def api_uservip_query():
page_size = 30
form = {
'expired': request.values.get('expired'),
'next_page': int(request.values.get('next_page') or 1),
'limit': page_size
}
kwargs = {
'expired': form.get('expired'),
'limit': page_size,
'offset': (form['next_page'] - 1) * page_size
}
uservipslist = []
for uservip in UserVip.query(**kwargs):
user = User(uid=uservip.uid)
uservip = uservip.to_dict()
uservip['user'] = user.to_dict()
uservipslist.append(uservip)
# 查询总数
total_count = UserVip.query(count=True, **kwargs)
total_pages = (total_count + page_size - 1) / page_size
return render_template('uservip/uservip_query.html',
form=form,
total_count=total_count,
uservips=uservipslist,
total_pages=total_pages,
page=form.get('next_page'))
def api_utils_sms_send():
# 获取登录入口
entry = request.values.get('entry')
target_uid = request.values.get('target_uid')
target_user = User(uid=target_uid)
# 短信模板不再从配置文件读取 旧设计 key: 配置文件短信编号 value: 短信模板
# 使用数据库内用户消息模板 key: templateid value: sms_template
templates = [
t.to_dict() for t in UserMessage2Template.query(isconsolesms='true')
if t.sms_template
]
templates.sort(key=lambda t: t.get('name'))
smses = UserMessage2History.query(uid=target_user.uid,
category=UserMessage2Category.sms,
limit=30,
offset=0)
smses = [s.to_dict() for s in smses]
if request.method == 'GET':
return render_template('%s/sms_send.html' %
('user' if entry == 'mine' else 'utils'),
target_user=target_user.to_dict(),
templates=templates,
smses=smses,
msg=request.values.get('msg') or '')
else:
if not target_user.phone:
return redirect(
'/%s/sms/send?entry=%s&target_uid=%s&msg=%s' %
(config.appname, entry or '', target_uid, '用户手机号不存在!'))
templateid = request.values.get('templateid')
if not templateid:
return redirect('/%s/sms/send?entry=%s&target_uid=%s&msg=%s' %
(config.appname, entry or '', target_uid, '请选择模板'))
t = UserMessage2Template(templateid=templateid)
argslength = len(t.sms_template.split('%s')) - 1
args = []
for i in range(argslength):
arg = request.values.get('arg%s' % i)
if arg:
args.append(arg)
if len(args) != argslength:
return redirect(
'/%s/sms/send?entry=%s&target_uid=%s&msg=%s' %
(config.appname, entry or '', target_uid, '参数个数不一致!'))
rs = UserMessage2.send_sms(target_user.uid, target_user, templateid,
*args)
qiyehao_message.send_text(
'【用户管理】\n\n短信发送成功!\n\n用户:%s\n手机号:%s\n内容:%s' %
(target_user.name or target_user.nickname, target_user.phone, rs))
# return render_template('%s/sms_send.html' % ('user' if entry=='mine' else 'utils'), target_user=target_user.to_dict(), templates=templates, smses=smses, msg='发送成功!' if rs else '发送失败!')
return redirect('/%s/utils/sms/send?entry=%s&target_uid=%s&msg=%s' %
(config.appname, entry
or '', target_uid, '发送成功' if rs else '发送失败'))
def api_ajax_thirdaccount_unbind():
'''ajax异步查询用户信息'''
thirdtype = request.values.get('thirdtype')
target_uid = request.values.get('target_uid')
user = User(uid=target_uid)
thirdid = user.third_accounts.get(thirdtype)
td = ThirdAccount(thirdtype=thirdtype, thirdid=thirdid)
thirdinfo = td.thirdinfo
user.unbind(thirdtype)
userRds = UserRDS(uid=target_uid)
userRds.is_subscribe_miniapp = 'false'
userRds.save()
return apphelper.format_ok_response()
def api_platform_user_create():
levels = UserLevel.queryall_ordereddict()
if request.method == 'GET':
return render_template('platform/user_create.html', levels=levels, form={})
else:
form = {
'name': request.values.get('name'),
'phone': request.values.get('phone'),
'note': request.values.get('note'),
}
try:
# 检查手机号合法性
int(form.get('phone'))
if len(form.get('phone')) != 11 or int(form.get('phone')[0]) != 1:
raise RuntimeError('手机号不合法')
except:
return render_template('platform/user_create.html', form=form, msg='手机号格式不正确,手机号格式需为11位数字!')
# 检查是否存在
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=form.get('phone'))
if ta.exists:
return render_template('platform/user_create.html', form=form, levels=levels, msg='该手机号已经有会员在使用!')
# 注册用户
user = User.signup(config.appids[0], 'console', ThirdAccountType.phone, ta.thirdid)
user.name = form.get('name')
user.note = form.get('note')
user.save()
return render_template('platform/user_create.html', form=form, msg='会员创建成功')
def api_common_user_select():
temp = request.query_string.split('?')
form = {
'name': request.values.get('name'),
'redirect_url': temp[0].split('=')[1],
'redirect_url_query_string': temp[1] if len(temp) > 1 else '',
'query_all': request.values.get('query_all')
}
if form.get('name'):
kwargs = {}
try:
int(form.get('name'))
except:
kwargs['name'] = form.get('name')
else:
if len(form.get('name')) == 11:
kwargs['phone'] = form.get('name')
else:
kwargs['uid'] = form.get('name')
users = UserRDS.query(limit=None, offset=None, **kwargs)
users = [User(uid=u.uid).to_dict() for u in users]
else:
users = []
return render_template('common/user_select.html', users=users, form=form)
def api_platform_staff_create():
target_uid = request.values.get('target_uid')
target_user = User(uid=target_uid)
if not target_user.exists:
raise BadRequest(description='用户不存在!')
s = Staff(uid=target_uid)
s.save()
# qiyehao_message.send_text('【职工管理】\n\n职工,添加成功!\n\n姓名:%s' % (target_user.name or target_user.nickname))
return redirect('/%s/platform/staff/query' % (config.appname))
def api_platform_staff_update():
target_uid = request.values.get('target_uid')
target_user = User(uid=target_uid)
s = Staff(uid=target_uid)
roles = StaffRole.query(status=StaffRoleStatus.normal)
roles = [role.to_dict() for role in roles]
posts = StaffPost.query(status=StaffPostStatus.normal)
posts = [post.to_dict() for post in posts]
# 机构相关
orgs = [{}]
orgownids = {}
orgown = [{}]
if request.method == 'GET':
return render_template('platform/staff_update.html', form={}, staff=s.to_dict(), roles=roles, posts=posts, orgs=orgs, orgown=orgown, orgownids=orgownids, msg=request.values.get('msg') or '')
else:
form = {
'slogan': request.values.get('slogan'),
'photo': request.values.get('photo') or target_user.avatar,
'roleids': request.values.getlist('roleids'),
'postids': request.values.getlist('postids'),
'introduction': request.values.get('introduction')
}
# 老的roleids和岗位ids
old_roleids = copy.deepcopy(s.roleids or [])
old_postids = copy.deepcopy(s.postids or [])
s.slogan = form.get('slogan')
s.photo = form.get('photo')
s.roleids = form.get('roleids') or []
s.postids = form.get('postids') or []
s.introduction = form.get('introduction')
s.save()
# 最新角色信息
now_roles = ','.join([role.get('name') for role in s.roles])
# 新增角色信息
removed_roleids = list(set(old_roleids).difference(set(s.roleids or [])))
removed_roles = ','.join([role.name for role in StaffRole.query(roleid=removed_roleids)]) if removed_roleids else '无'
# 删除角色信息
added_roleids = list(set(s.roleids or []).difference(set(old_roleids)))
added_roles = ','.join([role.name for role in StaffRole.query(roleid=added_roleids)]) if added_roleids else '无'
# 最新岗位信息
now_posts = ','.join([post.get('name') for post in s.posts])
# 新增岗位信息
removed_postids = list(set(old_postids).difference(set(s.postids or [])))
removed_posts = ','.join([post.name for post in StaffPost.query(postid=removed_postids)]) if removed_postids else '无'
# 删除角色信息
added_postids = list(set(s.postids or []).difference(set(old_postids)))
added_posts = ','.join([post.name for post in StaffPost.query(postid=added_postids)]) if added_postids else '无'
# qiyehao_message.send_text('【职工管理】\n\n职工,修改成功!\n\n姓名:%s\n\n角色:%s\n新增角色:%s\n删除角色:%s\n\n岗位:%s\n新增岗位:%s\n删除岗位:%s' % (target_user.name or target_user.nickname, now_roles, added_roles, removed_roles, now_posts, added_posts, removed_posts))
return redirect('/%s/platform/staff/update?target_uid=%s&msg=%s' % (config.appname, target_uid, '保存成功!'))
def before_app_request():
if request.endpoint and 'static' in request.endpoint:
return
if request.endpoint and request.endpoint.split('.')[-1] in ['favicon']:
return
# #############通用登录检查代码##############
# 登录成功后,session中必有phone,单点登录成功用户的身份识别使用phone。
phone = session.get('phone', None)
if not phone:
# 没有登录或者session已经过期
# session['access_url'] = request.url
# return redirect('%s://%s/bbsconsole/user/login' % (config.scheme, config.domain))
return
# 找到登录的用户
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
if not ta.exists:
raise BadRequest(description='用户不存在!')
# 如果不为职工,则不允许登录
staff = Staff(uid=ta.uid)
if not staff.exists:
raise BadRequest(description='您不在职工列表内!')
g.user = User(uid=ta.uid)
session['user'] = g.user.to_dict()
session['power'] = []
urls = []
staff = Staff(uid=g.user.uid)
if staff.exists:
roleids = staff.roleids
if roleids:
roles = StaffRole.query(roleid=roleids)
for r in roles:
l = r.to_dict().get('permission_urls') if r.to_dict().get(
'permission_urls') else []
urls.extend(l)
session['power'] = '|'.join(list(set(urls)))
# 拒绝url直接访问
if str(request.path) in Blueprint.get_allmenu_urls() and str(
request.path) not in list(set(urls)):
raise BadRequest(description='无权限访问!')
def api_platform_user_custom_create():
if request.method == 'GET':
return render_template('platform/user_custom_create.html', form={})
else:
form = {
'userid': request.values.get('userid'),
'name': request.values.get('name'),
'avatar': request.values.get('avatar')
}
bool_userid = re.match(r"^[a-zA-Z0-9]*[a-zA-Z0-9]*$", form.get('userid')) and True or False
# 检查是否只是数字与字母组合
if not bool_userid:
return render_template('platform/user_custom_create.html', form=form, msg='自定义账号只能是数字与字母组合!')
# 检查是否存在
ta = ThirdAccount(thirdtype=ThirdAccountType.userid, thirdid=form.get('userid'))
if ta.exists:
return render_template('platform/user_custom_create.html', form=form, msg='该账号已经有用户在使用!')
# # 注册用户
user = User.signup(config.appids[0], 'console', ThirdAccountType.userid, ta.thirdid)
user.name = form.get('name')
user.avatar = form.get('avatar')
user.save()
# qiyehao_message.send_text('【用户管理】\n\n运营平台自定义用户创建成功!\n\n账号:%s\n姓名:%s\n用户ID:%s\n' % (ta.thirdid, user.name, user.uid))
return redirect('/%s/platform/user/update?target_uid=%s&msg=%s' % (config.appname, user.uid, u'创建成功!'))
def api_platform_user_update():
# 获取登录入口
entry = request.values.get('entry')
uid = request.values.get('target_uid')
target_user = User(uid=uid)
if not target_user.exists:
raise BadRequest(description='用户不存在!')
if request.method == 'GET':
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form={}, user=target_user.to_dict(), third_accounts=target_user.third_accounts_detail, msg=request.values.get('msg') or '')
else:
form = {
'name': request.values.get('name'),
'phone': request.values.get('phone'),
'weixinid': request.values.get('weixinid'),
'inviteruid': request.values.get('inviter_uid'),
'levelid': request.values.get('levelid'),
'note': request.values.get('note'),
'birthday': request.values.get('birthday')
}
# 先处理子账户删除和绑定逻辑
for thirdtype in ThirdAccountType:
thirdid = target_user.third_accounts.get(thirdtype)
if thirdtype not in form or thirdid == form.get(thirdtype):
# 没变
continue
# 处理变了的逻辑
thirdid = form.get(thirdtype)
if not thirdid and userconfig.signup_account_type == thirdtype:
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form=form, user=target_user.to_dict(), levels=levels, third_accounts=target_user.third_accounts_detail, msg='主账户不允许被删除!可以修改,不能删除!')
if not thirdid:
# 删除该子账户
target_user.unbind(thirdtype)
# qiyehao_message.send_text('【用户管理】\n\n删除%s%s成功!\n\n手机:%s\n姓名:%s\n昵称:%s\n级别:%s\n用户ID:%s\n微信号:%s' % (ThirdAccountType.name(thirdtype), thirdid, target_user.phone, target_user.name, target_user.nickname, target_user.level.get('name') or '', target_user.uid, target_user.weixinid))
else:
# 修改该子账户
# 检查手机号合法性
if thirdtype == ThirdAccountType.phone:
try:
int(thirdid)
if len(thirdid) != 11 or int(thirdid[0]) != 1:
raise RuntimeError('手机号不合法')
except:
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form=form, user=target_user.to_dict(), levels=levels, third_accounts=target_user.third_accounts_detail, msg='手机号格式不正确,手机号格式需为11位数字!')
# 检查是否存在
ta = ThirdAccount(thirdtype=thirdtype, thirdid=thirdid)
if ta.exists:
return render_template('%s/user_update.html' % ('user' if entry=='mine' else 'platform'), form=form, user=target_user.to_dict(), third_accounts=target_user.third_accounts_detail, msg='指定%s已经有用户在使用,请更换!' % ThirdAccountType.name(thirdtype))
target_user.unbind(thirdtype)
target_user.bind(thirdtype, thirdid)
# qiyehao_message.send_text('【用户管理】\n\n绑定%s%s成功!\n\n手机:%s\n姓名:%s\n昵称:%s\n级别:%s\n用户ID:%s\n微信号:%s' % (ThirdAccountType.name(thirdtype), thirdid, target_user.phone, target_user.name, target_user.nickname, target_user.level.get('name') or '', target_user.uid, target_user.weixinid))
# 基本信息修改
target_user.name = form.get('name')
target_user.weixinid = form.get('weixinid')
target_user.note = form.get('note')
oldlevelid = target_user.levelid
target_user.levelid = form.get('levelid')
target_user.birthday = form.get('birthday')
target_user.save()
# qiyehao_message.send_text('【用户管理】\n\n修改成功!\n\n手机:%s\n姓名:%s\n昵称:%s\n级别:%s\n用户ID:%s\n微信号:%s\n邀请人:%s' % (target_user.phone, target_user.name, target_user.nickname, target_user.level.get('name') or '', target_user.uid, target_user.weixinid, (inviter.name or inviter.nickname)))
if oldlevelid != form.get('levelid'):
__usersignal__.send(__usersignal__.levelupdate, target_user)
return redirect('/%s/platform/user/update?entry=%s&target_uid=%s&msg=%s' % (config.appname, entry or '', target_user.uid, u'保存成功!'))
def api_platform_user_upload():
if request.method == 'POST':
file = request.files['file']
f = file.read()
data = xlrd.open_workbook(file_contents=f)
table = data.sheets()[0]
names = data.sheet_names() # 返回book中所有工作表的名字
status = data.sheet_loaded(names[0]) # 检查sheet1是否导入完毕
nrows = table.nrows # 获取该sheet中的有效行数
# ncols = table.ncols # 获取该sheet中的有效列数
phone_update_line = ''
phone_error_line = ''
for index in range(1, nrows, 1):
# ["姓名", "手机号", "会员编号及份数"]
u = table.row_values(index) # 第i行数据
# 检查手机号合法性
try:
phone = str(int(u[1]))
except:
phone_error_line = phone_error_line + str(index) + ','
continue
ret = re.match(r'^1[356789][0-9]{9}$', phone)
if not ret:
phone_error_line = phone_error_line + str(index)+','
continue
ta = ThirdAccount(thirdtype=ThirdAccountType.phone, thirdid=phone)
# 判断用户是否存在
if ta.exists:
#用户已存在,更改会员信息
user = UserRDS.query(phone=ta.thirdid)
user[0].name = u[0]
user[0].save()
# 更新会员 会员格式VIP1-12|VIP2-12
vips = u[2].split('|')
phone_update_line = phone_update_line + str(index) + ','
for v in vips:
card_num = v.split('-')[0]
remain = v.split('-')[1]
card = VipCard.query(card_num=card_num)
if len(card) < 1:
continue
vip = JiameiVip.query(uid=user[0].uid, cardid=card[0].cardid)
if len(vip) < 1:
#之前未创建会员
vip = JiameiVip(vipid=utils.uuid1())
else:
vip = vip[0]
vip.cardid = card[0].cardid
vip.uid = user[0].uid
vip.remain = remain
vip.save()
# 创建会员并开通相关会员权益
# 注册用户
else:
user = User.signup(config.appids[0], 'console', ThirdAccountType.phone, ta.thirdid)
user.name = u[0]
user.save()
# 开通会员 会员格式VIP1-12|VIP2-12
vips = u[2].split('|')
for v in vips:
card_num = v.split('-')[0]
remain = v.split('-')[1]
card = VipCard.query(card_num=card_num)
if len(card) < 1:
continue
vip = JiameiVip(vipid=utils.uuid1())
vip.cardid = card[0].cardid
vip.uid = user.uid
vip.remain = remain
vip.save()
return render_template('platform/user_upload.html', message='会员创建成功', phone_update_line=phone_update_line, phone_error_line=phone_error_line)
return render_template('platform/user_upload.html')