def POST(self):
data = web.input(req='')
req = data.req
if req == "email":
try:
result = Admin.getBy(username=self.session.username)
web.header('Content-Type', 'application/json')
if result:
return json.dumps({'email': result.email})
else:
return json.dumps({'err': '没有找到匹配的用户'})
except Exception as err:
web.header('Content-Type', 'application/json')
return json.dumps({'err': '出现错误: ' + str(err)})
elif req == "submit":
web.header('Content-Type', 'application/json')
try:
if data.nickname == "":
return json.dumps({"err", "请输入昵称"})
if data.email == "email":
return json.dumps({'err', "请输入邮箱"})
person = Admin.getBy(username=self.session.username)
person.nickname = data.nickname
person.email = data.email
person.update()
self.session.nickname = data.nickname
return json.dumps({'success': "个人资料更新成功"})
except Exception as err:
return json.dumps({'err': "出现错误: " + str(err)})
else:
return web.Forbidden()
def POST(self):
data = web.input(req='', username='', id='', newp='')
req = data.req
if req == 'check':
try:
person = Admin.getBy(username=data.username)
web.header('Content-Type', 'application/json')
if person == None:
return json.dumps({'is_valid': '1'})
else:
return json.dumps({'is_valid': '0'})
except Exception as err:
web.header('Content-Type', 'application/json')
raise err
return json.dumps({'err': '出现错误: ' + str(err)})
elif req == 'submit':
try:
person = Admin.getBy(username=data.username)
web.header('Content-Type', 'application/json')
if person: # 用户名已被占用
return json.dumps({'err': '用户名已被占用!'})
else: # 更新密码
Admin(dict(
username=data.username,
password=hashlib.new('md5', data.newp).hexdigest(),
role=data.role,
)).insert()
return json.dumps({'success': '成功添加用户'})
except Exception as err:
web.header('Content-Type', 'application/json')
return json.dumps({'err': '出现错误: ' + str(err)})
elif req == 'delete':
if not data.id:
return json.dumps({'err': '请求出错'})
person = Admin.get(data.id)
operator = Admin.getBy(username=self.session.username)
if not person:
return json.dumps({'err': '用户不存在'})
if operator.role >= person.role:
return json.dumps({'err': '无权限'})
person.delete()
return json.dumps({'success': '已删除'})
elif req == 'update':
person = Admin.getBy(username=data.username)
operator = Admin.getBy(username=self.session.username)
if not person:
return json.dumps({'err': '用户不存在'})
if operator.role >= person.role:
return json.dumps({'err': '无权限'})
person.password = hashlib.new('md5', data.newp).hexdigest()
person.update()
return json.dumps({'success': '修改成功!'})
else:
return web.Forbidden()
def POST(self):
# username password remeber
data = web.input(username="", password="", remeber="")
try:
result = Admin.getBy(
username=data.username,
password=hashlib.new("md5", data.password).hexdigest()
)
if result == None: # 身份验证失败
# self.page.errinfo = "您输入的用户名和密码不匹配,请检查后重试."
# print self.page.errinfo
# return render.admin.login(page = self.page)
return json.dumps({'err': '您输入的用户名和密码不匹配,请检查后重试'})
else:
self.session.username = result.username
self.session.nickname = result.nickname
self.session.role = "admin"
self.session.logged = True
if data.remeber: # 记住密码
web.config.session_parameters['ignore_expiry'] = True
return json.dumps({'success': '登录成功!'})
except Exception as err:
self.page.title = "出错啦!"
self.page.errinfo = err
return render.errinfo(page=self.page)
def GET(self):
admins = Admin.getAll()
operator = Admin.getBy(username=self.session.username)
print admins
for i in range(len(admins)): # role = 0 为最高权限, role越大, 权限越低
if admins[i].username == operator.username:
index = i
admins[i].deletable = (admins[i].role > operator.role)
admins.pop(index)
print admins
return render.admin.users(page=self.page, session=self.session, admins=admins)
def POST(self):
data = web.input(req='')
req = data.req
if req == "check":
try:
person = Admin.getBy(
username=self.session.username,
password=hashlib.new("md5", data.oldp).hexdigest()
)
web.header('Content-Type', 'application/json')
if person:
return json.dumps({'is_valid': '1'})
else:
return json.dumps({'is_valid': '0'})
except Exception as err:
web.header('Content-Type', 'application/json')
return json.dumps({'err': '出现错误: ' + str(err)})
elif req == "submit":
try:
person = Admin.getBy(
username=self.session.username,
password=hashlib.new("md5", data.oldp).hexdigest()
)
web.header('Content-Type', 'application/json')
if person is None: # 旧密码输错
return json.dumps({'err': '旧密码输入错误!'})
else: # 更新密码
person.password = hashlib.new("md5", data.newp).hexdigest()
person.update()
return json.dumps({'success': '密码修改成功'})
except Exception as err:
web.header('Content-Type', 'application/json')
return json.dumps({'err': '出现错误: ' + str(err)})
else:
return web.Forbidden()
