def edit_userprofile():
if current_user is not None and current_user.is_privileged(UserType.registered):
username = request.args.get("username")
if not username:
abort(404)
elif current_user.username.lower() != username.lower():
abort(403)
else:
return render_template('edit_userprofile.html', username=current_user.username, user=current_user,
genderName = GenderType.getName(current_user.gender), typeName=UserType.getName(current_user.type), birthStr = current_user.getBirthStr())
else:
abort(403)
def user():
if current_user is not None and current_user.is_privileged(UserType.staff):
page = request.args.get("page", 1)
if page < 1:
page = 1
paginate = Users.query.order_by(Users.uid).paginate(int(page), config.PAGE_ITEMS, False)
users = []
for user in paginate.items:
user.gender = GenderType.getName(user.gender)
user.type = UserType.getName(user.type)
users.append(user)
return render_template("user.html", username=current_user.username, index=4, pagination=paginate)
else:
abort(403)
def update_teacher():
if current_user is not None and current_user.is_privileged(UserType.staff):
tid = request.args.get("tid")
teacher = Teacher.query.filter(Teacher.tid == tid).first()
if teacher is None:
return render_template("error.html", message="查找不到与之匹配的讲师")
else:
user = Users.query.filter(Users.username == teacher.username).first()
if not user:
return render_template("error.html", message="找不到教师的基本用户数据")
else:
return render_template(
"update_teacher.html",
username=current_user.username,
teacher=teacher,
types=GameType.getAll(),
genderName=GenderType.getName(user.gender),
gname=GameType.getName(teacher.gtype),
)
else:
abort(403)
def teacher():
if current_user is not None and current_user.is_privileged(UserType.staff):
page = request.args.get("page", 1)
if page < 1:
page = 1
paginate = Teacher.query.order_by(Teacher.tid).paginate(int(page), config.PAGE_ITEMS, False)
# 需要将相关的常量替换成可读字符串
# 一种办法是使用ORM进行联合查询,这样的坏处是容易造成SQL复杂且不稳定
# 因此直接使用数据后处理进行替换,效率虽低,但安全性和扩展性更好,对于本应用来说是可以接受的
teachers = []
for teacher in paginate.items:
user = Users.query.filter(Users.username == teacher.username).first()
if user:
teacher.name = user.name
teacher.birth = user.birth
teacher.gender = GenderType.getName(user.gender)
teacher.gtypename = GameType.getName(teacher.gtype) # gtypename
teacher.desc = user.desc
teacher.extend = user.extend
return render_template("teacher.html", username=current_user.username, index=2, pagination=paginate)
else:
abort(403)
def search_teacher():
if current_user is not None and current_user.is_privileged(UserType.staff):
# 由于使用站内搜索功能时结果集一般很少,为简单起见不再支持分页
name = request.args.get("username")
if name == "":
return render_template("error.html", message="请输入查询的教师用户名")
try:
pattern = "%" + name + "%" # 支持模糊查询
result = Teacher.query.filter(Teacher.username.like(pattern)).order_by(Teacher.tid).all()
teachers = []
for teacher in result:
user = Users.query.filter(Users.username == teacher.username).first()
teacher.name = user.name
teacher.birth = user.birth
teacher.gender = GenderType.getName(user.gender)
teacher.gtype = GameType.getName(teacher.gtype)
teacher.desc = user.desc
teacher.extend = user.extend
teachers.append(teacher)
return render_template("search_teacher.html", username=current_user.username, teachers=teachers)
except Exception, e:
# app.logger.error(e)
return render_template("error.html", message="查询失败")
def search_user():
if current_user is not None and current_user.is_privileged(UserType.staff):
# 由于使用站内搜索功能时结果集一般很少,为简单起见不再支持分页
name = request.args.get("username")
if name == "":
return render_template("error.html", message="请输入查询的用户名")
try:
pattern = "%" + name + "%" # 支持模糊查询
result = (
Users.query.filter(
or_(Users.username.like(pattern), Users.phone.like(pattern), Users.email.like(pattern))
)
.order_by(Users.uid)
.all()
)
users = []
for user in result:
user.gender = GenderType.getName(user.gender)
user.type = UserType.getName(user.type)
users.append(user)
return render_template("search_user.html", username=current_user.username, users=result, index=4)
except Exception, e:
# app.logger.error(e)
return render_template("error.html", message="查询失败")
