Esempio n. 1
0
    def by_class(self, request):
        """
        获取学生列表

        ``GET`` `students/by_class/ <http://192.168.1.222:8080/v1/students/by_class>`_

        :param class_id:
            学生所在班级 id
        """
        class_id = request.GET.get("class_id")
        if not class_id:
            return rc.BAD_REQUEST
        
        from oa.helpers import user_access_list
        user = request.user
        code_list = [c.code for c in user_access_list(user)]
        school_level = True if "manage_school_tile" in code_list else False

        if school_level:
            try:
                group = Group.objects.get(pk=class_id)
#                queryset = Group.objects.filter(school__pk=group.school_id).exclude(type=3)
                queryset = GroupHandler().read(request)
                print queryset,'qqqqqqqqqqqqqqqqqqqqqq'
            except ObjectDoesNotExist, e:
                return rc.not_here(e)
            return query_range_filter(request.GET, queryset, "students")
Esempio n. 2
0
        def wrapped_f(request, *args, **kwargs):
            #             print self.arg1,'aaaaaaaaaaaaaaaaaaaa'
            user = request.user
            path = request.build_absolute_uri()
            # 用户登录
            if not user.is_authenticated():
                messages.error(request, "您尚未登录。")
                return redirect_to_login(path)
            # 老师用户
            try:
                school = helpers.get_schools(request.user)[0]
                #                print school,'ssssssss'
                if not school:
                    return f(request, *args, **kwargs)
            except:
                messages.error(request, "您的权限不足无法访问。")
                return redirect(reverse("userena_signin") + "?lack_perm=lack&next=" + str(path))
            #                return redirect_to_login(path)

            # 权限判断
            code_list = [c.code for c in helpers.user_access_list(user)]
            #            print code_list,'cccccccccc'
            if self.arg1 in code_list:
                #                print 'in'
                return f(request, *args, **kwargs)
            elif user.is_authenticated():
                #                print 'out'
                messages.error(request, "您的权限不足无法访问。")
                return redirect(reverse("userena_signin") + "?lack_perm=lack&next=" + str(path))
            #                return redirect_to_login(path)
            else:
                return redirect_to_login(path)
Esempio n. 3
0
    def list(self, request):
        """
        获取登录用户所在的班级列表

        ``GET`` `account/profile/class_list <http://192.168.1.222:8080/v1/account/profile/class_list>`_

        """
        try:
            from oa.helpers import user_access_list
            user = request.user
            code_list = [c.code for c in user_access_list(user)]
            school_level = True if "manage_school_tile" in code_list else False
            if school_level:
                school = request.user.teacher.school
                group,created = Group.objects.get_or_create(name="全园班级",school_id=school.id,type=3,creator=school.creator,grade_id=0)
                group_pks = [group.id]
                queryset = Group.objects.filter(pk__in=group_pks).all()
            else:
                group_wx_pks = [gv.id for gv in request.user.teacher.groups.all()]
                group_oa_pks = [go.group_id for go in GroupTeacher.objects.filter(teacher=request.user.teacher)]
                group_pks = group_wx_pks + group_oa_pks
                queryset = Group.objects.filter(pk__in=group_pks).all()
            return query_range_filter(request.GET, queryset, "classes")
        except ObjectDoesNotExist:
            pass

        try:
            group = request.user.student.group
            queryset = Group.objects.filter(id=group.id).all()
            return query_range_filter(request.GET, queryset, "classes")
        except ObjectDoesNotExist:
            pass

        return rc.NOT_FOUND
Esempio n. 4
0
def get_active_url(user=None, tag=None):
    if not user or not tag:
        return "javascript:;"
    access_codes = [a.code for a in user_access_list(user)]
    plates = MENU_LIST[tag]
    for p in plates:
        if p["access"] in access_codes:
            return p["url"]
    return "javascript:;"
Esempio n. 5
0
def can_visit_menu(context, plate):
    if not plate:
        return False
    request = context.get('request')
    user_accesses = [a for a in user_access_list(request.user)]
    plate_accesses = [p for p in Access.objects.filter(parent__code=plate)]
    s = [c for c in user_accesses if c in plate_accesses]
    if len(s):
        return True
    else:
        return False
Esempio n. 6
0
 def check_perms(request, *args, **kwargs):
     user = request.user
     path = request.build_absolute_uri()
     code_list = [c.code for c in helpers.user_access_list(user)]
     if "school_teacher" in code_list:
         return view_func(request, *args, **kwargs)
     elif user.is_authenticated():
         messages.error(request, "您的权限不足无法访问。")
         return redirect_to_login(path)
     else:
         return redirect_to_login(path)
Esempio n. 7
0
def can_visit_plate(user,acc=None):
    """"""
    if not user or not acc:
        return False
    user_accesses = [a for a in user_access_list(user)]
#     print user_accesses,'uuuuuuuu'
    try:
        access = Access.objects.get(code=acc)
#         print access,'aaaaaaaaa'
    except:
        return False
    return access in user_accesses
Esempio n. 8
0
def has_permission(user,code=""):
    if code:
        code_list = [c.code for c in helpers.user_access_list(user)]
        return code in code_list
    else:
        return False
Esempio n. 9
0
    def post(self, request):
        """
        发布一条内容, 针对个人或者班级.

        ``POST`` `tiles/create/ <http://192.168.1.222:8080/v1/tiles/types>`_

        :param type_id:
            瓦片类型

        :param uid:
            发布者,默认为匿名用户(uid: -1)

        :param class_id:
            瓦片所属班级,是否属于班级的内容

        :param content:
            内容描述

        :param img:
            二进制图片信息.
        """
        params = request.POST
        type_id = params.get("type_id")
        uid = params.get("uid", -1)
        class_id = params.get("class_id")
        content = params.get("content", "")
        category_id = params.get("category_id",type_id)
        img = request.FILES.get('img')
        video = params.get("video", "")
        title = params.get("title", "")
        tag = params.get("tag", "")
        
        group = None
        category_id = int(category_id)
        if category_id in (1,2,3):
            category_id = 17
        
        from oa.helpers import user_access_list
        user = request.user
        code_list = [c.code for c in user_access_list(user)]
        school_level = True if "manage_school_tile" in code_list else False

        try:
            tile_type = TileType.objects.get(pk=type_id)
            if not title:
                title = tile_type.name
        except TileType.DoesNotExist:
            pass
            #return rc.NOT_HERE

        try:
            tile_category = TileCategory.objects.all_with_deleted().get(pk=category_id)
            if not title:
                title = tile_category.name
        except TileCategory.DoesNotExist:
            return rc.not_here("tile_category object is not exist")
            #return rc.NOT_HERE
        
        group_id = 0
        if school_level:
            user = None
            try:
                group = Group.objects.get(pk=uid) if uid else None
                group_id = group.id
            except Group.DoesNotExist:
                group = None
        else:
            try:
                user = User.objects.get(pk=uid)
            except User.DoesNotExist:
                return rc.not_here("user object  is not exist")
                #return rc.NOT_HERE
        if class_id and group_id == 0:
            try:
                group = Group.objects.get(pk=class_id) if class_id else None
            except Group.DoesNotExist:
                group = None
        tile = Tile(creator=request.user, user=user, group=group)

        tile.title = title

        tile.type_id = type_id
        if category_id == 9:
            #if not group:
                #return rc.not_here("group object is not exist for Activity")
            try:
                desc = json.loads(content)
                act = desc['events']
            except:
                return rc.not_here("Activity description object must be json include key events")
            if not act:
                desc = ''
            else:
                i = 0
                for d in act:
                    if not d['content']:
                       i += 1 
                if i == len(act):
                    desc = ''
            if not desc:
                return rc.not_here("Activity description object can not be null")
            active = Activity()
            active.user = user
            active.creator = request.user
            active.group = group
            active.description = json.dumps({"events":desc['events']})
            active.save()
    
        tile.description = content
#        tile.img = img
        tile.video = video



        # try: 
        #     assert category_id != None
        #     tc = TileCategory.objects.get(pk=category_id)
        #     assert not tc.is_parent
        # except Exception, e:
        #     print e
        #     return rc.BAD_REQUEST

        tile.category_id = category_id
        try:
            is_exist = Tile.objects.get(creator=request.user, user=user, group=group,\
                title = title,description = content,img = img,video = video,category_id = category_id)
            return None
        except:
            tile.save()
            if tag and tile.id:
                tile_tag = TileCreateTag()
                tile_tag.tag = tag
                tile_tag.tile = tile
                tile_tag.save()
        if tile.id and img:
            try:
                date = str(datetime.datetime.strftime(datetime.datetime.now(),"%Y%m%d"))
                salt, hash = generate_sha1(tile.id)
                extension = str(img).split('.')[-1].lower()
                file_name = 'tile/' + date + '/' + hash[:22] + '.' + extension
                AliyunStorage(). _put_file(file_name, img.read())
                tile.img = file_name
                tile.save()
            except:
                pass
        return tile if tile.id else None