def GET(self, xid):
assert (str(xid).isdigit())
if not check_right (xid):
print 'try to read an unauthrithm data, %s record id:%s , user id:%s' % ('book',xid, get_user())
raise web.notfound()
record = m_book.get_one (**{"id": int(xid)})
return render ('admin/book_read.html', data = {'record':record})
def GET(self, xid):
assert (str(xid).isdigit())
if not check_right(xid):
print 'try to read an unauthrithm data, %s record id:%s , user id:%s' % (
'book', xid, get_user())
raise web.notfound()
record = m_book.get_one(**{"id": int(xid)})
return render('admin/book_read.html', data={'record': record})
def POST(self, xid):
#xid = web.input(xid=0).get('xid')
assert (str(xid).isdigit())
xid = int(xid)
request = web.input()
input_fields = [
'book_name',
'book_publisher',
'book_summary',
'book_author',
'book_amount',
]
nonul_fields = [
'book_name',
'book_publisher',
'book_amount',
] #user input fileds, can not be emtpy
#检查用户是否有权限
if xid != 0 and not check_right(xid):
print 'try to save an unauthrithm data, %s record id:%s , user id:%s' % (
'book', xid, get_user())
raise web.notfound()
#检查是否存在 不能为空的字段 输入为空
if not self.check_input(request, nonul_fields):
print 'try to edit data, but found some not-null parameter null, table: %s' % 'book'
return default_error('some parameter empty')
data = {}
if xid == 0: #new record
print 'add new record into database for table book'
data["id"] = 0
data['create_time'] = get_date()
data['create_user'] = get_user()
else:
print 'update record into database for table book'
data = m_book.get_one(**{'id': xid})
if not data:
print 'try to update record into database, but fail'
raise web.notfound()
data['update_time'] = get_date()
data['update_user'] = get_user()
for field in input_fields:
new_field = field.replace('book_', '', 1)
data[new_field] = request.get(field, '')
#if xid=0 then add ; otherwise update
m_book.upsert("id", **data)
return web.seeother('/admin/book' + "_list")
def GET(self,xid):
assert (str(xid).isdigit())
xid = int(xid)
if xid and not check_right (xid):
print 'try to edit unauthorization data, table:%s, id:%s' % ( 'book', xid)
return default_error ()
data = {}
if xid:
data['record'] = m_book.get_one (**{"id": int(xid)})
if not data:
print 'Error, try to edit record but not found data, table:%s, id:%s' % ('book', xid)
raise web.notfound()
return render ('admin/book_edit.html', data = data)
def GET(self, xid):
assert (str(xid).isdigit())
xid = int(xid)
if xid and not check_right(xid):
print 'try to edit unauthorization data, table:%s, id:%s' % (
'book', xid)
return default_error()
data = {}
if xid:
data['record'] = m_book.get_one(**{"id": int(xid)})
if not data:
print 'Error, try to edit record but not found data, table:%s, id:%s' % (
'book', xid)
raise web.notfound()
return render('admin/book_edit.html', data=data)
def POST(self,xid):
#xid = web.input(xid=0).get('xid')
assert (str(xid).isdigit())
xid = int(xid)
request = web.input()
input_fields = [ 'book_name', 'book_publisher', 'book_summary', 'book_author', 'book_amount', ]
nonul_fields = [ 'book_name', 'book_publisher', 'book_amount', ] #user input fileds, can not be emtpy
#检查用户是否有权限
if xid!=0 and not check_right (xid):
print 'try to save an unauthrithm data, %s record id:%s , user id:%s' % ('book',xid, get_user())
raise web.notfound()
#检查是否存在 不能为空的字段 输入为空
if not self.check_input (request, nonul_fields):
print 'try to edit data, but found some not-null parameter null, table: %s' % 'book'
return default_error('some parameter empty')
data = {}
if xid==0: #new record
print 'add new record into database for table book'
data["id"] = 0
data['create_time'] = get_date(); data['create_user'] = get_user()
else:
print 'update record into database for table book'
data = m_book.get_one ( ** {'id': xid})
if not data:
print 'try to update record into database, but fail'
raise web.notfound()
data['update_time'] = get_date(); data['update_user'] = get_user()
for field in input_fields:
new_field = field.replace('book_','',1)
data[new_field] = request.get(field,'')
#if xid=0 then add ; otherwise update
m_book.upsert ("id",**data)
return web.seeother('/admin/book'+"_list")
