def _getMenu(self, fid: str):
data = []
M = self.__menus[fid] if fid in self.__menus else []
for val in M:
# 菜单权限
id = str(val['id'])
perm = self.__permAll[id] if id in self.__permAll.keys() else 0
# 动作权限
action = []
actionArr = []
actionStr = str(val['action'])
if actionStr != '': actionArr = Util.JsonDecode(actionStr)
for v in actionArr:
permVal = int(v['perm'])
checked = True if perm & permVal > 0 else False
tName = 'S' if v['type'] == '1' else 'H'
action += [{
'id': int(val['id']) + int(v['perm']),
'label': str(v['name']) + '->' + tName,
'checked': checked,
'perm': v['perm'],
}]
# 数据
checked = True if id in self.__permAll.keys() else False
tmp = {'id': val['id'], 'label': val['title'], 'checked': checked}
if val['fid'] == 0: tmp['show'] = True
# children
menu = self._getMenu(id)
if len(menu) > 0: tmp['children'] = menu
elif len(action) > 0:
tmp['action'] = True
tmp['children'] = action
data += [tmp]
return data
def _getMenu(self, fid: str):
data = []
M = self.__menus[fid] if fid in self.__menus else []
for val in M:
# 菜单权限
id = str(val['id'])
if id not in self.__permAll.keys(): continue
# 动作权限
perm = self.__permAll[id]
action = []
actionArr = []
actionStr = str(val['action'])
if actionStr != '': actionArr = Util.JsonDecode(actionStr)
for v in actionArr:
permVal = int(v['perm'])
if v['type'] == '1' and perm & permVal > 0: action += [v]
# 数据
value = {
'url': val['url'],
'controller': val['controller'],
'action': action
}
tmp = {'icon': val['ico'], 'label': val['title'], 'value': value}
menu = self._getMenu(id)
if len(menu) > 0: tmp['children'] = menu
data += [tmp]
return data
def List(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
page = self.Post('page')
limit = self.Post('limit')
if not data or not page or not limit:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
name = Util.Trim(param['name']) if 'name' in param.keys() else ''
# 统计
m = SysRoleM()
m.Columns('count(*) AS num')
m.Where('name LIKE %s', '%' + name + '%')
total = m.FindFirst()
# 查询
m.Columns('id', 'name', 'FROM_UNIXTIME(ctime, %s) as ctime',
'FROM_UNIXTIME(utime, %s) as utime', 'perm')
m.Where('name LIKE %s', '%Y-%m-%d %H:%i:%s', '%Y-%m-%d %H:%i:%s',
'%' + name + '%')
m.Page(int(page), int(limit))
list = m.Find()
# 返回
return self.GetJSON({
'code': 0,
'msg': '成功',
'list': list,
'total': total['num']
})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
tData = AdminToken.Token(token)
# 参数
data = self.Post('data')
if not data: return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
# 数据
model = UserInfoM()
info = {
'nickname': Util.Trim(param['nickname']),
'name': Util.Trim(param['name']),
'gender': Util.Trim(param['gender']),
'birthday': Util.Strtotime(Util.Trim(param['birthday']),
'%Y-%m-%d'),
'position': Util.Trim(param['position']),
}
model.Set(info)
model.Where('uid=%s', tData['uid'])
model.Update()
# 返回
info['uname'] = tData['uname']
info['img'] = param['img']
info['birthday'] = Util.Date('%Y-%m-%d', info['birthday'])
return self.GetJSON({'code': 0, 'msg': '成功', 'uinfo': info})
def List(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
page = self.Post('page')
limit = self.Post('limit')
if not data or not page or not limit:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
fid = Util.Trim(param['fid']) if 'fid' in param.keys() else ''
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
url = Util.Trim(param['url']) if 'url' in param.keys() else ''
# 统计
m = ApiMenu()
m.Columns('count(*) AS num')
m.Where('fid like %s AND title like %s AND url like %s',
'%' + fid + '%', '%' + title + '%', '%' + url + '%')
total = m.FindFirst()
# 查询
m.Columns('id', 'fid', 'title', 'ico',
'FROM_UNIXTIME(ctime, %s) as ctime',
'FROM_UNIXTIME(utime, %s) as utime', 'sort', 'url',
'controller', 'action')
m.Where('fid like %s AND title like %s AND url like %s',
'%Y-%m-%d %H:%i:%s', '%Y-%m-%d %H:%i:%s', '%' + fid + '%',
'%' + title + '%', '%' + url + '%')
m.Order('sort DESC', 'fid')
m.Page(int(page), int(limit))
list = m.Find()
# 数据
for val in list:
val['action'] = Util.JsonDecode(
val['action']) if str(val['action']) != '' else ''
# 返回
return self.GetJSON({
'code': 0,
'msg': '成功',
'list': list,
'total': total['num']
})
def PostJson(url: str, data: dict, header: dict = {}):
# 请求头
param = Util.ArrayMerge(
{
'Content-Type': 'application/json; charset=utf-8', #JSON方式
},
header)
# 数据
json = Util.JsonEncode(data) if len(data) > 0 else '{}'
# 发送
res = requests.post(url, data=json, headers=param).text
return Util.JsonDecode(res) if len(res) > 0 else None
def VerifyUserSig(userId: int, userSig: str):
# 解码
base64 = Base64.UrlDecode(userSig)
# 解压
un_sig = Base64.UnCompress(base64)
data = Util.JsonDecode(bytes.decode(un_sig))
# 配置
cfg = Tencent.TRTC()
if str(cfg['SDKAppID']) != data['TLS.sdkappid']: return 0
if str(userId) != data['TLS.identifier']: return 0
# 是否过期
now_time = Util.Time()
out_time = int(data['TLS.time']) + int(data['TLS.expire'])
if now_time > out_time: return 0
return out_time - now_time
def Remove(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
path = self.Post('path')
data = self.Post('data')
if not path or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
# 数据
FileEo.Root = Env.root_dir + self.__dirRoot
files = Util.JsonDecode(data)
for val in files:
FileEo.RemoveAll(path + val)
# 返回
return self.GetJSON({'code': 0, 'msg': '成功'})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data: return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
# 数据
m = SysConfigM()
param = Util.JsonDecode(data)
for key, val in param.items():
if key == 'logo' or key == 'login_bg': continue
m.Set({'val': Util.Trim(val)})
m.Where('name=%s', key)
if not m.Update():
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
return self.GetJSON({'code': 0, 'msg': '成功'})
def Del(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
ids = Util.Implode(',', param)
# 执行
m = ApiMenu()
m.Where('id in(' + ids + ')')
if m.Delete():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '删除失败!'})
def Verify(token: str, urlPerm: str):
# Token
if token == '': return 'Token不能为空!'
tData = Safety.Decode(token)
if not tData: return 'Token验证失败!'
# 是否过期
uid = str(tData['uid'])
redis = Redis()
time = redis.Ttl(Env.api_token_prefix + '_token_' + uid)
redis.Close()
if time < 1: return 'Token已过期!'
# 续期
if Env.api_token_auto:
redis = Redis()
redis.Expire(Env.api_token_prefix + '_token_' + uid,
Env.api_token_time)
redis.Expire(Env.api_token_prefix + '_perm_' + uid,
Env.api_token_time)
redis.Close()
# URL权限
if urlPerm == '': return ''
arr = Util.Explode('/', urlPerm)
action = arr[-1:][0]
controller = Util.Implode('/', arr[:-1])
# 菜单
menu = ApiMenu()
menu.Columns('id', 'action')
menu.Where('controller=%s', controller)
menuData = menu.FindFirst()
if not menuData: return '菜单验证无效!'
# 验证-菜单
id = str(menuData['id'])
permData = ApiToken.Perm(token)
if id not in permData.keys(): return '无权访问菜单!'
# 验证-动作
actionVal = permData[id]
permArr = Util.JsonDecode(menuData['action'])
permVal = 0
for val in permArr:
if action == val['action']:
permVal = int(val['perm'])
break
if actionVal & permVal == 0: return '无权访问动作!'
return ''
def Add(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
name = Util.Trim(param['name']) if 'name' in param.keys() else ''
if name == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = SysRoleM()
m.Values({'name': name, 'ctime': Util.Time()})
if m.Insert():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '添加失败!'})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
data = self.Post('data')
if not id or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
name = Util.Trim(param['name']) if 'name' in param.keys() else ''
if name == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = SysRoleM()
m.Set({'name': name, 'utime': Util.Time()})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Edit(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
id = self.Post('id')
data = self.Post('data')
if not id or not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
if title == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = ApiMenu()
m.Set({
'fid':
Util.Trim(param['fid']) if 'fid' in param.keys() else 0,
'title':
title,
'url':
Util.Trim(param['url']) if 'url' in param.keys() else '',
'ico':
Util.Trim(param['ico']) if 'ico' in param.keys() else '',
'sort':
Util.Trim(param['sort']) if 'sort' in param.keys() else 0,
'controller':
Util.Trim(param['controller'])
if 'controller' in param.keys() else '',
'utime':
Util.Time(),
})
m.Where('id=%s', id)
if m.Update():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '更新失败!'})
def Add(self):
# 验证
token = self.Post('token')
msg = AdminToken.Verify(token, request.path)
if msg != '': return self.GetJSON({'code': 4001, 'msg': msg})
# 参数
data = self.Post('data')
if not data:
return self.GetJSON({'code': 4000, 'msg': '参数错误!'})
param = Util.JsonDecode(data)
title = Util.Trim(param['title']) if 'title' in param.keys() else ''
if title == '':
return self.GetJSON({'code': 4000, 'msg': '名称不能为空!'})
# 数据
m = ApiMenu()
m.Values({
'fid':
Util.Trim(param['fid']) if 'fid' in param.keys() else 0,
'title':
title,
'url':
Util.Trim(param['url']) if 'url' in param.keys() else '',
'ico':
Util.Trim(param['ico']) if 'ico' in param.keys() else '',
'sort':
Util.Trim(param['sort']) if 'sort' in param.keys() else 0,
'controller':
Util.Trim(param['controller'])
if 'controller' in param.keys() else '',
'ctime':
Util.Time(),
})
if m.Insert():
return self.GetJSON({'code': 0, 'msg': '成功'})
else:
return self.GetJSON({'code': 5000, 'msg': '添加失败!'})