def get_request(self):
k = self.params.safeGetStringParam("k")
f = self.params.safeGetStringParam("f")
userState = self.params.safeGetStringParam("userState")
qry = UserQuery(
""" u.userId, u.loginName, u.nickName, u.trueName, u.userIcon, u.userStatus,
u.subjectId, u.gradeId, u.createDate, u.userType, u.unitId, unit.unitTitle
""")
qry.orderType = 0
if userState != "" and userState.isdigit() == True:
qry.userStatus = int(userState)
else:
qry.userStatus = None
qry.delState = None
request.setAttribute("f", f)
if k != "":
qry.k = k
request.setAttribute("k", k)
# 不使用unitId 查询过滤
qry.unitId = None
qry.custormAndWhere = "(u.unitPathInfo LIKE '%/" + str(
self.unit.unitId) + "/%') And (u.unitId <> " + str(
self.unit.unitId) + ")"
pager = self.params.createPager()
pager.itemName = u"用户"
pager.itemUnit = u"个"
pager.pageSize = 20
pager.totalRows = qry.count()
user_list = qry.query_map(pager)
request.setAttribute("pager", pager)
request.setAttribute("user_list", user_list)
request.setAttribute("userState", userState)
def user_list(self, type):
# 系统用户管理员可以管理所有用户
pager = self.createPager()
qry = UserQuery(
""" u.userId, u.loginName, u.nickName, u.trueName, u.userIcon, u.userStatus, u.pushState,
u.email, u.subjectId, u.gradeId, u.createDate, u.qq, u.idCard, u.positionId, u.userType, subj.subjectName,
grad.gradeName, unit.unitTitle
""")
qry.userStatus = None
qry.userTypeId = self.typeId
qry.kk = self.params.getStringParam("k")
qry.subjectId = self.params.getIntParamZeroAsNull("subjectId")
qry.f = self.params.getStringParam("f")
# print("type=" + type)
# 根据 type 设置过滤.
if type == "unaudit":
qry.userStatus = User.USER_STATUS_WAIT_AUTID
elif type == "locked":
qry.userStatus = User.USER_STATUS_LOCKED
elif type == "deleted":
qry.userStatus = User.USER_STATUS_DELETED
# 普通管理员不能设置 超级管理员的内容
if self.loginUser.loginName != "admin":
qry.custormAndWhere = "u.loginName <> 'admin'"
pager.totalRows = qry.count()
user_list = qry.query_map(pager)
request.setAttribute("pager", pager)
request.setAttribute("userList", user_list)
request.setAttribute("k", qry.kk)
request.setAttribute("f", qry.f)
request.setAttribute("subjectId", qry.subjectId)
request.setAttribute("cmdtype", type)
self.putSubjectList()
self.putGradeList()
#判断是否是中教启星的用户系统,使用了别家公司的用户系统,则部分操作需要限制
#if request.getServletContext().getServletRegistration("CAS-Authentication-Filter") != None:
if request.getServletContext().getFilterRegistration(
"CAS-Authentication-Filter") != None:
request.setAttribute("usermgr3", 1)
elif request.getServletContext().getFilterRegistration(
"ssoUserFilter") != None:
request.setAttribute("usermgr3", 1)
else:
request.setAttribute("usermgr3", 0)
# 不能输入'
if qry.kk == "'":
self.addActionError(u"请不要输入非法的字符串。")
return self.ERROR
return ADMIN_USER_LIST