def menus_list_get():
"""获取菜单列表和选中菜单"""
# 获取参数
role_id = request.args.get('role_id')
crole_str = session['role_str']
# 获取菜单列表和选中菜单
menus_list = SqlOperate().get_menus_list_by_role_str(crole_str)
selected_menu = SqlOperate().get_menus_list_by_role_str(role_id)
# 处理选中菜单数据
select_list = list()
for menu_dict in selected_menu:
for menu in menu_dict['menu_list']:
select_list.append(menu['id'])
# 合并菜单列表和选中菜单
for menu_dict in menus_list:
for menu in menu_dict['menu_list']:
if menu['id'] in select_list:
menu['select'] = 1
else:
menu['select'] = 0
# 返回数据
return jsonify(result=1, data=menus_list)
def menus_list_update():
"""修改菜单列表"""
# 获取参数
menu_list = request.form.get('menu_list')
role_id = request.form.get('role_id')
# 从数据库获取数据
retrieve_sql = """SELECT id,role_str
FROM menu;"""
all_menus_tup = SqlOperate().select(retrieve_sql)
# 更新数据
update_sql = """UPDATE menu
SET role_str='{}'
WHERE id={};"""
for mid, role_str in all_menus_tup:
role_list = role_str.split("/")
if mid in eval(menu_list):
if role_id not in role_list:
role_list.append(role_id)
role_list.sort()
new_role_str = "/".join(role_list)
SqlOperate().update(update_sql.format(new_role_str, mid))
else:
if role_id in role_list:
role_list.remove(role_id)
role_list.sort()
new_role_str = "/".join(role_list)
SqlOperate().update(update_sql.format(new_role_str, mid))
# 返回应答
return jsonify(result=1, msg=u'修改成功!')
def set_server_state():
channels = request.form.get("channels")
state = int(request.form.get("state"))
if state not in [SERVER_STATE_STOP, SERVER_STATE_PRE_PUBLIC, SERVER_STATE_PUBLIC]:
return jsonify({})
for channel in channels.split(","):
if channel:
payload = {
"channels": channel,
"state": state
}
channel_id = int(redis_conn.hget(CHANNEL_CONFIG_TABLE + channel, "id"))
sql = 'select other_msg from channel where id = %d' % channel_id
cfg = SqlOperate().select(sql)[0][0]
conf = json.loads(cfg)
conf["server_state"] = state
sql = "update channel set other_msg = '%s' where id = %d" % (json.dumps(conf), channel_id)
SqlOperate().update(sql)
redis_conn.hset(CHANNEL_CONFIG_TABLE + channel, "server_state", state)
redis_conn.hset(CHANNEL_CONFIG_TABLE + str(channel_id), "server_state", state)
return jsonify({})
def show_left():
user_id = g.user_id
role_sql = """SELECT role_str FROM user WHERE id=%s""" % user_id
sql_oper = SqlOperate()
crole_str = sql_oper.select(role_sql)[0][0]
menus_list = sql_oper.get_menus_list_by_role_str(crole_str)
return render_template('left.html', menus_list=menus_list)
def delete_role():
role_id = request.json.get('role_id')
del_role_sql = """DELETE FROM role WHERE id=%s""" % role_id
sql_oper = SqlOperate()
try:
sql_oper.delete(del_role_sql)
except Exception as e:
current_app.logger.error(e)
return jsonify(errmsg='数据库操作失败')
return jsonify(errmsg='删除成功')
def logout():
admin_id = g.user_id
session.clear()
logout_time = int(time.time())
admin_update_sql = """UPDATE user SET last_logout_time=%s WHERE id=%s""" % (
logout_time, admin_id)
sql_oper = SqlOperate()
sql_oper.update(admin_update_sql)
return jsonify(errmsg='退出成功')
def delete_menu():
menu_id = request.json.get('menu_id')
del_menu_sql = """DELETE FROM menu WHERE id=%s""" % menu_id
sql_oper = SqlOperate()
try:
sql_oper.delete(del_menu_sql)
except Exception as e:
current_app.logger.error(e)
return jsonify(errno='2', errmsg='数据库操作失败')
return jsonify(errno='0', errmsg='删除成功')
def set_role():
json_dict = request.form
role_id = json_dict.get('role_id')
role_name = json_dict.get('name')
parent_id = json_dict.get('parent')
role_update_sql = """UPDATE role SET name='%s', parent_id=%s WHERE id=%s;""" % (
role_name, parent_id, role_id)
print role_update_sql
sql_oper = SqlOperate()
sql_oper.update(role_update_sql)
return redirect(url_for('busi.get_role'))
def get_menu():
crole_str = session['role_str']
sql_oper = SqlOperate()
role_list = sql_oper.get_roles_list_by_role_str(crole_str)
result = is_sys(crole_str)
# 中菜单列表
menus_list = sql_oper.get_menus_list_by_role_str(crole_str)
return render_template('index_menu.html',
menus_list=menus_list,
roles=role_list,
result=result)
def load_channel():
cids = {}
sql = 'select id, name, game_log_db, web_url, other_msg, role_str from channel where is_delete = %d' % STATUS_USE
for line in SqlOperate().select(sql):
try:
cids[line[0]] = line[1]
dd = json.loads(line[4])
if dd.has_key("sms_config"):
try:
dd["sms_config"] = b64decode(dd["sms_config"])
except:
pass
else:
dd["sms_config"] = ""
if not dd.has_key("sms_type"):
dd["sms_type"] = ""
dd["id"] = line[0]
dd["name"] = line[1]
dd["game_log_db"] = line[2]
dd["web_url"] = line[3]
dd["role_str"] = line[5]
redis_conn.hmset(CHANNEL_CONFIG_TABLE + str(line[0]), dd)
redis_conn.hmset(CHANNEL_CONFIG_TABLE + line[1], dd)
## 加载黑白名单数据
black_white_list.sync_ip_black_white(line[0])
## 加载公告数据
gm_manage.load_annouce(line[0])
except Exception as e:
print "load channel data err ", line[1], e
redis_conn.hmset(CHANNEL_IDS, cids)
def add_role():
json_dict = request.form
role_name = json_dict.get('name')
parent_role = int(json_dict.get('parent'))
sql_oper = SqlOperate()
try:
sql = 'select ifnull(max(id), 2) from role'
idx = int(sql_oper.select(sql)[0][0]) + 1
role_add_sql = """INSERT INTO role VALUES (%d, '%s', %d);""" % (
idx, role_name, parent_role)
sql_oper.insert(role_add_sql)
except Exception as e:
print e
current_app.logger.error(e)
return jsonify(errmsg='数据库查询失败')
# 如果不是管理员 则还需要把该角色加入到当前渠道的可操作角色中去
crole_list = session['role_str'].split('/')
admin = '1' in crole_list
print "admin:", admin
if not admin:
sql = '''
update channel
set role_str = concat_ws("/", role_str, "%d")
where id = %d
''' % (idx, session['select_channel'])
sql_oper.update(sql)
print sql
return redirect(url_for('busi.get_role'))
def set_role_menu():
json_dict = request.form
role_id = json_dict.get('role_id')
menu_id_list = [int(i) for i in json_dict.getlist('menus')]
all_menu_sql = "SELECT id,role_str FROM menu"
sql_oper = SqlOperate()
try:
all_menus_tup = sql_oper.select(all_menu_sql)
except Exception as e:
current_app.logger.error(e)
return jsonify(errmsg='数据库查询失败')
sql = "UPDATE menu SET role_str='%s' WHERE id=%s;"
for mid, role_str in all_menus_tup:
role_list = role_str.split("/")
if mid in menu_id_list:
if role_id not in role_list:
role_list.append(role_id)
role_list.sort()
new_role_str = "/".join(role_list)
sql_oper.update(sql % (new_role_str, mid))
else:
if role_id in role_list:
role_list.remove(role_id)
role_list.sort()
new_role_str = "/".join(role_list)
sql_oper.update(sql % (new_role_str, mid))
return redirect(url_for('busi.get_menu'))
def set_menu():
json_dict = request.form
menu_id = json_dict.get('menu_id')
menu_name = json_dict.get('name')
role_list = json_dict.getlist('role')
role_str = '/'.join(role_list)
menu_update_sql = """UPDATE menu SET name='%s',role_str='%s' WHERE id=%s;""" % (
menu_name, role_str, menu_id)
sql_oper = SqlOperate()
try:
sql_oper.update(menu_update_sql)
except Exception as e:
current_app.logger.error(e)
return jsonify(errmsg='数据库操作失败')
return redirect(url_for('busi.get_menu'))
def show_oper_menu(operation):
if operation == 'add':
crole_str = session['role_str']
role_id = request.args.get('role_id')
role_name = request.args.get('role_name')
role_dict = dict()
role_dict['id'] = role_id
role_dict['name'] = role_name
sql_oper = SqlOperate()
# 中菜单列表
menus_list = sql_oper.get_menus_list_by_role_str(crole_str)
selected_menu = sql_oper.get_menus_list_by_role_str(role_id)
selected_id_list = list()
for menu_dict in selected_menu:
for menu in menu_dict['menu_list']:
selected_id_list.append(menu['id'])
return render_template('add_menu.html',
menus_list=menus_list,
role=role_dict,
selected_id=selected_id_list)
elif operation == 'edit':
crole_str = session['role_str']
result = is_sys(crole_str)
menu_id = request.args.get('menu_id')
role_str = request.args.get('role_str')
role_list = [int(i) for i in role_str.split('/')]
menu_select_sql = """SELECT name,view_name FROM menu WHERE id=%s;""" % menu_id
sql_oper = SqlOperate()
# 查询出菜单名元组
menu_tup = sql_oper.select(menu_select_sql)
roles_list = sql_oper.get_roles_list_by_role_str(crole_str)
menu_dict = dict()
menu_dict['id'] = menu_id
menu_dict['name'] = menu_tup[0][0]
menu_dict['view_name'] = menu_tup[0][1]
if result == -1:
menu_dict['name_is_edit'] = False
else:
menu_dict['name_is_edit'] = True
return render_template('edit_menu.html',
menu=menu_dict,
roles=roles_list,
select_roles=role_list)
def channel_retrieve():
datas = []
sql = '''
select id, name, game_log_db, web_url, other_msg,
role_str
from channel
'''
for line in SqlOperate().select(sql):
chan_dict = dict()
chan_dict['id'] = line[0]
chan_dict['name'] = line[1]
chan_dict['game_log_db'] = line[2]
chan_dict['web_url'] = line[3]
chan_dict['other_msg'] = json.loads(line[4])
chan_dict['role_str'] = line[5]
chan_dict['role_text'] = SqlOperate().get_role_text(line[5])
datas.append(chan_dict)
return jsonify(result='ok', data=datas)
def set_user():
json_dict = request.form
user_id = json_dict.get('user_id')
user_name = json_dict.get('username')
nick = json_dict.get('nick')
password = json_dict.get('password')
access_level = int(json_dict.get('access_level'))
name_is_edit = json_dict.get('name_is_edit')
role_list = json_dict.getlist('role')
game_player_id = json_dict.get('game_player_id')
sql_oper = SqlOperate()
password_hash = generate_password_hash(password)
if len(role_list) == 0:
user_dict = dict()
crole_str = session['role_str']
crole_list = sql_oper.get_roles_list_by_role_str(crole_str)
user_dict['user_id'] = user_id
user_dict['name'] = user_name
user_dict['nick'] = nick
user_dict['name_is_edit'] = int(name_is_edit)
return render_template('edit_admin.html',
user=user_dict,
roles=crole_list,
errmsg=u'必须勾选权限组')
if not password:
password_str = ""
else:
password_str = ", password='******'" % password_hash
role_str = '/'.join(role_list)
user_update_sql = """
UPDATE user
SET name='%s', nick='%s'%s, access_level=%d, role_str='%s', game_player_id = '%s'
WHERE id=%s;
""" % (user_name, nick, password_str, access_level, role_str,
game_player_id, user_id)
sql_oper.update(user_update_sql)
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["edit_staff"],
session['user_id'], int(user_id), highest_role, time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_user'))
def delete_channel():
channel_id = request.args.get('channel_id')
del_channel_sql = """UPDATE channel SET is_delete=1 WHERE id=%s""" % channel_id
sql_oper = SqlOperate()
try:
sql_oper.delete(del_channel_sql)
except Exception as e:
current_app.logger.error(e)
return jsonify(errmsg='删除失败')
load_channel()
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (
0, log_main_type_d["system"], log_type_d["delete_channel"], session['user_id'], int(channel_id), highest_role,
time_util.now_sec())
sql_oper.insert(sql)
return jsonify(errmsg='删除成功')
def change_password():
json_dict = request.form
user_id = g.user_id
sql_oper = SqlOperate()
old_password = json_dict.get('old_password')
new_password1 = json_dict.get('new_password1')
new_password2 = json_dict.get('new_password2')
user_password_sql = """SELECT password FROM user WHERE id=%s;""" % user_id
old_password_hash = sql_oper.select(user_password_sql)[0][0]
print old_password
print old_password_hash
if not check_password_hash(old_password_hash, old_password):
return render_template('edit_password.html',
errmsg=u'密码输入错误',
value={
'old_password': old_password,
'new_password1': new_password1,
'new_password2': new_password2
})
if new_password1 != new_password2:
return render_template('edit_password.html',
errmsg=u'两次输入密码不一致',
old_password=old_password,
new_password1="",
new_password2="")
new_password_hash = generate_password_hash(new_password1)
user_update_sql = """UPDATE user SET password='******' WHERE id=%s;""" % (
new_password_hash, user_id)
sql_oper.update(user_update_sql)
return redirect('/')
def set_channel():
json_dict = request.form
channel_id = json_dict.get('channel_id')
chan_name = json_dict.get('name')
game_log_db = json_dict.get('game_log_db')
web_url = json_dict.get('web_url')
status = json_dict.get('status')
role_list = json_dict.getlist('role')
## 查询出旧配置
sql = 'select other_msg from channel where id = %s' % channel_id
cfg = SqlOperate().select(sql)[0][0]
other_msg = json.loads(cfg)
other_msg['h5_link'] = json_dict.get('h5_link')
other_msg['coin_rate'] = json_dict.get('coin_rate')
other_msg['api'] = json_dict.get('api')
other_msg['hotup_url'] = json_dict.get('hotup_url')
other_msg['h5_api_key'] = json_dict.get('h5_api_key')
other_msg['wx_appid'] = json_dict.get('wx_appid')
other_msg['wx_token'] = json_dict.get('wx_token')
other_msg['h5_wx_appid'] = json_dict.get('h5_wx_appid')
other_msg['h5_wx_token'] = json_dict.get('h5_wx_token')
other_msg['sms_type'] = json_dict.get('sms_type')
other_msg['sms_config'] = b64encode(json_dict.get('sms_config'))
role_str = '/'.join(role_list)
user_update_sql = """
UPDATE channel
SET name='%s', game_log_db='%s', web_url='%s', other_msg='%s', role_str='%s'
WHERE id=%s;
""" % (chan_name, game_log_db, web_url, json.dumps(other_msg), role_str, channel_id)
sql_oper = SqlOperate()
sql_oper.update(user_update_sql)
load_channel()
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %s,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["edit_channel"], session['user_id'], channel_id, highest_role,
time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_channel'))
def add_channel():
json_dict = request.form
channel_name = json_dict.get('name')
game_log_db = json_dict.get('game_log_db')
web_url = json_dict.get('web_url')
status = json_dict.get('status')
role_list = json_dict.getlist('role')
other_msg = dict()
other_msg['h5_link'] = json_dict.get('h5_link')
other_msg['coin_rate'] = json_dict.get('coin_rate')
other_msg['api'] = json_dict.get('api')
other_msg['hotup_url'] = json_dict.get('hotup_url')
other_msg['h5_api_key'] = json_dict.get('h5_api_key')
other_msg['wx_appid'] = json_dict.get('wx_appid')
other_msg['wx_token'] = json_dict.get('wx_token')
other_msg['h5_wx_appid'] = json_dict.get('h5_wx_appid')
other_msg['h5_wx_token'] = json_dict.get('h5_wx_token')
other_msg['sms_type'] = json_dict.get('sms_type')
other_msg['sms_config'] = b64encode(json_dict.get('sms_config'))
other_msg['server_state'] = SERVER_STATE_STOP
role_str = '/'.join(role_list)
# 拼接创建渠道数据
chan_create_sql = """
INSERT INTO channel (name, game_log_db, web_url, other_msg, role_str)
VALUES('%s','%s','%s','%s', '%s');
""" % (channel_name, game_log_db, web_url, json.dumps(other_msg), role_str)
sql_oper = SqlOperate()
try:
# 执行插入新渠道sql语句
sql_oper.insert(chan_create_sql)
except Exception as e:
current_app.logger.error(e)
return render_template('add_channel.html', errmsg='添加渠道失败')
highest_role = get_highest_role_id(session['role_str'])
## 重新加载渠道配置
load_channel()
channel_id = int(redis_conn.hget(CHANNEL_CONFIG_TABLE + channel_name, "id"))
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["add_channel"], session['user_id'], channel_id,
highest_role, time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_channel'))
def change_secret_key():
user_id = request.json.get('user_id')
user_update_sql = """
UPDATE user
SET secret_key = '%s'
WHERE id=%s;
""" % (pyotp.random_base32(), user_id)
SqlOperate().update(user_update_sql)
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["edit_staff"],
session['user_id'], int(user_id), highest_role, time_util.now_sec())
SqlOperate().insert(sql)
return jsonify(errno='0', errmsg=u'生成秘钥成功!')
def clean_secret_key():
"""清除秘钥"""
# 获取参数
user_id = request.form.get('userid')
# 修改数据
update_sql = """UPDATE user
SET secret_key=''
WHERE id=%s;""" % user_id
SqlOperate().update(update_sql)
# 记录日志
highest_role = get_highest_role_id(session['role_str'])
create_sql = """INSERT INTO admin_opt_log (channel, maintype, log_type, operator, obj,
val, timestamp)
VALUES (%d, %d, %d, %d, %d,
%d, %d)""" \
% (0, log_main_type_d["system"], log_type_d["edit_staff"], session['user_id'], int(user_id),
highest_role, time_util.now_sec())
SqlOperate().insert(create_sql)
# 返回应答
return jsonify(result='ok', msg=u'清除秘钥成功!')
def show_base():
name = session['name']
role_str = session['role_str']
sql_oper = SqlOperate()
try:
role_text = sql_oper.get_role_text(role_str)
except Exception as e:
print e
# 前端需求,加上menus_list
user_id = g.user_id
role_sql = """SELECT role_str FROM user WHERE id=%s""" % user_id
sql_oper = SqlOperate()
crole_str = sql_oper.select(role_sql)[0][0]
menus_list = sql_oper.get_menus_list_by_role_str(crole_str)
return render_template('base.html', menus_list=menus_list, username=name, role_text=role_text)
def show_server_state():
datas = {}
sql = '''
select name, other_msg
from channel
where is_delete = 0
'''
for line in SqlOperate().select(sql):
cfg = json.loads(line[1])
if cfg.has_key("server_state"):
datas[line[0]] = cfg["server_state"]
else:
datas[line[0]] = SERVER_STATE_STOP
page = {}
page["datas"] = datas
return render_template('server_state.html', page=page)
def menus_jurisdiction_group():
"""获取部门权限组"""
# 获取数据
crole_str = session['role_str']
role_list = SqlOperate().get_roles_list_by_role_str(crole_str)
result = is_sys(crole_str)
# 处理数据
data_list = list()
for role in role_list:
data_dict = dict()
if role['parent_id'] != 1 or (result != -1 and role['id'] != 1):
data_dict['id'] = role['id']
data_dict['name'] = role['name']
data_list.append(data_dict)
# 返回数据
return jsonify(result=1, data=data_list)
def role_retrieve():
sql_oper = SqlOperate()
cuser_id = g.user_id
crole_sql = """SELECT role_str FROM user WHERE id=%s""" % cuser_id
crole_str_tup = sql_oper.select(crole_sql)[0]
crole_tup_str = '(' + crole_str_tup[0].replace('/', ',') + ')'
if is_sys(crole_str_tup[0]):
parent_role_sql = """SELECT id FROM role;"""
roles_sql = """SELECT id, name, parent_id FROM role;"""
else:
parent_role_sql = """SELECT id
FROM role
WHERE (id IN %s AND parent_id=1);""" \
% crole_tup_str
roles_sql = """SELECT id, name, parent_id
FROM role
WHERE id!=1
AND (id IN %s OR parent_id IN %s);""" % (crole_tup_str,
crole_tup_str)
parent_roles_tup = sql_oper.select(parent_role_sql)
roles_tup = sql_oper.select(roles_sql)
role_list = []
for role in roles_tup:
role_dict = dict()
role_dict['id'] = role[0]
role_dict['name'] = role[1]
role_dict['parent_id'] = role[2]
role_dict['parent_name'] = sql_oper.get_parent_role_name(role[2])
role_list.append(role_dict)
parent_list = []
for parent_role in parent_roles_tup:
parent_role_dict = dict()
parent_role_dict['id'] = parent_role[0]
parent_role_dict['name'] = sql_oper.get_parent_role_name(
parent_role[0])
parent_list.append(parent_role_dict)
return jsonify(result='ok', roles=role_list, parents=parent_list)
def show_oper_chan(operation):
if operation == 'add':
sql_oper = SqlOperate()
crole_str = session['role_str']
roles_list = sql_oper.get_roles_list_by_role_str(crole_str)
return render_template('add_channel.html', roles=roles_list)
elif operation == "delete":
delete_channel()
return redirect(url_for('busi.get_channel'))
elif operation == 'edit':
channel_id = request.args.get('channel_id')
erole_str = request.args.get('role_str')
erole_list = erole_str.split('/')
chan_select_sql = """SELECT name, game_log_db ,web_url, other_msg, status FROM channel WHERE id=%s""" % channel_id
sql_oper = SqlOperate()
chan_tup = sql_oper.select(chan_select_sql)
crole_str = session['role_str']
roles_list = sql_oper.get_roles_list_by_role_str(crole_str)
chan_dict = dict()
other = json.loads(chan_tup[0][3])
sms_config = ""
if other.has_key("sms_config"):
try:
sms_config = b64decode(other["sms_config"])
except:
sms_config = other["sms_config"]
chan_dict['id'] = channel_id
chan_dict['name'] = chan_tup[0][0]
chan_dict['game_log_db'] = chan_tup[0][1]
chan_dict['web_url'] = chan_tup[0][2]
chan_dict['other_msg'] = other
chan_dict['other_msg']["sms_config"] = sms_config
chan_dict['status'] = chan_tup[0][4]
return render_template('edit_channel.html', channel=chan_dict, roles=roles_list, eroles=erole_list)
def show_oper_user(operation):
if operation == 'add':
crole_str = session['role_str']
sql_oper = SqlOperate()
roles_list = sql_oper.get_roles_list_by_role_str(crole_str)
return render_template('add_admin.html', roles=roles_list, user={})
elif operation == 'edit':
user_id = request.args.get('user_id')
erole_str = request.args.get('role_str')
# 得到编辑的员工所属权限组
erole_list = erole_str.split('/')
user_select_sql = """SELECT name, nick, password, access_level, `secret_key`, game_player_id FROM user WHERE id=%s""" % user_id
sql_oper = SqlOperate()
user_tup = sql_oper.select(user_select_sql)
crole_str = session['role_str']
result = crole_str.find('1')
roles_list = sql_oper.get_roles_list_by_role_str(crole_str)
user_dict = dict()
user_dict['user_id'] = user_id
user_dict['name'] = user_tup[0][0]
user_dict['nick'] = user_tup[0][1]
user_dict['access_level'] = user_tup[0][3]
if result != -1:
user_dict['name_is_edit'] = 1
else:
user_dict['name_is_edit'] = 0
user_dict['secret_key'] = user_tup[0][4]
user_dict['game_player_id'] = user_tup[0][5]
return render_template('edit_admin.html',
user=user_dict,
roles=roles_list,
eroles=erole_list)
def show_oper_role():
role_id = request.args.get('role_id')
parent_id = int(request.args.get('parent_id'))
sql_oper = SqlOperate()
cuser_id = g.user_id
crole_sql = """SELECT role_str FROM user WHERE id=%s""" % cuser_id
crole_str_tup = sql_oper.select(crole_sql)[0]
crole_tup_str = '(' + crole_str_tup[0].replace('/', ',') + ')'
if is_sys(crole_str_tup[0]):
parent_role_sql = """SELECT id FROM role;"""
else:
parent_role_sql = """SELECT parent_id
FROM role
WHERE parent_id IN %s;""" % \
crole_tup_str
role_sql = """SELECT name, parent_id FROM role WHERE id=%s""" % role_id
role_tup = sql_oper.select(role_sql)
parent_roles_tup = sql_oper.select(parent_role_sql)
role_dict = dict()
role_dict['id'] = role_id
role_dict['name'] = role_tup[0][0]
role_dict['parent'] = role_tup[0][1]
role_dict['parent_id'] = parent_id
parent_list = []
for parent_role in parent_roles_tup:
parent_role_dict = dict()
parent_role_dict['id'] = parent_role[0]
parent_role_dict['name'] = sql_oper.get_parent_role_name(
parent_role[0])
parent_list.append(parent_role_dict)
return render_template('edit_auth.html',
role=role_dict,
parents=parent_list)
def delete_user():
user_id = request.json.get('user_id')
del_user_sql = """UPDATE user SET is_delete=1 WHERE id=%s""" % user_id
sql_oper = SqlOperate()
sql_oper.delete(del_user_sql)
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["delete_staff"],
session['user_id'], int(user_id), highest_role, time_util.now_sec())
sql_oper.insert(sql)
return jsonify(errno='0', errmsg='删除成功')