def GET(self): inputs = sh.inputs() assert (inputs.has_key('code')) assert (inputs.has_key('state')) site_name = inputs.state.partition('_')[0] authorization_code = inputs.code.strip() oauth_ctrl = sh.ctrl('oauth.%s' % site_name) oauth_model = sh.model('oauth.%sOAuth2' % site_name) user_ctrl = sh.ctrl('User') user_model = sh.model('User') token_url = oauth_ctrl.createAccessTokenUrl(authorization_code) content = sh.requestHtmlContent(token_url, None, oauth_ctrl.ACCESS_TOKEN_METHOD) assert content, u'第三方返回的数据有误' access_token, access_expires = oauth_ctrl.pickAccessTokenAndExpires( content) requested_uid = oauth_ctrl.requestUidWithAccessToken(access_token) assert requested_uid, u'第三方返回的数据有误' if self.TEST_API_LOGIN: login_url = '%s/api/oauth/login?access_token=%s&access_expires=%s&uid=%s&state=%s' % ( sh.config.HOST_NAME, access_token, access_expires, requested_uid, inputs.state) return '<a href="%s" >%s</a>' % (login_url, login_url) # 因为access_token是动态变化的,所以要用requested_uid来判断是否登录过 # 这也避免了access_token变化时插入重复的uid exists = oauth_model.getByUid(requested_uid) # 如果当前uid还没有插入数据库,则先插入再考虑绑定Userid if not exists: new_oauth_id = oauth_model.insert( dict(uid=requested_uid, access_token=access_token, access_expires=access_expires)) exists = oauth_model.get(new_oauth_id) # 如果已绑定Userid则登录 if exists.Userid: return self.login(exists.Userid) # 如果希望自动注册,则注册并绑定后登录 if self.NO_REGISTER_ACTION == 'auto_register': data = oauth_ctrl.assignUserInfo(sh.storage(), access_token) self.assignRandomPassword(data) self.assignRegisterIP(data) conflict = user_ctrl.checkNewUser(data) if conflict: return self.redirectToRegister(access_token, inputs.state, error=conflict) new_user_id = user_model.insert(data) oauth_model.update(exists.id, dict(Userid=new_user_id)) return self.login(new_user_id) # 否则希望用户自己注册 elif self.NO_REGISTER_ACTION == 'to_register': return self.redirectToRegister(access_token, inputs.state)
def GET(self): action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/') if action == 'admin/login': return sh.editor_nobase.user.Login() if action == 'admin/logout': sh.ctrl('AdminUser').logout() return sh.redirect('/')
def GET(self): action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/') if action == 'login': return sh.page.user.Login() if action == 'logout': sh.ctrl('User').logout() return sh.redirect('/')
def POST(self): inputs = sh.inputs() if inputs['action'] == 'isLogin': if sh.session.is_login: return sh.toJsonp({'is_login': True, 'name': sh.session.name, 'id': sh.session.id}) else: return sh.toJsonp({'is_login': False, 'name': '', 'id': 0}) if inputs['action'] == 'login': assert(inputs.get('email', '').strip()) assert(inputs.get('password', '')) model = sh.model('User') uc = sh.ctrl('User') if not uc.validate(inputs.email, inputs.password): return sh.toJsonp({'is_login':False, 'error':'邮箱或密码不对'}) user = model.getByEmail(inputs.email) if user.dead == 'yes': return sh.toJsonp({'is_login':False, 'error':'你已被列入黑名单'}) uc.login(user, inputs.get('remember_me', '') == 'on') return sh.toJsonp({'is_login':True, 'name': user.name, 'id': user.id}) if inputs['action'] == 'logout': sh.ctrl('User').logout() return 'bye'
def GET(self): inputs = sh.inputs() assert inputs.has_key("code") assert inputs.has_key("state") site_name = inputs.state.partition("_")[0] authorization_code = inputs.code.strip() oauth_ctrl = sh.ctrl("oauth.%s" % site_name) oauth_model = sh.model("oauth.%sOAuth2" % site_name) user_ctrl = sh.ctrl("User") user_model = sh.model("User") token_url = oauth_ctrl.createAccessTokenUrl(authorization_code) content = sh.requestHtmlContent(token_url, None, oauth_ctrl.ACCESS_TOKEN_METHOD) assert content, u"第三方返回的数据有误" access_token, access_expires = oauth_ctrl.pickAccessTokenAndExpires(content) requested_uid = oauth_ctrl.requestUidWithAccessToken(access_token) assert requested_uid, u"第三方返回的数据有误" if self.TEST_API_LOGIN: login_url = "%s/api/oauth/login?access_token=%s&access_expires=%s&uid=%s&state=%s" % ( sh.config.HOST_NAME, access_token, access_expires, requested_uid, inputs.state, ) return '<a href="%s" >%s</a>' % (login_url, login_url) # 因为access_token是动态变化的,所以要用requested_uid来判断是否登录过 # 这也避免了access_token变化时插入重复的uid exists = oauth_model.getByUid(requested_uid) # 如果当前uid还没有插入数据库,则先插入再考虑绑定Userid if not exists: new_oauth_id = oauth_model.insert( dict(uid=requested_uid, access_token=access_token, access_expires=access_expires) ) exists = oauth_model.get(new_oauth_id) # 如果已绑定Userid则登录 if exists.Userid: return self.login(exists.Userid) # 如果希望自动注册,则注册并绑定后登录 if self.NO_REGISTER_ACTION == "auto_register": data = oauth_ctrl.assignUserInfo(sh.storage(), access_token) self.assignRandomPassword(data) self.assignRegisterIP(data) conflict = user_ctrl.checkNewUser(data) if conflict: return self.redirectToRegister(access_token, inputs.state, error=conflict) new_user_id = user_model.insert(data) oauth_model.update(exists.id, dict(Userid=new_user_id)) return self.login(new_user_id) # 否则希望用户自己注册 elif self.NO_REGISTER_ACTION == "to_register": return self.redirectToRegister(access_token, inputs.state)
def loginByCookie(handler): if not sh.session.is_login: email = web.cookies().get("email", "") md5password = web.cookies().get("md5password", "") if email and md5password: user = sh.model("User").getOneByWhere("email=%s and password=%s", email, md5password) if user: sh.ctrl("User").login(user) return handler()
def loginByCookie(handler): if not sh.session.is_login: email = web.cookies().get('email', '') md5password = web.cookies().get('md5password', '') if email and md5password: user = sh.model('User').getOneByWhere('email=%s and password=%s', email, md5password) if user: sh.ctrl('User').login(user) return handler()
def POST(self, inputs=None): if not inputs: inputs = sh.inputs() assert(inputs.get('email', '').strip()) assert(inputs.get('password', '')) uc = sh.ctrl('User') model = sh.model('User') action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/') if action == 'login': if not uc.validate(inputs.email, inputs.password): return sh.page.user.Login('您输入的用户名或密码不对, 请重新输入', inputs.email) user = model.getByEmail(inputs.email) if user.dead == 'yes': return sh.alert('登录失败,你已被列入黑名单,请联系管理员') uc.login(user, inputs.get('remember_me', '') == 'on') # 获得打开login页面时url中指定的referer referer = sh.getUrlParams(sh.getEnv('HTTP_REFERER')).get('referer', None) if referer: return sh.redirect(referer) elif sh.inputs().get('referer', None): return sh.redirect(sh.inputs().get('referer', None)) else: return sh.alert('登录成功. 欢迎回来!')
def POST(self, inputs=None): if not inputs: inputs = sh.inputs() assert(inputs.get('email', '').strip()) assert(inputs.get('password', '')) uc = sh.ctrl('User') model = sh.model('User') action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/') if action == 'login': if not uc.validate(inputs.email, inputs.password): return sh.page.user.Login('您输入的用户名或密码不对, 请重新输入', inputs.email) user = model.getByEmail(inputs.email) if user.dead == 'yes': return sh.alert('登录失败,你已被列入黑名单,请联系管理员') uc.login(user, inputs.get('remember_me', '') == 'on') # 获得打开login页面时url中指定的referer referer = sh.getUrlParams(sh.getEnv('HTTP_REFERER')).get('referer', None) if referer: return sh.redirect(referer) elif sh.inputs().get('referer', None): return sh.redirect(sh.inputs().get('referer', None)) else: return sh.redirect('/')
def getCurrTopMenuTitle(self): it = sh.ctrl('IndentTable') indents = it.indent(sh.getEditorMenu()) if it.getIndentsLevel(indents) == 4: return sh.getUrlParams().get('top_menu', indents[0][0]).partition(' ')[0] else: return ''
def POST(self): inputs = sh.inputs() assert inputs.get('access_token', '') assert inputs.get('access_expires', '') assert inputs.get('uid', '') assert inputs.get('state', '') site_name = inputs.state.partition('_')[0] oauth_ctrl = sh.ctrl('oauth.%s' % site_name) oauth_model = sh.model('oauth.%sOAuth2' % site_name) user_ctrl = sh.ctrl('User') user_model = sh.model('User') requested_uid = oauth_ctrl.requestUidWithAccessToken( inputs.access_token) # 如果access_token和uid验证不对,则不让登录 if not requested_uid or requested_uid != inputs.uid: return sh.toJsonp(dict(error="该第三方帐号未绑定任何站内帐号", is_login=False)) exists = oauth_model.getByUid(requested_uid) # 如果当前uid还没有插入数据库,则先插入再考虑绑定Userid if not exists: new_id = oauth_model.insert( dict(uid=requested_uid, access_token=inputs.access_token, access_expires=inputs.access_expires)) exists = oauth_model.get(new_id) if exists.Userid: # 如果已绑定本站帐号 return self.login(exists.Userid) inputs = oauth_ctrl.assignUserInfo(inputs, inputs.access_token) self.assignRandomPassword(inputs) self.assignRegisterIP(inputs) conflict = user_ctrl.checkNewUser(inputs) if conflict: return sh.toJsonp( dict(is_login=False, error=conflict, name=inputs.get('name', ''), sex=inputs.get('sex', ''))) new_id = user_model.insert(inputs) oauth_model.update(exists.id, dict(Userid=new_id)) return self.login(new_id)
def GET(self, name): menu_config = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not menu_config: return sh.redirectTo404() key = self.prefix_key + name value = sh.getSiteConfig(key) return sh.editor.IndentTable(value, menu_config)
def POST(self): inputs = sh.inputs() assert inputs.get('access_token', '') assert inputs.get('state', '') assert inputs.get(self.PRIMARY_KEY, '') assert inputs.get('password', '') site_name = inputs.state.partition('_')[0] user_model = sh.model('User') user_ctrl = sh.ctrl('User') oauth_model = sh.model('oauth.%sOAuth2' % site_name) oauth_ctrl = sh.ctrl('oauth.%s' % site_name) cn_site_name = self._getCNSiteName() if self.PRIMARY_KEY == 'email': exists_user = user_model.getByEmail(inputs.email) elif self.PRIMARY_KEY == 'name': exists_user = user_model.getByName(inputs.name) # 如果primary_value没有注册过, 那么新建用户并绑定第三方帐号 if not exists_user: inputs = oauth_ctrl.assignUserInfo(inputs, inputs.access_token) self.assignRegisterIP(inputs) conflict = user_ctrl.checkNewUser(inputs) if conflict: return self._render(conflict) new_id = user_model.insert(inputs) oauth_model.bindUseridByAccessToken(inputs.access_token, new_id) return self.login(new_id) # 否则已经注册过,检查密码是否正确 else: if self.PRIMARY_KEY == 'email': check_password = user_ctrl.validate(inputs.email, inputs.password) elif self.PRIMARY_KEY == 'name': check_password = user_ctrl.validateByName( inputs.name, inputs.password) if not check_password: error = '您已经注册过, 但您输入的密码不正确, 请重新输入' return self._render(error) oauth_model.bindUseridByAccessToken(inputs.access_token, exists_user.Userid) return self.login(exists_user.Userid)
def getTopMenuTitles(self): it = sh.ctrl('IndentTable') indents = it.indent(sh.getEditorMenu()) titles = [i.strip() for i, k in indents ] if it.getIndentsLevel(indents) == 4 else [] return [ t.partition(' ')[::2] if ' ' in t else (t, sh.editor_config.index) for t in titles ]
def POST(self): inputs = sh.inputs() assert inputs.get('access_token', '') assert inputs.get('state', '') assert inputs.get(self.PRIMARY_KEY, '') assert inputs.get('password', '') site_name = inputs.state.partition('_')[0] user_model = sh.model('User') user_ctrl = sh.ctrl('User') oauth_model = sh.model('oauth.%sOAuth2' % site_name) oauth_ctrl = sh.ctrl('oauth.%s' % site_name) cn_site_name = self._getCNSiteName() if self.PRIMARY_KEY == 'email': exists_user = user_model.getByEmail(inputs.email) elif self.PRIMARY_KEY == 'name': exists_user = user_model.getByName(inputs.name) # 如果primary_value没有注册过, 那么新建用户并绑定第三方帐号 if not exists_user: inputs = oauth_ctrl.assignUserInfo(inputs, inputs.access_token) self.assignRegisterIP(inputs) conflict = user_ctrl.checkNewUser(inputs) if conflict: return self._render(conflict) new_id = user_model.insert(inputs) oauth_model.bindUseridByAccessToken(inputs.access_token, new_id) return self.login(new_id) # 否则已经注册过,检查密码是否正确 else: if self.PRIMARY_KEY == 'email': check_password = user_ctrl.validate(inputs.email, inputs.password) elif self.PRIMARY_KEY == 'name': check_password = user_ctrl.validateByName(inputs.name, inputs.password) if not check_password: error = '您已经注册过, 但您输入的密码不正确, 请重新输入' return self._render(error) oauth_model.bindUseridByAccessToken(inputs.access_token, exists_user.Userid) return self.login(exists_user.Userid)
def getAdminMenuList(self): t_ctrl = sh.ctrl('IndentTable') menu_list = t_ctrl.indentsToList(t_ctrl.indent(self._getEditorMenu())) for title, sub_menu in menu_list: for sub_title, page in sub_menu: if not page.has_key('url'): model_name = page.get('model', '') assert sh.model(model_name), '后台目录%s配置中缺少url或model名称不正确: %s' % (sub_title, model_name) page.url = '/admin/model/%s' % model_name return menu_list
def POST(self): inputs = sh.inputs() assert inputs.get("access_token", "") assert inputs.get("access_expires", "") assert inputs.get("uid", "") assert inputs.get("state", "") site_name = inputs.state.partition("_")[0] oauth_ctrl = sh.ctrl("oauth.%s" % site_name) oauth_model = sh.model("oauth.%sOAuth2" % site_name) user_ctrl = sh.ctrl("User") user_model = sh.model("User") requested_uid = oauth_ctrl.requestUidWithAccessToken(inputs.access_token) # 如果access_token和uid验证不对,则不让登录 if not requested_uid or requested_uid != inputs.uid: return sh.toJsonp(dict(error="该第三方帐号未绑定任何站内帐号", is_login=False)) exists = oauth_model.getByUid(requested_uid) # 如果当前uid还没有插入数据库,则先插入再考虑绑定Userid if not exists: new_id = oauth_model.insert( dict(uid=requested_uid, access_token=inputs.access_token, access_expires=inputs.access_expires) ) exists = oauth_model.get(new_id) if exists.Userid: # 如果已绑定本站帐号 return self.login(exists.Userid) inputs = oauth_ctrl.assignUserInfo(inputs, inputs.access_token) self.assignRandomPassword(inputs) self.assignRegisterIP(inputs) conflict = user_ctrl.checkNewUser(inputs) if conflict: return sh.toJsonp( dict(is_login=False, error=conflict, name=inputs.get("name", ""), sex=inputs.get("sex", "")) ) new_id = user_model.insert(inputs) oauth_model.update(exists.id, dict(Userid=new_id)) return self.login(new_id)
def pickPageConfig(self, menu_config, path): config = sh.ctrl('IndentTable').contentToDict(menu_config) for t1, v1 in config.items(): for t2, v2 in v1.items(): if self._matchMenuPath(path, v2): v2._title = [t1, t2] v2 = self._changeType(v2) return v2 return None
def POST(self): inputs = web.input() if inputs.action == 'send_code': user = sh.model('User').getByEmail(inputs.email.strip()) if user: sh.ctrl('User').sendForgetPasswordEmail(user) return sh.alert('发送成功,请查收您的邮件(可能在"垃圾邮件"中)。', '/') elif inputs.action == 'reset_password': assert(6 <= len(inputs.password) < 60) user_model = sh.model('User') code_model = sh.model('UserForgetPassword') exists = code_model.getOneByWhere('Userid=%s and code=%s', inputs.Userid, inputs.code) if not exists: return sh.alert('链接无效,请重新申请') if (datetime.now() - exists.created).seconds > code_model.expires: return sh.alert('链接已过期,请重新申请') user_model.update(inputs.Userid, dict(password=inputs.password)) code_model.delete(exists.id) return sh.alert('重设密码成功,请登录', '/login')
def POST(self): inputs = web.input() if inputs.action == 'send_code': user = sh.model('User').getByEmail(inputs.email.strip()) if user: sh.ctrl('User').sendForgetPasswordEmail(user) return sh.alert('发送成功,请查收您的邮件(可能在"垃圾邮件"中)。', '/') elif inputs.action == 'reset_password': assert (6 <= len(inputs.password) < 60) user_model = sh.model('User') code_model = sh.model('UserForgetPassword') exists = code_model.getOneByWhere('Userid=%s and code=%s', inputs.Userid, inputs.code) if not exists: return sh.alert('链接无效,请重新申请') if (datetime.now() - exists.created).seconds > code_model.expires: return sh.alert('链接已过期,请重新申请') user_model.update(inputs.Userid, dict(password=inputs.password)) code_model.delete(exists.id) return sh.alert('重设密码成功,请登录', '/login')
def getAdminMenuList(self): t_ctrl = sh.ctrl('IndentTable') menu_list = t_ctrl.indentsToList(t_ctrl.indent(self._getEditorMenu())) for title, sub_menu in menu_list: for sub_title, page in sub_menu: if not page.has_key('url'): model_name = page.get('model', '') assert sh.model( model_name), '后台目录%s配置中缺少url或model名称不正确: %s' % ( sub_title, model_name) page.url = '/admin/model/%s' % model_name return menu_list
def POST(self): inputs = sh.inputs() if inputs['action'] == 'isLogin': if sh.session.is_login: return sh.toJsonp({ 'is_login': True, 'name': sh.session.name, 'id': sh.session.id }) else: return sh.toJsonp({'is_login': False, 'name': '', 'id': 0}) if inputs['action'] == 'login': assert (inputs.get('email', '').strip()) assert (inputs.get('password', '')) model = sh.model('User') uc = sh.ctrl('User') if not uc.validate(inputs.email, inputs.password): return sh.toJsonp({'is_login': False, 'error': '邮箱或密码不对'}) user = model.getByEmail(inputs.email) if user.dead == 'yes': return sh.toJsonp({'is_login': False, 'error': '你已被列入黑名单'}) uc.login(user, inputs.get('remember_me', '') == 'on') return sh.toJsonp({ 'is_login': True, 'name': user.name, 'id': user.id }) if inputs['action'] == 'logout': sh.ctrl('User').logout() return 'bye'
def GET(self, model_name): model = sh.model(model_name) menu_config = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not menu_config: return sh.redirectTo404() env = self._getEnv(model, menu_config) items = model.all(env) pagination_html = model.getPaginationHtml(env) \ if hasattr(model, 'getPaginationHtml') else '' return sh.editor.model.List(model_name, model.column_names + menu_config.append_column, model.getColumnTypes(), menu_config, items, pagination_html, )
def _getEditorMenu(self): it = sh.ctrl('IndentTable') indents = it.indent(sh.getEditorMenu()) level = it.getIndentsLevel(indents) if level == 3: return sh.getEditorMenu() elif level == 4: menu_name = sh.getUrlParams().get('top_menu', indents[0][0]) for k,v in indents: if k == menu_name or (' ' in k and k.partition(' ')[0] == menu_name): return it.indentsToConfig(v) else: return ''
def POST(self, inputs=None): if not inputs: inputs = sh.inputs() uc = sh.ctrl('User') error = uc.checkNewUser(inputs) if error: return sh.toJsonp({'is_login': False, 'error': error}) new_id = uc.register(inputs) uc.loginById(new_id, inputs.get('remember_me', 'no') == 'yes') if sh.model('User').validation_request: uc.sendValidationEmail(user) return sh.toJsonp({'is_login': True, 'id': new_id, 'msg': '注册成功,请查收您的验证邮件'}) else: return sh.toJsonp({'is_login': True, 'id': new_id, 'msg': '注册成功'})
def POST(self, inputs=None): if not inputs: inputs = sh.inputs() uc = sh.ctrl('User') error = uc.checkNewUser(inputs) if error: return sh.page.user.Register(error, inputs.get('email', '')) new_id = uc.register(inputs) uc.loginById(new_id, inputs.get('remember_me', 'no') == 'yes') if sh.model('User').validation_request: uc.sendValidationEmail(user) return sh.alert('注册成功,请查收您的验证邮件') else: return sh.alert('注册成功')
def POST(self, inputs=None): if not inputs: inputs = sh.inputs() uc = sh.ctrl('User') error = uc.checkNewUser(inputs) if error: return sh.toJsonp({'is_login': False, 'error': error}) new_id = uc.register(inputs) uc.loginById(new_id, inputs.get('remember_me', 'off') == 'on') if sh.model('User').validation_request: uc.sendValidationEmail(user) return sh.toJsonp({'is_login': True, 'id': new_id, 'msg': '注册成功,请查收您的验证邮件'}) else: return sh.toJsonp({'is_login': True, 'id': new_id, 'msg': '注册成功'})
def POST(self, inputs=None): if not inputs: inputs = web.input() assert (inputs.get('email', '').strip()) assert (inputs.get('password', '')) uc = sh.ctrl('AdminUser') model = sh.model('AdminUser') action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/') if action == 'admin/login': if not uc.validate(inputs.email, inputs.password): return sh.editor_nobase.user.Login('密码不对', inputs.email) user = model.getByEmail(inputs.email) uc.login(user) return sh.redirect('/admin')
def _getEditorMenu(self): it = sh.ctrl('IndentTable') indents = it.indent(sh.getEditorMenu()) level = it.getIndentsLevel(indents) if level == 3: return sh.getEditorMenu() elif level == 4: menu_name = sh.getUrlParams().get('top_menu', indents[0][0]) for k, v in indents: if k == menu_name or (' ' in k and k.partition(' ')[0] == menu_name): return it.indentsToConfig(v) else: return ''
def POST(self, inputs=None): if not inputs: inputs = web.input() assert(inputs.get('email', '').strip()) assert(inputs.get('password', '')) uc = sh.ctrl('AdminUser') model = sh.model('AdminUser') action = sh.getEnv('REQUEST_URI').partition('?')[0].strip('/') if action == 'admin/login': if not uc.validate(inputs.email, inputs.password): return sh.editor.user.Login('密码不对', inputs.email) user = model.getByEmail(inputs.email) uc.login(user) return sh.redirect('/admin')
def GET(self, model_name, model_id=None): menu_config = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not menu_config: return sh.redirectTo404() model = sh.model(model_name) if model_id: item = model.get(model_id) action = 'update' assert item is not None else: item = None action = 'insert' return sh.editor.model.Edit(model_name, model.column_names + menu_config.append_column, model.getColumnTypes(), menu_config, item, action)
def POST(self): inputs = sh.inputs() assert (6 <= len(inputs.new_password) < 60) user_model = sh.model('User') user_ctrl = sh.ctrl('User') if not sh.session.is_login: return sh.redirectToLogin() Userid = sh.session.id user = user_model.get(Userid) assert (user is not None) if not user_ctrl.validate(user.email, inputs.old_password): return sh.page.user.ResetPassword('原密码输入错误, 请重新输入') user_model.update(Userid, dict(password=inputs.new_password)) return sh.alert('重置密码成功', '/')
def POST(self): inputs = sh.inputs() assert(6 <= len(inputs.new_password) < 60) user_model = sh.model('User') user_ctrl = sh.ctrl('User') if not sh.session.is_login: return sh.redirectToLogin() Userid = sh.session.id user = user_model.get(Userid) assert(user is not None) if not user_ctrl.validate(user.email, inputs.old_password): return sh.page.user.ResetPassword('原密码输入错误, 请重新输入') user_model.update(Userid, dict(password=inputs.new_password)) return sh.alert('重置密码成功', '/')
def GET(self, model_name): model = sh.model(model_name) menu_config = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not menu_config: return sh.redirectTo404() env = self._getEnv(model, menu_config) if hasattr(model, '_usePrivate'): assert 'new' in menu_config.list_btn_hidden, '私有数据请关闭后台new功能' assert 'edit' in menu_config.list_btn_hidden, '私有数据请关闭后台edit功能' assert 'delete' in menu_config.list_btn_hidden, '私有数据请关闭后台delete功能' env['use_private'] = False # 不使用Private Decorator items = model.all(env) pagination_html = model.getPaginationHtml(env) \ if hasattr(model, 'getPaginationHtml') else '' return sh.editor.model.List(model_name, model.column_names + menu_config.append_column, model.getColumnTypes(), menu_config, items, pagination_html, )
def GET(self, name): inputs = sh.inputs() menu_config = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not menu_config: return sh.redirectTo404() model = sh.model('SiteConfig') env = sh.storage() if menu_config.get('filter', None): env['where'] = ['name like %s', menu_config['filter']] if menu_config.get('orderby', None): env.orderby = model.replaceAttr(menu_config.orderby) if inputs.get('where', ''): env.where = [inputs.where] items = model.all(env) pagination_html = model.getPaginationHtml(env) return sh.editor.SiteConfig(items, pagination_html, menu_config)
def GET(self, path): mc = sh.ctrl("Editor").getMenuConfig() # 禁止访问未公开的路径 if not mc: return sh.redirectTo404() inputs = sh.inputs() select = mc.get("select", "").replace("%", "%%") # 因为MySQLdb会转义% db = sh.getDBHelper() if mc.get("paging", ""): if " limit " in select.lower(): return sh.alert("使用paging选项时select中不能使用limit, 请检查后台配置", stay=10) # 如果使用了paging, select中就不允许出现limit if int(mc.get("paging")) <= 0: return sh.alert("paging配置参数应为正整数", stay=10) if " distinct " in select.lower(): return sh.alert("抱歉, 暂不支持paging与distinct一起使用", stay=10) # 查询count(*) form_key = " from " if " from " in select else " FROM " total = self.__getTotal(select) # 设置limit获得数据 select = select + " limit %d, %d" % self.__getLimit(inputs.get("page_num", 1), int(mc.paging)) items = db.fetchSome(select) # 获得分页 pagination_html = ( '<div fx="paging[style=zarkpy;pageCount=%d;totalCount=%d;displayPages=10;firstText=第一页;lastText=末页;]"></div>' % (int(mc.paging), total) ) else: items = db.fetchSome(select) pagination_html = "" keys = self.__getSortedKeys(select) if len(keys) == 0 and len(items) > 0: keys = items[0].keys() return sh.editor.ReportForms(items, pagination_html, keys, mc)
def GET(self, path): mc = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not mc: return sh.redirectTo404() inputs = sh.inputs() select = mc.get('select', '').replace('%', '%%') # 因为MySQLdb会转义% db = sh.getDBHelper() if mc.get('paging', ''): if ' limit ' in select.lower(): return sh.alert('使用paging选项时select中不能使用limit, 请检查后台配置', stay=10) # 如果使用了paging, select中就不允许出现limit if int(mc.get('paging')) <= 0: return sh.alert('paging配置参数应为正整数', stay=10) if ' distinct ' in select.lower(): return sh.alert('抱歉, 暂不支持paging与distinct一起使用', stay=10) # 查询count(*) form_key = ' from ' if ' from ' in select else ' FROM ' total = self.__getTotal(select) # 设置limit获得数据 select = select + ' limit %d, %d' % \ self.__getLimit(inputs.get('page_num', 1), int(mc.paging)) items = db.fetchSome(select) # 获得分页 pagination_html = '<div fx="paging[style=zarkpy;pageCount=%d;totalCount=%d;displayPages=10;firstText=第一页;lastText=末页;]"></div>' % (int(mc.paging), total) else: items = db.fetchSome(select) pagination_html = '' keys = self.__getSortedKeys(select) if len(keys) == 0 and len(items) > 0: keys = items[0].keys() return sh.editor.ReportForms(items, pagination_html, keys, mc)
def GET(self, model_name): model = sh.model(model_name) menu_config = sh.ctrl('Editor').getMenuConfig() # 禁止访问未公开的路径 if not menu_config: return sh.redirectTo404() env = self._getEnv(model, menu_config) if hasattr(model, '_usePrivate'): assert 'new' in menu_config.list_btn_hidden, '私有数据请关闭后台new功能' assert 'edit' in menu_config.list_btn_hidden, '私有数据请关闭后台edit功能' assert 'delete' in menu_config.list_btn_hidden, '私有数据请关闭后台delete功能' env['use_private'] = False # 不使用Private Decorator items = model.all(env) pagination_html = model.getPaginationHtml(env) \ if hasattr(model, 'getPaginationHtml') else '' return sh.editor.model.List( model_name, model.column_names + menu_config.append_column, model.getColumnTypes(), menu_config, items, pagination_html, )
#coding=utf-8 # ../../controller/IndentTable.py import unittest import site_helper as sh t_ctrl = sh.ctrl('IndentTable') db = sh.getDBHelper() class TestIndentTable(unittest.TestCase): def setUp(self): model = sh.model('SiteConfig') # 使用truncate是为了每个test中SiteConfigid从1开始 db.executeQuery('truncate %s' % model.table_name) model.insert({'name': 'n1', 'value': 'v1', 'title': 't1'}) model.insert({'name': 'n2', 'value': 'v2', 'title': 't2'}) model.insert({'name': 'n3', 'value': 'v3', 'title': 't3'}) def test_indent_1(self): source = ''' aaa bb cc ''' target = [ ['aaa',[ ['bb',[]], ['cc',[]] ]], ]
#coding=utf-8 # ../../controller/Editor.py import unittest import site_helper as sh e_ctrl = sh.ctrl('Editor') db = sh.getDBHelper() class TestEditor(unittest.TestCase): # sh.ctrl工厂返回的实例是单例模式 def test_sh_ctrl(self): c1 = sh.ctrl('Editor') c2 = sh.ctrl('Editor') self.assertIs(c1, c2) # 根据path中的model名与配置中的model名对比(或url),获得页面配置 def test_pickPageConfig(self): menu = ''' 内容 新闻 model: News 其它 model: Other 配置 排行榜 url: /admin/rank 广告 url: /admin/ad ''' path = '/admin/model/News/new'
def login(self, Userid): exists_user = sh.model("User").get(Userid) assert exists_user, u"用户不存在" sh.ctrl("User").login(exists_user, self.REMEMBER_ME) return sh.toJsonp(dict(is_login=True, Userid=Userid, name=sh.session.name))
def _getCNSiteName(self): site_name = sh.inputs().state.partition('_')[0] return sh.ctrl('oauth.' + site_name).CN_SITE_NAME
def login(self, Userid): exists_user = sh.model('User').get(Userid) assert exists_user, u'用户不存在' sh.ctrl('User').login(exists_user, self.REMEMBER_ME) return sh.redirect('/')
#coding=utf-8 # ../../controller/IndentTable.py import unittest import site_helper as sh t_ctrl = sh.ctrl('IndentTable') db = sh.getDBHelper() class TestIndentTable(unittest.TestCase): def setUp(self): model = sh.model('SiteConfig') # 使用truncate是为了每个test中SiteConfigid从1开始 db.executeQuery('truncate %s' % model.table_name) model.insert({'name': 'n1', 'value': 'v1', 'title': 't1'}) model.insert({'name': 'n2', 'value': 'v2', 'title': 't2'}) model.insert({'name': 'n3', 'value': 'v3', 'title': 't3'}) def test_indent_1(self): source = ''' aaa bb cc ''' target = [ ['aaa', [['bb', []], ['cc', []]]], ] self.assertEqual(t_ctrl.indent(source), target)
def loginById(self, user_id, remember_me=False): user = sh.model(self.model_name).get(user_id) assert(user is not None) sh.ctrl(self.model_name).login(user, remember_me)
def login(self, Userid): exists_user = sh.model('User').get(Userid) assert exists_user, u'用户不存在' sh.ctrl('User').login(exists_user, self.REMEMBER_ME) return sh.toJsonp( dict(is_login=True, Userid=Userid, name=sh.session.name))
def test_sh_ctrl(self): c1 = sh.ctrl('Editor') c2 = sh.ctrl('Editor') self.assertIs(c1, c2)
def loginById(self, user_id, remember_me=False): user = sh.model(self.model_name).get(user_id) assert (user is not None) sh.ctrl(self.model_name).login(user, remember_me)
def getTopMenuTitles(self): it = sh.ctrl('IndentTable') indents = it.indent(sh.getEditorMenu()) titles = [i.strip() for i,k in indents] if it.getIndentsLevel(indents) == 4 else [] return [t.partition(' ')[::2] if ' ' in t else (t, sh.editor_config.index) for t in titles ]