def add_cmsuser():
if request.method == 'GET':
roles = CMSRole.query.all()
context = {
'roles': roles
}
return render_template('cms/cms_addcmsuser.html',**context)
else:
form = CMSAddUserForm(request.form)
if form.validate():
email = form.email.data
username = form.username.data
password = form.password.data
roles = request.form.getlist('roles[]')
if not roles:
return xjson.json_params_error(message=u'必须指定最少一个分组!')
user = CMSUser(email=email,username=username,password=password)
for role_id in roles:
role = CMSRole.query.get(role_id)
role.users.append(user)
# 如果是通过user.roles.append(role)
# 那么还需要通过db.session.add(user)添加用户到session中
# 这是因为user还没有添加到数据库中
db.session.commit()
return xjson.json_success()
else:
return xjson.json_params_error(message=form.get_error())
def edit_cmsuser():
if request.method == 'GET':
user_id = request.args.get('user_id')
if not user_id:
abort(404)
user = CMSUser.query.get(user_id)
roles = CMSRole.query.all()
current_roles = [role.id for role in user.roles]
context = {
'user': user,
'roles': roles,
'current_roles': current_roles
}
return render_template('cms/cms_editcmsuser.html',**context)
else:
user_id = request.form.get('user_id')
roles = request.form.getlist('roles[]')
if not user_id:
return xjson.json_params_error(message=u'没有指定id!')
if not roles:
return xjson.json_params_error(message=u'必须指定一个组!')
user = CMSUser.query.get(user_id)
# 清掉之前的角色信息
user.roles[:] = []
# 添加新的角色
for role_id in roles:
role_model = CMSRole.query.get(role_id)
user.roles.append(role_model)
db.session.commit()
return xjson.json_success()
def email_captcha():
email = request.args.get('email')
if not email:
return xjson.json_paramserror('请传递邮箱地址')
#生成6位数的随机验证码
source = list(string.ascii_letters)
source.extend(map(lambda x:str(x),range(0,10)))
captcha = ''.join(random.sample(source,6))
#发送验证码邮件
msg = Message('Aroma的BBS论坛更换邮箱验证码',
recipients=[email],
body='您的验证码是:{},5分钟内有效'.format(captcha)
)
try:
mail.send(msg)
except Exception as err:
print(err)
return xjson.json_servererror(message='邮件发送失败')
# 验证码存入memcache
print(email+'*'*10+captcha)
xcache.set(email, captcha)
return xjson.json_success(message='邮件发送成功')
def settings():
if request.method == 'GET':
return render_template('front/front_settings.html')
else:
form = SettingsForm(request.form)
if form.validate():
username = form.username.data
realname = form.realname.data
email = form.email.data
avatar = form.avatars.data
signature = form.signature.data
user_model = g.front_user
user_model.username = username
if realname:
user_model.realname = realname
if email:
user_model.email = email
if avatar:
user_model.avatars = avatar
if signature:
user_model.signature = signature
db.session.commit()
return xjson.json_success()
else:
return xjson.json_params_error(message=form.get_error())
def aboard():
add_form_board = AddBoardForm(request.form)
if add_form_board.validate():
name = add_form_board.name.data
board = BoardModel(name=name)
db.session.add(board)
db.session.commit()
return xjson.json_success(message='添加板块成功')
else:
return xjson.json_params_error(message=add_form_board.get_error())
def dboard():
board_id = request.form.get('board_id')
if not board_id:
return xjson.json_params_error(message='请传入板块id')
board = BoardModel.query.get(board_id)
if not board:
return xjson.json_params_error(message='没有这个板块')
db.session.delete(board)
db.session.commit()
return xjson.json_success(message='删除板块成功')
def dcomment():
comment_id = request.form.get('comment_id')
if not comment_id:
return xjson.json_params_error(message='请传入评论id')
comment = CommentModel.query.get(comment_id)
if not comment:
return xjson.json_params_error(message='没有这个评论')
db.session.delete(comment)
db.session.commit()
return xjson.json_success(message='删除评论成功')
def acomment():
add_form_comment = AddCommentForm(request.form)
if add_form_comment.validate():
name = add_form_comment.name.data
comment = CommentModel(name=name)
db.session.add(comment)
db.session.commit()
return xjson.json_success(message='添加评论成功')
else:
return xjson.json_param_error(message=add_form_comment.get_error())
def post(self):
resetemail_form = RestEmailForm(request.form)
if resetemail_form.validate():
email = resetemail_form.email.data
g.cms_user.email = email
db.session.commit()
return xjson.json_success('邮箱修改成功')
else:
message = resetemail_form.get_errors()
return xjson.json_params_error(message)
def post(self):
signup_form = SignUpForm(request.form)
if signup_form.validate():
username = signup_form.username.data
password = signup_form.password1.data
user = FrontUser(username=username, password=password)
db.session.add(user)
db.session.commit()
return xjson.json_success('恭喜您,注册成功')
else:
return xjson.json_params_error(signup_form.get_error())
def dpost():
post_id = request.form.get("post_id")
if not post_id:
return xjson.json_params_error('请传入帖子id!')
post = PostModel.query.get(post_id)
if not post:
return xjson.json_params_error("没有这篇帖子!")
db.session.delete(post)
db.session.commit()
return xjson.json_success()
def dbanner():
banner_id = request.form.get('banner_id')
if not banner_id:
return xjson.json_params_error(message='请传入轮播图id!')
banner = BannerModel.query.get(banner_id)
if not banner:
return xjson.json_params_error(message='没有这个轮播图!')
db.session.delete(banner)
db.session.commit()
return xjson.json_success()
def uhpost():
post_id = request.form.get("post_id")
if not post_id:
return xjson.json_params_error('请传入帖子id!')
post = PostModel.query.get(post_id)
if not post:
return xjson.json_params_error("没有这篇帖子!")
highlight = HighlightPostModel.query.filter_by(post_id=post_id).first()
db.session.delete(highlight)
db.session.commit()
return xjson.json_success()
def abanner():
form = AddBannerForm(request.form)
if form.validate():
name = form.name.data
image_url = form.image_url.data
link_url = form.link_url.data
priority = form.priority.data
banner = BannerModel(name=name,image_url=image_url,link_url=link_url,priority=priority)
db.session.add(banner)
db.session.commit()
return xjson.json_success()
else:
return xjson.json_params_error(message=form.get_error())
def hpost():
post_id = request.form.get("post_id")
if not post_id:
return xjson.json_params_error('请传入帖子id!')
post = PostModel.query.get(post_id)
if not post:
return xjson.json_params_error("没有这篇帖子!")
highlight = HighlightPostModel()
highlight.post = post
db.session.add(highlight)
db.session.commit()
return xjson.json_success()
def uboard():
update_board_form = UpdateBoardForm(request.form)
if update_board_form.validate():
board_id = update_board_form.board_id.data
name = update_board_form.name.data
if board_id:
board = BoardModel.query.get(board_id)
board.name = name
db.session.commit()
return xjson.json_success(message='更新成功')
else:
return xjson.json_params_error(message='板块不存在')
else:
return xjson.json_params_error(message=update_board_form.get_error())
def black_front_user():
form = CMSBlackFrontUserForm(request.form)
if form.validate():
user_id = form.user_id.data
is_black = form.is_black.data
user = FrontUser.query.get(user_id)
if not user:
abort(404)
user.is_active = not is_black
db.session.commit()
return xjson.json_success(message="成功移出黑名单")
else:
return xjson.json_params_error(message=form.get_error())
def ucomment():
update_comment_form = UpdateCommentForm(request.form)
if update_comment_form.validate():
comment_id = update_comment_form.comment_id.data
name = update_comment_form.name.data
if comment_id:
comment = CommentModel.query.get(comment_id)
comment.name = name
db.session.commit()
return xjson.json_success(message='更新成功')
else:
return xjson.json_param_error(message='评论不存在')
else:
return xjson.json_param_error(message=update_comment_form.get_error())
def add_role():
if request.method == 'GET':
permissions = CMSPersmission.PERMISSION_MAP
return render_template('cms/cms_addrole.html',permissions=permissions)
else:
name = request.form.get('name')
desc = request.form.get('desc')
permissions = request.form.getlist('permissions[]')
all_permission = 0
for x in permissions:
all_permission |= int(x)
role = CMSRole(name=name,desc=desc,permissions=all_permission)
db.session.add(role)
db.session.commit()
return xjson.json_success()
def post(self):
resetpwd_form = ResetPwdForm(request.form)
if resetpwd_form.validate():
oldpwd = resetpwd_form.oldpwd.data
newpwd = resetpwd_form.newpwd.data
user = g.cms_user
if user.check_password(oldpwd):
user.password = newpwd
db.session.commit()
return xjson.json_success('修改成功')
else:
return xjson.json_params_error('原密码错误')
else:
message = resetpwd_form.get_error()
return xjson.json_params_error(message)
def post(self):
signin_form = SignInForm(request.form)
if signin_form.validate():
telephone = signin_form.telephone.data
password = signin_form.password.data
remember = signin_form.remember.data
user = FrontUser.query.filter_by(telephone=telephone).first()
if user and user.check_password(password):
session[config.FRONT_USER_ID] = user.id
if remember:
session.premanent = True
return xjson.json_success('登陆成功')
else:
return xjson.json_params_error('手机号或密码错误')
else:
return xjson.json_params_error(signin_form.get_error())
def post(self):
resetpwd_form = ResetPwdForm(request.form)
if resetpwd_form.validate():
oldpwd = resetpwd_form.oldpwd.data
newpwd = resetpwd_form.newpwd.data
user = g.cms_user
if user.check_password(oldpwd):
user.password = newpwd
db.session.commit()
#因为接受的是ajax,所以这里使用jsonify返回数据
#返回code字段表示状态码,message信息提示
return xjson.json_success('修改成功')
else:
return xjson.json_paramserror('原密码错误')
else:
message = resetpwd_form.errors
return xjson.json_paramserror(message.popitem()[1][0])
def add_comment():
add_comment_form = AddCommentForm(request.form)
if add_comment_form.validate():
content = add_comment_form.content.data
post_id = add_comment_form.post_id.data
post = PostModel.query.get(post_id)
if post:
comment = CommentModel(content=content)
comment.post = post
comment.author = g.front_user
db.session.add(comment)
db.session.commit()
return xjson.json_success()
else:
return xjson.json_param_error('没有这篇帖子!')
else:
return xjson.json_param_error(add_comment_form.get_error())
def sms_captcha():
sms_captcha_form = SmsCaptchaForm(request.form)
if sms_captcha_form.validate():
telephone = sms_captcha_form.telephone.data
#生成随机的验证,之前图片那里有方法实现了,我们直接调用就行,生成6位的验证码
radom_code = Captcha.gene_text(6)
cont = '测试bbs,您的验证码为:%s' % (radom_code)
params = {'code': cont}
result = send_sms(telephone, params)
dict_res = json.loads(result)
if dict_res['code'] == 0:
xcache.set(telephone,radom_code) #把手机号作为key
return xjson.json_success('短信发送成功')
else:
return xjson.json_server_error('短信发送失败')
else:
return xjson.json_params_error('参数错误')
def post(self):
resetpwd_form = RestPwdForm(request.form)
if resetpwd_form.validate():
oldpwd = resetpwd_form.oldpwd.data
newpwd = resetpwd_form.newpwd.data
user = g.cms_user
if user.check_password(oldpwd):
user.password = newpwd
db.session.commit()
# 因为接受的是ajax,所以这里使用jsonify返回数据
# 返回code字段表示状态码,message信息提示
return xjson.json_success("修改成功")
else:
return xjson.json_params_error("原密码错误")
else:
message = resetpwd_form.get_errors()
return jsonify({"code": 400, "message": message})
def ubanner():
form = UpdateBannerForm(request.form)
if form.validate():
banner_id = form.banner_id.data
name = form.name.data
image_url = form.image_url.data
link_url = form.link_url.data
priority = form.priority.data
banner = BannerModel.query.get(banner_id)
if banner:
banner.name = name
banner.image_url = image_url
banner.link_url = link_url
banner.priority = priority
db.session.commit()
return xjson.json_success()
else:
return xjson.json_params_error(message='没有这个轮播图!')
else:
return xjson.json_params_error(message=form.get_error())
def apost():
if request.method == 'GET':
boards = BoardModel.query.all()
return render_template('front/front_apost.html', boards=boards)
else:
add_post_form = AddPostForm(request.form)
if add_post_form.validate():
title = add_post_form.title.data
content = add_post_form.content.data
board_id = add_post_form.board_id.data
board = BoardModel.query.get(board_id)
if not board:
return xjson.json_param_error(message='没有这个板块')
post = PostModel(title=title, content=content)
post.board = board
post.author = g.front_user
db.session.add(post)
db.session.commit()
return xjson.json_success()
else:
return xjson.json_param_error(message=add_post_form.get_error())
def edit_role():
if request.method == 'GET':
role_id = request.args.get('role_id')
role = CMSRole.query.filter_by(id=role_id).first()
permissions = CMSPersmission.PERMISSION_MAP
context = {
'role': role,
'permissions': permissions
}
return render_template('cms/cms_addrole.html',**context)
else:
role_id = request.form.get('role_id')
name = request.form.get('name')
desc = request.form.get('desc')
permissions = request.form.get('permissions[]')
role = CMSRole.query.filter_by(id=role_id).first()
role.name = name
role.desc = desc
role.permissions = reduce(lambda x,y:int(x)|int(y),permissions)
db.session.commit()
return xjson.json_success()
def email_captcha():
#/cms/emai_capthcha/[email protected]
email = request.args.get('email')
if not email:
return xjson.json_params_error('请传递邮件参数!')
#生成6位数的随机验证码
source = list(string.ascii_letters)
source.extend(map(lambda x: str(x), range(0, 10)))
captcha = ''.join(random.sample(source, 6))
#发送邮件
msg = Message('BBS论坛更换邮箱验证码',
recipients=[email],
body='您的验证码:{},5分钟内有效'.format(captcha))
try:
mail.send(msg)
except Exception as err:
print(err)
return xjson.json_server_error(message='邮件发送失败')
#验证码存入memcached
xcache.set(email, captcha)
return xjson.json_success(message='邮件发送成功')
