def get_info():
with Transaction() as session:
reg: NovaRegTable = session.query(NovaRegTable).filter(
NovaRegTable.openid == current_identity.openid).first()
if not reg or reg.delete:
raise NotFound('student not registered')
return Response(**reg.to_dict()).json()
def admin_delete_info(stuid):
with Transaction() as session:
reg: NovaRegTable = session.query(NovaRegTable).filter(
NovaRegTable.stuid == stuid).first()
if not reg:
raise NotFound('student not registered')
reg.delete = True
return Response().json()
def cancel_register():
with Transaction() as session:
reg: NovaRegTable = session.query(NovaRegTable).filter(
NovaRegTable.openid == current_identity.openid).first()
if not reg:
raise NotFound('student not registered')
reg.delete = True
send_unregister_msg(reg.name)
return Response().json()
def get_source_student_info():
with Transaction() as session:
query = session.query(StudentTable).filter(StudentTable.openid == current_identity.openid)
student: StudentTable = query.first()
if not student:
raise NotFound('Student not registered')
source: SourceStudentTable = session.query(SourceStudentTable).filter(
SourceStudentTable.id_card == student.id_card).first()
if not source:
raise NotFound('Source student info not found')
return Response(**source.to_dict()).json()
def check_token():
with Transaction() as session:
student: StudentTable = session.query(StudentTable).filter(
StudentTable.openid == current_identity.openid).first()
admission_id = stuid = ''
if student:
source_student: SourceStudentTable = session.query(
SourceStudentTable.stuid, SourceStudentTable.admission_id
).filter(SourceStudentTable.id_card == student.id_card).first()
if source_student:
stuid = source_student.stuid
admission_id = source_student.admission_id
return Response(stuid=stuid, admission_id=admission_id).json()
def student_update():
expected = ['phone', 'id_card', 'admission_id', 'student_id']
params = {k: request.json.get(k) for k in expected if k in request.json}
with Transaction() as session:
query = session.query(StudentTable).filter(StudentTable.openid == current_identity.openid)
student: StudentTable = query.first()
if not student:
raise NotFound('Student not posted')
if student.phone != params.get('phone', student.phone):
cached = code_cache.get(current_identity.openid)
if not cached.get('status', False):
raise Unauthorized('Phone not verified')
query.update(params)
return Response().json()
def candidate_update():
expected = ['phone', 'name', 'province', 'city', 'score', 'subject']
params = {k: request.json.get(k) for k in expected if k in request.json}
with Transaction() as session:
query = session.query(CandidateTable).filter(CandidateTable.openid == current_identity.openid)
candidate: CandidateTable = query.first()
if not candidate:
raise NotFound('Candidate not posted')
if candidate.phone != params.get('phone', candidate.phone):
cached = code_cache.get(current_identity.openid)
if not cached.get('status', False):
raise Unauthorized('Phone not verified')
query.update(params)
return Response().json()
def candidate_signup():
cached = code_cache.get(current_identity.openid)
if not cached.get('status', False):
raise Unauthorized('Phone not verified')
param_keys = ['name', 'province', 'city', 'score', 'subject']
params = {k: request.json.get(k) for k in param_keys if k in request.json}
if len(params.keys()) != len(param_keys):
raise BadRequest('Require params: {}, only get {}'.format(
', '.join(param_keys), ', '.join(params.keys())))
candidate = CandidateTable(openid=current_identity.openid, phone=cached.get('phone'), **params)
with Transaction() as session:
if session.query(CandidateTable).filter(CandidateTable.openid == current_identity.openid).first():
raise Conflict('Candidate has been posted')
session.add(candidate)
return Response().json()
def auth():
openid = get_openid(request.args.get('code', ''))
if not openid:
raise Unauthorized('code invalid')
seq = request.args.get('seq', '')
if not seq:
raise BadRequest('seq empty')
cached = link_cache.get(seq)
role = cached.get('role', '')
if not role:
return NotFound('link invalid')
permission = Permission.loads(role)
privilege = PrivilegeTable(openid=openid, permission=permission.value)
with Transaction() as session:
if session.query(PrivilegeTable).filter_by(
openid=openid, permission=permission.value).first():
return Conflict('privilege has been checked before')
session.add(privilege)
return Response().json()
def get_source():
with Transaction() as session:
student: StudentTable = session.query(StudentTable).filter(
StudentTable.openid == current_identity.openid).first()
assert student is not None
phone = student.phone
source: SourceStudentTable = session.query(SourceStudentTable).filter(
SourceStudentTable.id_card == student.id_card).first()
assert source is not None
qq = ''
reg: NovaRegTable = session.query(NovaRegTable).filter(
NovaRegTable.openid == current_identity.openid).first()
if reg:
phone = reg.phone
qq = reg.qq
return Response(stuid=source.stuid,
name=source.name,
department=source.department,
phone=phone,
qq=qq).json()
def student_signup():
cached = code_cache.get(current_identity.openid)
if not cached.get('status', False):
raise Unauthorized('Phone not verified')
expected = ['id_card', 'id']
params = {k: request.json.get(k) for k in expected if k in request.json}
keys = params.keys()
if len(keys) != len(expected):
raise BadRequest('Require params: {}, only get {}'
.format(', '.join(expected), ', '.join(keys)))
student = StudentTable(openid=current_identity.openid, phone=cached.get('phone'), id_card=params.get('id_card'))
with Transaction() as session:
if not session.query(SourceStudentTable).filter(
and_(SourceStudentTable.id_card == params.get('id_card'),
or_(SourceStudentTable.admission_id == params.get('id'),
SourceStudentTable.stuid == params.get('id')))).first():
raise NotFound('Correspond id of id_card not found')
if session.query(StudentTable).filter(StudentTable.openid == current_identity.openid).first():
raise Conflict('Student has been posted')
session.add(student)
return Response().json()
def get_token():
data: dict = request.json
roles = []
if 'code' in data:
openid = get_openid_by_code(data.get('code', ''))
if not openid:
raise Unauthorized('Code invalid')
roles = get_roles_of_openid(openid)
else:
openid = data.get('username', '')
password = data.get('password', '')
if not openid or not password:
raise BadRequest('username & password or code required')
with Transaction() as session:
user: AuthUserTable = session.query(AuthUserTable).filter(AuthUserTable.username == openid).first()
if not user:
raise Unauthorized('username not existed')
if user.password != password:
raise Unauthorized('password incorrect')
roles = get_roles_of_openid(openid)
return Response(token=gen_token(openid, roles),
candidate=Permission.CANDIDATE in roles,
student=Permission.STUDENT in roles).json()
def post_info():
param_keys = [m.key for m in NovaRegTable.__table__.columns]
param_keys.remove('openid')
param_keys.remove('delete')
params = {k: request.json.get(k) for k in param_keys if k in request.json}
if len(param_keys) != len(params):
raise BadRequest('Require params: {}, only get: {}'.format(
', '.join(param_keys), ', '.join(params.keys())))
with Transaction() as session:
reg: NovaRegTable = session.query(NovaRegTable).filter(
NovaRegTable.openid == current_identity.openid).first()
if reg:
if not reg.delete:
raise Conflict('student registered before')
reg.delete = False
for k, v in params.items():
setattr(reg, k, v)
else:
reg: NovaRegTable = NovaRegTable(openid=current_identity.openid,
**params,
delete=False)
session.add(reg)
send_register_msg(reg.name)
return Response().json()
def test_token(openid):
with Transaction() as session:
is_candidate = True if session.query(CandidateTable).filter(CandidateTable.openid == openid).first() else False
is_student = True if session.query(StudentTable).filter(StudentTable.openid == openid).first() else False
return Response(token=get_crypto_token(openid), candidate=is_candidate, student=is_student).json()
def admin_get_info():
with Transaction() as session:
regs: List[NovaRegTable] = session.query(NovaRegTable).all()
return Response(
students=[reg.to_dict() for reg in regs if not reg.delete]).json()