def registery():
if (not 'captcha' in session.keys()) or (session['captcha'] == None):
return jsonify(result=False, reason="Please reload captcha first"), 400
pipeline = Pipeline(request)
pipeline.add(ensureJson)
pipeline.add(ensureCaptcha, [request, session])
pipeline.add(
ensureParam,
[request, 'username', lambda: invalidateSession(session, 'captcha')])
pipeline.add(
ensureParam,
[request, 'password', lambda: invalidateSession(session, 'captcha')])
broken, retvs = pipeline.run()
if broken:
return retvs
_, _, username, password = retvs
sess = DBSession()
user = User(username)
user.setPassword(password)
sess.add(user)
sess.commit()
session['captcha'] = None
return jsonify(result=True), 200
def all(cls):
sess = DBSession()
categories = sess.query(Category).filter_by(parent_id=None).all()
total = {}
for category in categories:
total[category.name] = category.children()
return total
def update():
current_user = get_jwt_identity()
pipeline = Pipeline(request)
pipeline.add(ensureJson)
pipeline.add(ensureParam, [request, 'id'])
pipeline.add(ensureParam, [request, 'receiver'])
pipeline.add(ensureParam, [request, 'phonenumber'])
pipeline.add(ensureParam, [request, 'address'])
broken, retvs = pipeline.run()
if broken:
return retvs
_, _id, receiver, phonenumber, address = retvs
sess = DBSession()
addr = sess.query(Address).filter_by(id=_id).first()
user = sess.query(User).filter_by(id=current_user).first()
if (addr != None) and (addr.owner_id == current_user):
addr.receiver = receiver
addr.phonenumber = phonenumber
addr.address = address
sess.commit()
return jsonify(result=True), 200
return jsonify(result=False, reson="BAD ADDRESS ID"), 200
def changepswd():
current_user = get_jwt_identity()
pipeline = Pipeline(request)
pipeline.add(ensureJson)
pipeline.add(ensureParam, [request, 'username'])
pipeline.add(ensureParam, [request, 'oripswd'])
pipeline.add(ensureParam, [request, 'newpswd'])
broken, retvs = pipeline.run()
if broken:
return retvs
_, username, oripswd, newpswd = retvs
sess = DBSession()
user = sess.query(User).filter_by(username=username).first()
if not user or not cmparePswd(
oripswd, user.password) or not user.id == current_user:
return jsonify({"msg": "Bad username or password"}), 401
user.setPassword(newpswd)
sess.commit()
invalidate(get_raw_jwt())
return jsonify(msg="Change password successfully, please relogin"), 200
def storeproduct():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
storehouse_id = request.json.get('storehouse_id')
if not storehouse_id:
return jsonify({"msg": "Missing storehouse_id parameter"}), 400
storehouse = sess.query(Storehouse).filter_by(id=storehouse_id).first()
if not storehouse:
return jsonify({"msg": "Bad storehouseId"}), 401
if current_user:
user = sess.query(User).filter_by(id=current_user).first()
if user.isOperator:
products = sess.query(Product).filter_by(storehouse_id=storehouse_id).all()
else:
return jsonify({"msg": "No Permission"}), 401
if not products:
products = None
if products.remain != 0:
all_products = [product.brief() for product in products]
return jsonify(products=all_products), 200
def productDetail():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
storehouse_id = request.json.get('storehouse_id')
if not storehouse_id:
return jsonify({"msg": "Missing storehouse_id parameter"}), 400
storehouse = sess.query(Storehouse).filter_by(id=storehouse_id).first()
if not storehouse:
return jsonify({"msg": "Bad storehouseId"}), 401
if current_user:
user = sess.query(User).filter_by(id=current_user).first()
if user.isOperator:
product_id = sess.query(Product).filter_by(storehouse_id=storehouse_id).first()
if not product_id:
return jsonify({"msg": "Missing id parameter"}), 400
product = sess.query(Product).filter_by(id=product_id).first()
if not product:
return jsonify({"msg": "Bad productId"}), 401
if product.archived:
if product.remain != 0:
return jsonify(product.detailed()), 200
else:
return jsonify({"msg": "No Permission"}), 401
def homepage():
sess = DBSession()
current_page = request.json['page'] if request.is_json and (
'page' in request.json.keys()) else 1
per_page = request.json['per_page'] if request.is_json and (
'per_page' in request.json.keys()) else 20
idx = (current_page - 1) * per_page
result = sess.query(Product).filter_by(shelved=True, archived=False).all()
total = len(result)
pages = math.ceil(total / per_page)
idx_start = max(min(idx, len(result)), 0)
idx_end = max(min(idx + per_page, len(result)), 0)
result = result[idx_start:idx_end]
roots = Category.all()
cates = []
for k, v in roots.items():
cate = sess.query(Category).filter_by(name=k).first()
for sk in v:
subcates = sess.query(Category).filter_by(parent_id=cate.id).all()
cates += [{
"id": sc.id,
"name": sc.name,
'image': sc.thumbnail
} for sc in subcates]
#cates.append({"id":cate.id, "name":cate.name, "subcate":[{"id":sc.id, "name":sc.name} for sc in subcates]})
prods = [p.brief() for p in result] if result else []
return jsonify(total=total,
totalPages=pages,
categories=cates,
products=prods), 200
def rejectSupplierOrder():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify(result=False, msg="Missing JSON in request"), 400
user = sess.query(User).filter_by(id=current_user).first()
if True or user.isOperator:
supplierOrder_id = request.json.get('sorderid')
if not supplierOrder_id:
return jsonify(result=False, msg="Missing sorderid parameter"), 400
reason = request.json.get('reason')
if not reason:
return jsonify(result=False, msg="Missing reason parameter"), 400
supplierOrder = sess.query(SupplierOrder).filter_by(
id=supplierOrder_id, rejected=False).first()
if not supplierOrder:
return jsonify(result=False, msg="Bad sorderid"), 401
supplierOrder.rejected = True
supplierOrder.rejectReason = reason
sess.commit()
return jsonify(result=True), 200
else:
return jsonify(result=False, msg="No Permission"), 403
def createProduct():
sess = DBSession()
current_user = get_jwt_identity()
user = sess.query(User).filter_by(id=current_user).first()
#manager = sess.query(User).filter_by(id=current_user,isManager=True).first()
if not user.isManager:
return jsonify({"msg": "No Permission"}), 401
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
title = request.json.get('title')
if not title:
return jsonify({"msg": "Missing title parameter"}), 400
category = request.json.get('category')
if not category:
return jsonify({"msg": "Missing category parameter"}), 400
storehouse_id = request.json.get('storehouse_id')
if not storehouse_id:
return jsonify({"msg": "Missing storehouse_id parameter"}), 400
dictdata = request.json.get('dictdata')
if not dictdata:
return jsonify({"msg": "Missing dictdata parameter"}), 400
product = Product(title,category,storehouse_id)
product.update(dictdata)
sess.add(product)
sess.commit()
return jsonify(result=True, productId=product.id)
def category():
sess = DBSession()
category_id = request.json['id'] if request.is_json and (
'id' in request.json.keys()) else None
current_page = request.json['page'] if request.is_json and (
'page' in request.json.keys()) else 1
per_page = request.json['per_page'] if request.is_json and (
'per_page' in request.json.keys()) else 20
category = []
if category_id == None:
roots = Category.all()
for k, v in roots.items():
category += v
else:
category += sess.query(Category).filter_by(
id=category_id).first().children()
category = [
sess.query(Category).filter_by(name=c).first() for c in category
]
category = [c.id for c in category if c != None]
category.append(category_id)
result = []
for cate in category:
result += sess.query(Product).filter_by(shelved=True,
archived=False,
category_id=cate)
result = sorted(result, key=lambda x: x.id)
idx = (current_page - 1) * per_page
total = len(result)
pages = math.ceil(total / per_page)
idx_start = max(min(idx, len(result)), 0)
idx_end = max(min(idx + per_page, len(result)), 0)
result = result[idx_start:idx_end]
prods = [p.brief() for p in result] if result else []
return jsonify(total=total, totalPages=pages, products=prods), 200
def deleteQuestion(question):
session = DBSession()
q = session.query(Question).filter(question == Question.id).first()
if (q != None):
q.deleted = True
session.commit()
session.close()
def login():
if ('captcha' not in session.keys()) or (session['captcha'] is None):
return jsonify(result=False, reason="Please reload captcha first"), 400
pipeline = Pipeline(request)
pipeline.add(ensureJson)
pipeline.add(ensureCaptcha, [request, session])
pipeline.add(
ensureParam,
[request, 'username', lambda: invalidateSession(session, 'captcha')])
pipeline.add(
ensureParam,
[request, 'password', lambda: invalidateSession(session, 'captcha')])
broken, retvs = pipeline.run()
if broken:
return retvs
_, _, username, password = retvs
sess = DBSession()
user = sess.query(User).filter_by(username=username).first()
if not user or not cmparePswd(password, user.password):
session['captcha'] = None
return jsonify(result=False, reason="Bad username or password"), 401
expires = datetime.timedelta(days=1)
token = create_access_token(identity=user.id, expires_delta=expires)
session['captcha'] = None
return jsonify(result=True,
access_token=token,
user_type=user.getUserType()), 200
def updateProduct():
sess = DBSession()
current_user = get_jwt_identity()
user = sess.query(User).filter_by(id=current_user).first()
if not user.isManager:
return jsonify({"msg": "No Permission"}), 401
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
product_id = request.json.get('product_id')
if not product_id:
return jsonify({"msg": "Missing product_id parameter"}), 400
#name = request.json.get('name')
#if not name:
# return jsonify({"msg": "Missing name parameter"}), 400
#category = request.json.get('category')
#if not category:
# return jsonify({"msg": "Missing category parameter"}), 400
#status = request.json.get('status')
#if not status:
# return jsonify({"msg": "Missing status parameter"}), 400
#all_description = request.json.get('description')
#if not all_description:
# return jsonify({"msg": "Missing description parameter"}), 400
#product = sess.query(Product).filter_by(id=product_id,removed=False).first()
#if not product:
# return jsonify({"msg": "Bad productId"}), 401
#description = sess.query(Description).filter_by(product_id=product_id,removed=False).first()
#if not description:
# return jsonify({"msg": "Bad description"}), 401
#product.name=name
# status = request.json.get('status')
# if not status:
# return jsonify({"msg": "Missing status parameter"}), 400
# product = sess.query(Product).filter_by(id=product_id).first()
dictdata = request.json.get('dictdata')
if not dictdata:
return jsonify({"msg": "Missing dictdata parameter"}), 400
product = sess.query(Product).filter_by(id=product_id).first()
product.update(dictdata)
sess.commit()
#if product.removed:
# description.removed=True
#description.modify(all_description)
return jsonify(result=True), 200
def allProduct():
current_user = get_jwt_identity()
sess = DBSession()
user = sess.query(User).filter_by(id=current_user).first()
if user.isOperator:
storehouse = sess.query(Storehouse).filter_by(operator_id=current_user).first()
if storehouse:
products = sess.query(Product).filter_by(storehouse_id=storehouse.id).all()
all_products = [product.brief() for product in products]
return jsonify(products=all_products), 200
return jsonify({"msg": "No Permission"}), 401
def all():
current_user = get_jwt_identity()
sess = DBSession()
addresses = sess.query(Address).filter_by(owner_id=current_user).all()
addresses = [{
'receiver': addr.receiver,
'phonenumber': addr.phonenumber,
'address': addr.address,
'id': addr.id
} for addr in addresses]
return jsonify(addresses), 200
def __init__(self, id, compulsory, question):
if (len(question) < 1 or len(id) < 1):
raise ValueError
session = DBSession()
self.id = id
self.type = "TextQuestion"
self.compulsory = compulsory
self.question = question
session.add(self)
session.commit()
def __init__(self, id, compulsory, question, responses):
if (responses == None or len(responses) < 1 or len(question) < 1
or len(id) < 1):
raise ValueError
session = DBSession()
self.id = id
self.type = "MCQ"
self.compulsory = compulsory
self.question = question
self.responses = responses
session.add(self)
session.commit()
def all():
current_user = get_jwt_identity()
sess = DBSession()
carts = sess.query(Cart).filter_by(creator_id=current_user,
removed=False).all()
carts = [{"id": c.product_id, 'count': c.count} for c in carts]
for cart in carts:
product = sess.query(Product).filter_by(id=cart['id']).first()
cart['name'] = product.title,
cart['price'] = str(product.price),
cart['unit'] = product.unit,
cart['image'] = product.thumbnail,
return jsonify(carts), 200
def allOrder():
sess = DBSession()
current_user = get_jwt_identity()
if current_user:
user = sess.query(User).filter_by(id=current_user).first()
if user.isOperator:
storehouse = sess.query(Storehouse).filter_by(
operator_id=current_user).first()
virtual_orders = sess.query(Order).filter_by(virtual=True).all()
else:
virtual_orders = sess.query(Order).filter_by(
creator_id=current_user, virtual=True).all()
orders = []
for virorder in virtual_orders:
if virorder.virtual:
if user.isOperator:
_orders = sess.query(Order).filter_by(
belonging_id=virorder.id, virtual=False).all()
else:
_orders = sess.query(Order).filter_by(
belonging_id=virorder.id, virtual=False).all()
suborders = []
for order in _orders:
suborders.append({
'id':
order.product_id,
'count':
order.count,
'cost':
str(order.product_id * order.count),
})
# addr=sess.query(Address).filter_by(id=virorder.address_id).first()
# orders.append((virorder.id, virorder.createTime, suborders, addr.receiver, addr.phonenumber, addr.address, status))
#addr = sess.query(Address).filter_by(owner_id=virorder.creator_id).first()
orders.append({
'orderid': virorder.id,
'create_time': virorder.createTime,
'products': suborders,
'status': virorder.status(),
'receiver': virorder.receiver,
'phonenumber': virorder.phonenumber,
'address': virorder.address,
'total_cost': str(virorder.cost()),
})
orders.sort(key=lambda x: x['create_time'], reverse=True)
return jsonify(orders), 200
else:
return jsonify({"msg": "Please login"}), 401
def catalogs():
sess = DBSession()
roots = Category.all()
cates = []
for k, v in roots.items():
cate = sess.query(Category).filter_by(name=k).first()
for sk in v:
subcates = sess.query(Category).filter_by(parent_id=cate.id).all()
cates += [{
"id": sc.id,
"name": sc.name,
'image': sc.thumbnail
} for sc in subcates]
return jsonify(catalogs=cates), 200
def delete():
current_user = get_jwt_identity()
pids = request.json['ids'] if request.is_json and (
'ids' in request.json.keys()) else None
sess = DBSession()
for pid in pids:
cart = sess.query(Cart).filter_by(creator_id=current_user,
product_id=pid,
removed=False).first()
if cart:
cart.removed = True
sess.commit()
return jsonify(result=True), 200
def createOrder():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
user = sess.query(User).filter_by(id=current_user).first()
ids = request.json.get('ids')
if not ids:
return jsonify({"msg": "Missing ids parameter"}), 400
receiver = request.json.get('receiver', '')
phonenumber = request.json.get('phonenumber', '')
address = request.json.get('address', '')
carts = sess.query(Cart).filter_by(creator_id=current_user,
removed=False).all()
vir = Order(current_user)
vir.setAddress(address, receiver, phonenumber)
sess.add(vir)
sess.commit()
#rders = []
created = []
for cart in carts:
if cart.product_id in ids:
product = sess.query(Product).filter_by(id=cart.product_id,
shelved=True).first()
# 限购暂未实现
#print(product.remain, cart.count)
#if (not product) or (product.remain < cart.count):
# orders.append([False,cart.id])
# continue
#product.remain = product.remain - cart.count
order = Order(current_user, False)
order.fill(cart.product_id, cart.count, product.price, vir.id)
sess.add(order)
cart.removed = True
sess.commit()
created.append(cart.product_id)
#orders.append([True,cart.id,cart.product_id,cart.count,product.price])
#return jsonify(orders=orders,price=vir.cost()), 200
return jsonify(result=True, created=created), 200
def payOrder():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
order_id = request.json.get('orderid')
if not order_id:
return jsonify({"msg": "Missing orderid parameter"}), 400
user = sess.query(User).filter_by(id=current_user).first()
order = sess.query(Order).filter_by(id=order_id, paid=False,
virtual=True).first()
if not order:
return jsonify(result=False, msg="Bad order_id"), 401
order.paid = True
sess.commit()
return jsonify(result=True), 200
def loginAs():
if not inDebugging():
return 'FORBIDDEN'
pipeline = Pipeline(request)
pipeline.add(ensureJson)
pipeline.add(
ensureParam,
[request, 'username', lambda: invalidateSession(session, 'captcha')])
broken, retvs = pipeline.run()
if broken:
return retvs
_, username = retvs
sess = DBSession()
user = sess.query(User).filter_by(username=username).first()
token = create_access_token(identity=user.id)
return jsonify(msg="Login successfully as " + user.username,
access_token=token), 200
def search():
sess = DBSession()
filterstr = "%{}%".format(request.json['filter']) if request.is_json and (
'filter' in request.json.keys()) else "%"
current_page = request.json['page'] if request.is_json and (
'page' in request.json.keys()) else 1
per_page = request.json['per_page'] if request.is_json and (
'per_page' in request.json.keys()) else 20
result = sess.query(Product).filter_by(
shelved=True,
archived=False).filter(Product.title.like(filterstr)).all()
result = sorted(result, key=lambda x: x.id)
idx = (current_page - 1) * per_page
total = len(result)
pages = math.ceil(total / per_page)
idx_start = max(min(idx, len(result)), 0)
idx_end = max(min(idx + per_page, len(result)), 0)
result = result[idx_start:idx_end]
prods = [p.brief() for p in result] if result else []
return jsonify(total=total, totalPages=pages, products=prods), 200
def allSupplierOrder():
sess = DBSession()
current_user = get_jwt_identity()
user = sess.query(User).filter_by(id=current_user).first()
if user.isManager or user.isOperator:
#supplierOrders = sess.query(SupplierOrder).filter_by(creator_id=current_user).all()
_supplierOrders = sess.query(SupplierOrder).all()
supplierOrders = []
for sorder in _supplierOrders:
supplierOrders.append({
'sorderid': sorder.id,
'create_time': sorder.createTime,
'product_id': sorder.product_id,
'count': sorder.count,
'storehouse_id': sorder.storehouse_id,
'status': sorder.status(),
})
supplierOrders.sort(key=lambda x: x['create_time'], reverse=True)
return jsonify(supplierOrders), 200
else:
return jsonify({"msg": "No Permission"}), 403
def add():
current_user = get_jwt_identity()
pid = request.json['id'] if request.is_json and (
'id' in request.json.keys()) else None
count = request.json['count'] if request.is_json and (
'count' in request.json.keys()) else None
sess = DBSession()
cart = sess.query(Cart).filter_by(creator_id=current_user,
product_id=pid,
removed=False).first()
if cart:
cart.count += count
if cart.count <= 0:
cart.removed = True
else:
cart = Cart(current_user, pid, count)
sess.add(cart)
sess.commit()
return jsonify(result=True), 200
def add():
current_user = get_jwt_identity()
pipeline = Pipeline(request)
pipeline.add(ensureJson)
pipeline.add(ensureParam, [request, 'receiver'])
pipeline.add(ensureParam, [request, 'phonenumber'])
pipeline.add(ensureParam, [request, 'address'])
broken, retvs = pipeline.run()
if broken:
return retvs
_, receiver, phonenumber, address = retvs
addr = Address(current_user, receiver, phonenumber, address)
sess = DBSession()
sess.add(addr)
sess.commit()
user = sess.query(User).filter_by(id=current_user).first()
if user.default_address_id is None:
user.default_address_id = addr.id
sess.commit()
return jsonify(result=True, id=addr.id), 200
def productDetail():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify({"msg": "Missing JSON in request"}), 400
product_id = request.json.get('id')
if not product_id:
return jsonify({"msg": "Missing id parameter"}), 400
product = sess.query(Product).filter_by(id=product_id).first()
if not product:
return jsonify({"msg": "Bad productId"}), 401
if product.archived:
if current_user:
user = sess.query(User).filter_by(id=current_user).first()
if user and user.isManager:
return jsonify(product.detailed()), 200
return jsonify({"msg": "No Permission"}), 401
else:
return jsonify(product.detailed()), 200
def createSupplierOrder():
sess = DBSession()
current_user = get_jwt_identity()
if not request.is_json:
return jsonify(result=False, msg="Missing JSON in request"), 400
if current_user:
user = sess.query(User).filter_by(id=current_user).first()
if user.isManager or user.isOperator:
product_id = request.json.get('product_id')
if not product_id:
return jsonify({"msg": "Missing product_id parameter"}), 400
count = request.json.get('count')
if not count:
return jsonify({"msg": "Missing count parameter"}), 400
storehouse_id = request.json.get('storehouse_id')
if not storehouse_id:
return jsonify({"msg": "Missing storehouse_id parameter"}), 400
product = sess.query(Product).filter_by(id=product_id).first()
if not product:
return jsonify({"msg": "Bad productId"}), 401
supplierOrder = SupplierOrder(current_user)
supplierOrder.fill(product_id, storehouse_id, count)
sess.add(supplierOrder)
sess.commit()
return jsonify(sorderid=supplierOrder.id), 200
else:
return jsonify({"msg": "No Permission"}), 403
else:
return jsonify({"msg": "Please login"}), 401