Exemple #1
0
def callback(id):
    """
    根据用户职位权限获取列表数据(树列表),为已有权限的数据赋值
    """
    # 检查用户权限
    _common_logic.check_user_power()

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 读取记录(ztree控件需要输出记录id、父id、树节点名称、节点是否扩展和是否打勾这几项参数)
    result = _menu_info_logic.get_list('id, parent_id, name, not is_leaf as open, false as checked')
    if result and result.get('rows'):
        # 获取指定的职位记录
        _positions_logic = positions_logic.PositionsLogic()
        positions_logic_model = _positions_logic.get_model_for_cache(id)
        if positions_logic_model:
            # 读取该职位权限字串
            page_power = positions_logic_model.get('page_power', '')
            # 判断当前菜单项id是否存在于该职位的权限字串中
            for model in result.get('rows'):
                # 如果存在,则表示当前职位拥有该菜单项的权限,即在菜单权限列表中需要打勾
                if ',' + str(model.get('id', 0)) + ',' in page_power:
                    model['checked'] = True

        return web_helper.return_msg(0, "成功", {'tree_list': result.get('rows')})
    else:
        return web_helper.return_msg(-1, "查询失败")
Exemple #2
0
def callback():
    """
    获取列表数据
    """
    # 检查用户权限
    _common_logic.check_user_power()

    # 父id
    parent_id = convert_helper.to_int0(web_helper.get_query('nodeid', '', is_check_null=False))
    # 页面索引
    page_number = convert_helper.to_int1(web_helper.get_query('page', '', is_check_null=False))
    # 页面页码与显示记录数量
    page_size = convert_helper.to_int0(web_helper.get_query('rows', '', is_check_null=False))
    # 接收排序参数
    sidx = web_helper.get_query('sidx', '', is_check_null=False)
    sord = web_helper.get_query('sord', '', is_check_null=False)
    # 初始化排序字段
    order_by = 'sort asc'
    if sidx:
        order_by = sidx + ' ' + sord

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 读取记录
    wheres = 'parent_id=' + str(parent_id)
    result = _menu_info_logic.get_list('*', wheres, page_number, page_size, order_by)
    if result:
        return json.dumps(result)
    else:
        return web_helper.return_msg(-1, "查询失败")
Exemple #3
0
def callback():
    """
    主页面获取菜单列表数据
    """
    # 检查用户权限
    _common_logic.check_user_power()

    # 获取当前用户权限
    session = web_helper.get_session()
    if session:
        _positions_logic = positions_logic.PositionsLogic()
        page_power = _positions_logic.get_page_power(session.get('positions_id'))
    else:
        page_power = ''
    if not page_power:
        return web_helper.return_msg(-404, '您的登录已超时,请重新登录')

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 读取记录
    result = _menu_info_logic.get_list('*', 'is_show and is_enabled', orderby='sort')
    if result:
        # 定义最终输出的html存储变量
        html = ''
        for model in result.get('rows'):
            # 检查是否有权限
            if ',' + str(model.get('id')) + ',' in page_power:
                # 提取出第一级菜单
                if model.get('parent_id') == 0:
                    # 添加一级菜单
                    temp = """
                    <dl id="menu-%(id)s">
                        <dt><i class="Hui-iconfont">%(icon)s</i> %(name)s<i class="Hui-iconfont menu_dropdown-arrow">&#xe6d5;</i></dt>
                        <dd>
                            <ul>
                    """ % {'id': model.get('id'), 'icon': model.get('icon'), 'name': model.get('name')}
                    html = html + temp

                    # 从所有菜单记录中提取当前一级菜单下的子菜单
                    for sub_model in result.get('rows'):
                        # 检查是否有权限
                        if ',' + str(sub_model.get('id')) + ',' in page_power:
                            # 如果父id等于当前一级菜单id,则为当前菜单的子菜单
                            if sub_model.get('parent_id') == model.get('id'):
                                temp = """
                                <li><a data-href="%(page_url)s" data-title="%(name)s" href="javascript:void(0)">%(name)s</a></li>
                            """ % {'page_url': sub_model.get('page_url'), 'name': sub_model.get('name')}
                                html = html + temp

                    # 闭合菜单html
                    temp = """
                            </ul>
                        </dd>
                    </dl>
                        """
                    html = html + temp

        return web_helper.return_msg(0, '成功', {'menu_html': html})
    else:
        return web_helper.return_msg(-1, "查询失败")
Exemple #4
0
def callback(id):
    """
    获取指定记录
    """
    # 检查用户权限
    _common_logic.check_user_power()

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 读取记录
    result = _menu_info_logic.get_model_for_cache(id)
    if result:
        return web_helper.return_msg(0, '成功', result)
    else:
        return web_helper.return_msg(-1, "查询失败")
Exemple #5
0
def callback():
    """
    获取列表数据(树列表)
    """
    # 检查用户权限
    _common_logic.check_user_power()

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 读取记录
    result = _menu_info_logic.get_list('id, parent_id, name, not is_leaf as open', 'is_leaf=false', orderby='sort asc')
    if result:
        return web_helper.return_msg(0, "成功", {'tree_list': result.get('rows')})
    else:
        return web_helper.return_msg(-1, "查询失败")
Exemple #6
0
def callback():
    """
    新增记录
    """
    # 检查用户权限
    _common_logic.check_user_power()

    name = web_helper.get_form('name', '菜单名称')
    icon = web_helper.get_form('icon', '菜单小图标', True, 10, False, is_check_special_char=False)
    icon = icon.replace('\'', '').replace('|', '').replace('%', '')
    page_url = web_helper.get_form('page_url', '页面URL', is_check_null=False)
    interface_url = web_helper.get_form('interface_url', '接口url', is_check_null=False, is_check_special_char=False)
    # 替换编码
    interface_url = interface_url.replace('@', '').replace('\'', '').replace('|', '').replace('%', '')
    parent_id = convert_helper.to_int0(web_helper.get_form('parent_id', '父id', is_check_null=False))
    sort = convert_helper.to_int0(web_helper.get_form('sort', '排序', is_check_null=False))
    is_leaf = web_helper.get_form('is_leaf', '是否最终节点', is_check_null=False)
    is_show = web_helper.get_form('is_show', '是否显示', is_check_null=False)
    is_enabled = web_helper.get_form('is_enabled', '是否启用', is_check_null=False)

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 计算深度级别,即当前菜单在哪一级
    if parent_id == 0:
        level = 0
    else:
        level = _menu_info_logic.get_value_for_cache(parent_id, 'level') + 1
    # 如果没有设置排序,则自动获取当前级别最大的序号加1
    if sort == 0:
        sort = _menu_info_logic.get_max('sort', 'parent_id=' + str(parent_id)) + 1

    # 组合更新字段
    fields = {
        'name': string(name),
        'icon': string(icon),
        'page_url': string(page_url),
        'interface_url': string(interface_url),
        'parent_id': parent_id,
        'sort': sort,
        'level': level,
        'is_leaf': is_leaf,
        'is_show': is_show,
        'is_enabled': is_enabled,
    }
    # 新增记录
    result = _menu_info_logic.add_model(fields)
    if result:
        return web_helper.return_msg(0, '提交成功')
    else:
        return web_helper.return_msg(-1, "提交失败")
Exemple #7
0
def callback(id):
    """
    删除指定记录
    """
    # 检查用户权限
    _common_logic.check_user_power()

    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    # 判断要删除的节点是否有子节点,是的话不能删除
    if _menu_info_logic.exists('parent_id=' + str(id)):
        return web_helper.return_msg(-1, "当前菜单存在子菜单,不能直接删除")

    # 删除记录
    result = _menu_info_logic.delete_model(id)
    if result:
        return web_helper.return_msg(0, '删除成功')
    else:
        return web_helper.return_msg(-1, "删除失败")
Exemple #8
0
def check_user_power():
    """检查当前用户是否有访问当前接口的权限"""
    # 读取session
    session = web_helper.get_session()
    # session不存在则表示登录失效了
    if not session:
        web_helper.return_raise(web_helper.return_msg(-404, "您的登录已失效,请重新登录"))

    # 获取当前页面原始路由
    rule = request.route.rule
    # 获取当前访问接口方式(get/post/put/delete)
    method = request.method.lower()
    # 获取当前访问的url地址
    url = string_helper.filter_str(request.url, '<|>|%|\'')

    # 初始化日志相关变量
    _manager_operation_log_logic = manager_operation_log_logic.ManagerOperationLogLogic()
    ip = web_helper.get_ip()
    manager_id = session.get('id')
    manager_name = session.get('name')
    # 设置访问日志信息
    if method == 'get':
        method_name = '访问'
    else:
        method_name = '进行'

    # 获取来路url
    http_referer = request.environ.get('HTTP_REFERER')
    if http_referer:
        # 提取页面url地址
        index = http_referer.find('?')
        if index == -1:
            web_name = http_referer[http_referer.find('/', 8) + 1:]
        else:
            web_name = http_referer[http_referer.find('/', 8) + 1: index]
    else:
        web_name = ''

    # 组合当前接口访问的缓存key值
    key = web_name + method + '(' + rule + ')'
    # 从菜单权限缓存中读取对应的菜单实体
    _menu_info_logic = menu_info_logic.MenuInfoLogic()
    model = _menu_info_logic.get_model_for_url(key)
    if not model:
        # 添加访问失败日志
        _manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '用户访问[%s]接口地址时,检测没有操作权限' % (url))
        web_helper.return_raise(web_helper.return_msg(-1, "您没有访问权限1" + key))

    # 初始化菜单名称
    menu_name = model.get('name')
    if model.get('parent_id') > 0:
        # 读取父级菜单实体
        parent_model = _menu_info_logic.get_model_for_cache(model.get('parent_id'))
        if parent_model:
            menu_name = parent_model.get('name').replace('列表', '').replace('管理', '') + menu_name

    # 从session中获取当前用户登录时所存储的职位id
    positions = positions_logic.PositionsLogic()
    page_power = positions.get_page_power(session.get('positions_id'))
    # 从菜单实体中提取菜单id,与职位权限进行比较,判断当前用户是否拥有访问该接口的权限
    if page_power.find(',' + str(model.get('id', -1)) + ',') == -1:
        # 添加访问失败日志
        _manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '用户%s[%s]操作检测没有权限' % (method_name, menu_name))
        web_helper.return_raise(web_helper.return_msg(-1, "您没有访问权限2"))

    if not (method == 'get' and model.get('name') in ('添加', '编辑')):
        # 添加访问日志
        _manager_operation_log_logic.add_operation_log(manager_id, manager_name, ip, '用户%s[%s]操作' % (method_name, menu_name))