def group_edit():
try:
id = request.form.get('id')
name = request.form.get('name')
status = request.form.get('status', default=1)
if not name:
return CommonResponse(ResultType.Failed,
message=u"分组名称不能为空").to_json()
user_group_obj = db.session.query(UsersGroup).filter(
UsersGroup.id != id, UsersGroup.name == name).scalar()
if user_group_obj:
return CommonResponse(ResultType.Failed,
message=u"分组名称不能重复").to_json()
group = UsersGroup()
group.id = id
group.name = name
group.status = status
db.session.merge(group)
db.session.commit()
record_log('edit_group', u'编辑分组', u'name:{name}'.format(name=name))
return CommonResponse(ResultType.Success, message=u"编辑成功").to_json()
except Exception, e:
db.session.rollback()
record_log('add_user', u'编辑用户失败')
def menu_edit():
form = MenuForm()
try:
if not form.validate():
error_message = form.get_error()
return CommonResponse(ResultType.Failed,
message=error_message).to_json()
else:
menu = MenuAuth()
menu.id = form.id.data
menu.name = form.menu_name.data
menu.method = form.method.data
menu.type = form.type.data
menu.icon = form.icon.data
menu.sort = form.sort.data
menu.parent_id = form.parent_id.data
db.session.merge(menu)
db.session.commit()
record_log('add_menu', u'编辑菜单',
u'method:{method}'.format(method=form.method.data))
return CommonResponse(ResultType.Success,
message=u"编辑成功").to_json()
except Exception, e:
db.session.rollback()
record_log('add_menu', u'编辑菜单失败')
return CommonResponse(ResultType.Failed, message=u"编辑失败").to_json()
def user_edit():
form = UserForm()
try:
if not form.validate():
error_message = form.get_error()
return CommonResponse(ResultType.Failed,
message=error_message).to_json()
else:
user = User()
user.id = form.id.data
user.username = form.username.data
if form.password.data:
user.password = form.password.data
user.email = form.email.data
if form.group_id.data:
user.group_id = form.group_id.data
user.is_manage = '1'
else:
user.group_id = None
user.is_manage = '0'
db.session.merge(user)
db.session.commit()
record_log(
'edit_user', u'编辑用户',
u'username:{username}'.format(username=form.username.data))
return CommonResponse(ResultType.Success,
message=u"编辑成功").to_json()
except Exception, e:
db.session.rollback()
record_log('edit_user', u'编辑用户失败')
return CommonResponse(ResultType.Failed, message=u"编辑失败").to_json()
def user_add():
form = UserForm()
try:
if not form.validate():
error_message = form.get_error()
return CommonResponse(ResultType.Failed,
message=error_message).to_json()
else:
user = User()
user.username = form.username.data
user.password = form.password.data
user.email = form.email.data
if form.group_id.data:
user.group_id = form.group_id.data
db.session.add(user)
db.session.commit()
record_log(
'add_user', u'添加用户',
u'username:{username}'.format(username=form.username.data))
return CommonResponse(ResultType.Success,
message=u"添加成功").to_json()
except Exception, e:
db.session.rollback()
record_log('add_user', u'添加用户失败')
return CommonResponse(ResultType.Failed, message=u"添加失败").to_json()
def login():
if current_app.config.get('IS_LOCALHOST'):
form = LoginForm()
if form.validate_on_submit():
# user = User.query.filter_by(username=form.username.data).first()
user = db.session.query(User).filter(
User.username == form.username.data).first()
if user is not None and user.verify_password(form.password.data):
if not user.status:
#禁止被禁用的用户登陆
flash(u'用户被禁用,请联系管理员')
else:
login_user(user, form.remember_me.data)
record_log(
'login', u'用户登陆', 'current_user:{username}'.format(
username=current_user.username))
return redirect(
request.args.get('next') or url_for('admin.index'))
else:
flash(u'用户名或密码错误')
if current_user.is_authenticated:
return redirect(url_for('admin.index'))
return render_template('admin/login.html', form=form)
else:
return redirect(current_app.config.get('OPERATOR_LOGIN'))
def logout():
record_log('logout', u'用户登出', 'current_user:{username}'.format(username=current_user.username))
logout_user()
# flash(u'您已经成功退出')
if current_app.config.get('IS_LOCALHOST'):
return redirect(url_for('admin.login'))
else:
return redirect(current_app.config.get('OPERATOR_LOGIN'))
def group_grant():
try:
group_id = request.form.get('group_id')
rules = request.form.get('rules')
# rules = json.loads(rules_str)
user_group_obj = db.session.query(UsersGroup).filter(
UsersGroup.id == group_id).scalar()
user_group_obj.rules = rules
db.session.merge(user_group_obj)
db.session.commit()
record_log('group_grant', u'分组授权',
'name:{name}'.format(name=user_group_obj.name))
return CommonResponse(ResultType.Success, message=u"授权成功").to_json()
except Exception, e:
db.session.rollback()
record_log('group_grant', u'分组授权失败')
def group_del():
group_id = request.form.get('group_id')
user_group_obj = db.session.query(UsersGroup).filter(
UsersGroup.id == group_id).scalar()
if user_group_obj is None:
return CommonResponse(ResultType.Failed, message=u"分组不存在").to_json()
user_obj = db.session.query(User).filter(User.group_id == group_id).all()
if user_obj:
return CommonResponse(ResultType.Failed,
message=u"请先移除当前分组下的用户").to_json()
record_log('del_group', u'删除分组',
'name:{name}'.format(name=user_group_obj.name))
db.session.delete(user_group_obj)
db.session.commit()
return CommonResponse(ResultType.Success, message=u"删除成功").to_json()
def user_del():
user_id = request.form.get('user_id')
if int(current_user.id) == int(user_id):
return CommonResponse(ResultType.Failed,
message=u"不能删除自己的账号").to_json()
if user_id is None:
return CommonResponse(ResultType.Failed,
message=u"user_id不能为空").to_json()
user_info_obj = User.query.filter(User.id == user_id).scalar()
if user_info_obj is None:
return CommonResponse(ResultType.Failed, message=u"用户不存在").to_json()
record_log('del_user', u'删除用户',
'name:{name}'.format(name=user_info_obj.username))
db.session.delete(user_info_obj)
db.session.commit()
return CommonResponse(ResultType.Success, message=u"删除成功").to_json()
def menu_del():
menu_id = request.form.get('menu_id')
if not menu_id:
return CommonResponse(ResultType.Failed,
message=u"menu_id不能为空").to_json()
menu_info_obj = MenuAuth.query.filter(MenuAuth.id == menu_id).scalar()
if menu_info_obj is None:
return CommonResponse(ResultType.Failed, message=u"菜单不存在").to_json()
other_info_obj = MenuAuth.query.filter(MenuAuth.parent_id == menu_id).all()
if other_info_obj:
return CommonResponse(ResultType.Failed,
message=u"删除菜单前,请先删除子菜单").to_json()
record_log('del_menu', u'删除菜单',
'name:{name}'.format(name=menu_info_obj.name))
db.session.delete(menu_info_obj)
db.session.commit()
return CommonResponse(ResultType.Success, message=u"删除成功").to_json()
