def approve(package):
""" Processing the request of creating a school
"""
user = package.get('user')
params = package.get('params')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
if school_id == 0:
return Response.error_response("You are not in a school")
permission = PermissionHelper.get_permission(user_id, school_id)
if not PermissionManager.check_permission(permission, ActionType.Approve):
return Response.error_response('Access Denied')
params = package.get('params')
apply_id = int(params.get(ParamType.ApplyId))
apply = SchoolApplyHelper.get_apply_by_id(apply_id)
apply_user_id = apply.get('userid')
if apply is None:
return Response.error_response('No Apply')
status = params.get(ParamType.Approve)
if status == 'true':
status = 1
else:
status = 2
SchoolApplyHelper.judge_apply(apply_id, user_id, status)
if status == 1:
PermissionHelper.user_join_school(apply_user_id, school_id)
return Response.checked_response('Approve Successed')
def delete_theme(package):
#pylint: disable-msg=too-many-return-statements
"""delete theme
"""
user = package.get('user')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
params = package.get('params')
theme_id = int(params.get(ParamType.ThemeId))
theme = SubjectHelper.get_subject_with_schoolid(theme_id)
if theme is None:
return Response.error_response('No Subject')
theme_schoolid = theme.get('school_id')
private_permission = PermissionHelper.get_permission(user_id, school_id)
public_permission = user['permission']
if private_permission > 4: #为超级用户
SubjectHelper.delete_subject(theme_id)
return Response.checked_response('Deleted Success')
if theme_schoolid == 0:
if public_permission < 4:
return Response.error_response('Access Denied')
SubjectHelper.delete_subject(theme_id)
return Response.checked_response('Deleted')
if private_permission < 4: #非高级管理员
return Response.error_response('Access Denied')
if school_id != theme_schoolid: #学校必须匹配
return Response.error_response('Acess Denied')
SubjectHelper.delete_subject(theme_id)
return Response.checked_response('Delete Success')
def get_apply_list(package):
# pylint: disable-msg=too-many-return-statements
""" Processing the request of getting apply list
"""
user = package.get('user')
if user is None:
return Response.error_response('No User')
user_id = user.get('id')
# school_id = PermissionHelper.get_user_school(user_id)
params = package.get('params')
list_type = params.get(ParamType.ApplyListType)
page_num = params.get(ParamType.Page)
target_schoolid = int(params.get(ParamType.SchoolId))
if target_schoolid == 0:
return Response.error_response('Invalid SchoolId')
permission = PermissionHelper.get_permission(user_id, target_schoolid)
if not PermissionManager.check_permission(permission,
ActionType.GetApplyList):
return Response.error_response('Access Denied')
if list_type is None:
list_type = 0
list_type = int(list_type)
if page_num is None:
page_num = 1
page_num = int(page_num)
if list_type not in [0, 1, 2]:
return Response.error_response('Invalid list type')
if page_num < 1:
return Response.error_response('Invalid page number')
apply_list = SchoolApplyHelper.get_applies(target_schoolid, list_type,
page_num)
school = SchoolHelper.get_school(target_schoolid)
if school is None:
return Response.error_response('No School')
ret = {
'tot_count':
SchoolApplyHelper.get_applies_count(target_schoolid, list_type),
'now_count':
len(apply_list),
'apply_list':
apply_list
}
return Response.success_response(ret)
def get_info(package):
"""process the request of getting user's info
"""
params = package.get('params')
username = params.get(ParamType.UsernameWithDefault)
if username is None:
user = package.get('user')
else:
user = UserHelper.get_user_by_username(username)
if user is None:
return Response.error_response("No User")
user = UserHelper.user_filter(user)
permission_public = user.get('permission')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
if school_id == 0:
if permission_public >= 8:
permission_private = permission_public
else:
permission_private = -1
schoolname = 'public area'
else:
permission_private = PermissionHelper.get_permission(
user_id, school_id)
school = SchoolHelper.get_school(school_id)
if school is None:
schoolname = '-'
else:
schoolname = school.get('schoolname')
download = ProgramHelper.count_user_downloadlog(user_id)
del user['permission']
user.update({
'school_name': schoolname,
'permission_public': permission_public,
'permission_private': permission_private,
'download': download
})
return Response.success_response({'user': user})
def download(package):
"""process the request of downloading
"""
user = package.get('user')
user_id = user.get('id')
params = package.get('params')
program_id = (int)(params.get(ParamType.ProgramId))
program = ProgramHelper.get_program(program_id)
if program is None:
return Response.error_response('No Program')
prog_schoolid = program.get('schoolid')
prog_status = program.get('status')
if prog_status not in [0, 1, 2, 3]:
return Response.error_response('Status not Valid')
school_id = PermissionHelper.get_user_school(user_id)
permission = PermissionHelper.get_permission(user_id, school_id)
if permission > 4:
if program.get('status') == 0:
ProgramHelper.judging(program_id)
info = {'content': program['code'], 'readme': program['doc']}
return Response.success_response({'code': info})
if prog_schoolid == 0:
if user.get('permission') < 2:
return Response.error_response('Access Denied')
if school_id != prog_schoolid or permission < 2:
return Response.error_response('Access Denied')
if program.get('status') == 0:
ProgramHelper.judging(program_id)
info = {'content': program['code'], 'readme': program['doc']}
return Response.success_response({'code': info})
def modify_theme(package):
#pylint: disable-msg=too-many-return-statements
"""modify theme
"""
user = package.get('user')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
params = package.get('params')
theme_id = int(params.get(ParamType.ThemeId))
title = params.get(ParamType.ThemeNameWithDefault)
description = params.get(ParamType.ThemeDescriptionWithDefault)
deadline = params.get(ParamType.ThemeDeadlineWithDefault)
theme = SubjectHelper.get_subject_with_schoolid(theme_id)
if theme is None:
return Response.error_response('No Subject')
theme_schoolid = theme.get('school_id')
private_permission = PermissionHelper.get_permission(user_id, school_id)
public_permission = user['permission']
if private_permission > 4: #为超级用户
SubjectHelper.modify_subject(theme_id, title, description, deadline)
return Response.checked_response('Modified')
if theme_schoolid == 0:
if public_permission < 4:
return Response.error_response('Access Denied')
SubjectHelper.modify_subject(theme_id, title, description, deadline)
return Response.checked_response('Modified')
if private_permission < 4: #非高级管理员
return Response.error_response('Access Denied')
if school_id != theme_schoolid: #学校必须匹配
return Response.error_response('Acess Denied')
SubjectHelper.modify_subject(theme_id, title, description, deadline)
return Response.checked_response('Modify Success')
def check_session(package):
"""process the request of check session
"""
user = package.get('user')
user = UserHelper.user_filter(user)
if user is None:
return Response.success_response({'user': None})
user_id = user.get('id')
permission_public = user.get('permission')
del user['permission']
school_id = PermissionHelper.get_user_school(user_id)
if school_id == 0:
school_name = 'public area'
if permission_public > 4:
permission_private = permission_public
else:
permission_private = -1
else:
school = SchoolHelper.get_school(school_id)
if school is None:
school_name = '-'
else:
school_name = school.get('schoolname')
permission_private = PermissionHelper.get_permission(
user_id, school_id)
school = {
'id': school_id,
'name': school_name,
}
ret_user = {
'username': user.get('username'),
'school': school,
'permission_private': permission_private,
'permission_public': permission_public
}
return Response.success_response({'user': ret_user})
def create_theme(package):
#pylint: disable-msg=too-many-return-statements
"""create a theme
"""
user = package.get('user')
params = package.get('params')
target_schoolid = params.get(ParamType.SchoolIdWithDefault)
name = params.get(ParamType.ThemeName)
msg = params.get(ParamType.ThemeDescription)
deadline = params.get(ParamType.ThemeDeadline)
userid = user.get('id')
school_id = PermissionHelper.get_user_school(userid)
private_permission = PermissionHelper.get_permission(userid, school_id)
public_permission = user['permission']
if public_permission < 2 and private_permission < 2:
return Response.error_response('Access Denied')
if public_permission > 1 and private_permission > 1: #如果这是一个双重管理员
if target_schoolid is None:
SubjectHelper.add_subject(0, name, msg, deadline)
return Response.checked_response('Create Successful')
target_schoolid = (int)(target_schoolid)
SubjectHelper.add_subject(target_schoolid, name, msg, deadline)
return Response.checked_response('Create Successful')
if public_permission > 1: #如果这只是一个在野管理员
if school_id is not None:
return Response.error_response('Access Denied')
SubjectHelper.add_subject(0, name, msg, deadline)
return Response.checked_response('Create Successful')
if school_id is None: #此时必须一个schoolid
return Response.error_response('Invalid School Id')
if school_id != target_schoolid:
return Response.error_response('Not the Same School')
SubjectHelper.add_subject(school_id, name, msg, deadline)
return Response.checked_response('Create Successful')
def change_status(package):
#pylint: disable-msg=too-many-return-statements
#pylint: disable-msg=too-many-branches
"""proecess the request of change status
"""
user = package.get('user')
params = package.get('params')
code_id = int(params.get(ParamType.ProgramId))
source = int(params.get(ParamType.SourceStatus))
target = int(params.get(ParamType.TargetStatus))
check = (source, target)
program = ProgramHelper.get_program(code_id)
program_schoolid = program.get('schoolid')
user_id = user.get('id')
school_id = PermissionHelper.get_user_school(user_id)
permission = PermissionHelper.get_permission(user_id, school_id)
public_permission = user.get('permission')
if permission > 4:
if check not in [(0, 1), (1, 2), (1, -1), (2, 3), (3, 4), (4, 5)]:
return Response.error_response('Cannot Change Status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
return Response.checked_response('Status Changed Successful')
if program_schoolid == 0:
if public_permission < 2:
return Response.error_response('Access Denied')
#如果是 在野审查员 不能上传
if public_permission < 4:
if check not in [(0, 1), (1, 2), (1, -1), (2, 3)]:
return Response.error_response('Can\'t change status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
#如果是 在野头目 则可以进行上传
if check not in [(0, 1), (1, 2), (1, -1), (2, 3), (3, 4), (4, 5)]:
return Response.error_response('Cannot Change Status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
if school_id != program_schoolid:
return Response.error_response('Access Denied: Not the same School')
if permission < 2:
return Response.error_response('Access Denied')
if permission < 4: #如果只是普通管理员
if check not in [(0, 1), (1, 2), (1, -1), (2, 3)]:
return Response.error_response('Can\'t change status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
if check not in [(0, 1), (1, 2), (1, -1), (2, 3), (3, 4), (4, 5)]:
return Response.error_response('Cannot Change Status')
if ProgramHelper.change_status(code_id, source, target) is False:
return Response.error_response('Source Status Wrong')
if check == (4, 5):
ProgramHelper.upload(code_id)
if check == (1, 2):
ProgramHelper.judge_program(code_id, 2, user_id)
return Response.checked_response('Status Changed Successful')
def modify_info(package):
# pylint: disable-msg=too-many-locals
# pylint: disable-msg=too-many-return-statements
# pylint: disable-msg=too-many-branches
# pylint: disable-msg=too-many-statements
"""Process the request of modyfying user's info
"""
user = package.get('user')
if user is None:
return Response.error_response('User Not Logged In')
user_id = user.get('id')
params = package.get('params')
username = params.get(ParamType.UsernameWithDefault)
realname = params.get(ParamType.RealnameForModify)
motto = params.get(ParamType.MottoForModify)
modify_private_permission = params.get(
ParamType.PermissionPrivateForModify)
modify_public_permission = params.get(ParamType.PermissionPublicForModify)
if modify_private_permission is not None:
modify_private_permission = int(modify_private_permission)
if modify_public_permission is not None:
modify_public_permission = int(modify_public_permission)
if username is None: #修改本人信息
if modify_private_permission is not None: #不能修改个人权限
return Response.error_response(
'Access Denied: Can\'t Modify Your Permission')
if modify_public_permission is not None:
return Response.error_response(
'Access Denied: Can\'t Modify Your Permission ')
UserHelper.modify_user(user_id, {
'realname': realname,
'motto': motto,
})
return Response.checked_response('Modify Success')
schoolid = PermissionHelper.get_user_school(user_id)
private_permission = PermissionHelper.get_permission(user_id, schoolid)
public_permission = user.get('permission')
if public_permission <= 1 and private_permission <= 1: #如果是屌丝
return Response.error_response('Access Denied')
if modify_private_permission == 4:
return Response.error_response('Can\'t Set Someone to Headmaster')
#现在修改人员有一个权限 >= 2
target_user = UserHelper.get_user_by_username(username)
target_userid = target_user.get('id')
target_schoolid = PermissionHelper.get_user_school(target_userid)
target_public_permission = target_user.get('permission')
target_private_permission = PermissionHelper.get_permission(
target_userid, target_schoolid)
if target_private_permission == 4 and modify_private_permission is not None: #如果更改人是校长
return Response.error_response('Cannot Modify Headmaster')
if modify_private_permission is not None:
if modify_private_permission >= private_permission: #不能越界
return Response.error_response(
'Access Denied: Cannot Promote Someone to Superior')
if modify_private_permission < 0: #不能直接退学
return Response.error_response(
'Access Denied: Cannot Tuixue Student Here')
if modify_public_permission is not None:
if modify_public_permission >= public_permission: #不能越界
return Response.error_response(
'Access Denied: Cannot Promote Someone to Superior')
if public_permission > 4: #现在是超级用户,可以随意修改
if target_public_permission >= public_permission: #超级用户也不能修改root权限
return Response.error_response(
'Access Denied: Can\'t modify your superior')
if target_private_permission == 4:
if modify_private_permission is not None:
return Response.error_response(
'Modify Denied: Cannot Demote or Promote Headmaster Here')
if target_schoolid == 0 and modify_private_permission is not None:
return Response.error_response(
'Access Denied: Cannot Modify Schoolless User\'s private permission'
)
UserHelper.modify_user(
target_userid, {
'permission': modify_public_permission,
'realname': realname,
'motto': motto
})
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
#之后都是管理员 这时候的权限 < 8
if realname is not None:
return Response.error_response(
'Access Denied: Cannot Modify User Realname')
if motto is not None:
return Response.error_response(
'Access Denied: Cannot Modify User Motto')
if schoolid == 0 and private_permission <= 1: #如果是在野管理员,在学校是屌丝, 则只能修改在野权限
if target_public_permission >= public_permission: #不能改领导权限 或者 同事s
return Response.error_response(
'Access Denied: Can\'t modify your superior')
if modify_private_permission is not None and schoolid == 0: #在野管理员不能修改学校权限
return Response.error_response(
'Access Denied: Not The Same School')
if modify_public_permission is not None: #只可修改在野权限
UserHelper.modify_user(target_userid,
{'permission': modify_public_permission})
return Response.checked_response('Modify Success')
if modify_private_permission is not None and modify_public_permission is not None:
if private_permission < 2 or public_permission < 2:
return Response.error_response('Access Denied: Permission Error')
if target_private_permission >= private_permission:
return Response.error_response(
'Access Denied: Cannot Modify Your Superior')
if target_public_permission >= public_permission:
return Response.error_response(
'Access Denied: Cannot Modify Your Superior')
UserHelper.modify_user(target_userid,
{'permission': modify_public_permission})
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
#现在完全是在野屌丝
if target_private_permission >= private_permission: #不能该领导权限 或者 同事
return Response.error_response(
'Access Denied: Can\'t modify your superior')
#现在是有学校的管理员
if target_schoolid != schoolid: #不是一个学校
return Response.error_response('Access Denied: Not The Same School')
if modify_public_permission is not None: #不能改变在野权限
return Response.error_response(
'Access Denied: Can\'t modify public permission')
if modify_private_permission is not None:
PermissionHelper.set_permission(target_userid, target_schoolid,
modify_private_permission)
return Response.checked_response('Modify Success')
def getlist(package):
#pylint: disable-msg=too-many-locals
"""process the request of getting user's info
"""
params = package.get('params')
show_invalid = params.get(ParamType.ShowInvalid) == 'true'
manager_first = params.get(ParamType.ManagerFirst) == 'true'
school_id = int(params.get(ParamType.SchoolId))
page = params.get(ParamType.Page)
if page is None:
page = 1
page = int(page)
if school_id == 0:
user_list = UserHelper.user_list(page, show_invalid, manager_first)
ret_list = []
if len(user_list) == 0:
data = {
'tot_count': UserHelper.user_count(show_invalid),
'now_count': 0,
'user_list': []
}
return Response.success_response(data)
for user in user_list:
download = ProgramHelper.count_user_downloadlog(user.get('id'))
ret_list.append({
'username': user.get('username'),
'motto': user.get('motto'),
'permission': user.get('permission'),
'download': download
})
data = {
'tot_count': UserHelper.user_count(show_invalid),
'now_count': len(ret_list),
'user_list': ret_list
}
return Response.success_response(data)
buf_userlist = UserHelper.get_all(show_invalid, manager_first)
userlist = []
for user in buf_userlist:
user_id = user.get('id')
school = PermissionHelper.get_user_school(user_id)
if school_id != school:
continue
download = ProgramHelper.count_user_downloadlog(user.get('id'))
permission_private = PermissionHelper.get_permission(user_id, school)
print('permission private', permission_private)
userlist.append({
'username': user['username'],
'motto': user['motto'],
'permission': permission_private,
'download': download
})
if len(userlist) < (page - 1) * 20:
data = {'tot_count': len(userlist), 'now_count': 0, 'user_list': []}
return Response.success_response(data)
pagelist = userlist[(page - 1) * 20:page * 20]
data = {
'tot_count': len(userlist),
'now_count': len(pagelist),
'user_list': userlist,
}
return Response.success_response(data)