def get(self): with session_scope() as session: event_list = [] query = self.derive_query_for_get_method(session, Event) \ .filter(Event.status != Event.Status.DELETED.value) page, page_size, offset, max_page = self.derive_page_parameter( query.count()) events = query.limit(page_size).offset(offset).all() for event in events: # type: Event event_dict = event.to_dict('content') author_username = session.query(User.username) \ .filter(User.uuid == event.author_uuid, User.status != User.STATUS.DELETED).first() author_username = author_username.username if author_username is not None else '' event_dict['author_username'] = author_username event_list.append(event_dict) result = ApiResult('获取公告成功', payload={ 'events': event_list, 'page': page, 'page_size': page_size, 'max_page': max_page, }) return result.to_response()
def get(self): with session_scope() as db_session: if not permission.toolkit.check_manage_role_permission( db_session, self.user_id): raise exception.api.Forbidden('当前用户无法管理角色') # 查询用户当前角色 user_role = None target_user_id = self.get_data('user_id') if self.valid_data(target_user_id): user_role = db_session.query(Role) \ .filter(User.id == UserRole.user_id) \ .filter(UserRole.role_id == Role.id) \ .filter(User.id == target_user_id).first() # 查询所有角色列表 roles = db_session.query(Role).order_by(Role.id).all() role_list = [] for role in roles: role_list.append(to_dict(role)) payload = {'roles': role_list} if user_role is not None: payload['user_role'] = to_dict(user_role) result = ApiResult('获取角色信息成功', 200, payload) return make_response(result.to_response())
def get_user_services(self, user_uuid): with session_scope() as db_session: query = db_session.query(Service, ServiceTemplate.title) \ .outerjoin(ServiceTemplate, Service.template_uuid == ServiceTemplate.uuid) \ .filter(Service.user_uuid == user_uuid) \ .filter(Service.status != Service.STATUS.DELETED) \ .order_by(Service.created_at) page, page_size, offset, max_page = self._derive_page_parameter(query.count()) services = query.offset(offset).limit(page_size).all() service_list = [] for record in services: service = record.Service service_dict = service.to_dict() service_dict['title'] = record.title service_list.append(service_dict) result = ApiResult('获取用户学术服务信息成功', payload={ 'page': page, 'page_size': page_size, 'max_page': max_page, 'services': service_list }) return result.to_response()
def validate_email(self, jwt): try: jwt_dict = authorization.toolkit.decode_jwt_token(jwt) # type:dict except PyJWTError: raise exception.api.InvalidRequest('激活链接已过期或者激活请求非法') if 'sub' not in jwt_dict.keys( ) or jwt_dict['sub'] != JwtSub.Activation.value: raise exception.api.InvalidRequest('激活请求非法') uuid = jwt_dict['uuid'] with session_scope() as session: user = session.query(User).filter(User.uuid == uuid).first() if user.status == 1: raise exception.api.Conflict('邮箱已完成验证,无需重复验证') user.status = 1 scholar_payment_account = session.query(ScholarPaymentAccount) \ .filter(ScholarPaymentAccount.user_uuid == uuid, ScholarPaymentAccount.status == ScholarPaymentAccount.STATUS.VALID.value) \ .first() # type: ScholarPaymentAccount if scholar_payment_account is not None: scholar_payment_account.balance = configs.NEW_USER_SCHOLAR_BALANCE jwt_token = authorization.toolkit.derive_jwt_token(user_id=user.id, user_uuid=uuid) result = ApiResult('邮箱验证成功', 201, payload={'jwt': jwt_token}) return result.to_response()
def post(self): name = self.get_post_data('name', require=True, error_message='缺少name字段') label = self.get_post_data('label', require=True, error_message='缺少label字段') description = self.get_post_data('description') permissions = self.get_post_data('permissions') with session_scope() as session: if not permission.toolkit.check_manage_role_permission( session, self.user_id): raise exception.api.Forbidden('当前用户无法管理角色') role = Role(name, label, description) session.add(role) session.flush() role_id = role.id for permission_id in permissions: role_permission = RolePermission(role_id, permission_id) session.add(role_permission) result = ApiResult('创建角色成功', 201, {'role_id': role_id}) return make_response(result.to_response())
def reset_password(self, jwt: str): """ 重设密码 :return: """ password = self.get_post_data('password', require=True, error_message='请输入新密码') try: jwt_dict = authorization.toolkit.decode_jwt_token(jwt) # type:dict except PyJWTError: raise exception.api.InvalidRequest('重设密码的链接已过期或者重设密码请求非法') if 'sub' not in jwt_dict.keys( ) or jwt_dict['sub'] != JwtSub.ResetPassword.value: raise exception.api.InvalidRequest('重设密码的请求非法') if 'uuid' not in jwt_dict.keys(): raise exception.api.InvalidRequest('重设密码的请求非法') uuid = jwt_dict['uuid'] with session_scope() as session: user = session.query(User).filter(User.uuid == uuid).first() user.password = authorization.toolkit.hash_plaintext(password) result = ApiResult('密码重设成功,以后请使用新密码登录', 201) return result.to_response()
def get(self): with session_scope() as session: invitation_list = [] query = self.derive_query_for_get_method(session, InvitationCode) \ .filter(InvitationCode.status != InvitationCode.Status.DELETED.value) page, page_size, offset, max_page = self.derive_page_parameter(query.count()) invitations = query.limit(page_size).offset(offset).all() for invitation in invitations: # type: InvitationCode invitation_dict = invitation.to_dict() inviter_username = session.query(User.username) \ .filter(User.uuid == invitation.inviter_uuid, User.status != User.STATUS.DELETED).first() inviter_username = inviter_username.username if inviter_username is not None else '' invitee_username = session.query(User.username) \ .filter(User.uuid == invitation.invitee_uuid, User.status != User.STATUS.DELETED).first() invitee_username = invitee_username.username if invitee_username is not None else '' invitation_dict['inviter_username'] = inviter_username invitation_dict['invitee_username'] = invitee_username invitation_list.append(invitation_dict) result = ApiResult('获取邀请码信息成功', payload={ 'invitations': invitation_list, 'page': page, 'page_size': page_size, 'max_page': max_page, }) return result.to_response()
def modify_email(self, jwt): try: jwt_dict = authorization.toolkit.decode_jwt_token(jwt) # type:dict except PyJWTError: raise exception.api.InvalidRequest('修改电子邮件地址的链接已过期或者激活请求非法') if 'sub' not in jwt_dict.keys( ) or jwt_dict['sub'] != JwtSub.ModifyEmail.value: raise exception.api.InvalidRequest('修改电子邮件地址的请求非法') if 'uuid' not in jwt_dict.keys() or 'email' not in jwt_dict.keys(): raise exception.api.InvalidRequest('修改电子邮件地址的请求非法') uuid = jwt_dict['uuid'] with session_scope() as session: user = session.query(User).filter(User.uuid == uuid).first() email = jwt_dict['email'] if user.email == email: raise exception.api.Conflict('电子邮箱地址已经成功完成了变更,无法重复变更') user.email = email jwt_token = authorization.toolkit.derive_jwt_token(user_id=user.id, user_uuid=uuid) result = ApiResult('电子邮箱地址修改成功', 201, payload={'jwt': jwt_token}) return result.to_response()
def get(self): log_file = configs.SS_LISTENER_LOG_FILE with open(log_file, 'r') as f: lines = f.readlines() lines = lines[-10:] if len(lines) >= 10 else lines warning_message = None last_record = lines[-1] if len(lines) > 0 else None if last_record is not None: datetime_str = last_record.split(' - ')[0] last_record_datetime = datetime.strptime(datetime_str, '%Y-%m-%d %H:%M:%S,%f') if datetime.now().timestamp() - last_record_datetime.timestamp( ) > 12 * 60 * 60: warning_message = '最后一条记录产生于12小时之前,请检查是否需要重启监听服务' elif datetime.now().timestamp() - last_record_datetime.timestamp( ) < 0: warning_message = '最后一条记录产生在未来,我的天!请检查是否需要重启监听服务' else: warning_message = '监听服务运行正常' response_data = { 'usages': lines, 'warning_message': warning_message, } result = ApiResult('获取学术统计信息成功', 200, response_data) return make_response(result.to_response())
def delete(self): """ 取消订单 :return: """ uuid = self.get_data('uuid', require=True, error_message='缺少uuid字段') with session_scope() as session: order = session.query(TradeOrder) \ .filter(TradeOrder.uuid == uuid, TradeOrder.status != TradeOrder.STATUS.DELETED.value).first() # type: TradeOrder if order is None: raise exception.api.NotFound('订单不存在') if order.user_uuid != self.user_uuid: raise exception.api.Forbidden('无权修改他人的订单') if order.status == TradeOrder.STATUS.CANCEL.value: raise exception.api.Conflict('订单已取消,无法重复取消') if order.status not in [ TradeOrder.STATUS.INITIALIZATION.value, TradeOrder.STATUS.PAYING.value ]: raise exception.api.InvalidRequest( '订单已进入支付流程,无法取消,请完成支付后进行退款操作') order.status = TradeOrder.STATUS.CANCEL.value result = ApiResult('订单取消成功') return result.to_response()
def get_template_by_type(self, template_type: Union[str, int]): try: template_type = int(template_type) except ValueError: return exception.api.InvalidRequest('请输入正确的服务类型') if template_type == ServiceTemplate.TYPE.RECOMMENDATION: return self.get_recommendation_template() with session_scope() as session: query = session.query(ServiceTemplate).filter( ServiceTemplate.type == template_type, ServiceTemplate.status == ServiceTemplate.STATUS.VALID) page, page_size, offset, max_page = self.derive_page_parameter( query.count()) templates = query.offset(offset).limit(page_size).all() result = ApiResult( '获取服务模板信息成功', 200, { 'templates': self.models_to_list(templates), 'page': page, 'page_size': page_size, 'max_page': max_page, }) return result.to_response()
def put(self): service_uuid = self.get_post_data('uuid', require=True, error_message='缺少uuid字段') password = self.get_post_data('password', require=True, error_message='请输入长度至少为1位的新密码') with session_scope() as session: service = session.query(Service).filter( Service.uuid == service_uuid).first() if service is None: raise exception.api.NotFound('套餐不存在') if service.user_uuid != self.user_uuid: raise exception.api.Forbidden('无权修改其他用户的学术服务密码') service.password = password if service.status == Service.STATUS.ACTIVATED: background_task.modify_port_password.delay(port=service.port, password=password) result = ApiResult('修改连接密码成功', 201) return result.to_response()
def generate_creation_order(self, service_template_uuid: str): """ 生成创建新的学术服务的订单 :param service_template_uuid: :return: """ with session_scope() as session: conflict, snapshot = trade_order.toolkit.check_is_order_conflict( session, self.user_uuid, service_template_uuid=service_template_uuid) if conflict: raise exception.api.Conflict('有尚未支付的『{}』的订单,请勿重复下单'.format( snapshot.title)) password = self.get_post_data('password', require=True, error_message='缺少password字段') auto_renew = self.get_post_data('auto_renew') service_template = session.query(ServiceTemplate) \ .filter(ServiceTemplate.uuid == service_template_uuid, ServiceTemplate.status != ServiceTemplate.STATUS.DELETED).first() # type: ServiceTemplate if service_template is None: raise exception.api.NotFound('套餐不存在,无法办理') if service_template.status == ServiceTemplate.STATUS.SUSPEND: raise exception.api.ServiceUnavailable('该套餐已下架,故无法办理') total_payment = service_template.initialization_fee + service_template.price order = TradeOrder(user_uuid=self.user_uuid, order_type=TradeOrder.TYPE.CONSUME.value, amount=total_payment, description='开通学术服务,服务模板UUID:{}'.format( service_template.uuid)) session.add(order) session.flush() auto_renew = auto_renew if self.valid_data(auto_renew) else 0 snapshot = SubscribeServiceSnapshot( trade_order_uuid=order.uuid, user_uuid=self.user_uuid, service_password=password, auto_renew=auto_renew, service_template_uuid=service_template_uuid, service_type=service_template.type, title=service_template.title, subtitle=service_template.subtitle, description=service_template.description, package=service_template.package, price=service_template.price, initialization_fee=service_template.initialization_fee) session.add(snapshot) result = ApiResult('订单创建成功', 201, { 'uuid': order.uuid, }) return result.to_response()
def delete(self): with session_scope() as session: self.delete_model(session, Event, delete_status=Event.Status.DELETED.value, not_found_error_message='需要删除的公告不存在') result = ApiResult('删除公告成功') return result.to_response()
def get_order_by_uuid(self, uuid: str): with session_scope() as session: order = session.query(TradeOrder) \ .filter(TradeOrder.uuid == uuid, TradeOrder.status != TradeOrder.STATUS.DELETED.value).first() # type: TradeOrder if order is None: raise exception.api.NotFound('订单不存在') result = ApiResult('获取订单信息成功', payload={'order': order.to_dict()}) return result.to_response()
def post(self): with session_scope() as session: invitation = InvitationCode(self.user_uuid) session.add(invitation) session.flush() result = ApiResult('创建邀请码成功', 201, payload={ 'invitation': invitation.to_dict(), }) return result.to_response()
def put(self): with session_scope() as session: event = self.update_model(session, Event) result = ApiResult('修改公告成功', 200, payload={ 'event': event.to_dict(), }) return result.to_response()
def put(self): with session_scope() as session: template = self.update_model(session, ServiceTemplate) result = ApiResult('修改学术服务模板成功', 200, payload={ 'template': template.to_dict(), }) return result.to_response()
def get_template_by_uuid(self, uuid: str): with session_scope() as session: service_template = session.query(ServiceTemplate) \ .filter(ServiceTemplate.uuid == uuid).first() # type: ServiceTemplate if service_template is None: raise exception.api.NotFound('服务模版不存在') result = ApiResult( '获取服务模板信息成功', payload={'template': service_template.to_dict()}) return result.to_response()
def get(self): with session_scope() as db_session: permissions = permission.toolkit.derive_user_permissions( db_session, self.user_uuid) permission_list = [] for p in permissions: # type: Permission permission_list.append(p.to_dict()) result = ApiResult('获取用户权限成功', payload={'permissions': permission_list}) return make_response(result.to_response())
def post(self): with session_scope() as session: event = self.create_model_from_http_post(Event) session.add(event) session.flush() result = ApiResult('发布公告成功', 201, payload={ 'event': event.to_dict(), }) return result.to_response()
def get_single_account(self, user_uuid): with session_scope() as session: account = session.query(ScholarPaymentAccount) \ .filter(ScholarPaymentAccount.user_uuid == user_uuid, ScholarPaymentAccount.status != ScholarPaymentAccount.STATUS.DELETED.value) \ .first() # type: ScholarPaymentAccount if account is None: raise exception.api.NotFound('学术积分账户不存在') result = ApiResult('获取学术积分账户信息成功', payload={'account': account.to_dict()}) return result.to_response()
def post(self): # service_type = self.get_post_data('type', require=True, error_message='缺少type字段') # title = self.get_post_data('title', require=True, error_message='缺少title字段') # subtitle = self.get_post_data('subtitle', require=True, error_message='缺少subtitle字段') # description = self.get_post_data('description', require=True, error_message='缺少description字段') # package = self.get_post_data('package', require=True, error_message='缺少package字段') # try: # package = int(package) # except: # raise exception.api.InvalidRequest('请输入合法的package字段') # price = self.get_post_data('price', require=True, error_message='缺少price字段') # try: # price = float(price) # except: # raise exception.api.InvalidRequest('请输入合法的price字段') # initialization_fee = self.get_post_data('initialization_fee', require=True, # error_message='缺少initialization_fee字段') # try: # initialization_fee = float(initialization_fee) # except: # raise exception.api.InvalidRequest('请输入合法的initialization_fee字段') # # with session_scope() as session: # template = ServiceTemplate( # service_type=service_type, # title=title, # subtitle=subtitle, # description=description, # package=package, # price=price, # initialization_fee=initialization_fee, # ) # session.add(template) # session.flush() # # result = ApiResult('创建学术服务模板成功', 201, payload={ # 'template': template.to_dict(), # }) # return result.to_response() with session_scope() as session: template = self.create_model_from_http_post(ServiceTemplate) session.add(template) session.flush() result = ApiResult('创建学术服务模板成功', 201, payload={ 'template': template.to_dict(), }) return result.to_response()
def get_events(self): with session_scope() as session: query = self.derive_query_for_get_method(session, Event) \ .filter(Event.status == Event.Status.VALID.value) page, page_size, offset, max_page = self.derive_page_parameter( query.count()) events = query.offset(offset).limit(page_size).all() event_list = [] for event in events: # type:Event event_list.append(event.to_dict('content')) result = ApiResult('获取公告成功', payload={'events': event_list}) return result.to_response()
def get_orders(self): with session_scope() as session: order_list = [] query = session.query(TradeOrder, SubscribeServiceSnapshot.title) orders = self.derive_query_for_get_method(session, TradeOrder, query) \ .outerjoin(SubscribeServiceSnapshot, SubscribeServiceSnapshot.trade_order_uuid == TradeOrder.uuid) \ .filter(TradeOrder.user_uuid == self.user_uuid).all() for order in orders: order_dict = order.TradeOrder.to_dict() order_dict['title'] = order.title order_list.append(order_dict) result = ApiResult('获取订单信息成功', payload={ 'orders': order_list, }) return result.to_response()
def update_password(self): """ 修改密码 :return: """ old_password = self.get_post_data('old_password', require=True, error_message='请输入旧密码') password = self.get_post_data('password', require=True, error_message='请输入密码') with session_scope() as session: user = session.query(User).filter( User.uuid == self.user_uuid).first() if user is None: raise exception.api.Unauthorized('请先登录') hashed_old_password = authorization.toolkit.hash_plaintext( old_password) if hashed_old_password != user.password: raise exception.api.InvalidRequest('旧密码错误') user.password = authorization.toolkit.hash_plaintext(password) return ApiResult('修改密码成功', 201).to_response()
def delete(self): uuid = self.get_data('uuid', require=True, error_message='请输入uuid字段') with session_scope() as session: template = session.query(ServiceTemplate) \ .filter(ServiceTemplate.uuid == uuid, ServiceTemplate.status != ServiceTemplate.STATUS.DELETED) \ .first() # type: ServiceTemplate if template is None: raise exception.api.NotFound('需要删除的学术服务模板不存在') template.status = 2 result = ApiResult('删除学术服务模板成功') return result.to_response()
def send_activation_email(self): with session_scope() as session: user = session.query(User).filter( User.uuid == self.user_uuid).first() expired_in = 48 extra_payload = {'sub': JwtSub.Activation.value} jwt = authorization.toolkit.derive_jwt_token( user_id=self.user_id, user_uuid=self.user_uuid, expired_in=expired_in, extra_payload=extra_payload) if configs.DEBUG: domain = 'http://localhost:8080' else: domain = 'http://www.celerysoft.science' activate_url = '{}/activation?jwt={}'.format(domain, jwt) background_task.send_activation_email.delay( user_email=user.email, username=user.username, activate_url=activate_url) return ApiResult('激活邮件已发送至注册邮箱{},请查收'.format(user.email), 201).to_response()
def get_self_information(self): with session_scope() as session: user = session.query(User).filter( User.uuid == self.user_uuid).first() # type:User result = ApiResult('获取个人信息成功', payload={ 'uuid': user.uuid, 'username': user.username, 'email': user.email, 'register_date': user.created_at.isoformat(), 'created_at': user.created_at.isoformat(), 'status': user.status }) return result.to_response()
def patch(self): with session_scope() as session: uuid = self.get_post_data('uuid', require=True, error_message='缺少uuid字段') service = session.query(Service).filter(Service.uuid == uuid).first() if service is None: raise exception.api.NotFound('学术服务不存在') if service.user_uuid != self.user_uuid: raise exception.api.Forbidden('无权修改其他用户的学术服务') auto_renew = self.get_post_data('auto_renew') if self.valid_data(auto_renew): self.patch_service_auto_renew(service) result = ApiResult('修改套餐成功', 201) return result.to_response()