def delete_channel():
channel_id = request.args.get('channel_id')
del_channel_sql = """UPDATE channel SET is_delete=1 WHERE id=%s""" % channel_id
sql_oper = SqlOperate()
try:
sql_oper.delete(del_channel_sql)
except Exception as e:
current_app.logger.error(e)
return jsonify(errmsg='删除失败')
load_channel()
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (
0, log_main_type_d["system"], log_type_d["delete_channel"], session['user_id'], int(channel_id), highest_role,
time_util.now_sec())
sql_oper.insert(sql)
return jsonify(errmsg='删除成功')
def set_user():
json_dict = request.form
user_id = json_dict.get('user_id')
user_name = json_dict.get('username')
nick = json_dict.get('nick')
password = json_dict.get('password')
access_level = int(json_dict.get('access_level'))
name_is_edit = json_dict.get('name_is_edit')
role_list = json_dict.getlist('role')
game_player_id = json_dict.get('game_player_id')
sql_oper = SqlOperate()
password_hash = generate_password_hash(password)
if len(role_list) == 0:
user_dict = dict()
crole_str = session['role_str']
crole_list = sql_oper.get_roles_list_by_role_str(crole_str)
user_dict['user_id'] = user_id
user_dict['name'] = user_name
user_dict['nick'] = nick
user_dict['name_is_edit'] = int(name_is_edit)
return render_template('edit_admin.html',
user=user_dict,
roles=crole_list,
errmsg=u'必须勾选权限组')
if not password:
password_str = ""
else:
password_str = ", password='******'" % password_hash
role_str = '/'.join(role_list)
user_update_sql = """
UPDATE user
SET name='%s', nick='%s'%s, access_level=%d, role_str='%s', game_player_id = '%s'
WHERE id=%s;
""" % (user_name, nick, password_str, access_level, role_str,
game_player_id, user_id)
sql_oper.update(user_update_sql)
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["edit_staff"],
session['user_id'], int(user_id), highest_role, time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_user'))
def add_channel():
json_dict = request.form
channel_name = json_dict.get('name')
game_log_db = json_dict.get('game_log_db')
web_url = json_dict.get('web_url')
status = json_dict.get('status')
role_list = json_dict.getlist('role')
other_msg = dict()
other_msg['h5_link'] = json_dict.get('h5_link')
other_msg['coin_rate'] = json_dict.get('coin_rate')
other_msg['api'] = json_dict.get('api')
other_msg['hotup_url'] = json_dict.get('hotup_url')
other_msg['h5_api_key'] = json_dict.get('h5_api_key')
other_msg['wx_appid'] = json_dict.get('wx_appid')
other_msg['wx_token'] = json_dict.get('wx_token')
other_msg['h5_wx_appid'] = json_dict.get('h5_wx_appid')
other_msg['h5_wx_token'] = json_dict.get('h5_wx_token')
other_msg['sms_type'] = json_dict.get('sms_type')
other_msg['sms_config'] = b64encode(json_dict.get('sms_config'))
other_msg['server_state'] = SERVER_STATE_STOP
role_str = '/'.join(role_list)
# 拼接创建渠道数据
chan_create_sql = """
INSERT INTO channel (name, game_log_db, web_url, other_msg, role_str)
VALUES('%s','%s','%s','%s', '%s');
""" % (channel_name, game_log_db, web_url, json.dumps(other_msg), role_str)
sql_oper = SqlOperate()
try:
# 执行插入新渠道sql语句
sql_oper.insert(chan_create_sql)
except Exception as e:
current_app.logger.error(e)
return render_template('add_channel.html', errmsg='添加渠道失败')
highest_role = get_highest_role_id(session['role_str'])
## 重新加载渠道配置
load_channel()
channel_id = int(redis_conn.hget(CHANNEL_CONFIG_TABLE + channel_name, "id"))
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["add_channel"], session['user_id'], channel_id,
highest_role, time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_channel'))
def set_channel():
json_dict = request.form
channel_id = json_dict.get('channel_id')
chan_name = json_dict.get('name')
game_log_db = json_dict.get('game_log_db')
web_url = json_dict.get('web_url')
status = json_dict.get('status')
role_list = json_dict.getlist('role')
## 查询出旧配置
sql = 'select other_msg from channel where id = %s' % channel_id
cfg = SqlOperate().select(sql)[0][0]
other_msg = json.loads(cfg)
other_msg['h5_link'] = json_dict.get('h5_link')
other_msg['coin_rate'] = json_dict.get('coin_rate')
other_msg['api'] = json_dict.get('api')
other_msg['hotup_url'] = json_dict.get('hotup_url')
other_msg['h5_api_key'] = json_dict.get('h5_api_key')
other_msg['wx_appid'] = json_dict.get('wx_appid')
other_msg['wx_token'] = json_dict.get('wx_token')
other_msg['h5_wx_appid'] = json_dict.get('h5_wx_appid')
other_msg['h5_wx_token'] = json_dict.get('h5_wx_token')
other_msg['sms_type'] = json_dict.get('sms_type')
other_msg['sms_config'] = b64encode(json_dict.get('sms_config'))
role_str = '/'.join(role_list)
user_update_sql = """
UPDATE channel
SET name='%s', game_log_db='%s', web_url='%s', other_msg='%s', role_str='%s'
WHERE id=%s;
""" % (chan_name, game_log_db, web_url, json.dumps(other_msg), role_str, channel_id)
sql_oper = SqlOperate()
sql_oper.update(user_update_sql)
load_channel()
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %s,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["edit_channel"], session['user_id'], channel_id, highest_role,
time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_channel'))
def delete_user():
user_id = request.json.get('user_id')
del_user_sql = """UPDATE user SET is_delete=1 WHERE id=%s""" % user_id
sql_oper = SqlOperate()
sql_oper.delete(del_user_sql)
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["delete_staff"],
session['user_id'], int(user_id), highest_role, time_util.now_sec())
sql_oper.insert(sql)
return jsonify(errno='0', errmsg='删除成功')
def change_secret_key():
user_id = request.json.get('user_id')
user_update_sql = """
UPDATE user
SET secret_key = '%s'
WHERE id=%s;
""" % (pyotp.random_base32(), user_id)
SqlOperate().update(user_update_sql)
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["edit_staff"],
session['user_id'], int(user_id), highest_role, time_util.now_sec())
SqlOperate().insert(sql)
return jsonify(errno='0', errmsg=u'生成秘钥成功!')
def clean_secret_key():
"""清除秘钥"""
# 获取参数
user_id = request.form.get('userid')
# 修改数据
update_sql = """UPDATE user
SET secret_key=''
WHERE id=%s;""" % user_id
SqlOperate().update(update_sql)
# 记录日志
highest_role = get_highest_role_id(session['role_str'])
create_sql = """INSERT INTO admin_opt_log (channel, maintype, log_type, operator, obj,
val, timestamp)
VALUES (%d, %d, %d, %d, %d,
%d, %d)""" \
% (0, log_main_type_d["system"], log_type_d["edit_staff"], session['user_id'], int(user_id),
highest_role, time_util.now_sec())
SqlOperate().insert(create_sql)
# 返回应答
return jsonify(result='ok', msg=u'清除秘钥成功!')
def register():
json_dict = request.form
user_name = json_dict.get('username')
nick = json_dict.get('nick')
password = json_dict.get('password')
role_list = json_dict.getlist('role')
game_player_id = json_dict.get('game_player_id')
sql_oper = SqlOperate()
sql = "select count(1) from user where name='%s'" % user_name
count = sql_oper.select(sql)[0][0]
if count > 0:
return render_template('add_admin.html', errmsg=u'账号已存在')
if len(role_list) == 0:
user_dict = dict()
crole_str = session['role_str']
crole_list = sql_oper.get_roles_list_by_role_str(crole_str)
user_dict['name'] = user_name
user_dict['nick'] = nick
return render_template('add_admin.html',
user=user_dict,
roles=crole_list,
errmsg=u'必须勾选权限组')
password_hash = generate_password_hash(password)
reg_time = int(time.time())
role_str = '/'.join(role_list)
# 拼接创建用户数据
user_create_sql = """
INSERT INTO user
(name, nick, password, regi_time, access_level,
last_login_time, last_logout_time, role_str, is_delete, status,
`secret_key`, game_player_id)
VALUES
('%s', '%s', '%s', %s, 1,
0, 0, '%s', 0, 1,
'%s', '%s');
""" % (user_name, nick, password_hash, reg_time, role_str,
pyotp.random_base32(), game_player_id)
sql_oper.insert(user_create_sql)
time.sleep(0.1)
user_id_sql = """SELECT id FROM user WHERE name='%s';""" % user_name
sid = sql_oper.select(user_id_sql)[0][0]
highest_role = get_highest_role_id(session['role_str'])
sql = '''
insert into admin_opt_log
(channel, maintype, log_type, operator, obj,
val, timestamp)
values
(%d, %d, %d, %d, %d,
%d, %d)
''' % (0, log_main_type_d["system"], log_type_d["add_staff"],
session['user_id'], sid, highest_role, time_util.now_sec())
sql_oper.insert(sql)
return redirect(url_for('busi.get_user'))
def search_users_manage_log():
start = time_util.formatDatestamp(request.args.get('beginDate'))
end = time_util.formatDatestamp(request.args.get('endDate'))
role_str = session['role_str']
highest_role = get_highest_role_id(role_str)
if highest_role == 1:
sql = '''
select log_type, operator, obj, val, timestamp
from admin_opt_log
where channel=0 and timestamp >= %d and timestamp <= %d and maintype = 1
order by timestamp desc limit 30;
''' % (start, end + 86400)
else:
sql = '''
select log_type, operator, obj, val, timestamp
from admin_opt_log
where channel=0 and val=%s and timestamp >= %d and timestamp <= %d and maintype = 1
order by timestamp desc limit 30;
''' % (highest_role, start, end + 86400)
print sql
page = deepcopy(init_page)
page["beginDate"] = start
page["endDate"] = end
for log_type, operator, obj, val, timestamp in SqlOperate().select(sql):
print obj
OperatorName = SqlOperate().select(
"select name from user where id = %d" % operator)[0][0]
if log_type == log_type_d["delete_staff"]:
obj_sql = "select name from user where id = %d" % obj
if SqlOperate().select(obj_sql):
name = SqlOperate().select(obj_sql)[0][0]
else:
name = ''
obj_name = name + "(ID:%d)" % obj
log_content = u"管理员%s删除员工%s" % \
(blue_html(OperatorName), red_html(obj_name))
if log_type == log_type_d["add_staff"]:
obj_sql = "select name from user where id = %d" % obj
print obj_sql
if SqlOperate().select(obj_sql):
name = SqlOperate().select(obj_sql)[0][0]
else:
name = ''
obj_name = name + "(ID:%d)" % obj
print 'obj_name', obj_name
log_content = u"管理员%s添加员工%s" % \
(blue_html(OperatorName), red_html(obj_name))
if log_type == log_type_d["edit_staff"]:
obj_sql = "select name from user where id = %d" % obj
if SqlOperate().select(obj_sql):
name = SqlOperate().select(obj_sql)[0][0]
else:
name = ''
obj_name = name + "(ID:%d)" % obj
log_content = u"管理员%s修改员工%s" % \
(blue_html(OperatorName), red_html(obj_name))
if log_type == log_type_d["add_channel"]:
obj_sql = "select name from channel where id = %d" % obj
if SqlOperate().select(obj_sql):
name = SqlOperate().select(obj_sql)[0][0]
else:
name = ''
obj_name = name + "(ID:%d)" % obj
log_content = u"管理员%s添加渠道%s" % \
(blue_html(OperatorName), red_html(obj_name))
if log_type == log_type_d["edit_channel"]:
obj_sql = "select name from channel where id = %d" % obj
if SqlOperate().select(obj_sql):
name = SqlOperate().select(obj_sql)[0][0]
else:
name = ''
obj_name = name + "(ID:%d)" % obj
log_content = u"管理员%s修改渠道%s" % \
(blue_html(OperatorName), red_html(obj_name))
if log_type == log_type_d["delete_channel"]:
obj_sql = "select name from channel where id = %d" % obj
if SqlOperate().select(obj_sql):
name = SqlOperate().select(obj_sql)[0][0]
else:
name = ''
obj_name = name + "(ID:%d)" % obj
log_content = u"管理员%s删除渠道%s" % \
(blue_html(OperatorName), red_html(obj_name))
page["list"].append([OperatorName, obj_name, log_content, timestamp])
return render_template('user_managed_log.html', page=page)