def put(self):
submit = self.request()
if submit.__contains__("mobile"):
ldap = Ldap()
ldap.modify(session[USER_SESSION]["uid"], {"mobile": submit["mobile"]}, submit["password"])
User.edit(submit)
return self.succ()
def to(self, access):
try:
ldap = Ldap()
copy_to_uid = [User.get(uid)["mail"] for uid in access.copy_to_uid.split(",")] \
if access.copy_to_uid \
else [User.get(ldap.get_1st_manager(access.apply_uid))["mail"]]
copy_to_uid.extend([u.mail for u in Group.get_users(DEFAULT_GROUP.OP)])
sub = u" %s权限申请 申请人:%s 申请时间:%s" % (
access.type,
access.apply_uid,
access.apply_time.strftime("%Y-%m-%d %H:%M")
)
self.send(
copy_to_uid,
sub,
access=access,
url="/templates/jurisdiction/curr_apply.html?id=%d"%access.id,
tpl="mail.access.tpl.html"
)
return True
except Exception, e:
traceback.print_exc()
return False
def get(self, field=""):
result = []
field_default = {
"cn": "名",
"businessCategory": "部门",
"title": "职务",
"mail": "电子邮件地址",
}
field_ext = {"mobile": "手机"}
fields = dict(field_default.items() + field_ext.items())
if field in fields.keys():
fields = {field: fields[field], "uid": "用户名"}
else:
fields = field_default
ldap = Ldap()
for u in ldap.export(fields.keys()):
_dict = {}
for key in u.keys():
_dict[fields[key]] = u[key]
result.append(_dict)
resp = excel.make_response_from_records(result, "xlsx")
resp.headers["Content-Disposition"] = "attachment; filename=user.xlsx"
return resp
def to(self, p):
approvals = p.approvals
to = []
if not p.is_finished:
if p.cur_approval_type == PURCHASE.FLOW_ONE:
ldap = Ldap()
suser = User.get(ldap.get_2nd_manager(p.apply_uid))
to.append(suser["mail"])
else:
to.extend(
[u.mail for u in Group.get_users(p.cur_approval_type)])
else:
user = User.get(p.apply_uid)
to.extend(
[u.mail for u in Group.get_users(DEFAULT_GROUP.PURCHASE.FIN)])
to.append(user["mail"])
sub = u"采购编号:%s 采购申请:%s" % (p.id, ",".join(
[g.category.name for g in p.goods]))
self.send(to,
sub,
"/templates/purchase/approval.html",
"mail.purchase.tpl.html",
purchase=p,
goods=p.goods,
approvals=approvals,
group_names=Group.get_descs())
def to(self, p):
approvals = p.approvals
to = []
if not p.is_finished:
if p.cur_approval_type == PURCHASE.FLOW_ONE:
ldap=Ldap()
suser = User.get(ldap.get_2nd_manager(p.apply_uid))
to.append(suser["mail"])
else:
to.extend([u.mail for u in Group.get_users(p.cur_approval_type)])
else:
user = User.get(p.apply_uid)
to.extend([u.mail for u in Group.get_users(DEFAULT_GROUP.PURCHASE.FIN)])
to.append(user["mail"])
sub = u"采购编号:%s 采购申请:%s" % (p.id, ",".join([g.category.name for g in p.goods]))
self.send(
to,
sub,
"/templates/purchase/approval.html",
"mail.purchase.tpl.html",
purchase=p,
goods=p.goods,
approvals=approvals,
group_names=Group.get_descs())
def get(self, field=""):
result = []
field_default = {
"cn": "名",
"businessCategory": "部门",
"title": "职务",
"mail": "电子邮件地址",
}
field_ext = {
"mobile": "手机"
}
fields = dict(field_default.items() + field_ext.items())
if field in fields.keys():
fields = {field: fields[field], "uid": "用户名"}
else:
fields = field_default
ldap = Ldap()
for u in ldap.export(fields.keys()):
_dict = {}
for key in u.keys(): _dict[fields[key]] = u[key]
result.append(_dict)
resp = excel.make_response_from_records(result, "xlsx")
resp.headers["Content-Disposition"] = "attachment; filename=user.xlsx"
return resp
def to(self, access):
try:
ldap = Ldap()
copy_to_uid = [User.get(uid)["mail"] for uid in access.copy_to_uid.split(",")] \
if access.copy_to_uid \
else [User.get(ldap.get_1st_manager(access.apply_uid))["mail"]]
copy_to_uid.extend(
[u.mail for u in Group.get_users(DEFAULT_GROUP.OP)])
sub = u" %s权限申请 申请人:%s 申请时间:%s" % (
access.type, access.apply_uid,
access.apply_time.strftime("%Y-%m-%d %H:%M"))
self.send(copy_to_uid,
sub,
access=access,
url="/templates/jurisdiction/curr_apply.html?id=%d" %
access.id,
tpl="mail.access.tpl.html")
return True
except Exception, e:
traceback.print_exc()
return False
def post(self, uid):
user = User.get(uid)
user["pwd"] = crypt.randpass()
ldap = Ldap()
ldap.reset_pwd(uid, user["pwd"])
Mail().to(user)
return self.succ()
def delete(self, uid):
ldap = Ldap()
if uid in ["*", u"*"]:
raise ExceptionEx("无效的uid")
else:
ldap.delete(uid)
User.update()
return self.succ()
def delete(self, uid):
ldap = Ldap()
if uid in ["*", u"*"]:
raise ExceptionEx("无效的uid")
else:
ldap.delete(uid)
User.update()
return self.succ()
def get(self, uid="*"):
ldap = Ldap()
if uid not in [u"*", "*", None]:
dn, user = ldap.search(uid, attrlist="*").first()
return self.succ([user])
def cmp(a, b):
if a["employeeNumber"] > b["employeeNumber"]:
return 1
elif a["employeeNumber"] == b["employeeNumber"]:
return 0
return -1
return self.succ(
sorted([user for dn, user in ldap.search(attrlist="*").all()],
cmp))
def get(self, uid="*"):
ldap = Ldap()
if uid not in [u"*", "*", None]:
dn, user = ldap.search(uid, attrlist="*").first()
return self.succ([user])
def cmp(a, b):
if a["employeeNumber"] > b["employeeNumber"]:
return 1
elif a["employeeNumber"] == b["employeeNumber"]:
return 0
return -1
return self.succ(sorted(
[user for dn, user in ldap.search(attrlist="*").all()], cmp
))
def post(self, uid):
submit = self.request()
submit["uid"] = uid
submit["c"] = submit["x-csf-emp-nationality"]
submit["x-csf-emp-pwdReset"] = "TRUE"
submit["userPassword"] = "******"
_submit = self.to_str_dict(submit)
_submit["objectClass"] = [
"country", "x-csf-EmployeeObject", "inetOrgPerson",
"organizationalPerson", "person", "top"
]
ldap = Ldap()
ldap.add(uid, _submit)
User.update()
return self.succ()
def get(self, uid, pwd):
if session.__contains__(USER_SESSION):
User.add(session[USER_SESSION])
return self.fail("已登录")
if not session.__contains__(KEY_SESSION):
raise ExceptionEx("未申请密钥")
uid = crypt.desc(uid)
pwd = crypt.desc(pwd)
ldap = Ldap()
if not ldap.auth(uid, pwd):
return self.fail("用户名或密码错误")
dn, _user = ldap.search(uid).first()
User.add(_user)
session[USER_SESSION] = _user
return self.succ(session[USER_SESSION])
def put(self, uid, oldpass=None, newpass=None):
if not oldpass:
if not session.__contains__(USER_SESSION):
raise ExceptionEx("未登录")
if not User.get(session[USER_SESSION]["uid"])["is_admin"]:
raise ExceptionEx("权限不足")
if not uid or uid in ["*", u"*"]:
return self.fail("无效的用户名")
newpass = newpass if newpass else crypt.randpass()
ldap = Ldap()
if not ldap.reset_pwd(uid, newpass, oldpass):
return self.fail()
mail = Mail()
mail.to(uid, newpass)
return self.succ() if oldpass else self.succ(newpass)
def put(self, uid, oldpass=None, newpass=None):
if not oldpass:
if not session.__contains__(USER_SESSION):
raise ExceptionEx("未登录")
if not User.get(session[USER_SESSION]["uid"])["is_admin"]:
raise ExceptionEx("权限不足")
if not uid or uid in ["*", u"*"]:
return self.fail("无效的用户名")
newpass = newpass if newpass else crypt.randpass()
ldap = Ldap()
if not ldap.reset_pwd(uid, newpass, oldpass):
return self.fail()
mail = Mail()
mail.to(uid, newpass)
return self.succ() if oldpass else self.succ(newpass)
def update():
_ldap_dict = {}
ldap = Ldap()
_ldap_users = ldap.search().all()
for dn, user in _ldap_users:
_ldap_dict[user["uid"].lower()] = user
users = User.query.all()
user_dict = {}
for user in users:
user_dict[user.uid.lower()] = user
# 删除离职的
for uid in set(user_dict.keys()).difference(_ldap_dict.keys()):
user_dict[uid].is_dimiss = True
# 修改存在的
for uid in set(user_dict.keys()).intersection(_ldap_dict.keys()):
u, ldap = user_dict[uid], _ldap_dict[uid]
u.is_dimiss = False
for field in ldap.keys():
if field == "x-csf-emp-onboardDate":
u.onboardDate = ldap[field]
else:
setattr(u, field, ldap[field])
# 添加新增的
for uid in set(_ldap_dict.keys()).difference(user_dict.keys()):
_user = _ldap_dict[uid]
user = User(_user)
user.create_time = datetime.now()
user.last_time = datetime.now()
user.onboardDate = datetime.strptime(
_user["x-csf-emp-onboardDate"], "%Y%m%d")
user.is_admin = False
db.session.add(user)
db.session.commit()
return True
def update():
_ldap_dict = {}
ldap = Ldap()
_ldap_users = ldap.search().all()
for dn, user in _ldap_users:
_ldap_dict[user["uid"].lower()] = user
users = User.query.all()
user_dict = {}
for user in users:
user_dict[user.uid.lower()] = user
# 删除离职的
for uid in set(user_dict.keys()).difference(_ldap_dict.keys()):
user_dict[uid].is_dimiss = True
# 修改存在的
for uid in set(user_dict.keys()).intersection(_ldap_dict.keys()):
u, ldap = user_dict[uid], _ldap_dict[uid]
u.is_dimiss = False
for field in ldap.keys():
if field == "x-csf-emp-onboardDate":
u.onboardDate = ldap[field]
else:
setattr(u, field, ldap[field])
# 添加新增的
for uid in set(_ldap_dict.keys()).difference(user_dict.keys()):
_user = _ldap_dict[uid]
user = User(_user)
user.create_time = datetime.now()
user.last_time = datetime.now()
user.onboardDate = datetime.strptime(_user["x-csf-emp-onboardDate"], "%Y%m%d")
user.is_admin = False
db.session.add(user)
db.session.commit()
return True
def post(self, uid):
submit = self.request()
submit["uid"] = uid
submit["c"] = submit["x-csf-emp-nationality"]
submit["x-csf-emp-pwdReset"] = "TRUE"
submit["userPassword"] = "******"
_submit = self.to_str_dict(submit)
_submit["objectClass"] = [
"country",
"x-csf-EmployeeObject",
"inetOrgPerson",
"organizationalPerson",
"person",
"top"
]
ldap = Ldap()
ldap.add(uid, _submit)
User.update()
return self.succ()
def auth(self):
return True
def put(self, uid, oldpass=None, newpass=None):
if not oldpass:
if not session.__contains__(USER_SESSION):
raise ExceptionEx("未登录")
if not User.get(session[USER_SESSION]["uid"])["is_admin"]:
raise ExceptionEx("权限不足")
if not uid or uid in ["*", u"*"]:
return self.fail("无效的用户名")
newpass = newpass if newpass else crypt.randpass()
ldap = Ldap()
if not ldap.reset_pwd(uid, newpass, oldpass):
return self.fail()
mail = Mail()
mail.to(uid, newpass)
return self.succ() if oldpass else self.succ(newpass)
if __name__ == "__main__":
ldap = Ldap()
print ldap.auth("arvin.yang", "QTPSN2WG")
def put(self, uid):
submit = self.request()
ldap = Ldap()
ldap.modify(uid, self.to_str_dict(submit))
User.update()
return self.succ()
def put(self, uid):
submit = self.request()
ldap = Ldap()
ldap.modify(uid, self.to_str_dict(submit))
User.update()
return self.succ()
def auth(self):
return True
def put(self, uid, oldpass=None, newpass=None):
if not oldpass:
if not session.__contains__(USER_SESSION):
raise ExceptionEx("未登录")
if not User.get(session[USER_SESSION]["uid"])["is_admin"]:
raise ExceptionEx("权限不足")
if not uid or uid in ["*", u"*"]:
return self.fail("无效的用户名")
newpass = newpass if newpass else crypt.randpass()
ldap = Ldap()
if not ldap.reset_pwd(uid, newpass, oldpass):
return self.fail()
mail = Mail()
mail.to(uid, newpass)
return self.succ() if oldpass else self.succ(newpass)
if __name__ == "__main__":
ldap = Ldap()
print ldap.auth("arvin.yang", "QTPSN2WG")
def __is_superior(uid, apply_uid):
ldap = Ldap()
if uid == ldap.get_2nd_manager(apply_uid):
return True
return False
def __is_superior(uid, apply_uid):
ldap = Ldap()
if uid == ldap.get_2nd_manager(apply_uid):
return True
return False
