def user_edit_action(request): """ 编辑用户动作 """ # if not request.POST.has_key('id'): # raise InvalidPostDataError() id = request.POST['id'] if not check_permission_allowed(request, id): raise PermissionDeniedError user = get_object_or_404(User, id=id) if request.POST.has_key('password'): form = UserForm(request.POST, instance=user) else: form = UserEditForm(request.POST, instance=user) if form.is_valid(): # 数据一致性校验 # if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode( # user.update_datetime): # raise DataExclusivityError() if request.user.is_superuser: role = form.cleaned_data['role'] group = role_manager.get_role(role) if group: user.groups.clear() user.groups.add(group) user.full_name = form.cleaned_data['full_name'] if not isinstance(form, UserEditForm): user.set_password(form.cleaned_data['password']) user.save(update_fields=("full_name", "password", "update_datetime")) else: user.save(update_fields=("full_name", "update_datetime")) # 员工没有访问list权限,所以这里返回index if check_role(request, ROLE_STAFF): return back_to_original_page(request, "/") return back_to_original_page(request, "/account/list/") else: role = form.cleaned_data[ 'role'] if 'role' in form.cleaned_data else None return render( request, "account/edit.html", { "form": form, "id": id, "role": role, "role_name": ROLES[role] if role in ROLES else "", # "update_timestamp": crypt.encryt(unicode(user.update_datetime)) })
def user_edit_action(request): """ 编辑用户动作 """ # if not request.POST.has_key('id'): # raise InvalidPostDataError() id = request.POST['id'] if not check_permission_allowed(request, id): raise PermissionDeniedError user = get_object_or_404(User, id=id) if request.POST.has_key('password'): form = UserForm(request.POST, instance=user) else: form = UserEditForm(request.POST, instance=user) if form.is_valid(): # 数据一致性校验 # if not 'update_timestamp' in request.POST or crypt.loads(request.POST["update_timestamp"]) != unicode( # user.update_datetime): # raise DataExclusivityError() if request.user.is_superuser: role = form.cleaned_data['role'] group = role_manager.get_role(role) if group: user.groups.clear() user.groups.add(group) user.full_name = form.cleaned_data['full_name'] if not isinstance(form, UserEditForm): user.set_password(form.cleaned_data['password']) user.save(update_fields=("full_name", "password", "update_datetime")) else: user.save(update_fields=("full_name", "update_datetime")) # 员工没有访问list权限,所以这里返回index if check_role(request, ROLE_STAFF): return back_to_original_page(request, "/") return back_to_original_page(request, "/account/list/") else: role = form.cleaned_data['role'] if 'role' in form.cleaned_data else None return render(request, "account/edit.html", { "form": form, "id": id, "role": role, "role_name": ROLES[role] if role in ROLES else "", # "update_timestamp": crypt.encryt(unicode(user.update_datetime)) })
def lend_edit_action(request): """ 修改支出信息action :param request: :return: """ # 当前修改的收入信息 id = request.POST['id'] # 当前用户的id user_id = request.POST['user_id'] lend = get_object_or_404(Lend, id=int(id)) form = LendForm(request.POST, instance=lend) # 获取用户名保存到数据库 user = User.objects.filter(id=user_id).get() # 信息登记人 mark_name = user.full_name if form.is_valid(): # form.instance.user_id = id form.save() return back_to_original_page(request, "/income/lend/list/") else: return render_to_response("income/lend_edit.html", { 'user_id': user_id, 'id': id, 'form': form, 'username': mark_name, }, context_instance=RequestContext(request))
def add_lend_action(request, user_id): """ 添加借出信息action :param request: :param user_id: :return: """ # 将登录用户id进行格式化 id = int(user_id) user = User.objects.filter(id=id).get() # 获取登录人姓名 username = user.full_name # 获取前端提交的信息 form = LendForm(request.POST, instance=Lend()) if form.is_valid(): # 将用户id保存到user_id字段 form.instance.user_id = id form.instance.handler = username form.save() return back_to_original_page(request, "/income/lend/list/") else: return render( request, "income/add_lend.html", { 'form': form, 'user_id': id, 'username': username, 'current_now': get_today().strftime(DATE_INPUT_FORMAT_HYPHEN), })
def add_income_action(request, user_id): """ 添加收入明细action :param request: :return: """ id = int(user_id) form = IncomeForm(request.POST, instance=Income()) # 获取用户名保存到数据库 user = User.objects.filter(id=id).get() # 信息登记人 mark_name = user.full_name if form.is_valid(): form.instance.user_id = id form.save() return back_to_original_page(request, "/income/list/") else: return render_to_response( "income/add_income.html", { 'user_id': id, 'form': form, 'username': mark_name, 'current_now': get_today().strftime(DATE_INPUT_FORMAT_HYPHEN), }, context_instance=RequestContext(request))
def month_add_action(request, user_id): """ 添加借入信息action :param request: :param user_id: :return: """ # 将登录用户id进行格式化 id = int(user_id) user = User.objects.filter(id=id).get() # 获取登录人姓名 username = user.full_name # 获取前端提交的信息 form = MonthlyForm(request.POST, instance=Monthly()) if form.is_valid(): # 将用户id保存到user_id字段 form.instance.user_id = id form.instance.handler = username form.save() return back_to_original_page(request, "/plan/month/list/") else: return render(request, "plan/add_monthly.html", { 'form': form, 'user_id': id, 'username': username, 'current_now': get_today().strftime(DATE_INPUT_FORMAT_HYPHEN), })
def user_add_action(request): """ 增加用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = UserForm(request.POST) if form.is_valid(): role = form.cleaned_data['role'] # 人事用户也能够新建用户,但是只能新建员工 if check_role(request, ROLE_HR) and role != ROLE_STAFF: msg = u"人事只能新建普通员工。" form._errors["role"] = form.error_class([msg]) return render(request, "account/add.html", { "form": form, }) user = form.save() user.set_password(form.cleaned_data['password']) group = role_manager.get_role(role) if group: user.groups.add(group) if not user.is_superuser: personal = Personal.objects.create() user.personal_id = personal.id user.save() return back_to_original_page(request, "/account/list/") else: return render(request, "account/add.html", { "form": form, })
def notice_add_action(request): """ 增加部门action """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = NoticeForm(request.POST, instance=Notice()) if form.is_valid() and 'dep_id' in request.POST: dep_id = ','.join(dict(request.POST)['dep_id']) form.instance.title = request.POST['title'] form.instance.start_date = request.POST['start_date'] form.instance.end_date = request.POST['end_date'] form.instance.content = request.POST['content'] form.instance.dep_id = str(dep_id) + ',' form.save() return back_to_original_page(request, "/notice/list/") else: departments = Department.objects.filter(delete_flg=False) return render(request, "notice/add.html", { "form": form, "departments": departments, "departments_need": 'dep_id' in request.POST, })
def notice_add_action(request): """ 增加部门action """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = NoticeForm(request.POST, instance=Notice()) if form.is_valid() and 'dep_id' in request.POST: dep_id = ','.join(dict(request.POST)['dep_id']) form.instance.title = request.POST['title'] form.instance.start_date = request.POST['start_date'] form.instance.end_date = request.POST['end_date'] form.instance.content = request.POST['content'] form.instance.dep_id = str(dep_id) + ',' form.save() return back_to_original_page(request, "/notice/list/") else: departments = Department.objects.filter(delete_flg=False) return render( request, "notice/add.html", { "form": form, "departments": departments, "departments_need": 'dep_id' in request.POST, })
def year_edit_action(request): # 当前修改的收入信息 id = request.POST['id'] # 当前用户的id user_id = request.POST['user_id'] year = get_object_or_404(Yearly, id=int(id)) form = YearlyForm(request.POST, instance=year) # 获取用户名保存到数据库 user = User.objects.filter(id=user_id).get() # 信息登记人 mark_name = user.full_name if form.is_valid(): # form.instance.user_id = id form.save() return back_to_original_page(request, "/plan/year/list/") else: return render_to_response("plan/year_edit.html", { 'user_id': user_id, 'id': id, 'form': form, 'username': mark_name, }, context_instance=RequestContext(request))
def register_action(request): """ 用户注册 """ form = UserRegisterForm(request.POST, instance=User()) if form.is_valid(): role = form.cleaned_data['role'] form.instance.username = request.POST['username'] form.instance.password = request.POST['password'] form.instance.full_name = request.POST['full_name'] form.instance.email = request.POST['email'] form.instance.mobile = request.POST['mobile'] user = form.save() user.set_password(form.instance.password) group = role_manager.get_role(role) if group: user.groups.add(group) user.save() return back_to_original_page(request, "/user_account/login/") else: return render(request, "user_account/register.html", { 'form': form, })
def user_add_action(request): """ 增加用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = UserForm(request.POST) if form.is_valid(): role = form.cleaned_data['role'] # 人事用户也能够新建用户,但是只能新建员工 if check_role(request, ROLE_HR) and role != ROLE_STAFF: msg = u"人事只能新建普通员工。" form._errors["role"] = form.error_class([msg]) return render(request, "account/add.html", {"form": form, }) user = form.save() user.set_password(form.cleaned_data['password']) group = role_manager.get_role(role) if group: user.groups.add(group) if not user.is_superuser: personal = Personal.objects.create() user.personal_id = personal.id user.save() return back_to_original_page(request, "/account/list/") else: return render(request, "account/add.html", { "form": form, })
def user_add_action(request): """ 增加用户 """ if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError form = UserForm(request.POST) if form.is_valid(): # 家庭管理员只能添加家庭普通成员 role = form.cleaned_data['role'] if check_role( request, ROLE_FAMILY_SUPER_USER) and role != ROLE_FAMILY_COMMON_USER: msg = u"家庭管理员只能添加家庭普通成员。" form._errors["role"] = form.error_class([msg]) return render(request, "user_account/add.html", { "form": form, }) user = form.save() user.set_password(form.cleaned_data['password']) group = role_manager.get_role(role) # 添加用户到组 if group: user.groups.add(group) user.save() # 保存用户到数据库 return back_to_original_page(request, "/user_account/list/") else: return render(request, "user_account/add.html", { "form": form, })
def user_edit_action(request): """ 编辑用户动作 """ id = request.POST['id'] user = get_object_or_404(User, id=id) if request.POST.has_key('password'): form = UserForm(request.POST, instance=user) else: form = UserEditForm(request.POST, instance=user) if form.is_valid(): if request.user.is_superuser: role = form.cleaned_data['role'] group = role_manager.get_role(role) if group: user.groups.clear() user.groups.add(group) user.full_name = form.cleaned_data['full_name'] if not isinstance(form, UserEditForm): user.set_password(form.cleaned_data['password']) user.save(update_fields=("full_name", "password", "update_datetime")) else: user.save(update_fields=("full_name", "update_datetime")) if check_role(request, ROLE_FAMILY_COMMON_USER): return back_to_original_page(request, "/") return back_to_original_page(request, "/user_account/list/") else: role = form.cleaned_data[ 'role'] if 'role' in form.cleaned_data else None return render( request, "user_account/edit.html", { "form": form, "id": id, "role": role, "role_name": ROLES[role] if role in ROLES else "", })
def notice_delete_action(request): """ 删除公告 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) Notice.objects.filter(id__in=pks).update(delete_flg=True) return back_to_original_page(request, '/notice/list/')
def user_delete_action(request): """ 删除用户 """ if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) User.objects.filter(id__in=pks).update(is_active=False) return back_to_original_page(request, '/user_account/list/')
def department_delete_action(request): """ 删除部门 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) Department.objects.filter(id__in=pks).update(delete_flg=True) return back_to_original_page(request, '/comprehensive/department/list/')
def notice_delete_action(request): """ 删除公告 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) Notice.objects.filter(id__in=pks).update(delete_flg=True) return back_to_original_page(request, '/notice/list/')
def year_delete_action(request): """ 家庭借入信息删除action :param request: :return: """ # 如果是家庭普通成员则报错 if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): if key: pks.append(int(key)) Yearly.objects.filter(id__in=pks).update(delete_flg=True, update_datetime=datetime.now()) return back_to_original_page(request, '/plan/year/list/')
def user_delete_action(request): """ 删除用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError # if not request.POST.has_key('pk'): # raise InvalidPostDataError() pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) User.objects.filter(id__in=pks).update(is_active=False) return back_to_original_page(request, '/account/list/')
def user_delete_action(request): """ 删除用户 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError # if not request.POST.has_key('pk'): # raise InvalidPostDataError() pk = request.POST["pk"] pks = [] for key in pk.split(','): # if key and is_int(key): if key: pks.append(int(key)) User.objects.filter(id__in=pks).update(is_active=False) return back_to_original_page(request, '/account/list/')
def lend_delete_action(request): """ 家庭借入信息删除action :param request: :return: """ # 如果是家庭普通成员则报错 if check_role(request, ROLE_FAMILY_COMMON_USER): raise PermissionDeniedError pk = request.POST["pk"] pks = [] for key in pk.split(','): if key: pks.append(int(key)) Lend.objects.filter(id__in=pks).update(delete_flg=True, update_datetime=datetime.now()) return back_to_original_page(request, '/income/lend/list/')
def department_add_action(request): """ 增加部门action """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError form = DepartmentForm(request.POST) if form.is_valid(): form.instance.name = request.POST['name'] if request.POST['description']: form.instance.description = request.POST['description'] form.save() return back_to_original_page(request, "/comprehensive/department/list/") else: return render(request, "comprehensive/department_add.html", { "form": form, })
def login_action(request): """ 登录动作 """ form = UserLoginForm(request.POST) if form.is_valid(): cleaned_data = form.cleaned_data if cleaned_data.has_key('needRemember') and cleaned_data['needRemember']: request.session.set_expiry(2678400) # session保持一个月 username = cleaned_data['username'] password = cleaned_data['password'] user = authenticate(username=username, password=password) login(request, user) # Return an 'invalid login' error message. return back_to_original_page(request, "/") return render(request, "account/login.html", { "form": form, })
def login_action(request): """ 登录动作 """ form = UserLoginForm(request.POST) if form.is_valid(): cleaned_data = form.cleaned_data if cleaned_data.has_key( 'needRemember') and cleaned_data['needRemember']: request.session.set_expiry(2678400) # session保持一个月 username = cleaned_data['username'] password = cleaned_data['password'] user = authenticate(username=username, password=password) login(request, user) # Return an 'invalid login' error message. return back_to_original_page(request, "/") return render(request, "account/login.html", { "form": form, })
def department_edit_action(request): """ 编辑部门动作 """ if check_role(request, ROLE_STAFF): raise PermissionDeniedError department_id = request.POST['department_id'] department = get_object_or_404(Department, id=department_id) form = DepartmentForm(request.POST, instance=department) if form.is_valid(): form.instance.name = request.POST['name'] if request.POST['description']: form.instance.description = request.POST['description'] form.save() return back_to_original_page(request, "/comprehensive/department/list/") else: return render(request, "comprehensive/department_edit.html", { "form": form, "department_id": department_id, })