args, **kwargs):
"""新增管理员"""
role_id = self.get_argument('role_id', None)
username = self.get_argument('username', None)
password = self.get_argument('password', None)
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
status = self.get_argument('status', '1')
permission = self.get_argument('permission', [])
rsa_encrypt = self.get_argument('rsa_encrypt', 1)
if not username:
raise JsonError('用户名不能为空')
if not password:
raise JsonError('密码不能为空')
param = {
'status': status,
'username': username,
'password': password,
'mobile': mobile,
'email': email,
'permission': permission,
'role_id': role_id
}
AdminUserService.insert(param)
return self.success()
def wrapper( # type: ignore
self: RequestHandler, *args,
**kwargs) -> Optional[Awaitable[None]]:
if not self.current_user:
if self.request.method in ("GET", "HEAD"):
url = self.get_login_url()
next_url = ''
if "?" not in url:
if urllib.parse.urlsplit(url).scheme:
# if login url is absolute, make next absolute too
next_url = self.request.full_url()
else:
assert self.request.uri is not None
next_url = self.request.uri
url += "?" + urllib.parse.urlencode(
dict(redirect=next_url))
data = {
'login_url': url,
'next_url': next_url,
}
accept = self.request.headers.get('Accept', '')
if accept.startswith('application/json'):
raise JsonError('请重新登录', 706)
else:
return self.redirect(url)
raise JsonError('请重新登录....', 706)
return method(self, *args, **kwargs)
def upload(current_uid, ip, action, imgfile, path):
action_set = (
'adad',
'article/thumb',
'article/regulation',
'article/news',
'avatar',
'friendlink',
'goods/thumb',
'product',
)
if action not in action_set:
raise JsonError('不支持的action')
resp_data = []
for img in imgfile:
# 对文件进行重命名
file_ext = FileUtil.file_ext(img['filename'])
path = '%s/' % path
file_md5 = func.md5(img['body'])
save_name = f'{file_md5}.{file_ext}'
try:
param = Uploader.upload_img(file_md5, img, save_name, path, {
'user_id': current_uid,
'ip': ip,
})
resp_data.append(param)
except Exception as e:
if settings.debug:
raise e
SysLogger.error(e)
raise JsonError('上传失败')
return resp_data
def insert(param):
"""插入
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Advertising.__table__.columns.items()]
param = {k:v for k,v in param.items() if k in columns}
if 'created_at' in columns:
param['created_at'] = utime.timestamp(3)
description = param.get('description', '')
if len(description) > 255:
raise JsonError('Data too long for \'description\'')
if 'start_at' in param.keys():
param['start_at'] = param['start_at'] if param['start_at'].isnumeric() else 0
if 'end_at' in param.keys():
param['end_at'] = param['end_at'] if param['end_at'].isnumeric() else 0
try:
obj = Advertising(**param)
Advertising.session.add(obj)
Advertising.session.commit()
return True
except Exception as e:
Advertising.session.rollback()
SysLogger.error(e)
raise JsonError('insert error')
def update(id, param):
"""更新记录
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Goods.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
if not id:
raise JsonError('ID 不能为空')
if 'thumb' in param.keys():
try:
param['thumb'] = json_decode(param['thumb'])
except Exception as e:
param['thumb'] = {}
try:
Goods.Update.filter(Goods.id == id).update(param)
Goods.session.commit()
return True
except Exception as e:
Goods.session.rollback()
SysLogger.error(e)
raise JsonError('update error')
def update(user_id, param, rsa_encrypt=0):
"""
保存用户数据
:param user: 用户数据字典
:param rsa_encrypt:
:param user_id:
:return:
"""
columns = [i for (i, _) in AdminUser.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
if 'username' in param.keys():
if param['username']:
if AdminUserService.check_username(param['username'], user_id):
raise JsonError('名称已被占用')
else:
del param['username']
if 'password' in param.keys():
if param['password']:
if settings.login_pwd_rsa_encrypt and int(
rsa_encrypt) == 1 and len(param['password']) > 4:
private_key = sys_config('login_rsa_priv_key')
param['password'] = RSAEncrypter.decrypt(
param['password'], private_key)
param['password'] = make_password(param['password'])
else:
del param['password']
if 'email' in param.keys():
if param['email']:
if AdminUserService.check_email(param['email'], user_id):
raise JsonError('邮箱已被占用')
else:
param['email'] = None
if 'mobile' in param.keys():
if param['mobile']:
if AdminUserService.check_mobile(param['mobile'], user_id):
raise JsonError('电话号码已被占用')
else:
param['mobile'] = None
try:
if user_id:
AdminUser.Update.filter(AdminUser.id == user_id).update(param)
else:
obj = AdminUser(**param)
AdminUser.session.add(obj)
except Exception as e:
raise e
else:
AdminUser.session.commit()
return True
def unlock_user(user_id, password):
is_rsa = sys_config('login_pwd_rsa_encrypt')
if int(is_rsa) == 1:
private_key = sys_config('login_rsa_priv_key')
try:
password = RSAEncrypter.decrypt(password, private_key)
except Exception as e:
raise JsonError(msg='签名失败', code=11)
user = AdminUser.Q.filter(AdminUser.id == user_id).first()
if user is None:
raise JsonError('用户信息出错')
if check_password(password, user.password) == False:
raise JsonError('密码错误')
return True
def page_list(where, page, per_page):
"""列表记录
Arguments:
where dict -- 查询条件
page int -- 当前页
per_page int -- 每页记录数
return:
Paginate 对象 | None
"""
query = Goods.Q
if 'id' in where.keys():
query = query.filter(Goods.id == where['id'])
if 'title' in where.keys():
query = query.filter(Goods.title == where['title'])
if 'status' in where.keys():
query = query.filter(Goods.status == where['status'])
else:
query = query.filter(Goods.status != -1)
if 'recommended' in where.keys():
query = query.filter(Goods.recommended == where['recommended'])
pagelist_obj = query.paginate(page=page, per_page=per_page)
if pagelist_obj is None:
raise JsonError('暂无数据')
return GoodsAssembler.page_list(pagelist_obj, page, per_page)
def page_list(where, page, per_page):
"""列表记录
Arguments:
where dict -- 查询条件
page int -- 当前页
per_page int -- 每页记录数
return:
Paginate 对象 | None
"""
query = AdminUser.Q
if 'mobile' in where.keys():
query = query.filter(AdminUser.mobile == where['mobile'])
if 'username' in where.keys():
query = query.filter(AdminUser.username == where['username'])
if 'role_id' in where.keys():
query = query.filter(AdminUser.role_id == where['role_id'])
if 'status' in where.keys():
query = query.filter(AdminUser.status == where['status'])
else:
query = query.filter(AdminUser.status != -1)
pagelist_obj = query.paginate(page=page, per_page=per_page)
if pagelist_obj is None:
raise JsonError('暂无数据')
return AdminUserAssembler.page_list(pagelist_obj, page, per_page)
def insert(param):
"""插入
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in AdminRole.__table__.columns.items()]
param = {k:v for k,v in param.items() if k in columns}
if 'created_at' in columns:
param['created_at'] = utime.timestamp(3)
try:
obj = AdminRole(**param)
AdminRole.session.add(obj)
AdminRole.session.commit()
return True
except Exception as e:
AdminRole.session.rollback()
SysLogger.error(e)
raise JsonError('insert error')
def page_list(where, page, per_page):
"""列表记录
Arguments:
where dict -- 查询条件
page int -- 当前页
per_page int -- 每页记录数
return:
Paginate 对象 | None
"""
query = Friendlink.Q
if 'title' in where.keys():
query = query.filter(Friendlink.title == where['title'])
if 'status' in where.keys():
query = query.filter(Friendlink.status == where['status'])
else:
query = query.filter(Friendlink.status != -1)
query = query.order_by(Friendlink.sort.desc())
pagelist_obj = query.paginate(page=page, per_page=per_page)
if pagelist_obj is None:
raise JsonError('暂无数据')
return pagelist_obj
def menu_list(uid):
"""
获取菜单树
"""
if not(uid>0):
raise JsonError('请登录', 706)
menu_json = os.path.join(settings.ROOT_PATH, 'datas', 'json', 'menu.json')
menus = []
try:
with open(menu_json) as f:
menus = json.loads(f.read())
except Exception as e:
pass
user = AdminUser.Q.filter(AdminUser.id==uid).first()
if AdminUserService.is_super_role(uid, user.role_id):
return menus
# print('query.statement: ', query.statement)
permission = user.user_permission + user.role_permission if user else []
def _filter_permission(m1):
"""
检查菜单是否存在授权列表中
"""
if not m1:
return False
name = m1.get('name', '')
if name not in permission:
return False
m1['children'] = list(filter(_filter_permission, m1.get('children', [])))
return m1
return list(filter(_filter_permission, menus))
def page_list(where, page, per_page):
"""列表记录
Arguments:
where dict -- 查询条件
page int -- 当前页
per_page int -- 每页记录数
return:
Paginate 对象 | None
"""
query = Goods.Q
if 'id' in where.keys():
query = query.filter(Goods.id == where['id'])
if 'title' in where.keys():
query = query.filter(Goods.title == where['title'])
if 'status' in where.keys():
query = query.filter(Goods.status == where['status'])
else:
query = query.filter(Goods.status != -1)
if 'recommended' in where.keys():
query = query.filter(Goods.recommended == where['recommended'])
pagelist_obj = query.paginate(page=page, per_page=per_page)
if pagelist_obj is None:
raise JsonError('暂无数据')
category_map = {}
category_ids = [obj.category_id for obj in pagelist_obj.items]
category_list = GoodsCategoryService.category_list(category_ids)
for category in category_list:
category_map[category.id] = category
return GoodsAssembler.page_list(pagelist_obj, page, per_page,
category_map)
def insert(param):
"""插入
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Goods.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'created_at' in columns:
param['created_at'] = utime.timestamp(3)
if 'thumb' in param.keys():
try:
param['thumb'] = json_decode(param['thumb'])
except Exception as e:
param['thumb'] = {}
raise e
else:
param['thumb'] = {}
try:
obj = Goods(**param)
Goods.session.add(obj)
Goods.session.commit()
return True
except Exception as e:
Goods.session.rollback()
SysLogger.error(e)
raise JsonError('insert error')
def menu_init_get(self):
"""获取特定版本所有菜单 | 超级管理员才有的权限,编辑菜单之前调用
"""
if not self.super_role(): # 非超级管理员
raise JsonError('未授权', 401)
# self.apis = AdminMenuService.api_node_list()
def filter_menu(i2):
""" 根据name过滤menu里面已经存在的API """
if not i2:
return []
try:
name = i2.get('name', '')
children = i2.get('children', [])
if name in self.apis.keys():
# print('name ', name, type(self.apis), self.apis.keys())
# 根据name过滤menu里面已经存在的API
i2['name'] = self.apis[name]['name']
# i2['title'] = self.apis[name]['title']
# path 以后台配置为准,所以不需要覆盖 path
i2['method'] = self.apis[name]['method']
self.apis.pop(name)
i2['children'] = [filter_menu(i3) for i3 in children]
return i2
except Exception as e:
# print('i2', i2)
raise e
menu_list = AdminMenuService.menu_list(1)
# 一定要先执行 filter_menu/1 再返回self.apis.items()
left = [filter_menu(i2) for i2 in menu_list]
# right = [i1 for (k,i1) in self.apis.items()]
right = []
return self.success(data={'right': right, 'left': left})
def admin_user_put(self, id, *args, **kwargs):
role_id = self.get_argument('role_id', None)
username = self.get_argument('username', None)
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', '0')
email = self.get_argument('email', None)
mobile = self.get_argument('mobile', None)
status = self.get_argument('status', '0')
permission = self.get_argument('permission', [])
if not id:
raise JsonError('Edit用户ID不能为空')
param = {
'id': id,
'status': status,
'username': username,
'mobile': mobile,
'email': email
}
param['permission'] = '[]'
try:
param['permission'] = json.dumps(permission)
except Exception as e:
pass
if role_id:
param['role_id'] = role_id
AdminUserService.update(id, param, rsa_encrypt)
return self.success(data=param)
def is_super_role(uid, role_id=0):
""""判断当前用户是否超级用户"""
if not uid:
raise JsonError('用户ID不能为空')
if not role_id:
user = AdminUserService.get(uid)
role_id = user.role_id if user else 0
return True if (int(uid) in settings.SUPER_ADMIN) or (
int(role_id) == settings.SUPER_ROLE_ID) else False
def unlock_user(self):
"""锁屏解锁"""
password = self.get_argument('password', None)
if not password:
raise JsonError('请输入密码')
current_uid = self.current_user.get('id', 0)
AdminUserService.unlock_user(current_uid, password)
return self.success()
def menu_post(self):
"""保存修改的菜单 | 超级管理员才有的权限
"""
if not self.super_role(): # 非超级管理员
raise JsonError('未授权', 401)
tree = self.get_argument('tree')
if '\\u' in tree:
tree = tree.encode('utf-8').decode('unicode_escape')
# print('tree ', type(tree), tree)
try:
tree = json.loads(tree)
AdminMenuService.save_data(tree)
except JsonError as e:
raise e
except json.decoder.JSONDecodeError as e:
raise JsonError('需要json数据')
except Exception as e:
raise e
self.success()
def admin_change_pwd(self):
"""
修改密码
:return:
"""
password = self.get_argument('password', None)
rsa_encrypt = self.get_argument('rsa_encrypt', None)
admin_id = self.get_argument('admin_id', None)
if password is None or rsa_encrypt is None or admin_id is None:
raise JsonError('参数必须')
AdminUserService.change_pwd(password, rsa_encrypt, admin_id)
return self.success()
def update(id, param):
"""更新记录
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Advertising.__table__.columns.items()]
param = {k:v for k,v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
if 'start_at' in param.keys():
param['start_at'] = param['start_at'] if param['start_at'].isnumeric() else 0
if 'end_at' in param.keys():
param['end_at'] = param['end_at'] if param['end_at'].isnumeric() else 0
description = param.get('description', '')
if len(description) > 255:
raise JsonError('Data too long for \'description\'')
if not id:
raise JsonError('ID 不能为空')
try:
Advertising.Update.filter(Advertising.id == id).update(param)
Advertising.session.commit()
return True
except Exception as e:
Advertising.session.rollback()
SysLogger.error(e)
raise JsonError('update error')
def update(id, param):
"""更新记录
[description]
Arguments:
id int -- 主键
param dict -- [description]
return:
True | JsonError
"""
columns = [i for (i, _) in Article.__table__.columns.items()]
param = {k: v for k, v in param.items() if k in columns}
if 'updated_at' in columns:
param['updated_at'] = utime.timestamp(3)
description = param.get('description', '')
if len(description) > 255:
raise JsonError('Data too long for \'description\'')
if not id:
raise JsonError('ID 不能为空')
status = param.get('status', None)
category_id = param.get('category_id', 0)
if not category_id:
raise JsonError('文章分类缺失')
try:
Article.Update.filter(Article.id == id).update(param)
Article.session.commit()
return True
except Exception as e:
Article.session.rollback()
SysLogger.error(e)
raise JsonError('update error')
def get(id):
"""获取单条记录
[description]
Arguments:
id int -- 主键
return:
Friendlink Model 实例 | None
"""
if not id:
raise JsonError('ID不能为空')
obj = Friendlink.Q.filter(Friendlink.id == id).first()
return obj
def get(key):
"""获取单条记录
[description]
Arguments:
key string -- 主键
return:
Config Model 实例 | None
"""
if not key:
raise JsonError('key不能为空')
obj = Config.Q.filter(Config.key == key).first()
return obj
def get(id):
"""获取单条记录
[description]
Arguments:
id int -- 主键
return:
AdminRole Model 实例 | None
"""
if not id:
raise JsonError('ID不能为空')
obj = AdminRole.Q.filter(AdminRole.id == id).first()
return obj
def get(id):
"""获取单条记录
[description]
Arguments:
id int -- 主键
return:
UserFriendNotice Model 实例 | None
"""
if not id:
raise JsonError('ID不能为空')
obj = UserFriendNotice.Q.filter(UserFriendNotice.id == id).first()
return obj
def get(id):
"""获取单条记录
[description]
Arguments:
id int -- 主键
return:
GoodsCategory Model 实例 | None
"""
if not id:
raise JsonError('ID不能为空')
obj = GoodsCategory.Q.filter(GoodsCategory.id == id).first()
return obj
