def index(request):
# 检查身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
rq_list = []
if not suser.is_store:
anweraire_queries = {
answeraire.qid: answeraire.submitted
for answeraire in Answeraire.objects.filter(
username=suser.username)
}
for questionaire in Questionaire.objects.all():
rq = None
# 高级管理员
if suser.admin_all:
rq = Utils.remakeq(suser, questionaire, True,
anweraire_queries)
rq['filled_number'] = Answeraire.objects.filter(
qid=questionaire.id).count()
rq['submitted_number'] = Answeraire.objects.filter(
qid=questionaire.id, submitted=True).count()
# 问卷管理员:自己发的问卷
elif suser.admin_survey and questionaire.founder == suser.username:
rq = Utils.remakeq(suser, questionaire, True,
anweraire_queries)
# 普通用户:被允许填的问卷,正在开放填写已经填写
elif Utils.check_allow(suser, questionaire):
if (questionaire.status
== 1) or (questionaire.status in [2, 3]
and Utils.check_fill2(
anweraire_queries, questionaire.id) > 1):
rq = Utils.remakeq(suser, questionaire, False,
anweraire_queries)
if rq == None: continue
rq_list.append(rq)
# 导入问卷
f = request.FILES.get('upload', None)
if not f is None:
filepath = Utils.upload_file(f)
qstring = load_survey(filepath)
now = datetime.datetime.now()
questionaire = Questionaire.objects.create(status=0,
create_time=now,
update_time=now,
founder=suser.username,
questions=qstring)
return HttpResponseRedirect('/survey/' + str(questionaire.id) + '/')
def cmp_by_time(x):
return x['create_time']
rq_list.sort(key=lambda x: x['create_time'], reverse=True)
rdata['rq_list'] = rq_list
rdata['editable'] = suser.admin_all or suser.admin_survey
return render(request, 'index.html', rdata)
def prize_store(request):
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if not suser.admin_all:
return render(request, 'permission_denied.html', {})
if op == 'change_nickname':
SUser.objects.filter(id=int(request.POST.get('sid'))).update(
nickname=request.POST.get('nickname'))
return HttpResponse(json.dumps({}))
if op == 'get_prize_list':
sid = int(request.POST.get('sid'))
prizes = Prize.objects.all()
prize_list = []
for prize in prizes:
prize_list.append({
'pid': prize.id,
'title': prize.title,
'in': sid in json.loads(prize.store)
})
return HttpResponse(json.dumps({'prize_list': prize_list}))
if op == 'renew_prize_for_store':
sid = int(request.POST.get('sid'))
pid_list = [
int(pid) for pid in json.loads(request.POST.get('pid_list'))
]
manage_list = []
for prize in Prize.objects.all():
stores = json.loads(prize.store)
exp_in = prize.id in pid_list
pre_in = sid in stores
if exp_in != pre_in:
if exp_in:
stores.append(sid)
else:
stores.remove(sid)
prize.store = json.dumps(stores)
prize.save()
return HttpResponse(json.dumps({}))
storepairs = []
for store in SUser.objects.filter(is_store=True):
d = {'store': store}
prizes = []
for prize in Prize.objects.all():
prizestores = json.loads(prize.store)
print(store, id, prizestores)
if store.id in prizestores:
prizes.append(prize)
d['prizes'] = prizes
storepairs.append(d)
rdata['storepairs'] = storepairs
rdata['prizes'] = Prize.objects.all()
return render(request, 'prize_store.html', rdata)
def prize(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
# 商家重导向
if suser.is_store:
return HttpResponseRedirect('/prize_ticket/u/' + str(suser.id) + '/')
if op == 'delete':
pid = int(request.POST.get('pid'))
Prize.objects.filter(id=pid).delete()
return HttpResponse(json.dumps({}))
if op == 'change_title':
pid = int(request.POST.get('pid'))
title = request.POST.get('title')
Prize.objects.filter(id=pid).update(title=title)
return HttpResponse(json.dumps({}))
if op == 'change_credit':
pid = int(request.POST.get('pid'))
credit = int(request.POST.get('credit'))
Prize.objects.filter(id=pid).update(credit=credit)
return HttpResponse(json.dumps({}))
if op == 'change_price':
pid = int(request.POST.get('pid'))
price = int(request.POST.get('price'))
Prize.objects.filter(id=pid).update(price=price)
return HttpResponse(json.dumps({}))
if op == 'change_description':
pid = int(request.POST.get('pid'))
Prize.objects.filter(id=pid).update(
description=request.POST.get('description'))
return HttpResponse(json.dumps({}))
if op == 'exchange':
jdata = {'result': 'ok'}
pid = int(request.POST.get('pid'))
prize = Prize.objects.get(id=pid)
if suser.credit < prize.credit:
jdata['result'] = '没有足够积分'
return HttpResponse(json.dumps(jdata))
suser.credit -= prize.credit
suser.save()
PrizeTicket.objects.create(uid=suser.id,
pid=pid,
count=1,
used=False,
exchange_time=datetime.datetime.now())
return HttpResponse(json.dumps(jdata))
rdata['prizes'] = prizes = list(reversed(Prize.objects.all()))
return render(request, 'prize.html', rdata)
def backend_admin(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if suser.username != 'root':
return render(request, 'permission_denied.html', {})
if op == 'export_multi':
qids = json.loads(request.POST.get('qids'))
excel_name = Analysis.export_multi(qids)
return HttpResponse(
json.dumps({
'result': 'yes',
'export_path': excel_name
}))
if op == 'del_ans':
cnt_del_ans = 0
for answeraire in Answeraire.objects.all():
questionaires = Questionaire.objects.filter(id=answeraire.qid)
if len(questionaires) == 0:
answeraire.delete()
cnt_del_ans += 1
cnt_del_rep = 0
for report in Report.objects.all():
questionaires = Questionaire.objects.filter(id=report.qid)
if len(questionaires) == 0:
report.delete()
cnt_del_rep += 1
return HttpResponse(
json.dumps({
'cnt_del_ans': cnt_del_ans,
'cnt_del_rep': cnt_del_rep
}))
if op == 'del_tsinghua':
cnt_del_tsinghua = 0
for suser in SUser.objects.all():
username = suser.username
if username.isdigit() and len(username) == 10:
User.objects.filter(username=username).delete()
suser.delete()
cnt_del_tsinghua += 1
for user in User.objects.all():
username = user.username
if username.isdigit() and len(username) == 10:
SUser.objects.filter(username=username).delete()
user.delete()
cnt_del_tsinghua += 1
return HttpResponse(json.dumps({'cnt_del_tsinghua': cnt_del_tsinghua}))
return render(request, 'backend_admin.html', {})
def help_center(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if suser.admin_all:
helps = reversed(Help.objects.all())
else:
helps = reversed(Help.objects.filter(released=True))
rdata['helps'] = helps
return render(request, 'helps.html', rdata)
def login(request):
rdata, op, suser = Utils.get_request_basis(request)
if request.user.is_authenticated and op == '':
return HttpResponseRedirect('/index/')
login = False
username = request.POST.get('username')
password = request.POST.get('password')
if username is not None and password is not None:
password = Utils.uglyDecrypt(password)
# 判断是否存在
susers = SUser.objects.filter(username=username)
existed = (len(susers) > 0)
# 判断是否是清华账号
if username.isdigit() and len(username) == 10:
if not existed:
existed = True
if username == password:
user = User.objects.create_user(username=username,
password=password)
suser = SUser.objects.create(uid=user.id,
username=username,
nickname=username)
if existed:
# 验证
user = auth.authenticate(username=username, password=password)
if user is not None:
auth.login(request, user)
login = True
else:
rdata['info'] = '密码错误'
else:
rdata['info'] = '用户名不存在'
if op == 'get_magic_number':
return HttpResponse(json.dumps({'magic_number': Utils.MAGIC_NUMBER}))
if login:
url = '/index/'
if 'last_url' in request.session:
url = request.session['last_url']
return HttpResponseRedirect(url)
else:
return render(request, 'login.html', rdata)
def search(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if not suser.admin_all:
return render(request, 'permission_denied.html', {})
def context(s, klen, pos):
l = max(0, pos - 5)
r = min(len(s), pos + klen + 5)
context_left = s[l:pos]
if l != 0:
context_left = '...' + context_left
context_right = s[pos + klen:r]
if r != len(s):
context_right = context_right + '...'
return context_left, s[pos:pos + klen], context_right
if op == 'search':
keyword = request.POST.get('keyword')
questionaire_list = Questionaire.objects.all()
result = []
for questionaire in questionaire_list:
d = {}
p = questionaire.title.find(keyword)
if p != -1:
d['id'] = questionaire.id
d['title'] = questionaire.title
d['update_time'] = str(questionaire.update_time)[:19]
d['context_left'], d['context_mid'], d[
'context_right'] = context(questionaire.title,
len(keyword), p)
result.append(d)
continue
p = questionaire.questions.find(keyword)
if p != -1:
d['id'] = questionaire.id
d['title'] = questionaire.title
d['update_time'] = str(questionaire.update_time)[:19]
d['context_left'], d['context_mid'], d[
'context_right'] = context(questionaire.questions,
len(keyword), p)
result.append(d)
return HttpResponse(json.dumps({'result': result}))
return render(request, 'search.html', rdata)
def admin_list(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if not suser.admin_super:
return render(request, 'permission_denied.html', {})
def get_admin_list():
admin_list = []
for admin in SUser.objects.filter(Q(admin_all=1) | Q(
admin_survey=1)).filter(~Q(username='******')):
admin_list.append({
'uid': admin.id,
'username': admin.username,
'name': admin.name,
'admin_all': admin.admin_all,
'admin_survey': admin.admin_survey
})
return admin_list
# 加载
if op == 'load':
return HttpResponse(json.dumps({'admin_list': get_admin_list()}))
# 修改管理员状态
if op == 'add':
username = request.POST.get('username')
level = request.POST.get('level')
value = int(request.POST.get('value'))
if level == 'chief':
susers = SUser.objects.filter(username=username)
susers.update(admin_all=value)
ulen = len(susers)
elif level == 'survey':
susers = SUser.objects.filter(username=username)
susers.update(admin_survey=value)
ulen = len(susers)
return HttpResponse(
json.dumps({
'ulen': ulen,
'admin_list': get_admin_list()
}))
rdata['admin_list'] = get_admin_list()
return render(request, 'admin_list.html', rdata)
def profile(request, uid):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if (not suser.admin_all) and (int(suser.id) != int(uid)):
return render(request, 'permission_denied.html', {})
rdata['psuser'] = psuser = SUser.objects.get(id=uid)
puser = User.objects.get(id=psuser.uid)
if op == 'change_nickname':
psuser.nickname = request.POST.get('nickname')
psuser.save()
return HttpResponse(json.dumps({}))
if op == 'change_password':
old_password = Utils.uglyDecrypt(request.POST.get('old_password'))
new_password = Utils.uglyDecrypt(request.POST.get('new_password'))
puser2 = auth.authenticate(username=puser.username,
password=old_password)
jdata = {}
if puser2 is not None and puser2 == puser and puser2.is_active:
puser.set_password(new_password)
puser.save()
jdata['result'] = 'yes'
return HttpResponse(json.dumps(jdata))
else:
jdata['result'] = 'no'
return HttpResponse(json.dumps(jdata))
rq_list = []
anweraire_queries = {
answeraire.qid: answeraire.submitted
for answeraire in Answeraire.objects.filter(username=suser.username)
}
for questionaire in Questionaire.objects.all():
if questionaire.status in [1, 2, 3] and Utils.check_fill2(
anweraire_queries, questionaire.id) in [2, 3]:
rq_list.append(
Utils.remakeq(suser, questionaire, False, anweraire_queries))
rq_list.sort(key=lambda x: x['create_time'], reverse=True)
rdata['rq_list'] = rq_list
return render(request, 'profile.html', rdata)
def prize_exchange(request, tid):
# 验证身份,只有特定商家和特定用户
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
rdata['ticket'] = ticket = PrizeTicket.objects.get(id=tid)
rdata['prize'] = prize = Prize.objects.get(id=ticket.pid)
if suser.is_store:
store = json.loads(prize.store)
if not suser.id in store:
return render(request, 'permission_denied.html', {})
else:
if ticket.uid != suser.id:
return render(request, 'permission_denied.html', {})
op = request.POST.get("op")
if op == "exchange":
if suser.is_store:
ticket.use_status = ticket.use_status | 2
ticket.oid = suser.id
else:
ticket.use_status = ticket.use_status | 4
if ticket.use_status == 7:
ticket.used = True
ticket.use_time = datetime.datetime.now()
ticket.save()
return HttpResponse(json.dumps({}))
if op == "if_confirm":
jdata = {'result': 'not confirmed'}
if ticket.use_status == 7:
jdata['result'] = 'confirmed'
return HttpResponse(json.dumps(jdata))
if ticket.used == True:
return render(request, 'permission_denied.html', {})
if suser.is_store:
ticket.use_status = ticket.use_status | 1
ticket.save()
return render(request, 'prize_exchange.html', rdata)
def prize_add(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if not suser.admin_all:
return render(request, 'permission_denied.html', {})
if op == 'add_prize':
title = request.POST.get('title')
description = request.POST.get('description')
credit = int(request.POST.get('credit'))
price = int(request.POST.get('price'))
expire_time = request.POST.get('expire_time')
prize = Prize.objects.create(title=title,
description=description,
credit=credit,
price=price,
expire_time=expire_time)
return HttpResponse(json.dumps({}))
return render(request, 'prize_add.html', rdata)
def prize_add_store(request):
# 验证身份
if not request.user.is_authenticated:
return Utils.redirect_login(request)
rdata, op, suser = Utils.get_request_basis(request)
if not suser.admin_all:
return render(request, 'permission_denied.html', {})
if op == 'add_store':
jdata = {'result': 'ok'}
username = request.POST.get('username')
if username.isdigit() and len(username) == 10:
jdata['result'] = '请勿使用清华学号'
elif len(SUser.objects.filter(username=username)) > 0:
jdata['result'] = '用户名已存在'
else:
nickname = request.POST.get('nickname')
password = Utils.uglyDecrypt(request.POST.get('password'))
pid_list = json.loads(request.POST.get('pid_list'))
user = User.objects.create_user(username=username,
password=password)
suser = SUser.objects.create(username=username,
nickname=nickname,
uid=user.id,
is_sample=0,
is_store=1)
for pid in pid_list:
prize = Prize.objects.get(id=int(pid))
store = json.loads(prize.store)
store.append(suser.id)
prize.store = json.dumps(store)
prize.save()
return HttpResponse(json.dumps(jdata))
rdata['prizes'] = prizes = list(reversed(Prize.objects.all()))
return render(request, 'prize_add_store.html', rdata)
