def login(self, username, raw_password):
user = UserRepository().get_by_name(username)
if not user:
raise BusinessError(u'用户不存在')
if user.password != self.encrypt_password(raw_password):
raise BusinessError(u'密码错误')
encoded_user = EncodeService().encode(user)
token = JWTService().encode(encoded_user)
encoded_user['token'] = token
return encoded_user
def decode(self, token):
try:
payload = jwt.decode(token, SECRET, algorithm='HS256')
except InvalidTokenError:
raise BusinessError(u'不合法的token')
return payload['data']
def get(self):
"""
获取已删除的动态列表(限管理员操作)
"""
if not self.params['user'].is_manager:
raise BusinessError(u'操作无权限')
user = self.params['user']
target_page = TargetPage(self.params)
filters = self.params.get('filters')
dynamics = DynamicRepository(user).get_deleted_dynamics(
filters, target_page)
fill_option = self.params.get('with_options', {
'with_resource': False,
'with_approval': False,
'with_comment': False
})
FillDynamicService(user).fill(dynamics, fill_option)
return {
'dynamics': [
EncodeDynamicService(user).encode(dynamic)
for dynamic in dynamics
],
'page_info':
target_page.to_dict() if target_page else {}
}
def post(self):
user = self.params['user']
login_service = LoginService()
if user.password != login_service.encrypt_password(self.params['old_pwd']):
raise BusinessError(u'旧密码不正确')
login_service.update_password(user, self.params['new_pwd'])
return {}
def delete(self):
"""
解禁圈子(限管理员操作)
"""
if not self.params['user'].is_manager:
raise BusinessError(u'操作无权限')
user = self.params['user']
param_object = ParamObject({'topic_id': self.params['topic_id']})
BanService(user).unban(param_object)
return {}
def delete(self):
"""
删除动态(限管理员或本人操作)
"""
user = self.params['user']
dynamic = DynamicRepository(user).get_dynamic_by_id(self.params['id'])
if not user.is_manager or user.id != dynamic.user_id:
raise BusinessError(u'操作无权限')
param_object = ParamObject({'id': self.params['id']})
DynamicFactory(user).delete(param_object)
return {}
def delete(self):
"""
点赞取消
"""
user = self.params['user']
approval = LikeService(user).get_approval_by_id(self.params['id'])
if approval.user_id != user.id:
raise BusinessError(u'操作无权限')
param_object = ParamObject({'id': self.params['id']})
LikeService(user).dislike(param_object)
return {}
def create(self, param_object):
#重名检查
name = param_object.name
desc = param_object.desc
if PermissionGroupRepository(self.user).get_by_name(name):
raise BusinessError(u'权限分组已存在')
db_model = permission_models.PermissionGroup.create(
name=name,
desc=desc,
)
return PermissionGroup(db_model)
def create(self, param_object): #检查重名 if user_models.User.select().dj_where(username=param_object.username).exists(): raise BusinessError(u'用户名已存在') encrypted_password = LoginService().encrypt_password(param_object.password) db_model = user_models.User.create( username = param_object.username, password = encrypted_password, nickname = param_object.nickname, avatar = param_object.avatar or '' ) return User(db_model)
def create(self, param_object):
"""
创建话题
"""
if topic_models.Topic.select().dj_where(
name=param_object.name).first():
raise BusinessError('existed')
db_model = topic_models.Topic.create(
name=param_object.name,
avatar=param_object.avatar,
description=param_object.description)
return Topic(db_model)
def post(self):
"""
修改话题(限管理员操作)
"""
if not self.params['user'].is_manager:
raise BusinessError(u'操作无权限')
user = self.params['user']
param_object = ParamObject({
'id': self.params['id'],
'name': self.params.get('name'),
'avatar': self.params.get('avatar'),
'description': self.params.get('description')
})
TopicFactory(user).update(param_object)
return {}
def update(self, param_object):
user = self.user
group_id = param_object.id
name = param_object.name
desc = param_object.desc
permission_group = PermissionGroupRepository(user).get_by_id(group_id)
if not permission_group:
raise BusinessError(u'权限分组不存在')
if permission_group.name != name:
permission_group.name = name
if permission_group.desc != desc:
permission_group.desc = desc
permission_group.save()
def like(self, param_object):
"""
点赞
"""
if dynamic_models.DynamicApproval.select().dj_where(
user_id=param_object.user_id,
dynamic_id=param_object.dynamic_id
).exists():
raise BusinessError('existed')
else:
db_model = dynamic_models.DynamicApproval.create(
user_id=param_object.user_id,
dynamic_id=param_object.dynamic_id
)
return Approval(db_model)
def put(self):
"""
创建用户只能由管理员操作,且只能初始化登录名和分组(角色)
"""
if not self.params['user'].is_manager:
raise BusinessError(u'操作无权限')
param_object = ParamObject({
'username':
self.params['username'],
'password':
settings.DEFAULT_PASSWORD
if hasattr(settings, 'DEFAULT_PASSWORD') else '123456'
})
user = UserFactory().create(param_object)
if self.params.get('group_id'):
group = PermissionGroupRepository().get_by_id(
self.params['group_id'])
if group:
group.add_user(user)
return {'id': user.id}
def post(self):
"""
修改动态(限管理员或本人操作)
"""
user = self.params['user']
dynamic = DynamicRepository(user).get_dynamic_by_id(self.params['id'])
if not user.is_manager or user.id != dynamic.user_id:
raise BusinessError(u'操作无权限')
param_object = ParamObject({
'content': self.params['content'],
'topic_id': self.params['topic_id'],
'longitude': self.params['longitude'],
'latitude': self.params['latitude']
})
DynamicFactory(user).update(param_object)
if self.params.get('resources'):
dynamic.update_resources(self.params['resources'])
return {}
def put(self):
"""
创建话题(限管理员操作)
"""
if not self.params['user'].is_manager:
raise BusinessError(u'操作无权限')
user = self.params['user']
param_object = ParamObject({
'name': self.params['name'],
'avatar': self.params['avatar'],
'description': self.params['description']
})
topic = TopicFactory(user).create(param_object)
visit_history = ParamObject({
'topic_id': topic.id,
'user_id': user.id
})
VisitService(user).visit(visit_history)
return {
'id': topic.id
}
def get(self):
"""
获取禁用话题列表
"""
if not self.params['user'].is_manager:
raise BusinessError(u'操作无权限')
user = self.params['user']
target_page = TargetPage(self.params)
filters = self.params.get('filters')
topics = TopicRepository(user).get_banned_topics(filters, target_page)
fill_option = self.params.get('with_options', {
'with_activity': False,
'with_dynamic': False
})
FillTopicService(user).fill(topics, fill_option)
return {
'topics':
[EncodeTopicService(user).encode(topic) for topic in topics],
'page_info': target_page.to_dict() if target_page else {}
}
def update(self, param_object):
"""
更新话题
"""
db_model = topic_models.Topic.select().dj_where(
id=param_object.id).first()
modified = False
if param_object.name is not None and db_model.name != param_object.name:
if topic_models.Topic.select().dj_where(
name=param_object.name).first():
raise BusinessError('existed')
db_model.name = param_object.name
modified = True
if param_object.avatar is not None and db_model.avatar != param_object.avatar:
db_model.avatar = param_object.avatar
modified = True
if param_object.description is not None and db_model.description != param_object.description:
db_model.description = param_object.description
modified = True
modified and db_model.save()