def by_class(self, request):
"""
获取学生列表
``GET`` `students/by_class/ <http://192.168.1.222:8080/v1/students/by_class>`_
:param class_id:
学生所在班级 id
"""
class_id = request.GET.get("class_id")
if not class_id:
return rc.BAD_REQUEST
from oa.helpers import user_access_list
user = request.user
code_list = [c.code for c in user_access_list(user)]
school_level = True if "manage_school_tile" in code_list else False
if school_level:
try:
group = Group.objects.get(pk=class_id)
# queryset = Group.objects.filter(school__pk=group.school_id).exclude(type=3)
queryset = GroupHandler().read(request)
print queryset,'qqqqqqqqqqqqqqqqqqqqqq'
except ObjectDoesNotExist, e:
return rc.not_here(e)
return query_range_filter(request.GET, queryset, "students")
def wrapped_f(request, *args, **kwargs):
# print self.arg1,'aaaaaaaaaaaaaaaaaaaa'
user = request.user
path = request.build_absolute_uri()
# 用户登录
if not user.is_authenticated():
messages.error(request, "您尚未登录。")
return redirect_to_login(path)
# 老师用户
try:
school = helpers.get_schools(request.user)[0]
# print school,'ssssssss'
if not school:
return f(request, *args, **kwargs)
except:
messages.error(request, "您的权限不足无法访问。")
return redirect(reverse("userena_signin") + "?lack_perm=lack&next=" + str(path))
# return redirect_to_login(path)
# 权限判断
code_list = [c.code for c in helpers.user_access_list(user)]
# print code_list,'cccccccccc'
if self.arg1 in code_list:
# print 'in'
return f(request, *args, **kwargs)
elif user.is_authenticated():
# print 'out'
messages.error(request, "您的权限不足无法访问。")
return redirect(reverse("userena_signin") + "?lack_perm=lack&next=" + str(path))
# return redirect_to_login(path)
else:
return redirect_to_login(path)
def list(self, request):
"""
获取登录用户所在的班级列表
``GET`` `account/profile/class_list <http://192.168.1.222:8080/v1/account/profile/class_list>`_
"""
try:
from oa.helpers import user_access_list
user = request.user
code_list = [c.code for c in user_access_list(user)]
school_level = True if "manage_school_tile" in code_list else False
if school_level:
school = request.user.teacher.school
group,created = Group.objects.get_or_create(name="全园班级",school_id=school.id,type=3,creator=school.creator,grade_id=0)
group_pks = [group.id]
queryset = Group.objects.filter(pk__in=group_pks).all()
else:
group_wx_pks = [gv.id for gv in request.user.teacher.groups.all()]
group_oa_pks = [go.group_id for go in GroupTeacher.objects.filter(teacher=request.user.teacher)]
group_pks = group_wx_pks + group_oa_pks
queryset = Group.objects.filter(pk__in=group_pks).all()
return query_range_filter(request.GET, queryset, "classes")
except ObjectDoesNotExist:
pass
try:
group = request.user.student.group
queryset = Group.objects.filter(id=group.id).all()
return query_range_filter(request.GET, queryset, "classes")
except ObjectDoesNotExist:
pass
return rc.NOT_FOUND
def get_active_url(user=None, tag=None):
if not user or not tag:
return "javascript:;"
access_codes = [a.code for a in user_access_list(user)]
plates = MENU_LIST[tag]
for p in plates:
if p["access"] in access_codes:
return p["url"]
return "javascript:;"
def can_visit_menu(context, plate):
if not plate:
return False
request = context.get('request')
user_accesses = [a for a in user_access_list(request.user)]
plate_accesses = [p for p in Access.objects.filter(parent__code=plate)]
s = [c for c in user_accesses if c in plate_accesses]
if len(s):
return True
else:
return False
def check_perms(request, *args, **kwargs):
user = request.user
path = request.build_absolute_uri()
code_list = [c.code for c in helpers.user_access_list(user)]
if "school_teacher" in code_list:
return view_func(request, *args, **kwargs)
elif user.is_authenticated():
messages.error(request, "您的权限不足无法访问。")
return redirect_to_login(path)
else:
return redirect_to_login(path)
def can_visit_plate(user,acc=None):
""""""
if not user or not acc:
return False
user_accesses = [a for a in user_access_list(user)]
# print user_accesses,'uuuuuuuu'
try:
access = Access.objects.get(code=acc)
# print access,'aaaaaaaaa'
except:
return False
return access in user_accesses
def has_permission(user,code=""):
if code:
code_list = [c.code for c in helpers.user_access_list(user)]
return code in code_list
else:
return False
def post(self, request):
"""
发布一条内容, 针对个人或者班级.
``POST`` `tiles/create/ <http://192.168.1.222:8080/v1/tiles/types>`_
:param type_id:
瓦片类型
:param uid:
发布者,默认为匿名用户(uid: -1)
:param class_id:
瓦片所属班级,是否属于班级的内容
:param content:
内容描述
:param img:
二进制图片信息.
"""
params = request.POST
type_id = params.get("type_id")
uid = params.get("uid", -1)
class_id = params.get("class_id")
content = params.get("content", "")
category_id = params.get("category_id",type_id)
img = request.FILES.get('img')
video = params.get("video", "")
title = params.get("title", "")
tag = params.get("tag", "")
group = None
category_id = int(category_id)
if category_id in (1,2,3):
category_id = 17
from oa.helpers import user_access_list
user = request.user
code_list = [c.code for c in user_access_list(user)]
school_level = True if "manage_school_tile" in code_list else False
try:
tile_type = TileType.objects.get(pk=type_id)
if not title:
title = tile_type.name
except TileType.DoesNotExist:
pass
#return rc.NOT_HERE
try:
tile_category = TileCategory.objects.all_with_deleted().get(pk=category_id)
if not title:
title = tile_category.name
except TileCategory.DoesNotExist:
return rc.not_here("tile_category object is not exist")
#return rc.NOT_HERE
group_id = 0
if school_level:
user = None
try:
group = Group.objects.get(pk=uid) if uid else None
group_id = group.id
except Group.DoesNotExist:
group = None
else:
try:
user = User.objects.get(pk=uid)
except User.DoesNotExist:
return rc.not_here("user object is not exist")
#return rc.NOT_HERE
if class_id and group_id == 0:
try:
group = Group.objects.get(pk=class_id) if class_id else None
except Group.DoesNotExist:
group = None
tile = Tile(creator=request.user, user=user, group=group)
tile.title = title
tile.type_id = type_id
if category_id == 9:
#if not group:
#return rc.not_here("group object is not exist for Activity")
try:
desc = json.loads(content)
act = desc['events']
except:
return rc.not_here("Activity description object must be json include key events")
if not act:
desc = ''
else:
i = 0
for d in act:
if not d['content']:
i += 1
if i == len(act):
desc = ''
if not desc:
return rc.not_here("Activity description object can not be null")
active = Activity()
active.user = user
active.creator = request.user
active.group = group
active.description = json.dumps({"events":desc['events']})
active.save()
tile.description = content
# tile.img = img
tile.video = video
# try:
# assert category_id != None
# tc = TileCategory.objects.get(pk=category_id)
# assert not tc.is_parent
# except Exception, e:
# print e
# return rc.BAD_REQUEST
tile.category_id = category_id
try:
is_exist = Tile.objects.get(creator=request.user, user=user, group=group,\
title = title,description = content,img = img,video = video,category_id = category_id)
return None
except:
tile.save()
if tag and tile.id:
tile_tag = TileCreateTag()
tile_tag.tag = tag
tile_tag.tile = tile
tile_tag.save()
if tile.id and img:
try:
date = str(datetime.datetime.strftime(datetime.datetime.now(),"%Y%m%d"))
salt, hash = generate_sha1(tile.id)
extension = str(img).split('.')[-1].lower()
file_name = 'tile/' + date + '/' + hash[:22] + '.' + extension
AliyunStorage(). _put_file(file_name, img.read())
tile.img = file_name
tile.save()
except:
pass
return tile if tile.id else None