def update_password_by_phone(self, request):
        check_token = pd_token(request)
        if check_token:
            return check_token

        phone_number = request.data.get("phone_number")
        password = request.data.get("password")
        # 检测密码的长度
        check = pd_password(password)
        if check:
            return response_success_200(code=STATUS_400_BAD_REQUEST, message=check)

        # 检测手机号是否被注册
        if not User.objects.filter(phone_number=phone_number):
            return response_success_200(code=STATUS_NOT_FOUND_ERROR, message=f"该手机号({phone_number})未被注册!!")
        # 检测验证码是否正确
        if not judge_code(phone_number, request.data.get('code')):
            message = "验证码不正确"
            return response_success_200(code=STATUS_CODE_ERROR, message=message)
        # 获得用户信息
        instance = self.queryset.get(phone_number=phone_number)
        # 如果查询出来的信息和token中的信息不一样,则返回权限不够
        if request.user != instance.pk:
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY, message=f"没有权限修改({phone_number})")

        # 设置密码
        instance.password = my_encode(password)
        # 保存
        instance.save()
        serializer = self.get_serializer(instance)
        return response_success_200(message="成功!!!!")
Exemple #2
0
    def search_clazz(self, request, *args, **kwargs):
        # teacher_pk = Class.objects.get(pk=request.GET.get('clazz')).headmaster.pk
        # if request.user is not teacher_pk:
        #     print(request.user)
        #     print(teacher_pk)
        #     return response_error_400(status=STATUS_TOKEN_NO_AUTHORITY, message="这不是您所带班级")
        # # 班级
        # clazz = request.GET.get("clazz")
        # work = Work.objects.filter(clazz=clazz)
        check_token = pd_token(request)
        if check_token:
            return check_token

        if request.auth not in [3]:
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                        message="权限不够,该token不是辅导员")
        try:
            clazz = Class.objects.get(headmaster=request.user)
        except Class.DoesNotExist:
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                        message="权限不够,该token不是辅导员!")
        work = Work.objects.filter(clazz=clazz)

        print(work)
        page = self.paginate_queryset(work)
        serializer = self.serializer_class(
            page, many=True, context=self.get_serializer_context())
        return self.get_paginated_response(serializer.data)
 def login_phone_number(self, request):
     phone_number = request.data.get("phone_number")
     # 检测手机号是否被注册
     if not User.objects.filter(phone_number=phone_number):
         return response_success_200(code=STATUS_NOT_FOUND_ERROR,
                                     message=f"该手机号({phone_number})未被注册!!")
     # 检测验证码是否正确
     if not judge_code(phone_number, request.data.get('code')):
         message = "验证码不正确"
         return response_success_200(code=STATUS_CODE_ERROR,
                                     message=message)
     # 获得用户信息
     instance = self.queryset.get(phone_number=phone_number)
     # 设置token
     instance.token = my_encode_token(instance.pk, instance.role,
                                      my_encode(instance.user_name))
     # 保存
     instance.save()
     # c3RyaW5nIDE1OTYxNjM2ODcuNTM3NzE1
     # instance['teacher'] = get_info_by_token(instance.token)
     serializer = self.get_serializer(instance)
     # 获得角色信息
     role_info = get_info_by_token(instance.token)
     role_info = role_info.to_json() if role_info else None
     return response_success_200(code=STATUS_200_SUCCESS,
                                 message="成功!!!!",
                                 data=serializer.data,
                                 role_info=role_info)
    def partial_update(self, request, *args, **kwargs):
        # 检测token
        check_token = pd_token(request)
        if check_token:
            return check_token

        # 检测qq和邮箱的合法性
        qq = request.data.get("qq")
        email = request.data.get("email")
        birthday = request.data.get("birthday")

        if qq and not pd_qq(qq):
            return response_success_200(code=STATUS_PARAMETER_ERROR,
                                        message="qq格式不正确")
        if email and not pd_email(email):
            return response_success_200(code=STATUS_PARAMETER_ERROR,
                                        message="email格式不正确")
        if birthday:
            check_time = check_time_stamp(int(birthday))
            if check_time:
                return response_success_200(code=STATUS_PARAMETER_ERROR,
                                            message=check_time)

        resp = super().partial_update(request, *args, **kwargs)
        return response_success_200(data=resp.data)
Exemple #5
0
    def destroy(self, request, *args, **kwargs):
        check_token = pd_token(request)
        if check_token:
            return check_token
        if request.auth >= 0:
            return response_success_200(message="没有权限")

        super().destroy(request, *args, **kwargs)
        return response_success_200(message="删除成功!!")
Exemple #6
0
    def destroy(self, request, *args, **kwargs):
        check_token = pd_adm_token(request)
        if check_token:
            return check_token

        pk = kwargs.get('pk')
        if not School.objects.filter(pk=pk):
            return response_success_200(message="学校未找到")
        super().destroy(request, *args, **kwargs)
        return response_success_200(message="成功")
Exemple #7
0
def select_class(self, class_id):
    print(class_id)

    timetable = self.queryset.filter(clazz=class_id)
    print(timetable)
    if not timetable:
        return response_success_200(code=STATUS_NOT_FOUND_ERROR,
                                    message="该班级没有课表")
    serializer = self.get_serializer(timetable, many=True)
    return response_success_200(data=serializer.data)
def pd_token(request):
    token = request.META.get("HTTP_TOKEN")
    if request.user == STATUS_TOKEN_OVER:
        return response_success_200(code=STATUS_TOKEN_OVER, message="token失效")
    elif request.user == STATUS_TOKEN_PARAMETER_ERROR:
        return response_success_200(code=STATUS_TOKEN_PARAMETER_ERROR,
                                    message="token参数错误!!!!!")
    elif not User.objects.filter(token=token):
        return response_success_200(code=STATUS_TOKEN_OVER, message="token失效")
    return None
    def partial_update(self, request, *args, **kwargs):
        check_token = pd_super_adm_token(request)
        if check_token:
            return check_token

        # 需要修改的
        pk = kwargs['pk']
        if not self.queryset.filter(pk=pk):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")
        resp = super().partial_update(request, *args, **kwargs)
        return response_success_200(data=resp.data)
Exemple #10
0
    def partial_update(self, request, *args, **kwargs):
        check_token = pd_token(request)
        if check_token:
            return check_token

        if request.auth not in [-1, -2, 3]:
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                        message="没有权限")

        resp = super().partial_update(request, *args, **kwargs)
        return response_success_200(data=resp.data)
Exemple #11
0
def check_pk_and_permission(request, pk):
    if pk:
        if not Regular.objects.filter(pk=pk):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")

    check_token = pd_token(request)
    if check_token:
        return check_token

    if request.auth >= 0:  # 普通用户
        if not Regular.objects.filter(user_id=request.user, id=pk):
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY, message="没有访问权限!!!!!!!!!!!!!!!!!!!!!")
    def retrieve_by_token(self, request):
        check_token = pd_token(request)
        if check_token:
            return check_token

        if request.auth != 1:
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                        message="权限不够,该token不是学生")

        instance = self.queryset.get(user_id=request.user)
        serializer = self.get_serializer(instance)
        return response_success_200(data=serializer.data)
    def destroy(self, request, *args, **kwargs):
        check_token = pd_super_adm_token(request)
        if check_token:
            return check_token
        # 需要修改的
        pk = kwargs['pk']
        if not self.queryset.filter(pk=pk):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")

        # 删除
        super().destroy(request, *args, **kwargs)
        return response_success_200(message="成功")
Exemple #14
0
    def destroy(self, request, *args, **kwargs):
        check_token = pd_token(request)
        if check_token:
            return check_token

        if request.auth >= 0:
            return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                        message="没有权限")

        # return super().destroy(request, *args, **kwargs)
        super().destroy(request, *args, **kwargs)
        return response_success_200(message="删除成功!!")
 def check_password(self, request, *args, **kwargs):
     password = request.data.get("password")
     # print(password)
     check_token = pd_token(request)
     if check_token:
         return check_token
     password = my_encode(password)
     # 获得pk
     pk = request.user
     if not User.objects.filter(pk=pk, password=password):
         return response_success_200(code=STATUS_NOT_FOUND_ERROR,
                                     message="用户名不存在或密码错误")
     return response_success_200(message="当前token用户密码正确")
Exemple #16
0
def add_course(timetable_id: int, course_id: int):
    if not Course.objects.filter(id=course_id):
        return response_success_200(code=STATUS_NOT_FOUND_ERROR,
                                    message="课程id不存在")

    try:
        Timetable.objects.get(pk=timetable_id).course_info.add(course_id)
    except Timetable.DoesNotExist:
        return response_success_200(code=STATUS_404_NOT_FOUND, message="课表不存在")

    print(timetable_id)
    print(course_id)
    return None
Exemple #17
0
    def batch_import(self, request, *args, **kwargs):
        # check_token = pd_adm_token(request)
        # if check_token:
        #     return check_token

        file = request.FILES.get("file")
        check_file = batch_import_test(file)
        if check_file:
            return check_file

        excel_data = pd.read_excel(file, header=0, dtype='str')
        for dt in excel_data.iterrows():
            # 添加用户信息
            card = dt[1]['身份证']
            phone_number = dt[1]['手机号码']
            if not dt[1]['家长姓名'] or not card:
                continue
            if User.objects.filter(user_name=card):
                message = card + "身份证已经注册存在"
                return response_success_200(code=STATUS_PARAMETER_ERROR,
                                            message=message)
            if User.objects.filter(phone_number=phone_number):
                message = phone_number + "手机号码已经存在"
                return response_success_200(code=STATUS_PARAMETER_ERROR,
                                            message=message)
            # print(dt[1]['班级'])
            print(phone_number)

            password = my_encode(phone_number)
            # 分析身份证
            id_card = IdCard(card)
            # 创建用户详情
            user_details_id = UserDetails.objects.create(
                name=dt[1]['家长姓名'],
                sex=id_card.sex,
                card=card,
                birthday=date_to_time_stamp(year=id_card.birth_year,
                                            month=id_card.birth_month,
                                            day=id_card.birth_day),
                qq=dt[1]['QQ(选填)'],
                email=dt[1]['邮箱(选填)'],
            ).id
            # 创建user
            user_id = User.objects.create(user_name=card,
                                          password=password,
                                          phone_number=phone_number,
                                          role=2,
                                          user_details_id=user_details_id).id
            Parent.objects.create(user_id=user_id, )

        return response_success_200(message="成功!!!!")
Exemple #18
0
def check_update_info(regular_category_id, user_id, class_id=None, pk=None):
    if regular_category_id:
        if not RegularCategory.objects.filter(id=regular_category_id):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="无效的regular_category")
    if user_id:
        if not User.objects.filter(id=user_id):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="无效的user")
    if pk:
        if not Regular.objects.filter(pk=pk):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="id未找到")
    if class_id:
        if not Class.objects.filter(id=class_id):
            return response_success_200(code=STATUS_404_NOT_FOUND, message="class_id未找到")
    return None
Exemple #19
0
def check_insert_info(title, regular_category_id, user_id, class_id, request):
    if not title:
        return response_success_200(code=STATUS_NULL, message="title不能为空")
    if not regular_category_id:
        return response_success_200(code=STATUS_NULL, message="regular_category不能为空")
    if not user_id:
        return response_success_200(code=STATUS_NULL, message="user不能为空")

    check_update = check_update_info(regular_category_id, user_id, class_id=class_id)
    if check_update:
        return check_update

    if request.auth >= 0:  # 普通用户添加
        if user_id != request.user:
            return response_success_200(code=STATUS_PARAMETER_ERROR, message="user_id参数不正确,只能填写本人的id")
    def create(self, request, *args, **kwargs):
        clazz = request.data.get('clazz')
        week = request.data.get('week')

        if not Class.objects.filter(id=clazz):
            message = "班级ID信息不存在"
            return response_success_200(status=STATUS_PARAMETER_ERROR,
                                        message=message)
        if Timetable.objects.filter(clazz_id=clazz).filter(week=week):
            message = "课程已经添加"
            return response_success_200(status=STATUS_PARAMETER_ERROR,
                                        message=message)
        # 把课程添加到课程表中
        resp = super().create(request)
        return response_success_200(data=resp.data)
Exemple #21
0
 def destroy(self, request, *args, **kwargs):
     check_token = pd_token(request)
     if check_token:
         return check_token
     role = request.auth
     if role not in [-2, -1, 3]:
         return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                     message="没有权限")
     # 先删除用户
     check_del = del_user_and_user_details(1, kwargs.get("pk"))
     if check_del:
         return check_del
     # 删除学生
     # super().destroy(request, *args, **kwargs)
     return response_success_200(message="成功")
    def retrieve_by_token(self, request):
        token = request.META.get("HTTP_TOKEN")
        # token = request.data.get("token")
        print(token)
        print(request.user)
        if request.user == STATUS_TOKEN_OVER:
            return response_success_200(staus=STATUS_TOKEN_OVER,
                                        message="token失效")
        elif request.user == STATUS_PARAMETER_ERROR:
            return response_success_200(staus=STATUS_PARAMETER_ERROR,
                                        message="参数错误!!!!!")

        instance = self.queryset.get(user_info=request.user)
        serializer = self.get_serializer(instance)
        return response_success_200(data=serializer.data)
    def create(self, request, *args, **kwargs):
        check_token = pd_super_adm_token(request)
        if check_token:
            return check_token

        resp = super().create(request)
        return response_success_200(data=resp.data)
def search_is_system(request, is_system):
    token = request.META.get("HTTP_TOKEN")
    print(token)
    print(type(token))
    if not token or token == 'null':  # 没有传token, 返回系统的
        return Regular.objects.filter(is_system=1), True
    if is_system is None:  # 没有传参

        # 判断token的是否为超级管理员
        check_token = pd_super_adm_token(request)
        if check_token:
            return check_token, False

        return Regular.objects.all(), True

    is_system = int(is_system)
    if is_system == 1:
        return Regular.objects.filter(is_system=1), True
    elif is_system == 0:  # 浏览自己添加的信息
        # 判断token的可用性
        check_token = pd_token(request)
        if check_token:
            return check_token, False
        # 返回该用户的所有非系统regular
        return Regular.objects.filter(user_id=request.user, is_system=0), True
    elif is_system == 2:
        # 判断token的可用性
        check_token = pd_token(request)
        if check_token:
            return check_token, False
        # 返回该用户的所有系统以及个人非系统的regular
        return Regular.objects.filter(
            Q(user_id=request.user, is_system=0) | Q(is_system=1)), True

    return response_success_200(message="参数错误"), False
 def check_phone_code(self, request, *args, **kwargs):
     phone_number = request.data.get("phone_number")
     code = request.data.get("code")
     check_token = pd_token(request)
     if check_token:
         return check_token
     # 检测手机号是否被注册
     # if not User.objects.filter(phone_number=phone_number):
     #     return response_success_200(code=STATUS_NOT_FOUND_ERROR, message=f"该手机号({phone_number})未被注册!!")
     # 检测验证码是否正确
     if not judge_code(phone_number, code):
         message = "验证码不正确"
         return response_success_200(code=STATUS_CODE_ERROR,
                                     message=message)
     return response_success_200(code=STATUS_200_SUCCESS,
                                 message="手机验证码正确!")
def batch_import_test(file):
    excel_data = pd.read_excel(file, header=0, dtype='str')
    # print(excel_data)
    test = []
    i = 0
    for dt in excel_data.iterrows():
        i = i + 1
        message = ""
        clazz = dt[1]['班级']
        week = dt[1]['星期']
        teacher = ['课程老师工号']
        for j in range(1, 9):
            s = dt[1]['课程老师工号' + str(j)]
            if s is not np.nan:
                teacher.append(s)

        if week not in ['星期一', '星期二', '星期三', '星期四', '星期五', '星期六', '星期日']:
            message += "星期不正确"

        if not Class.objects.filter(class_name=clazz):
            message += ",班级不存在"

        for j in range(1, len(teacher)):
            if not Teacher.objects.filter(pk=teacher[j]):
                message += ",第" + str(j) + "节课老师不存在"

        if message:
            test.append({"index": i, "message": message})
    if len(test) > 0:
        return response_success_200(code=STATUS_PARAMETER_ERROR,
                                    message="有错误信息",
                                    err_data=test,
                                    length=len(test))
    return None
    def batch_import(self, request, *args, **kwargs):
        check_token = pd_adm_token(request)
        if check_token:
            return check_token

        file = request.FILES.get("file")

        check_file = batch_import_test(file)
        if check_file:
            return check_file

        excel_data = pd.read_excel(file, header=0, dtype='str')
        for dt in excel_data.iterrows():
            clazz = dt[1]['班级']
            # week = dt[1]['星期']
            teacher = ['课程老师工号']
            allweek = ['星期', '星期一', '星期二', '星期三', '星期四', '星期五', '星期六', '星期日']
            index = allweek.index(dt[1]['星期'])
            if Week.objects.filter(index=index):
                week = Week.objects.get(index=index)
            else:
                week = Week.objects.create(index=index)
            course = [
                '课程', ' 第一节课', ' 第二节课', ' 第三节课', ' 第四节课', ' 第五节课', ' 第六节课',
                ' 第七节课', ' 第八节课'
            ]
            for j in range(1, 9):
                s = dt[1]['课程老师工号' + str(j)]
                if s is not np.nan:
                    teacher.append(s)

            # 检测之前的课表是否已经存在了,存在就先删除
            t2 = Timetable.objects.filter(
                week=week, clazz=Class.objects.get(class_name=clazz))
            Course.objects.filter(timetable__in=[x.pk for x in t2]).delete()
            t2.delete()
            # try:
            #     t = Timetable.objects.get(week=week, clazz=Class.objects.get(class_name=clazz))
            #     Course.objects.filter(timetable=t).delete()
            #     t.delete()
            #     print("删除成功")
            # except Timetable.DoesNotExist:
            #     print("没有")
            # except Timetable.MultipleObjectsReturned:
            #
            #     print("多个")

            # 创建timetable表
            timetable = Timetable.objects.create(
                week=week, clazz=Class.objects.get(class_name=clazz))

            for j in range(1, len(teacher)):
                # print(j)
                Course.objects.create(
                    teacher=Teacher.objects.get(pk=teacher[j]),
                    course_name=dt[1][course[j]],
                    index=j,
                    timetable=timetable)

        return response_success_200(message="成功!!!!")
    def partial_update(self, request, *args, **kwargs):
        check_token = pd_token(request)
        if check_token:
            return check_token

        resp = super().partial_update(request, *args, **kwargs)
        return response_success_200(data=resp.data)
Exemple #29
0
    def batch_import(self, request, *args, **kwargs):
        check_token = pd_adm_token(request)
        if check_token:
            return check_token

        file = request.FILES.get("file")
        check_file = batch_import_test(file)
        if check_file:
            return check_file
        excel_data = pd.read_excel(file, header=0, dtype='str')
        for dt in excel_data.iterrows():
            if not dt[1]['老师姓名'] or not dt[1]['身份证'] or not dt[1]['学校名称']:
                continue
            # 添加用户信息
            card = dt[1]['身份证']
            phone_number = dt[1]['手机号码']
            school = dt[1]['学校名称']
            if User.objects.filter(user_name=card):
                return response_success_200(code=STATUS_PARAMETER_ERROR, message="身份证已经注册存在")
            if User.objects.filter(phone_number=phone_number):
                return response_success_200(code=STATUS_PARAMETER_ERROR, message="手机号码已经注册存在")
            if not School.objects.filter(school_name=school):
                return response_success_200(code=STATUS_PARAMETER_ERROR, message="学校不存在")
            password = my_encode(phone_number)
            # 分析身份证
            id_card = IdCard(card)
            # 创建用户详情
            user_details_id = UserDetails.objects.create(
                name=dt[1]['老师姓名'],
                sex=id_card.sex,
                card=card,
                birthday=date_to_time_stamp(year=id_card.birth_year, month=id_card.birth_month, day=id_card.birth_day),
                qq=dt[1]['QQ(选填)'],
                email=dt[1]['邮箱(选填)'],
            ).id
            # 创建user
            user_id = User.objects.create(
                user_name=card, password=password,
                phone_number=phone_number, role=0, user_details_id=user_details_id
            ).id
            Teacher.objects.create(
                user_id=user_id,
                title=dt[1]['职称'],
                school=School.objects.get(school_name=school),
            )
        return response_success_200(message="成功!!!!")
Exemple #30
0
 def destroy_all2(self, request, *args, **kwargs):
     check_token = pd_token(request)
     if check_token:
         return check_token
     role = request.auth
     if role not in [-2, -1, 3]:
         return response_success_200(code=STATUS_TOKEN_NO_AUTHORITY,
                                     message="没有权限")
     # print(request.data)
     list = request.data.get("id_list")
     print(list)
     # # 先删除用户
     for i in list:
         check_del = del_user_and_user_details(1, int(i))
     if check_del:
         return check_del
     return response_success_200(message="成功")