def post(self, request):
try:
username = request.data.get('username', '')
old_password = request.data.get('old_password', '')
password1 = request.data.get('password1', '')
password2 = request.data.get('password2', '')
user = authenticate(username=username, password=old_password)
if user is not None:
if password1 == password2:
userinfo = UserProfile.objects.get(username=user)
userinfo.password = make_password(password1)
userinfo.save()
create_history_record(user, "修改密码")
return JsonResponse({
"error_no": 0,
"info": "Success"
})
else:
return JsonResponse({
"error_no": 1,
"info": "两次密码不一致"
})
else:
return JsonResponse({
"error_no": 1,
"info": "用户名或密码错误"
})
except Exception as e:
print(e)
return JsonResponse({
"error_no": -1,
"info": str(e)
})
def post(self, request):
login_form = LoginForm(request.POST)
if login_form.is_valid():
user_name = request.POST.get('username', '')
pass_word = request.POST.get('password', '')
remember = request.POST.get('remember', '')
# print(remember)
user = authenticate(username=user_name, password=pass_word)
if user is not None:
if user.is_active:
response = HttpResponseRedirect(reverse("index"))
login(request, user)
create_history_record(user, "登录")
if remember == "on":
# 设置cookie username *过期时间为1周
response.set_cookie('username', user_name, max_age=7 * 24 * 3600)
response.set_cookie('password', pass_word, max_age=7 * 24 * 3600)
response.set_cookie('password', pass_word, max_age=7 * 24 * 3600)
return response
# return HttpResponse('登录成功')
else:
return render(request, 'login.html', {'msg': "用户未激活"})
else:
return render(request, 'login.html', {'msg': '用户名或密码错误!'})
else:
return render(request, 'login.html', {'login_form': login_form})
def post(self, request):
try:
station_id = request.POST.get('id', "")
station_status = request.POST.get('station_status')
if station_status == 'true':
status = "设为有效"
else:
status = "设为无效"
station = StationInfo.objects.get(id=station_id)
status_form = StationStatusForm(request.POST, instance=station)
if status_form.is_valid():
status_form.save()
station_name = station.station_name
create_history_record(request.user, '测站点 %s 状态 %s' % (station_name, status))
return JsonResponse({"status": status + "成功"})
print(status_form.errors)
return JsonResponse({"status": status + "失败"})
except StationInfo.DoesNotExist:
return HttpResponseRedirect(reverse('station_info'))
except Exception as e:
print(e)
return JsonResponse({
"status": str(e)
})
def get(self, request):
try:
username = request.META.get("HTTP_USERNAME")
user = UserProfile.objects.get(username=username)
permission = user.permission
data = list()
if permission == 'superadmin':
all_company = CompanyModel.objects.all().order_by('id')
for company in all_company:
admin_user = UserProfile.objects.filter(company=company)
admin = [u.username for u in admin_user]
data.append({
"id": company.id,
"company_name": company.company_name,
"contact": company.contact,
"phone": company.phone,
"status": company.company_status,
"admin": admin
})
create_history_record(username, "查询所有公司")
return JsonResponse({"data": data, "error_no": 0})
else:
return JsonResponse({"error_no": -2, "info": "你没有权限"})
except UserProfile.DoesNotExist:
return JsonResponse({"error_no": -2, "info": "没有这个用户"})
except Exception as e:
print(e)
return JsonResponse({"error_no": -1, "info": str(e)})
def get(self, request):
end_time = datetime.now()
start_time = end_time + timedelta(days=-3)
permission = request.user.permission
print(permission)
if permission == 'superadmin':
devices = DevicesInfo.objects.all()
stations = StationInfo.objects.all()
return render(
request, 'adcp_paginator2.html', {
"start_time": start_time,
"end_time": end_time,
"devices": devices,
"stations": stations
})
else:
company_id = request.user.company.id
devices = DevicesInfo.objects.filter(
station__company_id=company_id)
stations = StationInfo.objects.filter(company_id=company_id)
create_history_record(request.user, "查询水量数据")
return render(
request, 'adcp_paginator2.html', {
"start_time": start_time,
"end_time": end_time,
"devices": devices,
"stations": stations
})
def put(self, request):
try:
username = request.META.get("HTTP_USERNAME")
user = UserProfile.objects.get(username=username)
permission = user.permission
if permission != "superadmin":
return JsonResponse({"error_no": -2, "info": "无权限"})
company_id = request.data.get("company_id")
company_name = request.data.get("company_name")
company_status = request.data.get("company_status")
contact = request.data.get("contact")
phone = request.data.get("phone")
company = CompanyModel.objects.get(id=company_id)
company.company_name = company_name
company.contact = contact
company.phone = phone
company.company_status = company_status
company.save()
create_history_record(username, "修改公司" + company.company_name)
return JsonResponse({"error_no": 0, "info": "Success"})
except UserProfile.DoesNotExist:
return JsonResponse({"error_no": -2, "info": "没有这个用户"})
except CompanyModel.DoesNotExist:
return JsonResponse({"error_no": -2, "info": "没有这个公司"})
except Exception as e:
print(e)
return JsonResponse({"error_no": -1, "info": str(e)})
def post(self, request):
try:
username = request.META.get("HTTP_USERNAME")
user_id = request.data.get('user_id')
user = UserProfile.objects.get(username=username)
permission = user.permission
if permission not in ['superadmin', 'admin']:
return JsonResponse({"error_no": 2, "info": "您没有权限重置密码"})
if permission == 'superadmin':
userinfo = UserProfile.objects.get(id=user_id)
userinfo.password = make_password("123456")
userinfo.save()
create_history_record(username, '重置%s的密码' % userinfo.username)
make_message(userinfo.username, "已重置密码,请立即修改密码!", -1)
elif permission == 'admin':
company_id = user.company_id
userinfo = UserProfile.objects.get(id=user_id,
company_id=company_id)
if userinfo.permission == 'admin' or userinfo.permission == 'superadmin':
return JsonResponse({"error_no": -2, "info": "您没有权限重置密码"})
return JsonResponse({"error_no": 0, "info": "重置密码成功"})
except UserProfile.DoesNotExist:
return JsonResponse({"error_no": -2, "info": "没有这个用户"})
except Exception as e:
print(e)
return JsonResponse({"error_no": -1, "info": str(e)})
def delete(self, request):
try:
username = request.META.get("HTTP_USERNAME")
delete_username = request.data.get("username")
admin_user = UserProfile.objects.get(username=username)
del_user = UserProfile.objects.get(username=delete_username)
admin_permission = admin_user.permission
del_user_permission = del_user.permission
if admin_permission == "superadmin" and (
del_user_permission != 'admin'
or del_user_permission != 'superadmin'):
del_user.delete()
create_history_record(username, "删除用户" + delete_username)
return JsonResponse({"error_no": 0, "info": "Success"})
elif admin_permission == 'admin':
company_id = admin_user.company.id
del_user = UserProfile.objects.get(username=delete_username,
company_id=company_id)
if del_user and del_user.permission != 'admin':
del_user.delete()
create_history_record(username, "删除用户" + delete_username)
return JsonResponse({"error_no": 0, "info": "Success"})
else:
return JsonResponse({
"error_no": -3,
"info": "该公司下没有此用户,或权限不足"
})
else:
return JsonResponse({"error_no": -3, "info": "权限不足"})
except UserProfile.DoesNotExist:
return JsonResponse({"error_no": -2, "info": "没有这个用户"})
except Exception as e:
print(e)
return JsonResponse({"error_no": -1, "info": str(e)})
def post(self, request):
try:
user_name = request.POST.get('username', '')
pass_word = request.POST.get('password', '')
user = authenticate(username=user_name, password=pass_word)
# print(user_name)
# print(pass_word)
if user is not None:
if user.is_active:
login(request, user)
create_history_record(user, "app登录")
return JsonResponse({
"error_no": 0
})
else:
return JsonResponse({
"error_no": 3,
"info": "not active"
})
else:
return JsonResponse({
"error_no": 2,
"info": "username or password wrong"
})
except Exception as e:
print(e)
return JsonResponse({
"error_no": -1,
"info": str(e)
})
def post(self, request):
try:
permission = request.user.permission
print(permission)
if permission != "superadmin":
return JsonResponse({"status": "fail", "errors": "无权限"})
serializer = CompanySerializer(data=request.POST)
phone = request.POST["phone"]
if UserProfile.objects.filter(username=phone).count() > 0:
return JsonResponse({
"status": "fail",
"errors": "该电话号码的用户已经存在"
})
if serializer.is_valid():
newcompany = serializer.save()
UserProfile.objects.create_user(username=phone,
password=DEFAULT_PASSWORD,
company=newcompany,
permission="admin")
create_history_record(
request.user,
"新建公司%s,管理员%s" % (newcompany.company_name, phone))
return JsonResponse({"status": "success"})
return JsonResponse({"status": "fail", "errors": "新建公司失败"})
except Exception as e:
print(e)
return JsonResponse({"status": "fail", "errors": "公司名称唯一"})
def post(self, request):
password_form = PasswordForm(request.POST)
# print(request.POST)
if password_form.is_valid():
old_password = request.POST.get('old_password', '')
password1 = request.POST.get('password1', '')
password2 = request.POST.get('password2', '')
user = authenticate(username=request.user.username,
password=old_password)
# print(user)
if not user:
return render(request, 'change_password.html',
{'msg': '请先登录后,再修改密码'})
if user is not None:
if password1 == password2:
userinfo = UserProfile.objects.get(username=user)
userinfo.password = make_password(password1)
userinfo.save()
create_history_record(user, "修改密码")
return render(request, 'change_password.html',
{'msg': '密码修改成功!'})
else:
return render(request, 'change_password.html',
{'msg': '两次密码不一致'})
else:
return render(request, 'change_password.html',
{'msg': '原密码错误'})
else:
return render(request, 'change_password.html',
{'password_form': password_form})
def get(self, request):
try:
username = request.META.get("HTTP_USERNAME")
print(username)
users = UserProfile.objects.get(username=username)
permission = users.permission
if permission == 'superadmin' and users.username == "superadmin":
all_users = UserProfile.objects.all().order_by('company_id')
serializer = UserProfileSerializer(all_users, many=True)
elif permission == 'admin':
company_id = users.company_id
all_users = UserProfile.objects.filter(company_id=company_id).order_by('id')
serializer = UserProfileSerializer(all_users, many=True)
else:
return JsonResponse({"error_no": 2, "info": "你没有权限修改"})
data = {
"data": serializer.data,
"error_no": 0
}
create_history_record(username, "查询用户列表")
return JsonResponse(data)
except UserProfile.DoesNotExist:
return JsonResponse({
"error_no": -2,
"info": "没有这个用户"
})
except Exception as e:
print(e)
return JsonResponse({
"error_no": -1,
"info": str(e)
})
def post(self, request, station_id):
sys_id = request.POST.get('sys_id')
print(sys_id)
if sys_id:
sys_settings = SystemSettings.objects.get(id=sys_id)
settings_form = SystemSettingsForm(request.POST,
instance=sys_settings)
if settings_form.is_valid():
settings_form.save()
create_history_record(request.user, "修改系统设置")
return JsonResponse({"status": "success", "msg": "修改设置成功"})
else:
print(settings_form.errors)
return JsonResponse({
"status": "fail",
"msg": "修改设置成功",
})
else:
settings_form = SystemSettingsForm(request.POST)
if settings_form.is_valid():
settings_form.save()
create_history_record(request.user, "设置系统设置")
return JsonResponse({"status": "success", "msg": "设置成功"})
else:
print(settings_form.errors)
return JsonResponse({
"status": "fail",
"msg": "设置失败",
})
def post(self, request):
try:
username = request.META.get("HTTP_USERNAME")
user = UserProfile.objects.get(username=username)
permission = user.permission
if permission != "superadmin":
return JsonResponse({"error_no": -2, "info": "无权限"})
serializer = CompanySerializer(data=request.data)
phone = request.data["phone"]
if UserProfile.objects.filter(username=phone).count() > 0:
return JsonResponse({"error_no": -3, "info": "该电话号码的用户已经存在"})
if serializer.is_valid():
newcompany = serializer.save()
UserProfile.objects.create_user(username=phone, password=DEFAULT_PASSWORD, company=newcompany,
permission="admin")
create_history_record(username, "新建公司%s,管理员%s" % (newcompany.company_name, phone))
return JsonResponse({"error_no": 0, "info": "Success"})
return JsonResponse({"error_no": -2, "info": "新建公司失败"})
except UserProfile.DoesNotExist:
return JsonResponse({
"error_no": -2,
"info": "没有这个用户"
})
except Exception as e:
print(e)
return JsonResponse({
"error_no": -1,
"info": str(e)
})
def get(self, request, station_id):
permission = request.user.permission
print(permission)
if permission == 'superadmin':
all_devices = DevicesInfo.objects.filter(station_id=station_id)
else:
try:
company = request.user.company.company_name
# print(company)
except Exception as e:
print(e)
return HttpResponseRedirect(reverse('devices_info'))
if company:
all_devices = DevicesInfo.objects.filter(
station_id=station_id,
station__company__company_name=company)
else:
all_devices = DevicesInfo.objects.filter(
station_id=station_id, station__company__company_name="")
try:
station_name = StationInfo.objects.get(id=station_id).station_name
create_history_record(request.user, '查询测站点%s所有设备' % station_name)
except StationInfo.DoesNotExist:
create_history_record(request.user, '查询测站点所有设备失败,没有这个站点')
return render(request, 'station_devices.html', {
"all_devices": all_devices,
"station_id": station_id
})
def delete(self, request):
try:
print('companyApi del')
username = request.META.get("HTTP_USERNAME")
user = UserProfile.objects.get(username=username)
permission = user.permission
if permission != "superadmin":
return JsonResponse({"error_no": -2, "info": "无权限"})
company_id = request.data['company_id']
company = CompanyModel.objects.get(id=company_id)
company.delete()
user = UserProfile.objects.filter(company=company_id)
user.delete()
create_history_record(username, "删除公司%s,用户%s" % (company.company_name, [u.username for u in user]))
return JsonResponse({"error_no": 0, "info": "Success"})
except CompanyModel.DoesNotExist:
return JsonResponse({
"error_no": -2,
"info": "没有这个公司"
})
except Exception as e:
print(e)
return JsonResponse({
"error_no": -1,
"info": str(e)
})
def post(self, request):
image_form = UploadImageForm(request.POST, request.FILES, instance=request.user)
if image_form.is_valid():
image_form.save()
create_history_record(request.user, "修改头像")
return HttpResponseRedirect(reverse("user_info"))
else:
return HttpResponseRedirect(reverse("upload_image"))
def get(self, request):
permission = request.user.permission
if permission == "superadmin":
white_list_record = WhiteListRecord.objects.all()
create_history_record(request.user, '查询白名单违法记录')
return render(request, 'white_list_record.html',
{"white_list_record": white_list_record})
return HttpResponseRedirect(reverse("user_info"))
def get(self, request):
permission = request.user.permission
if permission not in ['superadmin', 'admin']:
return HttpResponseRedirect(reverse("user_info"))
all_users = UserProfile.objects.all()
if permission == 'admin':
all_users = all_users.filter().exclude(permission='superadmin')
create_history_record(request.user, '查询所有用户信息')
return render(request, 'all_users.html', {"all_users": all_users})
def get(self, request, user_name):
permission = request.user.permission
if permission == "superadmin" and request.user.username == "superadmin":
history_record = HistoryRecord.objects.filter(username_id=user_name, r_type=True).order_by('-time')[:1500]
create_history_record(request.user, '查询 %s 的历史操作记录' % user_name)
return render(request, 'history_record.html', {
"history_record": history_record
})
return HttpResponseRedirect(reverse("user_info"))
def get(self, request, car_id):
permission = request.user.permission
if permission == "superadmin" or request.user.permission == "admin":
white_list_record = WhiteListRecord.objects.filter(
car_id=car_id).order_by('-wf_time')
# print(white_list_record)
create_history_record(request.user, '查询白名单 %s 的记录' % car_id)
return render(request, 'white_list_record.html',
{"white_list_record": white_list_record})
return HttpResponseRedirect(reverse("user_info"))
def get(self, request):
permission = request.user.permission
if permission == 'superadmin':
all_users = UserProfile.objects.all()
else:
compan_id = request.user.company.id
print(compan_id)
all_users = UserProfile.objects.filter(company_id=compan_id)
create_history_record(request.user, '查询所有用户信息')
return render(request, 'all_users.html', {"all_users": all_users})
def post(self, request):
userinfo_form = UserInfoForm(request.POST, instance=request.user)
if userinfo_form.is_valid():
userinfo_form.save()
create_history_record(request.user, "修改用户个人信息")
return JsonResponse({"status": "success"})
else:
return JsonResponse({
"status": "fail",
"errors": userinfo_form.errors,
})
def get(self, request):
username = request.user.username
permission = request.user.permission
if permission == "superadmin":
all_users = UserProfile.objects.all()[:1500]
return render(request, 'all_history.html',
{"all_users": all_users})
history_record = HistoryRecord.objects.filter(
username_id=username, r_type=True).order_by('-time')[:1500]
create_history_record(request.user, '查询历史操作记录')
return render(request, 'history_record.html',
{"history_record": history_record})
def post(self, request, user_id):
permission = request.user.permission
if permission not in ['superadmin', 'admin']:
return HttpResponseRedirect(reverse("user_info"))
user = UserProfile.objects.get(id=user_id)
# print(request.POST.get('permission'))
user.permission = request.POST.get('permission')
user.save()
username = user.username
create_history_record(request.user, '修改账号 %s 权限为 %s' % (username, request.POST.get('permission')))
return JsonResponse({"status": "success"})
def post(self, request):
permission = request.user.permission
# print(permission)
if permission != 'superadmin':
return JsonResponse({"status": "fail", "quanxianbuzu": "对不起,您的权限不足!"})
user_id = request.POST.get("user_id")
# print(user_id)
user = UserProfile.objects.get(id=user_id)
username = user.username
user.delete()
create_history_record(request.user, '删除账号 %s' % username)
return JsonResponse({"status": "success"})
def post(self, request):
username = request.user.username
user = UserProfile.objects.get(username=username)
# print(user.permission)
if (user.permission != "superadmin") and (user.permission != "admin"):
return JsonResponse({
'status': "fail",
'msg': '您没有权限注册其他账号'
})
password = request.POST.get('password', '')
if password == "":
password = '******'
# print(password)
permission = request.POST.get('permission', 'user')
company_id = request.POST.get('company', '')
username = request.POST.get('username', '')
if not username or UserProfile.objects.filter(username=username):
return JsonResponse({
'status': "fail",
'msg': '请检查用户名是否填写或重复'
})
if permission == "superadmin":
return JsonResponse({
'status': "fail",
'msg': '您没有权限注册超级管理员'
})
if permission == "admin" and user.permission != "superadmin":
return JsonResponse({
'status': "fail",
'msg': '您没有权限注册管理员'
})
user_profile = UserProfile()
user_profile.username = username
user_profile.password = make_password(password)
user_profile.permission = permission
user_profile.company_id = company_id
user_profile.save()
# 记录操作
if permission == "superadmin":
permission = "超级管理员"
elif permission == "admin":
permission = "管理员"
elif permission == "user":
permission = "用户"
elif permission == "other":
permission = "其他类型用户"
make_message(username, "初始密码过于简单,请立即修改密码!", -1)
create_history_record(user, "注册 %s 账号 %s" % (permission, username))
return JsonResponse({
'status': "success",
'msg': '注册成功'
})
def post(self, request, station_id):
try:
device_form = DevicesInfoForm(request.POST)
if device_form.is_valid():
device_form.save()
create_history_record(
request.user, '新增设备 %s %s' %
(request.POST.get('device_id'), request.POST.get("name")))
return JsonResponse({"status": "success"})
errors = dict(device_form.errors.items())
return JsonResponse({"status": "fail", "errors": errors})
except Exception as e:
return JsonResponse({"status": "fail", "msg": str(e)})
def get(self, request):
permission = request.user.permission
if permission == "superadmin":
white_list = WhiteList.objects.all().order_by('-id')
create_history_record(request.user, '查询白名单')
return render(request, 'white_list.html',
{"white_list": white_list})
elif permission == "admin":
white_list = WhiteList.objects.filter(
w_type__lt=3, username=request.user).exclude(
username__permission='superadmin').order_by('-id')
create_history_record(request.user, '查询白名单')
return render(request, 'white_list.html',
{"white_list": white_list})
return HttpResponseRedirect(reverse("index"))
def post(self, request):
permission = request.user.permission
data_id = request.POST.get('data_id', "")
# print(data_id)
dj_data = HCXXDataInfo.objects.filter(id=data_id)
# print(permission)
# print(dj_data)
if permission == 'superadmin' or permission == 'admin' or request.user.username == 'admin':
if dj_data:
car_id = dj_data[0].car_id
# print(car_id)
dj_data.delete()
create_history_record(request.user, '删除 %s 的货车限行数据 ' % car_id)
return JsonResponse({"status": "success"})
else:
return JsonResponse({"status": "fail", "msg": "权限不足"})
return JsonResponse({"status": "fail", "msg": "没有该数据"})
